From c491aa67248ba1ffd07c74d4325ef7b30ce6d82a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 23 Mar 2024 09:28:19 +0000 Subject: [PATCH] TemplateMan Update [Sat Mar 23 09:28:19 UTC 2024] :robot: --- code/cves/2019/CVE-2019-14287.yaml | 6 +- code/cves/2021/CVE-2021-3156.yaml | 4 +- code/cves/2023/CVE-2023-2640.yaml | 4 +- code/cves/2023/CVE-2023-49105.yaml | 8 ++- code/cves/2023/CVE-2023-6246.yaml | 4 +- dns/soa-detect.yaml | 26 ++++---- dns/spf-record-detect.yaml | 21 ++++--- dns/txt-service-detect.yaml | 26 ++++---- headless/cves/2018/CVE-2018-25031.yaml | 2 +- http/cves/2000/CVE-2000-0114.yaml | 6 +- http/cves/2001/CVE-2001-0537.yaml | 5 +- http/cves/2004/CVE-2004-0519.yaml | 2 +- http/cves/2004/CVE-2004-1965.yaml | 2 +- http/cves/2005/CVE-2005-4385.yaml | 3 +- http/cves/2007/CVE-2007-0885.yaml | 3 +- http/cves/2007/CVE-2007-3010.yaml | 6 +- http/cves/2007/CVE-2007-4504.yaml | 5 +- http/cves/2007/CVE-2007-4556.yaml | 2 +- http/cves/2008/CVE-2008-1059.yaml | 2 +- http/cves/2008/CVE-2008-2650.yaml | 2 +- http/cves/2008/CVE-2008-4668.yaml | 3 +- http/cves/2008/CVE-2008-4764.yaml | 2 +- http/cves/2008/CVE-2008-6172.yaml | 2 +- http/cves/2008/CVE-2008-6465.yaml | 3 +- http/cves/2008/CVE-2008-6668.yaml | 2 +- http/cves/2008/CVE-2008-7269.yaml | 4 +- http/cves/2009/CVE-2009-0545.yaml | 2 +- http/cves/2009/CVE-2009-0932.yaml | 2 +- http/cves/2009/CVE-2009-1151.yaml | 2 +- http/cves/2009/CVE-2009-1496.yaml | 3 +- http/cves/2009/CVE-2009-1558.yaml | 2 +- http/cves/2009/CVE-2009-1872.yaml | 3 +- http/cves/2009/CVE-2009-2015.yaml | 2 +- http/cves/2009/CVE-2009-2100.yaml | 5 +- http/cves/2009/CVE-2009-3053.yaml | 4 +- http/cves/2009/CVE-2009-3318.yaml | 2 +- http/cves/2009/CVE-2009-4679.yaml | 2 +- http/cves/2009/CVE-2009-5114.yaml | 3 +- http/cves/2010/CVE-2010-0467.yaml | 2 +- http/cves/2010/CVE-2010-0759.yaml | 5 +- http/cves/2010/CVE-2010-0942.yaml | 2 +- http/cves/2010/CVE-2010-0944.yaml | 2 +- http/cves/2010/CVE-2010-0972.yaml | 3 +- http/cves/2010/CVE-2010-1056.yaml | 3 +- http/cves/2010/CVE-2010-1217.yaml | 3 +- http/cves/2010/CVE-2010-1219.yaml | 2 +- http/cves/2010/CVE-2010-1302.yaml | 3 +- http/cves/2010/CVE-2010-1304.yaml | 3 +- http/cves/2010/CVE-2010-1306.yaml | 2 +- http/cves/2010/CVE-2010-1308.yaml | 3 +- http/cves/2010/CVE-2010-1314.yaml | 2 +- http/cves/2010/CVE-2010-1315.yaml | 3 +- http/cves/2010/CVE-2010-1345.yaml | 3 +- http/cves/2010/CVE-2010-1352.yaml | 3 +- http/cves/2010/CVE-2010-1353.yaml | 3 +- http/cves/2010/CVE-2010-1429.yaml | 2 +- http/cves/2010/CVE-2010-1469.yaml | 3 +- http/cves/2010/CVE-2010-1470.yaml | 3 +- http/cves/2010/CVE-2010-1471.yaml | 2 +- http/cves/2010/CVE-2010-1472.yaml | 3 +- http/cves/2010/CVE-2010-1478.yaml | 2 +- http/cves/2010/CVE-2010-1491.yaml | 3 +- http/cves/2010/CVE-2010-1495.yaml | 3 +- http/cves/2010/CVE-2010-1532.yaml | 3 +- http/cves/2010/CVE-2010-1533.yaml | 2 +- http/cves/2010/CVE-2010-1534.yaml | 5 +- http/cves/2010/CVE-2010-1602.yaml | 3 +- http/cves/2010/CVE-2010-1603.yaml | 2 +- http/cves/2010/CVE-2010-1607.yaml | 2 +- http/cves/2010/CVE-2010-1653.yaml | 2 +- http/cves/2010/CVE-2010-1657.yaml | 2 +- http/cves/2010/CVE-2010-1658.yaml | 3 +- http/cves/2010/CVE-2010-1717.yaml | 4 +- http/cves/2010/CVE-2010-1718.yaml | 2 +- http/cves/2010/CVE-2010-1719.yaml | 2 +- http/cves/2010/CVE-2010-1858.yaml | 2 +- http/cves/2010/CVE-2010-1878.yaml | 3 +- http/cves/2010/CVE-2010-1952.yaml | 3 +- http/cves/2010/CVE-2010-1953.yaml | 3 +- http/cves/2010/CVE-2010-1957.yaml | 3 +- http/cves/2010/CVE-2010-1979.yaml | 2 +- http/cves/2010/CVE-2010-1983.yaml | 2 +- http/cves/2010/CVE-2010-2035.yaml | 6 +- http/cves/2010/CVE-2010-2122.yaml | 2 +- http/cves/2010/CVE-2010-2307.yaml | 2 +- http/cves/2010/CVE-2010-2507.yaml | 2 +- http/cves/2010/CVE-2010-2682.yaml | 2 +- http/cves/2010/CVE-2010-2857.yaml | 3 +- http/cves/2010/CVE-2010-2861.yaml | 2 +- http/cves/2010/CVE-2010-2918.yaml | 2 +- http/cves/2010/CVE-2010-3426.yaml | 2 +- http/cves/2010/CVE-2010-4231.yaml | 2 +- http/cves/2010/CVE-2010-4239.yaml | 4 +- http/cves/2010/CVE-2010-4719.yaml | 2 +- http/cves/2010/CVE-2010-4977.yaml | 2 +- http/cves/2010/CVE-2010-5278.yaml | 2 +- http/cves/2010/CVE-2010-5286.yaml | 5 +- http/cves/2011/CVE-2011-2744.yaml | 2 +- http/cves/2011/CVE-2011-2780.yaml | 2 +- http/cves/2011/CVE-2011-3315.yaml | 5 +- http/cves/2011/CVE-2011-4336.yaml | 3 +- http/cves/2011/CVE-2011-4618.yaml | 2 +- http/cves/2011/CVE-2011-4624.yaml | 3 +- http/cves/2011/CVE-2011-4640.yaml | 2 +- http/cves/2011/CVE-2011-5106.yaml | 2 +- http/cves/2011/CVE-2011-5107.yaml | 4 +- http/cves/2011/CVE-2011-5252.yaml | 4 +- http/cves/2011/CVE-2011-5265.yaml | 4 +- http/cves/2012/CVE-2012-0392.yaml | 4 +- http/cves/2012/CVE-2012-0996.yaml | 4 +- http/cves/2012/CVE-2012-1835.yaml | 4 +- http/cves/2012/CVE-2012-2371.yaml | 4 +- http/cves/2012/CVE-2012-4253.yaml | 4 +- http/cves/2012/CVE-2012-4273.yaml | 2 +- http/cves/2012/CVE-2012-4768.yaml | 3 +- http/cves/2012/CVE-2012-4878.yaml | 2 +- http/cves/2012/CVE-2012-4889.yaml | 3 +- http/cves/2012/CVE-2012-4982.yaml | 5 +- http/cves/2012/CVE-2012-5913.yaml | 2 +- http/cves/2013/CVE-2013-2248.yaml | 4 +- http/cves/2013/CVE-2013-2287.yaml | 4 +- http/cves/2013/CVE-2013-4625.yaml | 2 +- http/cves/2013/CVE-2013-5979.yaml | 4 +- http/cves/2013/CVE-2013-6281.yaml | 5 +- http/cves/2013/CVE-2013-7091.yaml | 2 +- http/cves/2013/CVE-2013-7285.yaml | 2 +- http/cves/2014/CVE-2014-10037.yaml | 2 +- http/cves/2014/CVE-2014-1203.yaml | 2 +- http/cves/2014/CVE-2014-2323.yaml | 4 +- http/cves/2014/CVE-2014-2383.yaml | 4 +- http/cves/2014/CVE-2014-2962.yaml | 2 +- http/cves/2014/CVE-2014-3120.yaml | 4 +- http/cves/2014/CVE-2014-3206.yaml | 5 +- http/cves/2014/CVE-2014-3704.yaml | 2 +- http/cves/2014/CVE-2014-4535.yaml | 2 +- http/cves/2014/CVE-2014-4539.yaml | 3 +- http/cves/2014/CVE-2014-4592.yaml | 3 +- http/cves/2014/CVE-2014-4940.yaml | 5 +- http/cves/2014/CVE-2014-5111.yaml | 5 +- http/cves/2014/CVE-2014-5258.yaml | 2 +- http/cves/2014/CVE-2014-5368.yaml | 2 +- http/cves/2014/CVE-2014-6287.yaml | 2 +- http/cves/2014/CVE-2014-6308.yaml | 2 +- http/cves/2014/CVE-2014-8676.yaml | 2 +- http/cves/2014/CVE-2014-8799.yaml | 2 +- http/cves/2014/CVE-2014-9094.yaml | 3 +- http/cves/2014/CVE-2014-9119.yaml | 4 +- http/cves/2014/CVE-2014-9180.yaml | 4 +- http/cves/2014/CVE-2014-9607.yaml | 3 +- http/cves/2014/CVE-2014-9608.yaml | 2 +- http/cves/2014/CVE-2014-9615.yaml | 2 +- http/cves/2015/CVE-2015-0554.yaml | 3 +- http/cves/2015/CVE-2015-1000005.yaml | 6 +- http/cves/2015/CVE-2015-1000012.yaml | 5 +- http/cves/2015/CVE-2015-1427.yaml | 4 +- http/cves/2015/CVE-2015-1503.yaml | 3 +- http/cves/2015/CVE-2015-1635.yaml | 10 ++- http/cves/2015/CVE-2015-1880.yaml | 2 +- http/cves/2015/CVE-2015-20067.yaml | 13 +++- http/cves/2015/CVE-2015-2067.yaml | 5 +- http/cves/2015/CVE-2015-2068.yaml | 2 +- http/cves/2015/CVE-2015-2080.yaml | 2 +- http/cves/2015/CVE-2015-2166.yaml | 2 +- http/cves/2015/CVE-2015-2196.yaml | 4 +- http/cves/2015/CVE-2015-2755.yaml | 4 +- http/cves/2015/CVE-2015-2807.yaml | 4 +- http/cves/2015/CVE-2015-2996.yaml | 3 +- http/cves/2015/CVE-2015-3224.yaml | 4 +- http/cves/2015/CVE-2015-3648.yaml | 2 +- http/cves/2015/CVE-2015-3897.yaml | 3 +- http/cves/2015/CVE-2015-4050.yaml | 4 +- http/cves/2015/CVE-2015-4063.yaml | 2 +- http/cves/2015/CVE-2015-4074.yaml | 3 +- http/cves/2015/CVE-2015-4414.yaml | 2 +- http/cves/2015/CVE-2015-4666.yaml | 2 +- http/cves/2015/CVE-2015-4668.yaml | 2 +- http/cves/2015/CVE-2015-5461.yaml | 2 +- http/cves/2015/CVE-2015-5471.yaml | 2 +- http/cves/2015/CVE-2015-5531.yaml | 2 +- http/cves/2015/CVE-2015-7245.yaml | 2 +- http/cves/2015/CVE-2015-7377.yaml | 4 +- http/cves/2015/CVE-2015-7450.yaml | 4 +- http/cves/2015/CVE-2015-7780.yaml | 3 +- http/cves/2015/CVE-2015-8349.yaml | 2 +- http/cves/2015/CVE-2015-9312.yaml | 2 +- http/cves/2015/CVE-2015-9323.yaml | 4 +- http/cves/2015/CVE-2015-9480.yaml | 5 +- http/cves/2016/CVE-2016-0957.yaml | 2 +- http/cves/2016/CVE-2016-1000126.yaml | 2 +- http/cves/2016/CVE-2016-1000129.yaml | 2 +- http/cves/2016/CVE-2016-1000131.yaml | 3 +- http/cves/2016/CVE-2016-1000132.yaml | 2 +- http/cves/2016/CVE-2016-1000133.yaml | 3 +- http/cves/2016/CVE-2016-1000135.yaml | 2 +- http/cves/2016/CVE-2016-1000137.yaml | 2 +- http/cves/2016/CVE-2016-1000139.yaml | 2 +- http/cves/2016/CVE-2016-1000141.yaml | 3 +- http/cves/2016/CVE-2016-1000142.yaml | 3 +- http/cves/2016/CVE-2016-1000143.yaml | 4 +- http/cves/2016/CVE-2016-1000148.yaml | 2 +- http/cves/2016/CVE-2016-1000149.yaml | 2 +- http/cves/2016/CVE-2016-1000153.yaml | 4 +- http/cves/2016/CVE-2016-1000155.yaml | 4 +- http/cves/2016/CVE-2016-10033.yaml | 6 +- http/cves/2016/CVE-2016-10134.yaml | 2 +- http/cves/2016/CVE-2016-10367.yaml | 4 +- http/cves/2016/CVE-2016-10368.yaml | 6 +- http/cves/2016/CVE-2016-10940.yaml | 4 +- http/cves/2016/CVE-2016-10960.yaml | 2 +- http/cves/2016/CVE-2016-1555.yaml | 4 +- http/cves/2016/CVE-2016-3088.yaml | 2 +- http/cves/2016/CVE-2016-4977.yaml | 2 +- http/cves/2016/CVE-2016-6195.yaml | 2 +- http/cves/2016/CVE-2016-6277.yaml | 2 +- http/cves/2016/CVE-2016-7552.yaml | 6 +- http/cves/2016/CVE-2016-7834.yaml | 4 +- http/cves/2017/CVE-2017-0929.yaml | 4 +- http/cves/2017/CVE-2017-1000163.yaml | 5 +- http/cves/2017/CVE-2017-1000486.yaml | 2 +- http/cves/2017/CVE-2017-10974.yaml | 3 +- http/cves/2017/CVE-2017-11512.yaml | 4 +- http/cves/2017/CVE-2017-11610.yaml | 4 +- http/cves/2017/CVE-2017-11629.yaml | 2 +- http/cves/2017/CVE-2017-12138.yaml | 2 +- http/cves/2017/CVE-2017-12149.yaml | 2 +- http/cves/2017/CVE-2017-12542.yaml | 2 +- http/cves/2017/CVE-2017-12544.yaml | 3 +- http/cves/2017/CVE-2017-12583.yaml | 4 +- http/cves/2017/CVE-2017-12615.yaml | 4 +- http/cves/2017/CVE-2017-12617.yaml | 4 +- http/cves/2017/CVE-2017-12629.yaml | 4 +- http/cves/2017/CVE-2017-12635.yaml | 4 +- http/cves/2017/CVE-2017-12637.yaml | 2 +- http/cves/2017/CVE-2017-14135.yaml | 3 +- http/cves/2017/CVE-2017-14622.yaml | 3 +- http/cves/2017/CVE-2017-14651.yaml | 2 +- http/cves/2017/CVE-2017-15287.yaml | 3 +- http/cves/2017/CVE-2017-15363.yaml | 3 +- http/cves/2017/CVE-2017-15944.yaml | 2 +- http/cves/2017/CVE-2017-16806.yaml | 3 +- http/cves/2017/CVE-2017-16894.yaml | 2 +- http/cves/2017/CVE-2017-17043.yaml | 3 +- http/cves/2017/CVE-2017-17562.yaml | 4 +- http/cves/2017/CVE-2017-17731.yaml | 5 +- http/cves/2017/CVE-2017-17736.yaml | 4 +- http/cves/2017/CVE-2017-18024.yaml | 4 +- http/cves/2017/CVE-2017-18487.yaml | 2 +- http/cves/2017/CVE-2017-18490.yaml | 2 +- http/cves/2017/CVE-2017-18491.yaml | 2 +- http/cves/2017/CVE-2017-18492.yaml | 2 +- http/cves/2017/CVE-2017-18493.yaml | 2 +- http/cves/2017/CVE-2017-18500.yaml | 2 +- http/cves/2017/CVE-2017-18501.yaml | 2 +- http/cves/2017/CVE-2017-18505.yaml | 2 +- http/cves/2017/CVE-2017-18518.yaml | 2 +- http/cves/2017/CVE-2017-18528.yaml | 2 +- http/cves/2017/CVE-2017-18529.yaml | 2 +- http/cves/2017/CVE-2017-18532.yaml | 2 +- http/cves/2017/CVE-2017-18537.yaml | 2 +- http/cves/2017/CVE-2017-18542.yaml | 2 +- http/cves/2017/CVE-2017-18556.yaml | 2 +- http/cves/2017/CVE-2017-18558.yaml | 2 +- http/cves/2017/CVE-2017-18564.yaml | 2 +- http/cves/2017/CVE-2017-18565.yaml | 2 +- http/cves/2017/CVE-2017-18598.yaml | 2 +- http/cves/2017/CVE-2017-3506.yaml | 3 +- http/cves/2017/CVE-2017-3528.yaml | 2 +- http/cves/2017/CVE-2017-4011.yaml | 3 +- http/cves/2017/CVE-2017-5638.yaml | 4 +- http/cves/2017/CVE-2017-5689.yaml | 4 +- http/cves/2017/CVE-2017-5982.yaml | 6 +- http/cves/2017/CVE-2017-7269.yaml | 2 +- http/cves/2017/CVE-2017-7391.yaml | 3 +- http/cves/2017/CVE-2017-7615.yaml | 2 +- http/cves/2017/CVE-2017-7855.yaml | 2 +- http/cves/2017/CVE-2017-7921.yaml | 3 +- http/cves/2017/CVE-2017-7925.yaml | 4 +- http/cves/2017/CVE-2017-8229.yaml | 5 +- http/cves/2017/CVE-2017-8917.yaml | 1 + http/cves/2017/CVE-2017-9140.yaml | 2 +- http/cves/2017/CVE-2017-9288.yaml | 2 +- http/cves/2017/CVE-2017-9416.yaml | 2 +- http/cves/2017/CVE-2017-9805.yaml | 2 +- http/cves/2017/CVE-2017-9822.yaml | 5 +- http/cves/2017/CVE-2017-9833.yaml | 5 +- http/cves/2017/CVE-2017-9841.yaml | 2 +- http/cves/2018/CVE-2018-1000129.yaml | 2 +- http/cves/2018/CVE-2018-1000226.yaml | 3 +- http/cves/2018/CVE-2018-1000533.yaml | 2 +- http/cves/2018/CVE-2018-1000600.yaml | 5 +- http/cves/2018/CVE-2018-1000671.yaml | 4 +- http/cves/2018/CVE-2018-1000856.yaml | 4 +- http/cves/2018/CVE-2018-1000861.yaml | 4 +- http/cves/2018/CVE-2018-10141.yaml | 2 +- http/cves/2018/CVE-2018-10822.yaml | 3 +- http/cves/2018/CVE-2018-10956.yaml | 3 +- http/cves/2018/CVE-2018-11227.yaml | 5 +- http/cves/2018/CVE-2018-11231.yaml | 3 +- http/cves/2018/CVE-2018-11473.yaml | 3 +- http/cves/2018/CVE-2018-11709.yaml | 4 +- http/cves/2018/CVE-2018-11759.yaml | 4 +- http/cves/2018/CVE-2018-11776.yaml | 4 +- http/cves/2018/CVE-2018-12031.yaml | 6 +- http/cves/2018/CVE-2018-1207.yaml | 2 +- http/cves/2018/CVE-2018-12095.yaml | 2 +- http/cves/2018/CVE-2018-12296.yaml | 5 +- http/cves/2018/CVE-2018-12675.yaml | 2 +- http/cves/2018/CVE-2018-1271.yaml | 2 +- http/cves/2018/CVE-2018-12909.yaml | 4 +- http/cves/2018/CVE-2018-12998.yaml | 4 +- http/cves/2018/CVE-2018-13980.yaml | 2 +- http/cves/2018/CVE-2018-14013.yaml | 2 +- http/cves/2018/CVE-2018-14728.yaml | 4 +- http/cves/2018/CVE-2018-14916.yaml | 2 +- http/cves/2018/CVE-2018-14931.yaml | 2 +- http/cves/2018/CVE-2018-15517.yaml | 4 +- http/cves/2018/CVE-2018-15745.yaml | 2 +- http/cves/2018/CVE-2018-15917.yaml | 2 +- http/cves/2018/CVE-2018-16059.yaml | 4 +- http/cves/2018/CVE-2018-16133.yaml | 2 +- http/cves/2018/CVE-2018-16139.yaml | 2 +- http/cves/2018/CVE-2018-16159.yaml | 2 +- http/cves/2018/CVE-2018-16167.yaml | 4 +- http/cves/2018/CVE-2018-16283.yaml | 4 +- http/cves/2018/CVE-2018-16288.yaml | 6 +- http/cves/2018/CVE-2018-16668.yaml | 5 +- http/cves/2018/CVE-2018-16671.yaml | 6 +- http/cves/2018/CVE-2018-16763.yaml | 4 +- http/cves/2018/CVE-2018-16836.yaml | 4 +- http/cves/2018/CVE-2018-16979.yaml | 5 +- http/cves/2018/CVE-2018-17153.yaml | 4 +- http/cves/2018/CVE-2018-17246.yaml | 6 +- http/cves/2018/CVE-2018-17422.yaml | 3 +- http/cves/2018/CVE-2018-17431.yaml | 2 +- http/cves/2018/CVE-2018-18069.yaml | 2 +- http/cves/2018/CVE-2018-18264.yaml | 4 +- http/cves/2018/CVE-2018-18323.yaml | 5 +- http/cves/2018/CVE-2018-18570.yaml | 2 +- http/cves/2018/CVE-2018-18775.yaml | 3 +- http/cves/2018/CVE-2018-18778.yaml | 4 +- http/cves/2018/CVE-2018-18809.yaml | 4 +- http/cves/2018/CVE-2018-18925.yaml | 3 +- http/cves/2018/CVE-2018-19136.yaml | 4 +- http/cves/2018/CVE-2018-19137.yaml | 5 +- http/cves/2018/CVE-2018-19365.yaml | 5 +- http/cves/2018/CVE-2018-19386.yaml | 2 +- http/cves/2018/CVE-2018-19439.yaml | 4 +- http/cves/2018/CVE-2018-19749.yaml | 2 +- http/cves/2018/CVE-2018-19751.yaml | 2 +- http/cves/2018/CVE-2018-19752.yaml | 3 +- http/cves/2018/CVE-2018-19877.yaml | 3 +- http/cves/2018/CVE-2018-19892.yaml | 2 +- http/cves/2018/CVE-2018-19914.yaml | 4 +- http/cves/2018/CVE-2018-19915.yaml | 2 +- http/cves/2018/CVE-2018-20010.yaml | 2 +- http/cves/2018/CVE-2018-20011.yaml | 3 +- http/cves/2018/CVE-2018-20462.yaml | 3 +- http/cves/2018/CVE-2018-20463.yaml | 2 +- http/cves/2018/CVE-2018-20526.yaml | 6 +- http/cves/2018/CVE-2018-20608.yaml | 4 +- http/cves/2018/CVE-2018-20985.yaml | 4 +- http/cves/2018/CVE-2018-2894.yaml | 2 +- http/cves/2018/CVE-2018-3167.yaml | 4 +- http/cves/2018/CVE-2018-3238.yaml | 3 +- http/cves/2018/CVE-2018-3810.yaml | 2 +- http/cves/2018/CVE-2018-5233.yaml | 2 +- http/cves/2018/CVE-2018-5715.yaml | 3 +- http/cves/2018/CVE-2018-6184.yaml | 2 +- http/cves/2018/CVE-2018-6200.yaml | 5 +- http/cves/2018/CVE-2018-6530.yaml | 2 +- http/cves/2018/CVE-2018-6910.yaml | 6 +- http/cves/2018/CVE-2018-7251.yaml | 2 +- http/cves/2018/CVE-2018-7422.yaml | 3 +- http/cves/2018/CVE-2018-7490.yaml | 3 +- http/cves/2018/CVE-2018-7600.yaml | 2 +- http/cves/2018/CVE-2018-7653.yaml | 2 +- http/cves/2018/CVE-2018-8006.yaml | 2 +- http/cves/2018/CVE-2018-8033.yaml | 4 +- http/cves/2018/CVE-2018-8715.yaml | 3 +- http/cves/2018/CVE-2018-8823.yaml | 4 +- http/cves/2018/CVE-2018-9118.yaml | 2 +- http/cves/2018/CVE-2018-9161.yaml | 5 +- http/cves/2018/CVE-2018-9205.yaml | 2 +- http/cves/2019/CVE-2019-0193.yaml | 4 +- http/cves/2019/CVE-2019-0221.yaml | 2 +- http/cves/2019/CVE-2019-10068.yaml | 4 +- http/cves/2019/CVE-2019-1010287.yaml | 3 +- http/cves/2019/CVE-2019-1010290.yaml | 3 +- http/cves/2019/CVE-2019-10232.yaml | 4 +- http/cves/2019/CVE-2019-10405.yaml | 3 +- http/cves/2019/CVE-2019-10475.yaml | 2 +- http/cves/2019/CVE-2019-11013.yaml | 3 +- http/cves/2019/CVE-2019-11370.yaml | 2 +- http/cves/2019/CVE-2019-11580.yaml | 5 +- http/cves/2019/CVE-2019-12276.yaml | 4 +- http/cves/2019/CVE-2019-12461.yaml | 2 +- http/cves/2019/CVE-2019-12583.yaml | 4 +- http/cves/2019/CVE-2019-12593.yaml | 5 +- http/cves/2019/CVE-2019-12616.yaml | 4 +- http/cves/2019/CVE-2019-12725.yaml | 4 +- http/cves/2019/CVE-2019-12962.yaml | 4 +- http/cves/2019/CVE-2019-12985.yaml | 4 +- http/cves/2019/CVE-2019-12988.yaml | 4 +- http/cves/2019/CVE-2019-13101.yaml | 2 +- http/cves/2019/CVE-2019-13396.yaml | 6 +- http/cves/2019/CVE-2019-14205.yaml | 4 +- http/cves/2019/CVE-2019-14251.yaml | 4 +- http/cves/2019/CVE-2019-14312.yaml | 5 +- http/cves/2019/CVE-2019-14322.yaml | 6 +- http/cves/2019/CVE-2019-14470.yaml | 4 +- http/cves/2019/CVE-2019-14530.yaml | 3 +- http/cves/2019/CVE-2019-14696.yaml | 4 +- http/cves/2019/CVE-2019-14789.yaml | 2 +- http/cves/2019/CVE-2019-15501.yaml | 3 +- http/cves/2019/CVE-2019-15811.yaml | 4 +- http/cves/2019/CVE-2019-15858.yaml | 2 +- http/cves/2019/CVE-2019-16057.yaml | 2 +- http/cves/2019/CVE-2019-16097.yaml | 4 +- http/cves/2019/CVE-2019-16123.yaml | 4 +- http/cves/2019/CVE-2019-16313.yaml | 4 +- http/cves/2019/CVE-2019-16332.yaml | 2 +- http/cves/2019/CVE-2019-16469.yaml | 4 +- http/cves/2019/CVE-2019-1653.yaml | 4 +- http/cves/2019/CVE-2019-16920.yaml | 2 +- http/cves/2019/CVE-2019-16931.yaml | 2 +- http/cves/2019/CVE-2019-16996.yaml | 7 ++- http/cves/2019/CVE-2019-17270.yaml | 4 +- http/cves/2019/CVE-2019-17418.yaml | 4 +- http/cves/2019/CVE-2019-17444.yaml | 5 +- http/cves/2019/CVE-2019-17662.yaml | 4 +- http/cves/2019/CVE-2019-1821.yaml | 3 +- http/cves/2019/CVE-2019-18818.yaml | 4 +- http/cves/2019/CVE-2019-18922.yaml | 4 +- http/cves/2019/CVE-2019-18957.yaml | 2 +- http/cves/2019/CVE-2019-19368.yaml | 3 +- http/cves/2019/CVE-2019-19824.yaml | 5 +- http/cves/2019/CVE-2019-19908.yaml | 3 +- http/cves/2019/CVE-2019-20085.yaml | 2 +- http/cves/2019/CVE-2019-20183.yaml | 5 +- http/cves/2019/CVE-2019-20933.yaml | 2 +- http/cves/2019/CVE-2019-2578.yaml | 4 +- http/cves/2019/CVE-2019-2579.yaml | 3 +- http/cves/2019/CVE-2019-2588.yaml | 7 ++- http/cves/2019/CVE-2019-2616.yaml | 6 +- http/cves/2019/CVE-2019-2725.yaml | 2 +- http/cves/2019/CVE-2019-2729.yaml | 4 +- http/cves/2019/CVE-2019-2767.yaml | 4 +- http/cves/2019/CVE-2019-3396.yaml | 5 +- http/cves/2019/CVE-2019-3398.yaml | 4 +- http/cves/2019/CVE-2019-3402.yaml | 4 +- http/cves/2019/CVE-2019-3403.yaml | 7 ++- http/cves/2019/CVE-2019-3799.yaml | 4 +- http/cves/2019/CVE-2019-3911.yaml | 3 +- http/cves/2019/CVE-2019-3912.yaml | 5 +- http/cves/2019/CVE-2019-3929.yaml | 4 +- http/cves/2019/CVE-2019-5127.yaml | 4 +- http/cves/2019/CVE-2019-5418.yaml | 4 +- http/cves/2019/CVE-2019-5434.yaml | 4 +- http/cves/2019/CVE-2019-6112.yaml | 4 +- http/cves/2019/CVE-2019-6340.yaml | 5 +- http/cves/2019/CVE-2019-6715.yaml | 4 +- http/cves/2019/CVE-2019-6799.yaml | 4 +- http/cves/2019/CVE-2019-6802.yaml | 4 +- http/cves/2019/CVE-2019-7192.yaml | 2 +- http/cves/2019/CVE-2019-7219.yaml | 2 +- http/cves/2019/CVE-2019-7238.yaml | 6 +- http/cves/2019/CVE-2019-7254.yaml | 4 +- http/cves/2019/CVE-2019-7255.yaml | 5 +- http/cves/2019/CVE-2019-7315.yaml | 5 +- http/cves/2019/CVE-2019-7481.yaml | 6 +- http/cves/2019/CVE-2019-7543.yaml | 4 +- http/cves/2019/CVE-2019-7609.yaml | 4 +- http/cves/2019/CVE-2019-8086.yaml | 4 +- http/cves/2019/CVE-2019-8442.yaml | 5 +- http/cves/2019/CVE-2019-8446.yaml | 5 +- http/cves/2019/CVE-2019-8449.yaml | 2 +- http/cves/2019/CVE-2019-8451.yaml | 3 +- http/cves/2019/CVE-2019-9041.yaml | 4 +- http/cves/2019/CVE-2019-9618.yaml | 4 +- http/cves/2019/CVE-2019-9670.yaml | 4 +- http/cves/2019/CVE-2019-9726.yaml | 2 +- http/cves/2019/CVE-2019-9733.yaml | 4 +- http/cves/2019/CVE-2019-9915.yaml | 3 +- http/cves/2019/CVE-2019-9955.yaml | 4 +- http/cves/2019/CVE-2019-9978.yaml | 15 +++-- http/cves/2020/CVE-2020-10148.yaml | 4 +- http/cves/2020/CVE-2020-10220.yaml | 4 +- http/cves/2020/CVE-2020-10546.yaml | 4 +- http/cves/2020/CVE-2020-10547.yaml | 4 +- http/cves/2020/CVE-2020-10549.yaml | 4 +- http/cves/2020/CVE-2020-10973.yaml | 4 +- http/cves/2020/CVE-2020-11110.yaml | 2 +- http/cves/2020/CVE-2020-11450.yaml | 2 +- http/cves/2020/CVE-2020-11455.yaml | 4 +- http/cves/2020/CVE-2020-11530.yaml | 4 +- http/cves/2020/CVE-2020-11547.yaml | 4 +- http/cves/2020/CVE-2020-11710.yaml | 4 +- http/cves/2020/CVE-2020-11738.yaml | 4 +- http/cves/2020/CVE-2020-11854.yaml | 2 +- http/cves/2020/CVE-2020-11930.yaml | 4 +- http/cves/2020/CVE-2020-11978.yaml | 4 +- http/cves/2020/CVE-2020-12127.yaml | 4 +- http/cves/2020/CVE-2020-12259.yaml | 4 +- http/cves/2020/CVE-2020-12447.yaml | 3 +- http/cves/2020/CVE-2020-12478.yaml | 5 +- http/cves/2020/CVE-2020-12720.yaml | 4 +- http/cves/2020/CVE-2020-13117.yaml | 7 ++- http/cves/2020/CVE-2020-13121.yaml | 3 +- http/cves/2020/CVE-2020-13158.yaml | 4 +- http/cves/2020/CVE-2020-13258.yaml | 4 +- http/cves/2020/CVE-2020-13483.yaml | 4 +- http/cves/2020/CVE-2020-13638.yaml | 4 +- http/cves/2020/CVE-2020-13927.yaml | 4 +- http/cves/2020/CVE-2020-13937.yaml | 4 +- http/cves/2020/CVE-2020-13945.yaml | 5 +- http/cves/2020/CVE-2020-14181.yaml | 4 +- http/cves/2020/CVE-2020-14413.yaml | 2 +- http/cves/2020/CVE-2020-14864.yaml | 6 +- http/cves/2020/CVE-2020-14883.yaml | 5 +- http/cves/2020/CVE-2020-15050.yaml | 5 +- http/cves/2020/CVE-2020-15148.yaml | 2 +- http/cves/2020/CVE-2020-15227.yaml | 8 +-- http/cves/2020/CVE-2020-15568.yaml | 4 +- http/cves/2020/CVE-2020-15895.yaml | 3 +- http/cves/2020/CVE-2020-16139.yaml | 6 +- http/cves/2020/CVE-2020-16846.yaml | 2 +- http/cves/2020/CVE-2020-16952.yaml | 5 +- http/cves/2020/CVE-2020-17453.yaml | 3 +- http/cves/2020/CVE-2020-17456.yaml | 4 +- http/cves/2020/CVE-2020-17463.yaml | 4 +- http/cves/2020/CVE-2020-17496.yaml | 4 +- http/cves/2020/CVE-2020-17506.yaml | 6 +- http/cves/2020/CVE-2020-17530.yaml | 4 +- http/cves/2020/CVE-2020-18268.yaml | 4 +- http/cves/2020/CVE-2020-19282.yaml | 2 +- http/cves/2020/CVE-2020-19283.yaml | 2 +- http/cves/2020/CVE-2020-19295.yaml | 3 +- http/cves/2020/CVE-2020-19360.yaml | 2 +- http/cves/2020/CVE-2020-1943.yaml | 4 +- http/cves/2020/CVE-2020-1956.yaml | 4 +- http/cves/2020/CVE-2020-19625.yaml | 4 +- http/cves/2020/CVE-2020-20300.yaml | 6 +- http/cves/2020/CVE-2020-2036.yaml | 2 +- http/cves/2020/CVE-2020-2096.yaml | 3 +- http/cves/2020/CVE-2020-21012.yaml | 4 +- http/cves/2020/CVE-2020-2103.yaml | 4 +- http/cves/2020/CVE-2020-21224.yaml | 4 +- http/cves/2020/CVE-2020-2140.yaml | 2 +- http/cves/2020/CVE-2020-22209.yaml | 4 +- http/cves/2020/CVE-2020-23015.yaml | 2 +- http/cves/2020/CVE-2020-23517.yaml | 5 +- http/cves/2020/CVE-2020-23972.yaml | 5 +- http/cves/2020/CVE-2020-24148.yaml | 16 ++--- http/cves/2020/CVE-2020-24186.yaml | 5 +- http/cves/2020/CVE-2020-24223.yaml | 2 +- http/cves/2020/CVE-2020-24391.yaml | 4 +- http/cves/2020/CVE-2020-24571.yaml | 7 ++- http/cves/2020/CVE-2020-24579.yaml | 4 +- http/cves/2020/CVE-2020-24589.yaml | 4 +- http/cves/2020/CVE-2020-24701.yaml | 2 +- http/cves/2020/CVE-2020-24902.yaml | 3 +- http/cves/2020/CVE-2020-24903.yaml | 2 +- http/cves/2020/CVE-2020-24912.yaml | 4 +- http/cves/2020/CVE-2020-24949.yaml | 4 +- http/cves/2020/CVE-2020-25078.yaml | 4 +- http/cves/2020/CVE-2020-25506.yaml | 4 +- http/cves/2020/CVE-2020-25540.yaml | 4 +- http/cves/2020/CVE-2020-25780.yaml | 6 +- http/cves/2020/CVE-2020-25864.yaml | 2 +- http/cves/2020/CVE-2020-26217.yaml | 2 +- http/cves/2020/CVE-2020-26248.yaml | 2 +- http/cves/2020/CVE-2020-26258.yaml | 4 +- http/cves/2020/CVE-2020-26919.yaml | 5 +- http/cves/2020/CVE-2020-26948.yaml | 4 +- http/cves/2020/CVE-2020-27191.yaml | 4 +- http/cves/2020/CVE-2020-2733.yaml | 4 +- http/cves/2020/CVE-2020-27467.yaml | 4 +- http/cves/2020/CVE-2020-27735.yaml | 2 +- http/cves/2020/CVE-2020-27986.yaml | 4 +- http/cves/2020/CVE-2020-28185.yaml | 2 +- http/cves/2020/CVE-2020-28188.yaml | 2 +- http/cves/2020/CVE-2020-28208.yaml | 2 +- http/cves/2020/CVE-2020-28351.yaml | 2 +- http/cves/2020/CVE-2020-28871.yaml | 4 +- http/cves/2020/CVE-2020-28976.yaml | 2 +- http/cves/2020/CVE-2020-29164.yaml | 2 +- http/cves/2020/CVE-2020-29395.yaml | 3 +- http/cves/2020/CVE-2020-29583.yaml | 2 +- http/cves/2020/CVE-2020-29597.yaml | 5 +- http/cves/2020/CVE-2020-3187.yaml | 5 +- http/cves/2020/CVE-2020-35234.yaml | 6 +- http/cves/2020/CVE-2020-35338.yaml | 6 +- http/cves/2020/CVE-2020-35580.yaml | 6 +- http/cves/2020/CVE-2020-35713.yaml | 5 +- http/cves/2020/CVE-2020-35774.yaml | 4 +- http/cves/2020/CVE-2020-35846.yaml | 4 +- http/cves/2020/CVE-2020-35847.yaml | 4 +- http/cves/2020/CVE-2020-35848.yaml | 4 +- http/cves/2020/CVE-2020-35984.yaml | 2 +- http/cves/2020/CVE-2020-35985.yaml | 2 +- http/cves/2020/CVE-2020-35986.yaml | 2 +- http/cves/2020/CVE-2020-36112.yaml | 2 +- http/cves/2020/CVE-2020-36510.yaml | 3 +- http/cves/2020/CVE-2020-5284.yaml | 4 +- http/cves/2020/CVE-2020-5405.yaml | 5 +- http/cves/2020/CVE-2020-5412.yaml | 4 +- http/cves/2020/CVE-2020-5776.yaml | 4 +- http/cves/2020/CVE-2020-5777.yaml | 2 +- http/cves/2020/CVE-2020-5847.yaml | 2 +- http/cves/2020/CVE-2020-5902.yaml | 2 +- http/cves/2020/CVE-2020-6287.yaml | 4 +- http/cves/2020/CVE-2020-6308.yaml | 2 +- http/cves/2020/CVE-2020-6950.yaml | 4 +- http/cves/2020/CVE-2020-7136.yaml | 2 +- http/cves/2020/CVE-2020-7209.yaml | 4 +- http/cves/2020/CVE-2020-7796.yaml | 4 +- http/cves/2020/CVE-2020-7980.yaml | 2 +- http/cves/2020/CVE-2020-8115.yaml | 2 +- http/cves/2020/CVE-2020-8193.yaml | 5 +- http/cves/2020/CVE-2020-8209.yaml | 8 ++- http/cves/2020/CVE-2020-8497.yaml | 4 +- http/cves/2020/CVE-2020-8512.yaml | 4 +- http/cves/2020/CVE-2020-8515.yaml | 2 +- http/cves/2020/CVE-2020-8615.yaml | 4 +- http/cves/2020/CVE-2020-8641.yaml | 4 +- http/cves/2020/CVE-2020-8654.yaml | 3 +- http/cves/2020/CVE-2020-8982.yaml | 4 +- http/cves/2020/CVE-2020-9036.yaml | 2 +- http/cves/2020/CVE-2020-9047.yaml | 2 +- http/cves/2020/CVE-2020-9315.yaml | 4 +- http/cves/2020/CVE-2020-9344.yaml | 3 +- http/cves/2020/CVE-2020-9376.yaml | 2 +- http/cves/2020/CVE-2020-9402.yaml | 2 +- http/cves/2020/CVE-2020-9483.yaml | 5 +- http/cves/2020/CVE-2020-9484.yaml | 4 +- http/cves/2020/CVE-2020-9496.yaml | 4 +- http/cves/2020/CVE-2020-9757.yaml | 4 +- http/cves/2021/CVE-2021-1472.yaml | 2 +- http/cves/2021/CVE-2021-1497.yaml | 4 +- http/cves/2021/CVE-2021-1498.yaml | 4 +- http/cves/2021/CVE-2021-1499.yaml | 4 +- http/cves/2021/CVE-2021-20031.yaml | 2 +- http/cves/2021/CVE-2021-20038.yaml | 5 +- http/cves/2021/CVE-2021-20090.yaml | 4 +- http/cves/2021/CVE-2021-20092.yaml | 6 +- http/cves/2021/CVE-2021-20114.yaml | 4 +- http/cves/2021/CVE-2021-20123.yaml | 5 +- http/cves/2021/CVE-2021-20124.yaml | 4 +- http/cves/2021/CVE-2021-20137.yaml | 2 +- http/cves/2021/CVE-2021-20167.yaml | 6 +- http/cves/2021/CVE-2021-20323.yaml | 2 +- http/cves/2021/CVE-2021-20792.yaml | 4 +- http/cves/2021/CVE-2021-21087.yaml | 6 +- http/cves/2021/CVE-2021-21307.yaml | 2 +- http/cves/2021/CVE-2021-21315.yaml | 4 +- http/cves/2021/CVE-2021-21351.yaml | 4 +- http/cves/2021/CVE-2021-21389.yaml | 4 +- http/cves/2021/CVE-2021-21402.yaml | 2 +- http/cves/2021/CVE-2021-21745.yaml | 5 +- http/cves/2021/CVE-2021-21800.yaml | 4 +- http/cves/2021/CVE-2021-21802.yaml | 6 +- http/cves/2021/CVE-2021-21803.yaml | 6 +- http/cves/2021/CVE-2021-21816.yaml | 6 +- http/cves/2021/CVE-2021-21881.yaml | 6 +- http/cves/2021/CVE-2021-21972.yaml | 4 +- http/cves/2021/CVE-2021-21973.yaml | 4 +- http/cves/2021/CVE-2021-21978.yaml | 5 +- http/cves/2021/CVE-2021-21985.yaml | 5 +- http/cves/2021/CVE-2021-22005.yaml | 4 +- http/cves/2021/CVE-2021-22054.yaml | 6 +- http/cves/2021/CVE-2021-22145.yaml | 4 +- http/cves/2021/CVE-2021-22214.yaml | 4 +- http/cves/2021/CVE-2021-22502.yaml | 4 +- http/cves/2021/CVE-2021-22707.yaml | 4 +- http/cves/2021/CVE-2021-22873.yaml | 2 +- http/cves/2021/CVE-2021-22911.yaml | 4 +- http/cves/2021/CVE-2021-23241.yaml | 2 +- http/cves/2021/CVE-2021-24146.yaml | 4 +- http/cves/2021/CVE-2021-24165.yaml | 4 +- http/cves/2021/CVE-2021-24169.yaml | 3 +- http/cves/2021/CVE-2021-24214.yaml | 6 +- http/cves/2021/CVE-2021-24215.yaml | 4 +- http/cves/2021/CVE-2021-24226.yaml | 4 +- http/cves/2021/CVE-2021-24227.yaml | 4 +- http/cves/2021/CVE-2021-24237.yaml | 2 +- http/cves/2021/CVE-2021-24245.yaml | 5 +- http/cves/2021/CVE-2021-24274.yaml | 6 +- http/cves/2021/CVE-2021-24275.yaml | 4 +- http/cves/2021/CVE-2021-24276.yaml | 6 +- http/cves/2021/CVE-2021-24278.yaml | 6 +- http/cves/2021/CVE-2021-24284.yaml | 4 +- http/cves/2021/CVE-2021-24286.yaml | 5 +- http/cves/2021/CVE-2021-24287.yaml | 4 +- http/cves/2021/CVE-2021-24298.yaml | 6 +- http/cves/2021/CVE-2021-24300.yaml | 4 +- http/cves/2021/CVE-2021-24316.yaml | 4 +- http/cves/2021/CVE-2021-24335.yaml | 4 +- http/cves/2021/CVE-2021-24340.yaml | 4 +- http/cves/2021/CVE-2021-24342.yaml | 6 +- http/cves/2021/CVE-2021-24351.yaml | 6 +- http/cves/2021/CVE-2021-24358.yaml | 5 +- http/cves/2021/CVE-2021-24364.yaml | 5 +- http/cves/2021/CVE-2021-24370.yaml | 4 +- http/cves/2021/CVE-2021-24387.yaml | 5 +- http/cves/2021/CVE-2021-24389.yaml | 4 +- http/cves/2021/CVE-2021-24406.yaml | 6 +- http/cves/2021/CVE-2021-24407.yaml | 4 +- http/cves/2021/CVE-2021-24409.yaml | 4 +- http/cves/2021/CVE-2021-24435.yaml | 2 +- http/cves/2021/CVE-2021-24436.yaml | 2 +- http/cves/2021/CVE-2021-24442.yaml | 2 +- http/cves/2021/CVE-2021-24472.yaml | 6 +- http/cves/2021/CVE-2021-24495.yaml | 3 +- http/cves/2021/CVE-2021-24498.yaml | 4 +- http/cves/2021/CVE-2021-24499.yaml | 4 +- http/cves/2021/CVE-2021-24627.yaml | 4 +- http/cves/2021/CVE-2021-24647.yaml | 4 +- http/cves/2021/CVE-2021-24666.yaml | 4 +- http/cves/2021/CVE-2021-24731.yaml | 2 +- http/cves/2021/CVE-2021-24746.yaml | 3 +- http/cves/2021/CVE-2021-24791.yaml | 2 +- http/cves/2021/CVE-2021-24849.yaml | 15 +++-- http/cves/2021/CVE-2021-24910.yaml | 5 +- http/cves/2021/CVE-2021-24926.yaml | 2 +- http/cves/2021/CVE-2021-24943.yaml | 7 +-- http/cves/2021/CVE-2021-24947.yaml | 4 +- http/cves/2021/CVE-2021-24956.yaml | 2 +- http/cves/2021/CVE-2021-24987.yaml | 2 +- http/cves/2021/CVE-2021-24991.yaml | 2 +- http/cves/2021/CVE-2021-24997.yaml | 4 +- http/cves/2021/CVE-2021-25003.yaml | 4 +- http/cves/2021/CVE-2021-25008.yaml | 2 +- http/cves/2021/CVE-2021-25016.yaml | 2 +- http/cves/2021/CVE-2021-25033.yaml | 2 +- http/cves/2021/CVE-2021-25052.yaml | 4 +- http/cves/2021/CVE-2021-25055.yaml | 2 +- http/cves/2021/CVE-2021-25065.yaml | 2 +- http/cves/2021/CVE-2021-25074.yaml | 4 +- http/cves/2021/CVE-2021-25075.yaml | 4 +- http/cves/2021/CVE-2021-25078.yaml | 2 +- http/cves/2021/CVE-2021-25085.yaml | 3 +- http/cves/2021/CVE-2021-25099.yaml | 3 +- http/cves/2021/CVE-2021-25104.yaml | 4 +- http/cves/2021/CVE-2021-25111.yaml | 2 +- http/cves/2021/CVE-2021-25112.yaml | 3 +- http/cves/2021/CVE-2021-25114.yaml | 5 +- http/cves/2021/CVE-2021-25118.yaml | 6 +- http/cves/2021/CVE-2021-25120.yaml | 2 +- http/cves/2021/CVE-2021-25281.yaml | 4 +- http/cves/2021/CVE-2021-25297.yaml | 4 +- http/cves/2021/CVE-2021-25646.yaml | 4 +- http/cves/2021/CVE-2021-25864.yaml | 6 +- http/cves/2021/CVE-2021-25899.yaml | 4 +- http/cves/2021/CVE-2021-26084.yaml | 4 +- http/cves/2021/CVE-2021-26247.yaml | 4 +- http/cves/2021/CVE-2021-26294.yaml | 7 ++- http/cves/2021/CVE-2021-26295.yaml | 4 +- http/cves/2021/CVE-2021-26475.yaml | 2 +- http/cves/2021/CVE-2021-26702.yaml | 2 +- http/cves/2021/CVE-2021-26855.yaml | 4 +- http/cves/2021/CVE-2021-27124.yaml | 4 +- http/cves/2021/CVE-2021-27132.yaml | 6 +- http/cves/2021/CVE-2021-27315.yaml | 4 +- http/cves/2021/CVE-2021-27316.yaml | 4 +- http/cves/2021/CVE-2021-27330.yaml | 3 +- http/cves/2021/CVE-2021-27358.yaml | 4 +- http/cves/2021/CVE-2021-27519.yaml | 2 +- http/cves/2021/CVE-2021-27520.yaml | 3 +- http/cves/2021/CVE-2021-27651.yaml | 6 +- http/cves/2021/CVE-2021-27670.yaml | 7 ++- http/cves/2021/CVE-2021-28149.yaml | 2 +- http/cves/2021/CVE-2021-28164.yaml | 5 +- http/cves/2021/CVE-2021-29156.yaml | 4 +- http/cves/2021/CVE-2021-29441.yaml | 4 +- http/cves/2021/CVE-2021-29490.yaml | 2 +- http/cves/2021/CVE-2021-3002.yaml | 2 +- http/cves/2021/CVE-2021-30049.yaml | 6 +- http/cves/2021/CVE-2021-30128.yaml | 4 +- http/cves/2021/CVE-2021-30151.yaml | 5 +- http/cves/2021/CVE-2021-3017.yaml | 2 +- http/cves/2021/CVE-2021-30175.yaml | 5 +- http/cves/2021/CVE-2021-3019.yaml | 6 +- http/cves/2021/CVE-2021-30213.yaml | 2 +- http/cves/2021/CVE-2021-30497.yaml | 5 +- http/cves/2021/CVE-2021-3110.yaml | 3 +- http/cves/2021/CVE-2021-31195.yaml | 4 +- http/cves/2021/CVE-2021-3129.yaml | 5 +- http/cves/2021/CVE-2021-31537.yaml | 5 +- http/cves/2021/CVE-2021-31602.yaml | 2 +- http/cves/2021/CVE-2021-31682.yaml | 4 +- http/cves/2021/CVE-2021-31755.yaml | 4 +- http/cves/2021/CVE-2021-31805.yaml | 4 +- http/cves/2021/CVE-2021-31856.yaml | 5 +- http/cves/2021/CVE-2021-31862.yaml | 4 +- http/cves/2021/CVE-2021-32030.yaml | 4 +- http/cves/2021/CVE-2021-32172.yaml | 4 +- http/cves/2021/CVE-2021-3223.yaml | 5 +- http/cves/2021/CVE-2021-32618.yaml | 4 +- http/cves/2021/CVE-2021-32682.yaml | 4 +- http/cves/2021/CVE-2021-32789.yaml | 4 +- http/cves/2021/CVE-2021-32819.yaml | 2 +- http/cves/2021/CVE-2021-32820.yaml | 2 +- http/cves/2021/CVE-2021-3293.yaml | 4 +- http/cves/2021/CVE-2021-3297.yaml | 2 +- http/cves/2021/CVE-2021-33357.yaml | 4 +- http/cves/2021/CVE-2021-33564.yaml | 4 +- http/cves/2021/CVE-2021-33690.yaml | 5 +- http/cves/2021/CVE-2021-3377.yaml | 4 +- http/cves/2021/CVE-2021-3378.yaml | 5 +- http/cves/2021/CVE-2021-33807.yaml | 4 +- http/cves/2021/CVE-2021-33851.yaml | 2 +- http/cves/2021/CVE-2021-33904.yaml | 4 +- http/cves/2021/CVE-2021-34429.yaml | 4 +- http/cves/2021/CVE-2021-34473.yaml | 4 +- http/cves/2021/CVE-2021-34643.yaml | 2 +- http/cves/2021/CVE-2021-34805.yaml | 4 +- http/cves/2021/CVE-2021-35250.yaml | 4 +- http/cves/2021/CVE-2021-35265.yaml | 6 +- http/cves/2021/CVE-2021-35336.yaml | 4 +- http/cves/2021/CVE-2021-35488.yaml | 2 +- http/cves/2021/CVE-2021-36356.yaml | 5 +- http/cves/2021/CVE-2021-3654.yaml | 2 +- http/cves/2021/CVE-2021-36580.yaml | 4 +- http/cves/2021/CVE-2021-36748.yaml | 2 +- http/cves/2021/CVE-2021-36749.yaml | 4 +- http/cves/2021/CVE-2021-36873.yaml | 2 +- http/cves/2021/CVE-2021-37216.yaml | 6 +- http/cves/2021/CVE-2021-37304.yaml | 4 +- http/cves/2021/CVE-2021-37305.yaml | 4 +- http/cves/2021/CVE-2021-37416.yaml | 2 +- http/cves/2021/CVE-2021-37538.yaml | 2 +- http/cves/2021/CVE-2021-37573.yaml | 3 +- http/cves/2021/CVE-2021-37704.yaml | 6 +- http/cves/2021/CVE-2021-37833.yaml | 6 +- http/cves/2021/CVE-2021-38704.yaml | 2 +- http/cves/2021/CVE-2021-39141.yaml | 2 +- http/cves/2021/CVE-2021-39165.yaml | 4 +- http/cves/2021/CVE-2021-39211.yaml | 4 +- http/cves/2021/CVE-2021-39226.yaml | 4 +- http/cves/2021/CVE-2021-39312.yaml | 5 +- http/cves/2021/CVE-2021-39320.yaml | 4 +- http/cves/2021/CVE-2021-39322.yaml | 2 +- http/cves/2021/CVE-2021-39327.yaml | 6 +- http/cves/2021/CVE-2021-39433.yaml | 2 +- http/cves/2021/CVE-2021-39501.yaml | 2 +- http/cves/2021/CVE-2021-40149.yaml | 5 +- http/cves/2021/CVE-2021-40323.yaml | 4 +- http/cves/2021/CVE-2021-40438.yaml | 6 +- http/cves/2021/CVE-2021-40539.yaml | 4 +- http/cves/2021/CVE-2021-40542.yaml | 2 +- http/cves/2021/CVE-2021-40651.yaml | 2 +- http/cves/2021/CVE-2021-40661.yaml | 4 +- http/cves/2021/CVE-2021-40822.yaml | 2 +- http/cves/2021/CVE-2021-40856.yaml | 3 +- http/cves/2021/CVE-2021-40868.yaml | 2 +- http/cves/2021/CVE-2021-40875.yaml | 2 +- http/cves/2021/CVE-2021-40968.yaml | 2 +- http/cves/2021/CVE-2021-40970.yaml | 2 +- http/cves/2021/CVE-2021-40971.yaml | 2 +- http/cves/2021/CVE-2021-40972.yaml | 2 +- http/cves/2021/CVE-2021-41174.yaml | 4 +- http/cves/2021/CVE-2021-41266.yaml | 4 +- http/cves/2021/CVE-2021-41277.yaml | 5 +- http/cves/2021/CVE-2021-41282.yaml | 4 +- http/cves/2021/CVE-2021-41293.yaml | 6 +- http/cves/2021/CVE-2021-41349.yaml | 4 +- http/cves/2021/CVE-2021-41432.yaml | 5 +- http/cves/2021/CVE-2021-41460.yaml | 4 +- http/cves/2021/CVE-2021-41569.yaml | 3 +- http/cves/2021/CVE-2021-41648.yaml | 2 +- http/cves/2021/CVE-2021-41773.yaml | 4 +- http/cves/2021/CVE-2021-41826.yaml | 2 +- http/cves/2021/CVE-2021-41951.yaml | 4 +- http/cves/2021/CVE-2021-42013.yaml | 4 +- http/cves/2021/CVE-2021-42063.yaml | 2 +- http/cves/2021/CVE-2021-42071.yaml | 4 +- http/cves/2021/CVE-2021-42192.yaml | 4 +- http/cves/2021/CVE-2021-42258.yaml | 7 ++- http/cves/2021/CVE-2021-42565.yaml | 4 +- http/cves/2021/CVE-2021-42566.yaml | 3 +- http/cves/2021/CVE-2021-42567.yaml | 2 +- http/cves/2021/CVE-2021-42627.yaml | 4 +- http/cves/2021/CVE-2021-42887.yaml | 4 +- http/cves/2021/CVE-2021-43062.yaml | 2 +- http/cves/2021/CVE-2021-43421.yaml | 3 +- http/cves/2021/CVE-2021-43510.yaml | 6 +- http/cves/2021/CVE-2021-43574.yaml | 5 +- http/cves/2021/CVE-2021-43778.yaml | 4 +- http/cves/2021/CVE-2021-43798.yaml | 4 +- http/cves/2021/CVE-2021-43810.yaml | 4 +- http/cves/2021/CVE-2021-44077.yaml | 4 +- http/cves/2021/CVE-2021-44138.yaml | 4 +- http/cves/2021/CVE-2021-44152.yaml | 5 +- http/cves/2021/CVE-2021-44427.yaml | 4 +- http/cves/2021/CVE-2021-44529.yaml | 5 +- http/cves/2021/CVE-2021-44848.yaml | 4 +- http/cves/2021/CVE-2021-45092.yaml | 4 +- http/cves/2021/CVE-2021-45380.yaml | 2 +- http/cves/2021/CVE-2021-45382.yaml | 6 +- http/cves/2021/CVE-2021-45428.yaml | 2 +- http/cves/2021/CVE-2021-45967.yaml | 4 +- http/cves/2021/CVE-2021-46068.yaml | 3 +- http/cves/2021/CVE-2021-46072.yaml | 3 +- http/cves/2021/CVE-2021-46073.yaml | 3 +- http/cves/2021/CVE-2021-46107.yaml | 6 +- http/cves/2021/CVE-2021-46379.yaml | 5 +- http/cves/2021/CVE-2021-46381.yaml | 3 +- http/cves/2021/CVE-2021-46422.yaml | 4 +- http/cves/2021/CVE-2021-46704.yaml | 4 +- http/cves/2022/CVE-2022-0087.yaml | 2 +- http/cves/2022/CVE-2022-0140.yaml | 4 +- http/cves/2022/CVE-2022-0149.yaml | 2 +- http/cves/2022/CVE-2022-0165.yaml | 5 +- http/cves/2022/CVE-2022-0169.yaml | 4 +- http/cves/2022/CVE-2022-0189.yaml | 2 +- http/cves/2022/CVE-2022-0206.yaml | 3 +- http/cves/2022/CVE-2022-0208.yaml | 4 +- http/cves/2022/CVE-2022-0212.yaml | 2 +- http/cves/2022/CVE-2022-0218.yaml | 3 +- http/cves/2022/CVE-2022-0228.yaml | 5 +- http/cves/2022/CVE-2022-0234.yaml | 2 +- http/cves/2022/CVE-2022-0271.yaml | 4 +- http/cves/2022/CVE-2022-0288.yaml | 4 +- http/cves/2022/CVE-2022-0342.yaml | 4 +- http/cves/2022/CVE-2022-0346.yaml | 2 +- http/cves/2022/CVE-2022-0349.yaml | 6 +- http/cves/2022/CVE-2022-0378.yaml | 4 +- http/cves/2022/CVE-2022-0381.yaml | 2 +- http/cves/2022/CVE-2022-0412.yaml | 4 +- http/cves/2022/CVE-2022-0422.yaml | 2 +- http/cves/2022/CVE-2022-0432.yaml | 2 +- http/cves/2022/CVE-2022-0533.yaml | 2 +- http/cves/2022/CVE-2022-0535.yaml | 2 +- http/cves/2022/CVE-2022-0540.yaml | 4 +- http/cves/2022/CVE-2022-0594.yaml | 4 +- http/cves/2022/CVE-2022-0595.yaml | 4 +- http/cves/2022/CVE-2022-0599.yaml | 2 +- http/cves/2022/CVE-2022-0658.yaml | 5 +- http/cves/2022/CVE-2022-0678.yaml | 4 +- http/cves/2022/CVE-2022-0679.yaml | 5 +- http/cves/2022/CVE-2022-0692.yaml | 2 +- http/cves/2022/CVE-2022-0747.yaml | 5 +- http/cves/2022/CVE-2022-0769.yaml | 3 +- http/cves/2022/CVE-2022-0776.yaml | 2 +- http/cves/2022/CVE-2022-0781.yaml | 6 +- http/cves/2022/CVE-2022-0784.yaml | 6 +- http/cves/2022/CVE-2022-0785.yaml | 6 +- http/cves/2022/CVE-2022-0786.yaml | 4 +- http/cves/2022/CVE-2022-0787.yaml | 5 +- http/cves/2022/CVE-2022-0788.yaml | 6 +- http/cves/2022/CVE-2022-0814.yaml | 5 +- http/cves/2022/CVE-2022-0817.yaml | 4 +- http/cves/2022/CVE-2022-0827.yaml | 6 +- http/cves/2022/CVE-2022-0864.yaml | 3 +- http/cves/2022/CVE-2022-0867.yaml | 4 +- http/cves/2022/CVE-2022-0869.yaml | 2 +- http/cves/2022/CVE-2022-0870.yaml | 6 +- http/cves/2022/CVE-2022-0899.yaml | 4 +- http/cves/2022/CVE-2022-0949.yaml | 4 +- http/cves/2022/CVE-2022-0952.yaml | 4 +- http/cves/2022/CVE-2022-0968.yaml | 2 +- http/cves/2022/CVE-2022-1007.yaml | 3 +- http/cves/2022/CVE-2022-1013.yaml | 6 +- http/cves/2022/CVE-2022-1040.yaml | 4 +- http/cves/2022/CVE-2022-1054.yaml | 4 +- http/cves/2022/CVE-2022-1057.yaml | 6 +- http/cves/2022/CVE-2022-1119.yaml | 2 +- http/cves/2022/CVE-2022-1162.yaml | 4 +- http/cves/2022/CVE-2022-1168.yaml | 4 +- http/cves/2022/CVE-2022-1170.yaml | 2 +- http/cves/2022/CVE-2022-1329.yaml | 7 ++- http/cves/2022/CVE-2022-1386.yaml | 11 ++-- http/cves/2022/CVE-2022-1388.yaml | 4 +- http/cves/2022/CVE-2022-1390.yaml | 2 +- http/cves/2022/CVE-2022-1391.yaml | 2 +- http/cves/2022/CVE-2022-1398.yaml | 4 +- http/cves/2022/CVE-2022-1439.yaml | 3 +- http/cves/2022/CVE-2022-1574.yaml | 5 +- http/cves/2022/CVE-2022-1597.yaml | 2 +- http/cves/2022/CVE-2022-1598.yaml | 6 +- http/cves/2022/CVE-2022-1609.yaml | 15 ++++- http/cves/2022/CVE-2022-1713.yaml | 3 +- http/cves/2022/CVE-2022-1724.yaml | 3 +- http/cves/2022/CVE-2022-1815.yaml | 5 +- http/cves/2022/CVE-2022-1883.yaml | 3 +- http/cves/2022/CVE-2022-1904.yaml | 7 ++- http/cves/2022/CVE-2022-1906.yaml | 5 +- http/cves/2022/CVE-2022-1916.yaml | 10 +-- http/cves/2022/CVE-2022-1933.yaml | 4 +- http/cves/2022/CVE-2022-1937.yaml | 5 +- http/cves/2022/CVE-2022-1952.yaml | 6 +- http/cves/2022/CVE-2022-2034.yaml | 4 +- http/cves/2022/CVE-2022-21500.yaml | 4 +- http/cves/2022/CVE-2022-21587.yaml | 5 +- http/cves/2022/CVE-2022-21661.yaml | 4 +- http/cves/2022/CVE-2022-21705.yaml | 3 +- http/cves/2022/CVE-2022-2185.yaml | 4 +- http/cves/2022/CVE-2022-2219.yaml | 5 +- http/cves/2022/CVE-2022-22242.yaml | 4 +- http/cves/2022/CVE-2022-22536.yaml | 4 +- http/cves/2022/CVE-2022-22733.yaml | 5 +- http/cves/2022/CVE-2022-2290.yaml | 5 +- http/cves/2022/CVE-2022-22963.yaml | 6 +- http/cves/2022/CVE-2022-22965.yaml | 4 +- http/cves/2022/CVE-2022-23102.yaml | 2 +- http/cves/2022/CVE-2022-23178.yaml | 3 +- http/cves/2022/CVE-2022-23347.yaml | 3 +- http/cves/2022/CVE-2022-2373.yaml | 4 +- http/cves/2022/CVE-2022-2376.yaml | 6 +- http/cves/2022/CVE-2022-23779.yaml | 6 +- http/cves/2022/CVE-2022-23854.yaml | 4 +- http/cves/2022/CVE-2022-23881.yaml | 4 +- http/cves/2022/CVE-2022-23898.yaml | 4 +- http/cves/2022/CVE-2022-24124.yaml | 2 +- http/cves/2022/CVE-2022-24181.yaml | 2 +- http/cves/2022/CVE-2022-24223.yaml | 4 +- http/cves/2022/CVE-2022-24260.yaml | 6 +- http/cves/2022/CVE-2022-24265.yaml | 4 +- http/cves/2022/CVE-2022-24266.yaml | 4 +- http/cves/2022/CVE-2022-24288.yaml | 6 +- http/cves/2022/CVE-2022-2462.yaml | 4 +- http/cves/2022/CVE-2022-24716.yaml | 4 +- http/cves/2022/CVE-2022-24816.yaml | 5 +- http/cves/2022/CVE-2022-24856.yaml | 4 +- http/cves/2022/CVE-2022-2486.yaml | 5 +- http/cves/2022/CVE-2022-24899.yaml | 2 +- http/cves/2022/CVE-2022-24990.yaml | 4 +- http/cves/2022/CVE-2022-25082.yaml | 2 +- http/cves/2022/CVE-2022-25149.yaml | 4 +- http/cves/2022/CVE-2022-25216.yaml | 6 +- http/cves/2022/CVE-2022-2535.yaml | 5 +- http/cves/2022/CVE-2022-25356.yaml | 2 +- http/cves/2022/CVE-2022-2546.yaml | 5 +- http/cves/2022/CVE-2022-25481.yaml | 7 ++- http/cves/2022/CVE-2022-25485.yaml | 3 +- http/cves/2022/CVE-2022-25487.yaml | 6 +- http/cves/2022/CVE-2022-25488.yaml | 4 +- http/cves/2022/CVE-2022-25489.yaml | 2 +- http/cves/2022/CVE-2022-25497.yaml | 2 +- http/cves/2022/CVE-2022-2551.yaml | 4 +- http/cves/2022/CVE-2022-2599.yaml | 4 +- http/cves/2022/CVE-2022-26134.yaml | 4 +- http/cves/2022/CVE-2022-26138.yaml | 4 +- http/cves/2022/CVE-2022-26148.yaml | 4 +- http/cves/2022/CVE-2022-26263.yaml | 2 +- http/cves/2022/CVE-2022-2627.yaml | 2 +- http/cves/2022/CVE-2022-26352.yaml | 4 +- http/cves/2022/CVE-2022-26564.yaml | 2 +- http/cves/2022/CVE-2022-26833.yaml | 9 +-- http/cves/2022/CVE-2022-26960.yaml | 5 +- http/cves/2022/CVE-2022-2733.yaml | 4 +- http/cves/2022/CVE-2022-2756.yaml | 4 +- http/cves/2022/CVE-2022-27593.yaml | 4 +- http/cves/2022/CVE-2022-27849.yaml | 4 +- http/cves/2022/CVE-2022-27985.yaml | 4 +- http/cves/2022/CVE-2022-28023.yaml | 6 +- http/cves/2022/CVE-2022-28032.yaml | 4 +- http/cves/2022/CVE-2022-28080.yaml | 4 +- http/cves/2022/CVE-2022-28290.yaml | 3 +- http/cves/2022/CVE-2022-28363.yaml | 3 +- http/cves/2022/CVE-2022-2863.yaml | 4 +- http/cves/2022/CVE-2022-28955.yaml | 4 +- http/cves/2022/CVE-2022-29004.yaml | 2 +- http/cves/2022/CVE-2022-29006.yaml | 4 +- http/cves/2022/CVE-2022-29009.yaml | 4 +- http/cves/2022/CVE-2022-29014.yaml | 3 +- http/cves/2022/CVE-2022-29078.yaml | 4 +- http/cves/2022/CVE-2022-29153.yaml | 4 +- http/cves/2022/CVE-2022-29298.yaml | 3 +- http/cves/2022/CVE-2022-29299.yaml | 2 + http/cves/2022/CVE-2022-29303.yaml | 5 +- http/cves/2022/CVE-2022-29383.yaml | 4 +- http/cves/2022/CVE-2022-29464.yaml | 4 +- http/cves/2022/CVE-2022-29548.yaml | 2 +- http/cves/2022/CVE-2022-30073.yaml | 3 +- http/cves/2022/CVE-2022-30513.yaml | 2 +- http/cves/2022/CVE-2022-30514.yaml | 3 +- http/cves/2022/CVE-2022-30525.yaml | 4 +- http/cves/2022/CVE-2022-31126.yaml | 4 +- http/cves/2022/CVE-2022-31269.yaml | 5 +- http/cves/2022/CVE-2022-31299.yaml | 2 +- http/cves/2022/CVE-2022-31373.yaml | 5 +- http/cves/2022/CVE-2022-3142.yaml | 4 +- http/cves/2022/CVE-2022-31474.yaml | 4 +- http/cves/2022/CVE-2022-31656.yaml | 4 +- http/cves/2022/CVE-2022-31798.yaml | 4 +- http/cves/2022/CVE-2022-31854.yaml | 5 +- http/cves/2022/CVE-2022-31978.yaml | 4 +- http/cves/2022/CVE-2022-31981.yaml | 4 +- http/cves/2022/CVE-2022-31982.yaml | 4 +- http/cves/2022/CVE-2022-31984.yaml | 4 +- http/cves/2022/CVE-2022-32015.yaml | 5 +- http/cves/2022/CVE-2022-32018.yaml | 5 +- http/cves/2022/CVE-2022-32025.yaml | 4 +- http/cves/2022/CVE-2022-32026.yaml | 4 +- http/cves/2022/CVE-2022-32028.yaml | 5 +- http/cves/2022/CVE-2022-32195.yaml | 2 +- http/cves/2022/CVE-2022-32409.yaml | 6 +- http/cves/2022/CVE-2022-32429.yaml | 5 +- http/cves/2022/CVE-2022-32771.yaml | 6 +- http/cves/2022/CVE-2022-33119.yaml | 7 ++- http/cves/2022/CVE-2022-33174.yaml | 7 ++- http/cves/2022/CVE-2022-33891.yaml | 4 +- http/cves/2022/CVE-2022-33901.yaml | 5 +- http/cves/2022/CVE-2022-34045.yaml | 4 +- http/cves/2022/CVE-2022-34046.yaml | 5 +- http/cves/2022/CVE-2022-34047.yaml | 5 +- http/cves/2022/CVE-2022-34093.yaml | 5 +- http/cves/2022/CVE-2022-34094.yaml | 5 +- http/cves/2022/CVE-2022-34121.yaml | 4 +- http/cves/2022/CVE-2022-34576.yaml | 7 ++- http/cves/2022/CVE-2022-34590.yaml | 7 ++- http/cves/2022/CVE-2022-34753.yaml | 4 +- http/cves/2022/CVE-2022-35151.yaml | 7 ++- http/cves/2022/CVE-2022-35405.yaml | 4 +- http/cves/2022/CVE-2022-35413.yaml | 4 +- http/cves/2022/CVE-2022-35416.yaml | 4 +- http/cves/2022/CVE-2022-35653.yaml | 4 +- http/cves/2022/CVE-2022-35914.yaml | 4 +- http/cves/2022/CVE-2022-36537.yaml | 5 +- http/cves/2022/CVE-2022-36804.yaml | 4 +- http/cves/2022/CVE-2022-37042.yaml | 4 +- http/cves/2022/CVE-2022-37153.yaml | 7 ++- http/cves/2022/CVE-2022-37299.yaml | 4 +- http/cves/2022/CVE-2022-38131.yaml | 16 ++--- http/cves/2022/CVE-2022-38463.yaml | 4 +- http/cves/2022/CVE-2022-38467.yaml | 5 +- http/cves/2022/CVE-2022-38637.yaml | 4 +- http/cves/2022/CVE-2022-38870.yaml | 2 +- http/cves/2022/CVE-2022-39195.yaml | 4 +- http/cves/2022/CVE-2022-3933.yaml | 3 +- http/cves/2022/CVE-2022-3934.yaml | 3 +- http/cves/2022/CVE-2022-3980.yaml | 2 +- http/cves/2022/CVE-2022-3982.yaml | 5 +- http/cves/2022/CVE-2022-39952.yaml | 5 +- http/cves/2022/CVE-2022-39986.yaml | 4 +- http/cves/2022/CVE-2022-40022.yaml | 4 +- http/cves/2022/CVE-2022-40047.yaml | 2 +- http/cves/2022/CVE-2022-40127.yaml | 4 +- http/cves/2022/CVE-2022-40359.yaml | 4 +- http/cves/2022/CVE-2022-4049.yaml | 5 +- http/cves/2022/CVE-2022-4050.yaml | 6 +- http/cves/2022/CVE-2022-4060.yaml | 4 +- http/cves/2022/CVE-2022-4063.yaml | 6 +- http/cves/2022/CVE-2022-40684.yaml | 4 +- http/cves/2022/CVE-2022-40843.yaml | 4 +- http/cves/2022/CVE-2022-40879.yaml | 4 +- http/cves/2022/CVE-2022-4117.yaml | 6 +- http/cves/2022/CVE-2022-41441.yaml | 4 +- http/cves/2022/CVE-2022-41473.yaml | 7 ++- http/cves/2022/CVE-2022-42094.yaml | 5 +- http/cves/2022/CVE-2022-4260.yaml | 3 +- http/cves/2022/CVE-2022-42746.yaml | 2 +- http/cves/2022/CVE-2022-42748.yaml | 2 +- http/cves/2022/CVE-2022-42749.yaml | 3 +- http/cves/2022/CVE-2022-4301.yaml | 7 ++- http/cves/2022/CVE-2022-43014.yaml | 5 +- http/cves/2022/CVE-2022-43015.yaml | 5 +- http/cves/2022/CVE-2022-43016.yaml | 5 +- http/cves/2022/CVE-2022-4305.yaml | 5 +- http/cves/2022/CVE-2022-4306.yaml | 5 +- http/cves/2022/CVE-2022-43165.yaml | 4 +- http/cves/2022/CVE-2022-43166.yaml | 4 +- http/cves/2022/CVE-2022-43167.yaml | 4 +- http/cves/2022/CVE-2022-44290.yaml | 4 +- http/cves/2022/CVE-2022-44291.yaml | 4 +- http/cves/2022/CVE-2022-44877.yaml | 4 +- http/cves/2022/CVE-2022-44944.yaml | 2 +- http/cves/2022/CVE-2022-44949.yaml | 2 +- http/cves/2022/CVE-2022-44950.yaml | 2 +- http/cves/2022/CVE-2022-44951.yaml | 2 +- http/cves/2022/CVE-2022-44952.yaml | 2 +- http/cves/2022/CVE-2022-44957.yaml | 2 +- http/cves/2022/CVE-2022-45037.yaml | 2 +- http/cves/2022/CVE-2022-45038.yaml | 2 +- http/cves/2022/CVE-2022-45354.yaml | 5 +- http/cves/2022/CVE-2022-45365.yaml | 4 +- http/cves/2022/CVE-2022-45805.yaml | 5 +- http/cves/2022/CVE-2022-45835.yaml | 4 +- http/cves/2022/CVE-2022-45933.yaml | 4 +- http/cves/2022/CVE-2022-46020.yaml | 4 +- http/cves/2022/CVE-2022-46071.yaml | 4 +- http/cves/2022/CVE-2022-46073.yaml | 4 +- http/cves/2022/CVE-2022-46169.yaml | 6 +- http/cves/2022/CVE-2022-46381.yaml | 6 +- http/cves/2022/CVE-2022-46443.yaml | 5 +- http/cves/2022/CVE-2022-46463.yaml | 5 +- http/cves/2022/CVE-2022-47002.yaml | 4 +- http/cves/2022/CVE-2022-47615.yaml | 4 +- http/cves/2022/CVE-2022-47966.yaml | 4 +- http/cves/2022/CVE-2022-48012.yaml | 4 +- http/cves/2022/CVE-2022-48197.yaml | 4 +- http/cves/2023/CVE-2023-0126.yaml | 6 +- http/cves/2023/CVE-2023-0236.yaml | 5 +- http/cves/2023/CVE-2023-0334.yaml | 4 +- http/cves/2023/CVE-2023-0514.yaml | 2 +- http/cves/2023/CVE-2023-0552.yaml | 4 +- http/cves/2023/CVE-2023-0562.yaml | 5 +- http/cves/2023/CVE-2023-0563.yaml | 5 +- http/cves/2023/CVE-2023-0600.yaml | 16 ++--- http/cves/2023/CVE-2023-0669.yaml | 4 +- http/cves/2023/CVE-2023-0900.yaml | 4 +- http/cves/2023/CVE-2023-0942.yaml | 4 +- http/cves/2023/CVE-2023-0947.yaml | 4 +- http/cves/2023/CVE-2023-0948.yaml | 2 +- http/cves/2023/CVE-2023-1020.yaml | 4 +- http/cves/2023/CVE-2023-1080.yaml | 4 +- http/cves/2023/CVE-2023-1263.yaml | 4 +- http/cves/2023/CVE-2023-1454.yaml | 5 +- http/cves/2023/CVE-2023-1496.yaml | 4 +- http/cves/2023/CVE-2023-1671.yaml | 5 +- http/cves/2023/CVE-2023-1698.yaml | 6 +- http/cves/2023/CVE-2023-1719.yaml | 3 +- http/cves/2023/CVE-2023-1730.yaml | 4 +- http/cves/2023/CVE-2023-1780.yaml | 2 +- http/cves/2023/CVE-2023-1835.yaml | 2 +- http/cves/2023/CVE-2023-1880.yaml | 4 +- http/cves/2023/CVE-2023-1890.yaml | 4 +- http/cves/2023/CVE-2023-20073.yaml | 4 +- http/cves/2023/CVE-2023-2009.yaml | 2 +- http/cves/2023/CVE-2023-2023.yaml | 4 +- http/cves/2023/CVE-2023-20864.yaml | 5 +- http/cves/2023/CVE-2023-20887.yaml | 4 +- http/cves/2023/CVE-2023-2122.yaml | 2 +- http/cves/2023/CVE-2023-2178.yaml | 2 +- http/cves/2023/CVE-2023-22232.yaml | 4 +- http/cves/2023/CVE-2023-22432.yaml | 4 +- http/cves/2023/CVE-2023-22463.yaml | 4 +- http/cves/2023/CVE-2023-22478.yaml | 4 +- http/cves/2023/CVE-2023-22480.yaml | 4 +- http/cves/2023/CVE-2023-22518.yaml | 4 +- http/cves/2023/CVE-2023-2252.yaml | 4 +- http/cves/2023/CVE-2023-22527.yaml | 13 ++-- http/cves/2023/CVE-2023-23489.yaml | 4 +- http/cves/2023/CVE-2023-23491.yaml | 6 +- http/cves/2023/CVE-2023-2356.yaml | 6 +- http/cves/2023/CVE-2023-24278.yaml | 5 +- http/cves/2023/CVE-2023-24489.yaml | 6 +- http/cves/2023/CVE-2023-24733.yaml | 8 +-- http/cves/2023/CVE-2023-24735.yaml | 8 +-- http/cves/2023/CVE-2023-24737.yaml | 4 +- http/cves/2023/CVE-2023-25135.yaml | 5 +- http/cves/2023/CVE-2023-25573.yaml | 6 +- http/cves/2023/CVE-2023-26035.yaml | 5 +- http/cves/2023/CVE-2023-26067.yaml | 4 +- http/cves/2023/CVE-2023-26347.yaml | 4 +- http/cves/2023/CVE-2023-26469.yaml | 4 +- http/cves/2023/CVE-2023-2648.yaml | 4 +- http/cves/2023/CVE-2023-26842.yaml | 3 +- http/cves/2023/CVE-2023-26843.yaml | 4 +- http/cves/2023/CVE-2023-27008.yaml | 4 +- http/cves/2023/CVE-2023-27034.yaml | 5 +- http/cves/2023/CVE-2023-27292.yaml | 5 +- http/cves/2023/CVE-2023-27372.yaml | 4 +- http/cves/2023/CVE-2023-27524.yaml | 4 +- http/cves/2023/CVE-2023-27587.yaml | 4 +- http/cves/2023/CVE-2023-27639.yaml | 4 +- http/cves/2023/CVE-2023-27640.yaml | 9 ++- http/cves/2023/CVE-2023-2779.yaml | 4 +- http/cves/2023/CVE-2023-2796.yaml | 5 +- http/cves/2023/CVE-2023-28121.yaml | 4 +- http/cves/2023/CVE-2023-2813.yaml | 6 +- http/cves/2023/CVE-2023-2825.yaml | 4 +- http/cves/2023/CVE-2023-28662.yaml | 13 ++-- http/cves/2023/CVE-2023-29084.yaml | 4 +- http/cves/2023/CVE-2023-29300.yaml | 7 ++- http/cves/2023/CVE-2023-29439.yaml | 2 +- http/cves/2023/CVE-2023-29489.yaml | 6 +- http/cves/2023/CVE-2023-2982.yaml | 4 +- http/cves/2023/CVE-2023-30019.yaml | 3 +- http/cves/2023/CVE-2023-30150.yaml | 4 +- http/cves/2023/CVE-2023-30212.yaml | 6 +- http/cves/2023/CVE-2023-30625.yaml | 4 +- http/cves/2023/CVE-2023-30777.yaml | 4 +- http/cves/2023/CVE-2023-30943.yaml | 4 +- http/cves/2023/CVE-2023-3219.yaml | 2 +- http/cves/2023/CVE-2023-32243.yaml | 4 +- http/cves/2023/CVE-2023-32315.yaml | 7 ++- http/cves/2023/CVE-2023-32563.yaml | 4 +- http/cves/2023/CVE-2023-33338.yaml | 4 +- http/cves/2023/CVE-2023-33439.yaml | 4 +- http/cves/2023/CVE-2023-33584.yaml | 5 +- http/cves/2023/CVE-2023-33629.yaml | 5 +- http/cves/2023/CVE-2023-34124.yaml | 4 +- http/cves/2023/CVE-2023-34259.yaml | 2 +- http/cves/2023/CVE-2023-34598.yaml | 6 +- http/cves/2023/CVE-2023-34659.yaml | 4 +- http/cves/2023/CVE-2023-34751.yaml | 4 +- http/cves/2023/CVE-2023-34752.yaml | 4 +- http/cves/2023/CVE-2023-34753.yaml | 4 +- http/cves/2023/CVE-2023-34756.yaml | 4 +- http/cves/2023/CVE-2023-34843.yaml | 2 +- http/cves/2023/CVE-2023-34960.yaml | 4 +- http/cves/2023/CVE-2023-35843.yaml | 5 +- http/cves/2023/CVE-2023-35844.yaml | 4 +- http/cves/2023/CVE-2023-36144.yaml | 4 +- http/cves/2023/CVE-2023-36289.yaml | 4 +- http/cves/2023/CVE-2023-36346.yaml | 3 +- http/cves/2023/CVE-2023-36934.yaml | 5 +- http/cves/2023/CVE-2023-37265.yaml | 5 +- http/cves/2023/CVE-2023-37580.yaml | 4 +- http/cves/2023/CVE-2023-37629.yaml | 2 +- http/cves/2023/CVE-2023-3765.yaml | 4 +- http/cves/2023/CVE-2023-37728.yaml | 4 +- http/cves/2023/CVE-2023-37979.yaml | 4 +- http/cves/2023/CVE-2023-38205.yaml | 4 +- http/cves/2023/CVE-2023-3843.yaml | 4 +- http/cves/2023/CVE-2023-38433.yaml | 4 +- http/cves/2023/CVE-2023-3844.yaml | 4 +- http/cves/2023/CVE-2023-3845.yaml | 4 +- http/cves/2023/CVE-2023-3847.yaml | 5 +- http/cves/2023/CVE-2023-39002.yaml | 2 +- http/cves/2023/CVE-2023-39109.yaml | 5 +- http/cves/2023/CVE-2023-39110.yaml | 5 +- http/cves/2023/CVE-2023-39143.yaml | 4 +- http/cves/2023/CVE-2023-3936.yaml | 2 +- http/cves/2023/CVE-2023-39598.yaml | 4 +- http/cves/2023/CVE-2023-39600.yaml | 2 +- http/cves/2023/CVE-2023-40355.yaml | 13 ++-- http/cves/2023/CVE-2023-4110.yaml | 4 +- http/cves/2023/CVE-2023-41109.yaml | 5 +- http/cves/2023/CVE-2023-4111.yaml | 4 +- http/cves/2023/CVE-2023-4112.yaml | 4 +- http/cves/2023/CVE-2023-4115.yaml | 4 +- http/cves/2023/CVE-2023-4116.yaml | 4 +- http/cves/2023/CVE-2023-41265.yaml | 4 +- http/cves/2023/CVE-2023-41266.yaml | 5 +- http/cves/2023/CVE-2023-4168.yaml | 4 +- http/cves/2023/CVE-2023-4169.yaml | 5 +- http/cves/2023/CVE-2023-4174.yaml | 4 +- http/cves/2023/CVE-2023-41763.yaml | 6 +- http/cves/2023/CVE-2023-42344.yaml | 4 +- http/cves/2023/CVE-2023-42793.yaml | 4 +- http/cves/2023/CVE-2023-43177.yaml | 6 +- http/cves/2023/CVE-2023-43187.yaml | 8 +-- http/cves/2023/CVE-2023-43325.yaml | 5 +- http/cves/2023/CVE-2023-43326.yaml | 3 +- http/cves/2023/CVE-2023-43795.yaml | 5 +- http/cves/2023/CVE-2023-44352.yaml | 11 ++-- http/cves/2023/CVE-2023-45542.yaml | 5 +- http/cves/2023/CVE-2023-45671.yaml | 2 +- http/cves/2023/CVE-2023-45852.yaml | 6 +- http/cves/2023/CVE-2023-4634.yaml | 4 +- http/cves/2023/CVE-2023-46574.yaml | 11 ++-- http/cves/2023/CVE-2023-46747.yaml | 7 ++- http/cves/2023/CVE-2023-46805.yaml | 7 ++- http/cves/2023/CVE-2023-47115.yaml | 2 +- http/cves/2023/CVE-2023-4714.yaml | 5 +- http/cves/2023/CVE-2023-47211.yaml | 2 +- http/cves/2023/CVE-2023-47246.yaml | 4 +- http/cves/2023/CVE-2023-49070.yaml | 4 +- http/cves/2023/CVE-2023-4966.yaml | 4 +- http/cves/2023/CVE-2023-49785.yaml | 7 ++- http/cves/2023/CVE-2023-50290.yaml | 3 +- http/cves/2023/CVE-2023-5074.yaml | 4 +- http/cves/2023/CVE-2023-5089.yaml | 4 +- http/cves/2023/CVE-2023-50917.yaml | 4 +- http/cves/2023/CVE-2023-50968.yaml | 2 +- http/cves/2023/CVE-2023-51467.yaml | 4 +- http/cves/2023/CVE-2023-52085.yaml | 6 +- http/cves/2023/CVE-2023-5360.yaml | 2 +- http/cves/2023/CVE-2023-5375.yaml | 3 +- http/cves/2023/CVE-2023-5556.yaml | 2 +- http/cves/2023/CVE-2023-5830.yaml | 4 +- http/cves/2023/CVE-2023-5914.yaml | 4 +- http/cves/2023/CVE-2023-6018.yaml | 5 +- http/cves/2023/CVE-2023-6020.yaml | 6 +- http/cves/2023/CVE-2023-6021.yaml | 4 +- http/cves/2023/CVE-2023-6023.yaml | 4 +- http/cves/2023/CVE-2023-6063.yaml | 11 ++-- http/cves/2023/CVE-2023-6114.yaml | 2 + http/cves/2023/CVE-2023-6360.yaml | 13 ++-- http/cves/2023/CVE-2023-6553.yaml | 12 +++- http/cves/2023/CVE-2023-6567.yaml | 17 ++++- http/cves/2023/CVE-2023-6623.yaml | 4 +- http/cves/2023/CVE-2023-6634.yaml | 4 +- http/cves/2023/CVE-2023-6831.yaml | 12 ++-- http/cves/2023/CVE-2023-6875.yaml | 2 +- http/cves/2023/CVE-2023-6895.yaml | 6 +- http/cves/2023/CVE-2023-6909.yaml | 21 ++++--- http/cves/2023/CVE-2023-6977.yaml | 6 +- http/cves/2024/CVE-2024-0204.yaml | 6 ++ http/cves/2024/CVE-2024-0305.yaml | 8 ++- http/cves/2024/CVE-2024-0713.yaml | 7 +-- http/cves/2024/CVE-2024-1021.yaml | 23 +++++-- http/cves/2024/CVE-2024-1061.yaml | 24 ++++--- http/cves/2024/CVE-2024-1071.yaml | 9 ++- http/cves/2024/CVE-2024-1208.yaml | 9 ++- http/cves/2024/CVE-2024-1209.yaml | 6 +- http/cves/2024/CVE-2024-1210.yaml | 6 +- http/cves/2024/CVE-2024-1212.yaml | 5 +- http/cves/2024/CVE-2024-1709.yaml | 3 +- http/cves/2024/CVE-2024-21644.yaml | 4 +- http/cves/2024/CVE-2024-21645.yaml | 9 ++- http/cves/2024/CVE-2024-21887.yaml | 6 ++ http/cves/2024/CVE-2024-21893.yaml | 6 +- http/cves/2024/CVE-2024-22320.yaml | 4 +- http/cves/2024/CVE-2024-25600.yaml | 2 +- http/cves/2024/CVE-2024-25669.yaml | 2 +- http/cves/2024/CVE-2024-25735.yaml | 2 +- http/cves/2024/CVE-2024-27198.yaml | 11 +++- http/cves/2024/CVE-2024-27497.yaml | 5 ++ http/cves/2024/CVE-2024-27954.yaml | 6 +- .../druid/druid-default-login.yaml | 3 +- .../ibm/ibm-dcbc-default-login.yaml | 2 +- .../ibm/ibm-dcec-default-login.yaml | 2 +- .../ibm/ibm-dsc-default-login.yaml | 2 +- .../ibm/ibm-hmc-default-login.yaml | 2 +- .../default-logins/ibm/imm-default-login.yaml | 2 +- .../ispconfig-default-login.yaml | 3 +- .../lucee/lucee-default-login.yaml | 2 +- .../webmethod-integration-default-login.yaml | 5 +- .../3cx-phone-management-panel.yaml | 2 +- .../3cx-phone-webclient-management-panel.yaml | 2 +- http/exposed-panels/acemanager-login.yaml | 2 +- .../exposed-panels/active-admin-exposure.yaml | 2 +- http/exposed-panels/activemq-panel.yaml | 2 +- http/exposed-panels/adiscon-loganalyzer.yaml | 2 +- http/exposed-panels/adminer-panel-detect.yaml | 2 +- http/exposed-panels/adminer-panel.yaml | 4 +- .../adobe/adobe-component-login.yaml | 2 +- .../adobe/adobe-connect-central-login.yaml | 2 +- .../adobe/adobe-experience-manager-login.yaml | 2 +- .../adobe/aem-crx-package-manager.yaml | 2 +- .../exposed-panels/adobe/aem-sling-login.yaml | 2 +- .../afterlogic-webmail-login.yaml | 2 +- http/exposed-panels/airflow-panel.yaml | 2 +- http/exposed-panels/akamai-cloudtest.yaml | 2 +- http/exposed-panels/alfresco-detect.yaml | 2 +- .../allied-telesis-exposure.yaml | 4 +- http/exposed-panels/ambari-exposure.yaml | 2 +- http/exposed-panels/amcrest-login.yaml | 2 +- http/exposed-panels/ametys-admin-login.yaml | 2 +- .../exposed-panels/amp-application-panel.yaml | 4 +- http/exposed-panels/ampache-panel.yaml | 4 +- .../ansible-tower-exposure.yaml | 2 +- .../apache-jmeter-dashboard.yaml | 4 +- .../apache/apache-apisix-panel.yaml | 2 +- .../apache/apache-mesos-panel.yaml | 4 +- .../apache/public-tomcat-manager.yaml | 2 +- http/exposed-panels/apigee-panel.yaml | 28 ++++----- http/exposed-panels/appsmith-web-login.yaml | 4 +- http/exposed-panels/appspace-panel.yaml | 4 +- http/exposed-panels/appsuite-panel.yaml | 4 +- http/exposed-panels/appwrite-panel.yaml | 4 +- .../arangodb-web-Interface.yaml | 4 +- http/exposed-panels/arcgis/arcgis-panel.yaml | 2 +- .../arcgis/arcgis-services.yaml | 4 +- .../archibus-webcentral-panel.yaml | 4 +- http/exposed-panels/arcserve-panel.yaml | 4 +- http/exposed-panels/arris-modem-detect.yaml | 4 +- http/exposed-panels/atlantis-detect.yaml | 4 +- .../atlassian-bamboo-panel.yaml | 28 ++++----- .../exposed-panels/atlassian-crowd-panel.yaml | 2 +- http/exposed-panels/avantfax-panel.yaml | 2 +- .../avaya/avayaaura-cm-panel.yaml | 2 +- .../avaya/avayaaura-system-manager-panel.yaml | 2 +- http/exposed-panels/aviatrix-panel.yaml | 2 +- http/exposed-panels/avigilon-panel.yaml | 4 +- http/exposed-panels/aws-opensearch-login.yaml | 2 +- .../axway-securetransport-panel.yaml | 4 +- .../axway-securetransport-webclient.yaml | 4 +- http/exposed-panels/axxon-client-panel.yaml | 4 +- http/exposed-panels/bedita-panel.yaml | 2 +- .../exposed-panels/beego-admin-dashboard.yaml | 4 +- http/exposed-panels/bigbluebutton-login.yaml | 2 +- http/exposed-panels/bigip-rest-panel.yaml | 2 +- .../bitdefender-gravityzone.yaml | 4 +- http/exposed-panels/bitrix-panel.yaml | 2 +- .../exposed-panels/bitwarden-vault-panel.yaml | 4 +- .../bloofoxcms-login-panel.yaml | 4 +- http/exposed-panels/bolt-cms-panel.yaml | 2 +- http/exposed-panels/bookstack-panel.yaml | 2 +- http/exposed-panels/buildbot-panel.yaml | 4 +- http/exposed-panels/bynder-panel.yaml | 28 ++++----- http/exposed-panels/cacti-panel.yaml | 2 +- http/exposed-panels/cas-login.yaml | 2 +- http/exposed-panels/casdoor-login.yaml | 2 +- http/exposed-panels/centreon-panel.yaml | 2 +- .../exposed-panels/checkmk/checkmk-login.yaml | 2 +- .../checkpoint/ssl-network-extender.yaml | 2 +- http/exposed-panels/cisco-unity-panel.yaml | 4 +- .../cisco/cisco-anyconnect-vpn.yaml | 2 +- .../exposed-panels/cisco/cisco-asa-panel.yaml | 2 +- http/exposed-panels/cisco/cisco-edge-340.yaml | 2 +- .../cisco/cisco-expressway-panel.yaml | 28 ++++----- .../cisco/cisco-finesse-login.yaml | 2 +- .../cisco/cisco-integrated-login.yaml | 2 +- .../cisco/cisco-ios-xe-panel.yaml | 4 +- .../cisco/cisco-onprem-panel.yaml | 4 +- .../cisco/cisco-prime-infrastructure.yaml | 2 +- http/exposed-panels/cisco/cisco-sd-wan.yaml | 2 +- .../cisco/cisco-secure-desktop.yaml | 2 +- .../cisco/cisco-ucs-kvm-login.yaml | 2 +- .../citrix-adc-gateway-detect.yaml | 2 +- http/exposed-panels/citrix-vpn-detect.yaml | 2 +- http/exposed-panels/cleanweb-panel.yaml | 2 +- .../clearpass-policy-manager.yaml | 2 +- http/exposed-panels/cloudpanel-login.yaml | 4 +- http/exposed-panels/cobbler-webgui.yaml | 2 +- http/exposed-panels/code-server-login.yaml | 4 +- http/exposed-panels/code42-panel.yaml | 2 +- .../codemeter-webadmin-panel.yaml | 2 +- .../coldfusion-administrator-login.yaml | 2 +- http/exposed-panels/compal-panel.yaml | 2 +- .../concrete5/concrete5-install.yaml | 4 +- .../concrete5/concrete5-panel.yaml | 2 +- http/exposed-panels/connect-box-login.yaml | 4 +- http/exposed-panels/contao-login-panel.yaml | 4 +- http/exposed-panels/corebos-panel.yaml | 4 +- http/exposed-panels/cortex-xsoar-login.yaml | 2 +- http/exposed-panels/couchdb-exposure.yaml | 2 +- http/exposed-panels/couchdb-fauxton.yaml | 2 +- http/exposed-panels/cpanel-api-codes.yaml | 4 +- http/exposed-panels/craftcms-admin-panel.yaml | 2 +- http/exposed-panels/crush-ftp-login.yaml | 4 +- .../cyberoam-ssl-vpn-panel.yaml | 2 +- http/exposed-panels/dahua-web-panel.yaml | 4 +- .../darktrace-threat-visualizer.yaml | 4 +- http/exposed-panels/dashy-panel.yaml | 4 +- http/exposed-panels/dataease-panel.yaml | 4 +- http/exposed-panels/daybyday-panel.yaml | 2 +- http/exposed-panels/dell-wyse-login.yaml | 2 +- http/exposed-panels/deluge-webui-panel.yaml | 4 +- http/exposed-panels/digitalrebar-login.yaml | 2 +- .../directadmin-login-panel.yaml | 2 +- http/exposed-panels/django-admin-panel.yaml | 2 +- http/exposed-panels/dokuwiki-panel.yaml | 4 +- http/exposed-panels/dotclear-panel.yaml | 2 +- http/exposed-panels/dotcms-admin-panel.yaml | 2 +- .../drawio-flowchartmaker-panel.yaml | 2 +- .../druid-console-exposure.yaml | 2 +- http/exposed-panels/druid-panel.yaml | 2 +- http/exposed-panels/drupal-login.yaml | 2 +- .../dzzoffice/dzzoffice-install.yaml | 4 +- http/exposed-panels/eMerge-panel.yaml | 4 +- http/exposed-panels/easyjob-panel.yaml | 2 +- http/exposed-panels/edgeos-login.yaml | 2 +- http/exposed-panels/emby-panel.yaml | 4 +- http/exposed-panels/emqx-panel.yaml | 28 ++++----- http/exposed-panels/eset-protect-panel.yaml | 2 +- http/exposed-panels/esphome-panel.yaml | 4 +- http/exposed-panels/esxi-system.yaml | 2 +- http/exposed-panels/eventum-panel.yaml | 4 +- .../exposed-panels/evlink/evse-web-panel.yaml | 4 +- .../exposed-panels/exagrid-manager-panel.yaml | 4 +- http/exposed-panels/extron-cms-panel.yaml | 4 +- .../f-secure-policy-manager.yaml | 2 +- .../filebrowser-login-panel.yaml | 4 +- http/exposed-panels/fiori-launchpad.yaml | 4 +- http/exposed-panels/fiorilaunchpad-logon.yaml | 2 +- .../fireware-xtm-user-authentication.yaml | 2 +- http/exposed-panels/flink-exposure.yaml | 2 +- http/exposed-panels/forcepoint.yaml | 2 +- http/exposed-panels/forti/fortiadc-panel.yaml | 4 +- .../fortinet/fortiap-panel.yaml | 4 +- .../fortinet/fortiauthenticator-detect.yaml | 4 +- .../fortinet/forticlientems-panel.yaml | 2 +- .../fortinet/fortimail-panel.yaml | 2 +- .../fortinet/fortinet-fortiddos-panel.yaml | 4 +- .../fortinet/fortinet-fortimanager-panel.yaml | 2 +- .../fortinet/fortinet-fortinac-panel.yaml | 4 +- .../fortinet/fortios-management-panel.yaml | 4 +- .../fortinet/fortios-panel.yaml | 4 +- .../fortinet/fortitester-login-panel.yaml | 4 +- .../fortinet/fortiweb-panel.yaml | 2 +- .../fortinet/fortiwlm-panel.yaml | 2 +- http/exposed-panels/freeipa-panel.yaml | 2 +- .../freepbx-administration-panel.yaml | 4 +- http/exposed-panels/friendica-panel.yaml | 4 +- .../froxlor-management-panel.yaml | 4 +- http/exposed-panels/ftm-manager-panel.yaml | 4 +- http/exposed-panels/fuelcms-panel.yaml | 2 +- .../fusionauth-admin-panel.yaml | 4 +- .../exposed-panels/geoserver-login-panel.yaml | 4 +- http/exposed-panels/gerapy-detect.yaml | 2 +- .../git-repository-browser.yaml | 4 +- http/exposed-panels/gitblit-panel.yaml | 4 +- http/exposed-panels/gitea-login.yaml | 2 +- .../github-enterprise-detect.yaml | 4 +- http/exposed-panels/gitlab-detect.yaml | 2 +- http/exposed-panels/globalprotect-panel.yaml | 2 +- http/exposed-panels/glpi-panel.yaml | 4 +- http/exposed-panels/gnu-mailman.yaml | 4 +- http/exposed-panels/goanywhere-mft-login.yaml | 2 +- http/exposed-panels/gocd-login.yaml | 2 +- http/exposed-panels/gogs-panel.yaml | 4 +- http/exposed-panels/gotify-panel.yaml | 4 +- .../gradle/gradle-enterprise-panel.yaml | 2 +- http/exposed-panels/grafana-detect.yaml | 2 +- http/exposed-panels/graylog-panel.yaml | 2 +- http/exposed-panels/greenbone-panel.yaml | 4 +- http/exposed-panels/h2console-panel.yaml | 2 +- http/exposed-panels/hadoop-exposure.yaml | 2 +- .../haivision-gateway-panel.yaml | 2 +- .../haivision-media-platform-panel.yaml | 3 +- http/exposed-panels/hangfire-dashboard.yaml | 4 +- http/exposed-panels/harbor-panel.yaml | 4 +- .../hashicorp-consul-agent.yaml | 2 +- .../hashicorp-consul-webgui.yaml | 2 +- http/exposed-panels/hestia-panel.yaml | 4 +- http/exposed-panels/highmail-admin-panel.yaml | 2 +- http/exposed-panels/hmc-hybris-panel.yaml | 2 +- http/exposed-panels/homematic-panel.yaml | 2 +- .../hospital-management-panel.yaml | 2 +- http/exposed-panels/hp-ilo-5.yaml | 2 +- http/exposed-panels/hp-service-manager.yaml | 2 +- .../hybris-administration-console.yaml | 4 +- http/exposed-panels/hydra-dashboard.yaml | 4 +- http/exposed-panels/ibm/ibm-dcec-panel.yaml | 2 +- .../ibm/ibm-decision-server-console.yaml | 2 +- http/exposed-panels/ibm/ibm-maximo-login.yaml | 4 +- .../ibm/ibm-mqseries-web-console.yaml | 2 +- http/exposed-panels/ibm/ibm-note-login.yaml | 2 +- http/exposed-panels/ibm/ibm-odm-panel.yaml | 2 +- .../ibm/ibm-security-access-manager.yaml | 2 +- .../ibm/ibm-websphere-admin-panel.yaml | 4 +- .../ibm/ibm-websphere-panel.yaml | 2 +- http/exposed-panels/icewarp-panel-detect.yaml | 4 +- http/exposed-panels/icinga-web-login.yaml | 2 +- .../ictprotege-login-panel.yaml | 4 +- .../identity-services-engine.yaml | 2 +- http/exposed-panels/ilch-admin-panel.yaml | 4 +- http/exposed-panels/ilias-panel.yaml | 4 +- .../incapptic-connect-panel.yaml | 2 +- http/exposed-panels/influxdb-panel.yaml | 2 +- http/exposed-panels/intelbras-panel.yaml | 4 +- .../exposed-panels/intellian-aptus-panel.yaml | 2 +- http/exposed-panels/itop-panel.yaml | 2 +- .../ivanti-connect-secure-panel.yaml | 4 +- http/exposed-panels/jaspersoft-panel.yaml | 2 +- .../jboss/jboss-jbpm-admin.yaml | 4 +- http/exposed-panels/jboss/jboss-juddi.yaml | 4 +- .../jboss/jboss-soa-platform.yaml | 4 +- http/exposed-panels/jboss/jmx-console.yaml | 2 +- http/exposed-panels/jboss/wildfly-panel.yaml | 2 +- http/exposed-panels/jcms-panel.yaml | 4 +- http/exposed-panels/jedox-web-panel.yaml | 4 +- http/exposed-panels/jeedom-panel.yaml | 2 +- http/exposed-panels/jenkins-api-panel.yaml | 2 +- http/exposed-panels/jenkins-login.yaml | 2 +- http/exposed-panels/joomla-panel.yaml | 2 +- http/exposed-panels/juniper-panel.yaml | 2 +- http/exposed-panels/kafka-center-login.yaml | 2 +- .../kafka-consumer-monitor.yaml | 2 +- http/exposed-panels/kafka-monitoring.yaml | 2 +- http/exposed-panels/kafka-topics-ui.yaml | 2 +- http/exposed-panels/kanboard-login.yaml | 4 +- http/exposed-panels/keycloak-admin-panel.yaml | 4 +- http/exposed-panels/kibana-panel.yaml | 2 +- http/exposed-panels/kiteworks-pcn-panel.yaml | 4 +- http/exposed-panels/kiwitcms-login.yaml | 2 +- http/exposed-panels/koel-panel.yaml | 30 ++++----- http/exposed-panels/konga-panel.yaml | 2 +- http/exposed-panels/kopano-webapp-panel.yaml | 2 +- http/exposed-panels/kubernetes-dashboard.yaml | 2 +- .../kubernetes-enterprise-manager.yaml | 2 +- http/exposed-panels/kubernetes-web-view.yaml | 4 +- http/exposed-panels/kubeview-dashboard.yaml | 4 +- http/exposed-panels/labkey-server-login.yaml | 4 +- http/exposed-panels/labtech-panel.yaml | 2 +- http/exposed-panels/lansweeper-login.yaml | 4 +- http/exposed-panels/lenovo-fp-panel.yaml | 4 +- http/exposed-panels/librenms-login.yaml | 2 +- http/exposed-panels/liferay-portal.yaml | 4 +- http/exposed-panels/linkerd-panel.yaml | 4 +- http/exposed-panels/linshare-panel.yaml | 2 +- .../livehelperchat-admin-panel.yaml | 4 +- .../exposed-panels/livezilla-login-panel.yaml | 2 +- http/exposed-panels/lockself-panel.yaml | 2 +- http/exposed-panels/magento-admin-panel.yaml | 4 +- .../magento-downloader-panel.yaml | 4 +- http/exposed-panels/mantisbt-panel.yaml | 4 +- http/exposed-panels/matomo-login-portal.yaml | 2 +- http/exposed-panels/memos-panel.yaml | 4 +- http/exposed-panels/meshcentral-login.yaml | 2 +- http/exposed-panels/metabase-panel.yaml | 2 +- http/exposed-panels/metasploit-panel.yaml | 4 +- .../exposed-panels/metasploit-setup-page.yaml | 4 +- http/exposed-panels/metersphere-login.yaml | 2 +- http/exposed-panels/mfiles-web-detect.yaml | 4 +- .../microfocus-admin-server.yaml | 4 +- .../exposed-panels/microfocus-filr-panel.yaml | 4 +- .../exposed-panels/microfocus-vibe-panel.yaml | 4 +- .../microsoft-exchange-panel.yaml | 2 +- .../mikrotik/mikrotik-routeros-old.yaml | 4 +- .../mikrotik/mikrotik-routeros.yaml | 2 +- http/exposed-panels/mini-start-page.yaml | 2 +- http/exposed-panels/minio-browser.yaml | 2 +- http/exposed-panels/misp-panel.yaml | 4 +- http/exposed-panels/mitel-panel-detect.yaml | 4 +- http/exposed-panels/modoboa-panel.yaml | 4 +- http/exposed-panels/monstra-admin-panel.yaml | 4 +- .../moodle-workplace-panel.yaml | 2 +- http/exposed-panels/movable-type-login.yaml | 2 +- .../ms-exchange-web-service.yaml | 4 +- http/exposed-panels/mybb-forum-detect.yaml | 4 +- .../mybb/mybb-forum-install.yaml | 4 +- http/exposed-panels/nagios-panel.yaml | 4 +- http/exposed-panels/nagios-xi-panel.yaml | 4 +- http/exposed-panels/nagvis-panel.yaml | 4 +- http/exposed-panels/neo4j-browser.yaml | 2 +- .../neocase-hrportal-panel.yaml | 28 ++++----- http/exposed-panels/nessus-panel.yaml | 4 +- .../netdata-dashboard-detected.yaml | 2 +- http/exposed-panels/netdata-panel.yaml | 2 +- http/exposed-panels/netflix-conductor-ui.yaml | 2 +- http/exposed-panels/netscaler-aaa-login.yaml | 2 +- http/exposed-panels/netscaler-gateway.yaml | 2 +- http/exposed-panels/nexus-panel.yaml | 28 ++++----- http/exposed-panels/nginx-ui-dashboard.yaml | 4 +- http/exposed-panels/nzbget-panel.yaml | 4 +- http/exposed-panels/ocomon-panel.yaml | 4 +- http/exposed-panels/octoprint-login.yaml | 2 +- .../exposed-panels/odoo-database-manager.yaml | 4 +- http/exposed-panels/odoo-panel.yaml | 4 +- http/exposed-panels/office-webapps-panel.yaml | 4 +- http/exposed-panels/oipm-detect.yaml | 2 +- .../onlyoffice-login-panel.yaml | 4 +- .../open-stack-dashboard-login.yaml | 2 +- http/exposed-panels/openam-panel.yaml | 2 +- http/exposed-panels/opencart-panel.yaml | 4 +- http/exposed-panels/opencats-panel.yaml | 4 +- http/exposed-panels/openemr-detect.yaml | 2 +- http/exposed-panels/openerp-database.yaml | 2 +- http/exposed-panels/openfire-admin-panel.yaml | 4 +- http/exposed-panels/opennms-web-console.yaml | 2 +- http/exposed-panels/opensis-panel.yaml | 2 +- http/exposed-panels/openvas-panel.yaml | 28 ++++----- http/exposed-panels/openvpn-admin.yaml | 4 +- http/exposed-panels/openvpn-connect.yaml | 4 +- .../openvpn-router-management.yaml | 4 +- http/exposed-panels/openwrt-login.yaml | 2 +- .../openwrt/openwrt-luci-panel.yaml | 2 +- http/exposed-panels/openx-panel.yaml | 4 +- http/exposed-panels/opinio-panel.yaml | 2 +- .../oracle-business-control.yaml | 2 +- .../oracle-business-intelligence.yaml | 4 +- .../oracle-enterprise-manager-login.yaml | 2 +- .../oracle-people-enterprise.yaml | 2 +- http/exposed-panels/orchid-vms-panel.yaml | 2 +- http/exposed-panels/osticket-panel.yaml | 4 +- .../osticket/osticket-install.yaml | 4 +- http/exposed-panels/pahtool-panel.yaml | 2 +- http/exposed-panels/pairdrop-panel.yaml | 28 ++++----- http/exposed-panels/pandora-fms-console.yaml | 2 +- http/exposed-panels/papercut-ng-panel.yaml | 4 +- .../parallels/parallels-hsphere-detect.yaml | 4 +- http/exposed-panels/parse-dashboard.yaml | 4 +- http/exposed-panels/passbolt-panel.yaml | 3 +- http/exposed-panels/pega-web-panel.yaml | 4 +- http/exposed-panels/pfsense-login.yaml | 2 +- http/exposed-panels/phabricator-login.yaml | 2 +- http/exposed-panels/phoronix-pane.yaml | 2 +- http/exposed-panels/phpcollab-panel.yaml | 2 +- http/exposed-panels/phpmyadmin-panel.yaml | 4 +- http/exposed-panels/phppgadmin-panel.yaml | 4 +- http/exposed-panels/piwigo-panel.yaml | 4 +- http/exposed-panels/planet-estream-panel.yaml | 4 +- http/exposed-panels/plesk-obsidian-login.yaml | 4 +- http/exposed-panels/plesk-onyx-login.yaml | 4 +- http/exposed-panels/polycom-admin-detect.yaml | 2 +- http/exposed-panels/portainer-panel.yaml | 4 +- http/exposed-panels/posthog-admin-panel.yaml | 4 +- http/exposed-panels/powerlogic-ion.yaml | 2 +- http/exposed-panels/pritunl-panel.yaml | 4 +- http/exposed-panels/processwire-login.yaml | 4 +- .../exposed-panels/project-insight-login.yaml | 2 +- http/exposed-panels/projectsend-login.yaml | 2 +- .../prometheus-exposed-panel.yaml | 2 +- .../proofpoint-protection-server-panel.yaml | 4 +- http/exposed-panels/proxmox-panel.yaml | 4 +- http/exposed-panels/pulsar-admin-console.yaml | 4 +- http/exposed-panels/pulsar-adminui-panel.yaml | 4 +- http/exposed-panels/pure-storage-login.yaml | 2 +- http/exposed-panels/pyload-panel.yaml | 4 +- http/exposed-panels/qBittorrent-panel.yaml | 4 +- http/exposed-panels/qdpm-login-panel.yaml | 4 +- http/exposed-panels/qlik-sense-server.yaml | 4 +- http/exposed-panels/qmail-admin-login.yaml | 4 +- .../qnap/qnap-photostation-panel.yaml | 4 +- http/exposed-panels/qnap/qnap-qts-panel.yaml | 4 +- .../exposed-panels/quantum-scalar-detect.yaml | 2 +- http/exposed-panels/rabbitmq-dashboard.yaml | 2 +- http/exposed-panels/rancher-dashboard.yaml | 4 +- http/exposed-panels/rancher-panel.yaml | 4 +- http/exposed-panels/rdweb-panel.yaml | 4 +- http/exposed-panels/redash-panel.yaml | 2 +- http/exposed-panels/redmine-panel.yaml | 26 ++++---- .../exposed-panels/repetier-server-panel.yaml | 2 +- .../exposed-panels/reportico-admin-panel.yaml | 4 +- http/exposed-panels/rocketchat-panel.yaml | 2 +- .../rocketmq-console-exposure.yaml | 4 +- http/exposed-panels/roxy-fileman.yaml | 4 +- .../ruckus-unleashed-panel.yaml | 2 +- .../ruckus-wireless-admin-login.yaml | 4 +- http/exposed-panels/ruijie/rg-uac-panel.yaml | 2 +- http/exposed-panels/sage-panel.yaml | 2 +- http/exposed-panels/samba-swat-panel.yaml | 2 +- .../samsung-printer-detect.yaml | 2 +- http/exposed-panels/sap-netweaver-portal.yaml | 2 +- .../sap-successfactors-detect.yaml | 4 +- http/exposed-panels/sapfiori-panel.yaml | 2 +- http/exposed-panels/sas-login-panel.yaml | 4 +- .../sauter-moduwebvision-panel.yaml | 4 +- http/exposed-panels/seafile-panel.yaml | 4 +- http/exposed-panels/seagate-nas-login.yaml | 4 +- http/exposed-panels/security-onion-panel.yaml | 4 +- http/exposed-panels/seeddms-panel.yaml | 2 +- http/exposed-panels/sentry-panel.yaml | 4 +- .../servicedesk-login-panel.yaml | 2 +- http/exposed-panels/servicenow-panel.yaml | 4 +- http/exposed-panels/shardingsphere-panel.yaml | 4 +- http/exposed-panels/sharefile-panel.yaml | 4 +- http/exposed-panels/shell-box.yaml | 4 +- http/exposed-panels/sidekiq-dashboard.yaml | 2 +- http/exposed-panels/sitefinity-login.yaml | 2 +- http/exposed-panels/siteomat-login.yaml | 2 +- http/exposed-panels/skeepers-panel.yaml | 28 ++++----- http/exposed-panels/skycaiji-admin-panel.yaml | 2 +- http/exposed-panels/softether-vpn-panel.yaml | 2 +- .../solarview-compact-panel.yaml | 4 +- http/exposed-panels/solarwinds-arm-panel.yaml | 4 +- http/exposed-panels/solarwinds-orion.yaml | 2 +- .../solarwinds-servuftp-detect.yaml | 2 +- http/exposed-panels/solr-panel-exposure.yaml | 4 +- http/exposed-panels/sonarqube-login.yaml | 2 +- .../sonic-wall-application.yaml | 4 +- http/exposed-panels/sonic-wall-login.yaml | 4 +- .../sonicwall-analyzer-login.yaml | 4 +- .../sonicwall-management-panel.yaml | 2 +- .../sonicwall-sslvpn-panel.yaml | 2 +- .../sophos-fw-version-detect.yaml | 4 +- http/exposed-panels/sophos-mobile-panel.yaml | 2 +- http/exposed-panels/sophos-web-appliance.yaml | 4 +- .../exposed-panels/spacelogic-cbus-panel.yaml | 2 +- http/exposed-panels/spark-panel.yaml | 4 +- http/exposed-panels/sphider-login.yaml | 2 +- .../splunk-enterprise-panel.yaml | 2 +- http/exposed-panels/spotweb-login-panel.yaml | 4 +- http/exposed-panels/sql-monitor.yaml | 2 +- http/exposed-panels/squirrelmail-login.yaml | 2 +- http/exposed-panels/strapi-documentation.yaml | 2 +- http/exposed-panels/strapi-panel.yaml | 2 +- http/exposed-panels/structurizr-panel.yaml | 2 +- http/exposed-panels/subrion-login.yaml | 2 +- http/exposed-panels/sugarcrm-panel.yaml | 2 +- http/exposed-panels/superset-login.yaml | 4 +- .../symantec/symantec-dlp-login.yaml | 2 +- .../symantec/symantec-epm-login.yaml | 2 +- .../symantec/symantec-iam-console.yaml | 2 +- http/exposed-panels/syncserver-panel.yaml | 4 +- http/exposed-panels/syncthru-web-service.yaml | 4 +- http/exposed-panels/sysaid-panel.yaml | 2 +- .../tableau-service-manager.yaml | 4 +- http/exposed-panels/tautulli-panel.yaml | 4 +- http/exposed-panels/teamcity-login-panel.yaml | 4 +- http/exposed-panels/teampass-panel.yaml | 4 +- .../telesquare/tlr-2005ksh-login.yaml | 4 +- http/exposed-panels/teradici-pcoip-panel.yaml | 2 +- .../terraform-enterprise-panel.yaml | 2 +- .../thinfinity-virtualui-panel.yaml | 2 +- http/exposed-panels/thruk-login.yaml | 2 +- http/exposed-panels/tikiwiki-cms.yaml | 2 +- .../tomcat/tomcat-exposed-docs.yaml | 2 +- http/exposed-panels/totemomail-panel.yaml | 4 +- http/exposed-panels/tracer-sc-login.yaml | 2 +- http/exposed-panels/traefik-dashboard.yaml | 4 +- .../trendnet/trendnet-tew827dru-login.yaml | 2 +- .../tufin-securetrack-login.yaml | 2 +- http/exposed-panels/typo3-login.yaml | 2 +- http/exposed-panels/umbraco-login.yaml | 4 +- .../unauth/tautulli-unauth.yaml | 4 +- http/exposed-panels/untangle-admin-login.yaml | 4 +- http/exposed-panels/vault-panel.yaml | 4 +- http/exposed-panels/veeam-panel.yaml | 4 +- .../exposed-panels/virtua-software-panel.yaml | 4 +- .../exposed-panels/vmware-cloud-director.yaml | 4 +- http/exposed-panels/vmware-horizon-daas.yaml | 4 +- http/exposed-panels/vmware-horizon-panel.yaml | 2 +- .../vmware-vcenter-converter-standalone.yaml | 4 +- .../vmware-vcloud-director.yaml | 4 +- http/exposed-panels/voipmonitor-panel.yaml | 2 +- .../vrealize-loginsight-panel.yaml | 4 +- http/exposed-panels/vue-pacs-panel.yaml | 4 +- http/exposed-panels/wagtail-cms-detect.yaml | 4 +- http/exposed-panels/watchguard-panel.yaml | 2 +- http/exposed-panels/wazuh-panel.yaml | 2 +- http/exposed-panels/wd-mycloud-panel.yaml | 4 +- http/exposed-panels/web-viewer-panel.yaml | 4 +- .../webeditors-check-detect.yaml | 2 +- http/exposed-panels/weblogic-login.yaml | 2 +- .../exposed-panels/weblogic-uddiexplorer.yaml | 2 +- http/exposed-panels/webmin-panel.yaml | 2 +- http/exposed-panels/webtitan-cloud-panel.yaml | 4 +- .../webtransfer-client-panel.yaml | 26 ++++---- http/exposed-panels/webuzo-admin-panel.yaml | 4 +- http/exposed-panels/weiphp-panel.yaml | 4 +- http/exposed-panels/whm-login-detect.yaml | 2 +- http/exposed-panels/wordpress-login.yaml | 2 +- http/exposed-panels/workspace-one-uem.yaml | 4 +- .../wowza-streaming-engine.yaml | 2 +- .../wso2-management-console.yaml | 2 +- http/exposed-panels/xeams-admin-console.yaml | 4 +- http/exposed-panels/xenmobile-login.yaml | 2 +- .../xoops/xoops-installation-wizard.yaml | 2 +- http/exposed-panels/xvr-login.yaml | 2 +- http/exposed-panels/xxljob-panel.yaml | 4 +- .../exposed-panels/yarn-manager-exposure.yaml | 2 +- http/exposed-panels/yzmcms-panel.yaml | 2 +- http/exposed-panels/zabbix-server-login.yaml | 2 +- .../zblog-exposed-admin-panel.yaml | 4 +- http/exposed-panels/zenario-login-panel.yaml | 2 +- http/exposed-panels/zentao-detect.yaml | 2 +- http/exposed-panels/zeroshell-login.yaml | 2 +- http/exposed-panels/zimbra-web-client.yaml | 4 +- http/exposed-panels/zimbra-web-login.yaml | 4 +- .../zoho/manageengine-adaudit.yaml | 4 +- .../zoho/manageengine-adselfservice.yaml | 4 +- .../zoho/manageengine-analytics.yaml | 2 +- .../zoho/manageengine-apex-helpdesk.yaml | 2 +- .../manageengine-applications-manager.yaml | 2 +- .../zoho/manageengine-assetexplorer.yaml | 2 +- .../zoho/manageengine-desktop.yaml | 2 +- .../zoho/manageengine-network-config.yaml | 4 +- .../zoho/manageengine-opmanager.yaml | 2 +- .../zoho/manageengine-servicedesk.yaml | 2 +- .../zoho/manageengine-supportcenter.yaml | 2 +- http/exposed-panels/zoneminder-login.yaml | 2 +- http/exposed-panels/zyxel-router-panel.yaml | 4 +- .../zyxel/zyxel-vmg1312b10d-login.yaml | 4 +- http/exposures/apis/swagger-api.yaml | 2 +- .../configs/sphinxsearch-config.yaml | 2 +- http/exposures/files/ds-store-file.yaml | 2 +- http/exposures/files/generic-db.yaml | 62 +++++++++---------- http/exposures/logs/teampass-ldap.yaml | 2 +- http/fuzzing/wordpress-plugins-detect.yaml | 2 +- .../maxforwards-headers-detect.yaml | 32 +++++----- .../cloudflare-rocketloader-htmli.yaml | 2 +- .../sap/sap-public-admin.yaml | 5 +- http/osint/phishing/1password-phish.yaml | 19 +++--- http/osint/phishing/adobe-phish.yaml | 19 +++--- http/osint/phishing/aliexpress-phish.yaml | 19 +++--- http/osint/phishing/amazon-phish.yaml | 21 ++++--- .../phishing/amazon-web-services-phish.yaml | 19 +++--- .../phishing/american-express-phish.yaml | 19 +++--- http/osint/phishing/anydesk-phish.yaml | 19 +++--- http/osint/phishing/avast-phish.yaml | 19 +++--- http/osint/phishing/avg-phish.yaml | 19 +++--- .../osint/phishing/bank-of-america-phish.yaml | 19 +++--- http/osint/phishing/battlenet-phish.yaml | 19 +++--- http/osint/phishing/bestbuy-phish.yaml | 19 +++--- http/osint/phishing/bitdefender-phish.yaml | 19 +++--- http/osint/phishing/bitwarden-phish.yaml | 19 +++--- http/osint/phishing/blender-phish.yaml | 19 +++--- http/osint/phishing/booking-phish.yaml | 19 +++--- http/osint/phishing/box-storage-phish.yaml | 19 +++--- http/osint/phishing/brave-phish.yaml | 19 +++--- http/osint/phishing/brighthr-phish.yaml | 19 +++--- http/osint/phishing/ccleaner-phish.yaml | 19 +++--- http/osint/phishing/chase-phish.yaml | 19 +++--- http/osint/phishing/chrome-phish.yaml | 19 +++--- http/osint/phishing/costa-phish.yaml | 19 +++--- http/osint/phishing/dashlane-phish.yaml | 19 +++--- http/osint/phishing/deezer-phish.yaml | 19 +++--- http/osint/phishing/deliveroo-phish.yaml | 19 +++--- http/osint/phishing/digital-ocean-phish.yaml | 19 +++--- http/osint/phishing/discord-phish.yaml | 19 +++--- http/osint/phishing/disneyplus-phish.yaml | 19 +++--- http/osint/phishing/dropbox-phish.yaml | 19 +++--- http/osint/phishing/duckduckgo-phish.yaml | 19 +++--- http/osint/phishing/ebay-phish.yaml | 19 +++--- http/osint/phishing/edge-phish.yaml | 19 +++--- http/osint/phishing/ee-mobile-phish.yaml | 19 +++--- http/osint/phishing/eset-phish.yaml | 19 +++--- http/osint/phishing/evernote-phish.yaml | 19 +++--- http/osint/phishing/facebook-phish.yaml | 19 +++--- http/osint/phishing/figma-phish.yaml | 19 +++--- http/osint/phishing/filezilla-phish.yaml | 19 +++--- http/osint/phishing/firefox-phish.yaml | 19 +++--- http/osint/phishing/gimp-phish.yaml | 19 +++--- http/osint/phishing/github-phish.yaml | 19 +++--- http/osint/phishing/google-phish.yaml | 19 +++--- http/osint/phishing/icloud-phish.yaml | 19 +++--- http/osint/phishing/instagram-phish.yaml | 19 +++--- http/osint/phishing/kakao-login-phish.yaml | 21 ++++--- http/osint/phishing/kaspersky-phish.yaml | 19 +++--- http/osint/phishing/kayak-phish.yaml | 19 +++--- http/osint/phishing/keepass-phish.yaml | 19 +++--- http/osint/phishing/keepersecurity-phish.yaml | 19 +++--- http/osint/phishing/keybase-phish.yaml | 19 +++--- http/osint/phishing/lastpass-phish.yaml | 19 +++--- http/osint/phishing/libre-office-phish.yaml | 19 +++--- http/osint/phishing/linkedin-phish.yaml | 19 +++--- http/osint/phishing/malwarebytes-phish.yaml | 19 +++--- http/osint/phishing/mcafee-phish.yaml | 19 +++--- http/osint/phishing/mega-phish.yaml | 19 +++--- http/osint/phishing/messenger-phish.yaml | 19 +++--- http/osint/phishing/microcenter-phish.yaml | 19 +++--- http/osint/phishing/microsoft-phish.yaml | 21 ++++--- .../osint/phishing/microsoft-teams-phish.yaml | 19 +++--- http/osint/phishing/naver-login-phish.yaml | 21 ++++--- http/osint/phishing/netflix-phish.yaml | 19 +++--- http/osint/phishing/nordpass-phish.yaml | 19 +++--- http/osint/phishing/norton-phish.yaml | 19 +++--- http/osint/phishing/notion-phish.yaml | 19 +++--- http/osint/phishing/o2-mobile-phish.yaml | 19 +++--- http/osint/phishing/openai-phish.yaml | 19 +++--- http/osint/phishing/opera-phish.yaml | 19 +++--- http/osint/phishing/paramountplus-phish.yaml | 19 +++--- http/osint/phishing/paypal-phish.yaml | 19 +++--- http/osint/phishing/pcloud-phish.yaml | 19 +++--- http/osint/phishing/pintrest-phish.yaml | 19 +++--- http/osint/phishing/plusnet-phish.yaml | 19 +++--- http/osint/phishing/proton-phish.yaml | 19 +++--- http/osint/phishing/putty-phish.yaml | 19 +++--- http/osint/phishing/python-phish.yaml | 19 +++--- http/osint/phishing/quora-phish.yaml | 19 +++--- http/osint/phishing/reddit-phish.yaml | 19 +++--- http/osint/phishing/roblox-phish.yaml | 19 +++--- http/osint/phishing/roboform-phish.yaml | 19 +++--- http/osint/phishing/royal-mail-phish.yaml | 19 +++--- http/osint/phishing/samsung-phish.yaml | 19 +++--- http/osint/phishing/signal-phish.yaml | 19 +++--- http/osint/phishing/sky-phish.yaml | 19 +++--- http/osint/phishing/skype-phish.yaml | 19 +++--- http/osint/phishing/skyscanner-phish.yaml | 19 +++--- http/osint/phishing/slack-phish.yaml | 19 +++--- http/osint/phishing/sophos-phish.yaml | 19 +++--- http/osint/phishing/spotify-phish.yaml | 19 +++--- http/osint/phishing/steam-phish.yaml | 19 +++--- http/osint/phishing/sync-storage-phish.yaml | 19 +++--- http/osint/phishing/target-phish.yaml | 19 +++--- http/osint/phishing/teamviewer-phish.yaml | 19 +++--- http/osint/phishing/telegram-phish.yaml | 19 +++--- http/osint/phishing/three-mobile-phish.yaml | 19 +++--- http/osint/phishing/thunderbird-phish.yaml | 19 +++--- http/osint/phishing/ticketmaster-phish.yaml | 19 +++--- http/osint/phishing/tiktok-phish.yaml | 19 +++--- http/osint/phishing/trading212-phish.yaml | 19 +++--- http/osint/phishing/trend-micro-phish.yaml | 19 +++--- http/osint/phishing/trip-phish.yaml | 19 +++--- http/osint/phishing/twitch-phish.yaml | 19 +++--- http/osint/phishing/uber-phish.yaml | 19 +++--- .../phishing/visual-studio-code-phish.yaml | 19 +++--- http/osint/phishing/vlc-player-phish.yaml | 19 +++--- http/osint/phishing/vodafone-phish.yaml | 19 +++--- http/osint/phishing/vultr-phish.yaml | 19 +++--- http/osint/phishing/walmart-phish.yaml | 19 +++--- http/osint/phishing/wetransfer-phish.yaml | 19 +++--- http/osint/phishing/whatsapp-phish.yaml | 19 +++--- http/osint/phishing/wikipedia-phish.yaml | 19 +++--- http/osint/phishing/winscp-phish.yaml | 19 +++--- http/osint/phishing/yahoo-phish.yaml | 19 +++--- http/osint/phishing/zoom-phish.yaml | 19 +++--- http/technologies/admiralcloud-detect.yaml | 28 ++++----- http/technologies/arcgis-rest-api.yaml | 2 +- http/technologies/arcgis-tokens.yaml | 4 +- http/technologies/directus-detect.yaml | 2 +- http/technologies/hcpanywhere-detect.yaml | 2 +- http/technologies/ibm/ibm-odm-detect.yaml | 2 +- .../microsoft/aspnet-version-detect.yaml | 4 +- .../aspnetmvc-version-disclosure.yaml | 4 +- http/technologies/pexip-detect.yaml | 28 ++++----- .../technologies/wing-ftp-service-detect.yaml | 2 +- .../apache-druid-kafka-connect-rce.yaml | 4 +- .../chanjet-tplus-unauth-passreset.yaml | 2 +- .../dahua/dahua-bitmap-fileupload.yaml | 3 +- .../landray/landray-eis-ws-infoleak.yaml | 2 +- http/vulnerabilities/lucee-rce.yaml | 2 +- .../other/glodon-linkworks-sqli.yaml | 2 +- .../other/lucee-unset-credentials.yaml | 2 +- .../other/ups-network-lfi.yaml | 4 +- .../ruijie/ruijie-rg-eg-web-mis-rce.yaml | 5 +- javascript/audit/mysql/mysql-load-file.yaml | 4 +- javascript/cves/2016/CVE-2016-8706.yaml | 2 +- javascript/cves/2023/CVE-2023-34039.yaml | 5 +- .../mysql/mysql-default-login.yaml | 3 +- javascript/enumeration/mysql/mysql-info.yaml | 4 +- .../mysql/mysql-show-databases.yaml | 4 +- .../mysql/mysql-show-variables.yaml | 3 +- .../enumeration/mysql/mysql-user-enum.yaml | 6 +- .../enumeration/smb/smb-default-creds.yaml | 2 +- .../enumeration/smb/smb-enum-domains.yaml | 3 +- javascript/enumeration/smb/smb-os-detect.yaml | 2 +- .../enumeration/smb/smb-version-detect.yaml | 2 +- .../enumeration/smb/smb2-server-time.yaml | 4 +- .../mysql/mysql-empty-password.yaml | 3 +- network/cves/2017/CVE-2017-5645.yaml | 2 +- network/cves/2018/CVE-2018-2628.yaml | 2 +- network/cves/2018/CVE-2018-2893.yaml | 2 +- network/cves/2020/CVE-2020-11981.yaml | 2 +- network/cves/2020/CVE-2020-1938.yaml | 2 +- network/cves/2020/CVE-2020-7247.yaml | 2 +- network/detection/redis-detect.yaml | 3 +- 2095 files changed, 5401 insertions(+), 4462 deletions(-) diff --git a/code/cves/2019/CVE-2019-14287.yaml b/code/cves/2019/CVE-2019-14287.yaml index 2a8c21ffbb3..2264514cb6e 100644 --- a/code/cves/2019/CVE-2019-14287.yaml +++ b/code/cves/2019/CVE-2019-14287.yaml @@ -17,15 +17,15 @@ info: cvss-score: 8.8 cve-id: CVE-2019-14287 cwe-id: CWE-755 - epss-score: 0.34299 - epss-percentile: 0.96958 + epss-score: 0.30814 + epss-percentile: 0.96854 cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: sudo_project product: sudo - tags: cve,cve2019,sudo,code,linux,privesc,local,canonical + tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical self-contained: true code: diff --git a/code/cves/2021/CVE-2021-3156.yaml b/code/cves/2021/CVE-2021-3156.yaml index ff8dab6fe85..e5765959b03 100644 --- a/code/cves/2021/CVE-2021-3156.yaml +++ b/code/cves/2021/CVE-2021-3156.yaml @@ -18,13 +18,13 @@ info: cve-id: CVE-2021-3156 cwe-id: CWE-193 epss-score: 0.97085 - epss-percentile: 0.99752 + epss-percentile: 0.99757 cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* metadata: verified: true vendor: sudo_project product: sudo - tags: cve,cve2021,sudo,code,linux,privesc,local,kev + tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev self-contained: true code: diff --git a/code/cves/2023/CVE-2023-2640.yaml b/code/cves/2023/CVE-2023-2640.yaml index ea23ad4579f..31f4a41452f 100644 --- a/code/cves/2023/CVE-2023-2640.yaml +++ b/code/cves/2023/CVE-2023-2640.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.8 cve-id: CVE-2023-2640 cwe-id: CWE-863 - epss-score: 0.00174 - epss-percentile: 0.53697 + epss-score: 0.00232 + epss-percentile: 0.60636 cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:* metadata: verified: true diff --git a/code/cves/2023/CVE-2023-49105.yaml b/code/cves/2023/CVE-2023-49105.yaml index 85e3bf9c3da..46321a88df2 100644 --- a/code/cves/2023/CVE-2023-49105.yaml +++ b/code/cves/2023/CVE-2023-49105.yaml @@ -10,20 +10,22 @@ info: - https://owncloud.com/security-advisories/webdav-api-authentication-bypass-using-pre-signed-urls/ - https://github.com/0xfed/ownedcloud - https://owncloud.org/security + - https://github.com/ambionics/owncloud-exploits + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-49105 cwe-id: CWE-287 + epss-score: 0.21237 + epss-percentile: 0.96302 cpe: cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:* - epss-score: 0.00091 - epss-percentile: 0.38353 metadata: max-request: 2 + vendor: owncloud product: owncloud shodan-query: title:"owncloud" tags: cve,cve2023,code,owncloud,auth-bypass - variables: username: admin diff --git a/code/cves/2023/CVE-2023-6246.yaml b/code/cves/2023/CVE-2023-6246.yaml index 25c06d08fb8..b078a391c63 100644 --- a/code/cves/2023/CVE-2023-6246.yaml +++ b/code/cves/2023/CVE-2023-6246.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.8 cve-id: CVE-2023-6246 cwe-id: CWE-787,CWE-122 - epss-score: 0.00383 - epss-percentile: 0.72435 + epss-score: 0.0077 + epss-percentile: 0.80859 cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/dns/soa-detect.yaml b/dns/soa-detect.yaml index 1d98b9fa5da..f37f21fb6e6 100644 --- a/dns/soa-detect.yaml +++ b/dns/soa-detect.yaml @@ -1,18 +1,18 @@ id: soa-detect -info: - name: SOA Record Service - Detection - author: rxerium - severity: info - description: | - Detects which domain provider a domain is using, detected through SOA records - reference: - - https://www.cloudflare.com/learning/dns/dns-records/dns-soa-record/ - metadata: - max-request: 1 - verified: true - tags: dns,soa - +info: + name: SOA Record Service - Detection + author: rxerium + severity: info + description: | + Detects which domain provider a domain is using, detected through SOA records + reference: + - https://www.cloudflare.com/learning/dns/dns-records/dns-soa-record/ + metadata: + verified: true + max-request: 1 + tags: dns,soa + dns: - name: "{{FQDN}}" diff --git a/dns/spf-record-detect.yaml b/dns/spf-record-detect.yaml index 7a9a051fd74..276b48f0464 100644 --- a/dns/spf-record-detect.yaml +++ b/dns/spf-record-detect.yaml @@ -1,15 +1,16 @@ id: spf-record-detect -info: - name: SPF Record - Detection - author: rxerium - severity: info - description: | - An SPF TXT record was detected - reference: - - https://www.mimecast.com/content/how-to-create-an-spf-txt-record - tags: dns,spf - +info: + name: SPF Record - Detection + author: rxerium + severity: info + description: | + An SPF TXT record was detected + reference: + - https://www.mimecast.com/content/how-to-create-an-spf-txt-record + metadata: + max-request: 1 + tags: dns,spf dns: - name: "{{FQDN}}" type: TXT diff --git a/dns/txt-service-detect.yaml b/dns/txt-service-detect.yaml index 17a8d5e012d..055e8cd7f7a 100644 --- a/dns/txt-service-detect.yaml +++ b/dns/txt-service-detect.yaml @@ -1,18 +1,18 @@ id: txt-service-detect -info: - name: DNS TXT Service - Detect - author: rxerium - severity: info - description: | - Finding the services companies use via their TXT records. - reference: - - https://www.abenezer.ca/blog/services-companies-use-txt-records - metadata: - max-request: 1 - verified: true - tags: dns,txt - +info: + name: DNS TXT Service - Detect + author: rxerium + severity: info + description: | + Finding the services companies use via their TXT records. + reference: + - https://www.abenezer.ca/blog/services-companies-use-txt-records + metadata: + verified: true + max-request: 1 + tags: dns,txt + dns: - name: "{{FQDN}}" type: TXT diff --git a/headless/cves/2018/CVE-2018-25031.yaml b/headless/cves/2018/CVE-2018-25031.yaml index a6ed7a6ba6c..9d85abfdd2b 100644 --- a/headless/cves/2018/CVE-2018-25031.yaml +++ b/headless/cves/2018/CVE-2018-25031.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-25031 cwe-id: CWE-20 epss-score: 0.00265 - epss-percentile: 0.65414 + epss-percentile: 0.65516 cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2000/CVE-2000-0114.yaml b/http/cves/2000/CVE-2000-0114.yaml index 687abbbafb1..d4d3dd2dfc2 100644 --- a/http/cves/2000/CVE-2000-0114.yaml +++ b/http/cves/2000/CVE-2000-0114.yaml @@ -12,13 +12,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2000-0114 - https://www.exploit-db.com/exploits/19897 - https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0114 + - https://github.com/0xPugazh/One-Liners + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2000-0114 cwe-id: NVD-CWE-Other - epss-score: 0.09258 - epss-percentile: 0.94099 + epss-score: 0.15958 + epss-percentile: 0.95829 cpe: cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2001/CVE-2001-0537.yaml b/http/cves/2001/CVE-2001-0537.yaml index 7d8eee948d7..1427f20da9a 100644 --- a/http/cves/2001/CVE-2001-0537.yaml +++ b/http/cves/2001/CVE-2001-0537.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2001-0537 - http://www.ciac.org/ciac/bulletins/l-106.shtml - https://exchange.xforce.ibmcloud.com/vulnerabilities/6749 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C cvss-score: 9.3 cve-id: CVE-2001-0537 cwe-id: CWE-287 - epss-score: 0.88063 - epss-percentile: 0.98412 + epss-score: 0.87683 + epss-percentile: 0.98569 cpe: cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2004/CVE-2004-0519.yaml b/http/cves/2004/CVE-2004-0519.yaml index 7db660b35a3..809de4301a9 100644 --- a/http/cves/2004/CVE-2004-0519.yaml +++ b/http/cves/2004/CVE-2004-0519.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2004-0519 cwe-id: NVD-CWE-Other epss-score: 0.02285 - epss-percentile: 0.88555 + epss-percentile: 0.89406 cpe: cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2004/CVE-2004-1965.yaml b/http/cves/2004/CVE-2004-1965.yaml index 7c808f1856d..b60b71fb30e 100644 --- a/http/cves/2004/CVE-2004-1965.yaml +++ b/http/cves/2004/CVE-2004-1965.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2004-1965 cwe-id: NVD-CWE-Other epss-score: 0.0113 - epss-percentile: 0.83145 + epss-percentile: 0.84351 cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2005/CVE-2005-4385.yaml b/http/cves/2005/CVE-2005-4385.yaml index e706c6eb460..3dfd6d24c94 100644 --- a/http/cves/2005/CVE-2005-4385.yaml +++ b/http/cves/2005/CVE-2005-4385.yaml @@ -13,13 +13,14 @@ info: - http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html - https://nvd.nist.gov/vuln/detail/CVE-2005-4385 - http://www.vupen.com/english/advisories/2005/2977 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2005-4385 cwe-id: NVD-CWE-Other epss-score: 0.00294 - epss-percentile: 0.65964 + epss-percentile: 0.68633 cpe: cpe:2.3:a:cofax:cofax:1.9.9c:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2007/CVE-2007-0885.yaml b/http/cves/2007/CVE-2007-0885.yaml index 6de5041c16c..d1e6d18919e 100644 --- a/http/cves/2007/CVE-2007-0885.yaml +++ b/http/cves/2007/CVE-2007-0885.yaml @@ -10,13 +10,14 @@ info: reference: - https://exchange.xforce.ibmcloud.com/vulnerabilities/32418 - https://nvd.nist.gov/vuln/detail/CVE-2007-0885 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2007-0885 cwe-id: NVD-CWE-Other epss-score: 0.0093 - epss-percentile: 0.81235 + epss-percentile: 0.82626 cpe: cpe:2.3:a:rainbow_portal:rainbow.zen:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2007/CVE-2007-3010.yaml b/http/cves/2007/CVE-2007-3010.yaml index 9a6b51be1c4..914d2240e6c 100644 --- a/http/cves/2007/CVE-2007-3010.yaml +++ b/http/cves/2007/CVE-2007-3010.yaml @@ -21,16 +21,16 @@ info: cvss-score: 10 cve-id: CVE-2007-3010 cwe-id: CWE-20 - epss-score: 0.97264 - epss-percentile: 0.99824 + epss-score: 0.97317 + epss-percentile: 0.99868 cpe: cpe:2.3:a:alcatel-lucent:omnipcx:7.1:*:enterprise:*:*:*:*:* metadata: verified: true max-request: 1 vendor: alcatel-lucent product: omnipcx - fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise" shodan-query: title:"OmniPCX for Enterprise" + fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise" tags: cve,cve2007,kev,rce,alcatel http: diff --git a/http/cves/2007/CVE-2007-4504.yaml b/http/cves/2007/CVE-2007-4504.yaml index e272c70f1f3..181fb471657 100644 --- a/http/cves/2007/CVE-2007-4504.yaml +++ b/http/cves/2007/CVE-2007-4504.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/4307 - https://exchange.xforce.ibmcloud.com/vulnerabilities/36222 - https://nvd.nist.gov/vuln/detail/CVE-2007-4504 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2007-4504 cwe-id: CWE-22 - epss-score: 0.01677 - epss-percentile: 0.86314 + epss-score: 0.02599 + epss-percentile: 0.90043 cpe: cpe:2.3:a:joomla:rsfiles:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2007/CVE-2007-4556.yaml b/http/cves/2007/CVE-2007-4556.yaml index fbc2e9b6a52..f6f3a281081 100644 --- a/http/cves/2007/CVE-2007-4556.yaml +++ b/http/cves/2007/CVE-2007-4556.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2007-4556 cwe-id: NVD-CWE-Other epss-score: 0.16469 - epss-percentile: 0.95533 + epss-percentile: 0.95873 cpe: cpe:2.3:a:opensymphony:xwork:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-1059.yaml b/http/cves/2008/CVE-2008-1059.yaml index e9256cc720e..044e2056b6b 100644 --- a/http/cves/2008/CVE-2008-1059.yaml +++ b/http/cves/2008/CVE-2008-1059.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2008-1059 cwe-id: CWE-94 epss-score: 0.01493 - epss-percentile: 0.85524 + epss-percentile: 0.86573 cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-2650.yaml b/http/cves/2008/CVE-2008-2650.yaml index 1181b629f66..f76cdcc1c53 100644 --- a/http/cves/2008/CVE-2008-2650.yaml +++ b/http/cves/2008/CVE-2008-2650.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2008-2650 cwe-id: CWE-22 epss-score: 0.06344 - epss-percentile: 0.92938 + epss-percentile: 0.93486 cpe: cpe:2.3:a:cmsimple:cmsimple:3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-4668.yaml b/http/cves/2008/CVE-2008-4668.yaml index a8dca70a0b1..a14ccefe8e6 100644 --- a/http/cves/2008/CVE-2008-4668.yaml +++ b/http/cves/2008/CVE-2008-4668.yaml @@ -14,13 +14,14 @@ info: - http://securityreason.com/securityalert/4464 - https://nvd.nist.gov/vuln/detail/CVE-2008-4668 - https://exchange.xforce.ibmcloud.com/vulnerabilities/45490 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:P/A:P cvss-score: 9 cve-id: CVE-2008-4668 cwe-id: CWE-22 epss-score: 0.01018 - epss-percentile: 0.82089 + epss-percentile: 0.83418 cpe: cpe:2.3:a:joomla:com_imagebrowser:0.1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-4764.yaml b/http/cves/2008/CVE-2008-4764.yaml index d5142e69d4a..94ca96a74e0 100644 --- a/http/cves/2008/CVE-2008-4764.yaml +++ b/http/cves/2008/CVE-2008-4764.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2008-4764 cwe-id: CWE-22 epss-score: 0.02365 - epss-percentile: 0.88742 + epss-percentile: 0.89577 cpe: cpe:2.3:a:extplorer:com_extplorer:*:rc2:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-6172.yaml b/http/cves/2008/CVE-2008-6172.yaml index 33870a93134..6ebb1fc1174 100644 --- a/http/cves/2008/CVE-2008-6172.yaml +++ b/http/cves/2008/CVE-2008-6172.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2008-6172 cwe-id: CWE-22 epss-score: 0.00509 - epss-percentile: 0.74088 + epss-percentile: 0.76096 cpe: cpe:2.3:a:weberr:rwcards:3.0.11:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-6465.yaml b/http/cves/2008/CVE-2008-6465.yaml index a4661068148..99702398f88 100644 --- a/http/cves/2008/CVE-2008-6465.yaml +++ b/http/cves/2008/CVE-2008-6465.yaml @@ -15,13 +15,14 @@ info: - https://exchange.xforce.ibmcloud.com/vulnerabilities/45254 - https://exchange.xforce.ibmcloud.com/vulnerabilities/45252 - https://nvd.nist.gov/vuln/detail/CVE-2008-6465 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2008-6465 cwe-id: CWE-79 epss-score: 0.00421 - epss-percentile: 0.71537 + epss-percentile: 0.73765 cpe: cpe:2.3:a:parallels:h-sphere:3.0.0:p9:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2008/CVE-2008-6668.yaml b/http/cves/2008/CVE-2008-6668.yaml index 3e4df909afc..5379eda0549 100644 --- a/http/cves/2008/CVE-2008-6668.yaml +++ b/http/cves/2008/CVE-2008-6668.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2008-6668 cwe-id: CWE-22 epss-score: 0.00359 - epss-percentile: 0.6932 + epss-percentile: 0.71607 cpe: cpe:2.3:a:dirk_bartley:nweb2fax:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2008/CVE-2008-7269.yaml b/http/cves/2008/CVE-2008-7269.yaml index 88ffe8b1340..bd1d307f24f 100644 --- a/http/cves/2008/CVE-2008-7269.yaml +++ b/http/cves/2008/CVE-2008-7269.yaml @@ -17,8 +17,8 @@ info: cvss-score: 5.8 cve-id: CVE-2008-7269 cwe-id: CWE-20 - epss-score: 0.01193 - epss-percentile: 0.83661 + epss-score: 0.01425 + epss-percentile: 0.86241 cpe: cpe:2.3:a:boka:siteengine:5.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2009/CVE-2009-0545.yaml b/http/cves/2009/CVE-2009-0545.yaml index d701f4d9806..cc536e4b54d 100644 --- a/http/cves/2009/CVE-2009-0545.yaml +++ b/http/cves/2009/CVE-2009-0545.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-0545 cwe-id: CWE-20 epss-score: 0.97081 - epss-percentile: 0.99724 + epss-percentile: 0.99755 cpe: cpe:2.3:a:zeroshell:zeroshell:1.0:beta1:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-0932.yaml b/http/cves/2009/CVE-2009-0932.yaml index 358ac7b2eca..c14e99c7b8c 100644 --- a/http/cves/2009/CVE-2009-0932.yaml +++ b/http/cves/2009/CVE-2009-0932.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-0932 cwe-id: CWE-22 epss-score: 0.04048 - epss-percentile: 0.91213 + epss-percentile: 0.919 cpe: cpe:2.3:a:debian:horde:3.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1151.yaml b/http/cves/2009/CVE-2009-1151.yaml index 6e247338491..ca570b9b0c4 100644 --- a/http/cves/2009/CVE-2009-1151.yaml +++ b/http/cves/2009/CVE-2009-1151.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-1151 cwe-id: CWE-94 epss-score: 0.79256 - epss-percentile: 0.97998 + epss-percentile: 0.98197 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1496.yaml b/http/cves/2009/CVE-2009-1496.yaml index 650a9a69c73..e467eec3a7b 100644 --- a/http/cves/2009/CVE-2009-1496.yaml +++ b/http/cves/2009/CVE-2009-1496.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.exploit-db.com/exploits/8367 - https://nvd.nist.gov/vuln/detail/CVE-2009-1496 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2009-1496 cwe-id: CWE-22 epss-score: 0.00802 - epss-percentile: 0.79755 + epss-percentile: 0.81288 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1558.yaml b/http/cves/2009/CVE-2009-1558.yaml index f3104505334..f46220b236b 100644 --- a/http/cves/2009/CVE-2009-1558.yaml +++ b/http/cves/2009/CVE-2009-1558.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-1558 cwe-id: CWE-22 epss-score: 0.01101 - epss-percentile: 0.82907 + epss-percentile: 0.84137 cpe: cpe:2.3:h:cisco:wvc54gca:1.00r22:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1872.yaml b/http/cves/2009/CVE-2009-1872.yaml index 1eecc7f5cc2..fea71dd80e8 100644 --- a/http/cves/2009/CVE-2009-1872.yaml +++ b/http/cves/2009/CVE-2009-1872.yaml @@ -14,13 +14,14 @@ info: - http://www.adobe.com/support/security/bulletins/apsb09-12.html - http://www.dsecrg.com/pages/vul/show.php?id=122 - https://nvd.nist.gov/vuln/detail/CVE-2009-1872 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2009-1872 cwe-id: CWE-79 epss-score: 0.37553 - epss-percentile: 0.96847 + epss-percentile: 0.97102 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2009/CVE-2009-2015.yaml b/http/cves/2009/CVE-2009-2015.yaml index 24b37e6bca6..fe25445df0c 100644 --- a/http/cves/2009/CVE-2009-2015.yaml +++ b/http/cves/2009/CVE-2009-2015.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2009-2015 cwe-id: CWE-22 epss-score: 0.01197 - epss-percentile: 0.83694 + epss-percentile: 0.84862 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-2100.yaml b/http/cves/2009/CVE-2009-2100.yaml index 5b550be3b14..83bea5b3cdd 100644 --- a/http/cves/2009/CVE-2009-2100.yaml +++ b/http/cves/2009/CVE-2009-2100.yaml @@ -12,13 +12,14 @@ info: reference: - https://www.exploit-db.com/exploits/8946 - https://nvd.nist.gov/vuln/detail/CVE-2009-2100 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2009-2100 cwe-id: CWE-22 - epss-score: 0.00629 - epss-percentile: 0.7675 + epss-score: 0.00779 + epss-percentile: 0.80973 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-3053.yaml b/http/cves/2009/CVE-2009-3053.yaml index d10eb0bcb47..fb855b6e67d 100644 --- a/http/cves/2009/CVE-2009-3053.yaml +++ b/http/cves/2009/CVE-2009-3053.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.8 cve-id: CVE-2009-3053 cwe-id: CWE-22 - epss-score: 0.00367 - epss-percentile: 0.697 + epss-score: 0.00447 + epss-percentile: 0.74489 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-3318.yaml b/http/cves/2009/CVE-2009-3318.yaml index 22733d3ebd9..91bc79834e1 100644 --- a/http/cves/2009/CVE-2009-3318.yaml +++ b/http/cves/2009/CVE-2009-3318.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2009-3318 cwe-id: CWE-22 epss-score: 0.00706 - epss-percentile: 0.78314 + epss-percentile: 0.79951 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-4679.yaml b/http/cves/2009/CVE-2009-4679.yaml index fbb3c90284e..61d48389354 100644 --- a/http/cves/2009/CVE-2009-4679.yaml +++ b/http/cves/2009/CVE-2009-4679.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-4679 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:inertialfate:com_if_nexus:1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-5114.yaml b/http/cves/2009/CVE-2009-5114.yaml index d836cf4115d..da79fb5690a 100644 --- a/http/cves/2009/CVE-2009-5114.yaml +++ b/http/cves/2009/CVE-2009-5114.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2009-5114 - http://websecurity.com.ua/2628/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/74321 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2009-5114 cwe-id: CWE-22 epss-score: 0.01329 - epss-percentile: 0.84559 + epss-percentile: 0.85735 cpe: cpe:2.3:a:iwork:webglimpse:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0467.yaml b/http/cves/2010/CVE-2010-0467.yaml index ebcbafe9b19..e744f5aa944 100644 --- a/http/cves/2010/CVE-2010-0467.yaml +++ b/http/cves/2010/CVE-2010-0467.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0467 cwe-id: CWE-22 epss-score: 0.06955 - epss-percentile: 0.93273 + epss-percentile: 0.93792 cpe: cpe:2.3:a:chillcreations:com_ccnewsletter:1.0.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0759.yaml b/http/cves/2010/CVE-2010-0759.yaml index d35f24b906a..d339eeca950 100644 --- a/http/cves/2010/CVE-2010-0759.yaml +++ b/http/cves/2010/CVE-2010-0759.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-0759 - http://www.exploit-db.com/exploits/11498 - https://exchange.xforce.ibmcloud.com/vulnerabilities/56380 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-0759 cwe-id: CWE-22 - epss-score: 0.01326 - epss-percentile: 0.84547 + epss-score: 0.01569 + epss-percentile: 0.86974 cpe: cpe:2.3:a:greatjoomla:scriptegrator_plugin:1.4.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0942.yaml b/http/cves/2010/CVE-2010-0942.yaml index 2a2c71c54ed..5543fb7a36d 100644 --- a/http/cves/2010/CVE-2010-0942.yaml +++ b/http/cves/2010/CVE-2010-0942.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0942 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75244 cpe: cpe:2.3:a:jvideodirect:com_jvideodirect:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0944.yaml b/http/cves/2010/CVE-2010-0944.yaml index 642eeafb3e3..1e348cdc190 100644 --- a/http/cves/2010/CVE-2010-0944.yaml +++ b/http/cves/2010/CVE-2010-0944.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0944 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75244 cpe: cpe:2.3:a:thorsten_riess:com_jcollection:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0972.yaml b/http/cves/2010/CVE-2010-0972.yaml index 0a7a37723bd..b0a8e64e284 100644 --- a/http/cves/2010/CVE-2010-0972.yaml +++ b/http/cves/2010/CVE-2010-0972.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-0972 - http://www.exploit-db.com/exploits/11738 - https://exchange.xforce.ibmcloud.com/vulnerabilities/56863 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-0972 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79885 + epss-percentile: 0.81406 cpe: cpe:2.3:a:g4j.laoneo:com_gcalendar:2.1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1056.yaml b/http/cves/2010/CVE-2010-1056.yaml index dba77c8bdf0..f5b61a101ee 100644 --- a/http/cves/2010/CVE-2010-1056.yaml +++ b/http/cves/2010/CVE-2010-1056.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1056 - http://www.rockettheme.com/extensions-updates/638-rokdownloads-10-released - https://exchange.xforce.ibmcloud.com/vulnerabilities/56898 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1056 cwe-id: CWE-22 epss-score: 0.06484 - epss-percentile: 0.93019 + epss-percentile: 0.93567 cpe: cpe:2.3:a:rockettheme:com_rokdownloads:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1217.yaml b/http/cves/2010/CVE-2010-1217.yaml index a0b971bc58d..a94792550f0 100644 --- a/http/cves/2010/CVE-2010-1217.yaml +++ b/http/cves/2010/CVE-2010-1217.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1217 - http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt - http://www.exploit-db.com/exploits/11814 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N cvss-score: 4.3 cve-id: CVE-2010-1217 cwe-id: CWE-22 epss-score: 0.01155 - epss-percentile: 0.83281 + epss-percentile: 0.84543 cpe: cpe:2.3:a:je_form_creator:je_form_creator:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1219.yaml b/http/cves/2010/CVE-2010-1219.yaml index 80ee0c99687..1f4197d74e5 100644 --- a/http/cves/2010/CVE-2010-1219.yaml +++ b/http/cves/2010/CVE-2010-1219.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1219 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79932 + epss-percentile: 0.81406 cpe: cpe:2.3:a:com_janews:com_janews:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1302.yaml b/http/cves/2010/CVE-2010-1302.yaml index 8b5725651ca..1f519400dd8 100644 --- a/http/cves/2010/CVE-2010-1302.yaml +++ b/http/cves/2010/CVE-2010-1302.yaml @@ -11,13 +11,14 @@ info: reference: - https://www.exploit-db.com/exploits/11978 - https://nvd.nist.gov/vuln/detail/CVE-2010-1302 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1302 cwe-id: CWE-22 epss-score: 0.01204 - epss-percentile: 0.83694 + epss-percentile: 0.84918 cpe: cpe:2.3:a:decryptweb:com_dwgraphs:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1304.yaml b/http/cves/2010/CVE-2010-1304.yaml index a46da6d101d..663df7257e0 100644 --- a/http/cves/2010/CVE-2010-1304.yaml +++ b/http/cves/2010/CVE-2010-1304.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1304 - http://www.exploit-db.com/exploits/11998 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57483 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1304 cwe-id: CWE-22 epss-score: 0.0045 - epss-percentile: 0.72402 + epss-percentile: 0.74575 cpe: cpe:2.3:a:joomlamo:com_userstatus:1.21.16:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1306.yaml b/http/cves/2010/CVE-2010-1306.yaml index 3117979ec81..8812b6095cc 100644 --- a/http/cves/2010/CVE-2010-1306.yaml +++ b/http/cves/2010/CVE-2010-1306.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1306 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.84048 + epss-percentile: 0.85196 cpe: cpe:2.3:a:roberto_aloi:com_joomlapicasa2:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1308.yaml b/http/cves/2010/CVE-2010-1308.yaml index 83d7a7e76b9..8ae74ebca42 100644 --- a/http/cves/2010/CVE-2010-1308.yaml +++ b/http/cves/2010/CVE-2010-1308.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12066 - https://nvd.nist.gov/vuln/detail/CVE-2010-1308 - http://www.vupen.com/english/advisories/2010/0809 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1308 cwe-id: CWE-22 epss-score: 0.01334 - epss-percentile: 0.84589 + epss-percentile: 0.85765 cpe: cpe:2.3:a:la-souris-verte:com_svmap:1.1.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1314.yaml b/http/cves/2010/CVE-2010-1314.yaml index 25fddbf7457..6c460827dd4 100644 --- a/http/cves/2010/CVE-2010-1314.yaml +++ b/http/cves/2010/CVE-2010-1314.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1314 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75244 cpe: cpe:2.3:a:joomlanook:com_hsconfig:1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1315.yaml b/http/cves/2010/CVE-2010-1315.yaml index 2747a0d63de..9005d916c17 100644 --- a/http/cves/2010/CVE-2010-1315.yaml +++ b/http/cves/2010/CVE-2010-1315.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1315 - http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/57482 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1315 cwe-id: CWE-22 epss-score: 0.0087 - epss-percentile: 0.80553 + epss-percentile: 0.82023 cpe: cpe:2.3:a:joomlamo:com_weberpcustomer:1.2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1345.yaml b/http/cves/2010/CVE-2010-1345.yaml index 9632fd902a7..1e5f524d3dc 100644 --- a/http/cves/2010/CVE-2010-1345.yaml +++ b/http/cves/2010/CVE-2010-1345.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/15453 - https://nvd.nist.gov/vuln/detail/CVE-2010-1345 - http://www.exploit-db.com/exploits/11785 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1345 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:cookex:com_ckforms:1.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1352.yaml b/http/cves/2010/CVE-2010-1352.yaml index 0a157487ea3..ecbfb10510c 100644 --- a/http/cves/2010/CVE-2010-1352.yaml +++ b/http/cves/2010/CVE-2010-1352.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12084 - https://nvd.nist.gov/vuln/detail/CVE-2010-1352 - http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1352 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:jooforge:com_jukebox:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1353.yaml b/http/cves/2010/CVE-2010-1353.yaml index 47f69a66bd9..c489f17df30 100644 --- a/http/cves/2010/CVE-2010-1353.yaml +++ b/http/cves/2010/CVE-2010-1353.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1353 - http://www.vupen.com/english/advisories/2010/0808 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57533 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1353 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.86604 + epss-percentile: 0.87665 cpe: cpe:2.3:a:wowjoomla:com_loginbox:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1429.yaml b/http/cves/2010/CVE-2010-1429.yaml index a04cf399c36..ffeefe2b9a2 100644 --- a/http/cves/2010/CVE-2010-1429.yaml +++ b/http/cves/2010/CVE-2010-1429.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2010-1429 cwe-id: CWE-264 epss-score: 0.00573 - epss-percentile: 0.7553 + epss-percentile: 0.77469 cpe: cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp08:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2010/CVE-2010-1469.yaml b/http/cves/2010/CVE-2010-1469.yaml index c586180f501..cee8a262725 100644 --- a/http/cves/2010/CVE-2010-1469.yaml +++ b/http/cves/2010/CVE-2010-1469.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1469 - http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt - http://www.exploit-db.com/exploits/12146 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1469 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79885 + epss-percentile: 0.81406 cpe: cpe:2.3:a:ternaria:com_jprojectmanager:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1470.yaml b/http/cves/2010/CVE-2010-1470.yaml index e3c51139136..93129c1f6ab 100644 --- a/http/cves/2010/CVE-2010-1470.yaml +++ b/http/cves/2010/CVE-2010-1470.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1470 - http://www.exploit-db.com/exploits/12166 - http://www.vupen.com/english/advisories/2010/0858 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1470 cwe-id: CWE-22 epss-score: 0.04616 - epss-percentile: 0.91716 + epss-percentile: 0.92373 cpe: cpe:2.3:a:dev.pucit.edu.pk:com_webtv:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1471.yaml b/http/cves/2010/CVE-2010-1471.yaml index 0f082905b00..fbb9cee6c04 100644 --- a/http/cves/2010/CVE-2010-1471.yaml +++ b/http/cves/2010/CVE-2010-1471.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1471 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.92598 + epss-percentile: 0.93171 cpe: cpe:2.3:a:b-elektro:com_addressbook:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1472.yaml b/http/cves/2010/CVE-2010-1472.yaml index 39f12d00047..064108079e5 100644 --- a/http/cves/2010/CVE-2010-1472.yaml +++ b/http/cves/2010/CVE-2010-1472.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1472 - http://www.exploit-db.com/exploits/12167 - http://www.vupen.com/english/advisories/2010/0859 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1472 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.92564 + epss-percentile: 0.93171 cpe: cpe:2.3:a:kazulah:com_horoscope:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1478.yaml b/http/cves/2010/CVE-2010-1478.yaml index ab407064438..bd05c2ec446 100644 --- a/http/cves/2010/CVE-2010-1478.yaml +++ b/http/cves/2010/CVE-2010-1478.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2010-1478 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:ternaria:com_jfeedback:1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1491.yaml b/http/cves/2010/CVE-2010-1491.yaml index 2f8f2ec4b2b..29f3f43feab 100644 --- a/http/cves/2010/CVE-2010-1491.yaml +++ b/http/cves/2010/CVE-2010-1491.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1491 - http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt - http://www.exploit-db.com/exploits/12318 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1491 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:mms.pipp:com_mmsblog:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1495.yaml b/http/cves/2010/CVE-2010-1495.yaml index d245c91462e..cc88bd94dbb 100644 --- a/http/cves/2010/CVE-2010-1495.yaml +++ b/http/cves/2010/CVE-2010-1495.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1495 - http://www.vupen.com/english/advisories/2010/0929 - http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1495 cwe-id: CWE-22 epss-score: 0.04503 - epss-percentile: 0.91627 + epss-percentile: 0.92278 cpe: cpe:2.3:a:matamko:com_matamko:1.01:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1532.yaml b/http/cves/2010/CVE-2010-1532.yaml index d701535cdf1..67d7722a824 100644 --- a/http/cves/2010/CVE-2010-1532.yaml +++ b/http/cves/2010/CVE-2010-1532.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12118 - https://nvd.nist.gov/vuln/detail/CVE-2010-1532 - http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1532 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:givesight:com_powermail:1.53:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1533.yaml b/http/cves/2010/CVE-2010-1533.yaml index 0a5966c6945..14a7369c162 100644 --- a/http/cves/2010/CVE-2010-1533.yaml +++ b/http/cves/2010/CVE-2010-1533.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1533 cwe-id: CWE-22 epss-score: 0.00706 - epss-percentile: 0.78314 + epss-percentile: 0.79951 cpe: cpe:2.3:a:peter_hocherl:com_tweetla:1.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1534.yaml b/http/cves/2010/CVE-2010-1534.yaml index d10a3f64b26..1d2bd6b0f52 100644 --- a/http/cves/2010/CVE-2010-1534.yaml +++ b/http/cves/2010/CVE-2010-1534.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1534 - http://www.exploit-db.com/exploits/12067 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57534 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1534 cwe-id: CWE-22 - epss-score: 0.01228 - epss-percentile: 0.83874 + epss-score: 0.01385 + epss-percentile: 0.86058 cpe: cpe:2.3:a:joomla.batjo:com_shoutbox:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1602.yaml b/http/cves/2010/CVE-2010-1602.yaml index 82450913860..d3da9c97e61 100644 --- a/http/cves/2010/CVE-2010-1602.yaml +++ b/http/cves/2010/CVE-2010-1602.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1602 - http://packetstormsecurity.org/1004-exploits/joomlazimbcomment-lfi.txt - http://www.vupen.com/english/advisories/2010/0932 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1602 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.90542 + epss-percentile: 0.91267 cpe: cpe:2.3:a:zimbllc:com_zimbcomment:0.8.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1603.yaml b/http/cves/2010/CVE-2010-1603.yaml index 9c838849145..1721c839770 100644 --- a/http/cves/2010/CVE-2010-1603.yaml +++ b/http/cves/2010/CVE-2010-1603.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1603 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.90581 + epss-percentile: 0.91267 cpe: cpe:2.3:a:zimbllc:com_zimbcore:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1607.yaml b/http/cves/2010/CVE-2010-1607.yaml index 9c3f252c949..818c7afdc38 100644 --- a/http/cves/2010/CVE-2010-1607.yaml +++ b/http/cves/2010/CVE-2010-1607.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1607 cwe-id: CWE-22 epss-score: 0.01726 - epss-percentile: 0.86557 + epss-percentile: 0.87577 cpe: cpe:2.3:a:paysyspro:com_wmi:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1653.yaml b/http/cves/2010/CVE-2010-1653.yaml index e471c686730..e90da3b5337 100644 --- a/http/cves/2010/CVE-2010-1653.yaml +++ b/http/cves/2010/CVE-2010-1653.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1653 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.90668 + epss-percentile: 0.91355 cpe: cpe:2.3:a:htmlcoderhelper:com_graphics:1.0.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1657.yaml b/http/cves/2010/CVE-2010-1657.yaml index 7cf96701f7a..7e5cabac9d4 100644 --- a/http/cves/2010/CVE-2010-1657.yaml +++ b/http/cves/2010/CVE-2010-1657.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1657 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.86649 + epss-percentile: 0.87665 cpe: cpe:2.3:a:recly:com_smartsite:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1658.yaml b/http/cves/2010/CVE-2010-1658.yaml index bb81723d535..cc4fdf33367 100644 --- a/http/cves/2010/CVE-2010-1658.yaml +++ b/http/cves/2010/CVE-2010-1658.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1658 - http://www.vupen.com/english/advisories/2010/1007 - https://exchange.xforce.ibmcloud.com/vulnerabilities/58176 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1658 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.86604 + epss-percentile: 0.87665 cpe: cpe:2.3:a:code-garage:com_noticeboard:1.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1717.yaml b/http/cves/2010/CVE-2010-1717.yaml index 6f1a7def629..6941286ffed 100644 --- a/http/cves/2010/CVE-2010-1717.yaml +++ b/http/cves/2010/CVE-2010-1717.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/12291 - https://nvd.nist.gov/vuln/detail/CVE-2010-1717 - http://www.vupen.com/english/advisories/2010/0924 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Live-Hack-CVE/CVE-2010-1717 classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1717 cwe-id: CWE-22 epss-score: 0.01733 - epss-percentile: 0.86527 + epss-percentile: 0.87598 cpe: cpe:2.3:a:if_surfalert_project:if_surfalert:1.2:*:*:*:*:joomla\!:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1718.yaml b/http/cves/2010/CVE-2010-1718.yaml index b6aa42c4909..3d80e1674fd 100644 --- a/http/cves/2010/CVE-2010-1718.yaml +++ b/http/cves/2010/CVE-2010-1718.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2010-1718 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:lispeltuut:com_archeryscores:1.0.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1719.yaml b/http/cves/2010/CVE-2010-1719.yaml index d1d5c38405b..b4379c8b457 100644 --- a/http/cves/2010/CVE-2010-1719.yaml +++ b/http/cves/2010/CVE-2010-1719.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1719 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.86348 + epss-percentile: 0.87378 cpe: cpe:2.3:a:moto-treks:com_mtfireeagle:1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1858.yaml b/http/cves/2010/CVE-2010-1858.yaml index 23a1a36dbc1..a870eef23a7 100644 --- a/http/cves/2010/CVE-2010-1858.yaml +++ b/http/cves/2010/CVE-2010-1858.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1858 cwe-id: CWE-22 epss-score: 0.01155 - epss-percentile: 0.83338 + epss-percentile: 0.84543 cpe: cpe:2.3:a:gelembjuk:com_smestorage:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1878.yaml b/http/cves/2010/CVE-2010-1878.yaml index b5dca1b5719..81e99ac1c1d 100644 --- a/http/cves/2010/CVE-2010-1878.yaml +++ b/http/cves/2010/CVE-2010-1878.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1878 - http://packetstormsecurity.org/1004-exploits/joomlaorgchart-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/58031 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1878 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80059 + epss-percentile: 0.81565 cpe: cpe:2.3:a:blueflyingfish.no-ip:com_orgchart:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1952.yaml b/http/cves/2010/CVE-2010-1952.yaml index 6e3434fc449..b6c6fb2b07e 100644 --- a/http/cves/2010/CVE-2010-1952.yaml +++ b/http/cves/2010/CVE-2010-1952.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1952 - http://www.exploit-db.com/exploits/12239 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57845 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1952 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.83996 + epss-percentile: 0.85196 cpe: cpe:2.3:a:cmstactics:com_beeheard:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1953.yaml b/http/cves/2010/CVE-2010-1953.yaml index a88d1fb0ab2..7b24fbf9713 100644 --- a/http/cves/2010/CVE-2010-1953.yaml +++ b/http/cves/2010/CVE-2010-1953.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1953 - http://www.vupen.com/english/advisories/2010/0927 - http://www.exploit-db.com/exploits/12288 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1953 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.92564 + epss-percentile: 0.93171 cpe: cpe:2.3:a:joomlacomponent.inetlanka:com_multimap:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1957.yaml b/http/cves/2010/CVE-2010-1957.yaml index 903077859db..2f9dd52a723 100644 --- a/http/cves/2010/CVE-2010-1957.yaml +++ b/http/cves/2010/CVE-2010-1957.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1957 - http://packetstormsecurity.org/1004-exploits/joomlalovefactory-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/57849 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1957 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.86287 + epss-percentile: 0.87378 cpe: cpe:2.3:a:thefactory:com_lovefactory:1.3.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1979.yaml b/http/cves/2010/CVE-2010-1979.yaml index 2ab5f48f45e..5daa0dfc9b8 100644 --- a/http/cves/2010/CVE-2010-1979.yaml +++ b/http/cves/2010/CVE-2010-1979.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1979 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:affiliatefeeds:com_datafeeds:build_880:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1983.yaml b/http/cves/2010/CVE-2010-1983.yaml index 4749d2c872c..e57c8896b69 100644 --- a/http/cves/2010/CVE-2010-1983.yaml +++ b/http/cves/2010/CVE-2010-1983.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1983 cwe-id: CWE-22 epss-score: 0.01815 - epss-percentile: 0.86892 + epss-percentile: 0.87898 cpe: cpe:2.3:a:redcomponent:com_redtwitter:1.0b8:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2035.yaml b/http/cves/2010/CVE-2010-2035.yaml index 29eccebf1fa..c57db7260bf 100644 --- a/http/cves/2010/CVE-2010-2035.yaml +++ b/http/cves/2010/CVE-2010-2035.yaml @@ -11,15 +11,15 @@ info: reference: - https://www.exploit-db.com/exploits/34006 - https://nvd.nist.gov/vuln/detail/CVE-2010-2035 - - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244 - http://packetstormsecurity.org/1005-exploits/joomlaperchagl-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-2035 cwe-id: CWE-22 - epss-score: 0.00718 - epss-percentile: 0.78453 + epss-score: 0.07071 + epss-percentile: 0.93832 cpe: cpe:2.3:a:percha:com_perchagallery:1.6:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2122.yaml b/http/cves/2010/CVE-2010-2122.yaml index e29e3ff55f4..45131b5fbee 100644 --- a/http/cves/2010/CVE-2010-2122.yaml +++ b/http/cves/2010/CVE-2010-2122.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2122 cwe-id: CWE-22 epss-score: 0.01806 - epss-percentile: 0.86853 + epss-percentile: 0.87868 cpe: cpe:2.3:a:joelrowley:com_simpledownload:0.9.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2307.yaml b/http/cves/2010/CVE-2010-2307.yaml index cd6ae0c2fc7..7110040c599 100644 --- a/http/cves/2010/CVE-2010-2307.yaml +++ b/http/cves/2010/CVE-2010-2307.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2307 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79936 + epss-percentile: 0.81409 cpe: cpe:2.3:h:motorola:surfboard_sbv6120e:sbv6x2x-1.0.0.5-scm-02-shpc:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2507.yaml b/http/cves/2010/CVE-2010-2507.yaml index 53be8127410..c64969b653c 100644 --- a/http/cves/2010/CVE-2010-2507.yaml +++ b/http/cves/2010/CVE-2010-2507.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2507 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.86348 + epss-percentile: 0.87378 cpe: cpe:2.3:a:masselink:com_picasa2gallery:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2682.yaml b/http/cves/2010/CVE-2010-2682.yaml index 6675cfac0b7..12114c57119 100644 --- a/http/cves/2010/CVE-2010-2682.yaml +++ b/http/cves/2010/CVE-2010-2682.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2682 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:realtyna:com_realtyna:1.0.15:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2857.yaml b/http/cves/2010/CVE-2010-2857.yaml index db9036034d2..0f2dce1d940 100644 --- a/http/cves/2010/CVE-2010-2857.yaml +++ b/http/cves/2010/CVE-2010-2857.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-2857 - http://www.exploit-db.com/exploits/14274 - https://exchange.xforce.ibmcloud.com/vulnerabilities/60195 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-2857 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80059 + epss-percentile: 0.81565 cpe: cpe:2.3:a:danieljamesscott:com_music:0.1:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2861.yaml b/http/cves/2010/CVE-2010-2861.yaml index 9d014f36a39..cb515e7ce13 100644 --- a/http/cves/2010/CVE-2010-2861.yaml +++ b/http/cves/2010/CVE-2010-2861.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2861 cwe-id: CWE-22 epss-score: 0.97078 - epss-percentile: 0.99727 + epss-percentile: 0.99753 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2918.yaml b/http/cves/2010/CVE-2010-2918.yaml index 343b70d6311..643a902e131 100644 --- a/http/cves/2010/CVE-2010-2918.yaml +++ b/http/cves/2010/CVE-2010-2918.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2918 cwe-id: CWE-94 epss-score: 0.02847 - epss-percentile: 0.89708 + epss-percentile: 0.90478 cpe: cpe:2.3:a:visocrea:com_joomla_visites:1.1:rc2:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-3426.yaml b/http/cves/2010/CVE-2010-3426.yaml index d6fd5a8bffd..d262c0f4a92 100644 --- a/http/cves/2010/CVE-2010-3426.yaml +++ b/http/cves/2010/CVE-2010-3426.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-3426 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:4you-studio:com_jphone:1.0:alpha3:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4231.yaml b/http/cves/2010/CVE-2010-4231.yaml index f0b7fa5b95d..3c614440650 100644 --- a/http/cves/2010/CVE-2010-4231.yaml +++ b/http/cves/2010/CVE-2010-4231.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4231 cwe-id: CWE-22 epss-score: 0.01615 - epss-percentile: 0.86142 + epss-percentile: 0.87178 cpe: cpe:2.3:a:camtron:cmnc-200_firmware:1.102a-008:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4239.yaml b/http/cves/2010/CVE-2010-4239.yaml index 52b2e9def45..6a38eb1d2c3 100644 --- a/http/cves/2010/CVE-2010-4239.yaml +++ b/http/cves/2010/CVE-2010-4239.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2010-4239 cwe-id: CWE-20 - epss-score: 0.04033 - epss-percentile: 0.9122 + epss-score: 0.03038 + epss-percentile: 0.90751 cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:5.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4719.yaml b/http/cves/2010/CVE-2010-4719.yaml index cfa68424a11..8d3bae1ad39 100644 --- a/http/cves/2010/CVE-2010-4719.yaml +++ b/http/cves/2010/CVE-2010-4719.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4719 cwe-id: CWE-22 epss-score: 0.04503 - epss-percentile: 0.91627 + epss-percentile: 0.92278 cpe: cpe:2.3:a:fxwebdesign:com_jradio:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4977.yaml b/http/cves/2010/CVE-2010-4977.yaml index 3046c38a5b4..57b62a1ddff 100644 --- a/http/cves/2010/CVE-2010-4977.yaml +++ b/http/cves/2010/CVE-2010-4977.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4977 cwe-id: CWE-89 epss-score: 0.0016 - epss-percentile: 0.52502 + epss-percentile: 0.51628 cpe: cpe:2.3:a:miniwork:com_canteen:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-5278.yaml b/http/cves/2010/CVE-2010-5278.yaml index 8f03abbd4ce..610a17b2a20 100644 --- a/http/cves/2010/CVE-2010-5278.yaml +++ b/http/cves/2010/CVE-2010-5278.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-5278 cwe-id: CWE-22 epss-score: 0.06122 - epss-percentile: 0.92816 + epss-percentile: 0.93381 cpe: cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-5286.yaml b/http/cves/2010/CVE-2010-5286.yaml index 519fe5438a1..0d6fdda6120 100644 --- a/http/cves/2010/CVE-2010-5286.yaml +++ b/http/cves/2010/CVE-2010-5286.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/34837 - https://nvd.nist.gov/vuln/detail/CVE-2010-5286 - http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C cvss-score: 10 cve-id: CVE-2010-5286 cwe-id: CWE-22 - epss-score: 0.03802 - epss-percentile: 0.90974 + epss-score: 0.07071 + epss-percentile: 0.93832 cpe: cpe:2.3:a:joobi:com_jstore:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-2744.yaml b/http/cves/2011/CVE-2011-2744.yaml index 513965019d5..0af15450d78 100644 --- a/http/cves/2011/CVE-2011-2744.yaml +++ b/http/cves/2011/CVE-2011-2744.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-2744 cwe-id: CWE-22 epss-score: 0.01541 - epss-percentile: 0.85787 + epss-percentile: 0.86842 cpe: cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-2780.yaml b/http/cves/2011/CVE-2011-2780.yaml index b91d70c4dba..37ada8c50e2 100644 --- a/http/cves/2011/CVE-2011-2780.yaml +++ b/http/cves/2011/CVE-2011-2780.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-2780 cwe-id: CWE-22 epss-score: 0.03327 - epss-percentile: 0.90416 + epss-percentile: 0.91127 cpe: cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-3315.yaml b/http/cves/2011/CVE-2011-3315.yaml index a46ca6fe00d..c709a974075 100644 --- a/http/cves/2011/CVE-2011-3315.yaml +++ b/http/cves/2011/CVE-2011-3315.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/36256 - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:N cvss-score: 7.8 cve-id: CVE-2011-3315 cwe-id: CWE-22 - epss-score: 0.86205 - epss-percentile: 0.98314 + epss-score: 0.72021 + epss-percentile: 0.97988 cpe: cpe:2.3:h:cisco:unified_ip_interactive_voice_response:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4336.yaml b/http/cves/2011/CVE-2011-4336.yaml index 9a074519dc0..a1755a31c32 100644 --- a/http/cves/2011/CVE-2011-4336.yaml +++ b/http/cves/2011/CVE-2011-4336.yaml @@ -11,13 +11,14 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2011-4336 - https://seclists.org/bugtraq/2011/Nov/140 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2011-4336 cwe-id: CWE-79 epss-score: 0.00255 - epss-percentile: 0.63362 + epss-percentile: 0.64746 cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4618.yaml b/http/cves/2011/CVE-2011-4618.yaml index 45c95428996..215b36230ac 100644 --- a/http/cves/2011/CVE-2011-4618.yaml +++ b/http/cves/2011/CVE-2011-4618.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2011-4618 cwe-id: CWE-79 epss-score: 0.01913 - epss-percentile: 0.87299 + epss-percentile: 0.88293 cpe: cpe:2.3:a:simplerealtytheme:advanced_text_widget_plugin:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2011/CVE-2011-4624.yaml b/http/cves/2011/CVE-2011-4624.yaml index 0b418552a92..7474a3f31f9 100644 --- a/http/cves/2011/CVE-2011-4624.yaml +++ b/http/cves/2011/CVE-2011-4624.yaml @@ -13,13 +13,14 @@ info: - http://www.openwall.com/lists/oss-security/2011/12/23/2 - http://plugins.trac.wordpress.org/changeset/469785 - http://wordpress.org/extend/plugins/flash-album-gallery/changelog/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2011-4624 cwe-id: CWE-79 epss-score: 0.00431 - epss-percentile: 0.71804 + epss-percentile: 0.74018 cpe: cpe:2.3:a:codeasily:grand_flagallery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4640.yaml b/http/cves/2011/CVE-2011-4640.yaml index 7e01d97052b..5a3ef9a97cb 100644 --- a/http/cves/2011/CVE-2011-4640.yaml +++ b/http/cves/2011/CVE-2011-4640.yaml @@ -11,7 +11,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2011-4640 classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N - cvss-score: 4.0 + cvss-score: 4 cve-id: CVE-2011-4640 cwe-id: CWE-22 cpe: cpe:2.3:a:spamtitan:webtitan:*:*:*:*:*:*:*:* diff --git a/http/cves/2011/CVE-2011-5106.yaml b/http/cves/2011/CVE-2011-5106.yaml index af295c65b6a..d2542c1fedd 100644 --- a/http/cves/2011/CVE-2011-5106.yaml +++ b/http/cves/2011/CVE-2011-5106.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-5106 cwe-id: CWE-79 epss-score: 0.00434 - epss-percentile: 0.71916 + epss-percentile: 0.7412 cpe: cpe:2.3:a:fractalia:flexible_custom_post_type:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-5107.yaml b/http/cves/2011/CVE-2011-5107.yaml index 08f49292652..cb86613bfb1 100644 --- a/http/cves/2011/CVE-2011-5107.yaml +++ b/http/cves/2011/CVE-2011-5107.yaml @@ -12,13 +12,15 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2011-5107 https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-alert-before-your-post-cross-site-scripting-0-1-1/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/71413 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2011-5107 cwe-id: CWE-79 epss-score: 0.00232 - epss-percentile: 0.61277 + epss-percentile: 0.6058 cpe: cpe:2.3:a:wordpress:alert_before_you_post:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-5252.yaml b/http/cves/2011/CVE-2011-5252.yaml index b421ced944b..db2c0b3dad7 100644 --- a/http/cves/2011/CVE-2011-5252.yaml +++ b/http/cves/2011/CVE-2011-5252.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.8 cve-id: CVE-2011-5252 cwe-id: CWE-20 - epss-score: 0.02747 - epss-percentile: 0.89537 + epss-score: 0.02536 + epss-percentile: 0.89931 cpe: cpe:2.3:a:orchardproject:orchard:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-5265.yaml b/http/cves/2011/CVE-2011-5265.yaml index 526dd0b561d..9e6fe6f4536 100644 --- a/http/cves/2011/CVE-2011-5265.yaml +++ b/http/cves/2011/CVE-2011-5265.yaml @@ -12,13 +12,15 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2011-5265 - https://exchange.xforce.ibmcloud.com/vulnerabilities/71468 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2011-5265 cwe-id: CWE-79 epss-score: 0.00478 - epss-percentile: 0.73197 + epss-percentile: 0.75288 cpe: cpe:2.3:a:featurific_for_wordpress_project:featurific-for-wordpress:1.6.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-0392.yaml b/http/cves/2012/CVE-2012-0392.yaml index 345e1879159..e54bc1465db 100644 --- a/http/cves/2012/CVE-2012-0392.yaml +++ b/http/cves/2012/CVE-2012-0392.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.8 cve-id: CVE-2012-0392 cwe-id: NVD-CWE-noinfo - epss-score: 0.97059 - epss-percentile: 0.9971 + epss-score: 0.9496 + epss-percentile: 0.99239 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-0996.yaml b/http/cves/2012/CVE-2012-0996.yaml index d8da34ad174..0b657a286fe 100644 --- a/http/cves/2012/CVE-2012-0996.yaml +++ b/http/cves/2012/CVE-2012-0996.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5 cve-id: CVE-2012-0996 cwe-id: CWE-22 - epss-score: 0.00737 - epss-percentile: 0.78828 + epss-score: 0.02194 + epss-percentile: 0.89179 cpe: cpe:2.3:a:11in1:11in1:1.2.1:stable_12-31-2011:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-1835.yaml b/http/cves/2012/CVE-2012-1835.yaml index 30d6376993f..8d600795e90 100644 --- a/http/cves/2012/CVE-2012-1835.yaml +++ b/http/cves/2012/CVE-2012-1835.yaml @@ -18,8 +18,8 @@ info: cvss-score: 4.3 cve-id: CVE-2012-1835 cwe-id: CWE-79 - epss-score: 0.00229 - epss-percentile: 0.61124 + epss-score: 0.01124 + epss-percentile: 0.84313 cpe: cpe:2.3:a:timely:all-in-one_event_calendar:1.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-2371.yaml b/http/cves/2012/CVE-2012-2371.yaml index 3bbd9f4e282..bf28ada0adb 100644 --- a/http/cves/2012/CVE-2012-2371.yaml +++ b/http/cves/2012/CVE-2012-2371.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2012-2371 cwe-id: CWE-79 - epss-score: 0.00825 - epss-percentile: 0.80043 + epss-score: 0.01345 + epss-percentile: 0.85828 cpe: cpe:2.3:a:mnt-tech:wp-facethumb:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4253.yaml b/http/cves/2012/CVE-2012-4253.yaml index fbe3a390e6f..b34c5ca69b6 100644 --- a/http/cves/2012/CVE-2012-4253.yaml +++ b/http/cves/2012/CVE-2012-4253.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2012-4253 cwe-id: CWE-22 - epss-score: 0.02018 - epss-percentile: 0.8771 + epss-score: 0.0179 + epss-percentile: 0.87805 cpe: cpe:2.3:a:mysqldumper:mysqldumper:1.24.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4273.yaml b/http/cves/2012/CVE-2012-4273.yaml index 765440b1277..9d69e326ae9 100644 --- a/http/cves/2012/CVE-2012-4273.yaml +++ b/http/cves/2012/CVE-2012-4273.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2012-4273 cwe-id: CWE-79 epss-score: 0.00252 - epss-percentile: 0.63173 + epss-percentile: 0.64486 cpe: cpe:2.3:a:ppfeufer:2-click-social-media-buttons:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4768.yaml b/http/cves/2012/CVE-2012-4768.yaml index 2c1869e8f36..59083f5f5dc 100644 --- a/http/cves/2012/CVE-2012-4768.yaml +++ b/http/cves/2012/CVE-2012-4768.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.org/files/116408/wpdownloadmonitor3357-xss.txt - http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html - https://exchange.xforce.ibmcloud.com/vulnerabilities/78422 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2012-4768 cwe-id: CWE-79 epss-score: 0.00922 - epss-percentile: 0.81161 + epss-percentile: 0.82559 cpe: cpe:2.3:a:mikejolley:download_monitor:3.3.5.7:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4878.yaml b/http/cves/2012/CVE-2012-4878.yaml index cee6cbf339f..d08fbbf00c7 100644 --- a/http/cves/2012/CVE-2012-4878.yaml +++ b/http/cves/2012/CVE-2012-4878.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2012-4878 cwe-id: CWE-22 epss-score: 0.00608 - epss-percentile: 0.76323 + epss-percentile: 0.7813 cpe: cpe:2.3:a:flatnux:flatnux:2011-08-09-2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4889.yaml b/http/cves/2012/CVE-2012-4889.yaml index 52eeaf127a3..63ecbffe527 100644 --- a/http/cves/2012/CVE-2012-4889.yaml +++ b/http/cves/2012/CVE-2012-4889.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.org/files/111474/VL-437.txt - http://www.vulnerability-lab.com/get_content.php?id=437 - https://exchange.xforce.ibmcloud.com/vulnerabilities/74538 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2012-4889 cwe-id: CWE-79 epss-score: 0.03526 - epss-percentile: 0.90633 + epss-percentile: 0.91352 cpe: cpe:2.3:a:manageengine:firewall_analyzer:7.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4982.yaml b/http/cves/2012/CVE-2012-4982.yaml index b1e5f6933b8..2133ac7ad94 100644 --- a/http/cves/2012/CVE-2012-4982.yaml +++ b/http/cves/2012/CVE-2012-4982.yaml @@ -15,13 +15,14 @@ info: - https://www.reactionpenetrationtesting.co.uk/forescout-cross-site-redirection.html - https://nvd.nist.gov/vuln/detail/CVE-2012-4982 - http://www.reactionpenetrationtesting.co.uk/forescout-cross-site-redirection.html + - https://github.com/tr3ss/newclei classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N cvss-score: 5.8 cve-id: CVE-2012-4982 cwe-id: CWE-20 - epss-score: 0.00553 - epss-percentile: 0.75093 + epss-score: 0.00357 + epss-percentile: 0.71561 cpe: cpe:2.3:a:forescout:counteract:6.3.4.10:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-5913.yaml b/http/cves/2012/CVE-2012-5913.yaml index 6a31eb58753..99dc1b66a76 100644 --- a/http/cves/2012/CVE-2012-5913.yaml +++ b/http/cves/2012/CVE-2012-5913.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2012-5913 cwe-id: CWE-79 epss-score: 0.01863 - epss-percentile: 0.87064 + epss-percentile: 0.88104 cpe: cpe:2.3:a:wordpress_integrator_project:wordpress_integrator:1.32:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-2248.yaml b/http/cves/2013/CVE-2013-2248.yaml index aeab16494f6..e278d581fcb 100644 --- a/http/cves/2013/CVE-2013-2248.yaml +++ b/http/cves/2013/CVE-2013-2248.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.8 cve-id: CVE-2013-2248 cwe-id: CWE-20 - epss-score: 0.97289 - epss-percentile: 0.99844 + epss-score: 0.97268 + epss-percentile: 0.99838 cpe: cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-2287.yaml b/http/cves/2013/CVE-2013-2287.yaml index 62a581c8056..d47afc49e05 100644 --- a/http/cves/2013/CVE-2013-2287.yaml +++ b/http/cves/2013/CVE-2013-2287.yaml @@ -12,13 +12,15 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2013-2287 - https://www.dognaedis.com/vulns/DGS-SEC-16.html + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2013-2287 cwe-id: CWE-79 epss-score: 0.00219 - epss-percentile: 0.59848 + epss-percentile: 0.59251 cpe: cpe:2.3:a:roberta_bramski:uploader:1.0.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-4625.yaml b/http/cves/2013/CVE-2013-4625.yaml index 80b13c89041..0d673102828 100644 --- a/http/cves/2013/CVE-2013-4625.yaml +++ b/http/cves/2013/CVE-2013-4625.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2013-4625 cwe-id: CWE-79 epss-score: 0.01217 - epss-percentile: 0.83857 + epss-percentile: 0.85008 cpe: cpe:2.3:a:cory_lamle:duplicator:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-5979.yaml b/http/cves/2013/CVE-2013-5979.yaml index 58c03bee01c..ca0118d9fb3 100644 --- a/http/cves/2013/CVE-2013-5979.yaml +++ b/http/cves/2013/CVE-2013-5979.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2013-5979 cwe-id: CWE-22 - epss-score: 0.06601 - epss-percentile: 0.93089 + epss-score: 0.04915 + epss-percentile: 0.92611 cpe: cpe:2.3:a:springsignage:xibo:1.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-6281.yaml b/http/cves/2013/CVE-2013-6281.yaml index 6c7654d5025..1cf21a693be 100644 --- a/http/cves/2013/CVE-2013-6281.yaml +++ b/http/cves/2013/CVE-2013-6281.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/dhtmlxspreadsheet/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6281 - https://nvd.nist.gov/vuln/detail/CVE-2013-6281 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2013-6281 cwe-id: CWE-79 - epss-score: 0.00209 - epss-percentile: 0.58813 + epss-score: 0.00327 + epss-percentile: 0.70301 cpe: cpe:2.3:a:dhtmlx:dhtmlxspreadsheet:2.0:-:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2013/CVE-2013-7091.yaml b/http/cves/2013/CVE-2013-7091.yaml index ff0c8ebd21c..7b44d9fc5cb 100644 --- a/http/cves/2013/CVE-2013-7091.yaml +++ b/http/cves/2013/CVE-2013-7091.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2013-7091 cwe-id: CWE-22 epss-score: 0.97337 - epss-percentile: 0.9987 + epss-percentile: 0.99881 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2013/CVE-2013-7285.yaml b/http/cves/2013/CVE-2013-7285.yaml index e963d0c1fd5..32eaf72eb47 100644 --- a/http/cves/2013/CVE-2013-7285.yaml +++ b/http/cves/2013/CVE-2013-7285.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2013-7285 cwe-id: CWE-78 epss-score: 0.55716 - epss-percentile: 0.97383 + epss-percentile: 0.97607 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-10037.yaml b/http/cves/2014/CVE-2014-10037.yaml index 2dae62c220c..ae61d70fa85 100644 --- a/http/cves/2014/CVE-2014-10037.yaml +++ b/http/cves/2014/CVE-2014-10037.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-10037 cwe-id: CWE-22 epss-score: 0.14101 - epss-percentile: 0.95201 + epss-percentile: 0.95548 cpe: cpe:2.3:a:domphp:domphp:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-1203.yaml b/http/cves/2014/CVE-2014-1203.yaml index 702b6f34f38..efc57f7ca2f 100644 --- a/http/cves/2014/CVE-2014-1203.yaml +++ b/http/cves/2014/CVE-2014-1203.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-1203 cwe-id: CWE-77 epss-score: 0.02045 - epss-percentile: 0.87805 + epss-percentile: 0.88732 cpe: cpe:2.3:a:eyou:eyou:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-2323.yaml b/http/cves/2014/CVE-2014-2323.yaml index 06ebacda9ee..10d66a4abea 100644 --- a/http/cves/2014/CVE-2014-2323.yaml +++ b/http/cves/2014/CVE-2014-2323.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2014-2323 cwe-id: CWE-89 - epss-score: 0.96071 - epss-percentile: 0.99365 + epss-score: 0.96033 + epss-percentile: 0.99445 cpe: cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-2383.yaml b/http/cves/2014/CVE-2014-2383.yaml index 8ef17517461..d92e4e86e40 100644 --- a/http/cves/2014/CVE-2014-2383.yaml +++ b/http/cves/2014/CVE-2014-2383.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2014-2383 cwe-id: CWE-200 - epss-score: 0.00723 - epss-percentile: 0.78624 + epss-score: 0.00511 + epss-percentile: 0.76134 cpe: cpe:2.3:a:dompdf:dompdf:*:beta3:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2014/CVE-2014-2962.yaml b/http/cves/2014/CVE-2014-2962.yaml index 58309361388..15e7e0ac711 100644 --- a/http/cves/2014/CVE-2014-2962.yaml +++ b/http/cves/2014/CVE-2014-2962.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-2962 cwe-id: CWE-22 epss-score: 0.95825 - epss-percentile: 0.99309 + epss-percentile: 0.99395 cpe: cpe:2.3:o:belkin:n150_f9k1009_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-3120.yaml b/http/cves/2014/CVE-2014-3120.yaml index 3f927faecdd..2502b1b8c36 100644 --- a/http/cves/2014/CVE-2014-3120.yaml +++ b/http/cves/2014/CVE-2014-3120.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2014-3120 cwe-id: CWE-284 - epss-score: 0.53013 - epss-percentile: 0.97306 + epss-score: 0.53209 + epss-percentile: 0.97551 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-3206.yaml b/http/cves/2014/CVE-2014-3206.yaml index 3a21aad8f4e..09775006229 100644 --- a/http/cves/2014/CVE-2014-3206.yaml +++ b/http/cves/2014/CVE-2014-3206.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2014-3206 - https://www.exploit-db.com/exploits/33159 - https://www.exploit-db.com/exploits/33159/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2014-3206 cwe-id: CWE-20 - epss-score: 0.31809 - epss-percentile: 0.96584 + epss-score: 0.2561 + epss-percentile: 0.96594 cpe: cpe:2.3:o:seagate:blackarmor_nas_220_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2014/CVE-2014-3704.yaml b/http/cves/2014/CVE-2014-3704.yaml index 7242ba74119..e436f76d581 100644 --- a/http/cves/2014/CVE-2014-3704.yaml +++ b/http/cves/2014/CVE-2014-3704.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2014-3704 cwe-id: CWE-89 epss-score: 0.97537 - epss-percentile: 0.99994 + epss-percentile: 0.99992 cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4535.yaml b/http/cves/2014/CVE-2014-4535.yaml index aa74a43535f..dd3961ff471 100644 --- a/http/cves/2014/CVE-2014-4535.yaml +++ b/http/cves/2014/CVE-2014-4535.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-4535 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48664 + epss-percentile: 0.47838 cpe: cpe:2.3:a:import_legacy_media_project:import_legacy_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4539.yaml b/http/cves/2014/CVE-2014-4539.yaml index 61660a52615..e59b0f258a2 100644 --- a/http/cves/2014/CVE-2014-4539.yaml +++ b/http/cves/2014/CVE-2014-4539.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/d6ea4fe6-c486-415d-8f6d-57ea2f149304 - https://nvd.nist.gov/vuln/detail/CVE-2014-4539 - http://codevigilant.com/disclosure/wp-plugin-movies-a3-cross-site-scripting-xss + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4539 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48556 + epss-percentile: 0.47838 cpe: cpe:2.3:a:movies_project:movies:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4592.yaml b/http/cves/2014/CVE-2014-4592.yaml index 740ac88b97b..0542260e60a 100644 --- a/http/cves/2014/CVE-2014-4592.yaml +++ b/http/cves/2014/CVE-2014-4592.yaml @@ -12,13 +12,14 @@ info: - https://wpscan.com/vulnerability/3c9a3a97-8157-4976-8148-587d923e1fb3 - https://nvd.nist.gov/vuln/detail/CVE-2014-4592 - http://codevigilant.com/disclosure/wp-plugin-wp-planet-a3-cross-site-scripting-xss + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4592 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48556 + epss-percentile: 0.47838 cpe: cpe:2.3:a:czepol:wp-planet:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2014/CVE-2014-4940.yaml b/http/cves/2014/CVE-2014-4940.yaml index 6ee9909b417..24c67122e26 100644 --- a/http/cves/2014/CVE-2014-4940.yaml +++ b/http/cves/2014/CVE-2014-4940.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2014-4940 - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail= - http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2014-4940 cwe-id: CWE-22 - epss-score: 0.03891 - epss-percentile: 0.91064 + epss-score: 0.03212 + epss-percentile: 0.90985 cpe: cpe:2.3:a:tera_charts_plugin_project:tera-charts:0.1:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-5111.yaml b/http/cves/2014/CVE-2014-5111.yaml index 10e6b4e08e5..daf200fd23e 100644 --- a/http/cves/2014/CVE-2014-5111.yaml +++ b/http/cves/2014/CVE-2014-5111.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/39351 - https://nvd.nist.gov/vuln/detail/CVE-2014-5111 - http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2014-5111 cwe-id: CWE-22 - epss-score: 0.03716 - epss-percentile: 0.90865 + epss-score: 0.02194 + epss-percentile: 0.89179 cpe: cpe:2.3:a:netfortris:trixbox:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-5258.yaml b/http/cves/2014/CVE-2014-5258.yaml index 244e6510d72..4a4b442364d 100644 --- a/http/cves/2014/CVE-2014-5258.yaml +++ b/http/cves/2014/CVE-2014-5258.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-5258 cwe-id: CWE-22 epss-score: 0.01386 - epss-percentile: 0.84968 + epss-percentile: 0.86062 cpe: cpe:2.3:a:webedition:webedition_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-5368.yaml b/http/cves/2014/CVE-2014-5368.yaml index ab666625daf..41a5cbee59c 100644 --- a/http/cves/2014/CVE-2014-5368.yaml +++ b/http/cves/2014/CVE-2014-5368.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-5368 cwe-id: CWE-22 epss-score: 0.09191 - epss-percentile: 0.94107 + epss-percentile: 0.94512 cpe: cpe:2.3:a:wp_content_source_control_project:wp_content_source_control:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-6287.yaml b/http/cves/2014/CVE-2014-6287.yaml index 59dbbce746d..b210fb38742 100644 --- a/http/cves/2014/CVE-2014-6287.yaml +++ b/http/cves/2014/CVE-2014-6287.yaml @@ -22,7 +22,7 @@ info: cve-id: 'CVE-2014-6287' cwe-id: CWE-94 epss-score: 0.97289 - epss-percentile: 0.99843 + epss-percentile: 0.99851 cpe: cpe:2.3:a:rejetto:http_file_server:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2014/CVE-2014-6308.yaml b/http/cves/2014/CVE-2014-6308.yaml index 1c78f5f9442..d0e691c55d7 100644 --- a/http/cves/2014/CVE-2014-6308.yaml +++ b/http/cves/2014/CVE-2014-6308.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-6308 cwe-id: CWE-22 epss-score: 0.0922 - epss-percentile: 0.94117 + epss-percentile: 0.94519 cpe: cpe:2.3:a:osclass:osclass:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-8676.yaml b/http/cves/2014/CVE-2014-8676.yaml index 7e41b4a2929..6754e20d1c6 100644 --- a/http/cves/2014/CVE-2014-8676.yaml +++ b/http/cves/2014/CVE-2014-8676.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2014-8676 cwe-id: CWE-22 epss-score: 0.00195 - epss-percentile: 0.57408 + epss-percentile: 0.56456 cpe: cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-8799.yaml b/http/cves/2014/CVE-2014-8799.yaml index cf44785af50..50fb708173a 100644 --- a/http/cves/2014/CVE-2014-8799.yaml +++ b/http/cves/2014/CVE-2014-8799.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-8799 cwe-id: CWE-22 epss-score: 0.17844 - epss-percentile: 0.96002 + epss-percentile: 0.96039 cpe: cpe:2.3:a:dukapress:dukapress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9094.yaml b/http/cves/2014/CVE-2014-9094.yaml index b679bf8c04c..9dfe9bbd39c 100644 --- a/http/cves/2014/CVE-2014-9094.yaml +++ b/http/cves/2014/CVE-2014-9094.yaml @@ -14,13 +14,14 @@ info: - http://websecurity.com.ua/7152/ - http://seclists.org/fulldisclosure/2014/Jul/65 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2014-9094 cwe-id: CWE-79 epss-score: 0.32637 - epss-percentile: 0.9663 + epss-percentile: 0.96912 cpe: cpe:2.3:a:digitalzoomstudio:video_gallery:-:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9119.yaml b/http/cves/2014/CVE-2014-9119.yaml index 531fbbec82b..64be5d6571b 100644 --- a/http/cves/2014/CVE-2014-9119.yaml +++ b/http/cves/2014/CVE-2014-9119.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5 cve-id: CVE-2014-9119 cwe-id: CWE-22 - epss-score: 0.10505 - epss-percentile: 0.94469 + epss-score: 0.11639 + epss-percentile: 0.95149 cpe: cpe:2.3:a:db_backup_project:db_backup:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9180.yaml b/http/cves/2014/CVE-2014-9180.yaml index 9a14efcedea..85420bf5a4e 100644 --- a/http/cves/2014/CVE-2014-9180.yaml +++ b/http/cves/2014/CVE-2014-9180.yaml @@ -16,8 +16,8 @@ info: cvss-score: 5 cve-id: CVE-2014-9180 cwe-id: CWE-601 - epss-score: 0.00248 - epss-percentile: 0.62799 + epss-score: 0.00285 + epss-percentile: 0.6809 cpe: cpe:2.3:a:eleanor-cms:eleanor_cms:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2014/CVE-2014-9607.yaml b/http/cves/2014/CVE-2014-9607.yaml index 6953e1681d4..bde1fa1ee78 100644 --- a/http/cves/2014/CVE-2014-9607.yaml +++ b/http/cves/2014/CVE-2014-9607.yaml @@ -13,13 +13,14 @@ info: - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz - https://nvd.nist.gov/vuln/detail/CVE-2014-9607 - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-9607 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41261 + epss-percentile: 0.40591 cpe: cpe:2.3:a:netsweeper:netsweeper:4.0.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9608.yaml b/http/cves/2014/CVE-2014-9608.yaml index 2abbe7ee11a..ac4b7af87e0 100644 --- a/http/cves/2014/CVE-2014-9608.yaml +++ b/http/cves/2014/CVE-2014-9608.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-9608 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41324 + epss-percentile: 0.40591 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9615.yaml b/http/cves/2014/CVE-2014-9615.yaml index db425eb921b..dd8c7bbaaa8 100644 --- a/http/cves/2014/CVE-2014-9615.yaml +++ b/http/cves/2014/CVE-2014-9615.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-9615 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41324 + epss-percentile: 0.40591 cpe: cpe:2.3:a:netsweeper:netsweeper:4.0.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-0554.yaml b/http/cves/2015/CVE-2015-0554.yaml index 46117137156..4d03c321b3b 100644 --- a/http/cves/2015/CVE-2015-0554.yaml +++ b/http/cves/2015/CVE-2015-0554.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/129828/Pirelli-ADSL2-2-Wireless-Router-P.DGA4001N-Information-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2015-0554 - http://www.exploit-db.com/exploits/35721 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C cvss-score: 9.4 cve-id: CVE-2015-0554 cwe-id: CWE-264 epss-score: 0.0139 - epss-percentile: 0.84939 + epss-percentile: 0.86079 cpe: cpe:2.3:o:adb:p.dga4001n_firmware:pdg_tef_sp_4.06l.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1000005.yaml b/http/cves/2015/CVE-2015-1000005.yaml index 41cea0876da..77ee0401763 100644 --- a/http/cves/2015/CVE-2015-1000005.yaml +++ b/http/cves/2015/CVE-2015-1000005.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/446233e9-33b3-4024-9b7d-63f9bb1dafe0 - https://nvd.nist.gov/vuln/detail/CVE-2015-1000005 - http://www.vapidlabs.com/advisory.php?v=142 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-1000005 cwe-id: CWE-22 - epss-score: 0.05243 - epss-percentile: 0.92257 + epss-score: 0.047 + epss-percentile: 0.92455 cpe: cpe:2.3:a:candidate-application-form_project:candidate-application-form:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1000012.yaml b/http/cves/2015/CVE-2015-1000012.yaml index 91479daa893..782d8ccbe22 100644 --- a/http/cves/2015/CVE-2015-1000012.yaml +++ b/http/cves/2015/CVE-2015-1000012.yaml @@ -14,13 +14,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1000012 - http://www.vapidlabs.com/advisory.php?v=154 - https://nvd.nist.gov/vuln/detail/CVE-2015-1000012 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-1000012 cwe-id: CWE-200 - epss-score: 0.00773 - epss-percentile: 0.79326 + epss-score: 0.00689 + epss-percentile: 0.79673 cpe: cpe:2.3:a:mypixs_project:mypixs:0.3:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1427.yaml b/http/cves/2015/CVE-2015-1427.yaml index cec8d68f079..3c75ac31534 100644 --- a/http/cves/2015/CVE-2015-1427.yaml +++ b/http/cves/2015/CVE-2015-1427.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-1427 cwe-id: CWE-284 - epss-score: 0.8674 - epss-percentile: 0.98344 + epss-score: 0.85974 + epss-percentile: 0.98485 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-1503.yaml b/http/cves/2015/CVE-2015-1503.yaml index fd6ad96e582..3f662ae1e2e 100644 --- a/http/cves/2015/CVE-2015-1503.yaml +++ b/http/cves/2015/CVE-2015-1503.yaml @@ -14,13 +14,14 @@ info: - http://www.icewarp.com - https://nvd.nist.gov/vuln/detail/CVE-2015-1503 - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-001/?fid=5614 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-1503 cwe-id: CWE-22 epss-score: 0.90421 - epss-percentile: 0.98569 + epss-percentile: 0.98743 cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-1635.yaml b/http/cves/2015/CVE-2015-1635.yaml index 4068168fb3a..271814ca3b6 100644 --- a/http/cves/2015/CVE-2015-1635.yaml +++ b/http/cves/2015/CVE-2015-1635.yaml @@ -10,15 +10,19 @@ info: - https://www.exploit-db.com/exploits/36773 - https://www.securitysift.com/an-analysis-of-ms15-034/ - https://nvd.nist.gov/vuln/detail/CVE-2015-1635 + - http://www.securitytracker.com/id/1032109 + - https://github.com/b1gbroth3r/shoMe classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C - cvss-score: 10.0 - cwe-id: CWE-94 + cvss-score: 10 cve-id: CVE-2015-1635 + cwe-id: CWE-94 + epss-score: 0.97537 + epss-percentile: 0.99992 cpe: cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: microsoft product: windows_7 shodan-query: '"Microsoft-IIS" "2015"' diff --git a/http/cves/2015/CVE-2015-1880.yaml b/http/cves/2015/CVE-2015-1880.yaml index 462dbef98ce..5c80823b3b6 100644 --- a/http/cves/2015/CVE-2015-1880.yaml +++ b/http/cves/2015/CVE-2015-1880.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-1880 cwe-id: CWE-79 epss-score: 0.00201 - epss-percentile: 0.58021 + epss-percentile: 0.57435 cpe: cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-20067.yaml b/http/cves/2015/CVE-2015-20067.yaml index d80e4ecc956..80d78378b4b 100644 --- a/http/cves/2015/CVE-2015-20067.yaml +++ b/http/cves/2015/CVE-2015-20067.yaml @@ -13,16 +13,23 @@ info: - https://packetstormsecurity.com/files/132693/ - https://seclists.org/fulldisclosure/2015/Jul/73 - https://nvd.nist.gov/vuln/detail/CVE-2015-20067 + - https://github.com/ARPSyndicate/cvemon classification: - cve-id: CVE-2015-20067 cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 + cve-id: CVE-2015-20067 cwe-id: CWE-862 + epss-score: 0.07226 + epss-percentile: 0.93884 + cpe: cpe:2.3:a:wp_attachment_export_project:wp_attachment_export:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 verified: true + max-request: 2 + vendor: wp_attachment_export_project + product: wp_attachment_export + framework: wordpress google-query: inurl:"/wp-content/plugins/wp-attachment-export/" - tags: cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export,wpscan + tags: wpscan,packetstorm,seclists,cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export http: - method: GET diff --git a/http/cves/2015/CVE-2015-2067.yaml b/http/cves/2015/CVE-2015-2067.yaml index 4e151f6c0e9..117633441a4 100644 --- a/http/cves/2015/CVE-2015-2067.yaml +++ b/http/cves/2015/CVE-2015-2067.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/35996 - https://nvd.nist.gov/vuln/detail/CVE-2015-2067 - http://packetstormsecurity.com/files/130250/Magento-Server-MAGMI-Cross-Site-Scripting-Local-File-Inclusion.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2015-2067 cwe-id: CWE-22 - epss-score: 0.01003 - epss-percentile: 0.81971 + epss-score: 0.00709 + epss-percentile: 0.79991 cpe: cpe:2.3:a:magmi_project:magmi:-:*:*:*:*:magento_server:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2068.yaml b/http/cves/2015/CVE-2015-2068.yaml index 71f1f4d8888..4a6b0526162 100644 --- a/http/cves/2015/CVE-2015-2068.yaml +++ b/http/cves/2015/CVE-2015-2068.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-2068 cwe-id: CWE-79 epss-score: 0.00146 - epss-percentile: 0.50461 + epss-percentile: 0.4958 cpe: cpe:2.3:a:magmi_project:magmi:-:*:*:*:*:magento_server:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2080.yaml b/http/cves/2015/CVE-2015-2080.yaml index 9ffdbe96027..c5c75b79434 100644 --- a/http/cves/2015/CVE-2015-2080.yaml +++ b/http/cves/2015/CVE-2015-2080.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2015-2080 cwe-id: CWE-200 epss-score: 0.95465 - epss-percentile: 0.99229 + epss-percentile: 0.99329 cpe: cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2166.yaml b/http/cves/2015/CVE-2015-2166.yaml index a492c6a84c7..db3f8e572f5 100644 --- a/http/cves/2015/CVE-2015-2166.yaml +++ b/http/cves/2015/CVE-2015-2166.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-2166 cwe-id: CWE-22 epss-score: 0.23272 - epss-percentile: 0.96134 + epss-percentile: 0.96445 cpe: cpe:2.3:a:ericsson:drutt_mobile_service_delivery_platform:4.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2196.yaml b/http/cves/2015/CVE-2015-2196.yaml index 63f298cf26c..76ac2ae2e37 100644 --- a/http/cves/2015/CVE-2015-2196.yaml +++ b/http/cves/2015/CVE-2015-2196.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-2196 cwe-id: CWE-89 - epss-score: 0.0093 - epss-percentile: 0.8129 + epss-score: 0.0025 + epss-percentile: 0.6433 cpe: cpe:2.3:a:web-dorado:spider_calendar:1.4.9:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2755.yaml b/http/cves/2015/CVE-2015-2755.yaml index 1a2785e12d4..f334d13d7bb 100644 --- a/http/cves/2015/CVE-2015-2755.yaml +++ b/http/cves/2015/CVE-2015-2755.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2015-2755 cwe-id: CWE-352 - epss-score: 0.02569 - epss-percentile: 0.89129 + epss-score: 0.01828 + epss-percentile: 0.87952 cpe: cpe:2.3:a:ab_google_map_travel_project:ab_google_map_travel:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2807.yaml b/http/cves/2015/CVE-2015-2807.yaml index 99e09c93a49..dd0fd723e98 100644 --- a/http/cves/2015/CVE-2015-2807.yaml +++ b/http/cves/2015/CVE-2015-2807.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-2807 cwe-id: CWE-79 - epss-score: 0.00469 - epss-percentile: 0.73016 + epss-score: 0.00294 + epss-percentile: 0.68624 cpe: cpe:2.3:a:documentcloud:navis_documentcloud:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2996.yaml b/http/cves/2015/CVE-2015-2996.yaml index 60599a6db0d..70c597ee32b 100644 --- a/http/cves/2015/CVE-2015-2996.yaml +++ b/http/cves/2015/CVE-2015-2996.yaml @@ -15,13 +15,14 @@ info: - https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk - http://seclists.org/fulldisclosure/2015/Jun/8 - https://nvd.nist.gov/vuln/detail/CVE-2015-2996 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C cvss-score: 8.5 cve-id: CVE-2015-2996 cwe-id: CWE-22 epss-score: 0.77754 - epss-percentile: 0.97955 + epss-percentile: 0.98153 cpe: cpe:2.3:a:sysaid:sysaid:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-3224.yaml b/http/cves/2015/CVE-2015-3224.yaml index b9e4f534bb0..e48dd4a36ef 100644 --- a/http/cves/2015/CVE-2015-3224.yaml +++ b/http/cves/2015/CVE-2015-3224.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-3224 cwe-id: CWE-284 - epss-score: 0.94661 - epss-percentile: 0.99077 + epss-score: 0.92904 + epss-percentile: 0.98975 cpe: cpe:2.3:a:rubyonrails:web_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-3648.yaml b/http/cves/2015/CVE-2015-3648.yaml index dd0e5eaff45..a8dbae07167 100644 --- a/http/cves/2015/CVE-2015-3648.yaml +++ b/http/cves/2015/CVE-2015-3648.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-3648 cwe-id: CWE-22 epss-score: 0.02644 - epss-percentile: 0.89323 + epss-percentile: 0.90124 cpe: cpe:2.3:a:montala:resourcespace:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-3897.yaml b/http/cves/2015/CVE-2015-3897.yaml index 17bd671dc36..a8f87dbe1f1 100644 --- a/http/cves/2015/CVE-2015-3897.yaml +++ b/http/cves/2015/CVE-2015-3897.yaml @@ -14,13 +14,14 @@ info: - https://www.bonitasoft.com/ - https://nvd.nist.gov/vuln/detail/CVE-2015-3897 - https://www.htbridge.com/advisory/HTB23259 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2015-3897 cwe-id: CWE-22 epss-score: 0.83225 - epss-percentile: 0.98161 + epss-percentile: 0.98353 cpe: cpe:2.3:a:bonitasoft:bonita_bpm_portal:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-4050.yaml b/http/cves/2015/CVE-2015-4050.yaml index 51564dd4db6..a51cb7104fa 100644 --- a/http/cves/2015/CVE-2015-4050.yaml +++ b/http/cves/2015/CVE-2015-4050.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-4050 cwe-id: CWE-284 - epss-score: 0.00847 - epss-percentile: 0.80351 + epss-score: 0.00598 + epss-percentile: 0.77957 cpe: cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4063.yaml b/http/cves/2015/CVE-2015-4063.yaml index 3672e0d005b..2988a0a2ff8 100644 --- a/http/cves/2015/CVE-2015-4063.yaml +++ b/http/cves/2015/CVE-2015-4063.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4063 cwe-id: CWE-79 epss-score: 0.04016 - epss-percentile: 0.91211 + epss-percentile: 0.91867 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-4074.yaml b/http/cves/2015/CVE-2015-4074.yaml index fb815e61611..1c42c420b56 100644 --- a/http/cves/2015/CVE-2015-4074.yaml +++ b/http/cves/2015/CVE-2015-4074.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/37666/ - https://nvd.nist.gov/vuln/detail/CVE-2015-4074 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4074 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-4074 cwe-id: CWE-22 epss-score: 0.00598 - epss-percentile: 0.76066 + epss-percentile: 0.77961 cpe: cpe:2.3:a:helpdesk_pro_project:helpdesk_pro:*:*:*:*:*:joomla\!:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4414.yaml b/http/cves/2015/CVE-2015-4414.yaml index 8e8a4d502c4..6fad7beea75 100644 --- a/http/cves/2015/CVE-2015-4414.yaml +++ b/http/cves/2015/CVE-2015-4414.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4414 cwe-id: CWE-22 epss-score: 0.12486 - epss-percentile: 0.94945 + epss-percentile: 0.95299 cpe: cpe:2.3:a:se_html5_album_audio_player_project:se_html5_album_audio_player:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4666.yaml b/http/cves/2015/CVE-2015-4666.yaml index a23b5c6d9cc..10205cbb3bd 100644 --- a/http/cves/2015/CVE-2015-4666.yaml +++ b/http/cves/2015/CVE-2015-4666.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4666 cwe-id: CWE-22 epss-score: 0.02372 - epss-percentile: 0.8876 + epss-percentile: 0.89592 cpe: cpe:2.3:a:xceedium:xsuite:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4668.yaml b/http/cves/2015/CVE-2015-4668.yaml index 0763a918fe4..ca03f31ae1f 100644 --- a/http/cves/2015/CVE-2015-4668.yaml +++ b/http/cves/2015/CVE-2015-4668.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-4668 cwe-id: CWE-601 epss-score: 0.00397 - epss-percentile: 0.70835 + epss-percentile: 0.73024 cpe: cpe:2.3:a:xceedium:xsuite:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5461.yaml b/http/cves/2015/CVE-2015-5461.yaml index 9ce7d894125..89431931113 100644 --- a/http/cves/2015/CVE-2015-5461.yaml +++ b/http/cves/2015/CVE-2015-5461.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5461 cwe-id: NVD-CWE-Other epss-score: 0.0055 - epss-percentile: 0.75098 + epss-percentile: 0.77025 cpe: cpe:2.3:a:stageshow_project:stageshow:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5471.yaml b/http/cves/2015/CVE-2015-5471.yaml index ad6610c9082..7014c945e22 100644 --- a/http/cves/2015/CVE-2015-5471.yaml +++ b/http/cves/2015/CVE-2015-5471.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-5471 cwe-id: CWE-22 epss-score: 0.10406 - epss-percentile: 0.9448 + epss-percentile: 0.94855 cpe: cpe:2.3:a:swim_team_project:swim_team:1.44.10777:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5531.yaml b/http/cves/2015/CVE-2015-5531.yaml index 882a545815e..1559f4eb939 100644 --- a/http/cves/2015/CVE-2015-5531.yaml +++ b/http/cves/2015/CVE-2015-5531.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5531 cwe-id: CWE-22 epss-score: 0.97144 - epss-percentile: 0.99756 + epss-percentile: 0.99783 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2015/CVE-2015-7245.yaml b/http/cves/2015/CVE-2015-7245.yaml index 8578ee1b32c..875660acb32 100644 --- a/http/cves/2015/CVE-2015-7245.yaml +++ b/http/cves/2015/CVE-2015-7245.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-7245 cwe-id: CWE-22 epss-score: 0.96881 - epss-percentile: 0.99651 + epss-percentile: 0.99685 cpe: cpe:2.3:o:d-link:dvg-n5402sp_firmware:w1000cn-00:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-7377.yaml b/http/cves/2015/CVE-2015-7377.yaml index 43deba42183..575b5c3ffff 100644 --- a/http/cves/2015/CVE-2015-7377.yaml +++ b/http/cves/2015/CVE-2015-7377.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-7377 cwe-id: CWE-79 - epss-score: 0.00239 - epss-percentile: 0.61895 + epss-score: 0.00232 + epss-percentile: 0.60606 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-7450.yaml b/http/cves/2015/CVE-2015-7450.yaml index 2a5655690b0..5a3f0bf95e2 100644 --- a/http/cves/2015/CVE-2015-7450.yaml +++ b/http/cves/2015/CVE-2015-7450.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2015-7450 cwe-id: CWE-94 - epss-score: 0.9739 - epss-percentile: 0.99906 + epss-score: 0.97122 + epss-percentile: 0.99772 cpe: cpe:2.3:a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-7780.yaml b/http/cves/2015/CVE-2015-7780.yaml index f14dbe603d9..e682c9bd4be 100644 --- a/http/cves/2015/CVE-2015-7780.yaml +++ b/http/cves/2015/CVE-2015-7780.yaml @@ -14,13 +14,14 @@ info: - http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000185.html - http://jvn.jp/en/jp/JVN21968837/index.html - https://nvd.nist.gov/vuln/detail/CVE-2015-7780 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2015-7780 cwe-id: CWE-22 epss-score: 0.00151 - epss-percentile: 0.51228 + epss-percentile: 0.50407 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-8349.yaml b/http/cves/2015/CVE-2015-8349.yaml index 05349c35d4c..eee5eac6b7f 100644 --- a/http/cves/2015/CVE-2015-8349.yaml +++ b/http/cves/2015/CVE-2015-8349.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2015-8349 cwe-id: CWE-79 epss-score: 0.0013 - epss-percentile: 0.47768 + epss-percentile: 0.46975 cpe: cpe:2.3:a:gameconnect:sourcebans:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-9312.yaml b/http/cves/2015/CVE-2015-9312.yaml index ad33ddd316e..e94178cdb8e 100644 --- a/http/cves/2015/CVE-2015-9312.yaml +++ b/http/cves/2015/CVE-2015-9312.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-9312 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-9323.yaml b/http/cves/2015/CVE-2015-9323.yaml index 19774432aa2..b73cb212e70 100644 --- a/http/cves/2015/CVE-2015-9323.yaml +++ b/http/cves/2015/CVE-2015-9323.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/61586816-dd2b-461d-975f-1989502affd9 - http://cinu.pl/research/wp-plugins/mail_e28f19a8f03f0517f94cb9fea15d8525.html - https://wordpress.org/plugins/404-to-301/#developers + - https://github.com/Enes4xd/Enes4xd + - https://github.com/Hacker5preme/Exploits classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2015-9323 cwe-id: CWE-89 epss-score: 0.00869 - epss-percentile: 0.80542 + epss-percentile: 0.82013 cpe: cpe:2.3:a:duckdev:404_to_301:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-9480.yaml b/http/cves/2015/CVE-2015-9480.yaml index c216bad92e6..53a2be068f5 100644 --- a/http/cves/2015/CVE-2015-9480.yaml +++ b/http/cves/2015/CVE-2015-9480.yaml @@ -12,13 +12,14 @@ info: reference: - https://www.exploit-db.com/exploits/37252 - https://nvd.nist.gov/vuln/detail/CVE-2015-9480 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-9480 cwe-id: CWE-22 - epss-score: 0.37884 - epss-percentile: 0.96862 + epss-score: 0.57022 + epss-percentile: 0.97634 cpe: cpe:2.3:a:robot-cpa:robotcpa:5:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-0957.yaml b/http/cves/2016/CVE-2016-0957.yaml index 9938fb91a56..ab39ae3f4e7 100644 --- a/http/cves/2016/CVE-2016-0957.yaml +++ b/http/cves/2016/CVE-2016-0957.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2016-0957 epss-score: 0.03344 - epss-percentile: 0.90435 + epss-percentile: 0.91144 cpe: cpe:2.3:a:adobe:dispatcher:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000126.yaml b/http/cves/2016/CVE-2016-1000126.yaml index 569ad75a862..b9fb82d3191 100644 --- a/http/cves/2016/CVE-2016-1000126.yaml +++ b/http/cves/2016/CVE-2016-1000126.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000126 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:admin-font-editor_project:admin-font-editor:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000129.yaml b/http/cves/2016/CVE-2016-1000129.yaml index 53ddfef768f..2a8f576b92a 100644 --- a/http/cves/2016/CVE-2016-1000129.yaml +++ b/http/cves/2016/CVE-2016-1000129.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000129 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:defa-online-image-protector_project:defa-online-image-protector:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000131.yaml b/http/cves/2016/CVE-2016-1000131.yaml index 6c458b323d7..dbf5a6f29ce 100644 --- a/http/cves/2016/CVE-2016-1000131.yaml +++ b/http/cves/2016/CVE-2016-1000131.yaml @@ -13,13 +13,14 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=393 - https://wordpress.org/plugins/e-search - https://nvd.nist.gov/vuln/detail/CVE-2016-1000131 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000131 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41115 + epss-percentile: 0.40457 cpe: cpe:2.3:a:e-search_project:esearch:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000132.yaml b/http/cves/2016/CVE-2016-1000132.yaml index b1a992e4a54..8c37974d95d 100644 --- a/http/cves/2016/CVE-2016-1000132.yaml +++ b/http/cves/2016/CVE-2016-1000132.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000132 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45239 + epss-percentile: 0.44389 cpe: cpe:2.3:a:cminds:tooltip_glossary:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000133.yaml b/http/cves/2016/CVE-2016-1000133.yaml index 50883a00e1f..8a4ca435c49 100644 --- a/http/cves/2016/CVE-2016-1000133.yaml +++ b/http/cves/2016/CVE-2016-1000133.yaml @@ -13,13 +13,14 @@ info: - https://wordpress.org/plugins/forget-about-shortcode-buttons - http://www.vapidlabs.com/wp/wp_advisory.php?v=602 - https://nvd.nist.gov/vuln/detail/CVE-2016-1000133 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000133 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.49767 + epss-percentile: 0.48963 cpe: cpe:2.3:a:designsandcode:forget_about_shortcode_buttons:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000135.yaml b/http/cves/2016/CVE-2016-1000135.yaml index 9c9937afac6..a56972e594a 100644 --- a/http/cves/2016/CVE-2016-1000135.yaml +++ b/http/cves/2016/CVE-2016-1000135.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2016-1000135 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41177 + epss-percentile: 0.40457 cpe: cpe:2.3:a:hdw-tube_project:hdw-tube:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000137.yaml b/http/cves/2016/CVE-2016-1000137.yaml index 36bb49128b8..eff4328c1bb 100644 --- a/http/cves/2016/CVE-2016-1000137.yaml +++ b/http/cves/2016/CVE-2016-1000137.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000137 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41177 + epss-percentile: 0.40457 cpe: cpe:2.3:a:hero-maps-pro_project:hero-maps-pro:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000139.yaml b/http/cves/2016/CVE-2016-1000139.yaml index 8ec400b119f..cd49c560e4f 100644 --- a/http/cves/2016/CVE-2016-1000139.yaml +++ b/http/cves/2016/CVE-2016-1000139.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000139 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45239 + epss-percentile: 0.44389 cpe: cpe:2.3:a:infusionsoft_project:infusionsoft:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000141.yaml b/http/cves/2016/CVE-2016-1000141.yaml index 3c221256a35..25fe9f167aa 100644 --- a/http/cves/2016/CVE-2016-1000141.yaml +++ b/http/cves/2016/CVE-2016-1000141.yaml @@ -12,13 +12,14 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=358 - https://nvd.nist.gov/vuln/detail/CVE-2016-1000141 - https://wordpress.org/plugins/page-layout-builder + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000141 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.49767 + epss-percentile: 0.48963 cpe: cpe:2.3:a:page-layout-builder_project:page-layout-builder:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000142.yaml b/http/cves/2016/CVE-2016-1000142.yaml index e1dc5cbef2a..93cf7c25239 100644 --- a/http/cves/2016/CVE-2016-1000142.yaml +++ b/http/cves/2016/CVE-2016-1000142.yaml @@ -14,13 +14,14 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=435 - https://wordpress.org/plugins/parsi-font - https://nvd.nist.gov/vuln/detail/CVE-2016-1000142 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000142 cwe-id: CWE-79 epss-score: 0.00103 - epss-percentile: 0.415 + epss-percentile: 0.40793 cpe: cpe:2.3:a:parsi-font_project:parsi-font:4.2.5:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000143.yaml b/http/cves/2016/CVE-2016-1000143.yaml index b0d62449d47..b8238c16d42 100644 --- a/http/cves/2016/CVE-2016-1000143.yaml +++ b/http/cves/2016/CVE-2016-1000143.yaml @@ -13,13 +13,15 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=780 - https://wordpress.org/plugins/photoxhibit - https://nvd.nist.gov/vuln/detail/CVE-2016-1000143 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000143 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.49767 + epss-percentile: 0.48963 cpe: cpe:2.3:a:photoxhibit_project:photoxhibit:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000148.yaml b/http/cves/2016/CVE-2016-1000148.yaml index 34588454b1e..4645bea64a3 100644 --- a/http/cves/2016/CVE-2016-1000148.yaml +++ b/http/cves/2016/CVE-2016-1000148.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000148 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:s3-video_project:s3-video:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000149.yaml b/http/cves/2016/CVE-2016-1000149.yaml index 092ccf716a0..aa79851c168 100644 --- a/http/cves/2016/CVE-2016-1000149.yaml +++ b/http/cves/2016/CVE-2016-1000149.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000149 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:simpel-reserveren_project:simpel-reserveren:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000153.yaml b/http/cves/2016/CVE-2016-1000153.yaml index 25b895f5092..f503872328b 100644 --- a/http/cves/2016/CVE-2016-1000153.yaml +++ b/http/cves/2016/CVE-2016-1000153.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2016-1000153 - http://www.vapidlabs.com/wp/wp_advisory.php?v=427 - https://wordpress.org/plugins/tidio-gallery + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000153 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41115 + epss-percentile: 0.40457 cpe: cpe:2.3:a:tidio-gallery_project:tidio-gallery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000155.yaml b/http/cves/2016/CVE-2016-1000155.yaml index ac04e2990f2..72f756ade00 100644 --- a/http/cves/2016/CVE-2016-1000155.yaml +++ b/http/cves/2016/CVE-2016-1000155.yaml @@ -11,13 +11,15 @@ info: - https://wordpress.org/plugins/wpsolr-search-engine - http://www.vapidlabs.com/wp/wp_advisory.php?v=303 - https://nvd.nist.gov/vuln/detail/CVE-2016-1000155 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000155 cwe-id: CWE-79 epss-score: 0.00103 - epss-percentile: 0.415 + epss-percentile: 0.40793 cpe: cpe:2.3:a:wpsolr:wpsolr-search-engine:7.6:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10033.yaml b/http/cves/2016/CVE-2016-10033.yaml index f4cb9af7296..2563377bcf3 100644 --- a/http/cves/2016/CVE-2016-10033.yaml +++ b/http/cves/2016/CVE-2016-10033.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2016-10033 - cwe-id: CWE-77 - epss-score: 0.97455 - epss-percentile: 0.99951 + cwe-id: CWE-88 + epss-score: 0.97129 + epss-percentile: 0.99775 cpe: cpe:2.3:a:phpmailer_project:phpmailer:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2016/CVE-2016-10134.yaml b/http/cves/2016/CVE-2016-10134.yaml index db0b7f51431..6d862ce5011 100644 --- a/http/cves/2016/CVE-2016-10134.yaml +++ b/http/cves/2016/CVE-2016-10134.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-10134 cwe-id: CWE-89 epss-score: 0.05366 - epss-percentile: 0.92355 + epss-percentile: 0.92931 cpe: cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10367.yaml b/http/cves/2016/CVE-2016-10367.yaml index 0aae5c20897..4be466ce487 100644 --- a/http/cves/2016/CVE-2016-10367.yaml +++ b/http/cves/2016/CVE-2016-10367.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2016-10367 cwe-id: CWE-22 - epss-score: 0.01346 - epss-percentile: 0.84712 + epss-score: 0.00521 + epss-percentile: 0.76355 cpe: cpe:2.3:a:opsview:opsview:4.5.0:*:*:*:pro:*:*:* metadata: verified: true diff --git a/http/cves/2016/CVE-2016-10368.yaml b/http/cves/2016/CVE-2016-10368.yaml index c63298f0e1c..3fa9de418aa 100644 --- a/http/cves/2016/CVE-2016-10368.yaml +++ b/http/cves/2016/CVE-2016-10368.yaml @@ -14,13 +14,15 @@ info: - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18774 - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-016/?fid=8341 - https://nvd.nist.gov/vuln/detail/CVE-2016-10368 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-10368 cwe-id: CWE-601 - epss-score: 0.00179 - epss-percentile: 0.55112 + epss-score: 0.00204 + epss-percentile: 0.57743 cpe: cpe:2.3:a:opsview:opsview:4.5.0:*:*:*:pro:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10940.yaml b/http/cves/2016/CVE-2016-10940.yaml index 67230e31f12..25729e34c02 100644 --- a/http/cves/2016/CVE-2016-10940.yaml +++ b/http/cves/2016/CVE-2016-10940.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2016-10940 cwe-id: CWE-89 - epss-score: 0.00755 - epss-percentile: 0.79034 + epss-score: 0.00776 + epss-percentile: 0.80947 cpe: cpe:2.3:a:zm-gallery_project:zm-gallery:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2016/CVE-2016-10960.yaml b/http/cves/2016/CVE-2016-10960.yaml index c435e12321e..247a8066c72 100644 --- a/http/cves/2016/CVE-2016-10960.yaml +++ b/http/cves/2016/CVE-2016-10960.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-10960 cwe-id: CWE-20 epss-score: 0.01469 - epss-percentile: 0.85404 + epss-percentile: 0.86457 cpe: cpe:2.3:a:joomlaserviceprovider:wsecure:*:*:*:*:lite:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1555.yaml b/http/cves/2016/CVE-2016-1555.yaml index 94c50ef0d41..394b240e505 100644 --- a/http/cves/2016/CVE-2016-1555.yaml +++ b/http/cves/2016/CVE-2016-1555.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2016-1555 cwe-id: CWE-77 - epss-score: 0.97354 - epss-percentile: 0.99883 + epss-score: 0.97373 + epss-percentile: 0.99898 cpe: cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-3088.yaml b/http/cves/2016/CVE-2016-3088.yaml index 761b595d41c..d981578b0c6 100644 --- a/http/cves/2016/CVE-2016-3088.yaml +++ b/http/cves/2016/CVE-2016-3088.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-3088 cwe-id: CWE-20 epss-score: 0.83955 - epss-percentile: 0.98197 + epss-percentile: 0.98392 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2016/CVE-2016-4977.yaml b/http/cves/2016/CVE-2016-4977.yaml index 94f333abf42..6ab9a1e388a 100644 --- a/http/cves/2016/CVE-2016-4977.yaml +++ b/http/cves/2016/CVE-2016-4977.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2016-4977 cwe-id: CWE-19 epss-score: 0.03345 - epss-percentile: 0.90401 + epss-percentile: 0.91147 cpe: cpe:2.3:a:pivotal:spring_security_oauth:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-6195.yaml b/http/cves/2016/CVE-2016-6195.yaml index aa9a2ea11ca..4fd09a239db 100644 --- a/http/cves/2016/CVE-2016-6195.yaml +++ b/http/cves/2016/CVE-2016-6195.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2016-6195 cwe-id: CWE-89 epss-score: 0.00284 - epss-percentile: 0.65416 + epss-percentile: 0.68042 cpe: cpe:2.3:a:vbulletin:vbulletin:*:patch_level_4:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2016/CVE-2016-6277.yaml b/http/cves/2016/CVE-2016-6277.yaml index 9cf55fbc070..e2e083a5366 100644 --- a/http/cves/2016/CVE-2016-6277.yaml +++ b/http/cves/2016/CVE-2016-6277.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-6277 cwe-id: CWE-352 epss-score: 0.97471 - epss-percentile: 0.99961 + epss-percentile: 0.99962 cpe: cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-7552.yaml b/http/cves/2016/CVE-2016-7552.yaml index fdb4b19feb7..f08309f29f0 100644 --- a/http/cves/2016/CVE-2016-7552.yaml +++ b/http/cves/2016/CVE-2016-7552.yaml @@ -13,13 +13,15 @@ info: - https://gist.github.com/malerisch/5de8b408443ee9253b3954a62a8d97b4 - https://nvd.nist.gov/vuln/detail/CVE-2016-7552 - https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2016-7552 cwe-id: CWE-22 - epss-score: 0.97004 - epss-percentile: 0.99686 + epss-score: 0.96711 + epss-percentile: 0.99632 cpe: cpe:2.3:a:trendmicro:threat_discovery_appliance:2.6.1062:r1:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-7834.yaml b/http/cves/2016/CVE-2016-7834.yaml index d04c7f1f30a..85ce8596da2 100644 --- a/http/cves/2016/CVE-2016-7834.yaml +++ b/http/cves/2016/CVE-2016-7834.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2016-7834 cwe-id: CWE-200 - epss-score: 0.00202 - epss-percentile: 0.58146 + epss-score: 0.00186 + epss-percentile: 0.55032 cpe: cpe:2.3:o:sony:snc_series_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-0929.yaml b/http/cves/2017/CVE-2017-0929.yaml index 9b710acdba1..da334b7b075 100644 --- a/http/cves/2017/CVE-2017-0929.yaml +++ b/http/cves/2017/CVE-2017-0929.yaml @@ -13,13 +13,15 @@ info: - https://hackerone.com/reports/482634 - https://nvd.nist.gov/vuln/detail/CVE-2017-0929 - https://github.com/dnnsoftware/Dnn.Platform/commit/d3953db85fee77bb5e6383747692c507ef8b94c3 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-0929 cwe-id: CWE-918 epss-score: 0.00753 - epss-percentile: 0.78998 + epss-percentile: 0.80628 cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-1000163.yaml b/http/cves/2017/CVE-2017-1000163.yaml index 6948d4b0ac0..cffe2e0723a 100644 --- a/http/cves/2017/CVE-2017-1000163.yaml +++ b/http/cves/2017/CVE-2017-1000163.yaml @@ -13,13 +13,14 @@ info: - https://elixirforum.com/t/security-releases-for-phoenix/4143 - https://vuldb.com/?id.109587 - https://nvd.nist.gov/vuln/detail/CVE-2017-1000163 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-1000163 cwe-id: CWE-601 - epss-score: 0.00154 - epss-percentile: 0.51591 + epss-score: 0.00186 + epss-percentile: 0.55009 cpe: cpe:2.3:a:phoenixframework:phoenix:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-1000486.yaml b/http/cves/2017/CVE-2017-1000486.yaml index 5772c0f03c8..c80d2c36f2c 100644 --- a/http/cves/2017/CVE-2017-1000486.yaml +++ b/http/cves/2017/CVE-2017-1000486.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-1000486 cwe-id: CWE-326 epss-score: 0.97013 - epss-percentile: 0.99696 + epss-percentile: 0.99726 cpe: cpe:2.3:a:primetek:primefaces:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-10974.yaml b/http/cves/2017/CVE-2017-10974.yaml index 95b698e2cc1..bc28c0701ef 100644 --- a/http/cves/2017/CVE-2017-10974.yaml +++ b/http/cves/2017/CVE-2017-10974.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-10974 - http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt - https://www.exploit-db.com/exploits/42303/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-10974 cwe-id: CWE-22 epss-score: 0.96161 - epss-percentile: 0.99386 + epss-percentile: 0.9947 cpe: cpe:2.3:a:yaws:yaws:1.91:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-11512.yaml b/http/cves/2017/CVE-2017-11512.yaml index af3af351b80..67aa579107b 100644 --- a/http/cves/2017/CVE-2017-11512.yaml +++ b/http/cves/2017/CVE-2017-11512.yaml @@ -14,13 +14,15 @@ info: - https://exploit.kitploit.com/2017/11/manageengine-servicedesk-cve-2017-11512.html - https://www.tenable.com/security/research/tra-2017-31 - https://nvd.nist.gov/vuln/detail/CVE-2017-11512 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-11512 cwe-id: CWE-22 epss-score: 0.97175 - epss-percentile: 0.99771 + epss-percentile: 0.99794 cpe: cpe:2.3:a:manageengine:servicedesk:9.3.9328:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-11610.yaml b/http/cves/2017/CVE-2017-11610.yaml index d254b853d74..5fb1799904c 100644 --- a/http/cves/2017/CVE-2017-11610.yaml +++ b/http/cves/2017/CVE-2017-11610.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2017-11610 cwe-id: CWE-276 - epss-score: 0.97438 - epss-percentile: 0.99943 + epss-score: 0.97449 + epss-percentile: 0.99947 cpe: cpe:2.3:a:supervisord:supervisor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-11629.yaml b/http/cves/2017/CVE-2017-11629.yaml index ef19e3ba70c..3033bcf95cb 100644 --- a/http/cves/2017/CVE-2017-11629.yaml +++ b/http/cves/2017/CVE-2017-11629.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-11629 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40862 + epss-percentile: 0.40119 cpe: cpe:2.3:a:finecms:finecms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-12138.yaml b/http/cves/2017/CVE-2017-12138.yaml index 8c27d083d9f..b2b3df4452d 100644 --- a/http/cves/2017/CVE-2017-12138.yaml +++ b/http/cves/2017/CVE-2017-12138.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12138 cwe-id: CWE-601 epss-score: 0.00062 - epss-percentile: 0.24374 + epss-percentile: 0.24419 cpe: cpe:2.3:a:xoops:xoops:2.5.8:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-12149.yaml b/http/cves/2017/CVE-2017-12149.yaml index c83c2a473a4..7b68ef55d24 100644 --- a/http/cves/2017/CVE-2017-12149.yaml +++ b/http/cves/2017/CVE-2017-12149.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12149 cwe-id: CWE-502 epss-score: 0.9719 - epss-percentile: 0.99785 + epss-percentile: 0.99802 cpe: cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2017/CVE-2017-12542.yaml b/http/cves/2017/CVE-2017-12542.yaml index 62271ebd02b..9007c2a6277 100644 --- a/http/cves/2017/CVE-2017-12542.yaml +++ b/http/cves/2017/CVE-2017-12542.yaml @@ -20,7 +20,7 @@ info: cvss-score: 10 cve-id: CVE-2017-12542 epss-score: 0.97224 - epss-percentile: 0.99807 + epss-percentile: 0.99822 cpe: cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12544.yaml b/http/cves/2017/CVE-2017-12544.yaml index 1538d69f3a2..85cc74f98f7 100644 --- a/http/cves/2017/CVE-2017-12544.yaml +++ b/http/cves/2017/CVE-2017-12544.yaml @@ -14,13 +14,14 @@ info: - http://web.archive.org/web/20211206092413/https://securitytracker.com/id/1039437 - https://nvd.nist.gov/vuln/detail/CVE-2017-12544 - http://www.securitytracker.com/id/1039437 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2017-12544 cwe-id: CWE-79 epss-score: 0.96723 - epss-percentile: 0.99581 + epss-percentile: 0.99637 cpe: cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12583.yaml b/http/cves/2017/CVE-2017-12583.yaml index a60790f63ce..07e9ecce35d 100644 --- a/http/cves/2017/CVE-2017-12583.yaml +++ b/http/cves/2017/CVE-2017-12583.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2017-12583 cwe-id: CWE-79 - epss-score: 0.001 - epss-percentile: 0.40862 + epss-score: 0.00117 + epss-percentile: 0.44712 cpe: cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12615.yaml b/http/cves/2017/CVE-2017-12615.yaml index a80aad1528b..8c8aa44ff7d 100644 --- a/http/cves/2017/CVE-2017-12615.yaml +++ b/http/cves/2017/CVE-2017-12615.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2017-12615 cwe-id: CWE-434 - epss-score: 0.96859 - epss-percentile: 0.99641 + epss-score: 0.96878 + epss-percentile: 0.99684 cpe: cpe:2.3:a:apache:tomcat:7.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-12617.yaml b/http/cves/2017/CVE-2017-12617.yaml index 77e72622684..eb3df317d55 100644 --- a/http/cves/2017/CVE-2017-12617.yaml +++ b/http/cves/2017/CVE-2017-12617.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: "CVE-2017-12617" cwe-id: CWE-434 - epss-score: 0.97479 - epss-percentile: 0.99965 + epss-score: 0.97533 + epss-percentile: 0.99992 cpe: cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2017/CVE-2017-12629.yaml b/http/cves/2017/CVE-2017-12629.yaml index 66505bfda55..02e7735924e 100644 --- a/http/cves/2017/CVE-2017-12629.yaml +++ b/http/cves/2017/CVE-2017-12629.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-12629 cwe-id: CWE-611 - epss-score: 0.97438 - epss-percentile: 0.99942 + epss-score: 0.97417 + epss-percentile: 0.99925 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-12635.yaml b/http/cves/2017/CVE-2017-12635.yaml index 187d00c1093..236d08991a0 100644 --- a/http/cves/2017/CVE-2017-12635.yaml +++ b/http/cves/2017/CVE-2017-12635.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-12635 cwe-id: CWE-269 - epss-score: 0.97413 - epss-percentile: 0.99922 + epss-score: 0.97348 + epss-percentile: 0.99889 cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12637.yaml b/http/cves/2017/CVE-2017-12637.yaml index bb5069d746c..35e7473de65 100644 --- a/http/cves/2017/CVE-2017-12637.yaml +++ b/http/cves/2017/CVE-2017-12637.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12637 cwe-id: CWE-22 epss-score: 0.00648 - epss-percentile: 0.77145 + epss-percentile: 0.78875 cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14135.yaml b/http/cves/2017/CVE-2017-14135.yaml index 5806daa0e84..39f1c881ea6 100644 --- a/http/cves/2017/CVE-2017-14135.yaml +++ b/http/cves/2017/CVE-2017-14135.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/42293 - https://nvd.nist.gov/vuln/detail/CVE-2017-14135 - https://the-infosec.com/2017/07/05/from-shodan-to-rce-opendreambox-2-0-0-code-execution/ + - https://github.com/qazbnm456/awesome-cve-poc classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-14135 cwe-id: CWE-78 epss-score: 0.96679 - epss-percentile: 0.99564 + epss-percentile: 0.99625 cpe: cpe:2.3:a:dreambox:opendreambox:2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14622.yaml b/http/cves/2017/CVE-2017-14622.yaml index c9968fdf62f..a9b1706d2e3 100644 --- a/http/cves/2017/CVE-2017-14622.yaml +++ b/http/cves/2017/CVE-2017-14622.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/2kb-amazon-affiliates-store/#developers - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14622 - https://nvd.nist.gov/vuln/detail/CVE-2017-14622 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-14622 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48536 + epss-percentile: 0.47816 cpe: cpe:2.3:a:2kblater:2kb_amazon_affiliates_store:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-14651.yaml b/http/cves/2017/CVE-2017-14651.yaml index 7e7d6780cc2..f63ba096054 100644 --- a/http/cves/2017/CVE-2017-14651.yaml +++ b/http/cves/2017/CVE-2017-14651.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-14651 cwe-id: CWE-79 epss-score: 0.00144 - epss-percentile: 0.50224 + epss-percentile: 0.49339 cpe: cpe:2.3:a:wso2:api_manager:2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-15287.yaml b/http/cves/2017/CVE-2017-15287.yaml index 4a3e51a1c2a..707efd74482 100644 --- a/http/cves/2017/CVE-2017-15287.yaml +++ b/http/cves/2017/CVE-2017-15287.yaml @@ -14,13 +14,14 @@ info: - https://fireshellsecurity.team/assets/pdf/Vulnerability-XSS-Dreambox.pdf - https://www.exploit-db.com/exploits/42986/ - https://nvd.nist.gov/vuln/detail/CVE-2017-15287 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-15287 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47426 + epss-percentile: 0.46737 cpe: cpe:2.3:a:bouqueteditor_project:bouqueteditor:2.0.0:*:*:*:*:dreambox:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-15363.yaml b/http/cves/2017/CVE-2017-15363.yaml index efa3d6c4952..04ce36933bf 100644 --- a/http/cves/2017/CVE-2017-15363.yaml +++ b/http/cves/2017/CVE-2017-15363.yaml @@ -14,13 +14,14 @@ info: - https://extensions.typo3.org/extension/restler/ - https://extensions.typo3.org/extension/download/restler/1.7.1/zip/ - https://nvd.nist.gov/vuln/detail/CVE-2017-15363 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-15363 cwe-id: CWE-22 epss-score: 0.04393 - epss-percentile: 0.91525 + epss-percentile: 0.92189 cpe: cpe:2.3:a:luracast:restler:*:*:*:*:*:typo3:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-15944.yaml b/http/cves/2017/CVE-2017-15944.yaml index 372b7f6fa18..b45d6f398ab 100644 --- a/http/cves/2017/CVE-2017-15944.yaml +++ b/http/cves/2017/CVE-2017-15944.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2017-15944 epss-score: 0.97314 - epss-percentile: 0.99861 + epss-percentile: 0.99866 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-16806.yaml b/http/cves/2017/CVE-2017-16806.yaml index 3197a624fa9..0de260dce19 100644 --- a/http/cves/2017/CVE-2017-16806.yaml +++ b/http/cves/2017/CVE-2017-16806.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-16806 - https://github.com/Ulterius/server/commit/770d1821de43cf1d0a93c79025995bdd812a76ee - https://www.exploit-db.com/exploits/43141/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-16806 cwe-id: CWE-22 epss-score: 0.07105 - epss-percentile: 0.93332 + epss-percentile: 0.93842 cpe: cpe:2.3:a:ulterius:ulterius_server:1.5.6.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-16894.yaml b/http/cves/2017/CVE-2017-16894.yaml index 897b6978713..c1662a4f357 100644 --- a/http/cves/2017/CVE-2017-16894.yaml +++ b/http/cves/2017/CVE-2017-16894.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-16894 cwe-id: CWE-200 epss-score: 0.11608 - epss-percentile: 0.94783 + epss-percentile: 0.95145 cpe: cpe:2.3:a:laravel:laravel:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-17043.yaml b/http/cves/2017/CVE-2017-17043.yaml index 693cf10ef09..2a20b7fcd1b 100644 --- a/http/cves/2017/CVE-2017-17043.yaml +++ b/http/cves/2017/CVE-2017-17043.yaml @@ -14,13 +14,14 @@ info: - https://packetstormsecurity.com/files/145060/wpemagmc10-xss.txt - https://wpvulndb.com/vulnerabilities/8964 - https://nvd.nist.gov/vuln/detail/CVE-2017-17043 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-17043 cwe-id: CWE-79 epss-score: 0.00245 - epss-percentile: 0.62474 + epss-percentile: 0.63923 cpe: cpe:2.3:a:zitec:emag_marketplace_connector:1.0.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-17562.yaml b/http/cves/2017/CVE-2017-17562.yaml index 131d83b131e..c8b08c24754 100644 --- a/http/cves/2017/CVE-2017-17562.yaml +++ b/http/cves/2017/CVE-2017-17562.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2017-17562 cwe-id: CWE-20 - epss-score: 0.97455 - epss-percentile: 0.99953 + epss-score: 0.97436 + epss-percentile: 0.9994 cpe: cpe:2.3:a:embedthis:goahead:*:*:*:*:*:*:*:* metadata: max-request: 65 diff --git a/http/cves/2017/CVE-2017-17731.yaml b/http/cves/2017/CVE-2017-17731.yaml index c3729e86d85..9de36a3609d 100644 --- a/http/cves/2017/CVE-2017-17731.yaml +++ b/http/cves/2017/CVE-2017-17731.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-17731 - https://blog.csdn.net/nixawk/article/details/24982851 - https://github.com/Lucifer1993/AngelSword/blob/232258e42201373fef1f323864366dc1499581fc/cms/dedecms/dedecms_recommend_sqli.py#L25 + - https://github.com/20142995/Goby classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-17731 cwe-id: CWE-89 - epss-score: 0.20241 - epss-percentile: 0.95907 + epss-score: 0.02129 + epss-percentile: 0.88972 cpe: cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-17736.yaml b/http/cves/2017/CVE-2017-17736.yaml index e21d5cbe281..a15ea68987f 100644 --- a/http/cves/2017/CVE-2017-17736.yaml +++ b/http/cves/2017/CVE-2017-17736.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/ghdb/5694 - https://nvd.nist.gov/vuln/detail/CVE-2017-17736 - https://blog.hivint.com/advisory-access-control-bypass-in-kentico-cms-cve-2017-17736-49e1e43ae55b + - https://github.com/0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-17736 cwe-id: CWE-425 epss-score: 0.1483 - epss-percentile: 0.95265 + epss-percentile: 0.95656 cpe: cpe:2.3:a:kentico:kentico_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18024.yaml b/http/cves/2017/CVE-2017-18024.yaml index 8b4f0896729..fe8d80f7157 100644 --- a/http/cves/2017/CVE-2017-18024.yaml +++ b/http/cves/2017/CVE-2017-18024.yaml @@ -13,13 +13,15 @@ info: - https://hackerone.com/reports/963798 - http://packetstormsecurity.com/files/145776/AvantFAX-3.3.3-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2017-18024 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/NarbehJackson/Java-Xss-minitwit16 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-18024 cwe-id: CWE-79 epss-score: 0.00074 - epss-percentile: 0.30437 + epss-percentile: 0.30209 cpe: cpe:2.3:a:avantfax:avantfax:3.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-18487.yaml b/http/cves/2017/CVE-2017-18487.yaml index d81ce7f8f4b..e175926f614 100644 --- a/http/cves/2017/CVE-2017-18487.yaml +++ b/http/cves/2017/CVE-2017-18487.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18487 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:google_adsense_project:google_adsense:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18490.yaml b/http/cves/2017/CVE-2017-18490.yaml index 960bb121096..3d8627b8990 100644 --- a/http/cves/2017/CVE-2017-18490.yaml +++ b/http/cves/2017/CVE-2017-18490.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18490 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form_multi:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18491.yaml b/http/cves/2017/CVE-2017-18491.yaml index 448c3f6d767..bdb354e685c 100644 --- a/http/cves/2017/CVE-2017-18491.yaml +++ b/http/cves/2017/CVE-2017-18491.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18491 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18492.yaml b/http/cves/2017/CVE-2017-18492.yaml index 2040e6334b1..6b0e63cf456 100644 --- a/http/cves/2017/CVE-2017-18492.yaml +++ b/http/cves/2017/CVE-2017-18492.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18492 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form_to_db:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18493.yaml b/http/cves/2017/CVE-2017-18493.yaml index 0715af85c45..0454567bf88 100644 --- a/http/cves/2017/CVE-2017-18493.yaml +++ b/http/cves/2017/CVE-2017-18493.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18493 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:custom_admin_page:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18500.yaml b/http/cves/2017/CVE-2017-18500.yaml index 5d49b576fe7..b4fd8d439e9 100644 --- a/http/cves/2017/CVE-2017-18500.yaml +++ b/http/cves/2017/CVE-2017-18500.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18500 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.61251 + epss-percentile: 0.60522 cpe: cpe:2.3:a:bestwebsoft:social_buttons_pack:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18501.yaml b/http/cves/2017/CVE-2017-18501.yaml index bcf315f73ef..cf3af0b4bd1 100644 --- a/http/cves/2017/CVE-2017-18501.yaml +++ b/http/cves/2017/CVE-2017-18501.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18501 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.6132 + epss-percentile: 0.60522 cpe: cpe:2.3:a:bestwebsoft:social_login:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18505.yaml b/http/cves/2017/CVE-2017-18505.yaml index aa7792ebd3d..6cc152b43f7 100644 --- a/http/cves/2017/CVE-2017-18505.yaml +++ b/http/cves/2017/CVE-2017-18505.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18505 cwe-id: CWE-79 epss-score: 0.00163 - epss-percentile: 0.52929 + epss-percentile: 0.51969 cpe: cpe:2.3:a:bestwebsoft:twitter_button:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18518.yaml b/http/cves/2017/CVE-2017-18518.yaml index 6ee9d3e9d27..1b75f7fa588 100644 --- a/http/cves/2017/CVE-2017-18518.yaml +++ b/http/cves/2017/CVE-2017-18518.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18518 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:smtp:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18528.yaml b/http/cves/2017/CVE-2017-18528.yaml index 9b6ceaf9e6a..8b54371ff98 100644 --- a/http/cves/2017/CVE-2017-18528.yaml +++ b/http/cves/2017/CVE-2017-18528.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18528 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:pdf_\&_print:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18529.yaml b/http/cves/2017/CVE-2017-18529.yaml index 8505e76ddf2..8ad39e490a2 100644 --- a/http/cves/2017/CVE-2017-18529.yaml +++ b/http/cves/2017/CVE-2017-18529.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18529 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:promobar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18532.yaml b/http/cves/2017/CVE-2017-18532.yaml index e37f21c3ea9..9a927c65b22 100644 --- a/http/cves/2017/CVE-2017-18532.yaml +++ b/http/cves/2017/CVE-2017-18532.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18532 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:realty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18537.yaml b/http/cves/2017/CVE-2017-18537.yaml index fe22fe34a8e..bce7b19faf2 100644 --- a/http/cves/2017/CVE-2017-18537.yaml +++ b/http/cves/2017/CVE-2017-18537.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18537 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:visitors_online:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18542.yaml b/http/cves/2017/CVE-2017-18542.yaml index 9165d6bff74..8b5c5fffb03 100644 --- a/http/cves/2017/CVE-2017-18542.yaml +++ b/http/cves/2017/CVE-2017-18542.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18542 cwe-id: CWE-79 epss-score: 0.00221 - epss-percentile: 0.60223 + epss-percentile: 0.59511 cpe: cpe:2.3:a:bestwebsoft:zendesk_help_center:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18556.yaml b/http/cves/2017/CVE-2017-18556.yaml index 8c81369f435..027ace8f899 100644 --- a/http/cves/2017/CVE-2017-18556.yaml +++ b/http/cves/2017/CVE-2017-18556.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18556 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:google_analytics:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18558.yaml b/http/cves/2017/CVE-2017-18558.yaml index 8f0e68bb485..ae8dbb2e267 100644 --- a/http/cves/2017/CVE-2017-18558.yaml +++ b/http/cves/2017/CVE-2017-18558.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18558 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:testimonials:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18564.yaml b/http/cves/2017/CVE-2017-18564.yaml index ff1e9ab6233..249704cc38d 100644 --- a/http/cves/2017/CVE-2017-18564.yaml +++ b/http/cves/2017/CVE-2017-18564.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18564 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:sender:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18565.yaml b/http/cves/2017/CVE-2017-18565.yaml index 26eb3db92f5..2ddf1acd931 100644 --- a/http/cves/2017/CVE-2017-18565.yaml +++ b/http/cves/2017/CVE-2017-18565.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18565 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:updater:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18598.yaml b/http/cves/2017/CVE-2017-18598.yaml index 9f63976cd38..9e6304924ad 100644 --- a/http/cves/2017/CVE-2017-18598.yaml +++ b/http/cves/2017/CVE-2017-18598.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-18598 cwe-id: CWE-79 epss-score: 0.00094 - epss-percentile: 0.39244 + epss-percentile: 0.38554 cpe: cpe:2.3:a:designmodo:qards:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-3506.yaml b/http/cves/2017/CVE-2017-3506.yaml index 1c9dcc105ce..bc2664a9788 100644 --- a/http/cves/2017/CVE-2017-3506.yaml +++ b/http/cves/2017/CVE-2017-3506.yaml @@ -14,12 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-3506 - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html - http://www.securitytracker.com/id/1038296 + - https://github.com/CVEDB/top classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 7.4 cve-id: CVE-2017-3506 epss-score: 0.96935 - epss-percentile: 0.99662 + epss-percentile: 0.99702 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-3528.yaml b/http/cves/2017/CVE-2017-3528.yaml index c510621b396..5fd34ed21c2 100644 --- a/http/cves/2017/CVE-2017-3528.yaml +++ b/http/cves/2017/CVE-2017-3528.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-3528 cwe-id: CWE-601 epss-score: 0.00865 - epss-percentile: 0.80496 + epss-percentile: 0.81972 cpe: cpe:2.3:a:oracle:applications_framework:12.1.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-4011.yaml b/http/cves/2017/CVE-2017-4011.yaml index 4ad88aa2ffb..e859ed879c2 100644 --- a/http/cves/2017/CVE-2017-4011.yaml +++ b/http/cves/2017/CVE-2017-4011.yaml @@ -14,13 +14,14 @@ info: - https://kc.mcafee.com/corporate/index?page=content&id=SB10198 - https://nvd.nist.gov/vuln/detail/CVE-2017-4011 - http://www.securitytracker.com/id/1038523 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-4011 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.4991 + epss-percentile: 0.49103 cpe: cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-5638.yaml b/http/cves/2017/CVE-2017-5638.yaml index fe43ad1da30..a899b6f4842 100644 --- a/http/cves/2017/CVE-2017-5638.yaml +++ b/http/cves/2017/CVE-2017-5638.yaml @@ -21,8 +21,8 @@ info: cvss-score: 10 cve-id: CVE-2017-5638 cwe-id: CWE-20 - epss-score: 0.97535 - epss-percentile: 0.99993 + epss-score: 0.97543 + epss-percentile: 0.99995 cpe: cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-5689.yaml b/http/cves/2017/CVE-2017-5689.yaml index 6d843483bc4..f73eb1f97f0 100644 --- a/http/cves/2017/CVE-2017-5689.yaml +++ b/http/cves/2017/CVE-2017-5689.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-5689 - epss-score: 0.97418 - epss-percentile: 0.99921 + epss-score: 0.97395 + epss-percentile: 0.99912 cpe: cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-5982.yaml b/http/cves/2017/CVE-2017-5982.yaml index 48bbdee0ade..7c34620384d 100644 --- a/http/cves/2017/CVE-2017-5982.yaml +++ b/http/cves/2017/CVE-2017-5982.yaml @@ -12,13 +12,15 @@ info: - https://cxsecurity.com/issue/WLB-2017020164 - https://www.exploit-db.com/exploits/41312/ - https://nvd.nist.gov/vuln/detail/CVE-2017-5982 + - https://lists.debian.org/debian-lts-announce/2024/01/msg00009.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-5982 cwe-id: CWE-22 - epss-score: 0.0488 - epss-percentile: 0.91976 + epss-score: 0.0372 + epss-percentile: 0.91582 cpe: cpe:2.3:a:kodi:kodi:17.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7269.yaml b/http/cves/2017/CVE-2017-7269.yaml index 174fa9f3984..14ff4c2c75f 100644 --- a/http/cves/2017/CVE-2017-7269.yaml +++ b/http/cves/2017/CVE-2017-7269.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-7269 cwe-id: CWE-119 epss-score: 0.97121 - epss-percentile: 0.99746 + epss-percentile: 0.9977 cpe: cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7391.yaml b/http/cves/2017/CVE-2017-7391.yaml index 45f619f4264..c24a9f9b83f 100644 --- a/http/cves/2017/CVE-2017-7391.yaml +++ b/http/cves/2017/CVE-2017-7391.yaml @@ -14,13 +14,14 @@ info: - https://github.com/dweeves/magmi-git/releases/download/0.7.22/magmi_full_0.7.22.zip - https://github.com/dweeves/magmi-git/pull/525 - https://nvd.nist.gov/vuln/detail/CVE-2017-7391 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-7391 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.57376 + epss-percentile: 0.56428 cpe: cpe:2.3:a:magmi_project:magmi:0.7.22:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7615.yaml b/http/cves/2017/CVE-2017-7615.yaml index 48fe21e8e03..de94cd8f905 100644 --- a/http/cves/2017/CVE-2017-7615.yaml +++ b/http/cves/2017/CVE-2017-7615.yaml @@ -26,7 +26,7 @@ info: cve-id: CVE-2017-7615 cwe-id: CWE-640 epss-score: 0.97404 - epss-percentile: 0.99916 + epss-percentile: 0.99917 cpe: cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2017/CVE-2017-7855.yaml b/http/cves/2017/CVE-2017-7855.yaml index 5916e5ad2e1..0b98ea0fc97 100644 --- a/http/cves/2017/CVE-2017-7855.yaml +++ b/http/cves/2017/CVE-2017-7855.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2017-7855 cwe-id: CWE-79 epss-score: 0.0009 - epss-percentile: 0.37683 + epss-percentile: 0.37043 cpe: cpe:2.3:a:icewarp:server:11.3.1.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-7921.yaml b/http/cves/2017/CVE-2017-7921.yaml index 7a5324e8be9..d1d11d284dd 100644 --- a/http/cves/2017/CVE-2017-7921.yaml +++ b/http/cves/2017/CVE-2017-7921.yaml @@ -14,13 +14,14 @@ info: - https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01 - https://nvd.nist.gov/vuln/detail/CVE-2017-7921 - https://ghostbin.com/paste/q2vq2 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2017-7921 cwe-id: CWE-287 epss-score: 0.01361 - epss-percentile: 0.84777 + epss-percentile: 0.85934 cpe: cpe:2.3:o:hikvision:ds-2cd2032-i_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7925.yaml b/http/cves/2017/CVE-2017-7925.yaml index 371458fa371..45caf22abf2 100644 --- a/http/cves/2017/CVE-2017-7925.yaml +++ b/http/cves/2017/CVE-2017-7925.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-7925 cwe-id: CWE-522,CWE-260 - epss-score: 0.35031 - epss-percentile: 0.96729 + epss-score: 0.42592 + epss-percentile: 0.97235 cpe: cpe:2.3:o:dahuasecurity:dh-ipc-hdbw23a0rn-zs_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-8229.yaml b/http/cves/2017/CVE-2017-8229.yaml index dc77920e67a..e973dfeeb16 100644 --- a/http/cves/2017/CVE-2017-8229.yaml +++ b/http/cves/2017/CVE-2017-8229.yaml @@ -15,13 +15,14 @@ info: - http://packetstormsecurity.com/files/153224/Amcrest-IPM-721S-Credential-Disclosure-Privilege-Escalation.html - https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Amcrest_sec_issues.pdf - https://seclists.org/bugtraq/2019/Jun/8 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-8229 cwe-id: CWE-255 - epss-score: 0.89327 - epss-percentile: 0.98501 + epss-score: 0.89506 + epss-percentile: 0.98685 cpe: cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-8917.yaml b/http/cves/2017/CVE-2017-8917.yaml index 51bd1c46abe..1630cb36781 100644 --- a/http/cves/2017/CVE-2017-8917.yaml +++ b/http/cves/2017/CVE-2017-8917.yaml @@ -15,6 +15,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-8917 - https://web.archive.org/web/20211207050608/http://www.securitytracker.com/id/1038522 - http://www.securitytracker.com/id/1038522 + - https://github.com/binfed/cms-exp classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 diff --git a/http/cves/2017/CVE-2017-9140.yaml b/http/cves/2017/CVE-2017-9140.yaml index a73d7932581..c23c2f70134 100644 --- a/http/cves/2017/CVE-2017-9140.yaml +++ b/http/cves/2017/CVE-2017-9140.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2017-9140 cwe-id: CWE-79 epss-score: 0.00191 - epss-percentile: 0.56827 + epss-percentile: 0.55758 cpe: cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9288.yaml b/http/cves/2017/CVE-2017-9288.yaml index c50a4b7f405..3b22c0da553 100644 --- a/http/cves/2017/CVE-2017-9288.yaml +++ b/http/cves/2017/CVE-2017-9288.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-9288 cwe-id: CWE-79 epss-score: 0.00168 - epss-percentile: 0.53791 + epss-percentile: 0.52791 cpe: cpe:2.3:a:raygun:raygun4wp:1.8.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9416.yaml b/http/cves/2017/CVE-2017-9416.yaml index a3b01748498..d91aca11f06 100644 --- a/http/cves/2017/CVE-2017-9416.yaml +++ b/http/cves/2017/CVE-2017-9416.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-9416 cwe-id: CWE-22 epss-score: 0.01037 - epss-percentile: 0.82265 + epss-percentile: 0.83585 cpe: cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-9805.yaml b/http/cves/2017/CVE-2017-9805.yaml index 4da78f95e3b..56315ca7892 100644 --- a/http/cves/2017/CVE-2017-9805.yaml +++ b/http/cves/2017/CVE-2017-9805.yaml @@ -20,7 +20,7 @@ info: cvss-score: 8.1 cve-id: CVE-2017-9805 cwe-id: CWE-502 - epss-score: 0.97537 + epss-score: 0.97541 epss-percentile: 0.99995 cpe: cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2017/CVE-2017-9822.yaml b/http/cves/2017/CVE-2017-9822.yaml index e2f2ed570ed..56556b80856 100644 --- a/http/cves/2017/CVE-2017-9822.yaml +++ b/http/cves/2017/CVE-2017-9822.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-9822 - http://www.dnnsoftware.com/community/security/security-center - http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html + - https://github.com/xbl3/awesome-cve-poc_qazbnm456 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2017-9822 cwe-id: CWE-20 - epss-score: 0.96287 - epss-percentile: 0.99425 + epss-score: 0.97056 + epss-percentile: 0.99742 cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9833.yaml b/http/cves/2017/CVE-2017-9833.yaml index 70b4cf45f6f..ddcdc345d92 100644 --- a/http/cves/2017/CVE-2017-9833.yaml +++ b/http/cves/2017/CVE-2017-9833.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-9833 - https://pastebin.com/raw/rt7LJvyF - https://www.exploit-db.com/exploits/42290/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-9833 cwe-id: CWE-22 - epss-score: 0.35156 - epss-percentile: 0.96738 + epss-score: 0.7354 + epss-percentile: 0.98027 cpe: cpe:2.3:a:boa:boa:0.94.14.21:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9841.yaml b/http/cves/2017/CVE-2017-9841.yaml index ef6e0ec08fe..24b70ae27ae 100644 --- a/http/cves/2017/CVE-2017-9841.yaml +++ b/http/cves/2017/CVE-2017-9841.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-9841 cwe-id: CWE-94 epss-score: 0.97477 - epss-percentile: 0.99964 + epss-percentile: 0.99963 cpe: cpe:2.3:a:phpunit_project:phpunit:*:*:*:*:*:*:*:* metadata: max-request: 6 diff --git a/http/cves/2018/CVE-2018-1000129.yaml b/http/cves/2018/CVE-2018-1000129.yaml index 6641f9e9a66..e92e7fa79ec 100644 --- a/http/cves/2018/CVE-2018-1000129.yaml +++ b/http/cves/2018/CVE-2018-1000129.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-1000129 cwe-id: CWE-79 epss-score: 0.00257 - epss-percentile: 0.63529 + epss-percentile: 0.64818 cpe: cpe:2.3:a:jolokia:jolokia:1.3.7:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-1000226.yaml b/http/cves/2018/CVE-2018-1000226.yaml index 7ec635632b6..41c42d57b12 100644 --- a/http/cves/2018/CVE-2018-1000226.yaml +++ b/http/cves/2018/CVE-2018-1000226.yaml @@ -11,13 +11,14 @@ info: - https://github.com/cobbler/cobbler/issues/1916 - https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/ - https://nvd.nist.gov/vuln/detail/CVE-2018-1000226 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-1000226 cwe-id: CWE-732 epss-score: 0.01309 - epss-percentile: 0.84446 + epss-percentile: 0.8563 cpe: cpe:2.3:a:cobblerd:cobbler:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-1000533.yaml b/http/cves/2018/CVE-2018-1000533.yaml index bce24b428e9..edd6f324780 100644 --- a/http/cves/2018/CVE-2018-1000533.yaml +++ b/http/cves/2018/CVE-2018-1000533.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-1000533 cwe-id: CWE-20 epss-score: 0.97242 - epss-percentile: 0.99816 + epss-percentile: 0.99831 cpe: cpe:2.3:a:gitlist:gitlist:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-1000600.yaml b/http/cves/2018/CVE-2018-1000600.yaml index 3ea8ef820e7..008473d6857 100644 --- a/http/cves/2018/CVE-2018-1000600.yaml +++ b/http/cves/2018/CVE-2018-1000600.yaml @@ -15,13 +15,14 @@ info: - https://devco.re/blog/2019/01/16/hacking-Jenkins-part1-play-with-dynamic-routing/ - https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915 - https://nvd.nist.gov/vuln/detail/CVE-2018-1000600 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2018-1000600 cwe-id: CWE-200 - epss-score: 0.95625 - epss-percentile: 0.99268 + epss-score: 0.93232 + epss-percentile: 0.99014 cpe: cpe:2.3:a:jenkins:github:*:*:*:*:*:jenkins:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-1000671.yaml b/http/cves/2018/CVE-2018-1000671.yaml index 319a823c341..43e64d9c447 100644 --- a/http/cves/2018/CVE-2018-1000671.yaml +++ b/http/cves/2018/CVE-2018-1000671.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-1000671 cwe-id: CWE-601 - epss-score: 0.00845 - epss-percentile: 0.80332 + epss-score: 0.00598 + epss-percentile: 0.77958 cpe: cpe:2.3:a:sympa:sympa:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-1000856.yaml b/http/cves/2018/CVE-2018-1000856.yaml index 72c04d3e9e8..b0861dee25c 100644 --- a/http/cves/2018/CVE-2018-1000856.yaml +++ b/http/cves/2018/CVE-2018-1000856.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.8 cve-id: CVE-2018-1000856 cwe-id: CWE-79 - epss-score: 0.00101 - epss-percentile: 0.41139 + epss-score: 0.00092 + epss-percentile: 0.38207 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-1000861.yaml b/http/cves/2018/CVE-2018-1000861.yaml index fc2b384e461..d3dddae44ef 100644 --- a/http/cves/2018/CVE-2018-1000861.yaml +++ b/http/cves/2018/CVE-2018-1000861.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-1000861 cwe-id: CWE-502 - epss-score: 0.97215 - epss-percentile: 0.99801 + epss-score: 0.9734 + epss-percentile: 0.99882 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10141.yaml b/http/cves/2018/CVE-2018-10141.yaml index 6931d698c1d..ad474134a67 100644 --- a/http/cves/2018/CVE-2018-10141.yaml +++ b/http/cves/2018/CVE-2018-10141.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-10141 cwe-id: CWE-79 epss-score: 0.00126 - epss-percentile: 0.47114 + epss-percentile: 0.46296 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10822.yaml b/http/cves/2018/CVE-2018-10822.yaml index 875dd399d6a..cd2cff50a41 100644 --- a/http/cves/2018/CVE-2018-10822.yaml +++ b/http/cves/2018/CVE-2018-10822.yaml @@ -14,13 +14,14 @@ info: - http://sploit.tech/2018/10/12/D-Link.html - https://nvd.nist.gov/vuln/detail/CVE-2018-10822 - https://seclists.org/fulldisclosure/2018/Oct/36 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-10822 cwe-id: CWE-22 epss-score: 0.10309 - epss-percentile: 0.94411 + epss-percentile: 0.94824 cpe: cpe:2.3:o:dlink:dwr-116_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10956.yaml b/http/cves/2018/CVE-2018-10956.yaml index ea398ebea6a..e614b9fdd3a 100644 --- a/http/cves/2018/CVE-2018-10956.yaml +++ b/http/cves/2018/CVE-2018-10956.yaml @@ -15,13 +15,14 @@ info: - https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb - https://www.exploit-db.com/exploits/44916/ - https://nvd.nist.gov/vuln/detail/CVE-2018-10956 + - https://github.com/xbl3/awesome-cve-poc_qazbnm456 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-10956 cwe-id: CWE-22 epss-score: 0.57917 - epss-percentile: 0.97423 + epss-percentile: 0.97652 cpe: cpe:2.3:a:ipconfigure:orchid_core_vms:2.0.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11227.yaml b/http/cves/2018/CVE-2018-11227.yaml index 3189e7892e5..5c94a94a5b6 100644 --- a/http/cves/2018/CVE-2018-11227.yaml +++ b/http/cves/2018/CVE-2018-11227.yaml @@ -15,13 +15,14 @@ info: - https://www.exploit-db.com/exploits/44646 - https://nvd.nist.gov/vuln/detail/CVE-2018-11227 - https://github.com/monstra-cms/monstra/issues + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-11227 cwe-id: CWE-79 - epss-score: 0.02667 - epss-percentile: 0.89322 + epss-score: 0.02135 + epss-percentile: 0.8903 cpe: cpe:2.3:a:monstra:monstra_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-11231.yaml b/http/cves/2018/CVE-2018-11231.yaml index 166a2b87643..a54774291b8 100644 --- a/http/cves/2018/CVE-2018-11231.yaml +++ b/http/cves/2018/CVE-2018-11231.yaml @@ -14,13 +14,14 @@ info: - https://web.archive.org/web/20220331072310/http://foreversong.cn/archives/1183 - https://nvd.nist.gov/vuln/detail/CVE-2018-11231 - http://foreversong.cn/archives/1183 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2018-11231 cwe-id: CWE-89 epss-score: 0.00903 - epss-percentile: 0.80953 + epss-percentile: 0.82368 cpe: cpe:2.3:a:divido:divido:-:*:*:*:*:opencart:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11473.yaml b/http/cves/2018/CVE-2018-11473.yaml index 7cf03fd3910..00467800280 100644 --- a/http/cves/2018/CVE-2018-11473.yaml +++ b/http/cves/2018/CVE-2018-11473.yaml @@ -14,13 +14,14 @@ info: - https://github.com/monstra-cms/monstra/issues/446 - https://github.com/nikhil1232/Monstra-CMS-3.0.4-XSS-ON-Registration-Page - https://nvd.nist.gov/vuln/detail/CVE-2018-11473 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-11473 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40212 + epss-percentile: 0.39534 cpe: cpe:2.3:a:monstra:monstra:3.0.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-11709.yaml b/http/cves/2018/CVE-2018-11709.yaml index aeeaf24b0d2..9d4ecb51ab4 100644 --- a/http/cves/2018/CVE-2018-11709.yaml +++ b/http/cves/2018/CVE-2018-11709.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-11709 cwe-id: CWE-79 - epss-score: 0.00151 - epss-percentile: 0.5127 + epss-score: 0.00175 + epss-percentile: 0.53725 cpe: cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11759.yaml b/http/cves/2018/CVE-2018-11759.yaml index 5b99c4eb53b..76e66f7eede 100644 --- a/http/cves/2018/CVE-2018-11759.yaml +++ b/http/cves/2018/CVE-2018-11759.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-11759 cwe-id: CWE-22 - epss-score: 0.96598 - epss-percentile: 0.99543 + epss-score: 0.96552 + epss-percentile: 0.99592 cpe: cpe:2.3:a:apache:tomcat_jk_connector:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-11776.yaml b/http/cves/2018/CVE-2018-11776.yaml index adf84431ab6..37bb722daa6 100644 --- a/http/cves/2018/CVE-2018-11776.yaml +++ b/http/cves/2018/CVE-2018-11776.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2018-11776 cwe-id: CWE-20 - epss-score: 0.97505 - epss-percentile: 0.99981 + epss-score: 0.97517 + epss-percentile: 0.99985 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12031.yaml b/http/cves/2018/CVE-2018-12031.yaml index e548b663117..746d4323433 100644 --- a/http/cves/2018/CVE-2018-12031.yaml +++ b/http/cves/2018/CVE-2018-12031.yaml @@ -13,13 +13,15 @@ info: - https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion - https://www.exploit-db.com/exploits/48614 - https://nvd.nist.gov/vuln/detail/CVE-2018-12031 + - https://github.com/0xT11/CVE-POC + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-12031 cwe-id: CWE-22 - epss-score: 0.01411 - epss-percentile: 0.85052 + epss-score: 0.00725 + epss-percentile: 0.80248 cpe: cpe:2.3:a:eaton:intelligent_power_manager:1.6:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-1207.yaml b/http/cves/2018/CVE-2018-1207.yaml index 75f420a3b1a..4fd6798b54f 100644 --- a/http/cves/2018/CVE-2018-1207.yaml +++ b/http/cves/2018/CVE-2018-1207.yaml @@ -24,7 +24,7 @@ info: cve-id: CVE-2018-1207 cwe-id: CWE-94 epss-score: 0.01875 - epss-percentile: 0.87166 + epss-percentile: 0.88144 cpe: cpe:2.3:a:dell:emc_idrac7:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12095.yaml b/http/cves/2018/CVE-2018-12095.yaml index a98e98c9ab0..f913f5030b0 100644 --- a/http/cves/2018/CVE-2018-12095.yaml +++ b/http/cves/2018/CVE-2018-12095.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-12095 cwe-id: CWE-79 epss-score: 0.00333 - epss-percentile: 0.68242 + epss-percentile: 0.70604 cpe: cpe:2.3:a:oecms_project:oecms:3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12296.yaml b/http/cves/2018/CVE-2018-12296.yaml index a46cd229ae3..bf0c101eafc 100644 --- a/http/cves/2018/CVE-2018-12296.yaml +++ b/http/cves/2018/CVE-2018-12296.yaml @@ -12,13 +12,14 @@ info: reference: - https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170 - https://nvd.nist.gov/vuln/detail/CVE-2018-12296 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-12296 cwe-id: CWE-732 - epss-score: 0.01386 - epss-percentile: 0.84924 + epss-score: 0.01442 + epss-percentile: 0.86338 cpe: cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12675.yaml b/http/cves/2018/CVE-2018-12675.yaml index 8a1c0ddc846..a4ec8df8892 100644 --- a/http/cves/2018/CVE-2018-12675.yaml +++ b/http/cves/2018/CVE-2018-12675.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-12675 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.45761 + epss-percentile: 0.44971 cpe: cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-1271.yaml b/http/cves/2018/CVE-2018-1271.yaml index 56fb431233d..dc1adffb970 100644 --- a/http/cves/2018/CVE-2018-1271.yaml +++ b/http/cves/2018/CVE-2018-1271.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-1271 cwe-id: CWE-22 epss-score: 0.004 - epss-percentile: 0.70833 + epss-percentile: 0.73113 cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-12909.yaml b/http/cves/2018/CVE-2018-12909.yaml index 834a79441c4..ae9347d562d 100644 --- a/http/cves/2018/CVE-2018-12909.yaml +++ b/http/cves/2018/CVE-2018-12909.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-12909 cwe-id: CWE-22 - epss-score: 0.01119 - epss-percentile: 0.83058 + epss-score: 0.00466 + epss-percentile: 0.74979 cpe: cpe:2.3:a:webgrind_project:webgrind:1.5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-12998.yaml b/http/cves/2018/CVE-2018-12998.yaml index cad5baf5a7c..80af3522813 100644 --- a/http/cves/2018/CVE-2018-12998.yaml +++ b/http/cves/2018/CVE-2018-12998.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-12998 cwe-id: CWE-79 - epss-score: 0.96915 - epss-percentile: 0.9966 + epss-score: 0.96752 + epss-percentile: 0.99646 cpe: cpe:2.3:a:zohocorp:firewall_analyzer:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-13980.yaml b/http/cves/2018/CVE-2018-13980.yaml index 645eed6277d..7bd191ae691 100644 --- a/http/cves/2018/CVE-2018-13980.yaml +++ b/http/cves/2018/CVE-2018-13980.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-13980 cwe-id: CWE-22 epss-score: 0.0018 - epss-percentile: 0.55295 + epss-percentile: 0.5428 cpe: cpe:2.3:a:zeta-producer:zeta_producer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14013.yaml b/http/cves/2018/CVE-2018-14013.yaml index 82b9d898c5a..55fc0419dd3 100644 --- a/http/cves/2018/CVE-2018-14013.yaml +++ b/http/cves/2018/CVE-2018-14013.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-14013 cwe-id: CWE-79 epss-score: 0.00755 - epss-percentile: 0.79096 + epss-percentile: 0.80655 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14728.yaml b/http/cves/2018/CVE-2018-14728.yaml index b8646e0924f..ee8a6ead702 100644 --- a/http/cves/2018/CVE-2018-14728.yaml +++ b/http/cves/2018/CVE-2018-14728.yaml @@ -13,13 +13,15 @@ info: - http://packetstormsecurity.com/files/148742/Responsive-Filemanager-9.13.1-Server-Side-Request-Forgery.html - https://www.exploit-db.com/exploits/45103/ - https://nvd.nist.gov/vuln/detail/CVE-2018-14728 + - https://github.com/sobinge/nuclei-templates + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-14728 cwe-id: CWE-918 epss-score: 0.96369 - epss-percentile: 0.99454 + epss-percentile: 0.99525 cpe: cpe:2.3:a:tecrail:responsive_filemanager:9.13.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14916.yaml b/http/cves/2018/CVE-2018-14916.yaml index 4b0c8dd7edd..7e496642c89 100644 --- a/http/cves/2018/CVE-2018-14916.yaml +++ b/http/cves/2018/CVE-2018-14916.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-14916 cwe-id: CWE-732 epss-score: 0.00685 - epss-percentile: 0.77959 + epss-percentile: 0.79617 cpe: cpe:2.3:o:loytec:lgate-902_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14931.yaml b/http/cves/2018/CVE-2018-14931.yaml index fe9ccbac57c..01c140af698 100644 --- a/http/cves/2018/CVE-2018-14931.yaml +++ b/http/cves/2018/CVE-2018-14931.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-14931 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.45761 + epss-percentile: 0.44971 cpe: cpe:2.3:a:polarisft:intellect_core_banking:9.7.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-15517.yaml b/http/cves/2018/CVE-2018-15517.yaml index 9d59bfbaf71..3d573cf503a 100644 --- a/http/cves/2018/CVE-2018-15517.yaml +++ b/http/cves/2018/CVE-2018-15517.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.6 cve-id: CVE-2018-15517 cwe-id: CWE-918 - epss-score: 0.01414 - epss-percentile: 0.85108 + epss-score: 0.01001 + epss-percentile: 0.83284 cpe: cpe:2.3:a:dlink:central_wifimanager:1.03:r0098:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-15745.yaml b/http/cves/2018/CVE-2018-15745.yaml index 6873fef6d42..8ddb39b4bcb 100644 --- a/http/cves/2018/CVE-2018-15745.yaml +++ b/http/cves/2018/CVE-2018-15745.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-15745 cwe-id: CWE-22 epss-score: 0.94576 - epss-percentile: 0.99076 + epss-percentile: 0.99184 cpe: cpe:2.3:a:argussurveillance:dvr:4.0.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-15917.yaml b/http/cves/2018/CVE-2018-15917.yaml index b05ba1eea1a..c73edd73845 100644 --- a/http/cves/2018/CVE-2018-15917.yaml +++ b/http/cves/2018/CVE-2018-15917.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-15917 cwe-id: CWE-79 epss-score: 0.04217 - epss-percentile: 0.91397 + epss-percentile: 0.92046 cpe: cpe:2.3:a:jorani_project:jorani:0.6.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-16059.yaml b/http/cves/2018/CVE-2018-16059.yaml index 2c5f17ea341..de6cb5e7116 100644 --- a/http/cves/2018/CVE-2018-16059.yaml +++ b/http/cves/2018/CVE-2018-16059.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2018-16059 cwe-id: CWE-22 - epss-score: 0.34793 - epss-percentile: 0.96722 + epss-score: 0.32871 + epss-percentile: 0.96924 cpe: cpe:2.3:o:endress:wirelesshart_fieldgate_swg70_firmware:3.00.07:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16133.yaml b/http/cves/2018/CVE-2018-16133.yaml index 58126805acc..2ecf3035bc4 100644 --- a/http/cves/2018/CVE-2018-16133.yaml +++ b/http/cves/2018/CVE-2018-16133.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16133 cwe-id: CWE-22 epss-score: 0.03629 - epss-percentile: 0.90789 + epss-percentile: 0.91461 cpe: cpe:2.3:a:cybrotech:cybrohttpserver:1.0.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16139.yaml b/http/cves/2018/CVE-2018-16139.yaml index ba423ce6f0d..d6baca488b1 100644 --- a/http/cves/2018/CVE-2018-16139.yaml +++ b/http/cves/2018/CVE-2018-16139.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16139 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48664 + epss-percentile: 0.47838 cpe: cpe:2.3:a:bibliosoft:bibliopac:2008:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-16159.yaml b/http/cves/2018/CVE-2018-16159.yaml index ebf93501c67..62d576c2c65 100644 --- a/http/cves/2018/CVE-2018-16159.yaml +++ b/http/cves/2018/CVE-2018-16159.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16159 cwe-id: CWE-89 epss-score: 0.01228 - epss-percentile: 0.83928 + epss-percentile: 0.85084 cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-16167.yaml b/http/cves/2018/CVE-2018-16167.yaml index 9c771ba06ed..4229c61fc08 100644 --- a/http/cves/2018/CVE-2018-16167.yaml +++ b/http/cves/2018/CVE-2018-16167.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16167 cwe-id: CWE-78 - epss-score: 0.21391 - epss-percentile: 0.96016 + epss-score: 0.27457 + epss-percentile: 0.9669 cpe: cpe:2.3:a:jpcert:logontracer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16283.yaml b/http/cves/2018/CVE-2018-16283.yaml index 8a36fa74cca..14ccf83922b 100644 --- a/http/cves/2018/CVE-2018-16283.yaml +++ b/http/cves/2018/CVE-2018-16283.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16283 cwe-id: CWE-22 - epss-score: 0.05805 - epss-percentile: 0.9266 + epss-score: 0.0412 + epss-percentile: 0.91963 cpe: cpe:2.3:a:wechat_brodcast_project:wechat_brodcast:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16288.yaml b/http/cves/2018/CVE-2018-16288.yaml index ffd0c3fd905..2cd15055172 100644 --- a/http/cves/2018/CVE-2018-16288.yaml +++ b/http/cves/2018/CVE-2018-16288.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/exploits/45440 - http://mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html - https://nvd.nist.gov/vuln/detail/CVE-2018-16288 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cve-id: CVE-2018-16288 cwe-id: CWE-200 - epss-score: 0.16221 - epss-percentile: 0.95476 + epss-score: 0.12055 + epss-percentile: 0.95227 cpe: cpe:2.3:a:lg:supersign_cms:2.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16668.yaml b/http/cves/2018/CVE-2018-16668.yaml index 1f4ebdf7908..b01ad025cd8 100644 --- a/http/cves/2018/CVE-2018-16668.yaml +++ b/http/cves/2018/CVE-2018-16668.yaml @@ -14,13 +14,14 @@ info: - https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life - https://www.exploit-db.com/exploits/45384/ - https://nvd.nist.gov/vuln/detail/CVE-2018-16668 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2018-16668 cwe-id: CWE-287 - epss-score: 0.00318 - epss-percentile: 0.67308 + epss-score: 0.00189 + epss-percentile: 0.55432 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16671.yaml b/http/cves/2018/CVE-2018-16671.yaml index 2116a87bee6..eac2464890b 100644 --- a/http/cves/2018/CVE-2018-16671.yaml +++ b/http/cves/2018/CVE-2018-16671.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/45384 - https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life - https://nvd.nist.gov/vuln/detail/CVE-2018-16671 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2018-16671 cwe-id: CWE-200 - epss-score: 0.00224 - epss-percentile: 0.60639 + epss-score: 0.00189 + epss-percentile: 0.55432 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16763.yaml b/http/cves/2018/CVE-2018-16763.yaml index ba914c3e271..5b83da0c5a4 100644 --- a/http/cves/2018/CVE-2018-16763.yaml +++ b/http/cves/2018/CVE-2018-16763.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16763 cwe-id: CWE-74 - epss-score: 0.83439 - epss-percentile: 0.98171 + epss-score: 0.83285 + epss-percentile: 0.98356 cpe: cpe:2.3:a:thedaylightstudio:fuel_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16836.yaml b/http/cves/2018/CVE-2018-16836.yaml index 470776f3936..87c0badfda4 100644 --- a/http/cves/2018/CVE-2018-16836.yaml +++ b/http/cves/2018/CVE-2018-16836.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16836 cwe-id: CWE-22 - epss-score: 0.29944 - epss-percentile: 0.96512 + epss-score: 0.26631 + epss-percentile: 0.96643 cpe: cpe:2.3:a:rubedo_project:rubedo:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16979.yaml b/http/cves/2018/CVE-2018-16979.yaml index 0dbf1b39fda..dfa7471efca 100644 --- a/http/cves/2018/CVE-2018-16979.yaml +++ b/http/cves/2018/CVE-2018-16979.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/howchen/howchen/issues/4 - https://nvd.nist.gov/vuln/detail/CVE-2018-16979 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-16979 cwe-id: CWE-113 - epss-score: 0.00118 - epss-percentile: 0.45685 + epss-score: 0.00141 + epss-percentile: 0.48943 cpe: cpe:2.3:a:monstra:monstra:3.0.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-17153.yaml b/http/cves/2018/CVE-2018-17153.yaml index f91656f0473..56931486bbc 100644 --- a/http/cves/2018/CVE-2018-17153.yaml +++ b/http/cves/2018/CVE-2018-17153.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-17153 cwe-id: CWE-287 - epss-score: 0.92144 - epss-percentile: 0.98754 + epss-score: 0.81607 + epss-percentile: 0.98273 cpe: cpe:2.3:o:western_digital:my_cloud_wdbctl0020hwt_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-17246.yaml b/http/cves/2018/CVE-2018-17246.yaml index 40159995d41..e248210fd43 100644 --- a/http/cves/2018/CVE-2018-17246.yaml +++ b/http/cves/2018/CVE-2018-17246.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-17246 - cwe-id: CWE-73,CWE-829 - epss-score: 0.96827 - epss-percentile: 0.99619 + cwe-id: CWE-829,CWE-73 + epss-score: 0.96638 + epss-percentile: 0.99612 cpe: cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-17422.yaml b/http/cves/2018/CVE-2018-17422.yaml index d6ec1926cfb..c86470ba5d5 100644 --- a/http/cves/2018/CVE-2018-17422.yaml +++ b/http/cves/2018/CVE-2018-17422.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/dotCMS/core/issues/15286 - https://nvd.nist.gov/vuln/detail/CVE-2018-17422 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-17422 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.45685 + epss-percentile: 0.44971 cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-17431.yaml b/http/cves/2018/CVE-2018-17431.yaml index 2aa77891ffc..1e4f28bea57 100644 --- a/http/cves/2018/CVE-2018-17431.yaml +++ b/http/cves/2018/CVE-2018-17431.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-17431 cwe-id: CWE-287 epss-score: 0.11416 - epss-percentile: 0.95073 + epss-percentile: 0.95098 cpe: cpe:2.3:a:comodo:unified_threat_management_firewall:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-18069.yaml b/http/cves/2018/CVE-2018-18069.yaml index 12e2b959c8c..a6939da7a52 100644 --- a/http/cves/2018/CVE-2018-18069.yaml +++ b/http/cves/2018/CVE-2018-18069.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-18069 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38754 + epss-percentile: 0.38026 cpe: cpe:2.3:a:wpml:wpml:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18264.yaml b/http/cves/2018/CVE-2018-18264.yaml index 3bbf15eaf26..d8ed2775495 100644 --- a/http/cves/2018/CVE-2018-18264.yaml +++ b/http/cves/2018/CVE-2018-18264.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-18264 cwe-id: CWE-306 - epss-score: 0.96258 - epss-percentile: 0.99415 + epss-score: 0.96092 + epss-percentile: 0.99459 cpe: cpe:2.3:a:kubernetes:dashboard:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-18323.yaml b/http/cves/2018/CVE-2018-18323.yaml index 3592c0c46be..22905f68205 100644 --- a/http/cves/2018/CVE-2018-18323.yaml +++ b/http/cves/2018/CVE-2018-18323.yaml @@ -15,13 +15,14 @@ info: - http://centos-webpanel.com/ - https://seccops.com/centos-web-panel-0-9-8-480-multiple-vulnerabilities/ - https://nvd.nist.gov/vuln/detail/CVE-2018-18323 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-18323 cwe-id: CWE-22 - epss-score: 0.97014 - epss-percentile: 0.9969 + epss-score: 0.9648 + epss-percentile: 0.99556 cpe: cpe:2.3:a:control-webpanel:webpanel:0.9.8.480:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18570.yaml b/http/cves/2018/CVE-2018-18570.yaml index 4c911d474de..3c5f07bf770 100644 --- a/http/cves/2018/CVE-2018-18570.yaml +++ b/http/cves/2018/CVE-2018-18570.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-18570 cwe-id: CWE-79 epss-score: 0.00098 - epss-percentile: 0.40364 + epss-percentile: 0.39642 cpe: cpe:2.3:a:planonsoftware:planon:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18775.yaml b/http/cves/2018/CVE-2018-18775.yaml index b1748603d21..8566e600c09 100644 --- a/http/cves/2018/CVE-2018-18775.yaml +++ b/http/cves/2018/CVE-2018-18775.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/45755 - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2018-18775 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-18775 cwe-id: CWE-79 epss-score: 0.00157 - epss-percentile: 0.52016 + epss-percentile: 0.51189 cpe: cpe:2.3:a:microstrategy:microstrategy_web:7:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18778.yaml b/http/cves/2018/CVE-2018-18778.yaml index 1f73161e797..403adacffaa 100644 --- a/http/cves/2018/CVE-2018-18778.yaml +++ b/http/cves/2018/CVE-2018-18778.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2018-18778 cwe-id: CWE-200 - epss-score: 0.95125 - epss-percentile: 0.9916 + epss-score: 0.17666 + epss-percentile: 0.96022 cpe: cpe:2.3:a:acme:mini-httpd:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-18809.yaml b/http/cves/2018/CVE-2018-18809.yaml index ca54e9c59f3..bde8f3a3cce 100644 --- a/http/cves/2018/CVE-2018-18809.yaml +++ b/http/cves/2018/CVE-2018-18809.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.5 cve-id: CVE-2018-18809 cwe-id: CWE-22 - epss-score: 0.42207 - epss-percentile: 0.96983 + epss-score: 0.43128 + epss-percentile: 0.97253 cpe: cpe:2.3:a:tibco:jasperreports_library:*:*:*:*:activematrix_bpm:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-18925.yaml b/http/cves/2018/CVE-2018-18925.yaml index bbfc6bacc68..28bfdad1fd8 100644 --- a/http/cves/2018/CVE-2018-18925.yaml +++ b/http/cves/2018/CVE-2018-18925.yaml @@ -13,13 +13,14 @@ info: - https://github.com/vulhub/vulhub/tree/master/gogs/CVE-2018-18925 - https://nvd.nist.gov/vuln/detail/cve-2018-18925 - https://github.com/gogs/gogs/issues/5469 + - https://github.com/j4k0m/CVE-2018-18925 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-18925 cwe-id: CWE-384 epss-score: 0.09538 - epss-percentile: 0.94194 + epss-percentile: 0.94612 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-19136.yaml b/http/cves/2018/CVE-2018-19136.yaml index 72188d25f1f..a94bf0f9170 100644 --- a/http/cves/2018/CVE-2018-19136.yaml +++ b/http/cves/2018/CVE-2018-19136.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/exploits/45883/ - https://github.com/domainmod/domainmod/issues/79 - https://nvd.nist.gov/vuln/detail/CVE-2018-19136 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-19136 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51369 + epss-percentile: 0.50531 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19137.yaml b/http/cves/2018/CVE-2018-19137.yaml index 20a740bcd28..b7c56024ba0 100644 --- a/http/cves/2018/CVE-2018-19137.yaml +++ b/http/cves/2018/CVE-2018-19137.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/domainmod/domainmod/issues/79 - https://nvd.nist.gov/vuln/detail/CVE-2018-19137 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-19137 cwe-id: CWE-79 - epss-score: 0.0008 - epss-percentile: 0.335 + epss-score: 0.00096 + epss-percentile: 0.39294 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19365.yaml b/http/cves/2018/CVE-2018-19365.yaml index 84844ef1d15..7ac3fedd971 100644 --- a/http/cves/2018/CVE-2018-19365.yaml +++ b/http/cves/2018/CVE-2018-19365.yaml @@ -13,13 +13,14 @@ info: - https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html - https://nvd.nist.gov/vuln/detail/CVE-2018-19365 - https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H cvss-score: 9.1 cve-id: CVE-2018-19365 cwe-id: CWE-22 - epss-score: 0.01629 - epss-percentile: 0.86133 + epss-score: 0.01354 + epss-percentile: 0.8589 cpe: cpe:2.3:a:wowza:streaming_engine:4.7.4.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19386.yaml b/http/cves/2018/CVE-2018-19386.yaml index 19e5a72d2a7..4598f3ac5d1 100644 --- a/http/cves/2018/CVE-2018-19386.yaml +++ b/http/cves/2018/CVE-2018-19386.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19386 cwe-id: CWE-79 epss-score: 0.00177 - epss-percentile: 0.54991 + epss-percentile: 0.53963 cpe: cpe:2.3:a:solarwinds:database_performance_analyzer:11.1.457:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19439.yaml b/http/cves/2018/CVE-2018-19439.yaml index fe88d25952b..bc1e1c1ff0c 100644 --- a/http/cves/2018/CVE-2018-19439.yaml +++ b/http/cves/2018/CVE-2018-19439.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-19439 cwe-id: CWE-79 - epss-score: 0.00776 - epss-percentile: 0.79431 + epss-score: 0.00548 + epss-percentile: 0.76986 cpe: cpe:2.3:a:oracle:secure_global_desktop:4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19749.yaml b/http/cves/2018/CVE-2018-19749.yaml index a273bef199f..3511c31d3fe 100644 --- a/http/cves/2018/CVE-2018-19749.yaml +++ b/http/cves/2018/CVE-2018-19749.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-19749 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39832 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19751.yaml b/http/cves/2018/CVE-2018-19751.yaml index d1291498b45..633b16ce951 100644 --- a/http/cves/2018/CVE-2018-19751.yaml +++ b/http/cves/2018/CVE-2018-19751.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19751 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39832 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19752.yaml b/http/cves/2018/CVE-2018-19752.yaml index 0366f7061e7..42d914741be 100644 --- a/http/cves/2018/CVE-2018-19752.yaml +++ b/http/cves/2018/CVE-2018-19752.yaml @@ -14,13 +14,14 @@ info: - https://github.com/domainmod/domainmod/issues/84 - https://www.exploit-db.com/exploits/45949/ - https://nvd.nist.gov/vuln/detail/CVE-2018-19752 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-19752 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39797 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19877.yaml b/http/cves/2018/CVE-2018-19877.yaml index 93c62c5f7cf..007ed11dd2a 100644 --- a/http/cves/2018/CVE-2018-19877.yaml +++ b/http/cves/2018/CVE-2018-19877.yaml @@ -14,13 +14,14 @@ info: - https://loganalyzer.adiscon.com/news/loganalyzer-v4-1-7-v4-stable-released/ - https://www.exploit-db.com/exploits/45958/ - https://nvd.nist.gov/vuln/detail/CVE-2018-19877 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-19877 cwe-id: CWE-79 epss-score: 0.00241 - epss-percentile: 0.62084 + epss-percentile: 0.63554 cpe: cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19892.yaml b/http/cves/2018/CVE-2018-19892.yaml index b1a8e1d899b..45b58e9e2ab 100644 --- a/http/cves/2018/CVE-2018-19892.yaml +++ b/http/cves/2018/CVE-2018-19892.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19892 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41139 + epss-percentile: 0.40415 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19914.yaml b/http/cves/2018/CVE-2018-19914.yaml index fd113691a1c..c96caf3296e 100644 --- a/http/cves/2018/CVE-2018-19914.yaml +++ b/http/cves/2018/CVE-2018-19914.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/exploits/46375/ - https://github.com/domainmod/domainmod/issues/87 - https://nvd.nist.gov/vuln/detail/CVE-2018-19914 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-19914 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51511 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19915.yaml b/http/cves/2018/CVE-2018-19915.yaml index 4266e2ac48c..c59d880faa3 100644 --- a/http/cves/2018/CVE-2018-19915.yaml +++ b/http/cves/2018/CVE-2018-19915.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-19915 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51608 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20010.yaml b/http/cves/2018/CVE-2018-20010.yaml index 0384d9f6916..28c9ee8e2da 100644 --- a/http/cves/2018/CVE-2018-20010.yaml +++ b/http/cves/2018/CVE-2018-20010.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-20010 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51608 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20011.yaml b/http/cves/2018/CVE-2018-20011.yaml index 1eaa48aaf3a..c72056c797e 100644 --- a/http/cves/2018/CVE-2018-20011.yaml +++ b/http/cves/2018/CVE-2018-20011.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/46374/ - https://github.com/domainmod/domainmod/issues/88 - https://nvd.nist.gov/vuln/detail/CVE-2018-20011 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-20011 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51511 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20462.yaml b/http/cves/2018/CVE-2018-20462.yaml index 158b8d52667..b9251f9f59e 100644 --- a/http/cves/2018/CVE-2018-20462.yaml +++ b/http/cves/2018/CVE-2018-20462.yaml @@ -14,13 +14,14 @@ info: - https://wpvulndb.com/vulnerabilities/9196 - https://nvd.nist.gov/vuln/detail/CVE-2018-20462 - https://www.cbiu.cc/2018/12/WordPress%E6%8F%92%E4%BB%B6jsmol2wp%E6%BC%8F%E6%B4%9E/#%E5%8F%8D%E5%B0%84%E6%80%A7XSS + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-20462 cwe-id: CWE-79 epss-score: 0.00245 - epss-percentile: 0.62459 + epss-percentile: 0.63916 cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-20463.yaml b/http/cves/2018/CVE-2018-20463.yaml index a49889b5ff4..798ff85b2f8 100644 --- a/http/cves/2018/CVE-2018-20463.yaml +++ b/http/cves/2018/CVE-2018-20463.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-20463 cwe-id: CWE-22 epss-score: 0.01939 - epss-percentile: 0.88289 + epss-percentile: 0.88381 cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20526.yaml b/http/cves/2018/CVE-2018-20526.yaml index 8d1f7b4f737..f05d05d968a 100644 --- a/http/cves/2018/CVE-2018-20526.yaml +++ b/http/cves/2018/CVE-2018-20526.yaml @@ -14,13 +14,15 @@ info: - http://packetstormsecurity.com/files/151033/Roxy-Fileman-1.4.5-File-Upload-Directory-Traversal.html - https://www.exploit-db.com/exploits/46085/ - https://nvd.nist.gov/vuln/detail/CVE-2018-20526 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-20526 cwe-id: CWE-434 - epss-score: 0.00803 - epss-percentile: 0.79773 + epss-score: 0.00666 + epss-percentile: 0.79248 cpe: cpe:2.3:a:roxyfileman:roxy_fileman:1.4.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20608.yaml b/http/cves/2018/CVE-2018-20608.yaml index 8d4592b472a..1d88147b098 100644 --- a/http/cves/2018/CVE-2018-20608.yaml +++ b/http/cves/2018/CVE-2018-20608.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-20608 cwe-id: CWE-200 - epss-score: 0.03654 - epss-percentile: 0.90821 + epss-score: 0.0111 + epss-percentile: 0.84208 cpe: cpe:2.3:a:txjia:imcat:4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-20985.yaml b/http/cves/2018/CVE-2018-20985.yaml index ce102e38fd2..b69795bd95a 100644 --- a/http/cves/2018/CVE-2018-20985.yaml +++ b/http/cves/2018/CVE-2018-20985.yaml @@ -13,13 +13,15 @@ info: - https://www.pluginvulnerabilities.com/2018/12/06/our-improved-proactive-monitoring-has-now-caught-a-local-file-inclusion-lfi-vulnerability-as-well/ - https://wordpress.org/plugins/wp-payeezy-pay/#developers - https://nvd.nist.gov/vuln/detail/CVE-2018-20985 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-20985 cwe-id: CWE-20 epss-score: 0.0117 - epss-percentile: 0.83424 + epss-percentile: 0.84668 cpe: cpe:2.3:a:payeezy:wp_payeezy_pay:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-2894.yaml b/http/cves/2018/CVE-2018-2894.yaml index 106ace3a255..375873468ea 100644 --- a/http/cves/2018/CVE-2018-2894.yaml +++ b/http/cves/2018/CVE-2018-2894.yaml @@ -21,7 +21,7 @@ info: cvss-score: 9.8 cve-id: CVE-2018-2894 epss-score: 0.97327 - epss-percentile: 0.99866 + epss-percentile: 0.99875 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2018/CVE-2018-3167.yaml b/http/cves/2018/CVE-2018-3167.yaml index 3f890404dd8..e51655b7c03 100644 --- a/http/cves/2018/CVE-2018-3167.yaml +++ b/http/cves/2018/CVE-2018-3167.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2018-3167 - epss-score: 0.00727 - epss-percentile: 0.78679 + epss-score: 0.00492 + epss-percentile: 0.75672 cpe: cpe:2.3:a:oracle:application_management_pack:12.1.3:*:*:*:*:e-business_suite:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-3238.yaml b/http/cves/2018/CVE-2018-3238.yaml index 839efb3e8d7..64b034e68b8 100644 --- a/http/cves/2018/CVE-2018-3238.yaml +++ b/http/cves/2018/CVE-2018-3238.yaml @@ -14,12 +14,13 @@ info: - https://www.oracle.com/security-alerts/cpuoct2018.html - https://nvd.nist.gov/vuln/detail/CVE-2018-3238 - http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N cvss-score: 6.9 cve-id: CVE-2018-3238 epss-score: 0.00471 - epss-percentile: 0.72995 + epss-percentile: 0.75103 cpe: cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2018/CVE-2018-3810.yaml b/http/cves/2018/CVE-2018-3810.yaml index edb1f65b30e..f76dbc00740 100644 --- a/http/cves/2018/CVE-2018-3810.yaml +++ b/http/cves/2018/CVE-2018-3810.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-3810 cwe-id: CWE-287 epss-score: 0.792 - epss-percentile: 0.97997 + epss-percentile: 0.98197 cpe: cpe:2.3:a:oturia:smart_google_code_inserter:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-5233.yaml b/http/cves/2018/CVE-2018-5233.yaml index 1031c4ea365..f1ab1c29cd6 100644 --- a/http/cves/2018/CVE-2018-5233.yaml +++ b/http/cves/2018/CVE-2018-5233.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-5233 cwe-id: CWE-79 epss-score: 0.00294 - epss-percentile: 0.66042 + epss-percentile: 0.6862 cpe: cpe:2.3:a:getgrav:grav_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-5715.yaml b/http/cves/2018/CVE-2018-5715.yaml index 39cd27397b0..476e38aa680 100644 --- a/http/cves/2018/CVE-2018-5715.yaml +++ b/http/cves/2018/CVE-2018-5715.yaml @@ -14,13 +14,14 @@ info: - https://m4k4br0.github.io/sugarcrm-xss/ - https://www.exploit-db.com/exploits/43683/ - https://nvd.nist.gov/vuln/detail/CVE-2018-5715 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-5715 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47426 + epss-percentile: 0.46737 cpe: cpe:2.3:a:sugarcrm:sugarcrm:3.5.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-6184.yaml b/http/cves/2018/CVE-2018-6184.yaml index 4d4da404617..2b420da44d6 100644 --- a/http/cves/2018/CVE-2018-6184.yaml +++ b/http/cves/2018/CVE-2018-6184.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-6184 cwe-id: CWE-22 epss-score: 0.00396 - epss-percentile: 0.70806 + epss-percentile: 0.72998 cpe: cpe:2.3:a:zeit:next.js:4.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-6200.yaml b/http/cves/2018/CVE-2018-6200.yaml index 98aead2dd88..a5068b76c10 100644 --- a/http/cves/2018/CVE-2018-6200.yaml +++ b/http/cves/2018/CVE-2018-6200.yaml @@ -13,13 +13,14 @@ info: reference: - https://cxsecurity.com/issue/WLB-2018010251 - https://nvd.nist.gov/vuln/detail/CVE-2018-6200 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-6200 cwe-id: CWE-601 - epss-score: 0.00121 - epss-percentile: 0.46136 + epss-score: 0.00141 + epss-percentile: 0.48943 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-6530.yaml b/http/cves/2018/CVE-2018-6530.yaml index 1f916fca874..20c74173904 100644 --- a/http/cves/2018/CVE-2018-6530.yaml +++ b/http/cves/2018/CVE-2018-6530.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-6530 cwe-id: CWE-78 epss-score: 0.93644 - epss-percentile: 0.98928 + epss-percentile: 0.99057 cpe: cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-6910.yaml b/http/cves/2018/CVE-2018-6910.yaml index 68ffce8b0be..917850c4f92 100644 --- a/http/cves/2018/CVE-2018-6910.yaml +++ b/http/cves/2018/CVE-2018-6910.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2018-6910 - https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md - https://kongxin.gitbook.io/dedecms-5-7-bug/ + - https://github.com/zhibx/fscan-Intranet + - https://github.com/0ps/pocassistdb classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-6910 cwe-id: CWE-668 - epss-score: 0.03394 - epss-percentile: 0.9047 + epss-score: 0.02422 + epss-percentile: 0.89709 cpe: cpe:2.3:a:dedecms:dedecms:5.7:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7251.yaml b/http/cves/2018/CVE-2018-7251.yaml index 9b93947e029..8cfbac11f88 100644 --- a/http/cves/2018/CVE-2018-7251.yaml +++ b/http/cves/2018/CVE-2018-7251.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-7251 cwe-id: CWE-200 epss-score: 0.06473 - epss-percentile: 0.93046 + epss-percentile: 0.93558 cpe: cpe:2.3:a:anchorcms:anchor:0.12.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7422.yaml b/http/cves/2018/CVE-2018-7422.yaml index 5fa4f7c708c..1a534664c41 100644 --- a/http/cves/2018/CVE-2018-7422.yaml +++ b/http/cves/2018/CVE-2018-7422.yaml @@ -15,13 +15,14 @@ info: - http://seclists.org/fulldisclosure/2018/Mar/40 - https://wpvulndb.com/vulnerabilities/9044 - https://nvd.nist.gov/vuln/detail/CVE-2018-7422 + - https://github.com/El-Palomo/SYMFONOS classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-7422 cwe-id: CWE-22 epss-score: 0.94711 - epss-percentile: 0.99086 + epss-percentile: 0.99202 cpe: cpe:2.3:a:siteeditor:site_editor:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-7490.yaml b/http/cves/2018/CVE-2018-7490.yaml index 972d3c0a4a0..3dbd594800f 100644 --- a/http/cves/2018/CVE-2018-7490.yaml +++ b/http/cves/2018/CVE-2018-7490.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/44223/ - https://www.debian.org/security/2018/dsa-4142 - https://nvd.nist.gov/vuln/detail/CVE-2018-7490 + - https://github.com/jweny/pocassistdb classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-7490 cwe-id: CWE-22 epss-score: 0.9541 - epss-percentile: 0.99218 + epss-percentile: 0.99316 cpe: cpe:2.3:a:unbit:uwsgi:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7600.yaml b/http/cves/2018/CVE-2018-7600.yaml index 101599f2ed1..6c08d56e43a 100644 --- a/http/cves/2018/CVE-2018-7600.yaml +++ b/http/cves/2018/CVE-2018-7600.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2018-7600 cwe-id: CWE-20 - epss-score: 0.97571 + epss-score: 0.97568 epss-percentile: 1 cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2018/CVE-2018-7653.yaml b/http/cves/2018/CVE-2018-7653.yaml index edcb24deef0..3a5f1230af1 100644 --- a/http/cves/2018/CVE-2018-7653.yaml +++ b/http/cves/2018/CVE-2018-7653.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-7653 cwe-id: CWE-79 epss-score: 0.00797 - epss-percentile: 0.79754 + epss-percentile: 0.81235 cpe: cpe:2.3:a:yzmcms:yzmcms:3.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8006.yaml b/http/cves/2018/CVE-2018-8006.yaml index 0af91ff1f79..6294d5a1bde 100644 --- a/http/cves/2018/CVE-2018-8006.yaml +++ b/http/cves/2018/CVE-2018-8006.yaml @@ -26,7 +26,7 @@ info: cve-id: CVE-2018-8006 cwe-id: CWE-79 epss-score: 0.34776 - epss-percentile: 0.96721 + epss-percentile: 0.97001 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8033.yaml b/http/cves/2018/CVE-2018-8033.yaml index 585e1a289aa..91a04517731 100644 --- a/http/cves/2018/CVE-2018-8033.yaml +++ b/http/cves/2018/CVE-2018-8033.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-8033 cwe-id: CWE-200 - epss-score: 0.00813 - epss-percentile: 0.79933 + epss-score: 0.04526 + epss-percentile: 0.92289 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8715.yaml b/http/cves/2018/CVE-2018-8715.yaml index 4baaf1feed7..eef7d6a3769 100644 --- a/http/cves/2018/CVE-2018-8715.yaml +++ b/http/cves/2018/CVE-2018-8715.yaml @@ -14,13 +14,14 @@ info: - https://blogs.securiteam.com/index.php/archives/3676 - https://security.paloaltonetworks.com/CVE-2018-8715 - https://nvd.nist.gov/vuln/detail/CVE-2018-8715 + - https://github.com/cyberharsh/appweb classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2018-8715 cwe-id: CWE-287 epss-score: 0.00927 - epss-percentile: 0.81212 + epss-percentile: 0.8261 cpe: cpe:2.3:a:embedthis:appweb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8823.yaml b/http/cves/2018/CVE-2018-8823.yaml index eeca8763a82..c83766eff18 100644 --- a/http/cves/2018/CVE-2018-8823.yaml +++ b/http/cves/2018/CVE-2018-8823.yaml @@ -11,13 +11,14 @@ info: - https://www.openservis.cz/prestashop-blog/nejcastejsi-utoky-v-roce-2023-seznam-deravych-modulu-nemate-nejaky-z-nich-na-e-shopu-i-vy/ - https://github.com/advisories/GHSA-q937-6mg8-6rgc - https://nvd.nist.gov/vuln/detail/CVE-2018-8823 + - https://github.com/zapalm/prestashop-security-vulnerability-checker classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-8823 cwe-id: CWE-94 epss-score: 0.24062 - epss-percentile: 0.96167 + epss-percentile: 0.96494 cpe: cpe:2.3:a:responsive_mega_menu_pro_project:responsive_mega_menu_pro:1.0.32:*:*:*:*:prestashop:*:* metadata: verified: true @@ -27,7 +28,6 @@ info: framework: prestashop shodan-query: http.component:"prestashop" tags: cve,cve2018,prestashop,rce,sqli - variables: num: "999999999" diff --git a/http/cves/2018/CVE-2018-9118.yaml b/http/cves/2018/CVE-2018-9118.yaml index f6888857fc1..c843bce2c27 100644 --- a/http/cves/2018/CVE-2018-9118.yaml +++ b/http/cves/2018/CVE-2018-9118.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-9118 cwe-id: CWE-22 epss-score: 0.07018 - epss-percentile: 0.9332 + epss-percentile: 0.93812 cpe: cpe:2.3:a:99robots:wp_background_takeover_advertisements:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-9161.yaml b/http/cves/2018/CVE-2018-9161.yaml index 5d77d640b7b..d88a7d00fff 100644 --- a/http/cves/2018/CVE-2018-9161.yaml +++ b/http/cves/2018/CVE-2018-9161.yaml @@ -13,13 +13,14 @@ info: - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5453.php - https://nvd.nist.gov/vuln/detail/CVE-2018-9161 - https://www.exploit-db.com/exploits/44276/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-9161 cwe-id: CWE-798 - epss-score: 0.26342 - epss-percentile: 0.96302 + epss-score: 0.12574 + epss-percentile: 0.95318 cpe: cpe:2.3:a:prismaindustriale:checkweigher_prismaweb:1.21:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-9205.yaml b/http/cves/2018/CVE-2018-9205.yaml index c208ab8a30f..ed288355728 100644 --- a/http/cves/2018/CVE-2018-9205.yaml +++ b/http/cves/2018/CVE-2018-9205.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2018-9205 cwe-id: CWE-22 epss-score: 0.02175 - epss-percentile: 0.88246 + epss-percentile: 0.89127 cpe: cpe:2.3:a:drupal:avatar_uploader:7.x-1.0:beta8:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-0193.yaml b/http/cves/2019/CVE-2019-0193.yaml index 821b7203b41..d626077c3fd 100644 --- a/http/cves/2019/CVE-2019-0193.yaml +++ b/http/cves/2019/CVE-2019-0193.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2019-0193 cwe-id: CWE-94 - epss-score: 0.94797 - epss-percentile: 0.99109 + epss-score: 0.9605 + epss-percentile: 0.99452 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-0221.yaml b/http/cves/2019/CVE-2019-0221.yaml index 3095f782799..9faf8fb7db7 100644 --- a/http/cves/2019/CVE-2019-0221.yaml +++ b/http/cves/2019/CVE-2019-0221.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-0221 cwe-id: CWE-79 epss-score: 0.00915 - epss-percentile: 0.81078 + epss-percentile: 0.82479 cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10068.yaml b/http/cves/2019/CVE-2019-10068.yaml index deb232e2f83..9c022c554a5 100644 --- a/http/cves/2019/CVE-2019-10068.yaml +++ b/http/cves/2019/CVE-2019-10068.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-10068 cwe-id: CWE-502 - epss-score: 0.97356 - epss-percentile: 0.99885 + epss-score: 0.97344 + epss-percentile: 0.99887 cpe: cpe:2.3:a:kentico:kentico:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-1010287.yaml b/http/cves/2019/CVE-2019-1010287.yaml index 52fd96dd460..77b55133fda 100644 --- a/http/cves/2019/CVE-2019-1010287.yaml +++ b/http/cves/2019/CVE-2019-1010287.yaml @@ -14,13 +14,14 @@ info: - https://sourceforge.net/p/tsheetx/discussion/779083/thread/7fcb52f696/ - https://sourceforge.net/p/tsheetx/code/497/tree/branches/legacy/login.php#l40 - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287 + - https://github.com/merlinepedra25/nuclei-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-1010287 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47461 + epss-percentile: 0.46774 cpe: cpe:2.3:a:timesheet_next_gen_project:timesheet_next_gen:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-1010290.yaml b/http/cves/2019/CVE-2019-1010290.yaml index 88bf0fea5f7..315c6b3a608 100644 --- a/http/cves/2019/CVE-2019-1010290.yaml +++ b/http/cves/2019/CVE-2019-1010290.yaml @@ -13,13 +13,14 @@ info: - https://untrustednetwork.net/en/2019/02/20/open-redirection-vulnerability-in-babel/ - http://dev.cmsmadesimple.org/project/files/729 - https://nvd.nist.gov/vuln/detail/CVE-2019-1010290 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-1010290 cwe-id: CWE-601 epss-score: 0.00215 - epss-percentile: 0.59513 + epss-percentile: 0.58908 cpe: cpe:2.3:a:cmsmadesimple:bable\:multilingual_site:*:*:*:*:*:cms_made_simple:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-10232.yaml b/http/cves/2019/CVE-2019-10232.yaml index 72c6377261e..d61aa173f1a 100644 --- a/http/cves/2019/CVE-2019-10232.yaml +++ b/http/cves/2019/CVE-2019-10232.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-10232 cwe-id: CWE-89 - epss-score: 0.14229 - epss-percentile: 0.95224 + epss-score: 0.12149 + epss-percentile: 0.95246 cpe: cpe:2.3:a:teclib-edition:gestionnaire_libre_de_parc_informatique:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10405.yaml b/http/cves/2019/CVE-2019-10405.yaml index 352549dac77..77ba55740ec 100644 --- a/http/cves/2019/CVE-2019-10405.yaml +++ b/http/cves/2019/CVE-2019-10405.yaml @@ -13,13 +13,14 @@ info: - https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505 - http://www.openwall.com/lists/oss-security/2019/09/25/3 - https://nvd.nist.gov/vuln/detail/CVE-2019-10405 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2019-10405 cwe-id: CWE-79 epss-score: 0.00572 - epss-percentile: 0.75485 + epss-percentile: 0.77427 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10475.yaml b/http/cves/2019/CVE-2019-10475.yaml index 1a9367aad25..ff0992cd334 100644 --- a/http/cves/2019/CVE-2019-10475.yaml +++ b/http/cves/2019/CVE-2019-10475.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-10475 cwe-id: CWE-79 epss-score: 0.97301 - epss-percentile: 0.99852 + epss-percentile: 0.99859 cpe: cpe:2.3:a:jenkins:build-metrics:*:*:*:*:*:jenkins:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-11013.yaml b/http/cves/2019/CVE-2019-11013.yaml index 99c724857b7..f6a29cca412 100644 --- a/http/cves/2019/CVE-2019-11013.yaml +++ b/http/cves/2019/CVE-2019-11013.yaml @@ -14,13 +14,14 @@ info: - https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/ - http://packetstormsecurity.com/files/154196/Nimble-Streamer-3.x-Directory-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2019-11013 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2019-11013 cwe-id: CWE-22 epss-score: 0.01775 - epss-percentile: 0.86672 + epss-percentile: 0.87745 cpe: cpe:2.3:a:softvelum:nimble_streamer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-11370.yaml b/http/cves/2019/CVE-2019-11370.yaml index fc504df7390..c30a1d6a69c 100644 --- a/http/cves/2019/CVE-2019-11370.yaml +++ b/http/cves/2019/CVE-2019-11370.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-11370 cwe-id: CWE-79 epss-score: 0.1896 - epss-percentile: 0.95814 + epss-percentile: 0.96129 cpe: cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-11580.yaml b/http/cves/2019/CVE-2019-11580.yaml index e7e9b4e4c40..c1a077f2a76 100644 --- a/http/cves/2019/CVE-2019-11580.yaml +++ b/http/cves/2019/CVE-2019-11580.yaml @@ -14,12 +14,13 @@ info: - https://jira.atlassian.com/browse/CWD-5388 - https://nvd.nist.gov/vuln/detail/CVE-2019-11580 - http://packetstormsecurity.com/files/163810/Atlassian-Crowd-pdkinstall-Remote-Code-Execution.html + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-11580 - epss-score: 0.97457 - epss-percentile: 0.99952 + epss-score: 0.97441 + epss-percentile: 0.99943 cpe: cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12276.yaml b/http/cves/2019/CVE-2019-12276.yaml index 8621c2e6dde..040a529b5de 100644 --- a/http/cves/2019/CVE-2019-12276.yaml +++ b/http/cves/2019/CVE-2019-12276.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-12276 cwe-id: CWE-22 - epss-score: 0.96216 - epss-percentile: 0.99405 + epss-score: 0.96035 + epss-percentile: 0.99446 cpe: cpe:2.3:a:grandnode:grandnode:4.40:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12461.yaml b/http/cves/2019/CVE-2019-12461.yaml index 4005afa892c..a7f988e9b05 100644 --- a/http/cves/2019/CVE-2019-12461.yaml +++ b/http/cves/2019/CVE-2019-12461.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-12461 cwe-id: CWE-79 epss-score: 0.00269 - epss-percentile: 0.6435 + epss-percentile: 0.6713 cpe: cpe:2.3:a:webport:web_port:1.19.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12583.yaml b/http/cves/2019/CVE-2019-12583.yaml index d1e5d8ed041..5a10c9e54e0 100644 --- a/http/cves/2019/CVE-2019-12583.yaml +++ b/http/cves/2019/CVE-2019-12583.yaml @@ -13,13 +13,15 @@ info: - https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtml - https://n-thumann.de/blog/zyxel-gateways-missing-access-control-in-account-generator-xss/ - https://nvd.nist.gov/vuln/detail/CVE-2019-12583 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H cvss-score: 9.1 cve-id: CVE-2019-12583 cwe-id: CWE-425 epss-score: 0.00481 - epss-percentile: 0.73297 + epss-percentile: 0.75389 cpe: cpe:2.3:o:zyxel:uag2100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12593.yaml b/http/cves/2019/CVE-2019-12593.yaml index 7d2fd12b22b..1e1fc390cf7 100644 --- a/http/cves/2019/CVE-2019-12593.yaml +++ b/http/cves/2019/CVE-2019-12593.yaml @@ -15,13 +15,14 @@ info: - http://www.icewarp.com - https://nvd.nist.gov/vuln/detail/CVE-2019-12593 - http://packetstormsecurity.com/files/153161/IceWarp-10.4.4-Local-File-Inclusion.html + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-12593 cwe-id: CWE-22 - epss-score: 0.1185 - epss-percentile: 0.94799 + epss-score: 0.11506 + epss-percentile: 0.95118 cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12616.yaml b/http/cves/2019/CVE-2019-12616.yaml index 5aae97bb9f0..4e260cd6ebf 100644 --- a/http/cves/2019/CVE-2019-12616.yaml +++ b/http/cves/2019/CVE-2019-12616.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2019-12616 cwe-id: CWE-352 - epss-score: 0.01434 - epss-percentile: 0.85227 + epss-score: 0.01696 + epss-percentile: 0.87461 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12725.yaml b/http/cves/2019/CVE-2019-12725.yaml index 18680207c18..4b312fdf7cc 100644 --- a/http/cves/2019/CVE-2019-12725.yaml +++ b/http/cves/2019/CVE-2019-12725.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12725 cwe-id: CWE-78 - epss-score: 0.9634 - epss-percentile: 0.99443 + epss-score: 0.96341 + epss-percentile: 0.99518 cpe: cpe:2.3:o:zeroshell:zeroshell:3.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12962.yaml b/http/cves/2019/CVE-2019-12962.yaml index 77faff9f17b..ec5b910ef2e 100644 --- a/http/cves/2019/CVE-2019-12962.yaml +++ b/http/cves/2019/CVE-2019-12962.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-12962 cwe-id: CWE-79 - epss-score: 0.20689 - epss-percentile: 0.95962 + epss-score: 0.17333 + epss-percentile: 0.95984 cpe: cpe:2.3:a:livezilla:livezilla:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-12985.yaml b/http/cves/2019/CVE-2019-12985.yaml index b412b36fe13..090b49797a7 100644 --- a/http/cves/2019/CVE-2019-12985.yaml +++ b/http/cves/2019/CVE-2019-12985.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12985 cwe-id: CWE-78 - epss-score: 0.97297 - epss-percentile: 0.99851 + epss-score: 0.97276 + epss-percentile: 0.99843 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12988.yaml b/http/cves/2019/CVE-2019-12988.yaml index 4951d570d0e..0a5734dc782 100644 --- a/http/cves/2019/CVE-2019-12988.yaml +++ b/http/cves/2019/CVE-2019-12988.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12988 cwe-id: CWE-78 - epss-score: 0.97297 - epss-percentile: 0.9985 + epss-score: 0.97276 + epss-percentile: 0.99843 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-13101.yaml b/http/cves/2019/CVE-2019-13101.yaml index e16c44a3e20..caa16db77b9 100644 --- a/http/cves/2019/CVE-2019-13101.yaml +++ b/http/cves/2019/CVE-2019-13101.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-13101 cwe-id: CWE-306 epss-score: 0.0359 - epss-percentile: 0.90708 + epss-percentile: 0.9142 cpe: cpe:2.3:o:dlink:dir-600m_firmware:3.02:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-13396.yaml b/http/cves/2019/CVE-2019-13396.yaml index f130dd10a9e..c5c624e5eb5 100644 --- a/http/cves/2019/CVE-2019-13396.yaml +++ b/http/cves/2019/CVE-2019-13396.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/47121 - http://getflightpath.com/node/2650 - https://nvd.nist.gov/vuln/detail/CVE-2019-13396 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2019-13396 cwe-id: CWE-22 - epss-score: 0.02107 - epss-percentile: 0.87968 + epss-score: 0.02602 + epss-percentile: 0.90051 cpe: cpe:2.3:a:getflightpath:flightpath:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-14205.yaml b/http/cves/2019/CVE-2019-14205.yaml index e8fe443544d..c9d4c93f712 100644 --- a/http/cves/2019/CVE-2019-14205.yaml +++ b/http/cves/2019/CVE-2019-14205.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-14205 cwe-id: CWE-22 - epss-score: 0.05117 - epss-percentile: 0.92168 + epss-score: 0.06233 + epss-percentile: 0.93435 cpe: cpe:2.3:a:nevma:adaptive_images:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14251.yaml b/http/cves/2019/CVE-2019-14251.yaml index 80db166a7d7..c87f2a58011 100644 --- a/http/cves/2019/CVE-2019-14251.yaml +++ b/http/cves/2019/CVE-2019-14251.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-14251 cwe-id: CWE-22 - epss-score: 0.01412 - epss-percentile: 0.851 + epss-score: 0.01653 + epss-percentile: 0.87315 cpe: cpe:2.3:a:temenos:t24:r15.01:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-14312.yaml b/http/cves/2019/CVE-2019-14312.yaml index c4eea85ccc0..1f2ae544a18 100644 --- a/http/cves/2019/CVE-2019-14312.yaml +++ b/http/cves/2019/CVE-2019-14312.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/153985/Aptana-Jaxer-1.0.3.4547-Local-File-Inclusion.html - https://github.com/aptana/Jaxer/commits/master - https://nvd.nist.gov/vuln/detail/CVE-2019-14312 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2019-14312 cwe-id: CWE-22 - epss-score: 0.01777 - epss-percentile: 0.8668 + epss-score: 0.02354 + epss-percentile: 0.89553 cpe: cpe:2.3:a:aptana:jaxer:1.0.3.4547:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14322.yaml b/http/cves/2019/CVE-2019-14322.yaml index a04082f11cb..2e083e386d9 100644 --- a/http/cves/2019/CVE-2019-14322.yaml +++ b/http/cves/2019/CVE-2019-14322.yaml @@ -14,13 +14,15 @@ info: - https://palletsprojects.com/blog/werkzeug-0-15-5-released/ - http://packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2019-14322 + - https://github.com/faisalfs10x/CVE-2019-14322-scanner + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-14322 cwe-id: CWE-22 - epss-score: 0.58463 - epss-percentile: 0.97438 + epss-score: 0.65161 + epss-percentile: 0.97821 cpe: cpe:2.3:a:palletsprojects:werkzeug:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-14470.yaml b/http/cves/2019/CVE-2019-14470.yaml index cc610f2c4c0..09eae3c7a58 100644 --- a/http/cves/2019/CVE-2019-14470.yaml +++ b/http/cves/2019/CVE-2019-14470.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-14470 cwe-id: CWE-79 - epss-score: 0.80196 - epss-percentile: 0.98028 + epss-score: 0.79707 + epss-percentile: 0.98209 cpe: cpe:2.3:a:instagram-php-api_project:instagram-php-api:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14530.yaml b/http/cves/2019/CVE-2019-14530.yaml index a59f10d2e21..b2173ae1a4d 100644 --- a/http/cves/2019/CVE-2019-14530.yaml +++ b/http/cves/2019/CVE-2019-14530.yaml @@ -15,13 +15,14 @@ info: - https://github.com/openemr/openemr/archive/refs/tags/v5_0_1_7.zip - https://github.com/openemr/openemr/pull/2592 - https://nvd.nist.gov/vuln/detail/CVE-2019-14530 + - https://github.com/sec-it/exploit-CVE-2019-14530 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-14530 cwe-id: CWE-22 epss-score: 0.81752 - epss-percentile: 0.98091 + epss-percentile: 0.98283 cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-14696.yaml b/http/cves/2019/CVE-2019-14696.yaml index b818f004ebd..d60d889078a 100644 --- a/http/cves/2019/CVE-2019-14696.yaml +++ b/http/cves/2019/CVE-2019-14696.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-14696 cwe-id: CWE-79 - epss-score: 0.00776 - epss-percentile: 0.7943 + epss-score: 0.00618 + epss-percentile: 0.78345 cpe: cpe:2.3:a:open-school:open-school:2.3:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14789.yaml b/http/cves/2019/CVE-2019-14789.yaml index 72e80b0f7cc..d07e26c7a0a 100644 --- a/http/cves/2019/CVE-2019-14789.yaml +++ b/http/cves/2019/CVE-2019-14789.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-14789 cwe-id: CWE-79 epss-score: 0.00125 - epss-percentile: 0.46761 + epss-percentile: 0.46015 cpe: cpe:2.3:a:kunalnagar:custom_404_pro:3.2.8:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15501.yaml b/http/cves/2019/CVE-2019-15501.yaml index 4751b9a280e..a6631a8b34a 100644 --- a/http/cves/2019/CVE-2019-15501.yaml +++ b/http/cves/2019/CVE-2019-15501.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/47302 - http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018a_WhatsNew.pdf - https://nvd.nist.gov/vuln/detail/CVE-2019-15501 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-15501 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.6646 + epss-percentile: 0.69072 cpe: cpe:2.3:a:lsoft:listserv:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15811.yaml b/http/cves/2019/CVE-2019-15811.yaml index 4f0f1162b64..34654f0f3ac 100644 --- a/http/cves/2019/CVE-2019-15811.yaml +++ b/http/cves/2019/CVE-2019-15811.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-15811 cwe-id: CWE-79 - epss-score: 0.00376 - epss-percentile: 0.69988 + epss-score: 0.00269 + epss-percentile: 0.6713 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15858.yaml b/http/cves/2019/CVE-2019-15858.yaml index ca6519a2573..934f1f253ce 100644 --- a/http/cves/2019/CVE-2019-15858.yaml +++ b/http/cves/2019/CVE-2019-15858.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-15858 cwe-id: CWE-306 epss-score: 0.036 - epss-percentile: 0.90758 + epss-percentile: 0.91432 cpe: cpe:2.3:a:webcraftic:woody_ad_snippets:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16057.yaml b/http/cves/2019/CVE-2019-16057.yaml index ecc86ec5eb4..f7c0b20ee62 100644 --- a/http/cves/2019/CVE-2019-16057.yaml +++ b/http/cves/2019/CVE-2019-16057.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-16057 cwe-id: CWE-78 epss-score: 0.9754 - epss-percentile: 0.99995 + epss-percentile: 0.99994 cpe: cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-16097.yaml b/http/cves/2019/CVE-2019-16097.yaml index 0cd80697c8f..f38b2360a20 100644 --- a/http/cves/2019/CVE-2019-16097.yaml +++ b/http/cves/2019/CVE-2019-16097.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.5 cve-id: CVE-2019-16097 cwe-id: CWE-862 - epss-score: 0.96903 - epss-percentile: 0.99656 + epss-score: 0.96492 + epss-percentile: 0.99563 cpe: cpe:2.3:a:linuxfoundation:harbor:1.7.0:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16123.yaml b/http/cves/2019/CVE-2019-16123.yaml index 3a75ad1dc80..bb525eb40ce 100644 --- a/http/cves/2019/CVE-2019-16123.yaml +++ b/http/cves/2019/CVE-2019-16123.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16123 cwe-id: CWE-22 - epss-score: 0.72953 - epss-percentile: 0.97827 + epss-score: 0.67812 + epss-percentile: 0.97877 cpe: cpe:2.3:a:kartatopia:piluscart:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16313.yaml b/http/cves/2019/CVE-2019-16313.yaml index 833ac19f819..bd4df5d2597 100644 --- a/http/cves/2019/CVE-2019-16313.yaml +++ b/http/cves/2019/CVE-2019-16313.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16313 cwe-id: CWE-798 - epss-score: 0.03744 - epss-percentile: 0.90933 + epss-score: 0.04059 + epss-percentile: 0.91911 cpe: cpe:2.3:o:ifw8:fr6_firmware:4.31:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16332.yaml b/http/cves/2019/CVE-2019-16332.yaml index 0527134d42c..f291a1d94e0 100644 --- a/http/cves/2019/CVE-2019-16332.yaml +++ b/http/cves/2019/CVE-2019-16332.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-16332 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.66434 + epss-percentile: 0.69049 cpe: cpe:2.3:a:api_bearer_auth_project:api_bearer_auth:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16469.yaml b/http/cves/2019/CVE-2019-16469.yaml index 471f5e46bdd..752f76f8b32 100644 --- a/http/cves/2019/CVE-2019-16469.yaml +++ b/http/cves/2019/CVE-2019-16469.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16469 cwe-id: CWE-917 - epss-score: 0.00373 - epss-percentile: 0.69903 + epss-score: 0.17165 + epss-percentile: 0.95967 cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-1653.yaml b/http/cves/2019/CVE-2019-1653.yaml index 83a82dff320..e0bc4d908e1 100644 --- a/http/cves/2019/CVE-2019-1653.yaml +++ b/http/cves/2019/CVE-2019-1653.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-1653 cwe-id: CWE-200,CWE-284 - epss-score: 0.97555 - epss-percentile: 0.99998 + epss-score: 0.97565 + epss-percentile: 0.99999 cpe: cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16920.yaml b/http/cves/2019/CVE-2019-16920.yaml index 6db9b58f81c..d8dfc26bb65 100644 --- a/http/cves/2019/CVE-2019-16920.yaml +++ b/http/cves/2019/CVE-2019-16920.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-16920 cwe-id: CWE-78 epss-score: 0.96307 - epss-percentile: 0.99432 + epss-percentile: 0.99507 cpe: cpe:2.3:o:dlink:dir-655_firmware:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-16931.yaml b/http/cves/2019/CVE-2019-16931.yaml index f895fa08f05..11240b1ec49 100644 --- a/http/cves/2019/CVE-2019-16931.yaml +++ b/http/cves/2019/CVE-2019-16931.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-16931 cwe-id: CWE-79 epss-score: 0.00244 - epss-percentile: 0.62382 + epss-percentile: 0.63842 cpe: cpe:2.3:a:themeisle:visualizer:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-16996.yaml b/http/cves/2019/CVE-2019-16996.yaml index de950520cbc..9772dc08f82 100644 --- a/http/cves/2019/CVE-2019-16996.yaml +++ b/http/cves/2019/CVE-2019-16996.yaml @@ -12,13 +12,16 @@ info: reference: - https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/1 - https://nvd.nist.gov/vuln/detail/CVE-2019-16996 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2019-16996 cwe-id: CWE-89 - epss-score: 0.25861 - epss-percentile: 0.96276 + epss-score: 0.33595 + epss-percentile: 0.96956 cpe: cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17270.yaml b/http/cves/2019/CVE-2019-17270.yaml index 86ed452aac6..110dc4813ed 100644 --- a/http/cves/2019/CVE-2019-17270.yaml +++ b/http/cves/2019/CVE-2019-17270.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-17270 cwe-id: CWE-78 - epss-score: 0.94652 - epss-percentile: 0.99087 + epss-score: 0.93892 + epss-percentile: 0.99085 cpe: cpe:2.3:a:yachtcontrol:yachtcontrol:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17418.yaml b/http/cves/2019/CVE-2019-17418.yaml index 60cfc7fca2c..27b95edcb3c 100644 --- a/http/cves/2019/CVE-2019-17418.yaml +++ b/http/cves/2019/CVE-2019-17418.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2019-17418 cwe-id: CWE-89 - epss-score: 0.46136 - epss-percentile: 0.97112 + epss-score: 0.54908 + epss-percentile: 0.97587 cpe: cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17444.yaml b/http/cves/2019/CVE-2019-17444.yaml index 8c47543f90f..0da9aa89d56 100644 --- a/http/cves/2019/CVE-2019-17444.yaml +++ b/http/cves/2019/CVE-2019-17444.yaml @@ -14,13 +14,14 @@ info: - https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes - https://www.jfrog.com/confluence/display/JFROG/JFrog+Artifactory - https://nvd.nist.gov/vuln/detail/CVE-2019-17444 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-17444 cwe-id: CWE-521 - epss-score: 0.06182 - epss-percentile: 0.92849 + epss-score: 0.05344 + epss-percentile: 0.92917 cpe: cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17662.yaml b/http/cves/2019/CVE-2019-17662.yaml index f71205ecccb..c462543dea3 100644 --- a/http/cves/2019/CVE-2019-17662.yaml +++ b/http/cves/2019/CVE-2019-17662.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-17662 cwe-id: CWE-22 - epss-score: 0.68973 - epss-percentile: 0.97707 + epss-score: 0.64941 + epss-percentile: 0.97813 cpe: cpe:2.3:a:cybelsoft:thinvnc:1.0:b1:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-1821.yaml b/http/cves/2019/CVE-2019-1821.yaml index ac23d8682d0..d601b87426b 100644 --- a/http/cves/2019/CVE-2019-1821.yaml +++ b/http/cves/2019/CVE-2019-1821.yaml @@ -12,13 +12,14 @@ info: - https://srcincite.io/blog/2019/05/17/panic-at-the-cisco-unauthenticated-rce-in-prime-infrastructure.html - https://nvd.nist.gov/vuln/detail/CVE-2019-1821 - http://packetstormsecurity.com/files/153350/Cisco-Prime-Infrastructure-Health-Monitor-TarArchive-Directory-Traversal.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-1821 cwe-id: CWE-20 epss-score: 0.96882 - epss-percentile: 0.99644 + epss-percentile: 0.99686 cpe: cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-18818.yaml b/http/cves/2019/CVE-2019-18818.yaml index 5a1b5a27460..065799b57a0 100644 --- a/http/cves/2019/CVE-2019-18818.yaml +++ b/http/cves/2019/CVE-2019-18818.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-18818 cwe-id: CWE-640 - epss-score: 0.87533 - epss-percentile: 0.98385 + epss-score: 0.89613 + epss-percentile: 0.98691 cpe: cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-18922.yaml b/http/cves/2019/CVE-2019-18922.yaml index f2744581d20..bd8d00410fd 100644 --- a/http/cves/2019/CVE-2019-18922.yaml +++ b/http/cves/2019/CVE-2019-18922.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-18922 cwe-id: CWE-22 - epss-score: 0.26248 - epss-percentile: 0.96311 + epss-score: 0.2399 + epss-percentile: 0.96487 cpe: cpe:2.3:o:alliedtelesis:at-gs950\/8_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-18957.yaml b/http/cves/2019/CVE-2019-18957.yaml index 4d1978da6d5..521cb381f86 100644 --- a/http/cves/2019/CVE-2019-18957.yaml +++ b/http/cves/2019/CVE-2019-18957.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-18957 cwe-id: CWE-79 epss-score: 0.00375 - epss-percentile: 0.69967 + epss-percentile: 0.72231 cpe: cpe:2.3:a:microstrategy:microstrategy_library:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-19368.yaml b/http/cves/2019/CVE-2019-19368.yaml index 019ce7911ed..738223d1f59 100644 --- a/http/cves/2019/CVE-2019-19368.yaml +++ b/http/cves/2019/CVE-2019-19368.yaml @@ -14,13 +14,14 @@ info: - https://www.maxum.com/Rumpus/Download.html - http://packetstormsecurity.com/files/155719/Rumpus-FTP-Web-File-Manager-8.2.9.1-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2019-19368 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-19368 cwe-id: CWE-79 epss-score: 0.00624 - epss-percentile: 0.76639 + epss-percentile: 0.78472 cpe: cpe:2.3:a:maxum:rumpus:8.2.9.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-19824.yaml b/http/cves/2019/CVE-2019-19824.yaml index 8b2e648b398..3ce67fe734f 100644 --- a/http/cves/2019/CVE-2019-19824.yaml +++ b/http/cves/2019/CVE-2019-19824.yaml @@ -15,13 +15,14 @@ info: - https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits - https://nvd.nist.gov/vuln/detail/CVE-2019-19824 - https://sploit.tech + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-19824 cwe-id: CWE-78 - epss-score: 0.96632 - epss-percentile: 0.99548 + epss-score: 0.96343 + epss-percentile: 0.99519 cpe: cpe:2.3:o:totolink:a3002ru_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-19908.yaml b/http/cves/2019/CVE-2019-19908.yaml index e28c9e843d4..752c61976ec 100644 --- a/http/cves/2019/CVE-2019-19908.yaml +++ b/http/cves/2019/CVE-2019-19908.yaml @@ -15,13 +15,14 @@ info: - http://ciprianmp.com/ - https://sourceforge.net/projects/phpmychat/ - https://nvd.nist.gov/vuln/detail/CVE-2019-19908 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-19908 cwe-id: CWE-79 epss-score: 0.00673 - epss-percentile: 0.77654 + epss-percentile: 0.79388 cpe: cpe:2.3:a:ciprianmp:phpmychat-plus:1.98:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-20085.yaml b/http/cves/2019/CVE-2019-20085.yaml index df6942898f5..bdb6d97d5a1 100644 --- a/http/cves/2019/CVE-2019-20085.yaml +++ b/http/cves/2019/CVE-2019-20085.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-20085 cwe-id: CWE-22 epss-score: 0.69009 - epss-percentile: 0.97708 + epss-percentile: 0.97908 cpe: cpe:2.3:o:tvt:nvms-1000_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-20183.yaml b/http/cves/2019/CVE-2019-20183.yaml index e75caed31c5..81e9ec8c425 100644 --- a/http/cves/2019/CVE-2019-20183.yaml +++ b/http/cves/2019/CVE-2019-20183.yaml @@ -15,13 +15,14 @@ info: - https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34 - https://nvd.nist.gov/vuln/detail/CVE-2019-20183 - https://medium.com/%40Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2019-20183 cwe-id: CWE-434 - epss-score: 0.03427 - epss-percentile: 0.90515 + epss-score: 0.02447 + epss-percentile: 0.89763 cpe: cpe:2.3:a:employee_records_system_project:employee_records_system:1.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-20933.yaml b/http/cves/2019/CVE-2019-20933.yaml index a60b87498f6..6ca24797542 100644 --- a/http/cves/2019/CVE-2019-20933.yaml +++ b/http/cves/2019/CVE-2019-20933.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-20933 cwe-id: CWE-287 epss-score: 0.04913 - epss-percentile: 0.91999 + epss-percentile: 0.92609 cpe: cpe:2.3:a:influxdata:influxdb:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-2578.yaml b/http/cves/2019/CVE-2019-2578.yaml index d5da5735b93..e3bfc27b06e 100644 --- a/http/cves/2019/CVE-2019-2578.yaml +++ b/http/cves/2019/CVE-2019-2578.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cve-id: CVE-2019-2578 - epss-score: 0.00751 - epss-percentile: 0.79026 + epss-score: 0.00623 + epss-percentile: 0.78436 cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-2579.yaml b/http/cves/2019/CVE-2019-2579.yaml index 17f5c5de8b1..414a5074c55 100644 --- a/http/cves/2019/CVE-2019-2579.yaml +++ b/http/cves/2019/CVE-2019-2579.yaml @@ -14,12 +14,13 @@ info: - https://github.com/Leovalcante/wcs_scanner - https://nvd.nist.gov/vuln/detail/CVE-2019-2579 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2019-2579 epss-score: 0.00493 - epss-percentile: 0.73611 + epss-percentile: 0.75701 cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-2588.yaml b/http/cves/2019/CVE-2019-2588.yaml index 7bd1a805ba0..4462e4399f4 100644 --- a/http/cves/2019/CVE-2019-2588.yaml +++ b/http/cves/2019/CVE-2019-2588.yaml @@ -13,12 +13,15 @@ info: reference: - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - https://nvd.nist.gov/vuln/detail/CVE-2019-2588 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates + - https://github.com/lnick2023/nicenice classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N cvss-score: 4.9 cve-id: CVE-2019-2588 - epss-score: 0.08225 - epss-percentile: 0.93742 + epss-score: 0.13765 + epss-percentile: 0.955 cpe: cpe:2.3:a:oracle:business_intelligence_publisher:11.1.1.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-2616.yaml b/http/cves/2019/CVE-2019-2616.yaml index e7e724ae2b1..6fc3e6b2fa8 100644 --- a/http/cves/2019/CVE-2019-2616.yaml +++ b/http/cves/2019/CVE-2019-2616.yaml @@ -13,12 +13,14 @@ info: - https://www.exploit-db.com/exploits/46729 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - https://nvd.nist.gov/vuln/detail/CVE-2019-2616 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2019-2616 - epss-score: 0.93111 - epss-percentile: 0.98865 + epss-score: 0.94292 + epss-percentile: 0.99135 cpe: cpe:2.3:a:oracle:business_intelligence_publisher:11.1.1.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-2725.yaml b/http/cves/2019/CVE-2019-2725.yaml index f5a099f7f76..b4014d44626 100644 --- a/http/cves/2019/CVE-2019-2725.yaml +++ b/http/cves/2019/CVE-2019-2725.yaml @@ -19,7 +19,7 @@ info: cvss-score: 9.8 cve-id: CVE-2019-2725 cwe-id: CWE-74 - epss-score: 0.97572 + epss-score: 0.97573 epss-percentile: 1 cpe: cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2019/CVE-2019-2729.yaml b/http/cves/2019/CVE-2019-2729.yaml index 47aa7090bda..1d1cb67aeca 100644 --- a/http/cves/2019/CVE-2019-2729.yaml +++ b/http/cves/2019/CVE-2019-2729.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 - epss-score: 0.97093 - epss-percentile: 0.9973 + epss-score: 0.97101 + epss-percentile: 0.99761 cpe: cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-2767.yaml b/http/cves/2019/CVE-2019-2767.yaml index b485219cc19..aa61ee874d9 100644 --- a/http/cves/2019/CVE-2019-2767.yaml +++ b/http/cves/2019/CVE-2019-2767.yaml @@ -13,12 +13,14 @@ info: - https://www.exploit-db.com/exploits/46729 - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - https://nvd.nist.gov/vuln/detail/CVE-2019-2767 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/vah13/Oracle-BI-bugs classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2019-2767 epss-score: 0.14972 - epss-percentile: 0.95282 + epss-percentile: 0.95676 cpe: cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3396.yaml b/http/cves/2019/CVE-2019-3396.yaml index 6735381e855..28b223a7832 100644 --- a/http/cves/2019/CVE-2019-3396.yaml +++ b/http/cves/2019/CVE-2019-3396.yaml @@ -12,13 +12,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2019-3396 - https://jira.atlassian.com/browse/CONFSERVER-57974 - http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-3396 cwe-id: CWE-22 - epss-score: 0.97502 - epss-percentile: 0.99979 + epss-score: 0.97508 + epss-percentile: 0.9998 cpe: cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3398.yaml b/http/cves/2019/CVE-2019-3398.yaml index 0f109775f16..ac49a34ce05 100644 --- a/http/cves/2019/CVE-2019-3398.yaml +++ b/http/cves/2019/CVE-2019-3398.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2019-3398 cwe-id: CWE-22 - epss-score: 0.9722 - epss-percentile: 0.99805 + epss-score: 0.97145 + epss-percentile: 0.99783 cpe: cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2019/CVE-2019-3402.yaml b/http/cves/2019/CVE-2019-3402.yaml index 5d168dc1062..0689e364d5f 100644 --- a/http/cves/2019/CVE-2019-3402.yaml +++ b/http/cves/2019/CVE-2019-3402.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-3402 cwe-id: CWE-79 - epss-score: 0.00254 - epss-percentile: 0.63243 + epss-score: 0.00238 + epss-percentile: 0.61128 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-3403.yaml b/http/cves/2019/CVE-2019-3403.yaml index c4fd921a3a3..68400d9110d 100644 --- a/http/cves/2019/CVE-2019-3403.yaml +++ b/http/cves/2019/CVE-2019-3403.yaml @@ -12,13 +12,16 @@ info: reference: - https://jira.atlassian.com/browse/JRASERVER-69242 - https://nvd.nist.gov/vuln/detail/CVE-2019-3403 + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/rezasarvani/JiraVulChecker + - https://github.com/und3sc0n0c1d0/UserEnumJira classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2019-3403 cwe-id: CWE-863 - epss-score: 0.0055 - epss-percentile: 0.7504 + epss-score: 0.00379 + epss-percentile: 0.72409 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3799.yaml b/http/cves/2019/CVE-2019-3799.yaml index e257f8849a4..ade26f6585a 100644 --- a/http/cves/2019/CVE-2019-3799.yaml +++ b/http/cves/2019/CVE-2019-3799.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2019-3799 cwe-id: CWE-22 - epss-score: 0.02349 - epss-percentile: 0.88703 + epss-score: 0.01441 + epss-percentile: 0.86327 cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3911.yaml b/http/cves/2019/CVE-2019-3911.yaml index 6eb28ec193f..035b8c75085 100644 --- a/http/cves/2019/CVE-2019-3911.yaml +++ b/http/cves/2019/CVE-2019-3911.yaml @@ -12,13 +12,14 @@ info: reference: - https://www.tenable.com/security/research/tra-2019-03 - https://nvd.nist.gov/vuln/detail/CVE-2019-3911 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3911 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.57378 + epss-percentile: 0.5643 cpe: cpe:2.3:a:labkey:labkey_server:*:*:community:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3912.yaml b/http/cves/2019/CVE-2019-3912.yaml index 64f8749a1bc..e44841d2000 100644 --- a/http/cves/2019/CVE-2019-3912.yaml +++ b/http/cves/2019/CVE-2019-3912.yaml @@ -12,13 +12,16 @@ info: reference: - https://www.tenable.com/security/research/tra-2019-03 - https://nvd.nist.gov/vuln/detail/CVE-2019-3912 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel + - https://github.com/anonymous364872/Rapier_Tool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3912 cwe-id: CWE-601 epss-score: 0.0016 - epss-percentile: 0.52431 + epss-percentile: 0.51564 cpe: cpe:2.3:a:labkey:labkey_server:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3929.yaml b/http/cves/2019/CVE-2019-3929.yaml index 0e4afed940f..b5a05f26b67 100644 --- a/http/cves/2019/CVE-2019-3929.yaml +++ b/http/cves/2019/CVE-2019-3929.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-3929 cwe-id: CWE-78,CWE-79 - epss-score: 0.97378 - epss-percentile: 0.99896 + epss-score: 0.97293 + epss-percentile: 0.99855 cpe: cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-5127.yaml b/http/cves/2019/CVE-2019-5127.yaml index 5a4970810ad..a09c9f33745 100644 --- a/http/cves/2019/CVE-2019-5127.yaml +++ b/http/cves/2019/CVE-2019-5127.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-5127 cwe-id: CWE-78 - epss-score: 0.97422 - epss-percentile: 0.99928 + epss-score: 0.97409 + epss-percentile: 0.99922 cpe: cpe:2.3:a:youphptube:youphptube_encoder:2.3:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2019/CVE-2019-5418.yaml b/http/cves/2019/CVE-2019-5418.yaml index 13207dd8279..7a904c30fa9 100644 --- a/http/cves/2019/CVE-2019-5418.yaml +++ b/http/cves/2019/CVE-2019-5418.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-5418 cwe-id: CWE-22,NVD-CWE-noinfo - epss-score: 0.97497 - epss-percentile: 0.99974 + epss-score: 0.97434 + epss-percentile: 0.99939 cpe: cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-5434.yaml b/http/cves/2019/CVE-2019-5434.yaml index 7d1b849fd1a..76f79572df9 100644 --- a/http/cves/2019/CVE-2019-5434.yaml +++ b/http/cves/2019/CVE-2019-5434.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-5434 cwe-id: CWE-502 - epss-score: 0.345 - epss-percentile: 0.96715 + epss-score: 0.3278 + epss-percentile: 0.96917 cpe: cpe:2.3:a:revive-sas:revive_adserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-6112.yaml b/http/cves/2019/CVE-2019-6112.yaml index 1d7d792a033..6ca9cadd40c 100644 --- a/http/cves/2019/CVE-2019-6112.yaml +++ b/http/cves/2019/CVE-2019-6112.yaml @@ -13,13 +13,15 @@ info: - https://github.com/graphpaperpress/Sell-Media/commit/8ac8cebf332e0885863d0a25e16b4b180abedc47#diff-f16fea0a0c8cc36031ec339d02a4fb3b - https://nvd.nist.gov/vuln/detail/CVE-2019-6112 - https://metamorfosec.com/Files/Advisories/METS-2020-001-A_XSS_Vulnerability_in_Sell_Media_Plugin_v2.4.1_for_WordPress.txt + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-6112 cwe-id: CWE-79 epss-score: 0.00126 - epss-percentile: 0.46982 + epss-percentile: 0.46229 cpe: cpe:2.3:a:graphpaperpress:sell_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6340.yaml b/http/cves/2019/CVE-2019-6340.yaml index abdb0b8acb1..8f0ac71f313 100644 --- a/http/cves/2019/CVE-2019-6340.yaml +++ b/http/cves/2019/CVE-2019-6340.yaml @@ -14,13 +14,14 @@ info: - https://www.synology.com/security/advisory/Synology_SA_19_09 - https://nvd.nist.gov/vuln/detail/CVE-2019-6340 - https://www.exploit-db.com/exploits/46452/ + - https://github.com/CVEDB/PoC-List classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2019-6340 cwe-id: CWE-502 - epss-score: 0.97503 - epss-percentile: 0.9998 + epss-score: 0.97487 + epss-percentile: 0.9997 cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6715.yaml b/http/cves/2019/CVE-2019-6715.yaml index 915b1c06e64..ca3113d2c16 100644 --- a/http/cves/2019/CVE-2019-6715.yaml +++ b/http/cves/2019/CVE-2019-6715.yaml @@ -14,12 +14,14 @@ info: - https://vinhjaxt.github.io/2019/03/cve-2019-6715 - http://packetstormsecurity.com/files/160674/WordPress-W3-Total-Cache-0.9.3-File-Read-Directory-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2019-6715 + - https://github.com/sobinge/nuclei-templates + - https://github.com/random-robbie/cve-2019-6715 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-6715 epss-score: 0.23312 - epss-percentile: 0.96121 + epss-percentile: 0.96449 cpe: cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6799.yaml b/http/cves/2019/CVE-2019-6799.yaml index 1187cd6f4cd..91b284b9f4a 100644 --- a/http/cves/2019/CVE-2019-6799.yaml +++ b/http/cves/2019/CVE-2019-6799.yaml @@ -21,8 +21,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 5.9 cve-id: CVE-2019-6799 - epss-score: 0.13969 - epss-percentile: 0.95119 + epss-score: 0.1829 + epss-percentile: 0.96069 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-6802.yaml b/http/cves/2019/CVE-2019-6802.yaml index af385e72e79..f941205dd99 100644 --- a/http/cves/2019/CVE-2019-6802.yaml +++ b/http/cves/2019/CVE-2019-6802.yaml @@ -12,13 +12,15 @@ info: - https://vuldb.com/?id.130257 - https://github.com/pypiserver/pypiserver/issues/237 - https://nvd.nist.gov/vuln/detail/CVE-2019-6802 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-6802 cwe-id: CWE-74 epss-score: 0.00113 - epss-percentile: 0.44613 + epss-percentile: 0.43845 cpe: cpe:2.3:a:python:pypiserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7192.yaml b/http/cves/2019/CVE-2019-7192.yaml index afd14b42927..3f8a10b4083 100644 --- a/http/cves/2019/CVE-2019-7192.yaml +++ b/http/cves/2019/CVE-2019-7192.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-7192 cwe-id: CWE-863 epss-score: 0.96341 - epss-percentile: 0.99444 + epss-percentile: 0.99518 cpe: cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7219.yaml b/http/cves/2019/CVE-2019-7219.yaml index 5dd93202190..38d5266a556 100644 --- a/http/cves/2019/CVE-2019-7219.yaml +++ b/http/cves/2019/CVE-2019-7219.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-7219 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44603 + epss-percentile: 0.43765 cpe: cpe:2.3:a:zarafa:webaccess:7.2.0-48204:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7238.yaml b/http/cves/2019/CVE-2019-7238.yaml index 5e9d1375678..f6233a3e28b 100644 --- a/http/cves/2019/CVE-2019-7238.yaml +++ b/http/cves/2019/CVE-2019-7238.yaml @@ -13,12 +13,14 @@ info: - https://github.com/jas502n/CVE-2019-7238 - https://support.sonatype.com/hc/en-us/articles/360017310793-CVE-2019-7238-Nexus-Repository-Manager-3-Missing-Access-Controls-and-Remote-Code-Execution-February-5th-2019 - https://nvd.nist.gov/vuln/detail/CVE-2019-7238 + - https://github.com/ycdxsb/Exploits + - https://github.com/zhangchi991022/Comprehensive-experiment-of-infomation-security classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-7238 - epss-score: 0.97372 - epss-percentile: 0.99892 + epss-score: 0.974 + epss-percentile: 0.99915 cpe: cpe:2.3:a:sonatype:nexus:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7254.yaml b/http/cves/2019/CVE-2019-7254.yaml index d1bec6d6ded..b340db8a209 100644 --- a/http/cves/2019/CVE-2019-7254.yaml +++ b/http/cves/2019/CVE-2019-7254.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-7254 cwe-id: CWE-22 - epss-score: 0.86915 - epss-percentile: 0.98374 + epss-score: 0.85367 + epss-percentile: 0.98459 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-7255.yaml b/http/cves/2019/CVE-2019-7255.yaml index b1eb2cd9223..9fadb579c2f 100644 --- a/http/cves/2019/CVE-2019-7255.yaml +++ b/http/cves/2019/CVE-2019-7255.yaml @@ -15,13 +15,14 @@ info: - https://applied-risk.com/labs/advisories - https://packetstormsecurity.com/files/155253/Linear-eMerge-E3-1.00-06-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2019-7255 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-7255 cwe-id: CWE-79 - epss-score: 0.01544 - epss-percentile: 0.85731 + epss-score: 0.01232 + epss-percentile: 0.85132 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7315.yaml b/http/cves/2019/CVE-2019-7315.yaml index 7f0b9b36565..26bc967c1fa 100644 --- a/http/cves/2019/CVE-2019-7315.yaml +++ b/http/cves/2019/CVE-2019-7315.yaml @@ -13,13 +13,14 @@ info: - https://labs.nettitude.com/blog/cve-2019-7315-genie-access-wip3bvaf-ip-camera-directory-traversal/ - https://vuldb.com/?id.136593 - https://nvd.nist.gov/vuln/detail/CVE-2019-7315 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-7315 cwe-id: CWE-22 - epss-score: 0.01501 - epss-percentile: 0.85524 + epss-score: 0.0172 + epss-percentile: 0.87556 cpe: cpe:2.3:o:genieaccess:wip3bvaf_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7481.yaml b/http/cves/2019/CVE-2019-7481.yaml index 81a6cfd47da..8670b4cc880 100644 --- a/http/cves/2019/CVE-2019-7481.yaml +++ b/http/cves/2019/CVE-2019-7481.yaml @@ -13,13 +13,15 @@ info: - https://www.crowdstrike.com/blog/how-ecrime-groups-leverage-sonicwall-vulnerability-cve-2019-7481/ - https://nvd.nist.gov/vuln/detail/CVE-2019-7481 - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0016 + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-7481 cwe-id: CWE-89 - epss-score: 0.87114 - epss-percentile: 0.98362 + epss-score: 0.91724 + epss-percentile: 0.98849 cpe: cpe:2.3:o:sonicwall:sma_100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7543.yaml b/http/cves/2019/CVE-2019-7543.yaml index c7e1f18a0db..4814eb1cfa5 100644 --- a/http/cves/2019/CVE-2019-7543.yaml +++ b/http/cves/2019/CVE-2019-7543.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-7543 cwe-id: CWE-79 - epss-score: 0.00113 - epss-percentile: 0.44682 + epss-score: 0.00135 + epss-percentile: 0.47935 cpe: cpe:2.3:a:kindsoft:kindeditor:4.1.11:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-7609.yaml b/http/cves/2019/CVE-2019-7609.yaml index 27fffb88831..1c92d910e72 100644 --- a/http/cves/2019/CVE-2019-7609.yaml +++ b/http/cves/2019/CVE-2019-7609.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2019-7609 cwe-id: CWE-94 - epss-score: 0.96098 - epss-percentile: 0.99371 + epss-score: 0.96778 + epss-percentile: 0.99656 cpe: cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8086.yaml b/http/cves/2019/CVE-2019-8086.yaml index 68b3141d046..819c3fec141 100644 --- a/http/cves/2019/CVE-2019-8086.yaml +++ b/http/cves/2019/CVE-2019-8086.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-8086 cwe-id: CWE-611 - epss-score: 0.09189 - epss-percentile: 0.94079 + epss-score: 0.13896 + epss-percentile: 0.95514 cpe: cpe:2.3:a:adobe:experience_manager:6.2:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-8442.yaml b/http/cves/2019/CVE-2019-8442.yaml index 3583114b551..feca5aab9ee 100644 --- a/http/cves/2019/CVE-2019-8442.yaml +++ b/http/cves/2019/CVE-2019-8442.yaml @@ -12,12 +12,15 @@ info: reference: - https://jira.atlassian.com/browse/JRASERVER-69241 - https://nvd.nist.gov/vuln/detail/CVE-2019-8442 + - https://github.com/0ps/pocassistdb + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-8442 epss-score: 0.97131 - epss-percentile: 0.99752 + epss-percentile: 0.99777 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-8446.yaml b/http/cves/2019/CVE-2019-8446.yaml index 88581d4ca78..e33e16c6c14 100644 --- a/http/cves/2019/CVE-2019-8446.yaml +++ b/http/cves/2019/CVE-2019-8446.yaml @@ -12,13 +12,16 @@ info: reference: - https://jira.atlassian.com/browse/JRASERVER-69777 - https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/CyberTrashPanda/CVE-2019-8446 + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2019-8446 cwe-id: CWE-863 epss-score: 0.15691 - epss-percentile: 0.95403 + epss-percentile: 0.95793 cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8449.yaml b/http/cves/2019/CVE-2019-8449.yaml index c565350f9b7..23007c56086 100644 --- a/http/cves/2019/CVE-2019-8449.yaml +++ b/http/cves/2019/CVE-2019-8449.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-8449 cwe-id: CWE-306 epss-score: 0.24444 - epss-percentile: 0.96207 + epss-percentile: 0.96513 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8451.yaml b/http/cves/2019/CVE-2019-8451.yaml index 97ca796414d..9b42dd24ff1 100644 --- a/http/cves/2019/CVE-2019-8451.yaml +++ b/http/cves/2019/CVE-2019-8451.yaml @@ -14,13 +14,14 @@ info: - https://jira.atlassian.com/browse/JRASERVER-69793 - https://hackerone.com/reports/713900 - https://nvd.nist.gov/vuln/detail/CVE-2019-8451 + - https://github.com/merlinepedra/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2019-8451 cwe-id: CWE-918 epss-score: 0.97115 - epss-percentile: 0.99743 + epss-percentile: 0.99766 cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9041.yaml b/http/cves/2019/CVE-2019-9041.yaml index aee9b5be0f5..b15fa12f185 100644 --- a/http/cves/2019/CVE-2019-9041.yaml +++ b/http/cves/2019/CVE-2019-9041.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2019-9041 cwe-id: CWE-917 - epss-score: 0.01368 - epss-percentile: 0.84872 + epss-score: 0.02876 + epss-percentile: 0.9052 cpe: cpe:2.3:a:zzzcms:zzzphp:1.6.1:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-9618.yaml b/http/cves/2019/CVE-2019-9618.yaml index 7d9d2dc4ef7..8cad77c8bf1 100644 --- a/http/cves/2019/CVE-2019-9618.yaml +++ b/http/cves/2019/CVE-2019-9618.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-9618 cwe-id: CWE-22 - epss-score: 0.05313 - epss-percentile: 0.92324 + epss-score: 0.04914 + epss-percentile: 0.9261 cpe: cpe:2.3:a:gracemedia_media_player_project:gracemedia_media_player:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9670.yaml b/http/cves/2019/CVE-2019-9670.yaml index 3a64be761f8..ceea906ff11 100644 --- a/http/cves/2019/CVE-2019-9670.yaml +++ b/http/cves/2019/CVE-2019-9670.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-9670 cwe-id: CWE-611 - epss-score: 0.97216 - epss-percentile: 0.99797 + epss-score: 0.97484 + epss-percentile: 0.99968 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9726.yaml b/http/cves/2019/CVE-2019-9726.yaml index 7526caaab92..6cd3d65bbe3 100644 --- a/http/cves/2019/CVE-2019-9726.yaml +++ b/http/cves/2019/CVE-2019-9726.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2019-9726 cwe-id: CWE-22 epss-score: 0.03616 - epss-percentile: 0.90773 + epss-percentile: 0.91446 cpe: cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9733.yaml b/http/cves/2019/CVE-2019-9733.yaml index d6cf31434b1..59ce7864db3 100644 --- a/http/cves/2019/CVE-2019-9733.yaml +++ b/http/cves/2019/CVE-2019-9733.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-9733 - epss-score: 0.88323 - epss-percentile: 0.98448 + epss-score: 0.91018 + epss-percentile: 0.98791 cpe: cpe:2.3:a:jfrog:artifactory:6.7.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9915.yaml b/http/cves/2019/CVE-2019-9915.yaml index 26416b89bd2..0dce6edecd0 100644 --- a/http/cves/2019/CVE-2019-9915.yaml +++ b/http/cves/2019/CVE-2019-9915.yaml @@ -14,13 +14,14 @@ info: - https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1300 - https://www.netsparker.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms/ - https://nvd.nist.gov/vuln/detail/CVE-2019-9915 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-9915 cwe-id: CWE-601 epss-score: 0.00123 - epss-percentile: 0.46435 + epss-percentile: 0.45694 cpe: cpe:2.3:a:get-simple.:getsimplecms:3.3.13:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-9955.yaml b/http/cves/2019/CVE-2019-9955.yaml index 3b22ebc8934..29ffce49f77 100644 --- a/http/cves/2019/CVE-2019-9955.yaml +++ b/http/cves/2019/CVE-2019-9955.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-9955 cwe-id: CWE-79 - epss-score: 0.0798 - epss-percentile: 0.9368 + epss-score: 0.05816 + epss-percentile: 0.93234 cpe: cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9978.yaml b/http/cves/2019/CVE-2019-9978.yaml index 1368cc757fe..56f52994d60 100644 --- a/http/cves/2019/CVE-2019-9978.yaml +++ b/http/cves/2019/CVE-2019-9978.yaml @@ -5,30 +5,29 @@ info: author: madrobot,dwisiswant0 severity: medium description: WordPress Social Warfare plugin before 3.5.3 contains a cross-site scripting vulnerability via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, affecting Social Warfare and Social Warfare Pro. + remediation: | + Update the Social Warfare plugin to version 3.5.3 or later to mitigate the vulnerability. reference: - https://github.com/mpgn/CVE-2019-9978 - https://www.wordfence.com/blog/2019/03/unpatched-zero-day-vulnerability-in-social-warfare-plugin-exploited-in-the-wild/ - https://www.pluginvulnerabilities.com/2019/03/21/full-disclosure-of-settings-change-persistent-cross-site-scripting-xss-vulnerability-in-social-warfare/ - https://www.cybersecurity-help.cz/vdb/SB2019032105 - https://nvd.nist.gov/vuln/detail/CVE-2019-9978 - remediation: | - Update the Social Warfare plugin to version 3.5.3 or later to mitigate the vulnerability. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-9978 cwe-id: CWE-79 + epss-score: 0.97235 + epss-percentile: 0.99828 cpe: cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:* - epss-score: 0.97323 - epss-percentile: 0.99859 metadata: - fofa-query: body="social-warfare" && body="wp-" - framework: wordpress max-request: 2 - product: social_warfare vendor: warfareplugins + product: social_warfare + framework: wordpress + fofa-query: body="social-warfare" && body="wp-" tags: cve,cve2019,wordpress,wp-plugin,ssrf,kev,warfareplugins - flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-10148.yaml b/http/cves/2020/CVE-2020-10148.yaml index a9d0d46a154..8e8147bc7ab 100644 --- a/http/cves/2020/CVE-2020-10148.yaml +++ b/http/cves/2020/CVE-2020-10148.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10148 cwe-id: CWE-287,CWE-288 - epss-score: 0.97324 - epss-percentile: 0.99867 + epss-score: 0.97273 + epss-percentile: 0.99841 cpe: cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-10220.yaml b/http/cves/2020/CVE-2020-10220.yaml index 5ed64cf7672..3de59b13730 100644 --- a/http/cves/2020/CVE-2020-10220.yaml +++ b/http/cves/2020/CVE-2020-10220.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10220 cwe-id: CWE-89 - epss-score: 0.02204 - epss-percentile: 0.88325 + epss-score: 0.03051 + epss-percentile: 0.90763 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-10546.yaml b/http/cves/2020/CVE-2020-10546.yaml index af0540a32eb..62d6dcb1a7e 100644 --- a/http/cves/2020/CVE-2020-10546.yaml +++ b/http/cves/2020/CVE-2020-10546.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10546 cwe-id: CWE-89 - epss-score: 0.49879 - epss-percentile: 0.97237 + epss-score: 0.38355 + epss-percentile: 0.97128 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10547.yaml b/http/cves/2020/CVE-2020-10547.yaml index ebd2d1f5736..8f51eea49c8 100644 --- a/http/cves/2020/CVE-2020-10547.yaml +++ b/http/cves/2020/CVE-2020-10547.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10547 cwe-id: CWE-89 - epss-score: 0.49879 - epss-percentile: 0.97237 + epss-score: 0.38355 + epss-percentile: 0.97128 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10549.yaml b/http/cves/2020/CVE-2020-10549.yaml index 426c6477e0e..3a067dcfdab 100644 --- a/http/cves/2020/CVE-2020-10549.yaml +++ b/http/cves/2020/CVE-2020-10549.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10549 cwe-id: CWE-89 - epss-score: 0.49879 - epss-percentile: 0.97237 + epss-score: 0.38355 + epss-percentile: 0.97128 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10973.yaml b/http/cves/2020/CVE-2020-10973.yaml index dbed366a4cb..f2ae5c84cc5 100644 --- a/http/cves/2020/CVE-2020-10973.yaml +++ b/http/cves/2020/CVE-2020-10973.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-10973 cwe-id: CWE-306 - epss-score: 0.04225 - epss-percentile: 0.91375 + epss-score: 0.02524 + epss-percentile: 0.8991 cpe: cpe:2.3:o:wavlink:wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-11110.yaml b/http/cves/2020/CVE-2020-11110.yaml index dc5be762c84..1c70c981ce0 100644 --- a/http/cves/2020/CVE-2020-11110.yaml +++ b/http/cves/2020/CVE-2020-11110.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-11110 cwe-id: CWE-79 epss-score: 0.00512 - epss-percentile: 0.74072 + epss-percentile: 0.76153 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11450.yaml b/http/cves/2020/CVE-2020-11450.yaml index 374af47fea9..bd398b00de7 100644 --- a/http/cves/2020/CVE-2020-11450.yaml +++ b/http/cves/2020/CVE-2020-11450.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2020-11450 epss-score: 0.59818 - epss-percentile: 0.97482 + epss-percentile: 0.9769 cpe: cpe:2.3:a:microstrategy:microstrategy_web:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11455.yaml b/http/cves/2020/CVE-2020-11455.yaml index 76b2c0eb96c..f9abab71a0c 100644 --- a/http/cves/2020/CVE-2020-11455.yaml +++ b/http/cves/2020/CVE-2020-11455.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-11455 cwe-id: CWE-22 - epss-score: 0.85197 - epss-percentile: 0.98278 + epss-score: 0.87845 + epss-percentile: 0.98577 cpe: cpe:2.3:a:limesurvey:limesurvey:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11530.yaml b/http/cves/2020/CVE-2020-11530.yaml index bdde44f424e..2e1afa06212 100644 --- a/http/cves/2020/CVE-2020-11530.yaml +++ b/http/cves/2020/CVE-2020-11530.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-11530 cwe-id: CWE-89 - epss-score: 0.84645 - epss-percentile: 0.98251 + epss-score: 0.83664 + epss-percentile: 0.98377 cpe: cpe:2.3:a:idangero:chop_slider:3.0:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-11547.yaml b/http/cves/2020/CVE-2020-11547.yaml index c0a5bbd9a22..59047e0a5f3 100644 --- a/http/cves/2020/CVE-2020-11547.yaml +++ b/http/cves/2020/CVE-2020-11547.yaml @@ -13,13 +13,15 @@ info: - https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure - https://github.com/ch-rigu/PRTG-Network-Monitor-Information-Disclosure - https://nvd.nist.gov/vuln/detail/CVE-2020-11547 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2020-11547 cwe-id: CWE-306 epss-score: 0.0011 - epss-percentile: 0.43845 + epss-percentile: 0.43127 cpe: cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-11710.yaml b/http/cves/2020/CVE-2020-11710.yaml index 1dd863b7eca..002ad2df441 100644 --- a/http/cves/2020/CVE-2020-11710.yaml +++ b/http/cves/2020/CVE-2020-11710.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-11710 - epss-score: 0.02925 - epss-percentile: 0.89782 + epss-score: 0.02642 + epss-percentile: 0.90121 cpe: cpe:2.3:a:konghq:docker-kong:*:*:*:*:*:kong:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11738.yaml b/http/cves/2020/CVE-2020-11738.yaml index 813acaa3e58..180174216a8 100644 --- a/http/cves/2020/CVE-2020-11738.yaml +++ b/http/cves/2020/CVE-2020-11738.yaml @@ -23,8 +23,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-11738 cwe-id: CWE-22 - epss-score: 0.97366 - epss-percentile: 0.99888 + epss-score: 0.97323 + epss-percentile: 0.99872 cpe: cpe:2.3:a:snapcreek:duplicator:*:*:*:*:lite:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-11854.yaml b/http/cves/2020/CVE-2020-11854.yaml index 4b57c84b468..a9df60a494f 100644 --- a/http/cves/2020/CVE-2020-11854.yaml +++ b/http/cves/2020/CVE-2020-11854.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-11854 cwe-id: CWE-798 epss-score: 0.2548 - epss-percentile: 0.96257 + epss-percentile: 0.96589 cpe: cpe:2.3:a:microfocus:application_performance_management:9.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11930.yaml b/http/cves/2020/CVE-2020-11930.yaml index f409bf47f6a..b25d2419fbf 100644 --- a/http/cves/2020/CVE-2020-11930.yaml +++ b/http/cves/2020/CVE-2020-11930.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-11930 cwe-id: CWE-79 - epss-score: 0.00396 - epss-percentile: 0.70723 + epss-score: 0.00303 + epss-percentile: 0.69031 cpe: cpe:2.3:a:gtranslate:translate_wordpress_with_gtranslate:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11978.yaml b/http/cves/2020/CVE-2020-11978.yaml index 1326ae8b8e9..3eef166a431 100644 --- a/http/cves/2020/CVE-2020-11978.yaml +++ b/http/cves/2020/CVE-2020-11978.yaml @@ -19,8 +19,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-11978 cwe-id: CWE-78 - epss-score: 0.97156 - epss-percentile: 0.99766 + epss-score: 0.97425 + epss-percentile: 0.99933 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12127.yaml b/http/cves/2020/CVE-2020-12127.yaml index 1c547a278d0..a24bd6396a5 100644 --- a/http/cves/2020/CVE-2020-12127.yaml +++ b/http/cves/2020/CVE-2020-12127.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-12127 cwe-id: CWE-306 - epss-score: 0.05177 - epss-percentile: 0.92224 + epss-score: 0.06293 + epss-percentile: 0.93458 cpe: cpe:2.3:o:wavlink:wn530h4_firmware:m30h4.v5030.190403:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12259.yaml b/http/cves/2020/CVE-2020-12259.yaml index 87dfcfea2b8..fc444195a3f 100644 --- a/http/cves/2020/CVE-2020-12259.yaml +++ b/http/cves/2020/CVE-2020-12259.yaml @@ -10,13 +10,15 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://gist.github.com/farid007/8855031bad0e497264e4879efb5bc9f8 - https://nvd.nist.gov/vuln/detail/CVE-2020-12259 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2020-12259 cwe-id: CWE-79 epss-score: 0.16256 - epss-percentile: 0.95479 + epss-percentile: 0.95859 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-12447.yaml b/http/cves/2020/CVE-2020-12447.yaml index c3d58ca8382..50b74131a64 100644 --- a/http/cves/2020/CVE-2020-12447.yaml +++ b/http/cves/2020/CVE-2020-12447.yaml @@ -13,13 +13,14 @@ info: - https://blog.spookysec.net/onkyo-lfi - https://nvd.nist.gov/vuln/detail/CVE-2020-12447 - https://blog.spookysec.net/onkyo-lfi/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-12447 cwe-id: CWE-22 epss-score: 0.01711 - epss-percentile: 0.86438 + epss-percentile: 0.8752 cpe: cpe:2.3:o:onkyo:tx-nr585_firmware:1000-0000-000-0008-0000:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-12478.yaml b/http/cves/2020/CVE-2020-12478.yaml index 338ff97496d..3957832e422 100644 --- a/http/cves/2020/CVE-2020-12478.yaml +++ b/http/cves/2020/CVE-2020-12478.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/nilsteampassnet/TeamPass/issues/2764 - https://nvd.nist.gov/vuln/detail/CVE-2020-12478 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-12478 cwe-id: CWE-306 epss-score: 0.01186 - epss-percentile: 0.83549 + epss-percentile: 0.8478 cpe: cpe:2.3:a:teampass:teampass:2.1.27.36:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12720.yaml b/http/cves/2020/CVE-2020-12720.yaml index 728e7d58343..11e5d9f15e5 100644 --- a/http/cves/2020/CVE-2020-12720.yaml +++ b/http/cves/2020/CVE-2020-12720.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-12720 cwe-id: CWE-306 - epss-score: 0.90609 - epss-percentile: 0.98582 + epss-score: 0.8836 + epss-percentile: 0.98614 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13117.yaml b/http/cves/2020/CVE-2020-13117.yaml index b8c7ccfc39e..e8bf9137b5a 100644 --- a/http/cves/2020/CVE-2020-13117.yaml +++ b/http/cves/2020/CVE-2020-13117.yaml @@ -12,13 +12,16 @@ info: reference: - https://blog.0xlabs.com/2021/02/wavlink-rce-CVE-2020-13117.html - https://nvd.nist.gov/vuln/detail/CVE-2020-13117 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-13117 cwe-id: CWE-77 - epss-score: 0.06438 - epss-percentile: 0.92985 + epss-score: 0.07866 + epss-percentile: 0.94083 cpe: cpe:2.3:o:wavlink:wn575a4_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13121.yaml b/http/cves/2020/CVE-2020-13121.yaml index 05c3bcad0b2..964f577ed1b 100644 --- a/http/cves/2020/CVE-2020-13121.yaml +++ b/http/cves/2020/CVE-2020-13121.yaml @@ -12,13 +12,14 @@ info: reference: - https://github.com/Submitty/Submitty/issues/5265 - https://nvd.nist.gov/vuln/detail/CVE-2020-13121 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-13121 cwe-id: CWE-601 epss-score: 0.00235 - epss-percentile: 0.61642 + epss-percentile: 0.60944 cpe: cpe:2.3:a:rcos:submitty:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13158.yaml b/http/cves/2020/CVE-2020-13158.yaml index e51e364b0b2..dc041801206 100644 --- a/http/cves/2020/CVE-2020-13158.yaml +++ b/http/cves/2020/CVE-2020-13158.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-13158 cwe-id: CWE-22 - epss-score: 0.01736 - epss-percentile: 0.86596 + epss-score: 0.96791 + epss-percentile: 0.99659 cpe: cpe:2.3:a:articatech:artica_proxy:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13258.yaml b/http/cves/2020/CVE-2020-13258.yaml index 3e3d614096e..041616da137 100644 --- a/http/cves/2020/CVE-2020-13258.yaml +++ b/http/cves/2020/CVE-2020-13258.yaml @@ -13,13 +13,15 @@ info: reference: - https://github.com/contentful/the-example-app.py/issues/44 - https://nvd.nist.gov/vuln/detail/CVE-2020-13258 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-13258 cwe-id: CWE-79 epss-score: 0.00464 - epss-percentile: 0.72797 + epss-percentile: 0.7492 cpe: cpe:2.3:a:contentful:python_example:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13483.yaml b/http/cves/2020/CVE-2020-13483.yaml index af53d8142e0..500f44b18bc 100644 --- a/http/cves/2020/CVE-2020-13483.yaml +++ b/http/cves/2020/CVE-2020-13483.yaml @@ -13,13 +13,15 @@ info: - https://gist.github.com/mariuszpoplwski/ca6258cf00c723184ebd2228ba81f558 - https://twitter.com/brutelogic/status/1483073170827628547 - https://nvd.nist.gov/vuln/detail/CVE-2020-13483 + - https://github.com/afinepl/research + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-13483 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44613 + epss-percentile: 0.43845 cpe: cpe:2.3:a:bitrix24:bitrix24:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-13638.yaml b/http/cves/2020/CVE-2020-13638.yaml index 224978e1a5c..b1ad7d4e145 100644 --- a/http/cves/2020/CVE-2020-13638.yaml +++ b/http/cves/2020/CVE-2020-13638.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-13638 cwe-id: CWE-269 - epss-score: 0.36738 - epss-percentile: 0.96806 + epss-score: 0.39352 + epss-percentile: 0.97152 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13927.yaml b/http/cves/2020/CVE-2020-13927.yaml index c176a45008c..97698287830 100644 --- a/http/cves/2020/CVE-2020-13927.yaml +++ b/http/cves/2020/CVE-2020-13927.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-13927 cwe-id: CWE-1188 - epss-score: 0.96924 - epss-percentile: 0.99665 + epss-score: 0.96246 + epss-percentile: 0.99489 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13937.yaml b/http/cves/2020/CVE-2020-13937.yaml index 9dd9a848f9a..7e51cd02e12 100644 --- a/http/cves/2020/CVE-2020-13937.yaml +++ b/http/cves/2020/CVE-2020-13937.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2020-13937 cwe-id: CWE-922 - epss-score: 0.97404 - epss-percentile: 0.99917 + epss-score: 0.97421 + epss-percentile: 0.99929 cpe: cpe:2.3:a:apache:kylin:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13945.yaml b/http/cves/2020/CVE-2020-13945.yaml index 53663308a40..7572852768e 100644 --- a/http/cves/2020/CVE-2020-13945.yaml +++ b/http/cves/2020/CVE-2020-13945.yaml @@ -14,13 +14,14 @@ info: - https://lists.apache.org/thread.html/r792feb29964067a4108f53e8579a1e9bd1c8b5b9bc95618c814faf2f%40%3Cdev.apisix.apache.org%3E - http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html - https://nvd.nist.gov/vuln/detail/CVE-2020-13945 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2020-13945 cwe-id: CWE-522 - epss-score: 0.00587 - epss-percentile: 0.7581 + epss-score: 0.00838 + epss-percentile: 0.81705 cpe: cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-14181.yaml b/http/cves/2020/CVE-2020-14181.yaml index 06433e7ae59..dbdaccd5c16 100644 --- a/http/cves/2020/CVE-2020-14181.yaml +++ b/http/cves/2020/CVE-2020-14181.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2020-14181 cwe-id: CWE-200 - epss-score: 0.96363 - epss-percentile: 0.9946 + epss-score: 0.95919 + epss-percentile: 0.99412 cpe: cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-14413.yaml b/http/cves/2020/CVE-2020-14413.yaml index e03f4531d9f..b0a7a8cadbe 100644 --- a/http/cves/2020/CVE-2020-14413.yaml +++ b/http/cves/2020/CVE-2020-14413.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-14413 cwe-id: CWE-79 epss-score: 0.00095 - epss-percentile: 0.39687 + epss-percentile: 0.38971 cpe: cpe:2.3:a:nedi:nedi:1.9c:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-14864.yaml b/http/cves/2020/CVE-2020-14864.yaml index b9bfd66c314..4ceb2c6393c 100644 --- a/http/cves/2020/CVE-2020-14864.yaml +++ b/http/cves/2020/CVE-2020-14864.yaml @@ -13,13 +13,15 @@ info: - http://packetstormsecurity.com/files/159748/Oracle-Business-Intelligence-Enterprise-Edition-5.5.0.0.0-12.2.1.3.0-12.2.1.4.0-LFI.html - https://www.oracle.com/security-alerts/cpuoct2020.html - https://nvd.nist.gov/vuln/detail/CVE-2020-14864 + - https://github.com/merlinepedra/nuclei-templates + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-14864 cwe-id: CWE-22 - epss-score: 0.21848 - epss-percentile: 0.96018 + epss-score: 0.4541 + epss-percentile: 0.97318 cpe: cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-14883.yaml b/http/cves/2020/CVE-2020-14883.yaml index 68f7237bcdd..c60b67b6b6b 100644 --- a/http/cves/2020/CVE-2020-14883.yaml +++ b/http/cves/2020/CVE-2020-14883.yaml @@ -15,12 +15,13 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14883 - https://www.oracle.com/security-alerts/cpuoct2020.html - http://packetstormsecurity.com/files/160143/Oracle-WebLogic-Server-Administration-Console-Handle-Remote-Code-Execution.html + - https://github.com/1n7erface/PocList classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2020-14883 - epss-score: 0.97297 - epss-percentile: 0.9985 + epss-score: 0.97498 + epss-percentile: 0.99975 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-15050.yaml b/http/cves/2020/CVE-2020-15050.yaml index a20b6dbd1e7..4d23d3274fd 100644 --- a/http/cves/2020/CVE-2020-15050.yaml +++ b/http/cves/2020/CVE-2020-15050.yaml @@ -13,13 +13,14 @@ info: - http://packetstormsecurity.com/files/158576/Bio-Star-2.8.2-Local-File-Inclusion.html - https://www.supremainc.com/en/support/biostar-2-pakage.asp - https://nvd.nist.gov/vuln/detail/CVE-2020-15050 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-15050 cwe-id: CWE-22 - epss-score: 0.4691 - epss-percentile: 0.97123 + epss-score: 0.55214 + epss-percentile: 0.97597 cpe: cpe:2.3:a:supremainc:biostar_2:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15148.yaml b/http/cves/2020/CVE-2020-15148.yaml index 9206260a788..658e9a7d1f8 100644 --- a/http/cves/2020/CVE-2020-15148.yaml +++ b/http/cves/2020/CVE-2020-15148.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-15148 cwe-id: CWE-502 epss-score: 0.02081 - epss-percentile: 0.87922 + epss-percentile: 0.88831 cpe: cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15227.yaml b/http/cves/2020/CVE-2020-15227.yaml index f9cb43a9be4..f22f4472eed 100644 --- a/http/cves/2020/CVE-2020-15227.yaml +++ b/http/cves/2020/CVE-2020-15227.yaml @@ -19,16 +19,16 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-15227 - cwe-id: CWE-74,CWE-94 - epss-score: 0.97307 - epss-percentile: 0.99855 + cwe-id: CWE-94,CWE-74 + epss-score: 0.97285 + epss-percentile: 0.99849 cpe: cpe:2.3:a:nette:application:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 vendor: nette product: application fofa-query: app="nette-Framework" - verified: true tags: cve2020,cve,nette,rce http: diff --git a/http/cves/2020/CVE-2020-15568.yaml b/http/cves/2020/CVE-2020-15568.yaml index ca5efedc992..7a67623c91b 100644 --- a/http/cves/2020/CVE-2020-15568.yaml +++ b/http/cves/2020/CVE-2020-15568.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-15568 cwe-id: CWE-913 - epss-score: 0.96535 - epss-percentile: 0.9952 + epss-score: 0.96623 + epss-percentile: 0.99607 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-15895.yaml b/http/cves/2020/CVE-2020-15895.yaml index ef80f5eaa73..8e94e067ce6 100644 --- a/http/cves/2020/CVE-2020-15895.yaml +++ b/http/cves/2020/CVE-2020-15895.yaml @@ -14,13 +14,14 @@ info: - https://research.loginsoft.com/bugs/multiple-vulnerabilities-discovered-in-the-d-link-firmware-dir-816l/ - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10169 - https://nvd.nist.gov/vuln/detail/CVE-2020-15895 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-15895 cwe-id: CWE-79 epss-score: 0.00187 - epss-percentile: 0.56008 + epss-percentile: 0.55045 cpe: cpe:2.3:o:dlink:dir-816l_firmware:2.06:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-16139.yaml b/http/cves/2020/CVE-2020-16139.yaml index c42a3a54fcc..0bf595dd067 100644 --- a/http/cves/2020/CVE-2020-16139.yaml +++ b/http/cves/2020/CVE-2020-16139.yaml @@ -14,12 +14,14 @@ info: - http://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html - https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html - https://nvd.nist.gov/vuln/detail/CVE-2020-16139 + - https://github.com/anonymous364872/Rapier_Tool + - https://github.com/blacklanternsecurity/Cisco-7937G-PoCs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H cvss-score: 7.5 cve-id: CVE-2020-16139 - epss-score: 0.04525 - epss-percentile: 0.91637 + epss-score: 0.06015 + epss-percentile: 0.93331 cpe: cpe:2.3:o:cisco:unified_ip_conference_station_7937g_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-16846.yaml b/http/cves/2020/CVE-2020-16846.yaml index 9ca5afb5a13..7eae0a6573e 100644 --- a/http/cves/2020/CVE-2020-16846.yaml +++ b/http/cves/2020/CVE-2020-16846.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-16846 cwe-id: CWE-78 epss-score: 0.97467 - epss-percentile: 0.99959 + epss-percentile: 0.99957 cpe: cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-16952.yaml b/http/cves/2020/CVE-2020-16952.yaml index c181e875ac7..6b0acdd9f26 100644 --- a/http/cves/2020/CVE-2020-16952.yaml +++ b/http/cves/2020/CVE-2020-16952.yaml @@ -14,13 +14,14 @@ info: - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952 - https://github.com/rapid7/metasploit-framework/blob/1a341ae93191ac5f6d8a9603aebb6b3a1f65f107/documentation/modules/exploit/windows/http/sharepoint_ssi_viewstate.md - https://nvd.nist.gov/vuln/detail/CVE-2020-16952 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L cvss-score: 8.6 cve-id: CVE-2020-16952 cwe-id: CWE-346 - epss-score: 0.92144 - epss-percentile: 0.9874 + epss-score: 0.90125 + epss-percentile: 0.9872 cpe: cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17453.yaml b/http/cves/2020/CVE-2020-17453.yaml index 6351d60402a..71fea8d563b 100644 --- a/http/cves/2020/CVE-2020-17453.yaml +++ b/http/cves/2020/CVE-2020-17453.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-17453 - https://twitter.com/JacksonHHax/status/1374681422678519813 - https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2020-1132/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-17453 cwe-id: CWE-79 epss-score: 0.00845 - epss-percentile: 0.80281 + epss-percentile: 0.81776 cpe: cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17456.yaml b/http/cves/2020/CVE-2020-17456.yaml index a2632992504..8a45f0858cb 100644 --- a/http/cves/2020/CVE-2020-17456.yaml +++ b/http/cves/2020/CVE-2020-17456.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17456 cwe-id: CWE-78 - epss-score: 0.97022 - epss-percentile: 0.997 + epss-score: 0.96263 + epss-percentile: 0.99495 cpe: cpe:2.3:o:seowonintech:slc-130_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-17463.yaml b/http/cves/2020/CVE-2020-17463.yaml index 990bb6b844d..0923aee5b91 100644 --- a/http/cves/2020/CVE-2020-17463.yaml +++ b/http/cves/2020/CVE-2020-17463.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17463 cwe-id: CWE-89 - epss-score: 0.92663 - epss-percentile: 0.98812 + epss-score: 0.94399 + epss-percentile: 0.99154 cpe: cpe:2.3:a:thedaylightstudio:fuel_cms:1.4.7:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-17496.yaml b/http/cves/2020/CVE-2020-17496.yaml index 4f613f05d07..aa7d9c461a7 100644 --- a/http/cves/2020/CVE-2020-17496.yaml +++ b/http/cves/2020/CVE-2020-17496.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17496 cwe-id: CWE-74 - epss-score: 0.97458 - epss-percentile: 0.99954 + epss-score: 0.97451 + epss-percentile: 0.99949 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17506.yaml b/http/cves/2020/CVE-2020-17506.yaml index 9fb2ec1a9e6..cbdd15cbc84 100644 --- a/http/cves/2020/CVE-2020-17506.yaml +++ b/http/cves/2020/CVE-2020-17506.yaml @@ -13,13 +13,15 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17506 - http://packetstormsecurity.com/files/158868/Artica-Proxy-4.3.0-Authentication-Bypass.html - https://blog.max0x4141.com/post/artica_proxy/ + - https://github.com/hangmansROP/proof-of-concepts + - https://github.com/merlinepedra/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-17506 cwe-id: CWE-89 - epss-score: 0.96414 - epss-percentile: 0.99468 + epss-score: 0.96009 + epss-percentile: 0.99439 cpe: cpe:2.3:a:articatech:web_proxy:4.30.000000:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17530.yaml b/http/cves/2020/CVE-2020-17530.yaml index ab71f0058f6..07c7adf3382 100644 --- a/http/cves/2020/CVE-2020-17530.yaml +++ b/http/cves/2020/CVE-2020-17530.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17530 cwe-id: CWE-917 - epss-score: 0.97035 - epss-percentile: 0.99705 + epss-score: 0.97232 + epss-percentile: 0.99826 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-18268.yaml b/http/cves/2020/CVE-2020-18268.yaml index 245eb6ce904..4299ddbf546 100644 --- a/http/cves/2020/CVE-2020-18268.yaml +++ b/http/cves/2020/CVE-2020-18268.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-18268 cwe-id: CWE-601 - epss-score: 0.00138 - epss-percentile: 0.49329 + epss-score: 0.00147 + epss-percentile: 0.49792 cpe: cpe:2.3:a:zblogcn:z-blogphp:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-19282.yaml b/http/cves/2020/CVE-2020-19282.yaml index eaa77e399a9..187836d75a6 100644 --- a/http/cves/2020/CVE-2020-19282.yaml +++ b/http/cves/2020/CVE-2020-19282.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-19282 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48638 + epss-percentile: 0.47808 cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-19283.yaml b/http/cves/2020/CVE-2020-19283.yaml index d188177eb4c..09beac340c6 100644 --- a/http/cves/2020/CVE-2020-19283.yaml +++ b/http/cves/2020/CVE-2020-19283.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-19283 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48638 + epss-percentile: 0.47808 cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-19295.yaml b/http/cves/2020/CVE-2020-19295.yaml index d3b635f9dc0..9c8b53dcbe1 100644 --- a/http/cves/2020/CVE-2020-19295.yaml +++ b/http/cves/2020/CVE-2020-19295.yaml @@ -13,13 +13,14 @@ info: - https://github.com/zchuanzhao/jeesns/issues/21 - https://www.seebug.org/vuldb/ssvid-97950 - https://nvd.nist.gov/vuln/detail/CVE-2020-19295 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-19295 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45185 + epss-percentile: 0.44405 cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-19360.yaml b/http/cves/2020/CVE-2020-19360.yaml index 92372a1a5ad..6da41388c95 100644 --- a/http/cves/2020/CVE-2020-19360.yaml +++ b/http/cves/2020/CVE-2020-19360.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-19360 cwe-id: CWE-22 epss-score: 0.05104 - epss-percentile: 0.92174 + epss-percentile: 0.92761 cpe: cpe:2.3:a:fhem:fhem:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-1943.yaml b/http/cves/2020/CVE-2020-1943.yaml index fff6c37cee9..67c4b637807 100644 --- a/http/cves/2020/CVE-2020-1943.yaml +++ b/http/cves/2020/CVE-2020-1943.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-1943 cwe-id: CWE-79 - epss-score: 0.43119 - epss-percentile: 0.97011 + epss-score: 0.50879 + epss-percentile: 0.97475 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-1956.yaml b/http/cves/2020/CVE-2020-1956.yaml index f88f300c7a1..9918b136251 100644 --- a/http/cves/2020/CVE-2020-1956.yaml +++ b/http/cves/2020/CVE-2020-1956.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-1956 cwe-id: CWE-78 - epss-score: 0.97414 - epss-percentile: 0.99923 + epss-score: 0.97374 + epss-percentile: 0.99898 cpe: cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-19625.yaml b/http/cves/2020/CVE-2020-19625.yaml index 746196e7b70..6f2ec8e84d1 100644 --- a/http/cves/2020/CVE-2020-19625.yaml +++ b/http/cves/2020/CVE-2020-19625.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-19625 - epss-score: 0.78777 - epss-percentile: 0.97997 + epss-score: 0.83118 + epss-percentile: 0.98347 cpe: cpe:2.3:a:gridx_project:gridx:1.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-20300.yaml b/http/cves/2020/CVE-2020-20300.yaml index f9f25b59b8b..c5b5671190f 100644 --- a/http/cves/2020/CVE-2020-20300.yaml +++ b/http/cves/2020/CVE-2020-20300.yaml @@ -13,13 +13,15 @@ info: - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md - https://nvd.nist.gov/vuln/detail/CVE-2020-20300 - https://github.com/Y4er/Y4er.com/blob/master/content/post/weiphp-exp-sql.md + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-20300 cwe-id: CWE-89 - epss-score: 0.16123 - epss-percentile: 0.95461 + epss-score: 0.20647 + epss-percentile: 0.96263 cpe: cpe:2.3:a:weiphp:weiphp:5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-2036.yaml b/http/cves/2020/CVE-2020-2036.yaml index 9a8e9b252b4..b77b53e762f 100644 --- a/http/cves/2020/CVE-2020-2036.yaml +++ b/http/cves/2020/CVE-2020-2036.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-2036 cwe-id: CWE-79 epss-score: 0.03232 - epss-percentile: 0.9028 + epss-percentile: 0.91005 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-2096.yaml b/http/cves/2020/CVE-2020-2096.yaml index 6f3e8b1bd28..cb1a0419b17 100644 --- a/http/cves/2020/CVE-2020-2096.yaml +++ b/http/cves/2020/CVE-2020-2096.yaml @@ -14,13 +14,14 @@ info: - http://www.openwall.com/lists/oss-security/2020/01/15/1 - http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2020-2096 + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-2096 cwe-id: CWE-79 epss-score: 0.96965 - epss-percentile: 0.99675 + epss-percentile: 0.99712 cpe: cpe:2.3:a:jenkins:gitlab_hook:*:*:*:*:*:jenkins:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-21012.yaml b/http/cves/2020/CVE-2020-21012.yaml index e0ab08b3fab..9240b09b074 100644 --- a/http/cves/2020/CVE-2020-21012.yaml +++ b/http/cves/2020/CVE-2020-21012.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-21012 cwe-id: CWE-89 - epss-score: 0.05566 - epss-percentile: 0.9252 + epss-score: 0.07235 + epss-percentile: 0.93887 cpe: cpe:2.3:a:hotel_and_lodge_booking_management_system_project:hotel_and_lodge_booking_management_system:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-2103.yaml b/http/cves/2020/CVE-2020-2103.yaml index e0b8458ca38..a5afdfa182d 100644 --- a/http/cves/2020/CVE-2020-2103.yaml +++ b/http/cves/2020/CVE-2020-2103.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.4 cve-id: CVE-2020-2103 cwe-id: CWE-200 - epss-score: 0.01531 - epss-percentile: 0.85676 + epss-score: 0.00534 + epss-percentile: 0.76681 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-21224.yaml b/http/cves/2020/CVE-2020-21224.yaml index 927bc62f480..905fb389a51 100644 --- a/http/cves/2020/CVE-2020-21224.yaml +++ b/http/cves/2020/CVE-2020-21224.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-21224 cwe-id: CWE-88 - epss-score: 0.04142 - epss-percentile: 0.91341 + epss-score: 0.04664 + epss-percentile: 0.92423 cpe: cpe:2.3:a:inspur:clusterengine:4.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-2140.yaml b/http/cves/2020/CVE-2020-2140.yaml index a28ce0d6e26..2e3c00cfa59 100644 --- a/http/cves/2020/CVE-2020-2140.yaml +++ b/http/cves/2020/CVE-2020-2140.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-2140 cwe-id: CWE-79 epss-score: 0.00181 - epss-percentile: 0.55477 + epss-percentile: 0.54462 cpe: cpe:2.3:a:jenkins:audit_trail:*:*:*:*:*:jenkins:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-22209.yaml b/http/cves/2020/CVE-2020-22209.yaml index 527d5551a5a..f75d20436be 100644 --- a/http/cves/2020/CVE-2020-22209.yaml +++ b/http/cves/2020/CVE-2020-22209.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-22209 cwe-id: CWE-89 - epss-score: 0.20254 - epss-percentile: 0.95933 + epss-score: 0.15522 + epss-percentile: 0.95775 cpe: cpe:2.3:a:74cms:74cms:3.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-23015.yaml b/http/cves/2020/CVE-2020-23015.yaml index e258fc19c77..ec75e5aef73 100644 --- a/http/cves/2020/CVE-2020-23015.yaml +++ b/http/cves/2020/CVE-2020-23015.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-23015 cwe-id: CWE-601 epss-score: 0.00179 - epss-percentile: 0.55193 + epss-percentile: 0.54178 cpe: cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-23517.yaml b/http/cves/2020/CVE-2020-23517.yaml index 4dda20d7f8e..1abfb0fce0c 100644 --- a/http/cves/2020/CVE-2020-23517.yaml +++ b/http/cves/2020/CVE-2020-23517.yaml @@ -12,13 +12,16 @@ info: reference: - https://vulnerabilitypublishing.blogspot.com/2021/03/aryanic-highmail-high-cms-reflected.html - https://nvd.nist.gov/vuln/detail/CVE-2020-23517 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-23517 cwe-id: CWE-79 epss-score: 0.00132 - epss-percentile: 0.47953 + epss-percentile: 0.47292 cpe: cpe:2.3:a:aryanic:high_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-23972.yaml b/http/cves/2020/CVE-2020-23972.yaml index 9b3e9810cba..92ef711f50d 100644 --- a/http/cves/2020/CVE-2020-23972.yaml +++ b/http/cves/2020/CVE-2020-23972.yaml @@ -16,13 +16,14 @@ info: - https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md - http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html - https://nvd.nist.gov/vuln/detail/CVE-2020-23972 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N cvss-score: 7.5 cve-id: CVE-2020-23972 cwe-id: CWE-434 - epss-score: 0.5953 - epss-percentile: 0.97461 + epss-score: 0.53621 + epss-percentile: 0.9756 cpe: cpe:2.3:a:gmapfp:gmapfp:j3.5:*:*:*:-:joomla\!:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-24148.yaml b/http/cves/2020/CVE-2020-24148.yaml index 6ff348c34f5..0ac4787c655 100644 --- a/http/cves/2020/CVE-2020-24148.yaml +++ b/http/cves/2020/CVE-2020-24148.yaml @@ -5,29 +5,29 @@ info: author: dwisiswant0 severity: critical description: WordPress plugin Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 contains a server-side request forgery (SSRF) vulnerability via the data parameter in a moove_read_xml action. + remediation: | + Update to the latest version of the Import XML & RSS Feeds WordPress Plugin (2.0.2 or higher) to mitigate the vulnerability. reference: - https://github.com/dwisiswant0/CVE-2020-24148 - https://wordpress.org/plugins/import-xml-feed/#developers - https://nvd.nist.gov/vuln/detail/CVE-2020-24148 - https://github.com/secwx/research/blob/main/cve/CVE-2020-24148.md - remediation: | - Update to the latest version of the Import XML & RSS Feeds WordPress Plugin (2.0.2 or higher) to mitigate the vulnerability. + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H cvss-score: 9.1 cve-id: CVE-2020-24148 cwe-id: CWE-918 + epss-score: 0.15451 + epss-percentile: 0.95765 cpe: cpe:2.3:a:mooveagency:import_xml_and_rss_feeds:2.0.1:*:*:*:*:wordpress:*:* - epss-score: 0.10229 - epss-percentile: 0.94371 metadata: - fofa-query: body="import-xml-feed" - framework: wordpress max-request: 2 - product: import_xml_and_rss_feeds vendor: mooveagency + product: import_xml_and_rss_feeds + framework: wordpress + fofa-query: body="import-xml-feed" tags: cve,cve2020,wordpress,wp-plugin,ssrf,mooveagency - flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-24186.yaml b/http/cves/2020/CVE-2020-24186.yaml index 7daf018d968..785864a1c65 100644 --- a/http/cves/2020/CVE-2020-24186.yaml +++ b/http/cves/2020/CVE-2020-24186.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-24186 - https://www.wordfence.com/blog/2020/07/critical-arbitrary-file-upload-vulnerability-patched-in-wpdiscuz-plugin/ - http://packetstormsecurity.com/files/162983/WordPress-wpDiscuz-7.0.4-Shell-Upload.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2020-24186 cwe-id: CWE-434 - epss-score: 0.97374 - epss-percentile: 0.99893 + epss-score: 0.97448 + epss-percentile: 0.99947 cpe: cpe:2.3:a:gvectors:wpdiscuz:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-24223.yaml b/http/cves/2020/CVE-2020-24223.yaml index 6fa05cc94de..cea31e69d2b 100644 --- a/http/cves/2020/CVE-2020-24223.yaml +++ b/http/cves/2020/CVE-2020-24223.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-24223 cwe-id: CWE-79 epss-score: 0.0069 - epss-percentile: 0.79602 + epss-percentile: 0.79693 cpe: cpe:2.3:a:mara_cms_project:mara_cms:7.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-24391.yaml b/http/cves/2020/CVE-2020-24391.yaml index 8702004e34c..5d2482840d5 100644 --- a/http/cves/2020/CVE-2020-24391.yaml +++ b/http/cves/2020/CVE-2020-24391.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-24391 - epss-score: 0.48716 - epss-percentile: 0.97207 + epss-score: 0.55667 + epss-percentile: 0.97606 cpe: cpe:2.3:a:mongo-express_project:mongo-express:*:*:*:*:*:node.js:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-24571.yaml b/http/cves/2020/CVE-2020-24571.yaml index 4169d1c5023..36def8f5dc8 100644 --- a/http/cves/2020/CVE-2020-24571.yaml +++ b/http/cves/2020/CVE-2020-24571.yaml @@ -12,13 +12,16 @@ info: reference: - https://www.nexusdb.com/mantis/bug_view_advanced_page.php?bug_id=2371 - https://nvd.nist.gov/vuln/detail/CVE-2020-24571 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/HimmelAward/Goby_POC + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-24571 cwe-id: CWE-22 - epss-score: 0.04939 - epss-percentile: 0.92017 + epss-score: 0.09103 + epss-percentile: 0.94485 cpe: cpe:2.3:a:nexusdb:nexusdb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-24579.yaml b/http/cves/2020/CVE-2020-24579.yaml index 6f610f68fb1..7c7e5323244 100644 --- a/http/cves/2020/CVE-2020-24579.yaml +++ b/http/cves/2020/CVE-2020-24579.yaml @@ -13,13 +13,15 @@ info: - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabilities-leading-to-rce/ - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/ - https://nvd.nist.gov/vuln/detail/CVE-2020-24579 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2020-24579 cwe-id: CWE-287 epss-score: 0.04563 - epss-percentile: 0.91666 + epss-percentile: 0.9232 cpe: cpe:2.3:o:dlink:dsl2888a_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-24589.yaml b/http/cves/2020/CVE-2020-24589.yaml index 32f0a30ee36..3199e160d5d 100644 --- a/http/cves/2020/CVE-2020-24589.yaml +++ b/http/cves/2020/CVE-2020-24589.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.1 cve-id: CVE-2020-24589 cwe-id: CWE-611 - epss-score: 0.65062 - epss-percentile: 0.97613 + epss-score: 0.65955 + epss-percentile: 0.97835 cpe: cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-24701.yaml b/http/cves/2020/CVE-2020-24701.yaml index 52625ac1783..073da25b170 100644 --- a/http/cves/2020/CVE-2020-24701.yaml +++ b/http/cves/2020/CVE-2020-24701.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2020-24701 cwe-id: CWE-79 epss-score: 0.00818 - epss-percentile: 0.79991 + epss-percentile: 0.81463 cpe: cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24902.yaml b/http/cves/2020/CVE-2020-24902.yaml index 7c3eba56a0d..5bf01eb016b 100644 --- a/http/cves/2020/CVE-2020-24902.yaml +++ b/http/cves/2020/CVE-2020-24902.yaml @@ -13,13 +13,14 @@ info: reference: - https://dl.packetstormsecurity.net/1804-exploits/quixplorer241beta-xss.txt - https://nvd.nist.gov/vuln/detail/CVE-2020-24902 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-24902 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.57403 + epss-percentile: 0.56453 cpe: cpe:2.3:a:quixplorer_project:quixplorer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24903.yaml b/http/cves/2020/CVE-2020-24903.yaml index c292c7c9b31..12ed3c6bd1b 100644 --- a/http/cves/2020/CVE-2020-24903.yaml +++ b/http/cves/2020/CVE-2020-24903.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-24903 cwe-id: CWE-79 epss-score: 0.00269 - epss-percentile: 0.64417 + epss-percentile: 0.67095 cpe: cpe:2.3:a:cutesoft:cute_editor:6.4:*:*:*:*:asp.net:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24912.yaml b/http/cves/2020/CVE-2020-24912.yaml index eae1fcc7a31..26e6baa8d33 100644 --- a/http/cves/2020/CVE-2020-24912.yaml +++ b/http/cves/2020/CVE-2020-24912.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-24912 cwe-id: CWE-79 - epss-score: 0.0018 - epss-percentile: 0.55295 + epss-score: 0.00346 + epss-percentile: 0.7108 cpe: cpe:2.3:a:qcubed:qcubed:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-24949.yaml b/http/cves/2020/CVE-2020-24949.yaml index dd4e14e331f..615d74e53e4 100644 --- a/http/cves/2020/CVE-2020-24949.yaml +++ b/http/cves/2020/CVE-2020-24949.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-24949 cwe-id: CWE-77 - epss-score: 0.96298 - epss-percentile: 0.99435 + epss-score: 0.95694 + epss-percentile: 0.99372 cpe: cpe:2.3:a:php-fusion:php-fusion:9.03.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25078.yaml b/http/cves/2020/CVE-2020-25078.yaml index d2cae6142e5..2eaec126e85 100644 --- a/http/cves/2020/CVE-2020-25078.yaml +++ b/http/cves/2020/CVE-2020-25078.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-25078 - epss-score: 0.80702 - epss-percentile: 0.98057 + epss-score: 0.82526 + epss-percentile: 0.98323 cpe: cpe:2.3:o:dlink:dcs-2530l_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25506.yaml b/http/cves/2020/CVE-2020-25506.yaml index eac658a3c38..34ae19c268a 100644 --- a/http/cves/2020/CVE-2020-25506.yaml +++ b/http/cves/2020/CVE-2020-25506.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-25506 cwe-id: CWE-78 - epss-score: 0.9743 - epss-percentile: 0.99933 + epss-score: 0.97383 + epss-percentile: 0.99903 cpe: cpe:2.3:o:dlink:dns-320_firmware:2.06b01:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-25540.yaml b/http/cves/2020/CVE-2020-25540.yaml index 3a90d7eb92e..530f95943df 100644 --- a/http/cves/2020/CVE-2020-25540.yaml +++ b/http/cves/2020/CVE-2020-25540.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-25540 cwe-id: CWE-22 - epss-score: 0.96345 - epss-percentile: 0.99454 + epss-score: 0.96711 + epss-percentile: 0.99631 cpe: cpe:2.3:a:thinkadmin:thinkadmin:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25780.yaml b/http/cves/2020/CVE-2020-25780.yaml index 20447cfb02d..5bc440de627 100644 --- a/http/cves/2020/CVE-2020-25780.yaml +++ b/http/cves/2020/CVE-2020-25780.yaml @@ -13,13 +13,15 @@ info: - https://srcincite.io/blog/2021/11/22/unlocking-the-vault.html - http://kb.commvault.com/article/63264 - https://nvd.nist.gov/vuln/detail/CVE-2020-25780 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-25780 cwe-id: CWE-22 - epss-score: 0.01621 - epss-percentile: 0.86106 + epss-score: 0.04166 + epss-percentile: 0.92003 cpe: cpe:2.3:a:commvault:commcell:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25864.yaml b/http/cves/2020/CVE-2020-25864.yaml index 172b7f2d264..afa98d4f71b 100644 --- a/http/cves/2020/CVE-2020-25864.yaml +++ b/http/cves/2020/CVE-2020-25864.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-25864 cwe-id: CWE-79 epss-score: 0.00324 - epss-percentile: 0.67732 + epss-percentile: 0.70154 cpe: cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-26217.yaml b/http/cves/2020/CVE-2020-26217.yaml index 12ee4c91b03..9f4fa407fca 100644 --- a/http/cves/2020/CVE-2020-26217.yaml +++ b/http/cves/2020/CVE-2020-26217.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26217 cwe-id: CWE-78 epss-score: 0.97384 - epss-percentile: 0.999 + epss-percentile: 0.99904 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26248.yaml b/http/cves/2020/CVE-2020-26248.yaml index 594cc306b5e..26083521080 100644 --- a/http/cves/2020/CVE-2020-26248.yaml +++ b/http/cves/2020/CVE-2020-26248.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26248 cwe-id: CWE-89 epss-score: 0.01617 - epss-percentile: 0.86085 + epss-percentile: 0.87187 cpe: cpe:2.3:a:prestashop:productcomments:*:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-26258.yaml b/http/cves/2020/CVE-2020-26258.yaml index 42cbe6ad68c..eb17b5ee541 100644 --- a/http/cves/2020/CVE-2020-26258.yaml +++ b/http/cves/2020/CVE-2020-26258.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.7 cve-id: CVE-2020-26258 cwe-id: CWE-918 - epss-score: 0.88051 - epss-percentile: 0.98412 + epss-score: 0.90088 + epss-percentile: 0.98718 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26919.yaml b/http/cves/2020/CVE-2020-26919.yaml index 620a965e038..a20f8e8368a 100644 --- a/http/cves/2020/CVE-2020-26919.yaml +++ b/http/cves/2020/CVE-2020-26919.yaml @@ -14,12 +14,13 @@ info: - https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/ - https://nvd.nist.gov/vuln/detail/CVE-2020-26919 - https://kb.netgear.com/000062334/Security-Advisory-for-Missing-Function-Level-Access-Control-on-JGS516PE-PSV-2020-0377 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-26919 - epss-score: 0.97346 - epss-percentile: 0.99878 + epss-score: 0.97285 + epss-percentile: 0.99849 cpe: cpe:2.3:o:netgear:jgs516pe_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26948.yaml b/http/cves/2020/CVE-2020-26948.yaml index a13b169ddb0..4d2207c93dc 100644 --- a/http/cves/2020/CVE-2020-26948.yaml +++ b/http/cves/2020/CVE-2020-26948.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-26948 cwe-id: CWE-918 - epss-score: 0.16155 - epss-percentile: 0.955 + epss-score: 0.1449 + epss-percentile: 0.95606 cpe: cpe:2.3:a:emby:emby:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-27191.yaml b/http/cves/2020/CVE-2020-27191.yaml index 8884bf004ba..557c928dbcc 100644 --- a/http/cves/2020/CVE-2020-27191.yaml +++ b/http/cves/2020/CVE-2020-27191.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-27191 cwe-id: CWE-22 - epss-score: 0.00787 - epss-percentile: 0.79567 + epss-score: 0.01572 + epss-percentile: 0.86986 cpe: cpe:2.3:a:lionwiki:lionwiki:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-2733.yaml b/http/cves/2020/CVE-2020-2733.yaml index caea5371914..0602c25b078 100644 --- a/http/cves/2020/CVE-2020-2733.yaml +++ b/http/cves/2020/CVE-2020-2733.yaml @@ -14,12 +14,14 @@ info: - https://redrays.io/cve-2020-2733-jd-edwards/ - https://www.oracle.com/security-alerts/cpuapr2020.html - https://nvd.nist.gov/vuln/detail/CVE-2020-2733 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-2733 epss-score: 0.29301 - epss-percentile: 0.96461 + epss-percentile: 0.96779 cpe: cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-27467.yaml b/http/cves/2020/CVE-2020-27467.yaml index 269bd4e2c8c..fda0c0b5cec 100644 --- a/http/cves/2020/CVE-2020-27467.yaml +++ b/http/cves/2020/CVE-2020-27467.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-27467 cwe-id: CWE-22 - epss-score: 0.01491 - epss-percentile: 0.85503 + epss-score: 0.01056 + epss-percentile: 0.83739 cpe: cpe:2.3:a:processwire:processwire:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-27735.yaml b/http/cves/2020/CVE-2020-27735.yaml index d646b24ae07..103b2965bab 100644 --- a/http/cves/2020/CVE-2020-27735.yaml +++ b/http/cves/2020/CVE-2020-27735.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-27735 cwe-id: CWE-79 epss-score: 0.00228 - epss-percentile: 0.61095 + epss-percentile: 0.60318 cpe: cpe:2.3:a:wftpserver:wing_ftp_server:6.4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-27986.yaml b/http/cves/2020/CVE-2020-27986.yaml index 7538b03b085..b9df82318b0 100644 --- a/http/cves/2020/CVE-2020-27986.yaml +++ b/http/cves/2020/CVE-2020-27986.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-27986 cwe-id: CWE-306 - epss-score: 0.11967 - epss-percentile: 0.94859 + epss-score: 0.25376 + epss-percentile: 0.96582 cpe: cpe:2.3:a:sonarsource:sonarqube:8.4.2.36762:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28185.yaml b/http/cves/2020/CVE-2020-28185.yaml index 95fe8b2acdd..18bb25134f3 100644 --- a/http/cves/2020/CVE-2020-28185.yaml +++ b/http/cves/2020/CVE-2020-28185.yaml @@ -21,7 +21,7 @@ info: cvss-score: 5.3 cve-id: CVE-2020-28185 epss-score: 0.00465 - epss-percentile: 0.72891 + epss-percentile: 0.74945 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-28188.yaml b/http/cves/2020/CVE-2020-28188.yaml index fb1d7278af3..1e401dc616b 100644 --- a/http/cves/2020/CVE-2020-28188.yaml +++ b/http/cves/2020/CVE-2020-28188.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28188 cwe-id: CWE-78 epss-score: 0.97279 - epss-percentile: 0.99835 + epss-percentile: 0.99845 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-28208.yaml b/http/cves/2020/CVE-2020-28208.yaml index d88aead1176..fef64304966 100644 --- a/http/cves/2020/CVE-2020-28208.yaml +++ b/http/cves/2020/CVE-2020-28208.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28208 cwe-id: CWE-203 epss-score: 0.01197 - epss-percentile: 0.83641 + epss-percentile: 0.84869 cpe: cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28351.yaml b/http/cves/2020/CVE-2020-28351.yaml index 096421e653b..5399723738a 100644 --- a/http/cves/2020/CVE-2020-28351.yaml +++ b/http/cves/2020/CVE-2020-28351.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28351 cwe-id: CWE-79 epss-score: 0.0036 - epss-percentile: 0.69254 + epss-percentile: 0.71646 cpe: cpe:2.3:o:mitel:shoretel_firmware:19.46.1802.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28871.yaml b/http/cves/2020/CVE-2020-28871.yaml index a9114c3ed8b..65bc2772f65 100644 --- a/http/cves/2020/CVE-2020-28871.yaml +++ b/http/cves/2020/CVE-2020-28871.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-28871 cwe-id: CWE-434 - epss-score: 0.96996 - epss-percentile: 0.99688 + epss-score: 0.96907 + epss-percentile: 0.99693 cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-28976.yaml b/http/cves/2020/CVE-2020-28976.yaml index a13caba3c14..989df6769d0 100644 --- a/http/cves/2020/CVE-2020-28976.yaml +++ b/http/cves/2020/CVE-2020-28976.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28976 cwe-id: CWE-918 epss-score: 0.00616 - epss-percentile: 0.76542 + epss-percentile: 0.78321 cpe: cpe:2.3:a:canto:canto:1.3.0:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-29164.yaml b/http/cves/2020/CVE-2020-29164.yaml index 3889d32c516..bf1241fbba6 100644 --- a/http/cves/2020/CVE-2020-29164.yaml +++ b/http/cves/2020/CVE-2020-29164.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-29164 cwe-id: CWE-79 epss-score: 0.00205 - epss-percentile: 0.58496 + epss-percentile: 0.5782 cpe: cpe:2.3:a:rainbowfishsoftware:pacsone_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-29395.yaml b/http/cves/2020/CVE-2020-29395.yaml index cff3bdebbe4..dd63e3b16a0 100644 --- a/http/cves/2020/CVE-2020-29395.yaml +++ b/http/cves/2020/CVE-2020-29395.yaml @@ -14,13 +14,14 @@ info: - https://www.myeventon.com/news/ - https://nvd.nist.gov/vuln/detail/CVE-2020-29395 - http://packetstormsecurity.com/files/160282/WordPress-EventON-Calendar-3.0.5-Cross-Site-Scripting.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-29395 cwe-id: CWE-79 epss-score: 0.05489 - epss-percentile: 0.92451 + epss-percentile: 0.93026 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-29583.yaml b/http/cves/2020/CVE-2020-29583.yaml index 0629075174f..7ef60b2740f 100644 --- a/http/cves/2020/CVE-2020-29583.yaml +++ b/http/cves/2020/CVE-2020-29583.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-29583 cwe-id: CWE-522 epss-score: 0.96219 - epss-percentile: 0.99405 + epss-percentile: 0.99483 cpe: cpe:2.3:o:zyxel:usg20-vpn_firmware:4.60:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-29597.yaml b/http/cves/2020/CVE-2020-29597.yaml index 0addeeb82a3..4c4a0329378 100644 --- a/http/cves/2020/CVE-2020-29597.yaml +++ b/http/cves/2020/CVE-2020-29597.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-29597 - https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2020-12-07-incom-insecure-up.md - https://m4dm0e.github.io/2020/12/07/incom-insecure-up.html + - https://github.com/trhacknon/CVE-2020-29597 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-29597 cwe-id: CWE-434 - epss-score: 0.83237 - epss-percentile: 0.98162 + epss-score: 0.78448 + epss-percentile: 0.9817 cpe: cpe:2.3:a:incomcms_project:incomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-3187.yaml b/http/cves/2020/CVE-2020-3187.yaml index b95c8f0d528..6f21c44da09 100644 --- a/http/cves/2020/CVE-2020-3187.yaml +++ b/http/cves/2020/CVE-2020-3187.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43 - https://nvd.nist.gov/vuln/detail/CVE-2020-3187 + - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2020-3187 cwe-id: CWE-22 - epss-score: 0.97259 - epss-percentile: 0.99819 + epss-score: 0.97297 + epss-percentile: 0.99857 cpe: cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35234.yaml b/http/cves/2020/CVE-2020-35234.yaml index 178342f153c..93398613bff 100644 --- a/http/cves/2020/CVE-2020-35234.yaml +++ b/http/cves/2020/CVE-2020-35234.yaml @@ -12,13 +12,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-35234 - https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/ - https://wordpress.org/plugins/easy-wp-smtp/#developers + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-35234 cwe-id: CWE-532 - epss-score: 0.37453 - epss-percentile: 0.9684 + epss-score: 0.37649 + epss-percentile: 0.97105 cpe: cpe:2.3:a:wp-ecommerce:easy_wp_smtp:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-35338.yaml b/http/cves/2020/CVE-2020-35338.yaml index 99e85910c36..10fa0ce5f3b 100644 --- a/http/cves/2020/CVE-2020-35338.yaml +++ b/http/cves/2020/CVE-2020-35338.yaml @@ -13,13 +13,15 @@ info: - https://jeyaseelans.medium.com/cve-2020-35338-9e841f48defa - https://nvd.nist.gov/vuln/detail/CVE-2020-35338 - https://www.mobileviewpoint.com/ + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-35338 cwe-id: CWE-798 - epss-score: 0.25616 - epss-percentile: 0.96262 + epss-score: 0.29702 + epss-percentile: 0.96805 cpe: cpe:2.3:a:mobileviewpoint:wireless_multiplex_terminal_playout_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35580.yaml b/http/cves/2020/CVE-2020-35580.yaml index 341a6ee7dc1..4a384aab428 100644 --- a/http/cves/2020/CVE-2020-35580.yaml +++ b/http/cves/2020/CVE-2020-35580.yaml @@ -13,13 +13,15 @@ info: - https://hateshape.github.io/general/2021/05/11/CVE-2020-35580.html - https://developer.searchblox.com/docs/getting-started-with-searchblox - https://nvd.nist.gov/vuln/detail/CVE-2020-35580 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-35580 cwe-id: CWE-22 - epss-score: 0.02047 - epss-percentile: 0.87773 + epss-score: 0.01833 + epss-percentile: 0.87972 cpe: cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35713.yaml b/http/cves/2020/CVE-2020-35713.yaml index 8945d0744a1..a63538b0aa9 100644 --- a/http/cves/2020/CVE-2020-35713.yaml +++ b/http/cves/2020/CVE-2020-35713.yaml @@ -14,13 +14,14 @@ info: - https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html - https://nvd.nist.gov/vuln/detail/CVE-2020-35713 - https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-35713 cwe-id: CWE-78 - epss-score: 0.9714 - epss-percentile: 0.99756 + epss-score: 0.96729 + epss-percentile: 0.9964 cpe: cpe:2.3:o:linksys:re6500_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35774.yaml b/http/cves/2020/CVE-2020-35774.yaml index 5b5b29e68ea..9920cd0bf1b 100644 --- a/http/cves/2020/CVE-2020-35774.yaml +++ b/http/cves/2020/CVE-2020-35774.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.4 cve-id: CVE-2020-35774 cwe-id: CWE-79 - epss-score: 0.97202 - epss-percentile: 0.9979 + epss-score: 0.97225 + epss-percentile: 0.99823 cpe: cpe:2.3:a:twitter:twitter-server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35846.yaml b/http/cves/2020/CVE-2020-35846.yaml index ba1f33d5445..7e6f3789f30 100644 --- a/http/cves/2020/CVE-2020-35846.yaml +++ b/http/cves/2020/CVE-2020-35846.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35846 cwe-id: CWE-89 - epss-score: 0.85589 - epss-percentile: 0.98278 + epss-score: 0.78767 + epss-percentile: 0.98182 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35847.yaml b/http/cves/2020/CVE-2020-35847.yaml index 0814c911901..444494c0791 100644 --- a/http/cves/2020/CVE-2020-35847.yaml +++ b/http/cves/2020/CVE-2020-35847.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35847 cwe-id: CWE-89 - epss-score: 0.78248 - epss-percentile: 0.97981 + epss-score: 0.77399 + epss-percentile: 0.98139 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-35848.yaml b/http/cves/2020/CVE-2020-35848.yaml index 99bfa420685..3eff2e5d50d 100644 --- a/http/cves/2020/CVE-2020-35848.yaml +++ b/http/cves/2020/CVE-2020-35848.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35848 cwe-id: CWE-89 - epss-score: 0.76291 - epss-percentile: 0.97909 + epss-score: 0.75372 + epss-percentile: 0.98077 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35984.yaml b/http/cves/2020/CVE-2020-35984.yaml index 7fd34e1526d..26b748c66c2 100644 --- a/http/cves/2020/CVE-2020-35984.yaml +++ b/http/cves/2020/CVE-2020-35984.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35984 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.47225 + epss-percentile: 0.46456 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-35985.yaml b/http/cves/2020/CVE-2020-35985.yaml index 2b62af8ea07..872672fd791 100644 --- a/http/cves/2020/CVE-2020-35985.yaml +++ b/http/cves/2020/CVE-2020-35985.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35985 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.47225 + epss-percentile: 0.46456 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-35986.yaml b/http/cves/2020/CVE-2020-35986.yaml index 1943067d4f1..83944858fb1 100644 --- a/http/cves/2020/CVE-2020-35986.yaml +++ b/http/cves/2020/CVE-2020-35986.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35986 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.47131 + epss-percentile: 0.46456 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-36112.yaml b/http/cves/2020/CVE-2020-36112.yaml index 067fc4e2d3c..9560a5f0ee8 100644 --- a/http/cves/2020/CVE-2020-36112.yaml +++ b/http/cves/2020/CVE-2020-36112.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2020-36112 cwe-id: CWE-89 epss-score: 0.40407 - epss-percentile: 0.96938 + epss-percentile: 0.9718 cpe: cpe:2.3:a:cse_bookstore_project:cse_bookstore:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-36510.yaml b/http/cves/2020/CVE-2020-36510.yaml index 35a709f097d..a2978f95941 100644 --- a/http/cves/2020/CVE-2020-36510.yaml +++ b/http/cves/2020/CVE-2020-36510.yaml @@ -13,13 +13,14 @@ info: reference: - https://wpscan.com/vulnerability/d1dbc6d7-7488-40c2-bc38-0674ea5b3c95 - https://nvd.nist.gov/vuln/detail/CVE-2020-36510 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-36510 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:codetipi:15zine:*:*:*:*:*:wordpress:*:* metadata: verified: "false" diff --git a/http/cves/2020/CVE-2020-5284.yaml b/http/cves/2020/CVE-2020-5284.yaml index cc904e4db7b..3304ac60691 100644 --- a/http/cves/2020/CVE-2020-5284.yaml +++ b/http/cves/2020/CVE-2020-5284.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.3 cve-id: CVE-2020-5284 cwe-id: CWE-22,CWE-23 - epss-score: 0.00152 - epss-percentile: 0.51455 + epss-score: 0.00213 + epss-percentile: 0.58675 cpe: cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5405.yaml b/http/cves/2020/CVE-2020-5405.yaml index c539e44955f..bd1ee95cb30 100644 --- a/http/cves/2020/CVE-2020-5405.yaml +++ b/http/cves/2020/CVE-2020-5405.yaml @@ -12,13 +12,16 @@ info: reference: - https://pivotal.io/security/cve-2020-5405 - https://nvd.nist.gov/vuln/detail/CVE-2020-5405 + - https://github.com/Secxt/FINAL + - https://github.com/pen4uin/vulnerability-research-list + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N cvss-score: 6.5 cve-id: CVE-2020-5405 cwe-id: CWE-22,CWE-23 epss-score: 0.00258 - epss-percentile: 0.63514 + epss-percentile: 0.64891 cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5412.yaml b/http/cves/2020/CVE-2020-5412.yaml index ee5ebdd797f..ac94d3cb385 100644 --- a/http/cves/2020/CVE-2020-5412.yaml +++ b/http/cves/2020/CVE-2020-5412.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-5412 cwe-id: CWE-610,CWE-441 - epss-score: 0.36725 - epss-percentile: 0.96799 + epss-score: 0.05469 + epss-percentile: 0.93009 cpe: cpe:2.3:a:vmware:spring_cloud_netflix:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5776.yaml b/http/cves/2020/CVE-2020-5776.yaml index adc321f91bc..6d03cd8a468 100644 --- a/http/cves/2020/CVE-2020-5776.yaml +++ b/http/cves/2020/CVE-2020-5776.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-5776 cwe-id: CWE-352 - epss-score: 0.53796 - epss-percentile: 0.97336 + epss-score: 0.50353 + epss-percentile: 0.97455 cpe: cpe:2.3:a:magmi_project:magmi:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-5777.yaml b/http/cves/2020/CVE-2020-5777.yaml index 3eafc3a4c31..0dd207b491b 100644 --- a/http/cves/2020/CVE-2020-5777.yaml +++ b/http/cves/2020/CVE-2020-5777.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-5777 cwe-id: CWE-287 epss-score: 0.04038 - epss-percentile: 0.91226 + epss-percentile: 0.91885 cpe: cpe:2.3:a:magmi_project:magmi:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5847.yaml b/http/cves/2020/CVE-2020-5847.yaml index e530755af24..430b59b90ba 100644 --- a/http/cves/2020/CVE-2020-5847.yaml +++ b/http/cves/2020/CVE-2020-5847.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2020-5847 cwe-id: CWE-94,CWE-668 epss-score: 0.97053 - epss-percentile: 0.99713 + epss-percentile: 0.99741 cpe: cpe:2.3:a:unraid:unraid:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5902.yaml b/http/cves/2020/CVE-2020-5902.yaml index 7178439cd1c..2deac2e69b3 100644 --- a/http/cves/2020/CVE-2020-5902.yaml +++ b/http/cves/2020/CVE-2020-5902.yaml @@ -27,7 +27,7 @@ info: cvss-score: 9.8 cve-id: CVE-2020-5902 cwe-id: CWE-22 - epss-score: 0.97555 + epss-score: 0.97563 epss-percentile: 0.99998 cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2020/CVE-2020-6287.yaml b/http/cves/2020/CVE-2020-6287.yaml index 3c69b390fe4..83f01598606 100644 --- a/http/cves/2020/CVE-2020-6287.yaml +++ b/http/cves/2020/CVE-2020-6287.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2020-6287 cwe-id: CWE-306 - epss-score: 0.97274 - epss-percentile: 0.99833 + epss-score: 0.97502 + epss-percentile: 0.99977 cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-6308.yaml b/http/cves/2020/CVE-2020-6308.yaml index c5978026a9e..259377fca36 100644 --- a/http/cves/2020/CVE-2020-6308.yaml +++ b/http/cves/2020/CVE-2020-6308.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-6308 cwe-id: CWE-918 epss-score: 0.004 - epss-percentile: 0.7093 + epss-percentile: 0.73121 cpe: cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.1:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-6950.yaml b/http/cves/2020/CVE-2020-6950.yaml index 8b78cfcb4a3..e00e4798f4e 100644 --- a/http/cves/2020/CVE-2020-6950.yaml +++ b/http/cves/2020/CVE-2020-6950.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-6950 cwe-id: CWE-22 - epss-score: 0.04665 - epss-percentile: 0.91775 + epss-score: 0.03924 + epss-percentile: 0.91792 cpe: cpe:2.3:a:eclipse:mojarra:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-7136.yaml b/http/cves/2020/CVE-2020-7136.yaml index a942590cfef..9f75b3a4290 100644 --- a/http/cves/2020/CVE-2020-7136.yaml +++ b/http/cves/2020/CVE-2020-7136.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-7136 cwe-id: CWE-288 epss-score: 0.26929 - epss-percentile: 0.96346 + epss-percentile: 0.96662 cpe: cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-7209.yaml b/http/cves/2020/CVE-2020-7209.yaml index 4dcb967838b..4e65bb47656 100644 --- a/http/cves/2020/CVE-2020-7209.yaml +++ b/http/cves/2020/CVE-2020-7209.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-7209 - epss-score: 0.9719 - epss-percentile: 0.99779 + epss-score: 0.97202 + epss-percentile: 0.99806 cpe: cpe:2.3:a:hp:linuxki:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-7796.yaml b/http/cves/2020/CVE-2020-7796.yaml index e2ec25a827a..5ef36a08dae 100644 --- a/http/cves/2020/CVE-2020-7796.yaml +++ b/http/cves/2020/CVE-2020-7796.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-7796 cwe-id: CWE-918 - epss-score: 0.72496 - epss-percentile: 0.97814 + epss-score: 0.70648 + epss-percentile: 0.9795 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-7980.yaml b/http/cves/2020/CVE-2020-7980.yaml index 72ca0cc90b6..e57b89f0d2a 100644 --- a/http/cves/2020/CVE-2020-7980.yaml +++ b/http/cves/2020/CVE-2020-7980.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-7980 cwe-id: CWE-78 epss-score: 0.97015 - epss-percentile: 0.99697 + epss-percentile: 0.99726 cpe: cpe:2.3:a:intelliantech:aptus_web:1.24:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8115.yaml b/http/cves/2020/CVE-2020-8115.yaml index cabd59a260e..a92e7fd034e 100644 --- a/http/cves/2020/CVE-2020-8115.yaml +++ b/http/cves/2020/CVE-2020-8115.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-8115 cwe-id: CWE-79 epss-score: 0.0187 - epss-percentile: 0.8713 + epss-percentile: 0.88123 cpe: cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8193.yaml b/http/cves/2020/CVE-2020-8193.yaml index 375388bc751..ecb1df36829 100644 --- a/http/cves/2020/CVE-2020-8193.yaml +++ b/http/cves/2020/CVE-2020-8193.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html - https://support.citrix.com/article/CTX276688 - https://nvd.nist.gov/vuln/detail/CVE-2020-8193 + - https://github.com/0ps/pocassistdb classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2020-8193 cwe-id: CWE-287,CWE-284 - epss-score: 0.93307 - epss-percentile: 0.9889 + epss-score: 0.97463 + epss-percentile: 0.99954 cpe: cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:* metadata: max-request: 6 diff --git a/http/cves/2020/CVE-2020-8209.yaml b/http/cves/2020/CVE-2020-8209.yaml index 4f385fe7c7a..cbcf3519bb9 100644 --- a/http/cves/2020/CVE-2020-8209.yaml +++ b/http/cves/2020/CVE-2020-8209.yaml @@ -16,13 +16,17 @@ info: Apply the latest security patches or updates provided by Citrix to fix the vulnerability. reference: - https://support.citrix.com/article/CTX277457 + - https://github.com/Miraitowa70/POC-Notes + - https://github.com/dudek-marcin/Poc-Exp + - https://github.com/hectorgie/PoC-in-GitHub + - https://github.com/pen4uin/vulnerability-research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-8209 cwe-id: CWE-22 - epss-score: 0.97043 - epss-percentile: 0.99702 + epss-score: 0.96834 + epss-percentile: 0.9967 cpe: cpe:2.3:a:citrix:xenmobile_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8497.yaml b/http/cves/2020/CVE-2020-8497.yaml index 5955d4bf8ff..7b4c8f55c96 100644 --- a/http/cves/2020/CVE-2020-8497.yaml +++ b/http/cves/2020/CVE-2020-8497.yaml @@ -12,13 +12,15 @@ info: reference: - https://k4m1ll0.com/cve-2020-8497.html - https://nvd.nist.gov/vuln/detail/CVE-2020-8497 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2020-8497 cwe-id: CWE-306 epss-score: 0.002 - epss-percentile: 0.5784 + epss-percentile: 0.56881 cpe: cpe:2.3:a:artica:pandora_fms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8512.yaml b/http/cves/2020/CVE-2020-8512.yaml index a063d889ab1..8b00dc567a5 100644 --- a/http/cves/2020/CVE-2020-8512.yaml +++ b/http/cves/2020/CVE-2020-8512.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-8512 cwe-id: CWE-79 - epss-score: 0.01373 - epss-percentile: 0.8485 + epss-score: 0.00692 + epss-percentile: 0.79726 cpe: cpe:2.3:a:icewarp:icewarp_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8515.yaml b/http/cves/2020/CVE-2020-8515.yaml index 7051a059f66..bb9f1313453 100644 --- a/http/cves/2020/CVE-2020-8515.yaml +++ b/http/cves/2020/CVE-2020-8515.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-8515 cwe-id: CWE-78 epss-score: 0.97079 - epss-percentile: 0.99727 + epss-percentile: 0.99754 cpe: cpe:2.3:o:draytek:vigor2960_firmware:1.3.1:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8615.yaml b/http/cves/2020/CVE-2020-8615.yaml index b0a9ffdd575..d1177ea36b2 100644 --- a/http/cves/2020/CVE-2020-8615.yaml +++ b/http/cves/2020/CVE-2020-8615.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-8615 cwe-id: CWE-352 - epss-score: 0.00479 - epss-percentile: 0.73312 + epss-score: 0.00632 + epss-percentile: 0.78607 cpe: cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-8641.yaml b/http/cves/2020/CVE-2020-8641.yaml index b449381870a..d031eafac9c 100644 --- a/http/cves/2020/CVE-2020-8641.yaml +++ b/http/cves/2020/CVE-2020-8641.yaml @@ -13,13 +13,15 @@ info: - https://cxsecurity.com/issue/WLB-2020010234 - https://www.exploit-db.com/exploits/47985 - https://nvd.nist.gov/vuln/detail/CVE-2020-8641 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2020-8641 cwe-id: CWE-22 epss-score: 0.0071 - epss-percentile: 0.7833 + epss-percentile: 0.80028 cpe: cpe:2.3:a:lotus_core_cms_project:lotus_core_cms:1.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8654.yaml b/http/cves/2020/CVE-2020-8654.yaml index c1224dfcfb9..2ecaa611737 100644 --- a/http/cves/2020/CVE-2020-8654.yaml +++ b/http/cves/2020/CVE-2020-8654.yaml @@ -14,13 +14,14 @@ info: - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetwork_autodiscovery_rce.rb - https://github.com/EyesOfNetworkCommunity/eonweb/issues/50 - https://nvd.nist.gov/vuln/detail/CVE-2020-8654 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2020-8654 cwe-id: CWE-78 epss-score: 0.04987 - epss-percentile: 0.9205 + epss-percentile: 0.92656 cpe: cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.3-0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8982.yaml b/http/cves/2020/CVE-2020-8982.yaml index caf7cb12d8e..d4ad172dcbb 100644 --- a/http/cves/2020/CVE-2020-8982.yaml +++ b/http/cves/2020/CVE-2020-8982.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-8982 cwe-id: CWE-22 - epss-score: 0.79861 - epss-percentile: 0.98035 + epss-score: 0.76583 + epss-percentile: 0.98117 cpe: cpe:2.3:a:citrix:sharefile_storagezones_controller:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9036.yaml b/http/cves/2020/CVE-2020-9036.yaml index 1eecfea36e5..fc67182234f 100644 --- a/http/cves/2020/CVE-2020-9036.yaml +++ b/http/cves/2020/CVE-2020-9036.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-9036 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44682 + epss-percentile: 0.43845 cpe: cpe:2.3:a:jeedom:jeedom:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9047.yaml b/http/cves/2020/CVE-2020-9047.yaml index ffb6b92f9a5..80d445dbc0c 100644 --- a/http/cves/2020/CVE-2020-9047.yaml +++ b/http/cves/2020/CVE-2020-9047.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-9047 cwe-id: CWE-347 epss-score: 0.00782 - epss-percentile: 0.79503 + epss-percentile: 0.81009 cpe: cpe:2.3:a:johnsoncontrols:exacqvision_enterprise_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9315.yaml b/http/cves/2020/CVE-2020-9315.yaml index 0a2c71acf3b..541a2fb0833 100644 --- a/http/cves/2020/CVE-2020-9315.yaml +++ b/http/cves/2020/CVE-2020-9315.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-9315 cwe-id: CWE-306 - epss-score: 0.97318 - epss-percentile: 0.99864 + epss-score: 0.97337 + epss-percentile: 0.9988 cpe: cpe:2.3:a:oracle:iplanet_web_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-9344.yaml b/http/cves/2020/CVE-2020-9344.yaml index 9fd6dc5e383..35503ed3cba 100644 --- a/http/cves/2020/CVE-2020-9344.yaml +++ b/http/cves/2020/CVE-2020-9344.yaml @@ -14,13 +14,14 @@ info: - https://kintosoft.atlassian.net/wiki/spaces/SVNALM/pages/753565697/Security+Bulletin - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-007.txt - https://nvd.nist.gov/vuln/detail/CVE-2020-13483 + - https://github.com/merlinepedra/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-9344 cwe-id: CWE-79 epss-score: 0.00205 - epss-percentile: 0.58416 + epss-percentile: 0.5782 cpe: cpe:2.3:a:atlassian:subversion_application_lifecycle_management:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-9376.yaml b/http/cves/2020/CVE-2020-9376.yaml index 3cf81fa75e0..e4a16ca0ab9 100644 --- a/http/cves/2020/CVE-2020-9376.yaml +++ b/http/cves/2020/CVE-2020-9376.yaml @@ -23,7 +23,7 @@ info: cve-id: CVE-2020-9376 cwe-id: CWE-74 epss-score: 0.96966 - epss-percentile: 0.9968 + epss-percentile: 0.99713 cpe: cpe:2.3:o:dlink:dir-610_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9402.yaml b/http/cves/2020/CVE-2020-9402.yaml index 37dd87d3f65..4691708397f 100644 --- a/http/cves/2020/CVE-2020-9402.yaml +++ b/http/cves/2020/CVE-2020-9402.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-9402 cwe-id: CWE-89 epss-score: 0.14117 - epss-percentile: 0.95205 + epss-percentile: 0.95552 cpe: cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9483.yaml b/http/cves/2020/CVE-2020-9483.yaml index 53472e281c9..cb85f2657c9 100644 --- a/http/cves/2020/CVE-2020-9483.yaml +++ b/http/cves/2020/CVE-2020-9483.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/apache/skywalking/pull/4639 - https://nvd.nist.gov/vuln/detail/CVE-2020-9483 + - https://github.com/Elsfa7-110/kenzer-templates + - https://github.com/developer3000S/PoC-in-GitHub + - https://github.com/pen4uin/awesome-vulnerability-research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-9483 cwe-id: CWE-89 epss-score: 0.0522 - epss-percentile: 0.92246 + epss-percentile: 0.92833 cpe: cpe:2.3:a:apache:skywalking:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9484.yaml b/http/cves/2020/CVE-2020-9484.yaml index 8c4dcf41c8f..8b6c404f6a0 100644 --- a/http/cves/2020/CVE-2020-9484.yaml +++ b/http/cves/2020/CVE-2020-9484.yaml @@ -26,8 +26,8 @@ info: cvss-score: 7 cve-id: CVE-2020-9484 cwe-id: CWE-502 - epss-score: 0.8875 - epss-percentile: 0.98456 + epss-score: 0.92769 + epss-percentile: 0.98967 cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9496.yaml b/http/cves/2020/CVE-2020-9496.yaml index 6625d445fe7..c14c9fee815 100644 --- a/http/cves/2020/CVE-2020-9496.yaml +++ b/http/cves/2020/CVE-2020-9496.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-9496 cwe-id: CWE-502 - epss-score: 0.9739 - epss-percentile: 0.99907 + epss-score: 0.89561 + epss-percentile: 0.98689 cpe: cpe:2.3:a:apache:ofbiz:17.12.03:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9757.yaml b/http/cves/2020/CVE-2020-9757.yaml index 281c0f5f832..a42acdd72d6 100644 --- a/http/cves/2020/CVE-2020-9757.yaml +++ b/http/cves/2020/CVE-2020-9757.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-9757 cwe-id: CWE-74 - epss-score: 0.96795 - epss-percentile: 0.99619 + epss-score: 0.96518 + epss-percentile: 0.99576 cpe: cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-1472.yaml b/http/cves/2021/CVE-2021-1472.yaml index 68b88e46e73..361593f162d 100644 --- a/http/cves/2021/CVE-2021-1472.yaml +++ b/http/cves/2021/CVE-2021-1472.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-1472 cwe-id: CWE-287,CWE-119 epss-score: 0.97174 - epss-percentile: 0.99773 + epss-percentile: 0.99793 cpe: cpe:2.3:o:cisco:rv160_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-1497.yaml b/http/cves/2021/CVE-2021-1497.yaml index 4c6bd4cd014..3f6d1ae77df 100644 --- a/http/cves/2021/CVE-2021-1497.yaml +++ b/http/cves/2021/CVE-2021-1497.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-1497 cwe-id: CWE-78 - epss-score: 0.97485 - epss-percentile: 0.99968 + epss-score: 0.97512 + epss-percentile: 0.99982 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:4.0\(2a\):*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-1498.yaml b/http/cves/2021/CVE-2021-1498.yaml index 06a45127db9..8281d059af9 100644 --- a/http/cves/2021/CVE-2021-1498.yaml +++ b/http/cves/2021/CVE-2021-1498.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-1498 cwe-id: CWE-78 - epss-score: 0.97518 - epss-percentile: 0.99986 + epss-score: 0.97512 + epss-percentile: 0.99982 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-1499.yaml b/http/cves/2021/CVE-2021-1499.yaml index 66c72c39a53..eaf55be9827 100644 --- a/http/cves/2021/CVE-2021-1499.yaml +++ b/http/cves/2021/CVE-2021-1499.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-1499 cwe-id: CWE-306 - epss-score: 0.94981 - epss-percentile: 0.99137 + epss-score: 0.9652 + epss-percentile: 0.99578 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20031.yaml b/http/cves/2021/CVE-2021-20031.yaml index 8ae371fc8b2..2d138152a04 100644 --- a/http/cves/2021/CVE-2021-20031.yaml +++ b/http/cves/2021/CVE-2021-20031.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-20031 cwe-id: CWE-601 epss-score: 0.01202 - epss-percentile: 0.83735 + epss-percentile: 0.84903 cpe: cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20038.yaml b/http/cves/2021/CVE-2021-20038.yaml index d50c5f7cb76..51c967e90f2 100644 --- a/http/cves/2021/CVE-2021-20038.yaml +++ b/http/cves/2021/CVE-2021-20038.yaml @@ -14,13 +14,14 @@ info: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 - https://nvd.nist.gov/vuln/detail/CVE-2021-20038 - https://github.com/jbaines-r7/badblood + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-20038 cwe-id: CWE-787,CWE-121 - epss-score: 0.95092 - epss-percentile: 0.99142 + epss-score: 0.95823 + epss-percentile: 0.99394 cpe: cpe:2.3:o:sonicwall:sma_200_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-20090.yaml b/http/cves/2021/CVE-2021-20090.yaml index 8ee33bf2f2d..8aaebee5ea8 100644 --- a/http/cves/2021/CVE-2021-20090.yaml +++ b/http/cves/2021/CVE-2021-20090.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-20090 cwe-id: CWE-22 - epss-score: 0.97203 - epss-percentile: 0.99792 + epss-score: 0.97465 + epss-percentile: 0.99955 cpe: cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20092.yaml b/http/cves/2021/CVE-2021-20092.yaml index cbaab2f4739..13348b14b7b 100644 --- a/http/cves/2021/CVE-2021-20092.yaml +++ b/http/cves/2021/CVE-2021-20092.yaml @@ -14,13 +14,15 @@ info: - https://www.tenable.com/security/research/tra-2021-13 - https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2 - https://nvd.nist.gov/vuln/detail/CVE-2021-20091 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-20092 cwe-id: CWE-287 - epss-score: 0.01122 - epss-percentile: 0.83024 + epss-score: 0.01583 + epss-percentile: 0.87054 cpe: cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-20114.yaml b/http/cves/2021/CVE-2021-20114.yaml index 040077c7560..e72c3651e2c 100644 --- a/http/cves/2021/CVE-2021-20114.yaml +++ b/http/cves/2021/CVE-2021-20114.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-20114 cwe-id: CWE-425 - epss-score: 0.01918 - epss-percentile: 0.87354 + epss-score: 0.01409 + epss-percentile: 0.86167 cpe: cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20123.yaml b/http/cves/2021/CVE-2021-20123.yaml index 44f1a6d80b2..e3092ee1ca9 100644 --- a/http/cves/2021/CVE-2021-20123.yaml +++ b/http/cves/2021/CVE-2021-20123.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.tenable.com/security/research/tra-2021-42 - https://nvd.nist.gov/vuln/detail/CVE-2021-20123 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-20123 cwe-id: CWE-22 - epss-score: 0.03116 - epss-percentile: 0.90065 + epss-score: 0.03354 + epss-percentile: 0.91162 cpe: cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-20124.yaml b/http/cves/2021/CVE-2021-20124.yaml index 552179c1a45..8eed1c6e3b9 100644 --- a/http/cves/2021/CVE-2021-20124.yaml +++ b/http/cves/2021/CVE-2021-20124.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-20124 cwe-id: CWE-22 - epss-score: 0.01234 - epss-percentile: 0.83989 + epss-score: 0.01331 + epss-percentile: 0.85744 cpe: cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-20137.yaml b/http/cves/2021/CVE-2021-20137.yaml index 60c252c4b00..c786f70ede2 100644 --- a/http/cves/2021/CVE-2021-20137.yaml +++ b/http/cves/2021/CVE-2021-20137.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-20137 cwe-id: CWE-79 epss-score: 0.24456 - epss-percentile: 0.96208 + epss-percentile: 0.96515 cpe: cpe:2.3:o:gryphonconnect:gryphon_tower_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20167.yaml b/http/cves/2021/CVE-2021-20167.yaml index 394fdf676af..d2f53010ec6 100644 --- a/http/cves/2021/CVE-2021-20167.yaml +++ b/http/cves/2021/CVE-2021-20167.yaml @@ -10,13 +10,15 @@ info: - https://www.tenable.com/security/research/tra-2021-55 - https://nvd.nist.gov/vuln/detail/CVE-2021-20166 - https://nvd.nist.gov/vuln/detail/CVE-2021-20167 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8 cve-id: CVE-2021-20167 cwe-id: CWE-77 - epss-score: 0.94785 - epss-percentile: 0.99096 + epss-score: 0.94822 + epss-percentile: 0.99222 cpe: cpe:2.3:o:netgear:rax43_firmware:1.0.3.96:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20323.yaml b/http/cves/2021/CVE-2021-20323.yaml index de879dce786..a39c71bdbad 100644 --- a/http/cves/2021/CVE-2021-20323.yaml +++ b/http/cves/2021/CVE-2021-20323.yaml @@ -23,7 +23,7 @@ info: cve-id: CVE-2021-20323 cwe-id: CWE-79 epss-score: 0.00173 - epss-percentile: 0.54515 + epss-percentile: 0.53461 cpe: cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-20792.yaml b/http/cves/2021/CVE-2021-20792.yaml index e8f4be2bfb3..dc904e0efa7 100644 --- a/http/cves/2021/CVE-2021-20792.yaml +++ b/http/cves/2021/CVE-2021-20792.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-20792 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57896 + epss-score: 0.00183 + epss-percentile: 0.54675 cpe: cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-21087.yaml b/http/cves/2021/CVE-2021-21087.yaml index dbb6ef375e1..853867fde8a 100644 --- a/http/cves/2021/CVE-2021-21087.yaml +++ b/http/cves/2021/CVE-2021-21087.yaml @@ -14,13 +14,15 @@ info: - https://helpx.adobe.com/security/products/coldfusion/apsb21-16.html - https://twitter.com/Daviey/status/1374070630283415558 - https://nvd.nist.gov/vuln/detail/CVE-2021-21087 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2021-21087 cwe-id: CWE-79 - epss-score: 0.00326 - epss-percentile: 0.67709 + epss-score: 0.00186 + epss-percentile: 0.54967 cpe: cpe:2.3:a:adobe:coldfusion:2016:-:*:*:*:*:*:* metadata: max-request: 7 diff --git a/http/cves/2021/CVE-2021-21307.yaml b/http/cves/2021/CVE-2021-21307.yaml index effce008aeb..eecf623e30d 100644 --- a/http/cves/2021/CVE-2021-21307.yaml +++ b/http/cves/2021/CVE-2021-21307.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-21307 cwe-id: CWE-862 epss-score: 0.97312 - epss-percentile: 0.99858 + epss-percentile: 0.99864 cpe: cpe:2.3:a:lucee:lucee_server:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-21315.yaml b/http/cves/2021/CVE-2021-21315.yaml index 69861c9292d..a7063a2a211 100644 --- a/http/cves/2021/CVE-2021-21315.yaml +++ b/http/cves/2021/CVE-2021-21315.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.8 cve-id: CVE-2021-21315 cwe-id: CWE-78 - epss-score: 0.96949 - epss-percentile: 0.99673 + epss-score: 0.97233 + epss-percentile: 0.99827 cpe: cpe:2.3:a:systeminformation:systeminformation:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21351.yaml b/http/cves/2021/CVE-2021-21351.yaml index 3dd1cdb48c0..f34e6251c5b 100644 --- a/http/cves/2021/CVE-2021-21351.yaml +++ b/http/cves/2021/CVE-2021-21351.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.1 cve-id: CVE-2021-21351 cwe-id: CWE-434 - epss-score: 0.73239 - epss-percentile: 0.97833 + epss-score: 0.73084 + epss-percentile: 0.98014 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21389.yaml b/http/cves/2021/CVE-2021-21389.yaml index c068a7e4e99..a1591ee67d5 100644 --- a/http/cves/2021/CVE-2021-21389.yaml +++ b/http/cves/2021/CVE-2021-21389.yaml @@ -19,8 +19,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-21389 cwe-id: CWE-863 - epss-score: 0.80915 - epss-percentile: 0.98067 + epss-score: 0.83143 + epss-percentile: 0.98347 cpe: cpe:2.3:a:buddypress:buddypress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21402.yaml b/http/cves/2021/CVE-2021-21402.yaml index 00446a88e28..403275b5d67 100644 --- a/http/cves/2021/CVE-2021-21402.yaml +++ b/http/cves/2021/CVE-2021-21402.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-21402 cwe-id: CWE-22 epss-score: 0.15589 - epss-percentile: 0.9539 + epss-percentile: 0.95782 cpe: cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-21745.yaml b/http/cves/2021/CVE-2021-21745.yaml index f805a2a99e4..1ea1d0db2ff 100644 --- a/http/cves/2021/CVE-2021-21745.yaml +++ b/http/cves/2021/CVE-2021-21745.yaml @@ -15,13 +15,14 @@ info: - https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1317 - https://nvd.nist.gov/vuln/detail/CVE-2021-21745 - https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N cvss-score: 4.3 cve-id: CVE-2021-21745 cwe-id: CWE-352 - epss-score: 0.42121 - epss-percentile: 0.96978 + epss-score: 0.26168 + epss-percentile: 0.96622 cpe: cpe:2.3:o:zte:mf971r_firmware:v1.0.0b05:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21800.yaml b/http/cves/2021/CVE-2021-21800.yaml index 5710a8f612a..9e47f9c8cda 100644 --- a/http/cves/2021/CVE-2021-21800.yaml +++ b/http/cves/2021/CVE-2021-21800.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-21800 cwe-id: CWE-79 - epss-score: 0.83144 - epss-percentile: 0.98185 + epss-score: 0.80604 + epss-percentile: 0.98232 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-21802.yaml b/http/cves/2021/CVE-2021-21802.yaml index 9afe470e2e5..8c25e1ac925 100644 --- a/http/cves/2021/CVE-2021-21802.yaml +++ b/http/cves/2021/CVE-2021-21802.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272 - https://nvd.nist.gov/vuln/detail/CVE-2021-21801 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-21802 cwe-id: CWE-79 - epss-score: 0.83144 - epss-percentile: 0.98156 + epss-score: 0.80604 + epss-percentile: 0.98232 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21803.yaml b/http/cves/2021/CVE-2021-21803.yaml index 317151b6baf..a9a4a962475 100644 --- a/http/cves/2021/CVE-2021-21803.yaml +++ b/http/cves/2021/CVE-2021-21803.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272 - https://nvd.nist.gov/vuln/detail/CVE-2021-21803 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-21803 cwe-id: CWE-79 - epss-score: 0.83144 - epss-percentile: 0.98156 + epss-score: 0.80604 + epss-percentile: 0.98232 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21816.yaml b/http/cves/2021/CVE-2021-21816.yaml index 68c5cdf6961..3a910e927ef 100644 --- a/http/cves/2021/CVE-2021-21816.yaml +++ b/http/cves/2021/CVE-2021-21816.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281 - https://nvd.nist.gov/vuln/detail/CVE-2021-21816 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2021-21816 cwe-id: CWE-200 - epss-score: 0.00255 - epss-percentile: 0.63372 + epss-score: 0.00229 + epss-percentile: 0.60334 cpe: cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21881.yaml b/http/cves/2021/CVE-2021-21881.yaml index 69805e35d50..42565935ce3 100644 --- a/http/cves/2021/CVE-2021-21881.yaml +++ b/http/cves/2021/CVE-2021-21881.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1325 - https://nvd.nist.gov/vuln/detail/CVE-2021-21881 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.9 cve-id: CVE-2021-21881 cwe-id: CWE-78 - epss-score: 0.9711 - epss-percentile: 0.99739 + epss-score: 0.97001 + epss-percentile: 0.99723 cpe: cpe:2.3:o:lantronix:premierwave_2050_firmware:8.9.0.0:r4:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-21972.yaml b/http/cves/2021/CVE-2021-21972.yaml index f8031374789..85ba36bf6f3 100644 --- a/http/cves/2021/CVE-2021-21972.yaml +++ b/http/cves/2021/CVE-2021-21972.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-21972 cwe-id: CWE-22 - epss-score: 0.97391 - epss-percentile: 0.99907 + epss-score: 0.97299 + epss-percentile: 0.99858 cpe: cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21973.yaml b/http/cves/2021/CVE-2021-21973.yaml index d3c277eedeb..0aff31ee96b 100644 --- a/http/cves/2021/CVE-2021-21973.yaml +++ b/http/cves/2021/CVE-2021-21973.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-21973 cwe-id: CWE-918 - epss-score: 0.31709 - epss-percentile: 0.96596 + epss-score: 0.15857 + epss-percentile: 0.95819 cpe: cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21978.yaml b/http/cves/2021/CVE-2021-21978.yaml index 82f65eade6e..8737a6d1d94 100644 --- a/http/cves/2021/CVE-2021-21978.yaml +++ b/http/cves/2021/CVE-2021-21978.yaml @@ -17,13 +17,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-21978 - https://www.vmware.com/security/advisories/VMSA-2021-0003.html - http://packetstormsecurity.com/files/161879/VMware-View-Planner-4.6-Remote-Code-Execution.html + - https://github.com/HimmelAward/Goby_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-21978 cwe-id: CWE-20 - epss-score: 0.97364 - epss-percentile: 0.99887 + epss-score: 0.97469 + epss-percentile: 0.99959 cpe: cpe:2.3:a:vmware:view_planner:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21985.yaml b/http/cves/2021/CVE-2021-21985.yaml index 06fe8f95022..4954a863395 100644 --- a/http/cves/2021/CVE-2021-21985.yaml +++ b/http/cves/2021/CVE-2021-21985.yaml @@ -15,13 +15,14 @@ info: - https://github.com/alt3kx/CVE-2021-21985_PoC - https://nvd.nist.gov/vuln/detail/CVE-2021-21985 - http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html + - https://github.com/onSec-fr/CVE-2021-21985-Checker classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-21985 cwe-id: CWE-20 - epss-score: 0.9741 - epss-percentile: 0.99919 + epss-score: 0.97407 + epss-percentile: 0.9992 cpe: cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22005.yaml b/http/cves/2021/CVE-2021-22005.yaml index 64dac287ff8..7ee90310fc0 100644 --- a/http/cves/2021/CVE-2021-22005.yaml +++ b/http/cves/2021/CVE-2021-22005.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22005 cwe-id: CWE-22 - epss-score: 0.97289 - epss-percentile: 0.99843 + epss-score: 0.97389 + epss-percentile: 0.99909 cpe: cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-22054.yaml b/http/cves/2021/CVE-2021-22054.yaml index f57d0970f5e..2519c3ad452 100644 --- a/http/cves/2021/CVE-2021-22054.yaml +++ b/http/cves/2021/CVE-2021-22054.yaml @@ -13,13 +13,15 @@ info: - https://blog.assetnote.io/2022/04/27/vmware-workspace-one-uem-ssrf/ - https://www.vmware.com/security/advisories/VMSA-2021-0029.html - https://nvd.nist.gov/vuln/detail/CVE-2021-22054 + - https://github.com/fardeen-ahmed/Bug-bounty-Writeups + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-22054 cwe-id: CWE-918 - epss-score: 0.74 - epss-percentile: 0.97848 + epss-score: 0.74813 + epss-percentile: 0.98065 cpe: cpe:2.3:a:vmware:workspace_one_uem_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22145.yaml b/http/cves/2021/CVE-2021-22145.yaml index d010df34977..a8047853f5c 100644 --- a/http/cves/2021/CVE-2021-22145.yaml +++ b/http/cves/2021/CVE-2021-22145.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-22145 cwe-id: CWE-209 - epss-score: 0.96315 - epss-percentile: 0.99434 + epss-score: 0.96279 + epss-percentile: 0.99499 cpe: cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22214.yaml b/http/cves/2021/CVE-2021-22214.yaml index 5137ebb0780..f518dfbb518 100644 --- a/http/cves/2021/CVE-2021-22214.yaml +++ b/http/cves/2021/CVE-2021-22214.yaml @@ -24,8 +24,8 @@ info: cvss-score: 8.6 cve-id: CVE-2021-22214 cwe-id: CWE-918 - epss-score: 0.12047 - epss-percentile: 0.94831 + epss-score: 0.09317 + epss-percentile: 0.94551 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22502.yaml b/http/cves/2021/CVE-2021-22502.yaml index 0ec25e18957..c384d9b8e81 100644 --- a/http/cves/2021/CVE-2021-22502.yaml +++ b/http/cves/2021/CVE-2021-22502.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22502 cwe-id: CWE-78 - epss-score: 0.96129 - epss-percentile: 0.99379 + epss-score: 0.95993 + epss-percentile: 0.99434 cpe: cpe:2.3:a:microfocus:operation_bridge_reporter:10.40:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22707.yaml b/http/cves/2021/CVE-2021-22707.yaml index a39342219f7..c7b740befca 100644 --- a/http/cves/2021/CVE-2021-22707.yaml +++ b/http/cves/2021/CVE-2021-22707.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22707 cwe-id: CWE-798 - epss-score: 0.29966 - epss-percentile: 0.96514 + epss-score: 0.27092 + epss-percentile: 0.96671 cpe: cpe:2.3:o:schneider-electric:evlink_city_evc1s22p4_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-22873.yaml b/http/cves/2021/CVE-2021-22873.yaml index 66bb1175d3f..360ca6f169d 100644 --- a/http/cves/2021/CVE-2021-22873.yaml +++ b/http/cves/2021/CVE-2021-22873.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-22873 cwe-id: CWE-601 epss-score: 0.00922 - epss-percentile: 0.82474 + epss-percentile: 0.82556 cpe: cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-22911.yaml b/http/cves/2021/CVE-2021-22911.yaml index 9036a5381b5..0ff388c0156 100644 --- a/http/cves/2021/CVE-2021-22911.yaml +++ b/http/cves/2021/CVE-2021-22911.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22911 cwe-id: CWE-75,NVD-CWE-Other - epss-score: 0.95312 - epss-percentile: 0.99208 + epss-score: 0.94773 + epss-percentile: 0.99209 cpe: cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-23241.yaml b/http/cves/2021/CVE-2021-23241.yaml index 973e48734f4..3b7c4ff6c40 100644 --- a/http/cves/2021/CVE-2021-23241.yaml +++ b/http/cves/2021/CVE-2021-23241.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-23241 cwe-id: CWE-22 epss-score: 0.00365 - epss-percentile: 0.69601 + epss-percentile: 0.71874 cpe: cpe:2.3:o:mercusys:mercury_x18g_firmware:1.0.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24146.yaml b/http/cves/2021/CVE-2021-24146.yaml index 54bce61d752..3ecc4f1920f 100644 --- a/http/cves/2021/CVE-2021-24146.yaml +++ b/http/cves/2021/CVE-2021-24146.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24146 cwe-id: CWE-862,CWE-284 - epss-score: 0.03582 - epss-percentile: 0.90732 + epss-score: 0.02727 + epss-percentile: 0.90292 cpe: cpe:2.3:a:webnus:modern_events_calendar_lite:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24165.yaml b/http/cves/2021/CVE-2021-24165.yaml index 3c7d122fa39..23bee3ade8d 100644 --- a/http/cves/2021/CVE-2021-24165.yaml +++ b/http/cves/2021/CVE-2021-24165.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818 - https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24165 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24165 cwe-id: CWE-601 epss-score: 0.00129 - epss-percentile: 0.47461 + epss-percentile: 0.46774 cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24169.yaml b/http/cves/2021/CVE-2021-24169.yaml index b849f9285c9..f86eff0e9d4 100644 --- a/http/cves/2021/CVE-2021-24169.yaml +++ b/http/cves/2021/CVE-2021-24169.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/50324 - https://wordpress.org/plugins/woo-order-export-lite/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24169 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24169 cwe-id: CWE-79 epss-score: 0.0021 - epss-percentile: 0.58865 + epss-percentile: 0.58287 cpe: cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24214.yaml b/http/cves/2021/CVE-2021-24214.yaml index eb04c0b1824..99a2d6f8f55 100644 --- a/http/cves/2021/CVE-2021-24214.yaml +++ b/http/cves/2021/CVE-2021-24214.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/31cf0dfb-4025-4898-a5f4-fc7115565a10 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24214 - https://nvd.nist.gov/vuln/detail/CVE-2021-24214 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24214 cwe-id: CWE-79 - epss-score: 0.00317 - epss-percentile: 0.67249 + epss-score: 0.00337 + epss-percentile: 0.7074 cpe: cpe:2.3:a:daggerhartlab:openid_connect_generic_client:3.8.0:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24215.yaml b/http/cves/2021/CVE-2021-24215.yaml index 36f7cd36921..1bac2e26123 100644 --- a/http/cves/2021/CVE-2021-24215.yaml +++ b/http/cves/2021/CVE-2021-24215.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24215 cwe-id: CWE-425,CWE-284 - epss-score: 0.11443 - epss-percentile: 0.94736 + epss-score: 0.19113 + epss-percentile: 0.9615 cpe: cpe:2.3:a:wpruby:controlled_admin_access:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24226.yaml b/http/cves/2021/CVE-2021-24226.yaml index d907f94aef6..22ce35de186 100644 --- a/http/cves/2021/CVE-2021-24226.yaml +++ b/http/cves/2021/CVE-2021-24226.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24226 cwe-id: CWE-200 - epss-score: 0.03271 - epss-percentile: 0.90337 + epss-score: 0.03058 + epss-percentile: 0.90773 cpe: cpe:2.3:a:accessally:accessally:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24227.yaml b/http/cves/2021/CVE-2021-24227.yaml index feb4606a096..039954402b8 100644 --- a/http/cves/2021/CVE-2021-24227.yaml +++ b/http/cves/2021/CVE-2021-24227.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24227 cwe-id: CWE-200 - epss-score: 0.02789 - epss-percentile: 0.89603 + epss-score: 0.02607 + epss-percentile: 0.9006 cpe: cpe:2.3:a:patreon:patreon_wordpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24237.yaml b/http/cves/2021/CVE-2021-24237.yaml index 95cd74d8711..b2d56423b66 100644 --- a/http/cves/2021/CVE-2021-24237.yaml +++ b/http/cves/2021/CVE-2021-24237.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24237 cwe-id: CWE-79 epss-score: 0.00265 - epss-percentile: 0.64186 + epss-percentile: 0.65501 cpe: cpe:2.3:a:purethemes:findeo:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24245.yaml b/http/cves/2021/CVE-2021-24245.yaml index 53447e79037..3e65c3f10a9 100644 --- a/http/cves/2021/CVE-2021-24245.yaml +++ b/http/cves/2021/CVE-2021-24245.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/5e7accd6-08dc-4c6e-9d19-73e2d7e97735 - https://nvd.nist.gov/vuln/detail/CVE-2021-24245 - http://packetstormsecurity.com/files/162623/WordPress-Stop-Spammers-2021.8-Cross-Site-Scripting.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24245 cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54879 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:trumani:stop_spammers:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24274.yaml b/http/cves/2021/CVE-2021-24274.yaml index f5ffe315a6c..9d7020602b1 100644 --- a/http/cves/2021/CVE-2021-24274.yaml +++ b/http/cves/2021/CVE-2021-24274.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/200a3031-7c42-4189-96b1-bed9e0ab7c1d - http://packetstormsecurity.com/files/164316/WordPress-Ultimate-Maps-1.2.4-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-24274 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24274 cwe-id: CWE-79 - epss-score: 0.00154 - epss-percentile: 0.51591 + epss-score: 0.00201 + epss-percentile: 0.56972 cpe: cpe:2.3:a:supsystic:ultimate_maps:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24275.yaml b/http/cves/2021/CVE-2021-24275.yaml index 6f18c5b62a5..4473590ccbd 100644 --- a/http/cves/2021/CVE-2021-24275.yaml +++ b/http/cves/2021/CVE-2021-24275.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24275 cwe-id: CWE-79 - epss-score: 0.00203 - epss-percentile: 0.58305 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:supsystic:popup:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24276.yaml b/http/cves/2021/CVE-2021-24276.yaml index df91a5bdf05..05da0bf3f89 100644 --- a/http/cves/2021/CVE-2021-24276.yaml +++ b/http/cves/2021/CVE-2021-24276.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/1301123c-5e63-432a-ab90-3221ca532d9c - http://packetstormsecurity.com/files/164308/WordPress-Contact-Form-1.7.14-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-24276 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24276 cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54879 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:supsystic:contact_form:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24278.yaml b/http/cves/2021/CVE-2021-24278.yaml index 3f51903fe2c..c0595cc370a 100644 --- a/http/cves/2021/CVE-2021-24278.yaml +++ b/http/cves/2021/CVE-2021-24278.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/99f30604-d62b-4e30-afcd-b482f8d66413 - https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24278 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-24278 cwe-id: CWE-863 - epss-score: 0.06115 - epss-percentile: 0.92804 + epss-score: 0.05506 + epss-percentile: 0.93039 cpe: cpe:2.3:a:querysol:redirection_for_contact_form_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24284.yaml b/http/cves/2021/CVE-2021-24284.yaml index bdad00a7dee..dffdf89c99a 100644 --- a/http/cves/2021/CVE-2021-24284.yaml +++ b/http/cves/2021/CVE-2021-24284.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24284 cwe-id: CWE-434 - epss-score: 0.9676 - epss-percentile: 0.99595 + epss-score: 0.96657 + epss-percentile: 0.99614 cpe: cpe:2.3:a:kaswara_project:kaswara:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24286.yaml b/http/cves/2021/CVE-2021-24286.yaml index e3ad087f39f..3804f34b906 100644 --- a/http/cves/2021/CVE-2021-24286.yaml +++ b/http/cves/2021/CVE-2021-24286.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/50350 - https://nvd.nist.gov/vuln/detail/CVE-2021-24286 - https://wordpress.org/plugins/redirect-404-to-parent/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24286 cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54879 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:mooveagency:redirect_404_to_parent:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24287.yaml b/http/cves/2021/CVE-2021-24287.yaml index fcd4a53a25d..dd2d9fb9dc7 100644 --- a/http/cves/2021/CVE-2021-24287.yaml +++ b/http/cves/2021/CVE-2021-24287.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24287 cwe-id: CWE-79 - epss-score: 0.00203 - epss-percentile: 0.58305 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:mooveagency:select_all_categories_and_taxonomies\,_change_checkbox_to_radio_buttons:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24298.yaml b/http/cves/2021/CVE-2021-24298.yaml index fec99780efe..2398a39224c 100644 --- a/http/cves/2021/CVE-2021-24298.yaml +++ b/http/cves/2021/CVE-2021-24298.yaml @@ -14,13 +14,15 @@ info: - https://codevigilant.com/disclosure/2021/wp-plugin-giveasap-xss/ - https://wpscan.com/vulnerability/30aebded-3eb3-4dda-90b5-12de5e622c91 - https://nvd.nist.gov/vuln/detail/CVE-2021-24298 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24298 cwe-id: CWE-79 - epss-score: 0.00116 - epss-percentile: 0.45185 + epss-score: 0.00123 + epss-percentile: 0.45761 cpe: cpe:2.3:a:ibenic:simple_giveaways:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24300.yaml b/http/cves/2021/CVE-2021-24300.yaml index 0d3893c5a45..7f3600493cf 100644 --- a/http/cves/2021/CVE-2021-24300.yaml +++ b/http/cves/2021/CVE-2021-24300.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24300 cwe-id: CWE-79 - epss-score: 0.00259 - epss-percentile: 0.63706 + epss-score: 0.00338 + epss-percentile: 0.70768 cpe: cpe:2.3:a:pickplugins:product_slider_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24316.yaml b/http/cves/2021/CVE-2021-24316.yaml index 8d2865d6645..6a6b2bf9936 100644 --- a/http/cves/2021/CVE-2021-24316.yaml +++ b/http/cves/2021/CVE-2021-24316.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24316 cwe-id: CWE-79 - epss-score: 0.00298 - epss-percentile: 0.66299 + epss-score: 0.00317 + epss-percentile: 0.69851 cpe: cpe:2.3:a:wowthemes:mediumish:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24335.yaml b/http/cves/2021/CVE-2021-24335.yaml index 4145d723939..83d91d2c74a 100644 --- a/http/cves/2021/CVE-2021-24335.yaml +++ b/http/cves/2021/CVE-2021-24335.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24335 cwe-id: CWE-79 - epss-score: 0.0017 - epss-percentile: 0.54119 + epss-score: 0.00181 + epss-percentile: 0.54412 cpe: cpe:2.3:a:smartdatasoft:car_repair_services_\&_auto_mechanic:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24340.yaml b/http/cves/2021/CVE-2021-24340.yaml index 5e6b85f3ec0..addbff275aa 100644 --- a/http/cves/2021/CVE-2021-24340.yaml +++ b/http/cves/2021/CVE-2021-24340.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24340 cwe-id: CWE-89 - epss-score: 0.0287 - epss-percentile: 0.89694 + epss-score: 0.01937 + epss-percentile: 0.88371 cpe: cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24342.yaml b/http/cves/2021/CVE-2021-24342.yaml index 5ccdbe9558b..1fcfa36d490 100644 --- a/http/cves/2021/CVE-2021-24342.yaml +++ b/http/cves/2021/CVE-2021-24342.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/415ca763-fe65-48cb-acd3-b375a400217e - https://nvd.nist.gov/vuln/detail/CVE-2021-24342 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24342 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42876 + epss-score: 0.00113 + epss-percentile: 0.43845 cpe: cpe:2.3:a:jnews:jnews:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24351.yaml b/http/cves/2021/CVE-2021-24351.yaml index b84d81bad7b..ad3657c2694 100644 --- a/http/cves/2021/CVE-2021-24351.yaml +++ b/http/cves/2021/CVE-2021-24351.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/2ee62f85-7aea-4b7d-8b2d-5d86d9fb8016 - https://theplusaddons.com/changelog/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24351 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/JoshMorrison99/my-nuceli-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24351 cwe-id: CWE-79 - epss-score: 0.00145 - epss-percentile: 0.50234 + epss-score: 0.00154 + epss-percentile: 0.50743 cpe: cpe:2.3:a:posimyth:the_plus_addons_for_elementor:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24358.yaml b/http/cves/2021/CVE-2021-24358.yaml index 5cf5d66a85e..f0ad714c813 100644 --- a/http/cves/2021/CVE-2021-24358.yaml +++ b/http/cves/2021/CVE-2021-24358.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d - https://nvd.nist.gov/vuln/detail/CVE-2021-24358 - https://theplusaddons.com/changelog/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24358 cwe-id: CWE-601 - epss-score: 0.00255 - epss-percentile: 0.63338 + epss-score: 0.00329 + epss-percentile: 0.70388 cpe: cpe:2.3:a:posimyth:the_plus_addons_for_elementor:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24364.yaml b/http/cves/2021/CVE-2021-24364.yaml index 9eadf5aadd1..b9aeb55cd1b 100644 --- a/http/cves/2021/CVE-2021-24364.yaml +++ b/http/cves/2021/CVE-2021-24364.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-24364 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ARPSyndicate/cvemon + - https://github.com/crpytoscooby/resourses_web classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24364 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42939 + epss-score: 0.00113 + epss-percentile: 0.43845 cpe: cpe:2.3:a:tielabs:jannah:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24370.yaml b/http/cves/2021/CVE-2021-24370.yaml index 94cfbc5f3ee..27075a2916a 100644 --- a/http/cves/2021/CVE-2021-24370.yaml +++ b/http/cves/2021/CVE-2021-24370.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24370 cwe-id: CWE-434 - epss-score: 0.1228 - epss-percentile: 0.94912 + epss-score: 0.11015 + epss-percentile: 0.95013 cpe: cpe:2.3:a:radykal:fancy_product_designer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24387.yaml b/http/cves/2021/CVE-2021-24387.yaml index 6a2f2310874..b4e94057eaa 100644 --- a/http/cves/2021/CVE-2021-24387.yaml +++ b/http/cves/2021/CVE-2021-24387.yaml @@ -15,13 +15,14 @@ info: - https://wpscan.com/vulnerability/27264f30-71d5-4d2b-8f36-4009a2be6745 - https://contempothemes.com/wp-real-estate-7/changelog/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24387 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24387 cwe-id: CWE-79 - epss-score: 0.00145 - epss-percentile: 0.50234 + epss-score: 0.00154 + epss-percentile: 0.50743 cpe: cpe:2.3:a:contempothemes:real_estate_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24389.yaml b/http/cves/2021/CVE-2021-24389.yaml index 535e249c31c..aa6c3b8b1ca 100644 --- a/http/cves/2021/CVE-2021-24389.yaml +++ b/http/cves/2021/CVE-2021-24389.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24389 cwe-id: CWE-79 - epss-score: 0.00158 - epss-percentile: 0.52233 + epss-score: 0.00168 + epss-percentile: 0.526 cpe: cpe:2.3:a:chimpgroup:foodbakery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24406.yaml b/http/cves/2021/CVE-2021-24406.yaml index 16d37241ffd..719b72a6a63 100644 --- a/http/cves/2021/CVE-2021-24406.yaml +++ b/http/cves/2021/CVE-2021-24406.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/a9284931-555b-4c96-86a3-09e1040b0388 - https://nvd.nist.gov/vuln/detail/CVE-2021-24406 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24406 cwe-id: CWE-601 - epss-score: 0.0015 - epss-percentile: 0.51077 + epss-score: 0.00137 + epss-percentile: 0.48279 cpe: cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24407.yaml b/http/cves/2021/CVE-2021-24407.yaml index 5680f247181..c91e2938d58 100644 --- a/http/cves/2021/CVE-2021-24407.yaml +++ b/http/cves/2021/CVE-2021-24407.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24407 cwe-id: CWE-79 - epss-score: 0.00161 - epss-percentile: 0.52665 + epss-score: 0.00207 + epss-percentile: 0.58055 cpe: cpe:2.3:a:tielabs:jannah:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24409.yaml b/http/cves/2021/CVE-2021-24409.yaml index 4b4462a64aa..1a920bc8258 100644 --- a/http/cves/2021/CVE-2021-24409.yaml +++ b/http/cves/2021/CVE-2021-24409.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24409 cwe-id: CWE-79 - epss-score: 0.00188 - epss-percentile: 0.5634 + epss-score: 0.00161 + epss-percentile: 0.51755 cpe: cpe:2.3:a:plugin-planet:prismatic:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24435.yaml b/http/cves/2021/CVE-2021-24435.yaml index 32450ca6251..0e6b5637584 100644 --- a/http/cves/2021/CVE-2021-24435.yaml +++ b/http/cves/2021/CVE-2021-24435.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24435 cwe-id: CWE-79 epss-score: 0.0014 - epss-percentile: 0.49496 + epss-percentile: 0.4866 cpe: cpe:2.3:a:gambit:titan_framework:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24436.yaml b/http/cves/2021/CVE-2021-24436.yaml index e2e7655176b..a25d21f9246 100644 --- a/http/cves/2021/CVE-2021-24436.yaml +++ b/http/cves/2021/CVE-2021-24436.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24436 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40831 + epss-percentile: 0.4009 cpe: cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24442.yaml b/http/cves/2021/CVE-2021-24442.yaml index 8fbe8ba8648..2a85fac71df 100644 --- a/http/cves/2021/CVE-2021-24442.yaml +++ b/http/cves/2021/CVE-2021-24442.yaml @@ -26,7 +26,7 @@ info: product: poll\,_survey\,_questionnaire_and_voting_system framework: wordpress publicwww-query: "/wp-content/plugins/polls-widget/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wpscan,wordpress,polls-widget,sqli + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli http: - raw: diff --git a/http/cves/2021/CVE-2021-24472.yaml b/http/cves/2021/CVE-2021-24472.yaml index cce078595f6..4e51c072434 100644 --- a/http/cves/2021/CVE-2021-24472.yaml +++ b/http/cves/2021/CVE-2021-24472.yaml @@ -13,13 +13,15 @@ info: reference: - https://wpscan.com/vulnerability/17591ac5-88fa-4cae-a61a-4dcf5dc0b72a - https://nvd.nist.gov/vuln/detail/CVE-2021-24472 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-24472 cwe-id: CWE-918 - epss-score: 0.03476 - epss-percentile: 0.90575 + epss-score: 0.04362 + epss-percentile: 0.92159 cpe: cpe:2.3:a:qantumthemes:kentharadio:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24495.yaml b/http/cves/2021/CVE-2021-24495.yaml index cc56af88991..e069f58f6ff 100644 --- a/http/cves/2021/CVE-2021-24495.yaml +++ b/http/cves/2021/CVE-2021-24495.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/marmoset-viewer/#developers - https://wpscan.com/vulnerability/d11b79a3-f762-49ab-b7c8-3174624d7638 - https://nvd.nist.gov/vuln/detail/CVE-2021-24495 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24495 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45185 + epss-percentile: 0.44405 cpe: cpe:2.3:a:marmoset:marmoset_viewer:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24498.yaml b/http/cves/2021/CVE-2021-24498.yaml index 4132003a4ac..e6f98d894c1 100644 --- a/http/cves/2021/CVE-2021-24498.yaml +++ b/http/cves/2021/CVE-2021-24498.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24498 cwe-id: CWE-79 - epss-score: 0.00188 - epss-percentile: 0.5634 + epss-score: 0.00161 + epss-percentile: 0.51755 cpe: cpe:2.3:a:dwbooster:calendar_event_multi_view:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24499.yaml b/http/cves/2021/CVE-2021-24499.yaml index 0dfa76d1ae4..2c2db7adc3c 100644 --- a/http/cves/2021/CVE-2021-24499.yaml +++ b/http/cves/2021/CVE-2021-24499.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24499 cwe-id: CWE-434 - epss-score: 0.1914 - epss-percentile: 0.95833 + epss-score: 0.16767 + epss-percentile: 0.9591 cpe: cpe:2.3:a:amentotech:workreap:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24627.yaml b/http/cves/2021/CVE-2021-24627.yaml index 4f2fc3d6cca..9d6f5e02754 100644 --- a/http/cves/2021/CVE-2021-24627.yaml +++ b/http/cves/2021/CVE-2021-24627.yaml @@ -16,8 +16,8 @@ info: cvss-score: 7.2 cve-id: CVE-2021-24627 cwe-id: CWE-89 - epss-score: 0.15547 - epss-percentile: 0.9542 + epss-score: 0.14515 + epss-percentile: 0.95609 cpe: cpe:2.3:a:g_auto-hyperlink_project:g_auto-hyperlink:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24647.yaml b/http/cves/2021/CVE-2021-24647.yaml index 53ea093f298..73efe5ee6ec 100644 --- a/http/cves/2021/CVE-2021-24647.yaml +++ b/http/cves/2021/CVE-2021-24647.yaml @@ -18,8 +18,8 @@ info: cvss-score: 8.1 cve-id: CVE-2021-24647 cwe-id: CWE-287 - epss-score: 0.2135 - epss-percentile: 0.95991 + epss-score: 0.22598 + epss-percentile: 0.96397 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-24666.yaml b/http/cves/2021/CVE-2021-24666.yaml index fe56a7988ae..6c6f541047d 100644 --- a/http/cves/2021/CVE-2021-24666.yaml +++ b/http/cves/2021/CVE-2021-24666.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24666 cwe-id: CWE-89 - epss-score: 0.23542 - epss-percentile: 0.96151 + epss-score: 0.28174 + epss-percentile: 0.96727 cpe: cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24731.yaml b/http/cves/2021/CVE-2021-24731.yaml index 4c8e75beba9..bd9f950b46b 100644 --- a/http/cves/2021/CVE-2021-24731.yaml +++ b/http/cves/2021/CVE-2021-24731.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-24731 cwe-id: CWE-89 epss-score: 0.14786 - epss-percentile: 0.95303 + epss-percentile: 0.95651 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-24746.yaml b/http/cves/2021/CVE-2021-24746.yaml index f3fb80b7197..5d2d400e9f4 100644 --- a/http/cves/2021/CVE-2021-24746.yaml +++ b/http/cves/2021/CVE-2021-24746.yaml @@ -12,13 +12,14 @@ info: reference: - https://wpscan.com/vulnerability/99f4fb32-e312-4059-adaf-f4cbaa92d4fa - https://nvd.nist.gov/vuln/detail/CVE-2021-24746 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24746 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:heateor:sassy_social_share:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24791.yaml b/http/cves/2021/CVE-2021-24791.yaml index 7dd4576bf78..13c2115b579 100644 --- a/http/cves/2021/CVE-2021-24791.yaml +++ b/http/cves/2021/CVE-2021-24791.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2021-24791 cwe-id: CWE-89 epss-score: 0.10363 - epss-percentile: 0.94471 + epss-percentile: 0.94849 cpe: cpe:2.3:a:draftpress:header_footer_code_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24849.yaml b/http/cves/2021/CVE-2021-24849.yaml index 9d11f206648..65ddc04984f 100644 --- a/http/cves/2021/CVE-2021-24849.yaml +++ b/http/cves/2021/CVE-2021-24849.yaml @@ -6,28 +6,27 @@ info: severity: critical description: | The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections. + remediation: Fixed in 3.4.12 reference: - https://wpscan.com/vulnerability/763c08a0-4b2b-4487-b91c-be6cc2b9322e/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24849 - https://wordpress.org/plugins/wc-multivendor-marketplace/ - remediation: Fixed in 3.4.12 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-24849 cwe-id: CWE-89 + epss-score: 0.02367 + epss-percentile: 0.89583 cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:* - epss-score: 0.00199 - epss-percentile: 0.56492 metadata: - product: "frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible" - framework: wordpress - publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace" verified: true max-request: 3 vendor: wclovers - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,wpscan,sqli - + product: "frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible" + framework: wordpress + publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace" + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24910.yaml b/http/cves/2021/CVE-2021-24910.yaml index fe1843aab44..e66277d8157 100644 --- a/http/cves/2021/CVE-2021-24910.yaml +++ b/http/cves/2021/CVE-2021-24910.yaml @@ -14,13 +14,14 @@ info: - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-24910.txt - https://wpscan.com/vulnerability/b5cbebf4-5749-41a0-8be3-3333853fca17 - https://nvd.nist.gov/vuln/detail/CVE-2021-24910 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24910 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.40139 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:transposh:transposh_wordpress_translation:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24926.yaml b/http/cves/2021/CVE-2021-24926.yaml index 3f7e12468ce..ca1362b8f11 100644 --- a/http/cves/2021/CVE-2021-24926.yaml +++ b/http/cves/2021/CVE-2021-24926.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-24926 cwe-id: CWE-79 epss-score: 0.00171 - epss-percentile: 0.54212 + epss-percentile: 0.53153 cpe: cpe:2.3:a:domaincheckplugin:domain_check:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24943.yaml b/http/cves/2021/CVE-2021-24943.yaml index 771bc99857d..00d9c0f226c 100644 --- a/http/cves/2021/CVE-2021-24943.yaml +++ b/http/cves/2021/CVE-2021-24943.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24943 cwe-id: CWE-89 - epss-score: 0.00199 - epss-percentile: 0.56492 + epss-score: 0.21158 + epss-percentile: 0.96299 cpe: cpe:2.3:a:roundupwp:registrations_for_the_events_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,8 +26,7 @@ info: product: registrations_for_the_events_calendar framework: wordpress publicwww-query: "/wp-content/plugins/registrations-for-the-events-calendar/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wpscan,wordpress,sqli,registrations-for-the-events-calendar - + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar variables: text: "{{rand_base(5)}}" diff --git a/http/cves/2021/CVE-2021-24947.yaml b/http/cves/2021/CVE-2021-24947.yaml index 85cfd7ca45d..86062c7e38c 100644 --- a/http/cves/2021/CVE-2021-24947.yaml +++ b/http/cves/2021/CVE-2021-24947.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-24947 cwe-id: CWE-352,CWE-863 - epss-score: 0.00327 - epss-percentile: 0.67893 + epss-score: 0.00315 + epss-percentile: 0.69672 cpe: cpe:2.3:a:thinkupthemes:responsive_vector_maps:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24956.yaml b/http/cves/2021/CVE-2021-24956.yaml index 825e15e3a0f..c11f5edaef8 100644 --- a/http/cves/2021/CVE-2021-24956.yaml +++ b/http/cves/2021/CVE-2021-24956.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-24956 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24987.yaml b/http/cves/2021/CVE-2021-24987.yaml index 3c24e128e2b..d9ea4c95121 100644 --- a/http/cves/2021/CVE-2021-24987.yaml +++ b/http/cves/2021/CVE-2021-24987.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-24987 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35828 + epss-percentile: 0.35299 cpe: cpe:2.3:a:heateor:super_socializer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24991.yaml b/http/cves/2021/CVE-2021-24991.yaml index 2b9efd34121..2afc8f184d6 100644 --- a/http/cves/2021/CVE-2021-24991.yaml +++ b/http/cves/2021/CVE-2021-24991.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-24991 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.2874 + epss-percentile: 0.28508 cpe: cpe:2.3:a:wpovernight:woocommerce_pdf_invoices\&_packing_slips:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24997.yaml b/http/cves/2021/CVE-2021-24997.yaml index cde753aa6ae..bb8175be6f2 100644 --- a/http/cves/2021/CVE-2021-24997.yaml +++ b/http/cves/2021/CVE-2021-24997.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-24997 cwe-id: CWE-862 - epss-score: 0.00224 - epss-percentile: 0.60766 + epss-score: 0.0019 + epss-percentile: 0.55517 cpe: cpe:2.3:a:wp-guppy:wp_guppy:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25003.yaml b/http/cves/2021/CVE-2021-25003.yaml index 101b251f865..48cb2bc7511 100644 --- a/http/cves/2021/CVE-2021-25003.yaml +++ b/http/cves/2021/CVE-2021-25003.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/5c21ad35-b2fb-4a51-858f-8ffff685de4a - https://wordpress.org/plugins/wpcargo/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25003 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/WhooAmii/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-25003 cwe-id: CWE-434,CWE-94 epss-score: 0.61252 - epss-percentile: 0.97521 + epss-percentile: 0.97725 cpe: cpe:2.3:a:wptaskforce:wpcargo_track_\&_trace:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25008.yaml b/http/cves/2021/CVE-2021-25008.yaml index 517d6a78ff0..93bf1fa0d81 100644 --- a/http/cves/2021/CVE-2021-25008.yaml +++ b/http/cves/2021/CVE-2021-25008.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25008 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:codesnippets:code_snippets:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25016.yaml b/http/cves/2021/CVE-2021-25016.yaml index 83f209e1b7c..b2be9f2aec3 100644 --- a/http/cves/2021/CVE-2021-25016.yaml +++ b/http/cves/2021/CVE-2021-25016.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2021-25016 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:premio:chaty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25033.yaml b/http/cves/2021/CVE-2021-25033.yaml index 40a35020adc..fa4913fc626 100644 --- a/http/cves/2021/CVE-2021-25033.yaml +++ b/http/cves/2021/CVE-2021-25033.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25033 cwe-id: CWE-601 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:noptin:noptin:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25052.yaml b/http/cves/2021/CVE-2021-25052.yaml index 80bb63b12bc..2f5dbaeae15 100644 --- a/http/cves/2021/CVE-2021-25052.yaml +++ b/http/cves/2021/CVE-2021-25052.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/a01844a0-0c43-4d96-b738-57fe5bfbd67a - https://nvd.nist.gov/vuln/detail/CVE-2021-25052 - https://plugins.trac.wordpress.org/changeset/2641639/button-generation + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2021-25052 cwe-id: CWE-352 epss-score: 0.01998 - epss-percentile: 0.87597 + epss-percentile: 0.88568 cpe: cpe:2.3:a:wow-company:button_generator:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25055.yaml b/http/cves/2021/CVE-2021-25055.yaml index 2e4d40182b6..32a8c415fe5 100644 --- a/http/cves/2021/CVE-2021-25055.yaml +++ b/http/cves/2021/CVE-2021-25055.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-25055 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:feedwordpress_project:feedwordpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25065.yaml b/http/cves/2021/CVE-2021-25065.yaml index c8c93db389a..6a6370d87b2 100644 --- a/http/cves/2021/CVE-2021-25065.yaml +++ b/http/cves/2021/CVE-2021-25065.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-25065 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.285 + epss-percentile: 0.2831 cpe: cpe:2.3:a:smashballoon:smash_balloon_social_post_feed:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25074.yaml b/http/cves/2021/CVE-2021-25074.yaml index 33e0067c632..296dee0e351 100644 --- a/http/cves/2021/CVE-2021-25074.yaml +++ b/http/cves/2021/CVE-2021-25074.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/f3c0a155-9563-4533-97d4-03b9bac83164 - https://nvd.nist.gov/vuln/detail/CVE-2021-25074 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25074 cwe-id: CWE-601 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:webp_converter_for_media_project:webp_converter_for_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25075.yaml b/http/cves/2021/CVE-2021-25075.yaml index db9150dcfaf..e90cb2bc4dd 100644 --- a/http/cves/2021/CVE-2021-25075.yaml +++ b/http/cves/2021/CVE-2021-25075.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/db5a0431-af4d-45b7-be4e-36b6c90a601b - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25075 - https://nvd.nist.gov/vuln/detail/CVE-2021-25075 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/kazet/wpgarlic classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N cvss-score: 3.5 cve-id: CVE-2021-25075 cwe-id: CWE-862 epss-score: 0.00071 - epss-percentile: 0.29136 + epss-percentile: 0.28959 cpe: cpe:2.3:a:wpdevart:duplicate_page_or_post:*:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-25078.yaml b/http/cves/2021/CVE-2021-25078.yaml index 4e9efdda47d..cfe38989dd1 100644 --- a/http/cves/2021/CVE-2021-25078.yaml +++ b/http/cves/2021/CVE-2021-25078.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25078 cwe-id: CWE-79 epss-score: 0.00382 - epss-percentile: 0.70275 + epss-percentile: 0.72505 cpe: cpe:2.3:a:wpaffiliatemanager:affiliates_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25085.yaml b/http/cves/2021/CVE-2021-25085.yaml index 098c9efebca..f30e7e60bd4 100644 --- a/http/cves/2021/CVE-2021-25085.yaml +++ b/http/cves/2021/CVE-2021-25085.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/b7dd81c6-6af1-4976-b928-421ca69bfa90 - https://plugins.trac.wordpress.org/changeset/2648751 - https://nvd.nist.gov/vuln/detail/CVE-2021-25085 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25085 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:pluginus:woocommerce_products_filter:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25099.yaml b/http/cves/2021/CVE-2021-25099.yaml index 39a93fd1dd4..b5a79002f53 100644 --- a/http/cves/2021/CVE-2021-25099.yaml +++ b/http/cves/2021/CVE-2021-25099.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/give/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25099 - https://plugins.trac.wordpress.org/changeset/2659032 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25099 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25104.yaml b/http/cves/2021/CVE-2021-25104.yaml index e5ebd9a36ec..31b18cc6298 100644 --- a/http/cves/2021/CVE-2021-25104.yaml +++ b/http/cves/2021/CVE-2021-25104.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/2ee6f1d8-3803-42f6-9193-3dd8f416b558 - https://wordpress.org/plugins/ocean-extra/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25104 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25104 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:oceanwp:ocean_extra:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25111.yaml b/http/cves/2021/CVE-2021-25111.yaml index 687e29af619..c0a2cde3d8b 100644 --- a/http/cves/2021/CVE-2021-25111.yaml +++ b/http/cves/2021/CVE-2021-25111.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-25111 cwe-id: CWE-601 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:english_wordpress_admin_project:english_wordpress_admin:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25112.yaml b/http/cves/2021/CVE-2021-25112.yaml index dda46650179..166af1dcb37 100644 --- a/http/cves/2021/CVE-2021-25112.yaml +++ b/http/cves/2021/CVE-2021-25112.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c - https://plugins.trac.wordpress.org/changeset/2659751 - https://nvd.nist.gov/vuln/detail/CVE-2021-25112 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25112 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:i-plugins:whmcs_bridge:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25114.yaml b/http/cves/2021/CVE-2021-25114.yaml index 6bd96efac4d..09e2f4dcd50 100644 --- a/http/cves/2021/CVE-2021-25114.yaml +++ b/http/cves/2021/CVE-2021-25114.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/paid-memberships-pro/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25114 - https://www.paidmembershipspro.com/pmpro-update-2-6-7-security-release/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-25114 cwe-id: CWE-89 - epss-score: 0.04131 - epss-percentile: 0.9129 + epss-score: 0.0412 + epss-percentile: 0.91962 cpe: cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25118.yaml b/http/cves/2021/CVE-2021-25118.yaml index f20046a21f7..c3ea4673f5a 100644 --- a/http/cves/2021/CVE-2021-25118.yaml +++ b/http/cves/2021/CVE-2021-25118.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550 - https://plugins.trac.wordpress.org/changeset/2608691 - https://nvd.nist.gov/vuln/detail/CVE-2021-25118 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-25118 cwe-id: CWE-200 - epss-score: 0.00155 - epss-percentile: 0.51756 + epss-score: 0.00173 + epss-percentile: 0.5348 cpe: cpe:2.3:a:yoast:yoast_seo:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25120.yaml b/http/cves/2021/CVE-2021-25120.yaml index e95d7b35339..5373039add5 100644 --- a/http/cves/2021/CVE-2021-25120.yaml +++ b/http/cves/2021/CVE-2021-25120.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-25120 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:easysocialfeed:easy_social_feed:*:*:*:*:pro:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25281.yaml b/http/cves/2021/CVE-2021-25281.yaml index 6ef39f6cff2..7cfc5d110d5 100644 --- a/http/cves/2021/CVE-2021-25281.yaml +++ b/http/cves/2021/CVE-2021-25281.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-25281 cwe-id: CWE-287 - epss-score: 0.85046 - epss-percentile: 0.98273 + epss-score: 0.87406 + epss-percentile: 0.98556 cpe: cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25297.yaml b/http/cves/2021/CVE-2021-25297.yaml index d1bcd46cac8..5bb12e1f47c 100644 --- a/http/cves/2021/CVE-2021-25297.yaml +++ b/http/cves/2021/CVE-2021-25297.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-25297 cwe-id: CWE-78 - epss-score: 0.89514 - epss-percentile: 0.98532 + epss-score: 0.90211 + epss-percentile: 0.98732 cpe: cpe:2.3:a:nagios:nagios_xi:5.7.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25646.yaml b/http/cves/2021/CVE-2021-25646.yaml index 564fb6085cb..c7054bb5703 100644 --- a/http/cves/2021/CVE-2021-25646.yaml +++ b/http/cves/2021/CVE-2021-25646.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-25646 cwe-id: CWE-732 - epss-score: 0.97324 - epss-percentile: 0.99865 + epss-score: 0.97323 + epss-percentile: 0.99871 cpe: cpe:2.3:a:apache:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25864.yaml b/http/cves/2021/CVE-2021-25864.yaml index 0b541ba0aa6..83e4ba42e7a 100644 --- a/http/cves/2021/CVE-2021-25864.yaml +++ b/http/cves/2021/CVE-2021-25864.yaml @@ -12,13 +12,15 @@ info: reference: - https://github.com/Foddy/node-red-contrib-huemagic/issues/217 - https://nvd.nist.gov/vuln/detail/CVE-2021-25864 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-25864 cwe-id: CWE-22 - epss-score: 0.33276 - epss-percentile: 0.96644 + epss-score: 0.29108 + epss-percentile: 0.96769 cpe: cpe:2.3:a:dgtl:huemagic:3.0.0:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25899.yaml b/http/cves/2021/CVE-2021-25899.yaml index 23182b7cb95..89a2517ce13 100644 --- a/http/cves/2021/CVE-2021-25899.yaml +++ b/http/cves/2021/CVE-2021-25899.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-25899 cwe-id: CWE-89 - epss-score: 0.53647 - epss-percentile: 0.97334 + epss-score: 0.50721 + epss-percentile: 0.9747 cpe: cpe:2.3:a:void:aurall_rec_monitor:9.0.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26084.yaml b/http/cves/2021/CVE-2021-26084.yaml index a5007847b0e..9afb52671f3 100644 --- a/http/cves/2021/CVE-2021-26084.yaml +++ b/http/cves/2021/CVE-2021-26084.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-26084 cwe-id: CWE-917 - epss-score: 0.97235 - epss-percentile: 0.99813 + epss-score: 0.97414 + epss-percentile: 0.99924 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: max-request: 13 diff --git a/http/cves/2021/CVE-2021-26247.yaml b/http/cves/2021/CVE-2021-26247.yaml index 0c0f98090dd..28e40ebb523 100644 --- a/http/cves/2021/CVE-2021-26247.yaml +++ b/http/cves/2021/CVE-2021-26247.yaml @@ -12,13 +12,15 @@ info: reference: - https://www.cacti.net/info/changelog - https://nvd.nist.gov/vuln/detail/CVE-2021-26247 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-26247 cwe-id: CWE-79 epss-score: 0.00255 - epss-percentile: 0.63314 + epss-percentile: 0.647 cpe: cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26294.yaml b/http/cves/2021/CVE-2021-26294.yaml index 2b467d514c5..bf62995225e 100644 --- a/http/cves/2021/CVE-2021-26294.yaml +++ b/http/cves/2021/CVE-2021-26294.yaml @@ -9,13 +9,16 @@ info: reference: - https://github.com/E3SEC/AfterLogic/blob/main/CVE-2021-26294-exposure-of-sensitive-information-vulnerability.md - https://nvd.nist.gov/vuln/detail/CVE-2021-26294 + - https://github.com/Threekiii/Awesome-POC + - https://github.com/soosmile/POC + - https://github.com/tzwlhack/Vulnerability classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-26294 cwe-id: CWE-22 - epss-score: 0.23427 - epss-percentile: 0.96125 + epss-score: 0.25543 + epss-percentile: 0.96591 cpe: cpe:2.3:a:afterlogic:aurora:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-26295.yaml b/http/cves/2021/CVE-2021-26295.yaml index 41a7b184921..d5e81928ecd 100644 --- a/http/cves/2021/CVE-2021-26295.yaml +++ b/http/cves/2021/CVE-2021-26295.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-26295 cwe-id: CWE-502 - epss-score: 0.97458 - epss-percentile: 0.99953 + epss-score: 0.97465 + epss-percentile: 0.99956 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-26475.yaml b/http/cves/2021/CVE-2021-26475.yaml index 9985d391d72..5dfb174b9f6 100644 --- a/http/cves/2021/CVE-2021-26475.yaml +++ b/http/cves/2021/CVE-2021-26475.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-26475 cwe-id: CWE-79 epss-score: 0.00187 - epss-percentile: 0.56089 + epss-percentile: 0.55045 cpe: cpe:2.3:a:eprints:eprints:3.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26702.yaml b/http/cves/2021/CVE-2021-26702.yaml index 0302f05d1ad..e9eafe221e2 100644 --- a/http/cves/2021/CVE-2021-26702.yaml +++ b/http/cves/2021/CVE-2021-26702.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-26702 cwe-id: CWE-79 epss-score: 0.00187 - epss-percentile: 0.56089 + epss-percentile: 0.55045 cpe: cpe:2.3:a:eprints:eprints:3.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26855.yaml b/http/cves/2021/CVE-2021-26855.yaml index ea5d3389557..9d5bc94aa92 100644 --- a/http/cves/2021/CVE-2021-26855.yaml +++ b/http/cves/2021/CVE-2021-26855.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.1 cve-id: CVE-2021-26855 cwe-id: CWE-918 - epss-score: 0.97468 - epss-percentile: 0.99958 + epss-score: 0.97507 + epss-percentile: 0.9998 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_21:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27124.yaml b/http/cves/2021/CVE-2021-27124.yaml index a196256b635..410f97abc84 100644 --- a/http/cves/2021/CVE-2021-27124.yaml +++ b/http/cves/2021/CVE-2021-27124.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-27124 cwe-id: CWE-89 - epss-score: 0.01677 - epss-percentile: 0.86307 + epss-score: 0.01251 + epss-percentile: 0.85241 cpe: cpe:2.3:a:doctor_appointment_system_project:doctor_appointment_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-27132.yaml b/http/cves/2021/CVE-2021-27132.yaml index 14375f3e360..6be7e6fd8e0 100644 --- a/http/cves/2021/CVE-2021-27132.yaml +++ b/http/cves/2021/CVE-2021-27132.yaml @@ -13,13 +13,15 @@ info: - https://cybertuz.com/blog/post/crlf-injection-CVE-2021-27132 - http://sercomm.com - https://nvd.nist.gov/vuln/detail/CVE-2021-27132 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27132 cwe-id: CWE-74 - epss-score: 0.02853 - epss-percentile: 0.8967 + epss-score: 0.04569 + epss-percentile: 0.92334 cpe: cpe:2.3:o:sercomm:agcombo_vd625_firmware:agsot_2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27315.yaml b/http/cves/2021/CVE-2021-27315.yaml index 92e3db1739b..506ef7acfba 100644 --- a/http/cves/2021/CVE-2021-27315.yaml +++ b/http/cves/2021/CVE-2021-27315.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-27315 cwe-id: CWE-89 - epss-score: 0.08052 - epss-percentile: 0.9371 + epss-score: 0.06768 + epss-percentile: 0.93718 cpe: cpe:2.3:a:doctor_appointment_system_project:doctor_appointment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27316.yaml b/http/cves/2021/CVE-2021-27316.yaml index f21fcde33f1..06e4ab4c042 100644 --- a/http/cves/2021/CVE-2021-27316.yaml +++ b/http/cves/2021/CVE-2021-27316.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-27316 cwe-id: CWE-89 - epss-score: 0.08052 - epss-percentile: 0.93683 + epss-score: 0.06768 + epss-percentile: 0.93718 cpe: cpe:2.3:a:doctor_appointment_system_project:doctor_appointment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27330.yaml b/http/cves/2021/CVE-2021-27330.yaml index 0cc02a4159a..081299611d3 100644 --- a/http/cves/2021/CVE-2021-27330.yaml +++ b/http/cves/2021/CVE-2021-27330.yaml @@ -15,13 +15,14 @@ info: - http://www.triconsole.com/ - http://www.triconsole.com/php/calendar_datepicker.php - https://nvd.nist.gov/vuln/detail/CVE-2021-27330 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-27330 cwe-id: CWE-79 epss-score: 0.00437 - epss-percentile: 0.72015 + epss-percentile: 0.74213 cpe: cpe:2.3:a:triconsole:datepicker_calendar:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27358.yaml b/http/cves/2021/CVE-2021-27358.yaml index d004edb04c3..51f2de7ccda 100644 --- a/http/cves/2021/CVE-2021-27358.yaml +++ b/http/cves/2021/CVE-2021-27358.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-27358 cwe-id: CWE-306 - epss-score: 0.02992 - epss-percentile: 0.89874 + epss-score: 0.02415 + epss-percentile: 0.89689 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27519.yaml b/http/cves/2021/CVE-2021-27519.yaml index 11a9cb000dd..f52b26f4dbd 100644 --- a/http/cves/2021/CVE-2021-27519.yaml +++ b/http/cves/2021/CVE-2021-27519.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-27519 cwe-id: CWE-79 epss-score: 0.00217 - epss-percentile: 0.59704 + epss-percentile: 0.59015 cpe: cpe:2.3:a:fudforum:fudforum:3.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27520.yaml b/http/cves/2021/CVE-2021-27520.yaml index 0410bda5477..8c8bf8d6403 100644 --- a/http/cves/2021/CVE-2021-27520.yaml +++ b/http/cves/2021/CVE-2021-27520.yaml @@ -15,13 +15,14 @@ info: - https://github.com/fudforum/FUDforum/issues/2 - http://packetstormsecurity.com/files/162942/FUDForum-3.1.0-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-27520 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-27520 cwe-id: CWE-79 epss-score: 0.00217 - epss-percentile: 0.59618 + epss-percentile: 0.59015 cpe: cpe:2.3:a:fudforum:fudforum:3.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27651.yaml b/http/cves/2021/CVE-2021-27651.yaml index e45d2761c2a..bba5841bad8 100644 --- a/http/cves/2021/CVE-2021-27651.yaml +++ b/http/cves/2021/CVE-2021-27651.yaml @@ -13,13 +13,15 @@ info: - https://github.com/samwcyo/CVE-2021-27651-PoC/blob/main/RCE.md - https://nvd.nist.gov/vuln/detail/CVE-2021-27651 - https://collaborate.pega.com/discussion/pega-security-advisory-a21-hotfix-matrix + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/orangmuda/CVE-2021-27651 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27651 cwe-id: CWE-287 - epss-score: 0.04655 - epss-percentile: 0.9176 + epss-score: 0.07705 + epss-percentile: 0.94021 cpe: cpe:2.3:a:pega:infinity:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27670.yaml b/http/cves/2021/CVE-2021-27670.yaml index 048c084e8d1..fb60bb18efa 100644 --- a/http/cves/2021/CVE-2021-27670.yaml +++ b/http/cves/2021/CVE-2021-27670.yaml @@ -12,13 +12,16 @@ info: reference: - https://github.com/h3110mb/PoCSSrfApp - https://nvd.nist.gov/vuln/detail/CVE-2021-27670 + - https://github.com/ArrestX/--POC + - https://github.com/KayCHENvip/vulnerability-poc + - https://github.com/Miraitowa70/POC-Notes classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27670 cwe-id: CWE-918 - epss-score: 0.43531 - epss-percentile: 0.97021 + epss-score: 0.58348 + epss-percentile: 0.97664 cpe: cpe:2.3:a:appspace:appspace:6.2.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-28149.yaml b/http/cves/2021/CVE-2021-28149.yaml index 59a3b41ce5b..8dbf1d1c9ce 100644 --- a/http/cves/2021/CVE-2021-28149.yaml +++ b/http/cves/2021/CVE-2021-28149.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-28149 cwe-id: CWE-22 epss-score: 0.05499 - epss-percentile: 0.92473 + epss-percentile: 0.93036 cpe: cpe:2.3:o:hongdian:h8922_firmware:3.0.5:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-28164.yaml b/http/cves/2021/CVE-2021-28164.yaml index dc386d36e26..71d0cba7d8a 100644 --- a/http/cves/2021/CVE-2021-28164.yaml +++ b/http/cves/2021/CVE-2021-28164.yaml @@ -21,15 +21,14 @@ info: cvss-score: 5.3 cve-id: CVE-2021-28164 cwe-id: CWE-200,NVD-CWE-Other - epss-score: 0.03819 - epss-percentile: 0.9092 + epss-score: 0.04805 + epss-percentile: 0.9254 cpe: cpe:2.3:a:eclipse:jetty:9.4.37:20210219:*:*:*:*:*:* metadata: max-request: 2 vendor: eclipse product: jetty tags: cve2021,cve,packetstorm,vulhub,jetty,exposure,eclipse - flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-29156.yaml b/http/cves/2021/CVE-2021-29156.yaml index 21b4918acae..5ff78f4069d 100644 --- a/http/cves/2021/CVE-2021-29156.yaml +++ b/http/cves/2021/CVE-2021-29156.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-29156 cwe-id: CWE-74 - epss-score: 0.33973 - epss-percentile: 0.96686 + epss-score: 0.30859 + epss-percentile: 0.96857 cpe: cpe:2.3:a:forgerock:openam:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-29441.yaml b/http/cves/2021/CVE-2021-29441.yaml index c8fa687cf5f..06dacca3801 100644 --- a/http/cves/2021/CVE-2021-29441.yaml +++ b/http/cves/2021/CVE-2021-29441.yaml @@ -27,8 +27,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-29441 cwe-id: CWE-290 - epss-score: 0.96709 - epss-percentile: 0.99582 + epss-score: 0.96598 + epss-percentile: 0.99603 cpe: cpe:2.3:a:alibaba:nacos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-29490.yaml b/http/cves/2021/CVE-2021-29490.yaml index a3232698c66..8f182051242 100644 --- a/http/cves/2021/CVE-2021-29490.yaml +++ b/http/cves/2021/CVE-2021-29490.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-29490 cwe-id: CWE-918 epss-score: 0.00159 - epss-percentile: 0.52386 + epss-percentile: 0.51433 cpe: cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-3002.yaml b/http/cves/2021/CVE-2021-3002.yaml index 1862721349b..457f2bff2d0 100644 --- a/http/cves/2021/CVE-2021-3002.yaml +++ b/http/cves/2021/CVE-2021-3002.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3002 cwe-id: CWE-79 epss-score: 0.00143 - epss-percentile: 0.50151 + epss-percentile: 0.49273 cpe: cpe:2.3:a:seopanel:seo_panel:4.8.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30049.yaml b/http/cves/2021/CVE-2021-30049.yaml index 9a63e381a54..127bbf4d555 100644 --- a/http/cves/2021/CVE-2021-30049.yaml +++ b/http/cves/2021/CVE-2021-30049.yaml @@ -12,13 +12,15 @@ info: reference: - https://eh337.net/2021/03/30/sysaid/ - https://nvd.nist.gov/vuln/detail/CVE-2021-30049 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-30049 cwe-id: CWE-79 - epss-score: 0.00102 - epss-percentile: 0.4118 + epss-score: 0.00106 + epss-percentile: 0.42156 cpe: cpe:2.3:a:sysaid:sysaid:20.3.64:b14:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30128.yaml b/http/cves/2021/CVE-2021-30128.yaml index 08765f76fe3..b2292bdf50d 100644 --- a/http/cves/2021/CVE-2021-30128.yaml +++ b/http/cves/2021/CVE-2021-30128.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-30128 cwe-id: CWE-502 - epss-score: 0.65128 - epss-percentile: 0.97606 + epss-score: 0.62199 + epss-percentile: 0.97748 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-30151.yaml b/http/cves/2021/CVE-2021-30151.yaml index d943e4804eb..2653f8b121b 100644 --- a/http/cves/2021/CVE-2021-30151.yaml +++ b/http/cves/2021/CVE-2021-30151.yaml @@ -14,13 +14,14 @@ info: - https://lists.debian.org/debian-lts-announce/2022/03/msg00015.html - https://nvd.nist.gov/vuln/detail/CVE-2021-30151 - https://lists.debian.org/debian-lts-announce/2023/03/msg00011.html + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-30151 cwe-id: CWE-79 - epss-score: 0.00404 - epss-percentile: 0.7096 + epss-score: 0.00574 + epss-percentile: 0.77475 cpe: cpe:2.3:a:contribsys:sidekiq:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-3017.yaml b/http/cves/2021/CVE-2021-3017.yaml index 031d0df08ec..be644137f09 100644 --- a/http/cves/2021/CVE-2021-3017.yaml +++ b/http/cves/2021/CVE-2021-3017.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-3017 epss-score: 0.01527 - epss-percentile: 0.85724 + epss-percentile: 0.86768 cpe: cpe:2.3:o:intelbras:win_300_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30175.yaml b/http/cves/2021/CVE-2021-30175.yaml index 86738440906..5d1b8d74c05 100644 --- a/http/cves/2021/CVE-2021-30175.yaml +++ b/http/cves/2021/CVE-2021-30175.yaml @@ -14,13 +14,14 @@ info: - https://github.com/awillix/research/blob/main/cve/CVE-2021-30175.md - https://nvd.nist.gov/vuln/detail/CVE-2021-30175 - https://pro.zerof.ru + - https://github.com/awillix/research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-30175 cwe-id: CWE-89 - epss-score: 0.03658 - epss-percentile: 0.90791 + epss-score: 0.05126 + epss-percentile: 0.92775 cpe: cpe:2.3:a:zerof:web_server:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3019.yaml b/http/cves/2021/CVE-2021-3019.yaml index 35ec3cf0390..6d9153e6709 100644 --- a/http/cves/2021/CVE-2021-3019.yaml +++ b/http/cves/2021/CVE-2021-3019.yaml @@ -13,13 +13,15 @@ info: - https://github.com/ffay/lanproxy/commits/master - https://github.com/maybe-why-not/lanproxy/issues/1 - https://nvd.nist.gov/vuln/detail/CVE-2021-3019 + - https://github.com/manas3c/CVE-POC + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-3019 cwe-id: CWE-22 - epss-score: 0.00974 - epss-percentile: 0.8168 + epss-score: 0.00832 + epss-percentile: 0.81646 cpe: cpe:2.3:a:lanproxy_project:lanproxy:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30213.yaml b/http/cves/2021/CVE-2021-30213.yaml index b5baf34c297..a25aa8926a4 100644 --- a/http/cves/2021/CVE-2021-30213.yaml +++ b/http/cves/2021/CVE-2021-30213.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-30213 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42925 + epss-percentile: 0.42145 cpe: cpe:2.3:a:eng:knowage:7.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30497.yaml b/http/cves/2021/CVE-2021-30497.yaml index 6620ed12c81..e3927b2dafc 100644 --- a/http/cves/2021/CVE-2021-30497.yaml +++ b/http/cves/2021/CVE-2021-30497.yaml @@ -14,13 +14,14 @@ info: - https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US - https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30497 + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-30497 cwe-id: CWE-22 - epss-score: 0.96355 - epss-percentile: 0.99448 + epss-score: 0.95284 + epss-percentile: 0.99297 cpe: cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3110.yaml b/http/cves/2021/CVE-2021-3110.yaml index 1fcbe04a056..908c3970cde 100644 --- a/http/cves/2021/CVE-2021-3110.yaml +++ b/http/cves/2021/CVE-2021-3110.yaml @@ -15,13 +15,14 @@ info: - https://www.exploit-db.com/exploits/49410 - https://nvd.nist.gov/vuln/detail/CVE-2021-3110 - https://medium.com/%40gondaliyajaimin797/cve-2021-3110-75a24943ca5e + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-3110 cwe-id: CWE-89 epss-score: 0.83896 - epss-percentile: 0.98189 + epss-percentile: 0.98387 cpe: cpe:2.3:a:prestashop:prestashop:1.7.7.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-31195.yaml b/http/cves/2021/CVE-2021-31195.yaml index e8850c40e40..d179092fbfd 100644 --- a/http/cves/2021/CVE-2021-31195.yaml +++ b/http/cves/2021/CVE-2021-31195.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-31195 cwe-id: CWE-79 - epss-score: 0.92344 - epss-percentile: 0.98782 + epss-score: 0.92095 + epss-percentile: 0.98883 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3129.yaml b/http/cves/2021/CVE-2021-3129.yaml index 26b0652ed4e..e469f4fc966 100644 --- a/http/cves/2021/CVE-2021-3129.yaml +++ b/http/cves/2021/CVE-2021-3129.yaml @@ -14,12 +14,13 @@ info: - https://github.com/vulhub/vulhub/tree/master/laravel/CVE-2021-3129 - https://nvd.nist.gov/vuln/detail/CVE-2021-3129 - https://github.com/facade/ignition/pull/334 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-3129 - epss-score: 0.97482 - epss-percentile: 0.99964 + epss-score: 0.97468 + epss-percentile: 0.99958 cpe: cpe:2.3:a:facade:ignition:*:*:*:*:*:laravel:*:* metadata: max-request: 6 diff --git a/http/cves/2021/CVE-2021-31537.yaml b/http/cves/2021/CVE-2021-31537.yaml index d2c82b7b64d..c5d88163af9 100644 --- a/http/cves/2021/CVE-2021-31537.yaml +++ b/http/cves/2021/CVE-2021-31537.yaml @@ -14,13 +14,14 @@ info: - http://seclists.org/fulldisclosure/2021/May/20 - https://sisinformatik.com/rewe-go/ - https://nvd.nist.gov/vuln/detail/CVE-2021-31537 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-31537 cwe-id: CWE-79 - epss-score: 0.00328 - epss-percentile: 0.67835 + epss-score: 0.00355 + epss-percentile: 0.71454 cpe: cpe:2.3:a:sisinformatik:sis-rewe_go:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31602.yaml b/http/cves/2021/CVE-2021-31602.yaml index 06b40f21cc0..bfe7d999358 100644 --- a/http/cves/2021/CVE-2021-31602.yaml +++ b/http/cves/2021/CVE-2021-31602.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-31602 cwe-id: CWE-287 epss-score: 0.36115 - epss-percentile: 0.96774 + epss-percentile: 0.97042 cpe: cpe:2.3:a:hitachi:vantara_pentaho:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-31682.yaml b/http/cves/2021/CVE-2021-31682.yaml index 592548d6932..f34d1f4927d 100644 --- a/http/cves/2021/CVE-2021-31682.yaml +++ b/http/cves/2021/CVE-2021-31682.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-31682 cwe-id: CWE-79 - epss-score: 0.01071 - epss-percentile: 0.8266 + epss-score: 0.01492 + epss-percentile: 0.86569 cpe: cpe:2.3:a:automatedlogic:webctrl:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31755.yaml b/http/cves/2021/CVE-2021-31755.yaml index 9c295bb2a5b..31cd0555ba9 100644 --- a/http/cves/2021/CVE-2021-31755.yaml +++ b/http/cves/2021/CVE-2021-31755.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-31755 cwe-id: CWE-787 - epss-score: 0.95917 - epss-percentile: 0.99341 + epss-score: 0.96978 + epss-percentile: 0.99717 cpe: cpe:2.3:o:tenda:ac11_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31805.yaml b/http/cves/2021/CVE-2021-31805.yaml index f8a0a108d64..468e988b474 100644 --- a/http/cves/2021/CVE-2021-31805.yaml +++ b/http/cves/2021/CVE-2021-31805.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-31805 cwe-id: CWE-917 - epss-score: 0.11237 - epss-percentile: 0.94694 + epss-score: 0.18558 + epss-percentile: 0.961 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31856.yaml b/http/cves/2021/CVE-2021-31856.yaml index cbe3b5acf20..e0ade48f36e 100644 --- a/http/cves/2021/CVE-2021-31856.yaml +++ b/http/cves/2021/CVE-2021-31856.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-31856 - https://meshery.io - https://github.com/layer5io/meshery/pull/2745 + - https://github.com/ssst0n3/my_vulnerabilities classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-31856 cwe-id: CWE-89 - epss-score: 0.03993 - epss-percentile: 0.91153 + epss-score: 0.03274 + epss-percentile: 0.91056 cpe: cpe:2.3:a:layer5:meshery:0.5.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31862.yaml b/http/cves/2021/CVE-2021-31862.yaml index a03ab00c893..a65a47ae7d5 100644 --- a/http/cves/2021/CVE-2021-31862.yaml +++ b/http/cves/2021/CVE-2021-31862.yaml @@ -13,13 +13,15 @@ info: - https://github.com/RobertDra/CVE-2021-31862/blob/main/README.md - https://www.sysaid.com/product/on-premise/latest-release - https://nvd.nist.gov/vuln/detail/CVE-2021-31862 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-31862 cwe-id: CWE-79 epss-score: 0.00141 - epss-percentile: 0.49752 + epss-percentile: 0.48947 cpe: cpe:2.3:a:sysaid:sysaid:20.4.74:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32030.yaml b/http/cves/2021/CVE-2021-32030.yaml index e76016d7321..797d81d8428 100644 --- a/http/cves/2021/CVE-2021-32030.yaml +++ b/http/cves/2021/CVE-2021-32030.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-32030 cwe-id: CWE-287 - epss-score: 0.57497 - epss-percentile: 0.97427 + epss-score: 0.48092 + epss-percentile: 0.9739 cpe: cpe:2.3:o:asus:gt-ac2900_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32172.yaml b/http/cves/2021/CVE-2021-32172.yaml index 8059c56b5eb..4efb3655e5d 100644 --- a/http/cves/2021/CVE-2021-32172.yaml +++ b/http/cves/2021/CVE-2021-32172.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-32172 cwe-id: CWE-862 - epss-score: 0.26253 - epss-percentile: 0.96311 + epss-score: 0.26906 + epss-percentile: 0.9666 cpe: cpe:2.3:a:maianscriptworld:maian_cart:3.8:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-3223.yaml b/http/cves/2021/CVE-2021-3223.yaml index 50cabe19227..b6a821929eb 100644 --- a/http/cves/2021/CVE-2021-3223.yaml +++ b/http/cves/2021/CVE-2021-3223.yaml @@ -14,13 +14,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3223 - https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2 - https://nvd.nist.gov/vuln/detail/CVE-2021-3223 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-3223 cwe-id: CWE-22 - epss-score: 0.11532 - epss-percentile: 0.9472 + epss-score: 0.09614 + epss-percentile: 0.94637 cpe: cpe:2.3:a:nodered:node-red-dashboard:*:*:*:*:*:node.js:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-32618.yaml b/http/cves/2021/CVE-2021-32618.yaml index 10d325efd91..42d068400b7 100644 --- a/http/cves/2021/CVE-2021-32618.yaml +++ b/http/cves/2021/CVE-2021-32618.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-32618 cwe-id: CWE-601 - epss-score: 0.00106 - epss-percentile: 0.42835 + epss-score: 0.00113 + epss-percentile: 0.43765 cpe: cpe:2.3:a:flask-security_project:flask-security:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32682.yaml b/http/cves/2021/CVE-2021-32682.yaml index 9477a921468..22ad88760f9 100644 --- a/http/cves/2021/CVE-2021-32682.yaml +++ b/http/cves/2021/CVE-2021-32682.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-32682 cwe-id: CWE-22 - epss-score: 0.97283 - epss-percentile: 0.99839 + epss-score: 0.97293 + epss-percentile: 0.99854 cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: max-request: 9 diff --git a/http/cves/2021/CVE-2021-32789.yaml b/http/cves/2021/CVE-2021-32789.yaml index d31de84d052..2fcd2025c47 100644 --- a/http/cves/2021/CVE-2021-32789.yaml +++ b/http/cves/2021/CVE-2021-32789.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-32789 cwe-id: CWE-89 - epss-score: 0.01342 - epss-percentile: 0.84625 + epss-score: 0.09336 + epss-percentile: 0.94559 cpe: cpe:2.3:a:automattic:woocommerce_blocks:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32819.yaml b/http/cves/2021/CVE-2021-32819.yaml index c79a9539f1d..1516fccd08c 100644 --- a/http/cves/2021/CVE-2021-32819.yaml +++ b/http/cves/2021/CVE-2021-32819.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-32819 cwe-id: CWE-200,NVD-CWE-noinfo epss-score: 0.82753 - epss-percentile: 0.98169 + epss-percentile: 0.98332 cpe: cpe:2.3:a:squirrelly:squirrelly:8.0.8:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32820.yaml b/http/cves/2021/CVE-2021-32820.yaml index 0acba13613c..8990bc9f991 100644 --- a/http/cves/2021/CVE-2021-32820.yaml +++ b/http/cves/2021/CVE-2021-32820.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-32820 cwe-id: CWE-94,CWE-200 epss-score: 0.01304 - epss-percentile: 0.84467 + epss-percentile: 0.85598 cpe: cpe:2.3:a:express_handlebars_project:express_handlebars:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3293.yaml b/http/cves/2021/CVE-2021-3293.yaml index eee4b8aca10..957f170f1ea 100644 --- a/http/cves/2021/CVE-2021-3293.yaml +++ b/http/cves/2021/CVE-2021-3293.yaml @@ -13,13 +13,15 @@ info: - https://github.com/emlog/emlog/issues/62 - https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md - https://nvd.nist.gov/vuln/detail/CVE-2021-3293 + - https://github.com/Z0fhack/Goby_POC + - https://github.com/20142995/Goby classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-3293 cwe-id: CWE-22 epss-score: 0.003 - epss-percentile: 0.66269 + epss-percentile: 0.68887 cpe: cpe:2.3:a:emlog:emlog:5.3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3297.yaml b/http/cves/2021/CVE-2021-3297.yaml index 3cd9637a39f..0396fd1ce2f 100644 --- a/http/cves/2021/CVE-2021-3297.yaml +++ b/http/cves/2021/CVE-2021-3297.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3297 cwe-id: CWE-287 epss-score: 0.1939 - epss-percentile: 0.9586 + epss-percentile: 0.96173 cpe: cpe:2.3:o:zyxel:nbg2105_firmware:v1.00\(aagu.2\)c0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-33357.yaml b/http/cves/2021/CVE-2021-33357.yaml index 072476d1768..524a111be8b 100644 --- a/http/cves/2021/CVE-2021-33357.yaml +++ b/http/cves/2021/CVE-2021-33357.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-33357 cwe-id: CWE-78 - epss-score: 0.96667 - epss-percentile: 0.99565 + epss-score: 0.96502 + epss-percentile: 0.99569 cpe: cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-33564.yaml b/http/cves/2021/CVE-2021-33564.yaml index a12834df8b1..552c355adfc 100644 --- a/http/cves/2021/CVE-2021-33564.yaml +++ b/http/cves/2021/CVE-2021-33564.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-33564 cwe-id: CWE-88 - epss-score: 0.09259 - epss-percentile: 0.94099 + epss-score: 0.07547 + epss-percentile: 0.93983 cpe: cpe:2.3:a:dragonfly_project:dragonfly:*:*:*:*:*:ruby:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-33690.yaml b/http/cves/2021/CVE-2021-33690.yaml index c1bf2aa3a94..e7aa3fe3f61 100644 --- a/http/cves/2021/CVE-2021-33690.yaml +++ b/http/cves/2021/CVE-2021-33690.yaml @@ -12,13 +12,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-33690 - https://launchpad.support.sap.com/#/notes/3072955 - https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806 + - https://github.com/redrays-io/CVE-2021-33690 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.9 cve-id: CVE-2021-33690 cwe-id: CWE-918 - epss-score: 0.37614 - epss-percentile: 0.9685 + epss-score: 0.3856 + epss-percentile: 0.97133 cpe: cpe:2.3:a:sap:netweaver_development_infrastructure:7.11:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-3377.yaml b/http/cves/2021/CVE-2021-3377.yaml index b655d8c7b1f..9038b46a23c 100644 --- a/http/cves/2021/CVE-2021-3377.yaml +++ b/http/cves/2021/CVE-2021-3377.yaml @@ -12,13 +12,15 @@ info: - https://doyensec.com/resources/Doyensec_Advisory_ansi_up4_XSS.pdf - https://github.com/drudru/ansi_up/commit/c8c726ed1db979bae4f257b7fa41775155ba2e27 - https://nvd.nist.gov/vuln/detail/CVE-2021-3377 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-3377 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47461 + epss-percentile: 0.46774 cpe: cpe:2.3:a:ansi_up_project:ansi_up:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3378.yaml b/http/cves/2021/CVE-2021-3378.yaml index 60158fda50a..e28b6371ddd 100644 --- a/http/cves/2021/CVE-2021-3378.yaml +++ b/http/cves/2021/CVE-2021-3378.yaml @@ -15,13 +15,14 @@ info: - https://github.com/erberkan/fortilogger_arbitrary_fileupload - http://packetstormsecurity.com/files/161601/FortiLogger-4.4.2.2-Arbitrary-File-Upload.html - http://packetstormsecurity.com/files/161974/FortiLogger-Arbitrary-File-Upload.html + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-3378 cwe-id: CWE-434 - epss-score: 0.43358 - epss-percentile: 0.97016 + epss-score: 0.46039 + epss-percentile: 0.97333 cpe: cpe:2.3:a:fortilogger:fortilogger:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-33807.yaml b/http/cves/2021/CVE-2021-33807.yaml index 50a087a62ec..4623c553d8b 100644 --- a/http/cves/2021/CVE-2021-33807.yaml +++ b/http/cves/2021/CVE-2021-33807.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-33807 cwe-id: CWE-22 - epss-score: 0.02331 - epss-percentile: 0.88655 + epss-score: 0.02187 + epss-percentile: 0.89167 cpe: cpe:2.3:a:gespage:gespage:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-33851.yaml b/http/cves/2021/CVE-2021-33851.yaml index af36447daf7..71d6e4d7b26 100644 --- a/http/cves/2021/CVE-2021-33851.yaml +++ b/http/cves/2021/CVE-2021-33851.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-33851 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.28533 + epss-percentile: 0.2831 cpe: cpe:2.3:a:apasionados:customize_login_image:3.4:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-33904.yaml b/http/cves/2021/CVE-2021-33904.yaml index 3e8465a3fe4..82558ded226 100644 --- a/http/cves/2021/CVE-2021-33904.yaml +++ b/http/cves/2021/CVE-2021-33904.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-33904 cwe-id: CWE-79 - epss-score: 0.00159 - epss-percentile: 0.52423 + epss-score: 0.00182 + epss-percentile: 0.54617 cpe: cpe:2.3:a:accela:civic_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-34429.yaml b/http/cves/2021/CVE-2021-34429.yaml index a0f14aad6d3..098db212b02 100644 --- a/http/cves/2021/CVE-2021-34429.yaml +++ b/http/cves/2021/CVE-2021-34429.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-34429 cwe-id: CWE-200,NVD-CWE-Other - epss-score: 0.45742 - epss-percentile: 0.97082 + epss-score: 0.45704 + epss-percentile: 0.97324 cpe: cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-34473.yaml b/http/cves/2021/CVE-2021-34473.yaml index bf1be0d98d6..50414c1fa2d 100644 --- a/http/cves/2021/CVE-2021-34473.yaml +++ b/http/cves/2021/CVE-2021-34473.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.1 cve-id: CVE-2021-34473 cwe-id: CWE-918 - epss-score: 0.97078 - epss-percentile: 0.99722 + epss-score: 0.97285 + epss-percentile: 0.99848 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-34643.yaml b/http/cves/2021/CVE-2021-34643.yaml index 8da88881f55..eb5f4ef91df 100644 --- a/http/cves/2021/CVE-2021-34643.yaml +++ b/http/cves/2021/CVE-2021-34643.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-34643 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45256 + epss-percentile: 0.44405 cpe: cpe:2.3:a:skaut-bazar_project:skaut-bazar:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-34805.yaml b/http/cves/2021/CVE-2021-34805.yaml index 44ca2931875..029af528173 100644 --- a/http/cves/2021/CVE-2021-34805.yaml +++ b/http/cves/2021/CVE-2021-34805.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-34805 cwe-id: CWE-22 - epss-score: 0.0554 - epss-percentile: 0.92512 + epss-score: 0.17035 + epss-percentile: 0.95944 cpe: cpe:2.3:a:land-software:faust_iserver:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35250.yaml b/http/cves/2021/CVE-2021-35250.yaml index 34d0ba1a84a..7ef2daee80c 100644 --- a/http/cves/2021/CVE-2021-35250.yaml +++ b/http/cves/2021/CVE-2021-35250.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-35250 cwe-id: CWE-22 - epss-score: 0.06268 - epss-percentile: 0.92929 + epss-score: 0.05835 + epss-percentile: 0.93245 cpe: cpe:2.3:a:solarwinds:serv-u:15.3:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35265.yaml b/http/cves/2021/CVE-2021-35265.yaml index 386c10cf7b2..00c1d242af3 100644 --- a/http/cves/2021/CVE-2021-35265.yaml +++ b/http/cves/2021/CVE-2021-35265.yaml @@ -14,13 +14,15 @@ info: - https://github.com/maxsite/cms/issues/414#issue-726249183 - https://nvd.nist.gov/vuln/detail/CVE-2021-35265 - https://github.com/maxsite/cms/commit/6b0ab1de9f3d471485d1347e800a9ce43fedbf1a + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-35265 cwe-id: CWE-79 - epss-score: 0.00127 - epss-percentile: 0.47114 + epss-score: 0.00133 + epss-percentile: 0.47461 cpe: cpe:2.3:a:maxsite:maxsite_cms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-35336.yaml b/http/cves/2021/CVE-2021-35336.yaml index fad616f8ba6..298162c3ecf 100644 --- a/http/cves/2021/CVE-2021-35336.yaml +++ b/http/cves/2021/CVE-2021-35336.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-35336 cwe-id: CWE-1188 - epss-score: 0.07599 - epss-percentile: 0.93521 + epss-score: 0.0793 + epss-percentile: 0.94105 cpe: cpe:2.3:o:tieline:ip_audtio_gateway_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35488.yaml b/http/cves/2021/CVE-2021-35488.yaml index 4520932d53c..a17a2a15772 100644 --- a/http/cves/2021/CVE-2021-35488.yaml +++ b/http/cves/2021/CVE-2021-35488.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-35488 cwe-id: CWE-79 epss-score: 0.00145 - epss-percentile: 0.50298 + epss-percentile: 0.49429 cpe: cpe:2.3:a:thruk:thruk:2.40-2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-36356.yaml b/http/cves/2021/CVE-2021-36356.yaml index 3ea426c5802..2108abb5d57 100644 --- a/http/cves/2021/CVE-2021-36356.yaml +++ b/http/cves/2021/CVE-2021-36356.yaml @@ -12,13 +12,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-36356 - https://nvd.nist.gov/vuln/detail/CVE-2021-35064 - https://write-up.github.io/kramerav/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-36356 cwe-id: CWE-434 - epss-score: 0.93009 - epss-percentile: 0.98853 + epss-score: 0.90558 + epss-percentile: 0.98752 cpe: cpe:2.3:a:kramerav:viaware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-3654.yaml b/http/cves/2021/CVE-2021-3654.yaml index 3619b3f4323..4d86e9e486b 100644 --- a/http/cves/2021/CVE-2021-3654.yaml +++ b/http/cves/2021/CVE-2021-3654.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3654 cwe-id: CWE-601 epss-score: 0.92596 - epss-percentile: 0.98805 + epss-percentile: 0.98944 cpe: cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-36580.yaml b/http/cves/2021/CVE-2021-36580.yaml index d6f77d5ebc7..8682f6808d8 100644 --- a/http/cves/2021/CVE-2021-36580.yaml +++ b/http/cves/2021/CVE-2021-36580.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-36580 cwe-id: CWE-601 - epss-score: 0.00162 - epss-percentile: 0.52783 + epss-score: 0.00233 + epss-percentile: 0.60652 cpe: cpe:2.3:a:icewarp:icewarp_server:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-36748.yaml b/http/cves/2021/CVE-2021-36748.yaml index 525d09ddd18..0d24801580d 100644 --- a/http/cves/2021/CVE-2021-36748.yaml +++ b/http/cves/2021/CVE-2021-36748.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-36748 cwe-id: CWE-89 epss-score: 0.0061 - epss-percentile: 0.76373 + epss-percentile: 0.78175 cpe: cpe:2.3:a:prestahome:blog:*:*:*:*:*:prestashop:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-36749.yaml b/http/cves/2021/CVE-2021-36749.yaml index a84b0d13956..1c2ffb45125 100644 --- a/http/cves/2021/CVE-2021-36749.yaml +++ b/http/cves/2021/CVE-2021-36749.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-36749 cwe-id: CWE-863 - epss-score: 0.80294 - epss-percentile: 0.98047 + epss-score: 0.79504 + epss-percentile: 0.98204 cpe: cpe:2.3:a:apache:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-36873.yaml b/http/cves/2021/CVE-2021-36873.yaml index 691e6712d23..9e1e8c4d083 100644 --- a/http/cves/2021/CVE-2021-36873.yaml +++ b/http/cves/2021/CVE-2021-36873.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-36873 cwe-id: CWE-79 epss-score: 0.00131 - epss-percentile: 0.4793 + epss-percentile: 0.47179 cpe: cpe:2.3:a:webence:iq_block_country:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37216.yaml b/http/cves/2021/CVE-2021-37216.yaml index 2d174c04eda..82889451ea4 100644 --- a/http/cves/2021/CVE-2021-37216.yaml +++ b/http/cves/2021/CVE-2021-37216.yaml @@ -13,13 +13,15 @@ info: reference: - https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html - https://nvd.nist.gov/vuln/detail/CVE-2021-37216 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37216 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42861 + epss-score: 0.00108 + epss-percentile: 0.42604 cpe: cpe:2.3:o:qsan:xn8024r_firmware:3.1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-37304.yaml b/http/cves/2021/CVE-2021-37304.yaml index d1ad88418b1..062fc1efb67 100644 --- a/http/cves/2021/CVE-2021-37304.yaml +++ b/http/cves/2021/CVE-2021-37304.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-37304 cwe-id: CWE-732 - epss-score: 0.00917 - epss-percentile: 0.81102 + epss-score: 0.00703 + epss-percentile: 0.79899 cpe: cpe:2.3:a:jeecg:jeecg:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37305.yaml b/http/cves/2021/CVE-2021-37305.yaml index b14523a00a5..fb6be36cf4c 100644 --- a/http/cves/2021/CVE-2021-37305.yaml +++ b/http/cves/2021/CVE-2021-37305.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-37305 cwe-id: CWE-732 - epss-score: 0.0029 - epss-percentile: 0.65718 + epss-score: 0.00416 + epss-percentile: 0.73616 cpe: cpe:2.3:a:jeecg:jeecg:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37416.yaml b/http/cves/2021/CVE-2021-37416.yaml index 636cf9ff29b..69454070e8e 100644 --- a/http/cves/2021/CVE-2021-37416.yaml +++ b/http/cves/2021/CVE-2021-37416.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-37416 cwe-id: CWE-79 epss-score: 0.00118 - epss-percentile: 0.45727 + epss-percentile: 0.44933 cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37538.yaml b/http/cves/2021/CVE-2021-37538.yaml index 5cad9f041c7..c747bb7b6ca 100644 --- a/http/cves/2021/CVE-2021-37538.yaml +++ b/http/cves/2021/CVE-2021-37538.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-37538 cwe-id: CWE-89 epss-score: 0.02819 - epss-percentile: 0.89656 + epss-percentile: 0.90434 cpe: cpe:2.3:a:smartdatasoft:smartblog:*:*:*:*:*:prestashop:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-37573.yaml b/http/cves/2021/CVE-2021-37573.yaml index bf58fa91910..b94d80dd3b1 100644 --- a/http/cves/2021/CVE-2021-37573.yaml +++ b/http/cves/2021/CVE-2021-37573.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-37573 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-042.txt - http://seclists.org/fulldisclosure/2021/Aug/13 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37573 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.6643 + epss-percentile: 0.69043 cpe: cpe:2.3:a:tiny_java_web_server_project:tiny_java_web_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-37704.yaml b/http/cves/2021/CVE-2021-37704.yaml index 1df1fb2acd2..ed8413c89e9 100644 --- a/http/cves/2021/CVE-2021-37704.yaml +++ b/http/cves/2021/CVE-2021-37704.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2021-37704 - cwe-id: CWE-200,CWE-668 - epss-score: 0.00372 - epss-percentile: 0.6977 + cwe-id: CWE-668,CWE-200 + epss-score: 0.00547 + epss-percentile: 0.76969 cpe: cpe:2.3:a:phpfastcache:phpfastcache:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-37833.yaml b/http/cves/2021/CVE-2021-37833.yaml index ac019e23c6a..c60e1b330ae 100644 --- a/http/cves/2021/CVE-2021-37833.yaml +++ b/http/cves/2021/CVE-2021-37833.yaml @@ -13,13 +13,15 @@ info: - https://github.com/dievus/CVE-2021-37833 - https://www.hoteldruid.com - https://nvd.nist.gov/vuln/detail/CVE-2021-37833 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37833 cwe-id: CWE-79 - epss-score: 0.0009 - epss-percentile: 0.37672 + epss-score: 0.0019 + epss-percentile: 0.55493 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.2:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-38704.yaml b/http/cves/2021/CVE-2021-38704.yaml index 81b5239397f..768b7dd0f80 100644 --- a/http/cves/2021/CVE-2021-38704.yaml +++ b/http/cves/2021/CVE-2021-38704.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-38704 cwe-id: CWE-79 epss-score: 0.00141 - epss-percentile: 0.49786 + epss-percentile: 0.48901 cpe: cpe:2.3:a:cliniccases:cliniccases:7.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39141.yaml b/http/cves/2021/CVE-2021-39141.yaml index fdf0f06a394..90047412615 100644 --- a/http/cves/2021/CVE-2021-39141.yaml +++ b/http/cves/2021/CVE-2021-39141.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-39141 cwe-id: CWE-434 epss-score: 0.25418 - epss-percentile: 0.96265 + epss-percentile: 0.96584 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39165.yaml b/http/cves/2021/CVE-2021-39165.yaml index 9431dced0d5..0d42734b0ad 100644 --- a/http/cves/2021/CVE-2021-39165.yaml +++ b/http/cves/2021/CVE-2021-39165.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-39165 cwe-id: CWE-287 - epss-score: 0.06796 - epss-percentile: 0.93198 + epss-score: 0.04786 + epss-percentile: 0.92528 cpe: cpe:2.3:a:chachethq:cachet:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-39211.yaml b/http/cves/2021/CVE-2021-39211.yaml index c13ee445e09..f4c494c40d5 100644 --- a/http/cves/2021/CVE-2021-39211.yaml +++ b/http/cves/2021/CVE-2021-39211.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-39211 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.00166 - epss-percentile: 0.53303 + epss-score: 0.00161 + epss-percentile: 0.51768 cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-39226.yaml b/http/cves/2021/CVE-2021-39226.yaml index cb472671f9c..a323e36d779 100644 --- a/http/cves/2021/CVE-2021-39226.yaml +++ b/http/cves/2021/CVE-2021-39226.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.3 cve-id: CVE-2021-39226 cwe-id: CWE-287 - epss-score: 0.92988 - epss-percentile: 0.98851 + epss-score: 0.97206 + epss-percentile: 0.9981 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39312.yaml b/http/cves/2021/CVE-2021-39312.yaml index 56aa97ca379..35ea7336216 100644 --- a/http/cves/2021/CVE-2021-39312.yaml +++ b/http/cves/2021/CVE-2021-39312.yaml @@ -11,13 +11,14 @@ info: - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39312 - https://plugins.trac.wordpress.org/browser/seo-local-rank/tags/2.2.2/admin/vendor/datatables/examples/resources/examples.php - https://nvd.nist.gov/vuln/detail/CVE-2021-39312 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-39312 cwe-id: CWE-22 - epss-score: 0.14099 - epss-percentile: 0.95161 + epss-score: 0.16864 + epss-percentile: 0.95927 cpe: cpe:2.3:a:trueranker:true_ranker:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39320.yaml b/http/cves/2021/CVE-2021-39320.yaml index c7c64aff075..5e423551e03 100644 --- a/http/cves/2021/CVE-2021-39320.yaml +++ b/http/cves/2021/CVE-2021-39320.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/49ae1df0-d6d2-4cbb-9a9d-bf3599429875 - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39320 - https://nvd.nist.gov/vuln/detail/CVE-2021-39320 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-39320 cwe-id: CWE-79 epss-score: 0.0021 - epss-percentile: 0.58906 + epss-percentile: 0.58322 cpe: cpe:2.3:a:underconstruction_project:underconstruction:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-39322.yaml b/http/cves/2021/CVE-2021-39322.yaml index 4785c1dc637..2dd5d902cd7 100644 --- a/http/cves/2021/CVE-2021-39322.yaml +++ b/http/cves/2021/CVE-2021-39322.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-39322 cwe-id: CWE-79 epss-score: 0.00234 - epss-percentile: 0.6149 + epss-percentile: 0.60718 cpe: cpe:2.3:a:cybernetikz:easy_social_icons:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-39327.yaml b/http/cves/2021/CVE-2021-39327.yaml index 68ac4ce185d..c13fec0446b 100644 --- a/http/cves/2021/CVE-2021-39327.yaml +++ b/http/cves/2021/CVE-2021-39327.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-39327 - cwe-id: CWE-200,CWE-459 - epss-score: 0.14919 - epss-percentile: 0.95277 + cwe-id: CWE-459,CWE-200 + epss-score: 0.16259 + epss-percentile: 0.95861 cpe: cpe:2.3:a:ait-pro:bulletproof_security:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-39433.yaml b/http/cves/2021/CVE-2021-39433.yaml index 35bf87c6e07..f5e8a638e4d 100644 --- a/http/cves/2021/CVE-2021-39433.yaml +++ b/http/cves/2021/CVE-2021-39433.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-39433 epss-score: 0.00637 - epss-percentile: 0.76928 + epss-percentile: 0.78687 cpe: cpe:2.3:a:biqs:biqsdrive:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39501.yaml b/http/cves/2021/CVE-2021-39501.yaml index 1e54484971d..ffb6fe7da4d 100644 --- a/http/cves/2021/CVE-2021-39501.yaml +++ b/http/cves/2021/CVE-2021-39501.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-39501 cwe-id: CWE-601 epss-score: 0.00093 - epss-percentile: 0.39147 + epss-percentile: 0.38461 cpe: cpe:2.3:a:eyoucms:eyoucms:1.5.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40149.yaml b/http/cves/2021/CVE-2021-40149.yaml index af88a9c5823..d85f63421ad 100644 --- a/http/cves/2021/CVE-2021-40149.yaml +++ b/http/cves/2021/CVE-2021-40149.yaml @@ -15,13 +15,14 @@ info: - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-40149.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40149 - http://packetstormsecurity.com/files/167407/Reolink-E1-Zoom-Camera-3.0.0.716-Private-Key-Disclosure.html + - https://github.com/MrTuxracer/advisories classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 5.9 cve-id: CVE-2021-40149 cwe-id: CWE-552 - epss-score: 0.00888 - epss-percentile: 0.8079 + epss-score: 0.00942 + epss-percentile: 0.82739 cpe: cpe:2.3:o:reolink:e1_zoom_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40323.yaml b/http/cves/2021/CVE-2021-40323.yaml index e594b7657a4..b162cf5be3c 100644 --- a/http/cves/2021/CVE-2021-40323.yaml +++ b/http/cves/2021/CVE-2021-40323.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-40323 cwe-id: CWE-94 - epss-score: 0.02948 - epss-percentile: 0.89814 + epss-score: 0.03051 + epss-percentile: 0.90763 cpe: cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-40438.yaml b/http/cves/2021/CVE-2021-40438.yaml index dae55e0f819..8597651f7c2 100644 --- a/http/cves/2021/CVE-2021-40438.yaml +++ b/http/cves/2021/CVE-2021-40438.yaml @@ -17,12 +17,12 @@ info: cvss-score: 9 cve-id: CVE-2021-40438 cwe-id: CWE-918 - epss-score: 0.9712 - epss-percentile: 0.99749 + epss-score: 0.97372 + epss-percentile: 0.99897 cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: apache product: http_server tags: cve2021,cve,ssrf,apache,mod-proxy,kev diff --git a/http/cves/2021/CVE-2021-40539.yaml b/http/cves/2021/CVE-2021-40539.yaml index 509955ecdf8..259541c72b6 100644 --- a/http/cves/2021/CVE-2021-40539.yaml +++ b/http/cves/2021/CVE-2021-40539.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-40539 cwe-id: CWE-706 - epss-score: 0.97412 - epss-percentile: 0.9992 + epss-score: 0.97499 + epss-percentile: 0.99976 cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4510:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-40542.yaml b/http/cves/2021/CVE-2021-40542.yaml index 38687b1ca0b..f98db753524 100644 --- a/http/cves/2021/CVE-2021-40542.yaml +++ b/http/cves/2021/CVE-2021-40542.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40542 cwe-id: CWE-79 epss-score: 0.00643 - epss-percentile: 0.77065 + epss-percentile: 0.78811 cpe: cpe:2.3:a:os4ed:opensis:8.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40651.yaml b/http/cves/2021/CVE-2021-40651.yaml index 2fda1838aea..ba5e1447962 100644 --- a/http/cves/2021/CVE-2021-40651.yaml +++ b/http/cves/2021/CVE-2021-40651.yaml @@ -18,8 +18,8 @@ info: cwe-id: CWE-22 cpe: cpe:2.3:a:os4ed:opensis:8.0:*:*:*:community:*:*:* metadata: - shodan-query: "title:\"openSIS\"" max-request: 2 + shodan-query: "title:\"openSIS\"" tags: cve,cve2021,lfi,os4ed,opensis,authenticated http: diff --git a/http/cves/2021/CVE-2021-40661.yaml b/http/cves/2021/CVE-2021-40661.yaml index 9c8fb0b2eb4..5a60fd8b86c 100644 --- a/http/cves/2021/CVE-2021-40661.yaml +++ b/http/cves/2021/CVE-2021-40661.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-40661 cwe-id: CWE-22 - epss-score: 0.01163 - epss-percentile: 0.83404 + epss-score: 0.01137 + epss-percentile: 0.84411 cpe: cpe:2.3:o:mt:ind780_firmware:7.2.10:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40822.yaml b/http/cves/2021/CVE-2021-40822.yaml index 924576f0ada..1bf6622703f 100644 --- a/http/cves/2021/CVE-2021-40822.yaml +++ b/http/cves/2021/CVE-2021-40822.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40822 cwe-id: CWE-918 epss-score: 0.68366 - epss-percentile: 0.97693 + epss-percentile: 0.97892 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40856.yaml b/http/cves/2021/CVE-2021-40856.yaml index f7dffe7e82c..f3a8c47a125 100644 --- a/http/cves/2021/CVE-2021-40856.yaml +++ b/http/cves/2021/CVE-2021-40856.yaml @@ -14,13 +14,14 @@ info: - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-004/-auerswald-comfortel-1400-2600-3600-ip-authentication-bypass - https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses - http://packetstormsecurity.com/files/165162/Auerswald-COMfortel-1400-2600-3600-IP-2.8F-Authentication-Bypass.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-40856 cwe-id: CWE-706 epss-score: 0.19673 - epss-percentile: 0.95858 + epss-percentile: 0.96195 cpe: cpe:2.3:o:auerswald:comfortel_3600_ip_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40868.yaml b/http/cves/2021/CVE-2021-40868.yaml index cb4bb97fbb6..aeea772ae8e 100644 --- a/http/cves/2021/CVE-2021-40868.yaml +++ b/http/cves/2021/CVE-2021-40868.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40868 cwe-id: CWE-79 epss-score: 0.00379 - epss-percentile: 0.70165 + epss-percentile: 0.72411 cpe: cpe:2.3:a:cloudron:cloudron:6.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40875.yaml b/http/cves/2021/CVE-2021-40875.yaml index ac01ff0e2cb..ac951d6fdb5 100644 --- a/http/cves/2021/CVE-2021-40875.yaml +++ b/http/cves/2021/CVE-2021-40875.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40875 cwe-id: CWE-425 epss-score: 0.25891 - epss-percentile: 0.96278 + epss-percentile: 0.96608 cpe: cpe:2.3:a:gurock:testrail:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-40968.yaml b/http/cves/2021/CVE-2021-40968.yaml index 3e88e9d56e3..1723cff89e8 100644 --- a/http/cves/2021/CVE-2021-40968.yaml +++ b/http/cves/2021/CVE-2021-40968.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40968 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51404 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-40970.yaml b/http/cves/2021/CVE-2021-40970.yaml index edf6b23acb4..a1c3a59510e 100644 --- a/http/cves/2021/CVE-2021-40970.yaml +++ b/http/cves/2021/CVE-2021-40970.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40970 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51305 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-40971.yaml b/http/cves/2021/CVE-2021-40971.yaml index 0a834f9dec1..135fa2dea47 100644 --- a/http/cves/2021/CVE-2021-40971.yaml +++ b/http/cves/2021/CVE-2021-40971.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40971 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51404 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-40972.yaml b/http/cves/2021/CVE-2021-40972.yaml index 780f4b260fb..57d9034505e 100644 --- a/http/cves/2021/CVE-2021-40972.yaml +++ b/http/cves/2021/CVE-2021-40972.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40972 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51305 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-41174.yaml b/http/cves/2021/CVE-2021-41174.yaml index 2e2d9b0219f..a0db4de4183 100644 --- a/http/cves/2021/CVE-2021-41174.yaml +++ b/http/cves/2021/CVE-2021-41174.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-41174 cwe-id: CWE-79 - epss-score: 0.96439 - epss-percentile: 0.99477 + epss-score: 0.96194 + epss-percentile: 0.99478 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41266.yaml b/http/cves/2021/CVE-2021-41266.yaml index 415f14a3361..8a1e313d10e 100644 --- a/http/cves/2021/CVE-2021-41266.yaml +++ b/http/cves/2021/CVE-2021-41266.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-41266 - https://github.com/minio/console/security/advisories/GHSA-4999-659w-mq36 - https://github.com/minio/console/pull/1217 + - https://github.com/HimmelAward/Goby_POC + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-41266 cwe-id: CWE-306 epss-score: 0.05383 - epss-percentile: 0.9237 + epss-percentile: 0.92945 cpe: cpe:2.3:a:min:minio_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41277.yaml b/http/cves/2021/CVE-2021-41277.yaml index 6ae4c1bd29a..dc07bb45b20 100644 --- a/http/cves/2021/CVE-2021-41277.yaml +++ b/http/cves/2021/CVE-2021-41277.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-41277 - https://twitter.com/90security/status/1461923313819832324 - https://github.com/metabase/metabase/commit/042a36e49574c749f944e19cf80360fd3dc322f0 + - https://github.com/pen4uin/vulnerability-research-list classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41277 cwe-id: CWE-22,CWE-200 - epss-score: 0.05804 - epss-percentile: 0.92626 + epss-score: 0.95622 + epss-percentile: 0.99363 cpe: cpe:2.3:a:metabase:metabase:0.40.0:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41282.yaml b/http/cves/2021/CVE-2021-41282.yaml index 8be84bf8ecf..b2816701b5a 100644 --- a/http/cves/2021/CVE-2021-41282.yaml +++ b/http/cves/2021/CVE-2021-41282.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-41282 cwe-id: CWE-74 - epss-score: 0.97392 - epss-percentile: 0.99908 + epss-score: 0.97305 + epss-percentile: 0.9986 cpe: cpe:2.3:a:pfsense:pfsense:2.5.2:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-41293.yaml b/http/cves/2021/CVE-2021-41293.yaml index bac0c62de5e..8e3dcb233ff 100644 --- a/http/cves/2021/CVE-2021-41293.yaml +++ b/http/cves/2021/CVE-2021-41293.yaml @@ -11,13 +11,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-41293 - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5679.php - https://www.twcert.org.tw/tw/cp-132-5129-7e623-1.html + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41293 cwe-id: CWE-22 - epss-score: 0.03741 - epss-percentile: 0.90901 + epss-score: 0.05376 + epss-percentile: 0.92942 cpe: cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41349.yaml b/http/cves/2021/CVE-2021-41349.yaml index 61d52e3c92b..36d74c92780 100644 --- a/http/cves/2021/CVE-2021-41349.yaml +++ b/http/cves/2021/CVE-2021-41349.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2021-41349 - epss-score: 0.84327 - epss-percentile: 0.9821 + epss-score: 0.96172 + epss-percentile: 0.99474 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41432.yaml b/http/cves/2021/CVE-2021-41432.yaml index 0021370cafc..dc95357e1f5 100644 --- a/http/cves/2021/CVE-2021-41432.yaml +++ b/http/cves/2021/CVE-2021-41432.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/flatpressblog/flatpress/issues/88 - https://nvd.nist.gov/vuln/detail/CVE-2021-41432 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/martinkubecka/CVE-References + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2021-41432 cwe-id: CWE-79 epss-score: 0.00067 - epss-percentile: 0.27822 + epss-percentile: 0.27705 cpe: cpe:2.3:a:flatpress:flatpress:1.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-41460.yaml b/http/cves/2021/CVE-2021-41460.yaml index 3b659a4e27f..4271b31d2e5 100644 --- a/http/cves/2021/CVE-2021-41460.yaml +++ b/http/cves/2021/CVE-2021-41460.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-41460 cwe-id: CWE-89 - epss-score: 0.00959 - epss-percentile: 0.81589 + epss-score: 0.00992 + epss-percentile: 0.83223 cpe: cpe:2.3:a:shopex:ecshop:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-41569.yaml b/http/cves/2021/CVE-2021-41569.yaml index 24d66c16781..5dd5ccd2ed0 100644 --- a/http/cves/2021/CVE-2021-41569.yaml +++ b/http/cves/2021/CVE-2021-41569.yaml @@ -13,13 +13,14 @@ info: - https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas - https://support.sas.com/kb/68/641.html - https://nvd.nist.gov/vuln/detail/CVE-2021-41569 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41569 cwe-id: CWE-829 epss-score: 0.0083 - epss-percentile: 0.80096 + epss-percentile: 0.81604 cpe: cpe:2.3:a:sas:sas\/intrnet:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41648.yaml b/http/cves/2021/CVE-2021-41648.yaml index 84946a64bb1..1b0606a5566 100644 --- a/http/cves/2021/CVE-2021-41648.yaml +++ b/http/cves/2021/CVE-2021-41648.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-41648 cwe-id: CWE-89 epss-score: 0.06237 - epss-percentile: 0.92912 + epss-percentile: 0.93438 cpe: cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41773.yaml b/http/cves/2021/CVE-2021-41773.yaml index 379445685d0..2eecb663a41 100644 --- a/http/cves/2021/CVE-2021-41773.yaml +++ b/http/cves/2021/CVE-2021-41773.yaml @@ -22,8 +22,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-41773 cwe-id: CWE-22 - epss-score: 0.97386 - epss-percentile: 0.99902 + epss-score: 0.97456 + epss-percentile: 0.9995 cpe: cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-41826.yaml b/http/cves/2021/CVE-2021-41826.yaml index e05839b793e..5815be91752 100644 --- a/http/cves/2021/CVE-2021-41826.yaml +++ b/http/cves/2021/CVE-2021-41826.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-41826 cwe-id: CWE-601 epss-score: 0.93913 - epss-percentile: 0.98974 + epss-percentile: 0.99086 cpe: cpe:2.3:a:place:placeos_authentication:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41951.yaml b/http/cves/2021/CVE-2021-41951.yaml index 13f0b6cfd0d..4a05bb3c89e 100644 --- a/http/cves/2021/CVE-2021-41951.yaml +++ b/http/cves/2021/CVE-2021-41951.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-41951 cwe-id: CWE-79 - epss-score: 0.77372 - epss-percentile: 0.97949 + epss-score: 0.74322 + epss-percentile: 0.9805 cpe: cpe:2.3:a:montala:resourcespace:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42013.yaml b/http/cves/2021/CVE-2021-42013.yaml index 829a69b8caf..6f910743b51 100644 --- a/http/cves/2021/CVE-2021-42013.yaml +++ b/http/cves/2021/CVE-2021-42013.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: "CVE-2021-42013" cwe-id: CWE-22 - epss-score: 0.97287 - epss-percentile: 0.99841 + epss-score: 0.97391 + epss-percentile: 0.9991 cpe: cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-42063.yaml b/http/cves/2021/CVE-2021-42063.yaml index d4c3d4efd10..d7ecb716a1c 100644 --- a/http/cves/2021/CVE-2021-42063.yaml +++ b/http/cves/2021/CVE-2021-42063.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-42063 cwe-id: CWE-79 epss-score: 0.00418 - epss-percentile: 0.71432 + epss-percentile: 0.73669 cpe: cpe:2.3:a:sap:knowledge_warehouse:7.30:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42071.yaml b/http/cves/2021/CVE-2021-42071.yaml index 2d022d5c2c0..473553b1db8 100644 --- a/http/cves/2021/CVE-2021-42071.yaml +++ b/http/cves/2021/CVE-2021-42071.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/50098 - https://nvd.nist.gov/vuln/detail/CVE-2021-42071 - https://visual-tools.com/ + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42071 cwe-id: CWE-78 epss-score: 0.95674 - epss-percentile: 0.99279 + epss-percentile: 0.99369 cpe: cpe:2.3:o:visual-tools:dvr_vx16_firmware:4.2.28.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42192.yaml b/http/cves/2021/CVE-2021-42192.yaml index 9bb0e0eb533..94e08de77a4 100644 --- a/http/cves/2021/CVE-2021-42192.yaml +++ b/http/cves/2021/CVE-2021-42192.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-42192 cwe-id: CWE-863 - epss-score: 0.03284 - epss-percentile: 0.90317 + epss-score: 0.04146 + epss-percentile: 0.91987 cpe: cpe:2.3:a:konga_project:konga:0.14.9:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-42258.yaml b/http/cves/2021/CVE-2021-42258.yaml index 0856ae586be..7325c52724e 100644 --- a/http/cves/2021/CVE-2021-42258.yaml +++ b/http/cves/2021/CVE-2021-42258.yaml @@ -12,13 +12,16 @@ info: reference: - https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware - https://nvd.nist.gov/vuln/detail/CVE-2021-42258 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42258 cwe-id: CWE-89 - epss-score: 0.96873 - epss-percentile: 0.9964 + epss-score: 0.9738 + epss-percentile: 0.99901 cpe: cpe:2.3:a:bqe:billquick_web_suite:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-42565.yaml b/http/cves/2021/CVE-2021-42565.yaml index 6a394d2a398..fdf2bd2afd4 100644 --- a/http/cves/2021/CVE-2021-42565.yaml +++ b/http/cves/2021/CVE-2021-42565.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-42565 - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-001/-cross-site-scripting-in-myfactory-fms - https://www.redteam-pentesting.de/advisories/rt-sa-2021-001 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-42565 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.4118 + epss-percentile: 0.40517 cpe: cpe:2.3:a:myfactory:fms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-42566.yaml b/http/cves/2021/CVE-2021-42566.yaml index a6b1adf09a1..cf56c13bd08 100644 --- a/http/cves/2021/CVE-2021-42566.yaml +++ b/http/cves/2021/CVE-2021-42566.yaml @@ -14,13 +14,14 @@ info: - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-001/-cross-site-scripting-in-myfactory-fms - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-42566 - https://www.redteam-pentesting.de/advisories/rt-sa-2021-001 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-42566 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.4118 + epss-percentile: 0.40517 cpe: cpe:2.3:a:myfactory:fms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-42567.yaml b/http/cves/2021/CVE-2021-42567.yaml index c9a98139554..9671bbc2d7f 100644 --- a/http/cves/2021/CVE-2021-42567.yaml +++ b/http/cves/2021/CVE-2021-42567.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-42567 cwe-id: CWE-79 epss-score: 0.25981 - epss-percentile: 0.96296 + epss-percentile: 0.96613 cpe: cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42627.yaml b/http/cves/2021/CVE-2021-42627.yaml index 6330f1d5889..a69430fc2a7 100644 --- a/http/cves/2021/CVE-2021-42627.yaml +++ b/http/cves/2021/CVE-2021-42627.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42627 - epss-score: 0.06041 - epss-percentile: 0.92756 + epss-score: 0.16383 + epss-percentile: 0.95867 cpe: cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-42887.yaml b/http/cves/2021/CVE-2021-42887.yaml index 43a50c42b99..54c83bfae2b 100644 --- a/http/cves/2021/CVE-2021-42887.yaml +++ b/http/cves/2021/CVE-2021-42887.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-42887 cwe-id: CWE-287 - epss-score: 0.07357 - epss-percentile: 0.93441 + epss-score: 0.08034 + epss-percentile: 0.9414 cpe: cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5215:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-43062.yaml b/http/cves/2021/CVE-2021-43062.yaml index 1ca4c8662d6..e7d9c08ee7c 100644 --- a/http/cves/2021/CVE-2021-43062.yaml +++ b/http/cves/2021/CVE-2021-43062.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-43062 cwe-id: CWE-79 epss-score: 0.00709 - epss-percentile: 0.78348 + epss-percentile: 0.79992 cpe: cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-43421.yaml b/http/cves/2021/CVE-2021-43421.yaml index f2234cae8e1..7ba28e66ce4 100644 --- a/http/cves/2021/CVE-2021-43421.yaml +++ b/http/cves/2021/CVE-2021-43421.yaml @@ -14,13 +14,14 @@ info: - https://github.com/Studio-42/elFinder/issues/3429 - https://twitter.com/infosec_90/status/1455180286354919425 - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-43421 cwe-id: CWE-434 epss-score: 0.06629 - epss-percentile: 0.93112 + epss-percentile: 0.93651 cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-43510.yaml b/http/cves/2021/CVE-2021-43510.yaml index 5a7846147fe..61b0264a280 100644 --- a/http/cves/2021/CVE-2021-43510.yaml +++ b/http/cves/2021/CVE-2021-43510.yaml @@ -14,13 +14,15 @@ info: - https://github.com/r4hn1/Simple-Client-Management-System-Exploit/blob/main/CVE-2021-43510 - https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-43510 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/r4hn1/Simple-Client-Management-System-Exploit classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-43510 cwe-id: CWE-89 - epss-score: 0.03948 - epss-percentile: 0.91118 + epss-score: 0.03977 + epss-percentile: 0.9183 cpe: cpe:2.3:a:simple_client_management_system_project:simple_client_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-43574.yaml b/http/cves/2021/CVE-2021-43574.yaml index a3e813843b2..556b3edc8ec 100644 --- a/http/cves/2021/CVE-2021-43574.yaml +++ b/http/cves/2021/CVE-2021-43574.yaml @@ -15,13 +15,14 @@ info: - https://help.atmail.com/hc/en-us/sections/115003283988 - https://nvd.nist.gov/vuln/detail/CVE-2021-43574 - https://medium.com/%40bhattronit96/cve-2021-43574-696041dcab9e + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-43574 cwe-id: CWE-79 - epss-score: 0.0019 - epss-percentile: 0.5661 + epss-score: 0.00132 + epss-percentile: 0.47351 cpe: cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-43778.yaml b/http/cves/2021/CVE-2021-43778.yaml index fc4886ef44e..756fe6dba73 100644 --- a/http/cves/2021/CVE-2021-43778.yaml +++ b/http/cves/2021/CVE-2021-43778.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-43778 cwe-id: CWE-22 - epss-score: 0.68846 - epss-percentile: 0.97701 + epss-score: 0.53541 + epss-percentile: 0.97558 cpe: cpe:2.3:a:glpi-project:barcode:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-43798.yaml b/http/cves/2021/CVE-2021-43798.yaml index 3b949472876..ff3cb566c64 100644 --- a/http/cves/2021/CVE-2021-43798.yaml +++ b/http/cves/2021/CVE-2021-43798.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-43798 cwe-id: CWE-22 - epss-score: 0.97105 - epss-percentile: 0.99736 + epss-score: 0.97474 + epss-percentile: 0.99963 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-43810.yaml b/http/cves/2021/CVE-2021-43810.yaml index 15d1e9d192b..ca42f279f57 100644 --- a/http/cves/2021/CVE-2021-43810.yaml +++ b/http/cves/2021/CVE-2021-43810.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-43810 cwe-id: CWE-79 - epss-score: 0.00513 - epss-percentile: 0.74103 + epss-score: 0.00369 + epss-percentile: 0.72044 cpe: cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44077.yaml b/http/cves/2021/CVE-2021-44077.yaml index 7a4af9eb3af..3dc3add14f7 100644 --- a/http/cves/2021/CVE-2021-44077.yaml +++ b/http/cves/2021/CVE-2021-44077.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-44077 cwe-id: CWE-306 - epss-score: 0.97254 - epss-percentile: 0.99817 + epss-score: 0.97367 + epss-percentile: 0.99895 cpe: cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11138:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44138.yaml b/http/cves/2021/CVE-2021-44138.yaml index a2943d96017..2a139c15c89 100644 --- a/http/cves/2021/CVE-2021-44138.yaml +++ b/http/cves/2021/CVE-2021-44138.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-44138 cwe-id: CWE-22 - epss-score: 0.01291 - epss-percentile: 0.84342 + epss-score: 0.01258 + epss-percentile: 0.8528 cpe: cpe:2.3:a:caucho:resin:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-44152.yaml b/http/cves/2021/CVE-2021-44152.yaml index 6d099ba6676..46ba43cf895 100644 --- a/http/cves/2021/CVE-2021-44152.yaml +++ b/http/cves/2021/CVE-2021-44152.yaml @@ -15,13 +15,14 @@ info: - http://packetstormsecurity.com/files/165186/Reprise-License-Manager-14.2-Unauthenticated-Password-Change.html - https://nvd.nist.gov/vuln/detail/CVE-2021-44152 - https://www.reprisesoftware.com/RELEASE_NOTES + - https://github.com/anonymous364872/Rapier_Tool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-44152 cwe-id: CWE-306 - epss-score: 0.86597 - epss-percentile: 0.98335 + epss-score: 0.86031 + epss-percentile: 0.98489 cpe: cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-44427.yaml b/http/cves/2021/CVE-2021-44427.yaml index 444daefd369..037ef4d1582 100644 --- a/http/cves/2021/CVE-2021-44427.yaml +++ b/http/cves/2021/CVE-2021-44427.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-44427 cwe-id: CWE-89 - epss-score: 0.03504 - epss-percentile: 0.90641 + epss-score: 0.03844 + epss-percentile: 0.91709 cpe: cpe:2.3:a:rosariosis:rosariosis:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44529.yaml b/http/cves/2021/CVE-2021-44529.yaml index ca4f81f42d9..80105ecc0ae 100644 --- a/http/cves/2021/CVE-2021-44529.yaml +++ b/http/cves/2021/CVE-2021-44529.yaml @@ -14,13 +14,14 @@ info: - https://twitter.com/Dinosn/status/1505273954478530569 - https://nvd.nist.gov/vuln/detail/CVE-2021-44529 - http://packetstormsecurity.com/files/166383/Ivanti-Endpoint-Manager-CSA-4.5-4.6-Remote-Code-Execution.html + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-44529 cwe-id: CWE-94 - epss-score: 0.95206 - epss-percentile: 0.99171 + epss-score: 0.95621 + epss-percentile: 0.99362 cpe: cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44848.yaml b/http/cves/2021/CVE-2021-44848.yaml index 258f5826f77..b291931689d 100644 --- a/http/cves/2021/CVE-2021-44848.yaml +++ b/http/cves/2021/CVE-2021-44848.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-44848 cwe-id: CWE-203 - epss-score: 0.01603 - epss-percentile: 0.86093 + epss-score: 0.02038 + epss-percentile: 0.8871 cpe: cpe:2.3:a:cybelesoft:thinfinity_virtualui:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45092.yaml b/http/cves/2021/CVE-2021-45092.yaml index c6ff3ea4b39..843e01eea55 100644 --- a/http/cves/2021/CVE-2021-45092.yaml +++ b/http/cves/2021/CVE-2021-45092.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-45092 cwe-id: CWE-74 - epss-score: 0.0618 - epss-percentile: 0.92886 + epss-score: 0.05776 + epss-percentile: 0.93213 cpe: cpe:2.3:a:cybelesoft:thinfinity_virtualui:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45380.yaml b/http/cves/2021/CVE-2021-45380.yaml index 4123c0234be..a9e2446b548 100644 --- a/http/cves/2021/CVE-2021-45380.yaml +++ b/http/cves/2021/CVE-2021-45380.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-45380 cwe-id: CWE-79 epss-score: 0.00314 - epss-percentile: 0.67166 + epss-percentile: 0.69628 cpe: cpe:2.3:a:appcms:appcms:2.0.101:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45382.yaml b/http/cves/2021/CVE-2021-45382.yaml index 63a801fed5d..004f0cbbd44 100644 --- a/http/cves/2021/CVE-2021-45382.yaml +++ b/http/cves/2021/CVE-2021-45382.yaml @@ -12,13 +12,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-45382 - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10264 - https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_Command_injection.md#poc + - https://github.com/ARPSyndicate/cvemon + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-45382 cwe-id: CWE-78 - epss-score: 0.96871 - epss-percentile: 0.99639 + epss-score: 0.96989 + epss-percentile: 0.9972 cpe: cpe:2.3:o:dlink:dir-820l_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45428.yaml b/http/cves/2021/CVE-2021-45428.yaml index e0593f0f607..ccfa6dbe978 100644 --- a/http/cves/2021/CVE-2021-45428.yaml +++ b/http/cves/2021/CVE-2021-45428.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-45428 cwe-id: CWE-639 epss-score: 0.08441 - epss-percentile: 0.93836 + epss-percentile: 0.94265 cpe: cpe:2.3:o:telesquare:tlr-2005ksh_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-45967.yaml b/http/cves/2021/CVE-2021-45967.yaml index 628db15feb9..947d6568222 100644 --- a/http/cves/2021/CVE-2021-45967.yaml +++ b/http/cves/2021/CVE-2021-45967.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-45967 cwe-id: CWE-22 - epss-score: 0.74039 - epss-percentile: 0.97858 + epss-score: 0.72601 + epss-percentile: 0.98001 cpe: cpe:2.3:a:pascom:cloud_phone_system:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-46068.yaml b/http/cves/2021/CVE-2021-46068.yaml index b98001f02f7..8b554a3dfa6 100644 --- a/http/cves/2021/CVE-2021-46068.yaml +++ b/http/cves/2021/CVE-2021-46068.yaml @@ -15,13 +15,14 @@ info: - https://www.plsanu.com/vehicle-service-management-system-myaccount-stored-cross-site-scripting-xss - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-46068 + - https://github.com/zecool/cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2021-46068 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34831 + epss-percentile: 0.34354 cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46072.yaml b/http/cves/2021/CVE-2021-46072.yaml index bd67111b9b9..03292f9276c 100644 --- a/http/cves/2021/CVE-2021-46072.yaml +++ b/http/cves/2021/CVE-2021-46072.yaml @@ -15,13 +15,14 @@ info: - https://www.plsanu.com/vehicle-service-management-system-service-list-stored-cross-site-scripting-xss - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-46072 + - https://github.com/soosmile/POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2021-46072 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34831 + epss-percentile: 0.34354 cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46073.yaml b/http/cves/2021/CVE-2021-46073.yaml index 23f2585d511..2c5ed012d74 100644 --- a/http/cves/2021/CVE-2021-46073.yaml +++ b/http/cves/2021/CVE-2021-46073.yaml @@ -15,13 +15,14 @@ info: - https://www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-46073 + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2021-46073 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34831 + epss-percentile: 0.34354 cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46107.yaml b/http/cves/2021/CVE-2021-46107.yaml index 43da34147f9..23127565040 100644 --- a/http/cves/2021/CVE-2021-46107.yaml +++ b/http/cves/2021/CVE-2021-46107.yaml @@ -14,13 +14,15 @@ info: - https://raw.githubusercontent.com/Orange-Cyberdefense/CVE-repository/master/PoCs/POC_CVE-2021-46107.py - https://nvd.nist.gov/vuln/detail/CVE-2021-46107 - https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/ + - https://github.com/Transmetal/CVE-repository-master + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-46107 cwe-id: CWE-918 - epss-score: 0.01739 - epss-percentile: 0.86557 + epss-score: 0.01673 + epss-percentile: 0.87383 cpe: cpe:2.3:a:ligeo-archives:ligeo_basics:02_01-2022:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46379.yaml b/http/cves/2021/CVE-2021-46379.yaml index 5a99a217bab..6522980d6b5 100644 --- a/http/cves/2021/CVE-2021-46379.yaml +++ b/http/cves/2021/CVE-2021-46379.yaml @@ -14,13 +14,14 @@ info: - https://drive.google.com/file/d/1rrlwnIxSHEoO4SMAHRPKZSRzK5MwZQRf/view - https://www.dlink.com/en/security-bulletin - https://www.dlink.com/en/security-bulletin/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-46379 cwe-id: CWE-601 - epss-score: 0.00267 - epss-percentile: 0.64198 + epss-score: 0.00306 + epss-percentile: 0.69219 cpe: cpe:2.3:o:dlink:dir-850l_firmware:1.08trb03:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46381.yaml b/http/cves/2021/CVE-2021-46381.yaml index cbb9d7b6b18..e9d0636a2a0 100644 --- a/http/cves/2021/CVE-2021-46381.yaml +++ b/http/cves/2021/CVE-2021-46381.yaml @@ -14,13 +14,14 @@ info: - https://www.dlink.com/en/security-bulletin/ - https://nvd.nist.gov/vuln/detail/CVE-2021-46381 - http://packetstormsecurity.com/files/167070/DLINK-DAP-1620-A1-1.01-Directory-Traversal.html + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-46381 cwe-id: CWE-22 epss-score: 0.02202 - epss-percentile: 0.88284 + epss-percentile: 0.892 cpe: cpe:2.3:o:dlink:dap-1620_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-46422.yaml b/http/cves/2021/CVE-2021-46422.yaml index 7ea88c9f2b5..b3c8aaa47f5 100644 --- a/http/cves/2021/CVE-2021-46422.yaml +++ b/http/cves/2021/CVE-2021-46422.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-46422 cwe-id: CWE-78 - epss-score: 0.95223 - epss-percentile: 0.99177 + epss-score: 0.95567 + epss-percentile: 0.99348 cpe: cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46704.yaml b/http/cves/2021/CVE-2021-46704.yaml index becd313482e..abbf710fa78 100644 --- a/http/cves/2021/CVE-2021-46704.yaml +++ b/http/cves/2021/CVE-2021-46704.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-46704 cwe-id: CWE-78 - epss-score: 0.95412 - epss-percentile: 0.9923 + epss-score: 0.94392 + epss-percentile: 0.99153 cpe: cpe:2.3:a:genieacs:genieacs:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0087.yaml b/http/cves/2022/CVE-2022-0087.yaml index c991b35653c..cf97e63a606 100644 --- a/http/cves/2022/CVE-2022-0087.yaml +++ b/http/cves/2022/CVE-2022-0087.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-0087 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:keystonejs:keystone:*:*:*:*:*:node.js:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0140.yaml b/http/cves/2022/CVE-2022-0140.yaml index da1025a5e83..ff914eb8c63 100644 --- a/http/cves/2022/CVE-2022-0140.yaml +++ b/http/cves/2022/CVE-2022-0140.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336 - https://www.fortiguard.com/zeroday/FG-VD-21-082 - https://nvd.nist.gov/vuln/detail/cve-2022-0140 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-0140 cwe-id: CWE-306 epss-score: 0.00966 - epss-percentile: 0.81608 + epss-percentile: 0.8297 cpe: cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0149.yaml b/http/cves/2022/CVE-2022-0149.yaml index d2b16d5d6a6..9713a7de506 100644 --- a/http/cves/2022/CVE-2022-0149.yaml +++ b/http/cves/2022/CVE-2022-0149.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0149 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:visser:store_exporter_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0165.yaml b/http/cves/2022/CVE-2022-0165.yaml index 5a8bbbc7494..ab4f6c8f37d 100644 --- a/http/cves/2022/CVE-2022-0165.yaml +++ b/http/cves/2022/CVE-2022-0165.yaml @@ -12,13 +12,16 @@ info: reference: - https://wpscan.com/vulnerability/906d0c31-370e-46b4-af1f-e52fbddd00cb - https://nvd.nist.gov/vuln/detail/CVE-2022-0165 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/K3ysTr0K3R/CVE-2022-0165-EXPLOIT classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0165 cwe-id: CWE-601 epss-score: 0.001 - epss-percentile: 0.40839 + epss-percentile: 0.40148 cpe: cpe:2.3:a:king-theme:kingcomposer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0169.yaml b/http/cves/2022/CVE-2022-0169.yaml index 9174784f0db..0aa950aa5e7 100644 --- a/http/cves/2022/CVE-2022-0169.yaml +++ b/http/cves/2022/CVE-2022-0169.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0169 cwe-id: CWE-89 - epss-score: 0.01284 - epss-percentile: 0.84353 + epss-score: 0.01246 + epss-percentile: 0.85214 cpe: cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0189.yaml b/http/cves/2022/CVE-2022-0189.yaml index 013da77646e..335b1a4cba4 100644 --- a/http/cves/2022/CVE-2022-0189.yaml +++ b/http/cves/2022/CVE-2022-0189.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0189 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:wprssaggregator:wp_rss_aggregator:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0206.yaml b/http/cves/2022/CVE-2022-0206.yaml index 144ebaeba89..c0e0089db0e 100644 --- a/http/cves/2022/CVE-2022-0206.yaml +++ b/http/cves/2022/CVE-2022-0206.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/ce12437a-d440-4c4a-9247-95a8f39d00b9 - https://wordpress.org/plugins/newstatpress - https://nvd.nist.gov/vuln/detail/CVE-2022-0206 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0206 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0208.yaml b/http/cves/2022/CVE-2022-0208.yaml index 1e80694b027..ce4b050c017 100644 --- a/http/cves/2022/CVE-2022-0208.yaml +++ b/http/cves/2022/CVE-2022-0208.yaml @@ -13,13 +13,15 @@ info: reference: - https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc - https://nvd.nist.gov/vuln/detail/CVE-2022-0208 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0208 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0212.yaml b/http/cves/2022/CVE-2022-0212.yaml index 6fe087af196..c9a4417ac43 100644 --- a/http/cves/2022/CVE-2022-0212.yaml +++ b/http/cves/2022/CVE-2022-0212.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-0212 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35806 + epss-percentile: 0.35299 cpe: cpe:2.3:a:10web:spidercalendar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0218.yaml b/http/cves/2022/CVE-2022-0218.yaml index 64826555582..745ddfc5d31 100644 --- a/http/cves/2022/CVE-2022-0218.yaml +++ b/http/cves/2022/CVE-2022-0218.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/wp-html-mail/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0218 - https://plugins.trac.wordpress.org/changeset/2656984/wp-html-mail/trunk/includes/class-template-designer.php + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0218 cwe-id: CWE-79 epss-score: 0.03872 - epss-percentile: 0.91041 + epss-percentile: 0.9173 cpe: cpe:2.3:a:codemiq:wordpress_email_template_designer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0228.yaml b/http/cves/2022/CVE-2022-0228.yaml index 92633720c9b..0c085007458 100644 --- a/http/cves/2022/CVE-2022-0228.yaml +++ b/http/cves/2022/CVE-2022-0228.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/22facac2-52f4-4e5f-be59-1d2934b260d9 - https://nvd.nist.gov/vuln/detail/CVE-2022-0228 - https://plugins.trac.wordpress.org/changeset/2659117 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-0228 cwe-id: CWE-89 - epss-score: 0.03432 - epss-percentile: 0.90525 + epss-score: 0.03069 + epss-percentile: 0.90788 cpe: cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0234.yaml b/http/cves/2022/CVE-2022-0234.yaml index d285c9becbb..78074da5eea 100644 --- a/http/cves/2022/CVE-2022-0234.yaml +++ b/http/cves/2022/CVE-2022-0234.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0234 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:pluginus:woocs:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0271.yaml b/http/cves/2022/CVE-2022-0271.yaml index 752f34beaf3..49ae3c6d22e 100644 --- a/http/cves/2022/CVE-2022-0271.yaml +++ b/http/cves/2022/CVE-2022-0271.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/ad07d9cd-8a75-4f7c-bbbe-3b6b89b699f2 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0271 - https://nvd.nist.gov/vuln/detail/cve-2022-0271 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0271 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0288.yaml b/http/cves/2022/CVE-2022-0288.yaml index 9b223fd7360..6d48cfffff3 100644 --- a/http/cves/2022/CVE-2022-0288.yaml +++ b/http/cves/2022/CVE-2022-0288.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42 - https://nvd.nist.gov/vuln/detail/CVE-2022-0288 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0288 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:ad_inserter_pro_project:ad_inserter_pro:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0342.yaml b/http/cves/2022/CVE-2022-0342.yaml index b409fe15fdb..76542b8a433 100644 --- a/http/cves/2022/CVE-2022-0342.yaml +++ b/http/cves/2022/CVE-2022-0342.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0342 cwe-id: CWE-287 - epss-score: 0.07467 - epss-percentile: 0.93479 + epss-score: 0.08015 + epss-percentile: 0.94132 cpe: cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0346.yaml b/http/cves/2022/CVE-2022-0346.yaml index 9c75cde5fb5..3912dea94c3 100644 --- a/http/cves/2022/CVE-2022-0346.yaml +++ b/http/cves/2022/CVE-2022-0346.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0346 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36967 + epss-percentile: 0.36353 cpe: cpe:2.3:a:xmlsitemapgenerator:xml_sitemap_generator:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0349.yaml b/http/cves/2022/CVE-2022-0349.yaml index 7b819cc902e..c80ba869245 100644 --- a/http/cves/2022/CVE-2022-0349.yaml +++ b/http/cves/2022/CVE-2022-0349.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a - https://wordpress.org/plugins/notificationx/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0349 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0349 cwe-id: CWE-89 - epss-score: 0.03383 - epss-percentile: 0.90457 + epss-score: 0.02414 + epss-percentile: 0.89687 cpe: cpe:2.3:a:wpdeveloper:notificationx:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0378.yaml b/http/cves/2022/CVE-2022-0378.yaml index 744a4e985c0..fc81417d588 100644 --- a/http/cves/2022/CVE-2022-0378.yaml +++ b/http/cves/2022/CVE-2022-0378.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-0378 - https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce - https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31 + - https://github.com/vohvelikissa/bugbouncing + - https://github.com/x86trace/Oneliners classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-0378 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0381.yaml b/http/cves/2022/CVE-2022-0381.yaml index 35b88759fde..1e407e664c4 100644 --- a/http/cves/2022/CVE-2022-0381.yaml +++ b/http/cves/2022/CVE-2022-0381.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0381 cwe-id: CWE-79 epss-score: 0.00218 - epss-percentile: 0.59831 + epss-percentile: 0.59134 cpe: cpe:2.3:a:embed_swagger_project:embed_swagger:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0412.yaml b/http/cves/2022/CVE-2022-0412.yaml index 137771e389c..4005ccd3ac2 100644 --- a/http/cves/2022/CVE-2022-0412.yaml +++ b/http/cves/2022/CVE-2022-0412.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0412 cwe-id: CWE-89 - epss-score: 0.09127 - epss-percentile: 0.94083 + epss-score: 0.10259 + epss-percentile: 0.94816 cpe: cpe:2.3:a:templateinvaders:ti_woocommerce_wishlist:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0422.yaml b/http/cves/2022/CVE-2022-0422.yaml index 1c4773ec94f..9eef7fae6cc 100644 --- a/http/cves/2022/CVE-2022-0422.yaml +++ b/http/cves/2022/CVE-2022-0422.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0422 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:videousermanuals:white_label_cms:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0432.yaml b/http/cves/2022/CVE-2022-0432.yaml index caa89a262fc..b57cc183867 100644 --- a/http/cves/2022/CVE-2022-0432.yaml +++ b/http/cves/2022/CVE-2022-0432.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0432 cwe-id: CWE-1321 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0533.yaml b/http/cves/2022/CVE-2022-0533.yaml index 1f8c906db97..7127ab1807f 100644 --- a/http/cves/2022/CVE-2022-0533.yaml +++ b/http/cves/2022/CVE-2022-0533.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-0533 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:metaphorcreations:ditty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0535.yaml b/http/cves/2022/CVE-2022-0535.yaml index 47812d3461a..6c74cebd346 100644 --- a/http/cves/2022/CVE-2022-0535.yaml +++ b/http/cves/2022/CVE-2022-0535.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0535 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34822 + epss-percentile: 0.34344 cpe: cpe:2.3:a:e2pdf:e2pdf:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0540.yaml b/http/cves/2022/CVE-2022-0540.yaml index 29781d47374..41d08e32eb6 100644 --- a/http/cves/2022/CVE-2022-0540.yaml +++ b/http/cves/2022/CVE-2022-0540.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0540 cwe-id: CWE-287 - epss-score: 0.25982 - epss-percentile: 0.96297 + epss-score: 0.2507 + epss-percentile: 0.96565 cpe: cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0594.yaml b/http/cves/2022/CVE-2022-0594.yaml index 4299984851d..c97f1215aba 100644 --- a/http/cves/2022/CVE-2022-0594.yaml +++ b/http/cves/2022/CVE-2022-0594.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-0594 cwe-id: CWE-863 - epss-score: 0.0025 - epss-percentile: 0.63027 + epss-score: 0.00188 + epss-percentile: 0.55305 cpe: cpe:2.3:a:shareaholic:shareaholic:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0595.yaml b/http/cves/2022/CVE-2022-0595.yaml index 6f7d25afc81..56fb7e108e2 100644 --- a/http/cves/2022/CVE-2022-0595.yaml +++ b/http/cves/2022/CVE-2022-0595.yaml @@ -13,13 +13,15 @@ info: reference: - https://wpscan.com/vulnerability/1b849957-eaca-47ea-8f84-23a3a98cc8de - https://plugins.trac.wordpress.org/changeset/2686614 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-0595 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41202 + epss-percentile: 0.40538 cpe: cpe:2.3:a:codedropz:drag_and_drop_multiple_file_upload_-_contact_form_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0599.yaml b/http/cves/2022/CVE-2022-0599.yaml index b2898d83fd2..890bd9c26d4 100644 --- a/http/cves/2022/CVE-2022-0599.yaml +++ b/http/cves/2022/CVE-2022-0599.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0599 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:mapping_multiple_urls_redirect_same_page_project:mapping_multiple_urls_redirect_same_page:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0658.yaml b/http/cves/2022/CVE-2022-0658.yaml index 02721bfd0b6..6a22b416c23 100644 --- a/http/cves/2022/CVE-2022-0658.yaml +++ b/http/cves/2022/CVE-2022-0658.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/d7f0805a-61ce-454a-96fb-5ecacd767578 - https://wordpress.org/plugins/commonsbooking/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0658 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0658 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90761 + epss-score: 0.04032 + epss-percentile: 0.91879 cpe: cpe:2.3:a:wielebenwir:commonsbooking:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0678.yaml b/http/cves/2022/CVE-2022-0678.yaml index 827145d7341..89367a99aef 100644 --- a/http/cves/2022/CVE-2022-0678.yaml +++ b/http/cves/2022/CVE-2022-0678.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-0678 cwe-id: CWE-79 - epss-score: 0.00143 - epss-percentile: 0.50027 + epss-score: 0.00138 + epss-percentile: 0.48373 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0679.yaml b/http/cves/2022/CVE-2022-0679.yaml index 393eee8c2d7..55bf9474572 100644 --- a/http/cves/2022/CVE-2022-0679.yaml +++ b/http/cves/2022/CVE-2022-0679.yaml @@ -13,13 +13,16 @@ info: reference: - https://wpscan.com/vulnerability/0ea79eb1-6561-4c21-a20b-a1870863b0a8 - https://nvd.nist.gov/vuln/detail/CVE-2022-0679 + - https://github.com/cyllective/CVEs + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0679 cwe-id: CWE-22 epss-score: 0.03099 - epss-percentile: 0.90037 + epss-percentile: 0.90827 cpe: cpe:2.3:a:narnoo_distributor_project:narnoo_distributor:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0692.yaml b/http/cves/2022/CVE-2022-0692.yaml index ba7fb320567..e846d9c54ae 100644 --- a/http/cves/2022/CVE-2022-0692.yaml +++ b/http/cves/2022/CVE-2022-0692.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0692 cwe-id: CWE-601 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:alltube_project:alltube:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0747.yaml b/http/cves/2022/CVE-2022-0747.yaml index 7a96e0a8d9a..be955098690 100644 --- a/http/cves/2022/CVE-2022-0747.yaml +++ b/http/cves/2022/CVE-2022-0747.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/infographic-and-list-builder-ilist/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0747 - https://plugins.trac.wordpress.org/changeset/2684336 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0747 cwe-id: CWE-89 - epss-score: 0.03399 - epss-percentile: 0.9048 + epss-score: 0.02705 + epss-percentile: 0.90254 cpe: cpe:2.3:a:quantumcloud:infographic_maker:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0769.yaml b/http/cves/2022/CVE-2022-0769.yaml index 9e180d51c27..9b35b8eb81c 100644 --- a/http/cves/2022/CVE-2022-0769.yaml +++ b/http/cves/2022/CVE-2022-0769.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/users-ultra/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0769 - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0769 cwe-id: CWE-89 epss-score: 0.02977 - epss-percentile: 0.89892 + epss-percentile: 0.90654 cpe: cpe:2.3:a:usersultra:users_ultra:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0776.yaml b/http/cves/2022/CVE-2022-0776.yaml index 03311a84ebd..c32b9e823a7 100644 --- a/http/cves/2022/CVE-2022-0776.yaml +++ b/http/cves/2022/CVE-2022-0776.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0776 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40075 + epss-percentile: 0.40139 cpe: cpe:2.3:a:revealjs:reveal.js:*:*:*:*:*:node.js:*:* metadata: vendor: revealjs diff --git a/http/cves/2022/CVE-2022-0781.yaml b/http/cves/2022/CVE-2022-0781.yaml index e591467e795..174d9480a9c 100644 --- a/http/cves/2022/CVE-2022-0781.yaml +++ b/http/cves/2022/CVE-2022-0781.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/1a8f9c7b-a422-4f45-a516-c3c14eb05161 - https://wordpress.org/plugins/nirweb-support/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0781 + - https://github.com/cyllective/CVEs + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0781 cwe-id: CWE-89 - epss-score: 0.01619 - epss-percentile: 0.86091 + epss-score: 0.01147 + epss-percentile: 0.84479 cpe: cpe:2.3:a:nirweb:nirweb_support:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0784.yaml b/http/cves/2022/CVE-2022-0784.yaml index 29d42210cc2..ba36240c2d3 100644 --- a/http/cves/2022/CVE-2022-0784.yaml +++ b/http/cves/2022/CVE-2022-0784.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f - https://wordpress.org/plugins/wp-experiments-free/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0784 + - https://github.com/cyllective/CVEs + - https://github.com/superlink996/chunqiuyunjingbachang classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0784 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90761 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:title_experiments_free_project:title_experiments_free:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0785.yaml b/http/cves/2022/CVE-2022-0785.yaml index 384503a4608..8d63b1e2b35 100644 --- a/http/cves/2022/CVE-2022-0785.yaml +++ b/http/cves/2022/CVE-2022-0785.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255 - https://wordpress.org/plugins/daily-prayer-time-for-mosques/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0785 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0785 cwe-id: CWE-89 - epss-score: 0.05057 - epss-percentile: 0.92125 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0786.yaml b/http/cves/2022/CVE-2022-0786.yaml index 4f0fd3feb82..c81c3249925 100644 --- a/http/cves/2022/CVE-2022-0786.yaml +++ b/http/cves/2022/CVE-2022-0786.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0786 cwe-id: CWE-89 - epss-score: 0.03032 - epss-percentile: 0.89973 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:iqonic:kivicare:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0787.yaml b/http/cves/2022/CVE-2022-0787.yaml index 176d11adc5a..bb6b26927d9 100644 --- a/http/cves/2022/CVE-2022-0787.yaml +++ b/http/cves/2022/CVE-2022-0787.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/69329a8a-2cbe-4f99-a367-b152bd85b3dd - https://wordpress.org/plugins/wp-limit-failed-login-attempts/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0787 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0787 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90796 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:limit_login_attempts_project:limit_login_attempts:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0788.yaml b/http/cves/2022/CVE-2022-0788.yaml index 03e09dc690d..5ff25107645 100644 --- a/http/cves/2022/CVE-2022-0788.yaml +++ b/http/cves/2022/CVE-2022-0788.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828 - https://wordpress.org/plugins/wp-fundraising-donation/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0788 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0788 cwe-id: CWE-89 - epss-score: 0.03032 - epss-percentile: 0.89931 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:wpmet:wp_fundraising_donation_and_crowdfunding_platform:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0814.yaml b/http/cves/2022/CVE-2022-0814.yaml index 8808bfca0e7..cbc13d26ce9 100644 --- a/http/cves/2022/CVE-2022-0814.yaml +++ b/http/cves/2022/CVE-2022-0814.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/fd84dc08-0079-4fcf-81c3-a61d652e3269 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0814 - https://wordpress.org/plugins/ubigeo-peru/ + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0814 cwe-id: CWE-89 - epss-score: 0.05057 - epss-percentile: 0.92125 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:ubigeo_de_peru_para_woocommerce_project:ubigeo_de_peru_para_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0817.yaml b/http/cves/2022/CVE-2022-0817.yaml index f71ebd95568..751ae0a1dcf 100644 --- a/http/cves/2022/CVE-2022-0817.yaml +++ b/http/cves/2022/CVE-2022-0817.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0817 cwe-id: CWE-89 - epss-score: 0.05057 - epss-percentile: 0.92143 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:badgeos:badgeos:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0827.yaml b/http/cves/2022/CVE-2022-0827.yaml index e1f7fd7fbb3..7635cac8f1b 100644 --- a/http/cves/2022/CVE-2022-0827.yaml +++ b/http/cves/2022/CVE-2022-0827.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/0d208ebc-7805-457b-aa5f-ffd5adb2f3be - https://wordpress.org/plugins/bestbooks/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0827 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0827 cwe-id: CWE-89 - epss-score: 0.03032 - epss-percentile: 0.89931 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:presspage:bestbooks:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0864.yaml b/http/cves/2022/CVE-2022-0864.yaml index 15774cd9090..cb1bf9b07ba 100644 --- a/http/cves/2022/CVE-2022-0864.yaml +++ b/http/cves/2022/CVE-2022-0864.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0864 - https://wordpress.org/plugins/updraftplus + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0864 cwe-id: CWE-79 epss-score: 0.00242 - epss-percentile: 0.62097 + epss-percentile: 0.63565 cpe: cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0867.yaml b/http/cves/2022/CVE-2022-0867.yaml index 8469159d937..7d22b8eec5f 100644 --- a/http/cves/2022/CVE-2022-0867.yaml +++ b/http/cves/2022/CVE-2022-0867.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494 - https://wordpress.org/plugins/arprice-responsive-pricing-table/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0867 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0867 cwe-id: CWE-89 epss-score: 0.09183 - epss-percentile: 0.94075 + epss-percentile: 0.9451 cpe: cpe:2.3:a:reputeinfosystems:pricing_table:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0869.yaml b/http/cves/2022/CVE-2022-0869.yaml index d7c4b3c55ba..62a2b646ca9 100644 --- a/http/cves/2022/CVE-2022-0869.yaml +++ b/http/cves/2022/CVE-2022-0869.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-0869 cwe-id: CWE-601 epss-score: 0.00115 - epss-percentile: 0.4495 + epss-percentile: 0.4417 cpe: cpe:2.3:a:spirit-project:spirit:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2022/CVE-2022-0870.yaml b/http/cves/2022/CVE-2022-0870.yaml index 9fbfb000a25..31f3cedb71e 100644 --- a/http/cves/2022/CVE-2022-0870.yaml +++ b/http/cves/2022/CVE-2022-0870.yaml @@ -13,13 +13,15 @@ info: - https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb - https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531 - https://nvd.nist.gov/vuln/detail/CVE-2022-0870 + - https://github.com/cokeBeer/go-cves + - https://github.com/michaellrowley/michaellrowley classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-0870 cwe-id: CWE-918 - epss-score: 0.00197 - epss-percentile: 0.57573 + epss-score: 0.00179 + epss-percentile: 0.54242 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0899.yaml b/http/cves/2022/CVE-2022-0899.yaml index 92c072806d5..f353d77390d 100644 --- a/http/cves/2022/CVE-2022-0899.yaml +++ b/http/cves/2022/CVE-2022-0899.yaml @@ -14,8 +14,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-0899 cwe-id: CWE-79 - epss-score: 0.00141 - epss-percentile: 0.49748 + epss-score: 0.00106 + epss-percentile: 0.42122 cpe: cpe:2.3:a:draftpress:header_footer_code_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0949.yaml b/http/cves/2022/CVE-2022-0949.yaml index b2f41458f30..526fb4e0ae9 100644 --- a/http/cves/2022/CVE-2022-0949.yaml +++ b/http/cves/2022/CVE-2022-0949.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0949 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90796 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:stopbadbots:block_and_stop_bad_bots:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0952.yaml b/http/cves/2022/CVE-2022-0952.yaml index 61b52b3c4c3..9639a43c006 100644 --- a/http/cves/2022/CVE-2022-0952.yaml +++ b/http/cves/2022/CVE-2022-0952.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-0952 cwe-id: CWE-352 - epss-score: 0.08361 - epss-percentile: 0.93809 + epss-score: 0.33816 + epss-percentile: 0.96965 cpe: cpe:2.3:a:sitemap_project:sitemap:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0968.yaml b/http/cves/2022/CVE-2022-0968.yaml index 39a0c59a712..77dfbdd5344 100644 --- a/http/cves/2022/CVE-2022-0968.yaml +++ b/http/cves/2022/CVE-2022-0968.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0968 cwe-id: CWE-190 epss-score: 0.00076 - epss-percentile: 0.31127 + epss-percentile: 0.30933 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-1007.yaml b/http/cves/2022/CVE-2022-1007.yaml index 0562ae5366d..630f9b38442 100644 --- a/http/cves/2022/CVE-2022-1007.yaml +++ b/http/cves/2022/CVE-2022-1007.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/advanced-booking-calendar/ - https://nvd.nist.gov/vuln/detail/cve-2022-1007 - https://plugins.trac.wordpress.org/changeset/2695427 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1007 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:elbtide:advanced_booking_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1013.yaml b/http/cves/2022/CVE-2022-1013.yaml index cd1ea311dfe..9776ea8c5ca 100644 --- a/http/cves/2022/CVE-2022-1013.yaml +++ b/http/cves/2022/CVE-2022-1013.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d - https://wordpress.org/plugins/personal-dictionary/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1013 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1013 cwe-id: CWE-89 - epss-score: 0.02036 - epss-percentile: 0.87728 + epss-score: 0.02031 + epss-percentile: 0.88685 cpe: cpe:2.3:a:ays-pro:personal_dictionary:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1040.yaml b/http/cves/2022/CVE-2022-1040.yaml index 3f5d531e56a..1acb83212ab 100644 --- a/http/cves/2022/CVE-2022-1040.yaml +++ b/http/cves/2022/CVE-2022-1040.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-1040 cwe-id: CWE-287 - epss-score: 0.97067 - epss-percentile: 0.99719 + epss-score: 0.97434 + epss-percentile: 0.99939 cpe: cpe:2.3:o:sophos:sfos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1054.yaml b/http/cves/2022/CVE-2022-1054.yaml index cc4d53c0a7d..3eabb8c9b95 100644 --- a/http/cves/2022/CVE-2022-1054.yaml +++ b/http/cves/2022/CVE-2022-1054.yaml @@ -11,13 +11,15 @@ info: Update the WordPress RSVP and Event Management plugin to version 2.7.8 or later. reference: - https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-1054 cwe-id: CWE-862 epss-score: 0.00292 - epss-percentile: 0.65845 + epss-percentile: 0.68538 cpe: cpe:2.3:a:wpchill:rsvp_and_event_management:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1057.yaml b/http/cves/2022/CVE-2022-1057.yaml index 567c31cdc6d..27a3611f71d 100644 --- a/http/cves/2022/CVE-2022-1057.yaml +++ b/http/cves/2022/CVE-2022-1057.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/7c33ffc3-84d1-4a0f-a837-794cdc3ad243 - https://wordpress.org/plugins/pricing-deals-for-woocommerce/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1057 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1057 cwe-id: CWE-89 - epss-score: 0.02409 - epss-percentile: 0.88812 + epss-score: 0.05057 + epss-percentile: 0.92729 cpe: cpe:2.3:a:varktech:pricing_deals_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1119.yaml b/http/cves/2022/CVE-2022-1119.yaml index 76d4e671bfc..21ba3faee68 100644 --- a/http/cves/2022/CVE-2022-1119.yaml +++ b/http/cves/2022/CVE-2022-1119.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1119 cwe-id: CWE-22 epss-score: 0.42222 - epss-percentile: 0.96983 + epss-percentile: 0.97228 cpe: cpe:2.3:a:simplefilelist:simple-file-list:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1162.yaml b/http/cves/2022/CVE-2022-1162.yaml index c2fb606cc32..a1aa0bd0998 100644 --- a/http/cves/2022/CVE-2022-1162.yaml +++ b/http/cves/2022/CVE-2022-1162.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-1162 cwe-id: CWE-798 - epss-score: 0.19954 - epss-percentile: 0.95889 + epss-score: 0.24455 + epss-percentile: 0.96514 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1168.yaml b/http/cves/2022/CVE-2022-1168.yaml index 483b4ada35e..f7f866c0c8e 100644 --- a/http/cves/2022/CVE-2022-1168.yaml +++ b/http/cves/2022/CVE-2022-1168.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490 - https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856 - https://nvd.nist.gov/vuln/detail/CVE-2022-1168 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1168 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:eyecix:jobsearch_wp_job_board:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1170.yaml b/http/cves/2022/CVE-2022-1170.yaml index 8fa2d46aae3..f6d7ad959f2 100644 --- a/http/cves/2022/CVE-2022-1170.yaml +++ b/http/cves/2022/CVE-2022-1170.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2022-1170 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:nootheme:jobmonster:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1329.yaml b/http/cves/2022/CVE-2022-1329.yaml index ab88dc72a65..d3581bb8f68 100644 --- a/http/cves/2022/CVE-2022-1329.yaml +++ b/http/cves/2022/CVE-2022-1329.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/elementor/ - https://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding/module.php - https://nvd.nist.gov/vuln/detail/CVE-2022-1329 + - https://github.com/dexit/CVE-2022-1329 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-1329 - cwe-id: CWE-434,CWE-862 - epss-score: 0.96427 - epss-percentile: 0.99471 + cwe-id: CWE-862,CWE-434 + epss-score: 0.96079 + epss-percentile: 0.99457 cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1386.yaml b/http/cves/2022/CVE-2022-1386.yaml index 57a354adc03..007f11c5771 100644 --- a/http/cves/2022/CVE-2022-1386.yaml +++ b/http/cves/2022/CVE-2022-1386.yaml @@ -15,18 +15,19 @@ info: - https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/ - https://theme-fusion.com/version-7-6-2-security-update/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1386 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1386 cwe-id: CWE-918 - epss-score: 0.34969 - epss-percentile: 0.96732 - cpe: cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:wordpress:*:* + epss-score: 0.32824 + epss-percentile: 0.96921 + cpe: cpe:2.3:a:fusion_builder_project:fusion_builder:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 - vendor: theme-fusion - product: avada + vendor: fusion_builder_project + product: fusion_builder framework: wordpress tags: cve,cve2022,wpscan,wordpress,ssrf,themefusion,wp,fusion,avada,intrusive,theme-fusion diff --git a/http/cves/2022/CVE-2022-1388.yaml b/http/cves/2022/CVE-2022-1388.yaml index e0915f1d227..063d5dbf775 100644 --- a/http/cves/2022/CVE-2022-1388.yaml +++ b/http/cves/2022/CVE-2022-1388.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-1388 cwe-id: CWE-306 - epss-score: 0.97318 - epss-percentile: 0.99863 + epss-score: 0.97477 + epss-percentile: 0.99964 cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1390.yaml b/http/cves/2022/CVE-2022-1390.yaml index 058d410405b..148be8bb9c3 100644 --- a/http/cves/2022/CVE-2022-1390.yaml +++ b/http/cves/2022/CVE-2022-1390.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1390 cwe-id: CWE-22 epss-score: 0.96052 - epss-percentile: 0.99371 + epss-percentile: 0.99452 cpe: cpe:2.3:a:admin_word_count_column_project:admin_word_count_column:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1391.yaml b/http/cves/2022/CVE-2022-1391.yaml index e2b712cee1a..b97dc90857e 100644 --- a/http/cves/2022/CVE-2022-1391.yaml +++ b/http/cves/2022/CVE-2022-1391.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1391 cwe-id: CWE-22 epss-score: 0.03037 - epss-percentile: 0.89994 + epss-percentile: 0.9075 cpe: cpe:2.3:a:kanev:cab_fare_calculator:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1398.yaml b/http/cves/2022/CVE-2022-1398.yaml index 42a47d17ceb..6fc2483ed80 100644 --- a/http/cves/2022/CVE-2022-1398.yaml +++ b/http/cves/2022/CVE-2022-1398.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2022-1398 cwe-id: CWE-918 - epss-score: 0.00725 - epss-percentile: 0.78658 + epss-score: 0.00516 + epss-percentile: 0.76247 cpe: cpe:2.3:a:external_media_without_import_project:external_media_without_import:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1439.yaml b/http/cves/2022/CVE-2022-1439.yaml index 9f975d5ebcd..42fd001e5c3 100644 --- a/http/cves/2022/CVE-2022-1439.yaml +++ b/http/cves/2022/CVE-2022-1439.yaml @@ -14,13 +14,14 @@ info: - https://huntr.dev/bounties/86f6a762-0f3d-443d-a676-20f8496907e0 - https://github.com/microweber/microweber/commit/ad3928f67b2cd4443f4323d858b666d35a919ba8 - https://nvd.nist.gov/vuln/detail/CVE-2022-1439 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1439 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1574.yaml b/http/cves/2022/CVE-2022-1574.yaml index ba386232a78..27a6c2cadf9 100644 --- a/http/cves/2022/CVE-2022-1574.yaml +++ b/http/cves/2022/CVE-2022-1574.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14 - https://wordpress.org/plugins/html2wp/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1574 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1574 cwe-id: CWE-352 - epss-score: 0.04337 - epss-percentile: 0.91477 + epss-score: 0.03019 + epss-percentile: 0.90712 cpe: cpe:2.3:a:html2wp_project:html2wp:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1597.yaml b/http/cves/2022/CVE-2022-1597.yaml index c37fcfdc87d..5f20fe63459 100644 --- a/http/cves/2022/CVE-2022-1597.yaml +++ b/http/cves/2022/CVE-2022-1597.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1597 cwe-id: CWE-79 epss-score: 0.00188 - epss-percentile: 0.5634 + epss-percentile: 0.55258 cpe: cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1598.yaml b/http/cves/2022/CVE-2022-1598.yaml index 1197b9635dd..0ad0bcfa85b 100644 --- a/http/cves/2022/CVE-2022-1598.yaml +++ b/http/cves/2022/CVE-2022-1598.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1598 - https://nvd.nist.gov/vuln/detail/CVE-2022-1598 + - https://github.com/20142995/Goby + - https://github.com/WhooAmii/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-1598 cwe-id: CWE-306 - epss-score: 0.01562 - epss-percentile: 0.85821 + epss-score: 0.01171 + epss-percentile: 0.84672 cpe: cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1609.yaml b/http/cves/2022/CVE-2022-1609.yaml index 72e27f8fea2..ad106442c70 100644 --- a/http/cves/2022/CVE-2022-1609.yaml +++ b/http/cves/2022/CVE-2022-1609.yaml @@ -12,14 +12,23 @@ info: reference: - https://wpscan.com/vulnerability/e2d546c9-85b6-47a4-b951-781b9ae5d0f2 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1609 + - https://github.com/nastar-id/WP-school-management-RCE + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/0x007f/cve-2022-1609-exploit classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-1609 - cwe-id: CWE-77 + cwe-id: CWE-94 + epss-score: 0.11941 + epss-percentile: 0.95204 + cpe: cpe:2.3:a:weblizar:school_management:*:*:*:*:pro:wordpress:*:* metadata: verified: false max-request: 1 + vendor: weblizar + product: school_management + framework: wordpress tags: cve,cve2022,rce,wp,backdoor,wpscan,wordpress variables: cmd: "echo CVE-2022-1609 | rev" diff --git a/http/cves/2022/CVE-2022-1713.yaml b/http/cves/2022/CVE-2022-1713.yaml index 6fd60675eaf..4fffc8d7600 100644 --- a/http/cves/2022/CVE-2022-1713.yaml +++ b/http/cves/2022/CVE-2022-1713.yaml @@ -14,13 +14,14 @@ info: - https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11 - https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee - https://nvd.nist.gov/vuln/detail/CVE-2022-1713 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-1713 cwe-id: CWE-918 epss-score: 0.0258 - epss-percentile: 0.89152 + epss-percentile: 0.90003 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1724.yaml b/http/cves/2022/CVE-2022-1724.yaml index 230aa8a3be0..7037c42af5e 100644 --- a/http/cves/2022/CVE-2022-1724.yaml +++ b/http/cves/2022/CVE-2022-1724.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-1724 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1724 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1815.yaml b/http/cves/2022/CVE-2022-1815.yaml index 5c45250bdf6..dc263b27f52 100644 --- a/http/cves/2022/CVE-2022-1815.yaml +++ b/http/cves/2022/CVE-2022-1815.yaml @@ -15,13 +15,14 @@ info: - https://huntr.dev/bounties/6e856a25-9117-47c6-9375-52f78876902f - https://github.com/jgraph/drawio/commit/c287bef9101d024b1fd59d55ecd530f25000f9d8 - https://nvd.nist.gov/vuln/detail/CVE-2022-1815 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-1815 - cwe-id: CWE-200,CWE-918 + cwe-id: CWE-918,CWE-200 epss-score: 0.02327 - epss-percentile: 0.88615 + epss-percentile: 0.89496 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1883.yaml b/http/cves/2022/CVE-2022-1883.yaml index 9f1b154e2c5..6fbac40edc8 100644 --- a/http/cves/2022/CVE-2022-1883.yaml +++ b/http/cves/2022/CVE-2022-1883.yaml @@ -15,13 +15,14 @@ info: - https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc - https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7 - https://nvd.nist.gov/vuln/detail/CVE-2022-1883 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-1883 cwe-id: CWE-89 epss-score: 0.1005 - epss-percentile: 0.94357 + epss-percentile: 0.94774 cpe: cpe:2.3:a:camptocamp:terraboard:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1904.yaml b/http/cves/2022/CVE-2022-1904.yaml index a3aa9b12cc1..3fc634794a7 100644 --- a/http/cves/2022/CVE-2022-1904.yaml +++ b/http/cves/2022/CVE-2022-1904.yaml @@ -13,13 +13,16 @@ info: reference: - https://wpscan.com/vulnerability/92215d07-d129-49b4-a838-0de1a944c06b - https://nvd.nist.gov/vuln/detail/CVE-2022-1904 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1904 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40609 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:fatcatapps:easy_pricing_tables:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1906.yaml b/http/cves/2022/CVE-2022-1906.yaml index bc34fd728dd..61be7deda31 100644 --- a/http/cves/2022/CVE-2022-1906.yaml +++ b/http/cves/2022/CVE-2022-1906.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/af4f459e-e60b-4384-aad9-0dc18aa3b338 - https://nvd.nist.gov/vuln/detail/CVE-2022-1906 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1906 cwe-id: CWE-79 - epss-score: 0.00115 - epss-percentile: 0.45124 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:digiprove:copyright_proof:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1916.yaml b/http/cves/2022/CVE-2022-1916.yaml index 7b8932c612e..4b4ed5e82de 100644 --- a/http/cves/2022/CVE-2022-1916.yaml +++ b/http/cves/2022/CVE-2022-1916.yaml @@ -13,18 +13,20 @@ info: reference: - https://wpscan.com/vulnerability/d16a0c3d-4318-4ecd-9e65-fc4165af8808 - https://nvd.nist.gov/vuln/detail/CVE-2022-1916 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1916 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40609 - cpe: cpe:2.3:a:pluginus:active_products_tables_for_woocommerce:*:*:*:*:*:wordpress:*:* + epss-score: 0.00086 + epss-percentile: 0.35299 + cpe: cpe:2.3:a:pluginus:woot:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 vendor: pluginus - product: active_products_tables_for_woocommerce + product: woot framework: wordpress tags: cve,cve2022,wordpress,wp-plugin,xss,wpscan,wp,pluginus diff --git a/http/cves/2022/CVE-2022-1933.yaml b/http/cves/2022/CVE-2022-1933.yaml index e9c88fc78ce..eb26ec76af0 100644 --- a/http/cves/2022/CVE-2022-1933.yaml +++ b/http/cves/2022/CVE-2022-1933.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-1933 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40661 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:collect_and_deliver_interface_for_woocommerce_project:collect_and_deliver_interface_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1937.yaml b/http/cves/2022/CVE-2022-1937.yaml index 386dccfb22e..3014afed0cb 100644 --- a/http/cves/2022/CVE-2022-1937.yaml +++ b/http/cves/2022/CVE-2022-1937.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/eb40ea5d-a463-4947-9a40-d55911ff50e9 - https://nvd.nist.gov/vuln/detail/CVE-2022-1937 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1937 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40661 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:awin:awin_data_feed:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1952.yaml b/http/cves/2022/CVE-2022-1952.yaml index 9018c0a8e06..0a4749cc445 100644 --- a/http/cves/2022/CVE-2022-1952.yaml +++ b/http/cves/2022/CVE-2022-1952.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/ecf61d17-8b07-4cb6-93a8-64c2c4fbbe04 - https://wordpress.org/plugins/easync-booking/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1952 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1952 cwe-id: CWE-434 - epss-score: 0.94802 - epss-percentile: 0.99101 + epss-score: 0.93584 + epss-percentile: 0.99051 cpe: cpe:2.3:a:syntactics:free_booking_plugin_for_hotels\,_restaurant_and_car_rental:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2034.yaml b/http/cves/2022/CVE-2022-2034.yaml index feb23e71984..655cef27e3a 100644 --- a/http/cves/2022/CVE-2022-2034.yaml +++ b/http/cves/2022/CVE-2022-2034.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-2034 cwe-id: CWE-639 - epss-score: 0.00473 - epss-percentile: 0.73121 + epss-score: 0.00506 + epss-percentile: 0.76026 cpe: cpe:2.3:a:automattic:sensei_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21500.yaml b/http/cves/2022/CVE-2022-21500.yaml index b8e7d43fd8c..f29c62f33c3 100644 --- a/http/cves/2022/CVE-2022-21500.yaml +++ b/http/cves/2022/CVE-2022-21500.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-21500 - epss-score: 0.24528 - epss-percentile: 0.96196 + epss-score: 0.92631 + epss-percentile: 0.98947 cpe: cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21587.yaml b/http/cves/2022/CVE-2022-21587.yaml index 740f479f681..785245a7afc 100644 --- a/http/cves/2022/CVE-2022-21587.yaml +++ b/http/cves/2022/CVE-2022-21587.yaml @@ -13,13 +13,14 @@ info: - https://www.oracle.com/security-alerts/cpuoct2022.html - https://nvd.nist.gov/vuln/detail/CVE-2022-21587 - http://packetstormsecurity.com/files/171208/Oracle-E-Business-Suite-EBS-Unauthenticated-Arbitrary-File-Upload.html + - https://github.com/manas3c/CVE-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-21587 cwe-id: CWE-306 - epss-score: 0.96418 - epss-percentile: 0.99469 + epss-score: 0.97315 + epss-percentile: 0.99868 cpe: cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-21661.yaml b/http/cves/2022/CVE-2022-21661.yaml index 312639f08d9..7b1fa0cafc9 100644 --- a/http/cves/2022/CVE-2022-21661.yaml +++ b/http/cves/2022/CVE-2022-21661.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-21661 cwe-id: CWE-89 - epss-score: 0.94068 - epss-percentile: 0.98994 + epss-score: 0.93536 + epss-percentile: 0.99044 cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21705.yaml b/http/cves/2022/CVE-2022-21705.yaml index 5a154d63493..714ce9f0fda 100644 --- a/http/cves/2022/CVE-2022-21705.yaml +++ b/http/cves/2022/CVE-2022-21705.yaml @@ -15,13 +15,14 @@ info: - https://github.com/octobercms/october/security/advisories/GHSA-79jw-2f46-wv22 - https://cyllective.com/blog/post/octobercms-cve-2022-21705/ - https://nvd.nist.gov/vuln/detail/CVE-2022-21705 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-21705 cwe-id: CWE-74,NVD-CWE-Other epss-score: 0.00522 - epss-percentile: 0.74345 + epss-percentile: 0.76405 cpe: cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2022/CVE-2022-2185.yaml b/http/cves/2022/CVE-2022-2185.yaml index 382e0b38f7c..01e21c2cc21 100644 --- a/http/cves/2022/CVE-2022-2185.yaml +++ b/http/cves/2022/CVE-2022-2185.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-2185 cwe-id: CWE-78 - epss-score: 0.50111 - epss-percentile: 0.9723 + epss-score: 0.5071 + epss-percentile: 0.97469 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2219.yaml b/http/cves/2022/CVE-2022-2219.yaml index 8c18f4c719b..d783a252758 100644 --- a/http/cves/2022/CVE-2022-2219.yaml +++ b/http/cves/2022/CVE-2022-2219.yaml @@ -12,13 +12,14 @@ info: reference: - https://wpscan.com/vulnerability/1240797c-7f45-4c36-83f0-501c544ce76a - https://nvd.nist.gov/vuln/detail/CVE-2022-2219 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2022-2219 cwe-id: CWE-79 - epss-score: 0.00212 - epss-percentile: 0.5901 + epss-score: 0.00159 + epss-percentile: 0.51461 cpe: cpe:2.3:a:brizy:unyson:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22242.yaml b/http/cves/2022/CVE-2022-22242.yaml index ed903cd9446..e6925b579b6 100644 --- a/http/cves/2022/CVE-2022-22242.yaml +++ b/http/cves/2022/CVE-2022-22242.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-22242 cwe-id: CWE-79 - epss-score: 0.04391 - epss-percentile: 0.91557 + epss-score: 0.41023 + epss-percentile: 0.972 cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22536.yaml b/http/cves/2022/CVE-2022-22536.yaml index 728d7f7f67d..23f22c4f91a 100644 --- a/http/cves/2022/CVE-2022-22536.yaml +++ b/http/cves/2022/CVE-2022-22536.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2022-22536 cwe-id: CWE-444 - epss-score: 0.95569 - epss-percentile: 0.99268 + epss-score: 0.96507 + epss-percentile: 0.99572 cpe: cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-22733.yaml b/http/cves/2022/CVE-2022-22733.yaml index 46504fc2d13..059fb8698cd 100644 --- a/http/cves/2022/CVE-2022-22733.yaml +++ b/http/cves/2022/CVE-2022-22733.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-22733 - https://lists.apache.org/thread/qpdsm936n9bhksb0rzn6bq1h7ord2nm6 - http://www.openwall.com/lists/oss-security/2022/01/20/2 + - https://github.com/Zeyad-Azima/CVE-2022-22733 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2022-22733 cwe-id: CWE-200 - epss-score: 0.15006 - epss-percentile: 0.95289 + epss-score: 0.12656 + epss-percentile: 0.95328 cpe: cpe:2.3:a:apache:shardingsphere_elasticjob-ui:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2290.yaml b/http/cves/2022/CVE-2022-2290.yaml index 42d0434ebf8..02a8b7a18b6 100644 --- a/http/cves/2022/CVE-2022-2290.yaml +++ b/http/cves/2022/CVE-2022-2290.yaml @@ -14,13 +14,14 @@ info: - https://github.com/zadam/trilium - https://github.com/zadam/trilium/commit/3faae63b849a1fabc31b823bb7af3a84d32256a7 - https://nvd.nist.gov/vuln/detail/CVE-2022-2290 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-2290 cwe-id: CWE-79 - epss-score: 0.00115 - epss-percentile: 0.44926 + epss-score: 0.001 + epss-percentile: 0.40139 cpe: cpe:2.3:a:trilium_project:trilium:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22963.yaml b/http/cves/2022/CVE-2022-22963.yaml index 6701cfcf290..4f79c19a628 100644 --- a/http/cves/2022/CVE-2022-22963.yaml +++ b/http/cves/2022/CVE-2022-22963.yaml @@ -21,9 +21,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-22963 - cwe-id: CWE-917,CWE-94 - epss-score: 0.97528 - epss-percentile: 0.99991 + cwe-id: CWE-94,CWE-917 + epss-score: 0.97537 + epss-percentile: 0.99993 cpe: cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-22965.yaml b/http/cves/2022/CVE-2022-22965.yaml index 1b77abf64d7..e22aba82701 100644 --- a/http/cves/2022/CVE-2022-22965.yaml +++ b/http/cves/2022/CVE-2022-22965.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-22965 cwe-id: CWE-94 - epss-score: 0.97424 - epss-percentile: 0.99927 + epss-score: 0.97493 + epss-percentile: 0.99972 cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2022/CVE-2022-23102.yaml b/http/cves/2022/CVE-2022-23102.yaml index 356fab74528..47f33955f0a 100644 --- a/http/cves/2022/CVE-2022-23102.yaml +++ b/http/cves/2022/CVE-2022-23102.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-23102 cwe-id: CWE-601 epss-score: 0.00366 - epss-percentile: 0.69645 + epss-percentile: 0.71925 cpe: cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-23178.yaml b/http/cves/2022/CVE-2022-23178.yaml index 80e58a6a82d..2fa3355981d 100644 --- a/http/cves/2022/CVE-2022-23178.yaml +++ b/http/cves/2022/CVE-2022-23178.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-23178 - https://de.crestron.com/Products/Video/HDMI-Solutions/HDMI-Switchers/HD-MD4X2-4K-E - https://www.redteam-pentesting.de/advisories/rt-sa-2021-009 + - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-23178 cwe-id: CWE-287 epss-score: 0.03228 - epss-percentile: 0.90237 + epss-percentile: 0.90998 cpe: cpe:2.3:o:crestron:hd-md4x2-4k-e_firmware:1.0.0.2159:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23347.yaml b/http/cves/2022/CVE-2022-23347.yaml index 28dd0f55223..ac57711fce3 100644 --- a/http/cves/2022/CVE-2022-23347.yaml +++ b/http/cves/2022/CVE-2022-23347.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-23347 - http://bigant.com - https://www.bigantsoft.com/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-23347 cwe-id: CWE-22 epss-score: 0.1468 - epss-percentile: 0.95244 + epss-percentile: 0.95635 cpe: cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2373.yaml b/http/cves/2022/CVE-2022-2373.yaml index 826f1a2262f..b743fbc5e5c 100644 --- a/http/cves/2022/CVE-2022-2373.yaml +++ b/http/cves/2022/CVE-2022-2373.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-2373 cwe-id: CWE-862 - epss-score: 0.00328 - epss-percentile: 0.67961 + epss-score: 0.00292 + epss-percentile: 0.68538 cpe: cpe:2.3:a:nsqua:simply_schedule_appointments:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2376.yaml b/http/cves/2022/CVE-2022-2376.yaml index b7b10ff989c..ba488526d63 100644 --- a/http/cves/2022/CVE-2022-2376.yaml +++ b/http/cves/2022/CVE-2022-2376.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/437c4330-376a-4392-86c6-c4c7ed9583ad - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2376 - https://nvd.nist.gov/vuln/detail/CVE-2022-2376 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-2376 cwe-id: CWE-862 - epss-score: 0.04117 - epss-percentile: 0.91273 + epss-score: 0.04177 + epss-percentile: 0.92016 cpe: cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23779.yaml b/http/cves/2022/CVE-2022-23779.yaml index b5e410206d7..35dfe02277d 100644 --- a/http/cves/2022/CVE-2022-23779.yaml +++ b/http/cves/2022/CVE-2022-23779.yaml @@ -13,13 +13,15 @@ info: - https://www.manageengine.com/products/desktop-central/cve-2022-23779.html - https://github.com/fbusr/CVE-2022-23779 - https://nvd.nist.gov/vuln/detail/CVE-2022-23779 + - https://github.com/soosmile/POC + - https://github.com/zecool/cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-23779 cwe-id: CWE-200 - epss-score: 0.01697 - epss-percentile: 0.86382 + epss-score: 0.00667 + epss-percentile: 0.79289 cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23854.yaml b/http/cves/2022/CVE-2022-23854.yaml index 42b560a3a1f..15843dd5b44 100644 --- a/http/cves/2022/CVE-2022-23854.yaml +++ b/http/cves/2022/CVE-2022-23854.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-23854 cwe-id: CWE-22,CWE-23 - epss-score: 0.82863 - epss-percentile: 0.98149 + epss-score: 0.66314 + epss-percentile: 0.97841 cpe: cpe:2.3:a:aveva:intouch_access_anywhere:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-23881.yaml b/http/cves/2022/CVE-2022-23881.yaml index 5d8d07efdd2..0844f96bc3b 100644 --- a/http/cves/2022/CVE-2022-23881.yaml +++ b/http/cves/2022/CVE-2022-23881.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-23881 cwe-id: CWE-77 - epss-score: 0.19726 - epss-percentile: 0.95888 + epss-score: 0.16723 + epss-percentile: 0.95904 cpe: cpe:2.3:a:zzzcms:zzzphp:2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23898.yaml b/http/cves/2022/CVE-2022-23898.yaml index e1b11ec8b36..7815cef4c7e 100644 --- a/http/cves/2022/CVE-2022-23898.yaml +++ b/http/cves/2022/CVE-2022-23898.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-23898 cwe-id: CWE-89 - epss-score: 0.02031 - epss-percentile: 0.87755 + epss-score: 0.0161 + epss-percentile: 0.87161 cpe: cpe:2.3:a:mingsoft:mcms:5.2.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24124.yaml b/http/cves/2022/CVE-2022-24124.yaml index c07d0dd02ba..1432ac2db6c 100644 --- a/http/cves/2022/CVE-2022-24124.yaml +++ b/http/cves/2022/CVE-2022-24124.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24124 cwe-id: CWE-89 epss-score: 0.07543 - epss-percentile: 0.93505 + epss-percentile: 0.93981 cpe: cpe:2.3:a:casbin:casdoor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24181.yaml b/http/cves/2022/CVE-2022-24181.yaml index 10fb4484163..bf04b07faaa 100644 --- a/http/cves/2022/CVE-2022-24181.yaml +++ b/http/cves/2022/CVE-2022-24181.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-24181 cwe-id: CWE-79 epss-score: 0.0017 - epss-percentile: 0.54089 + epss-percentile: 0.53018 cpe: cpe:2.3:a:public_knowledge_project:open_journal_systems:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24223.yaml b/http/cves/2022/CVE-2022-24223.yaml index e6e2a0c1aeb..55453399a24 100644 --- a/http/cves/2022/CVE-2022-24223.yaml +++ b/http/cves/2022/CVE-2022-24223.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-24223 cwe-id: CWE-89 - epss-score: 0.2364 - epss-percentile: 0.96161 + epss-score: 0.27442 + epss-percentile: 0.96689 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24260.yaml b/http/cves/2022/CVE-2022-24260.yaml index f19d9967036..ca76cb2eb18 100644 --- a/http/cves/2022/CVE-2022-24260.yaml +++ b/http/cves/2022/CVE-2022-24260.yaml @@ -13,13 +13,15 @@ info: - https://kerbit.io/research/read/blog/3 - https://nvd.nist.gov/vuln/detail/CVE-2022-24260 - https://www.voipmonitor.org/changelog-gui?major=5 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-24260 cwe-id: CWE-89 - epss-score: 0.35139 - epss-percentile: 0.96737 + epss-score: 0.28138 + epss-percentile: 0.96726 cpe: cpe:2.3:a:voipmonitor:voipmonitor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24265.yaml b/http/cves/2022/CVE-2022-24265.yaml index 80025b88914..6860c7dd204 100644 --- a/http/cves/2022/CVE-2022-24265.yaml +++ b/http/cves/2022/CVE-2022-24265.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24265 cwe-id: CWE-89 - epss-score: 0.04717 - epss-percentile: 0.91844 + epss-score: 0.05054 + epss-percentile: 0.92726 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24266.yaml b/http/cves/2022/CVE-2022-24266.yaml index a51c1096b37..980538bae5d 100644 --- a/http/cves/2022/CVE-2022-24266.yaml +++ b/http/cves/2022/CVE-2022-24266.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24266 cwe-id: CWE-89 - epss-score: 0.0318 - epss-percentile: 0.90197 + epss-score: 0.03412 + epss-percentile: 0.91229 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24288.yaml b/http/cves/2022/CVE-2022-24288.yaml index 13d6b298f41..057e7e2b175 100644 --- a/http/cves/2022/CVE-2022-24288.yaml +++ b/http/cves/2022/CVE-2022-24288.yaml @@ -13,13 +13,15 @@ info: - https://github.com/advisories/GHSA-3v7g-4pg3-7r6j - https://nvd.nist.gov/vuln/detail/CVE-2022-24288 - https://lists.apache.org/thread/dbw5ozcmr0h0lhs0yjph7xdc64oht23t + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Hax0rG1rl/my_cve_and_bounty_poc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-24288 cwe-id: CWE-78 - epss-score: 0.88581 - epss-percentile: 0.98442 + epss-score: 0.81676 + epss-percentile: 0.98279 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2462.yaml b/http/cves/2022/CVE-2022-2462.yaml index 8cc3673d711..48a84943cc2 100644 --- a/http/cves/2022/CVE-2022-2462.yaml +++ b/http/cves/2022/CVE-2022-2462.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-2462 cwe-id: CWE-200 - epss-score: 0.01405 - epss-percentile: 0.85028 + epss-score: 0.02698 + epss-percentile: 0.90234 cpe: cpe:2.3:a:transposh:transposh_wordpress_translation:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24716.yaml b/http/cves/2022/CVE-2022-24716.yaml index 98c1add69d5..3388a6c2506 100644 --- a/http/cves/2022/CVE-2022-24716.yaml +++ b/http/cves/2022/CVE-2022-24716.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24716 cwe-id: CWE-22 - epss-score: 0.22439 - epss-percentile: 0.96082 + epss-score: 0.25375 + epss-percentile: 0.96582 cpe: cpe:2.3:a:icinga:icinga_web_2:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-24816.yaml b/http/cves/2022/CVE-2022-24816.yaml index 9bd34eaedf5..682f885cbef 100644 --- a/http/cves/2022/CVE-2022-24816.yaml +++ b/http/cves/2022/CVE-2022-24816.yaml @@ -14,13 +14,14 @@ info: - https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx - https://github.com/geosolutions-it/jai-ext/commit/cb1d6565d38954676b0a366da4f965fef38da1cb - https://nvd.nist.gov/vuln/detail/CVE-2022-24816 + - https://github.com/tanjiti/sec_profile classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-24816 cwe-id: CWE-94 - epss-score: 0.86507 - epss-percentile: 0.98326 + epss-score: 0.86265 + epss-percentile: 0.98506 cpe: cpe:2.3:a:geosolutionsgroup:jai-ext:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24856.yaml b/http/cves/2022/CVE-2022-24856.yaml index 5f77f4427c4..2567f01bcbe 100644 --- a/http/cves/2022/CVE-2022-24856.yaml +++ b/http/cves/2022/CVE-2022-24856.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24856 cwe-id: CWE-918 - epss-score: 0.07548 - epss-percentile: 0.93507 + epss-score: 0.08397 + epss-percentile: 0.94255 cpe: cpe:2.3:a:flyte:flyte_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2486.yaml b/http/cves/2022/CVE-2022-2486.yaml index 9123d1346b3..8b479ef1fb7 100644 --- a/http/cves/2022/CVE-2022-2486.yaml +++ b/http/cves/2022/CVE-2022-2486.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2486 - https://vuldb.com/?id.204537 - https://nvd.nist.gov/vuln/detail/CVE-2022-2486 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-2486 cwe-id: CWE-78 - epss-score: 0.97301 - epss-percentile: 0.99853 + epss-score: 0.97331 + epss-percentile: 0.99879 cpe: cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24899.yaml b/http/cves/2022/CVE-2022-24899.yaml index 3093562979e..a44c2d06ae8 100644 --- a/http/cves/2022/CVE-2022-24899.yaml +++ b/http/cves/2022/CVE-2022-24899.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24899 cwe-id: CWE-79 epss-score: 0.00342 - epss-percentile: 0.68575 + epss-percentile: 0.70926 cpe: cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24990.yaml b/http/cves/2022/CVE-2022-24990.yaml index f42a2d5cf04..5fdbc537978 100644 --- a/http/cves/2022/CVE-2022-24990.yaml +++ b/http/cves/2022/CVE-2022-24990.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24990 cwe-id: CWE-306 - epss-score: 0.91953 - epss-percentile: 0.98735 + epss-score: 0.9593 + epss-percentile: 0.99416 cpe: cpe:2.3:o:terra-master:terramaster_operating_system:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-25082.yaml b/http/cves/2022/CVE-2022-25082.yaml index bde19773c29..e221a82dcb8 100644 --- a/http/cves/2022/CVE-2022-25082.yaml +++ b/http/cves/2022/CVE-2022-25082.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-25082 cwe-id: CWE-78 epss-score: 0.0417 - epss-percentile: 0.91362 + epss-percentile: 0.92009 cpe: cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5204_b20210112:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-25149.yaml b/http/cves/2022/CVE-2022-25149.yaml index 2e8489c227b..5b3b6979a9e 100644 --- a/http/cves/2022/CVE-2022-25149.yaml +++ b/http/cves/2022/CVE-2022-25149.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-25149 cwe-id: CWE-89 - epss-score: 0.34697 - epss-percentile: 0.96721 + epss-score: 0.36793 + epss-percentile: 0.97067 cpe: cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25216.yaml b/http/cves/2022/CVE-2022-25216.yaml index a7cc0702445..7bfe2fbd85e 100644 --- a/http/cves/2022/CVE-2022-25216.yaml +++ b/http/cves/2022/CVE-2022-25216.yaml @@ -12,13 +12,15 @@ info: reference: - https://www.tenable.com/security/research/tra-2022-07 - https://nvd.nist.gov/vuln/detail/CVE-2022-25216 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-25216 cwe-id: CWE-22 - epss-score: 0.01312 - epss-percentile: 0.84466 + epss-score: 0.01345 + epss-percentile: 0.85828 cpe: cpe:2.3:a:dvdfab:12_player:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2535.yaml b/http/cves/2022/CVE-2022-2535.yaml index 8094a87d9b9..d81472bc9c0 100644 --- a/http/cves/2022/CVE-2022-2535.yaml +++ b/http/cves/2022/CVE-2022-2535.yaml @@ -10,13 +10,14 @@ info: reference: - https://wpscan.com/vulnerability/0e13c375-044c-4c2e-ab8e-48cb89d90d02 - https://nvd.nist.gov/vuln/detail/CVE-2022-2535 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-2535 cwe-id: CWE-639 - epss-score: 0.00223 - epss-percentile: 0.60539 + epss-score: 0.00198 + epss-percentile: 0.56687 cpe: cpe:2.3:a:searchwp:searchwp_live_ajax_search:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25356.yaml b/http/cves/2022/CVE-2022-25356.yaml index 9a4f9cc32f4..b5ace9a8851 100644 --- a/http/cves/2022/CVE-2022-25356.yaml +++ b/http/cves/2022/CVE-2022-25356.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-25356 cwe-id: CWE-91 epss-score: 0.00425 - epss-percentile: 0.71709 + epss-percentile: 0.73853 cpe: cpe:2.3:a:altn:securitygateway:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2546.yaml b/http/cves/2022/CVE-2022-2546.yaml index f4cb61ed18e..ac62134a34b 100644 --- a/http/cves/2022/CVE-2022-2546.yaml +++ b/http/cves/2022/CVE-2022-2546.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/all-in-one-wp-migration/ - https://patchstack.com/database/vulnerability/all-in-one-wp-migration/wordpress-all-in-one-wp-migration-plugin-7-62-unauthenticated-reflected-cross-site-scripting-xss-vulnerability - https://nvd.nist.gov/vuln/detail/CVE-2022-2546 + - https://github.com/0xvinix/CVE-2022-2546 classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.7 cve-id: CVE-2022-2546 cwe-id: CWE-79 - epss-score: 0.00165 - epss-percentile: 0.53101 + epss-score: 0.00252 + epss-percentile: 0.64447 cpe: cpe:2.3:a:servmask:all-in-one_wp_migration:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25481.yaml b/http/cves/2022/CVE-2022-25481.yaml index 2b94247cc51..df1604ce4ec 100644 --- a/http/cves/2022/CVE-2022-25481.yaml +++ b/http/cves/2022/CVE-2022-25481.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md - https://nvd.nist.gov/vuln/detail/CVE-2022-25481 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-25481 cwe-id: CWE-668 - epss-score: 0.01311 - epss-percentile: 0.8446 + epss-score: 0.01261 + epss-percentile: 0.85321 cpe: cpe:2.3:a:thinkphp:thinkphp:5.0.24:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25485.yaml b/http/cves/2022/CVE-2022-25485.yaml index e3d87a26b55..f92d3a6beb4 100644 --- a/http/cves/2022/CVE-2022-25485.yaml +++ b/http/cves/2022/CVE-2022-25485.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/CuppaCMS/CuppaCMS - https://nvd.nist.gov/vuln/detail/CVE-2022-25485 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-25485 cwe-id: CWE-829 epss-score: 0.00648 - epss-percentile: 0.77084 + epss-percentile: 0.78876 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25487.yaml b/http/cves/2022/CVE-2022-25487.yaml index b046362ec3f..064f4fb21c1 100644 --- a/http/cves/2022/CVE-2022-25487.yaml +++ b/http/cves/2022/CVE-2022-25487.yaml @@ -13,13 +13,15 @@ info: - https://packetstormsecurity.com/files/166532/Atom-CMS-1.0.2-Shell-Upload.html - https://github.com/thedigicraft/Atom.CMS/issues/256 - https://nvd.nist.gov/vuln/detail/CVE-2022-25487 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/shikari00007/Atom-CMS-2.0---File-Upload-Remote-Code-Execution-Un-Authenticated-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-25487 cwe-id: CWE-434 - epss-score: 0.88802 - epss-percentile: 0.98459 + epss-score: 0.84615 + epss-percentile: 0.98422 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25488.yaml b/http/cves/2022/CVE-2022-25488.yaml index c536936e367..d82926e62cc 100644 --- a/http/cves/2022/CVE-2022-25488.yaml +++ b/http/cves/2022/CVE-2022-25488.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25488 cwe-id: CWE-89 - epss-score: 0.02031 - epss-percentile: 0.87755 + epss-score: 0.0161 + epss-percentile: 0.87161 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25489.yaml b/http/cves/2022/CVE-2022-25489.yaml index bae550ac141..8707c9954f2 100644 --- a/http/cves/2022/CVE-2022-25489.yaml +++ b/http/cves/2022/CVE-2022-25489.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2022-25489 cwe-id: CWE-79 epss-score: 0.00134 - epss-percentile: 0.48506 + epss-percentile: 0.47681 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25497.yaml b/http/cves/2022/CVE-2022-25497.yaml index ca6987c3050..93b193e06b5 100644 --- a/http/cves/2022/CVE-2022-25497.yaml +++ b/http/cves/2022/CVE-2022-25497.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-25497 cwe-id: CWE-552 epss-score: 0.00508 - epss-percentile: 0.74077 + epss-percentile: 0.76089 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2551.yaml b/http/cves/2022/CVE-2022-2551.yaml index e00157c046d..159f7c4b64b 100644 --- a/http/cves/2022/CVE-2022-2551.yaml +++ b/http/cves/2022/CVE-2022-2551.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-2551 cwe-id: CWE-425 - epss-score: 0.75241 - epss-percentile: 0.97888 + epss-score: 0.72442 + epss-percentile: 0.97997 cpe: cpe:2.3:a:snapcreek:duplicator:*:*:*:*:lite:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2599.yaml b/http/cves/2022/CVE-2022-2599.yaml index fc99092981f..cb841a50b49 100644 --- a/http/cves/2022/CVE-2022-2599.yaml +++ b/http/cves/2022/CVE-2022-2599.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-2599 cwe-id: CWE-79 - epss-score: 0.00119 - epss-percentile: 0.45981 + epss-score: 0.00106 + epss-percentile: 0.42122 cpe: cpe:2.3:a:anti-malware_security_and_brute-force_firewall_project:anti-malware_security_and_brute-force_firewall:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-26134.yaml b/http/cves/2022/CVE-2022-26134.yaml index 1b0142ae726..056b4805faf 100644 --- a/http/cves/2022/CVE-2022-26134.yaml +++ b/http/cves/2022/CVE-2022-26134.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-26134 cwe-id: CWE-917 - epss-score: 0.97535 - epss-percentile: 0.99993 + epss-score: 0.97528 + epss-percentile: 0.9999 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-26138.yaml b/http/cves/2022/CVE-2022-26138.yaml index 839dde00bb5..f0881f5defc 100644 --- a/http/cves/2022/CVE-2022-26138.yaml +++ b/http/cves/2022/CVE-2022-26138.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-26138 cwe-id: CWE-798 - epss-score: 0.96601 - epss-percentile: 0.99537 + epss-score: 0.97262 + epss-percentile: 0.99834 cpe: cpe:2.3:a:atlassian:questions_for_confluence:2.7.34:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-26148.yaml b/http/cves/2022/CVE-2022-26148.yaml index 10da8828542..87ad32b9d8a 100644 --- a/http/cves/2022/CVE-2022-26148.yaml +++ b/http/cves/2022/CVE-2022-26148.yaml @@ -14,13 +14,15 @@ info: - https://2k8.org/post-319.html - https://security.netapp.com/advisory/ntap-20220425-0005/ - https://nvd.nist.gov/vuln/detail/CVE-2022-26148 + - https://github.com/HimmelAward/Goby_POC + - https://github.com/Z0fhack/Goby_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-26148 cwe-id: CWE-312 epss-score: 0.15727 - epss-percentile: 0.95407 + epss-percentile: 0.95795 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-26263.yaml b/http/cves/2022/CVE-2022-26263.yaml index eb357ee240a..0414510dbef 100644 --- a/http/cves/2022/CVE-2022-26263.yaml +++ b/http/cves/2022/CVE-2022-26263.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-26263 cwe-id: CWE-79 epss-score: 0.00147 - epss-percentile: 0.49633 + epss-percentile: 0.49736 cpe: cpe:2.3:a:yonyou:u8\+:13.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2627.yaml b/http/cves/2022/CVE-2022-2627.yaml index 2ab343ce2d0..ba1c9fb3585 100644 --- a/http/cves/2022/CVE-2022-2627.yaml +++ b/http/cves/2022/CVE-2022-2627.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-2627 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45893 + epss-percentile: 0.45193 cpe: cpe:2.3:a:tagdiv:newspaper:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-26352.yaml b/http/cves/2022/CVE-2022-26352.yaml index 37cd15e0a1c..02c94c600e3 100644 --- a/http/cves/2022/CVE-2022-26352.yaml +++ b/http/cves/2022/CVE-2022-26352.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-26352 cwe-id: CWE-22 - epss-score: 0.97526 - epss-percentile: 0.9999 + epss-score: 0.97527 + epss-percentile: 0.99989 cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-26564.yaml b/http/cves/2022/CVE-2022-26564.yaml index 5fe6a59cacb..34ca3333c0e 100644 --- a/http/cves/2022/CVE-2022-26564.yaml +++ b/http/cves/2022/CVE-2022-26564.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-26564 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40134 + epss-percentile: 0.39401 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.3:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-26833.yaml b/http/cves/2022/CVE-2022-26833.yaml index 08babbc66b1..4048bf7acbc 100644 --- a/http/cves/2022/CVE-2022-26833.yaml +++ b/http/cves/2022/CVE-2022-26833.yaml @@ -14,13 +14,14 @@ info: - https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1513 - https://nvd.nist.gov/vuln/detail/CVE-2022-26833 - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1513 + - https://github.com/ARPSyndicate/cvemon classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H + cvss-score: 9.4 cve-id: CVE-2022-26833 cwe-id: CWE-306 - epss-score: 0.03208 - epss-percentile: 0.90206 + epss-score: 0.0166 + epss-percentile: 0.87336 cpe: cpe:2.3:a:openautomationsoftware:oas_platform:16.00.0112:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-26960.yaml b/http/cves/2022/CVE-2022-26960.yaml index d3e5150b44a..c15f3e8c374 100644 --- a/http/cves/2022/CVE-2022-26960.yaml +++ b/http/cves/2022/CVE-2022-26960.yaml @@ -15,13 +15,14 @@ info: - https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db - https://www.synacktiv.com/publications.html - https://nvd.nist.gov/vuln/detail/CVE-2022-26960 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2022-26960 cwe-id: CWE-22 - epss-score: 0.88417 - epss-percentile: 0.98433 + epss-score: 0.85922 + epss-percentile: 0.98481 cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2733.yaml b/http/cves/2022/CVE-2022-2733.yaml index 485997c24fb..c14b42e8cbd 100644 --- a/http/cves/2022/CVE-2022-2733.yaml +++ b/http/cves/2022/CVE-2022-2733.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-2733 cwe-id: CWE-79 - epss-score: 0.0019 - epss-percentile: 0.56641 + epss-score: 0.00143 + epss-percentile: 0.49164 cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2756.yaml b/http/cves/2022/CVE-2022-2756.yaml index 49753ae4d1e..91b57bb9ffe 100644 --- a/http/cves/2022/CVE-2022-2756.yaml +++ b/http/cves/2022/CVE-2022-2756.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.5 cve-id: CVE-2022-2756 cwe-id: CWE-918 - epss-score: 0.01379 - epss-percentile: 0.8488 + epss-score: 0.01579 + epss-percentile: 0.87037 cpe: cpe:2.3:a:kavitareader:kavita:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-27593.yaml b/http/cves/2022/CVE-2022-27593.yaml index 5ee7f04c222..e95e56b2b65 100644 --- a/http/cves/2022/CVE-2022-27593.yaml +++ b/http/cves/2022/CVE-2022-27593.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.1 cve-id: CVE-2022-27593 cwe-id: CWE-610 - epss-score: 0.44245 - epss-percentile: 0.97055 + epss-score: 0.56352 + epss-percentile: 0.97624 cpe: cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-27849.yaml b/http/cves/2022/CVE-2022-27849.yaml index b62e17ca9c3..4454d29eed7 100644 --- a/http/cves/2022/CVE-2022-27849.yaml +++ b/http/cves/2022/CVE-2022-27849.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-27849 cwe-id: CWE-200 - epss-score: 0.00732 - epss-percentile: 0.78773 + epss-score: 0.00713 + epss-percentile: 0.80067 cpe: cpe:2.3:a:plugin-planet:simple_ajax_chat:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-27985.yaml b/http/cves/2022/CVE-2022-27985.yaml index 0272b97d9bc..dfd78af5e33 100644 --- a/http/cves/2022/CVE-2022-27985.yaml +++ b/http/cves/2022/CVE-2022-27985.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-27985 cwe-id: CWE-89 - epss-score: 0.03284 - epss-percentile: 0.90318 + epss-score: 0.02343 + epss-percentile: 0.89527 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-28023.yaml b/http/cves/2022/CVE-2022-28023.yaml index 1674161c0d7..01e691d3a52 100644 --- a/http/cves/2022/CVE-2022-28023.yaml +++ b/http/cves/2022/CVE-2022-28023.yaml @@ -14,13 +14,15 @@ info: - https://github.com/debug601/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/SQLi-2.md - https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2022-28023 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/debug601/bug_report classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-28023 cwe-id: CWE-89 - epss-score: 0.02852 - epss-percentile: 0.89667 + epss-score: 0.02266 + epss-percentile: 0.8936 cpe: cpe:2.3:a:purchase_order_management_system_project:purchase_order_management_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-28032.yaml b/http/cves/2022/CVE-2022-28032.yaml index e584dcd950c..b5090af0609 100644 --- a/http/cves/2022/CVE-2022-28032.yaml +++ b/http/cves/2022/CVE-2022-28032.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-28032 cwe-id: CWE-89 - epss-score: 0.02031 - epss-percentile: 0.87755 + epss-score: 0.02266 + epss-percentile: 0.8936 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-28080.yaml b/http/cves/2022/CVE-2022-28080.yaml index 73cde5e9608..989deca8c2f 100644 --- a/http/cves/2022/CVE-2022-28080.yaml +++ b/http/cves/2022/CVE-2022-28080.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-28080 cwe-id: CWE-89 - epss-score: 0.01488 - epss-percentile: 0.85428 + epss-score: 0.01461 + epss-percentile: 0.86424 cpe: cpe:2.3:a:event_management_system_project:event_management_system:1.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-28290.yaml b/http/cves/2022/CVE-2022-28290.yaml index 3f5af3f7b4c..6280f729232 100644 --- a/http/cves/2022/CVE-2022-28290.yaml +++ b/http/cves/2022/CVE-2022-28290.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/6c5a4bce-6266-4cfc-bc87-4fc3e36cb479 - https://cybersecurityworks.com/zerodays/cve-2022-28290-reflected-cross-site-scripting-in-welaunch.html - https://nvd.nist.gov/vuln/detail/CVE-2022-28290 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-28290 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36947 + epss-percentile: 0.36353 cpe: cpe:2.3:a:welaunch:wordpress_country_selector:1.6.5:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-28363.yaml b/http/cves/2022/CVE-2022-28363.yaml index cae8d91a375..5cda1f80251 100644 --- a/http/cves/2022/CVE-2022-28363.yaml +++ b/http/cves/2022/CVE-2022-28363.yaml @@ -15,13 +15,14 @@ info: - https://github.com/advisories/GHSA-rpvc-qgrm-r54f - http://packetstormsecurity.com/files/166647/Reprise-License-Manager-14.2-Cross-Site-Scripting-Information-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2022-28363 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-28363 cwe-id: CWE-79 epss-score: 0.00237 - epss-percentile: 0.61755 + epss-percentile: 0.61062 cpe: cpe:2.3:a:reprisesoftware:reprise_license_manager:14.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2863.yaml b/http/cves/2022/CVE-2022-2863.yaml index 47fec4498fb..511fe0158b8 100644 --- a/http/cves/2022/CVE-2022-2863.yaml +++ b/http/cves/2022/CVE-2022-2863.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.9 cve-id: CVE-2022-2863 cwe-id: CWE-22 - epss-score: 0.54582 - epss-percentile: 0.97355 + epss-score: 0.43289 + epss-percentile: 0.97257 cpe: cpe:2.3:a:wpvivid:migration\,_backup\,_staging:*:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-28955.yaml b/http/cves/2022/CVE-2022-28955.yaml index 4c6dea00389..8ed1d5ed20e 100644 --- a/http/cves/2022/CVE-2022-28955.yaml +++ b/http/cves/2022/CVE-2022-28955.yaml @@ -14,13 +14,15 @@ info: - https://github.com/shijin0925/IOT/blob/master/DIR816/1.md - https://www.dlink.com/en/security-bulletin/ - https://nvd.nist.gov/vuln/detail/CVE-2022-28955 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-28955 cwe-id: CWE-287 epss-score: 0.02487 - epss-percentile: 0.88982 + epss-percentile: 0.89836 cpe: cpe:2.3:o:dlink:dir-816l_firmware:206b01:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29004.yaml b/http/cves/2022/CVE-2022-29004.yaml index 2d2683bdd40..a92d8576e34 100644 --- a/http/cves/2022/CVE-2022-29004.yaml +++ b/http/cves/2022/CVE-2022-29004.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-29004 cwe-id: CWE-79 epss-score: 0.00218 - epss-percentile: 0.59831 + epss-percentile: 0.59134 cpe: cpe:2.3:a:phpgurukul:e-diary_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29006.yaml b/http/cves/2022/CVE-2022-29006.yaml index 15b79d4e01f..5127137d910 100644 --- a/http/cves/2022/CVE-2022-29006.yaml +++ b/http/cves/2022/CVE-2022-29006.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29006 cwe-id: CWE-89 - epss-score: 0.15861 - epss-percentile: 0.95469 + epss-score: 0.21257 + epss-percentile: 0.96305 cpe: cpe:2.3:a:phpgurukul:directory_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29009.yaml b/http/cves/2022/CVE-2022-29009.yaml index 6eb8cd707be..57e4c481a1c 100644 --- a/http/cves/2022/CVE-2022-29009.yaml +++ b/http/cves/2022/CVE-2022-29009.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29009 cwe-id: CWE-89 - epss-score: 0.15861 - epss-percentile: 0.95469 + epss-score: 0.21257 + epss-percentile: 0.96305 cpe: cpe:2.3:a:phpgurukul:cyber_cafe_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29014.yaml b/http/cves/2022/CVE-2022-29014.yaml index c72cb4ffba3..fb300306f9a 100644 --- a/http/cves/2022/CVE-2022-29014.yaml +++ b/http/cves/2022/CVE-2022-29014.yaml @@ -14,12 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-29014 - https://www2.razer.com/ap-en/desktops-and-networking/razer-sila - https://packetstormsecurity.com/files/166683/Razer-Sila-2.0.418-Local-File-Inclusion.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-29014 epss-score: 0.77285 - epss-percentile: 0.97938 + epss-percentile: 0.98135 cpe: cpe:2.3:o:razer:sila_firmware:2.0.441_api-2.0.418:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-29078.yaml b/http/cves/2022/CVE-2022-29078.yaml index 9361b26f6af..84aedb33a91 100644 --- a/http/cves/2022/CVE-2022-29078.yaml +++ b/http/cves/2022/CVE-2022-29078.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29078 cwe-id: CWE-94 - epss-score: 0.34975 - epss-percentile: 0.96733 + epss-score: 0.34849 + epss-percentile: 0.97005 cpe: cpe:2.3:a:ejs:ejs:3.1.6:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-29153.yaml b/http/cves/2022/CVE-2022-29153.yaml index 8b4526d477c..43b3644f47b 100644 --- a/http/cves/2022/CVE-2022-29153.yaml +++ b/http/cves/2022/CVE-2022-29153.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-29153 cwe-id: CWE-918 - epss-score: 0.02619 - epss-percentile: 0.89273 + epss-score: 0.02376 + epss-percentile: 0.89603 cpe: cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29298.yaml b/http/cves/2022/CVE-2022-29298.yaml index 82f0d91c137..94c1340eaaa 100644 --- a/http/cves/2022/CVE-2022-29298.yaml +++ b/http/cves/2022/CVE-2022-29298.yaml @@ -14,13 +14,14 @@ info: - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view?usp=sharing - https://nvd.nist.gov/vuln/detail/CVE-2022-29298 + - https://github.com/20142995/pocsuite3 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-29298 cwe-id: CWE-22 epss-score: 0.1374 - epss-percentile: 0.95105 + epss-percentile: 0.95497 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29299.yaml b/http/cves/2022/CVE-2022-29299.yaml index 49218c39541..7e8be5ef432 100644 --- a/http/cves/2022/CVE-2022-29299.yaml +++ b/http/cves/2022/CVE-2022-29299.yaml @@ -17,6 +17,8 @@ info: - https://github.com/ARPSyndicate/kenzer-templates classification: cve-id: CVE-2022-29299 + epss-score: 0.00175 + epss-percentile: 0.53704 metadata: verified: true max-request: 1 diff --git a/http/cves/2022/CVE-2022-29303.yaml b/http/cves/2022/CVE-2022-29303.yaml index 6c5e016ceae..08e1e1b8cf2 100644 --- a/http/cves/2022/CVE-2022-29303.yaml +++ b/http/cves/2022/CVE-2022-29303.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29303 - https://drive.google.com/drive/folders/1tGr-WExbpfvhRg31XCoaZOFLWyt3r60g?usp=sharing - http://packetstormsecurity.com/files/167183/SolarView-Compact-6.0-Command-Injection.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-29303 cwe-id: CWE-78 - epss-score: 0.95299 - epss-percentile: 0.99193 + epss-score: 0.9598 + epss-percentile: 0.99429 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29383.yaml b/http/cves/2022/CVE-2022-29383.yaml index 59f078f0000..eefc57a1b0c 100644 --- a/http/cves/2022/CVE-2022-29383.yaml +++ b/http/cves/2022/CVE-2022-29383.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29383 cwe-id: CWE-89 - epss-score: 0.47914 - epss-percentile: 0.97161 + epss-score: 0.39819 + epss-percentile: 0.9716 cpe: cpe:2.3:o:netgear:ssl312_firmware:fvs336gv2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29464.yaml b/http/cves/2022/CVE-2022-29464.yaml index d90d7b79384..6f403c62112 100644 --- a/http/cves/2022/CVE-2022-29464.yaml +++ b/http/cves/2022/CVE-2022-29464.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29464 cwe-id: CWE-22 - epss-score: 0.97235 - epss-percentile: 0.99812 + epss-score: 0.97146 + epss-percentile: 0.99783 cpe: cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-29548.yaml b/http/cves/2022/CVE-2022-29548.yaml index 2f39916c3f4..d634faa971c 100644 --- a/http/cves/2022/CVE-2022-29548.yaml +++ b/http/cves/2022/CVE-2022-29548.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-29548 cwe-id: CWE-79 epss-score: 0.00299 - epss-percentile: 0.66346 + epss-percentile: 0.68867 cpe: cpe:2.3:a:wso2:api_manager:2.2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30073.yaml b/http/cves/2022/CVE-2022-30073.yaml index 10f0c0f1bc2..c29bc4ab470 100644 --- a/http/cves/2022/CVE-2022-30073.yaml +++ b/http/cves/2022/CVE-2022-30073.yaml @@ -14,13 +14,14 @@ info: - https://github.com/APTX-4879/CVE - https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30073.pdf - https://nvd.nist.gov/vuln/detail/CVE-2022-30073 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-30073 cwe-id: CWE-79 epss-score: 0.00205 - epss-percentile: 0.58384 + epss-percentile: 0.57793 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30513.yaml b/http/cves/2022/CVE-2022-30513.yaml index 83497f9dd7e..2ccf3faffb8 100644 --- a/http/cves/2022/CVE-2022-30513.yaml +++ b/http/cves/2022/CVE-2022-30513.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-30513 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40134 + epss-percentile: 0.39401 cpe: cpe:2.3:a:school_dormitory_management_system_project:school_dormitory_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30514.yaml b/http/cves/2022/CVE-2022-30514.yaml index 61acf400306..81a1e1c3e1b 100644 --- a/http/cves/2022/CVE-2022-30514.yaml +++ b/http/cves/2022/CVE-2022-30514.yaml @@ -15,13 +15,14 @@ info: - https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30514 - https://nvd.nist.gov/vuln/detail/CVE-2022-30514 + - https://github.com/Marcuccio/kevin classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-30514 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40092 + epss-percentile: 0.39401 cpe: cpe:2.3:a:school_dormitory_management_system_project:school_dormitory_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30525.yaml b/http/cves/2022/CVE-2022-30525.yaml index ba78dc44bb8..4db3362f939 100644 --- a/http/cves/2022/CVE-2022-30525.yaml +++ b/http/cves/2022/CVE-2022-30525.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-30525 cwe-id: CWE-78 - epss-score: 0.97465 - epss-percentile: 0.99956 + epss-score: 0.97482 + epss-percentile: 0.99967 cpe: cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-31126.yaml b/http/cves/2022/CVE-2022-31126.yaml index edc74ea1202..f84be2943d6 100644 --- a/http/cves/2022/CVE-2022-31126.yaml +++ b/http/cves/2022/CVE-2022-31126.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-31126 cwe-id: CWE-74 - epss-score: 0.85981 - epss-percentile: 0.98316 + epss-score: 0.84229 + epss-percentile: 0.98401 cpe: cpe:2.3:a:roxy-wi:roxy-wi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31269.yaml b/http/cves/2022/CVE-2022-31269.yaml index fc5c2e0ac97..e1f629eee90 100644 --- a/http/cves/2022/CVE-2022-31269.yaml +++ b/http/cves/2022/CVE-2022-31269.yaml @@ -15,13 +15,14 @@ info: - https://www.nortekcontrol.com/access-control/ - https://eg.linkedin.com/in/omar-1-hashem - https://nvd.nist.gov/vuln/detail/CVE-2022-31269 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N cvss-score: 8.2 cve-id: CVE-2022-31269 cwe-id: CWE-798 - epss-score: 0.00174 - epss-percentile: 0.54513 + epss-score: 0.00231 + epss-percentile: 0.6049 cpe: cpe:2.3:o:nortekcontrol:emerge_e3_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31299.yaml b/http/cves/2022/CVE-2022-31299.yaml index 8d4b846826c..c6bb460d0d2 100644 --- a/http/cves/2022/CVE-2022-31299.yaml +++ b/http/cves/2022/CVE-2022-31299.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-31299 cwe-id: CWE-79 epss-score: 0.00209 - epss-percentile: 0.58894 + epss-percentile: 0.58245 cpe: cpe:2.3:a:angtech:haraj:3.7:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31373.yaml b/http/cves/2022/CVE-2022-31373.yaml index 2577e36630d..a48dc932243 100644 --- a/http/cves/2022/CVE-2022-31373.yaml +++ b/http/cves/2022/CVE-2022-31373.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/badboycxcc/SolarView_Compact_6.0_xss - https://nvd.nist.gov/vuln/detail/CVE-2022-31373 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/badboycxcc/badboycxcc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-31373 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36947 + epss-percentile: 0.36353 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3142.yaml b/http/cves/2022/CVE-2022-3142.yaml index 2057080e624..230d9562c96 100644 --- a/http/cves/2022/CVE-2022-3142.yaml +++ b/http/cves/2022/CVE-2022-3142.yaml @@ -18,8 +18,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-3142 cwe-id: CWE-89 - epss-score: 0.00318 - epss-percentile: 0.67316 + epss-score: 0.00356 + epss-percentile: 0.71515 cpe: cpe:2.3:a:basixonline:nex-forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31474.yaml b/http/cves/2022/CVE-2022-31474.yaml index a7553d6c134..1f90b581a03 100644 --- a/http/cves/2022/CVE-2022-31474.yaml +++ b/http/cves/2022/CVE-2022-31474.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-31474 cwe-id: CWE-22 - epss-score: 0.00531 - epss-percentile: 0.74642 + epss-score: 0.0063 + epss-percentile: 0.78579 cpe: cpe:2.3:a:ithemes:backupbuddy:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-31656.yaml b/http/cves/2022/CVE-2022-31656.yaml index 28ed367743a..1d3334694b1 100644 --- a/http/cves/2022/CVE-2022-31656.yaml +++ b/http/cves/2022/CVE-2022-31656.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-31656 cwe-id: CWE-287 - epss-score: 0.81964 - epss-percentile: 0.98126 + epss-score: 0.75034 + epss-percentile: 0.98069 cpe: cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31798.yaml b/http/cves/2022/CVE-2022-31798.yaml index fa931dcb1d3..d411b9c192a 100644 --- a/http/cves/2022/CVE-2022-31798.yaml +++ b/http/cves/2022/CVE-2022-31798.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-31798 cwe-id: CWE-384 - epss-score: 0.0012 - epss-percentile: 0.46173 + epss-score: 0.00126 + epss-percentile: 0.46259 cpe: cpe:2.3:o:nortekcontrol:emerge_e3_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31854.yaml b/http/cves/2022/CVE-2022-31854.yaml index 8c248437559..efca6e10758 100644 --- a/http/cves/2022/CVE-2022-31854.yaml +++ b/http/cves/2022/CVE-2022-31854.yaml @@ -15,13 +15,14 @@ info: - https://codoforum.com - https://vikaran101.medium.com/codoforum-v5-1-authenticated-rce-my-first-cve-f49e19b8bc - https://nvd.nist.gov/vuln/detail/CVE-2022-31854 + - https://github.com/trhacknon/Pocingit classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-31854 cwe-id: CWE-434 - epss-score: 0.08519 - epss-percentile: 0.93839 + epss-score: 0.17108 + epss-percentile: 0.95958 cpe: cpe:2.3:a:codologic:codoforum:5.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31978.yaml b/http/cves/2022/CVE-2022-31978.yaml index 6dbd7aa8af3..faad06e36da 100644 --- a/http/cves/2022/CVE-2022-31978.yaml +++ b/http/cves/2022/CVE-2022-31978.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-31978 cwe-id: CWE-89 - epss-score: 0.01192 - epss-percentile: 0.83594 + epss-score: 0.02031 + epss-percentile: 0.88685 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-31981.yaml b/http/cves/2022/CVE-2022-31981.yaml index a6723650317..836a3bbfb4f 100644 --- a/http/cves/2022/CVE-2022-31981.yaml +++ b/http/cves/2022/CVE-2022-31981.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-31981 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-31982.yaml b/http/cves/2022/CVE-2022-31982.yaml index 32f2710a90e..1893bfceed2 100644 --- a/http/cves/2022/CVE-2022-31982.yaml +++ b/http/cves/2022/CVE-2022-31982.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-31982 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-31984.yaml b/http/cves/2022/CVE-2022-31984.yaml index c9a613e0e4a..d32244b9e5f 100644 --- a/http/cves/2022/CVE-2022-31984.yaml +++ b/http/cves/2022/CVE-2022-31984.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-31984 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-32015.yaml b/http/cves/2022/CVE-2022-32015.yaml index a9aa3339015..2f0fa798ace 100644 --- a/http/cves/2022/CVE-2022-32015.yaml +++ b/http/cves/2022/CVE-2022-32015.yaml @@ -11,13 +11,14 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-8.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32015 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-32015 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:complete_online_job_search_system_project:complete_online_job_search_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32018.yaml b/http/cves/2022/CVE-2022-32018.yaml index 95450072077..3f0068e603a 100644 --- a/http/cves/2022/CVE-2022-32018.yaml +++ b/http/cves/2022/CVE-2022-32018.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-12.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32018 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-32018 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:complete_online_job_search_system_project:complete_online_job_search_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32025.yaml b/http/cves/2022/CVE-2022-32025.yaml index 327505d0f61..4e1b75a49f8 100644 --- a/http/cves/2022/CVE-2022-32025.yaml +++ b/http/cves/2022/CVE-2022-32025.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-32025 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32026.yaml b/http/cves/2022/CVE-2022-32026.yaml index 3fa571c726e..d9828ea4fe9 100644 --- a/http/cves/2022/CVE-2022-32026.yaml +++ b/http/cves/2022/CVE-2022-32026.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-32026 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32028.yaml b/http/cves/2022/CVE-2022-32028.yaml index 137d8e81394..affb9681aac 100644 --- a/http/cves/2022/CVE-2022-32028.yaml +++ b/http/cves/2022/CVE-2022-32028.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32028 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-32028 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32195.yaml b/http/cves/2022/CVE-2022-32195.yaml index 1f6939836e0..4684743d0fb 100644 --- a/http/cves/2022/CVE-2022-32195.yaml +++ b/http/cves/2022/CVE-2022-32195.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-32195 cwe-id: CWE-79 epss-score: 0.00112 - epss-percentile: 0.44578 + epss-percentile: 0.43735 cpe: cpe:2.3:a:edx:open_edx:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32409.yaml b/http/cves/2022/CVE-2022-32409.yaml index a4d3cfb4f43..399023cf2b6 100644 --- a/http/cves/2022/CVE-2022-32409.yaml +++ b/http/cves/2022/CVE-2022-32409.yaml @@ -13,13 +13,15 @@ info: - https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion - https://nvd.nist.gov/vuln/detail/CVE-2022-32409 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-32409 cwe-id: CWE-22 - epss-score: 0.59439 - epss-percentile: 0.97459 + epss-score: 0.47251 + epss-percentile: 0.97372 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32429.yaml b/http/cves/2022/CVE-2022-32429.yaml index 82af5a9702c..30924d16b25 100644 --- a/http/cves/2022/CVE-2022-32429.yaml +++ b/http/cves/2022/CVE-2022-32429.yaml @@ -15,13 +15,14 @@ info: - https://elifulkerson.com/CVE-2022-32429/ - https://nvd.nist.gov/vuln/detail/CVE-2022-32429 - http://packetstormsecurity.com/files/169819/MSNSwitch-Firmware-MNT.2408-Remote-Code-Execution.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-32429 cwe-id: CWE-287 - epss-score: 0.0549 - epss-percentile: 0.92452 + epss-score: 0.15342 + epss-percentile: 0.95742 cpe: cpe:2.3:o:megatech:msnswitch_firmware:mnt.2408:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32771.yaml b/http/cves/2022/CVE-2022-32771.yaml index 8102896ec52..9070804ad0c 100644 --- a/http/cves/2022/CVE-2022-32771.yaml +++ b/http/cves/2022/CVE-2022-32771.yaml @@ -14,13 +14,15 @@ info: - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538 - https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql - https://nvd.nist.gov/vuln/detail/CVE-2022-32771 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-32771 cwe-id: CWE-79 - epss-score: 0.00056 - epss-percentile: 0.21026 + epss-score: 0.00074 + epss-percentile: 0.30395 cpe: cpe:2.3:a:wwbn:avideo:11.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33119.yaml b/http/cves/2022/CVE-2022-33119.yaml index 2f14a547caf..719f8b64e76 100644 --- a/http/cves/2022/CVE-2022-33119.yaml +++ b/http/cves/2022/CVE-2022-33119.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/badboycxcc/nuuo-xss/blob/main/README.md - https://nvd.nist.gov/vuln/detail/CVE-2022-33119 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/badboycxcc/badboycxcc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-33119 cwe-id: CWE-79 - epss-score: 0.02148 - epss-percentile: 0.8813 + epss-score: 0.0157 + epss-percentile: 0.86981 cpe: cpe:2.3:o:nuuo:nvrsolo_firmware:03.06.02:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33174.yaml b/http/cves/2022/CVE-2022-33174.yaml index 785d4417796..17c5ced2d11 100644 --- a/http/cves/2022/CVE-2022-33174.yaml +++ b/http/cves/2022/CVE-2022-33174.yaml @@ -13,13 +13,16 @@ info: reference: - https://gynvael.coldwind.pl/?lang=en&id=748 - https://nvd.nist.gov/vuln/detail/CVE-2022-33174 + - https://github.com/Henry4E36/CVE-2022-33174 + - https://github.com/k0mi-tg/CVE-POC + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-33174 cwe-id: CWE-863 - epss-score: 0.00593 - epss-percentile: 0.7598 + epss-score: 0.01241 + epss-percentile: 0.85189 cpe: cpe:2.3:o:powertekpdus:basic_pdu_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33891.yaml b/http/cves/2022/CVE-2022-33891.yaml index 621e4629a6a..9a80d1ca748 100644 --- a/http/cves/2022/CVE-2022-33891.yaml +++ b/http/cves/2022/CVE-2022-33891.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-33891 cwe-id: CWE-78 - epss-score: 0.97069 - epss-percentile: 0.99721 + epss-score: 0.97289 + epss-percentile: 0.99851 cpe: cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33901.yaml b/http/cves/2022/CVE-2022-33901.yaml index 789bad7c480..fb79a170a9d 100644 --- a/http/cves/2022/CVE-2022-33901.yaml +++ b/http/cves/2022/CVE-2022-33901.yaml @@ -15,12 +15,13 @@ info: - https://wordpress.org/plugins/multisafepay/#developers - https://patchstack.com/database/vulnerability/multisafepay/wordpress-multisafepay-plugin-for-woocommerce-plugin-4-13-1-unauthenticated-arbitrary-file-read-vulnerability - https://nvd.nist.gov/vuln/detail/CVE-2022-33901 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-33901 - epss-score: 0.00701 - epss-percentile: 0.78159 + epss-score: 0.00779 + epss-percentile: 0.80981 cpe: cpe:2.3:a:multisafepay:multisafepay_plugin_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34045.yaml b/http/cves/2022/CVE-2022-34045.yaml index 964b3d7f4c2..d89fbb2666c 100644 --- a/http/cves/2022/CVE-2022-34045.yaml +++ b/http/cves/2022/CVE-2022-34045.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-34045 cwe-id: CWE-798 - epss-score: 0.04333 - epss-percentile: 0.9151 + epss-score: 0.05662 + epss-percentile: 0.93156 cpe: cpe:2.3:o:wavlink:wl-wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34046.yaml b/http/cves/2022/CVE-2022-34046.yaml index 3489bd24d76..dd16fd05131 100644 --- a/http/cves/2022/CVE-2022-34046.yaml +++ b/http/cves/2022/CVE-2022-34046.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34046 - http://packetstormsecurity.com/files/167890/Wavlink-WN533A8-Password-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2022-34046 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-34046 cwe-id: CWE-863 - epss-score: 0.18248 - epss-percentile: 0.9572 + epss-score: 0.14292 + epss-percentile: 0.95577 cpe: cpe:2.3:o:wavlink:wn533a8_firmware:m33a8.v5030.190716:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34047.yaml b/http/cves/2022/CVE-2022-34047.yaml index c7a93d7d07b..140890449d0 100644 --- a/http/cves/2022/CVE-2022-34047.yaml +++ b/http/cves/2022/CVE-2022-34047.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34047 - http://packetstormsecurity.com/files/167891/Wavlink-WN530HG4-Password-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2022-34047 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-34047 cwe-id: CWE-668 - epss-score: 0.19689 - epss-percentile: 0.9586 + epss-score: 0.14292 + epss-percentile: 0.95577 cpe: cpe:2.3:o:wavlink:wl-wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34093.yaml b/http/cves/2022/CVE-2022-34093.yaml index f058da1c84f..fab09459b00 100644 --- a/http/cves/2022/CVE-2022-34093.yaml +++ b/http/cves/2022/CVE-2022-34093.yaml @@ -11,13 +11,14 @@ info: - https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt#L44 - https://owasp.org/www-community/attacks/xss/ - https://softwarepublico.gov.br/social/i3geo + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-34093 cwe-id: CWE-79 - epss-score: 0.00274 - epss-percentile: 0.64649 + epss-score: 0.00266 + epss-percentile: 0.65533 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34094.yaml b/http/cves/2022/CVE-2022-34094.yaml index ce6d9d90b8c..a7d0ed715ba 100644 --- a/http/cves/2022/CVE-2022-34094.yaml +++ b/http/cves/2022/CVE-2022-34094.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-34093 - https://owasp.org/www-community/attacks/xss/ - https://softwarepublico.gov.br/social/i3geo + - https://github.com/wagnerdracha/ProofOfConcept classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-34094 cwe-id: CWE-79 - epss-score: 0.00274 - epss-percentile: 0.64649 + epss-score: 0.00266 + epss-percentile: 0.65533 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34121.yaml b/http/cves/2022/CVE-2022-34121.yaml index bf4f0409e3b..7b1cb461a61 100644 --- a/http/cves/2022/CVE-2022-34121.yaml +++ b/http/cves/2022/CVE-2022-34121.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-34121 cwe-id: CWE-829 - epss-score: 0.72485 - epss-percentile: 0.97813 + epss-score: 0.66943 + epss-percentile: 0.97855 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34576.yaml b/http/cves/2022/CVE-2022-34576.yaml index 219fb8a0f29..dffb19d3ba7 100644 --- a/http/cves/2022/CVE-2022-34576.yaml +++ b/http/cves/2022/CVE-2022-34576.yaml @@ -13,12 +13,15 @@ info: reference: - https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3_Sensitive%20information%20leakage.md - https://nvd.nist.gov/vuln/detail/CVE-2022-34576 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/tr3ss/gofetch classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-34576 - epss-score: 0.02934 - epss-percentile: 0.89796 + epss-score: 0.03075 + epss-percentile: 0.90796 cpe: cpe:2.3:o:wavlink:wn535g3_firmware:m35g3r.v5030.180927:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34590.yaml b/http/cves/2022/CVE-2022-34590.yaml index 05fc1931235..558ac72187d 100644 --- a/http/cves/2022/CVE-2022-34590.yaml +++ b/http/cves/2022/CVE-2022-34590.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/Renrao/bug_report/blob/master/blob/main/vendors/itsourcecode.com/hospital-management-system/sql_injection.md - https://nvd.nist.gov/vuln/detail/CVE-2022-34590 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-34590 cwe-id: CWE-89 - epss-score: 0.00666 - epss-percentile: 0.77508 + epss-score: 0.01429 + epss-percentile: 0.86269 cpe: cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34753.yaml b/http/cves/2022/CVE-2022-34753.yaml index 6b7086a7ebd..7be33fda23d 100644 --- a/http/cves/2022/CVE-2022-34753.yaml +++ b/http/cves/2022/CVE-2022-34753.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-34753 cwe-id: CWE-78 - epss-score: 0.95902 - epss-percentile: 0.99337 + epss-score: 0.96923 + epss-percentile: 0.99698 cpe: cpe:2.3:o:schneider-electric:spacelogic_c-bus_home_controller_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-35151.yaml b/http/cves/2022/CVE-2022-35151.yaml index 58028f9e5dd..5b826b8261d 100644 --- a/http/cves/2022/CVE-2022-35151.yaml +++ b/http/cves/2022/CVE-2022-35151.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/kekingcn/kkFileView/issues/366 - https://nvd.nist.gov/vuln/detail/CVE-2022-35151 + - https://github.com/StarCrossPortal/scalpel + - https://github.com/anonymous364872/Rapier_Tool + - https://github.com/youcans896768/APIV_Tool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-35151 cwe-id: CWE-79 - epss-score: 0.012 - epss-percentile: 0.83658 + epss-score: 0.02148 + epss-percentile: 0.8906 cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35405.yaml b/http/cves/2022/CVE-2022-35405.yaml index 86586e07c5b..b0872d03edc 100644 --- a/http/cves/2022/CVE-2022-35405.yaml +++ b/http/cves/2022/CVE-2022-35405.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-35405 cwe-id: CWE-502 - epss-score: 0.97461 - epss-percentile: 0.99955 + epss-score: 0.97471 + epss-percentile: 0.99962 cpe: cpe:2.3:a:zohocorp:manageengine_access_manager_plus:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-35413.yaml b/http/cves/2022/CVE-2022-35413.yaml index 682ffd4aebd..63dc94b9b31 100644 --- a/http/cves/2022/CVE-2022-35413.yaml +++ b/http/cves/2022/CVE-2022-35413.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-35413 cwe-id: CWE-798 - epss-score: 0.62257 - epss-percentile: 0.97544 + epss-score: 0.72077 + epss-percentile: 0.97989 cpe: cpe:2.3:a:pentasecurity:wapples:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35416.yaml b/http/cves/2022/CVE-2022-35416.yaml index a5dfd41e6db..02a14eba93f 100644 --- a/http/cves/2022/CVE-2022-35416.yaml +++ b/http/cves/2022/CVE-2022-35416.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-35416 cwe-id: CWE-79 - epss-score: 0.00101 - epss-percentile: 0.41055 + epss-score: 0.00088 + epss-percentile: 0.36353 cpe: cpe:2.3:a:h3c:ssl_vpn:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35653.yaml b/http/cves/2022/CVE-2022-35653.yaml index c535a291717..a438f6fecb6 100644 --- a/http/cves/2022/CVE-2022-35653.yaml +++ b/http/cves/2022/CVE-2022-35653.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-35653 cwe-id: CWE-79 - epss-score: 0.00815 - epss-percentile: 0.79909 + epss-score: 0.00921 + epss-percentile: 0.82544 cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35914.yaml b/http/cves/2022/CVE-2022-35914.yaml index 0fd66fd0289..3c15698def8 100644 --- a/http/cves/2022/CVE-2022-35914.yaml +++ b/http/cves/2022/CVE-2022-35914.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-35914 cwe-id: CWE-74 - epss-score: 0.96908 - epss-percentile: 0.99653 + epss-score: 0.97399 + epss-percentile: 0.99914 cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36537.yaml b/http/cves/2022/CVE-2022-36537.yaml index 44fd9fa5e59..d272cad6558 100644 --- a/http/cves/2022/CVE-2022-36537.yaml +++ b/http/cves/2022/CVE-2022-36537.yaml @@ -15,13 +15,14 @@ info: - https://tracker.zkoss.org/browse/ZK-5150 - https://nvd.nist.gov/vuln/detail/CVE-2022-36537 - https://www.bleepingcomputer.com/news/security/cisa-warns-of-hackers-exploiting-zk-java-framework-rce-flaw/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-36537 cwe-id: CWE-200 - epss-score: 0.89401 - epss-percentile: 0.98505 + epss-score: 0.95859 + epss-percentile: 0.99401 cpe: cpe:2.3:a:zkoss:zk_framework:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36804.yaml b/http/cves/2022/CVE-2022-36804.yaml index 06d5274538c..40a566c0b75 100644 --- a/http/cves/2022/CVE-2022-36804.yaml +++ b/http/cves/2022/CVE-2022-36804.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-36804 cwe-id: CWE-77 - epss-score: 0.97171 - epss-percentile: 0.99769 + epss-score: 0.97343 + epss-percentile: 0.99886 cpe: cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-37042.yaml b/http/cves/2022/CVE-2022-37042.yaml index f8725655f5d..7f7d5a80b78 100644 --- a/http/cves/2022/CVE-2022-37042.yaml +++ b/http/cves/2022/CVE-2022-37042.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-37042 cwe-id: CWE-22 - epss-score: 0.97483 - epss-percentile: 0.99965 + epss-score: 0.97539 + epss-percentile: 0.99994 cpe: cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2022/CVE-2022-37153.yaml b/http/cves/2022/CVE-2022-37153.yaml index 99d1f46265c..7212ed832a3 100644 --- a/http/cves/2022/CVE-2022-37153.yaml +++ b/http/cves/2022/CVE-2022-37153.yaml @@ -11,13 +11,16 @@ info: reference: - https://github.com/Fjowel/CVE-2022-37153 - https://nvd.nist.gov/vuln/detail/CVE-2022-37153 + - https://github.com/SYRTI/POC_to_review + - https://github.com/WhooAmii/POC_to_review + - https://github.com/k0mi-tg/CVE-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-37153 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40565 + epss-score: 0.0013 + epss-percentile: 0.47096 cpe: cpe:2.3:a:articatech:artica_proxy:4.30.000000:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-37299.yaml b/http/cves/2022/CVE-2022-37299.yaml index b5106667c1e..248176fd846 100644 --- a/http/cves/2022/CVE-2022-37299.yaml +++ b/http/cves/2022/CVE-2022-37299.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2022-37299 cwe-id: CWE-22 - epss-score: 0.00593 - epss-percentile: 0.76034 + epss-score: 0.00772 + epss-percentile: 0.80878 cpe: cpe:2.3:a:shirne_cms_project:shirne_cms:1.2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38131.yaml b/http/cves/2022/CVE-2022-38131.yaml index cfcec81756b..4677b5aeb04 100644 --- a/http/cves/2022/CVE-2022-38131.yaml +++ b/http/cves/2022/CVE-2022-38131.yaml @@ -6,29 +6,29 @@ info: severity: medium description: | RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites. - reference: - - https://tenable.com/security/research/tra-2022-30 - - https://support.posit.co/hc/en-us/articles/10983374992023-CVE-2022-38131-configuration-issue-in-Posit-Connect - - https://github.com/JoshuaMart/JoshuaMart impact: | An attacker can exploit the vulnerability to redirect users to malicious websites, potentially leading to phishing attacks or other security breaches. remediation: | This issue is fixed in Connect v2023.05. Additionally, for users running Connect v1.7.2 and later, the issue is resolvable via a configuration setting mentioned in the support article. + reference: + - https://tenable.com/security/research/tra-2022-30 + - https://support.posit.co/hc/en-us/articles/10983374992023-CVE-2022-38131-configuration-issue-in-Posit-Connect + - https://github.com/JoshuaMart/JoshuaMart classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-38131 cwe-id: CWE-601 - cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:* epss-score: 0.0006 epss-percentile: 0.23591 + cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: rstudio product: connect shodan-query: "http.favicon.hash:217119619" fofa-query: "app=\"RStudio-Connect\"" - max-request: 1 - verified: true - vendor: rstudio tags: tenable,cve,cve2022,redirect,rstudio http: diff --git a/http/cves/2022/CVE-2022-38463.yaml b/http/cves/2022/CVE-2022-38463.yaml index 93a53cce2db..87cdff6231a 100644 --- a/http/cves/2022/CVE-2022-38463.yaml +++ b/http/cves/2022/CVE-2022-38463.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-38463 cwe-id: CWE-79 - epss-score: 0.00141 - epss-percentile: 0.49842 + epss-score: 0.00174 + epss-percentile: 0.53646 cpe: cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38467.yaml b/http/cves/2022/CVE-2022-38467.yaml index 56505982ce1..5c7395b4975 100644 --- a/http/cves/2022/CVE-2022-38467.yaml +++ b/http/cves/2022/CVE-2022-38467.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/crm-perks-forms/ - https://nvd.nist.gov/vuln/detail/CVE-2022-38467 - https://patchstack.com/database/vulnerability/crm-perks-forms/wordpress-crm-perks-forms-plugin-1-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-38467 cwe-id: CWE-79 - epss-score: 0.00074 - epss-percentile: 0.30453 + epss-score: 0.00092 + epss-percentile: 0.37951 cpe: cpe:2.3:a:crmperks:crm_perks_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38637.yaml b/http/cves/2022/CVE-2022-38637.yaml index 6a30e273fd9..2227d45a29d 100644 --- a/http/cves/2022/CVE-2022-38637.yaml +++ b/http/cves/2022/CVE-2022-38637.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-38637 cwe-id: CWE-89 - epss-score: 0.01367 - epss-percentile: 0.84869 + epss-score: 0.01231 + epss-percentile: 0.85126 cpe: cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38870.yaml b/http/cves/2022/CVE-2022-38870.yaml index 9841808a7dc..dfee9546a1c 100644 --- a/http/cves/2022/CVE-2022-38870.yaml +++ b/http/cves/2022/CVE-2022-38870.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-38870 cwe-id: CWE-306 epss-score: 0.01064 - epss-percentile: 0.82602 + epss-percentile: 0.83839 cpe: cpe:2.3:a:free5gc:free5gc:3.2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-39195.yaml b/http/cves/2022/CVE-2022-39195.yaml index 6b83b6f55c2..39ef9ee18df 100644 --- a/http/cves/2022/CVE-2022-39195.yaml +++ b/http/cves/2022/CVE-2022-39195.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-39195 cwe-id: CWE-79 - epss-score: 0.00174 - epss-percentile: 0.54613 + epss-score: 0.00211 + epss-percentile: 0.58386 cpe: cpe:2.3:a:lsoft:listserv:17.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3933.yaml b/http/cves/2022/CVE-2022-3933.yaml index 2f19fd35168..84f79c3436f 100644 --- a/http/cves/2022/CVE-2022-3933.yaml +++ b/http/cves/2022/CVE-2022-3933.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/essential-real-estate/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3933 - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-3933 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38676 + epss-percentile: 0.37956 cpe: cpe:2.3:a:g5theme:essential_real_estate:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3934.yaml b/http/cves/2022/CVE-2022-3934.yaml index f42144ee5ef..ce8a4e4e84f 100644 --- a/http/cves/2022/CVE-2022-3934.yaml +++ b/http/cves/2022/CVE-2022-3934.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-3934 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-3934 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38676 + epss-percentile: 0.37956 cpe: cpe:2.3:a:mehanoid:flat_pm:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3980.yaml b/http/cves/2022/CVE-2022-3980.yaml index 092591d06fc..94abdbb8a4e 100644 --- a/http/cves/2022/CVE-2022-3980.yaml +++ b/http/cves/2022/CVE-2022-3980.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-3980 cwe-id: CWE-611 epss-score: 0.49036 - epss-percentile: 0.97217 + epss-percentile: 0.97431 cpe: cpe:2.3:a:sophos:mobile:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3982.yaml b/http/cves/2022/CVE-2022-3982.yaml index 8c652ce655c..8a1274eb2b1 100644 --- a/http/cves/2022/CVE-2022-3982.yaml +++ b/http/cves/2022/CVE-2022-3982.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/4d91f3e1-4de9-46c1-b5ba-cc55b7726867 - https://wordpress.org/plugins/booking-calendar/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3982 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-3982 cwe-id: CWE-434 - epss-score: 0.15593 - epss-percentile: 0.9539 + epss-score: 0.20211 + epss-percentile: 0.96236 cpe: cpe:2.3:a:wpdevart:booking_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-39952.yaml b/http/cves/2022/CVE-2022-39952.yaml index 5bf32b96434..6fc769671a8 100644 --- a/http/cves/2022/CVE-2022-39952.yaml +++ b/http/cves/2022/CVE-2022-39952.yaml @@ -14,13 +14,14 @@ info: - https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/ - https://github.com/horizon3ai/CVE-2022-39952 - https://nvd.nist.gov/vuln/detail/CVE-2022-39952 + - https://github.com/1f3lse/taiE classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-39952 cwe-id: CWE-668,CWE-73 - epss-score: 0.87247 - epss-percentile: 0.98369 + epss-score: 0.96445 + epss-percentile: 0.99548 cpe: cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-39986.yaml b/http/cves/2022/CVE-2022-39986.yaml index fcb08ca48dc..99145e62836 100644 --- a/http/cves/2022/CVE-2022-39986.yaml +++ b/http/cves/2022/CVE-2022-39986.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-39986 cwe-id: CWE-77 - epss-score: 0.8322 - epss-percentile: 0.98189 + epss-score: 0.87977 + epss-percentile: 0.98588 cpe: cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40022.yaml b/http/cves/2022/CVE-2022-40022.yaml index a531b249ed8..24fedbdf6ce 100644 --- a/http/cves/2022/CVE-2022-40022.yaml +++ b/http/cves/2022/CVE-2022-40022.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-40022 cwe-id: CWE-77 - epss-score: 0.82544 - epss-percentile: 0.98138 + epss-score: 0.82869 + epss-percentile: 0.98341 cpe: cpe:2.3:o:microchip:syncserver_s650_firmware:-:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-40047.yaml b/http/cves/2022/CVE-2022-40047.yaml index d82a970946d..44d7324af39 100644 --- a/http/cves/2022/CVE-2022-40047.yaml +++ b/http/cves/2022/CVE-2022-40047.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2022-40047 cwe-id: CWE-79 epss-score: 0.00535 - epss-percentile: 0.74743 + epss-percentile: 0.76696 cpe: cpe:2.3:a:flatpress:flatpress:1.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40127.yaml b/http/cves/2022/CVE-2022-40127.yaml index 6853799254e..ab415c2dbdf 100644 --- a/http/cves/2022/CVE-2022-40127.yaml +++ b/http/cves/2022/CVE-2022-40127.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-40127 cwe-id: CWE-94 - epss-score: 0.156 - epss-percentile: 0.95426 + epss-score: 0.28782 + epss-percentile: 0.96752 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40359.yaml b/http/cves/2022/CVE-2022-40359.yaml index aded7eda786..0a6207336a0 100644 --- a/http/cves/2022/CVE-2022-40359.yaml +++ b/http/cves/2022/CVE-2022-40359.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-40359 cwe-id: CWE-79 - epss-score: 0.00109 - epss-percentile: 0.43825 + epss-score: 0.00129 + epss-percentile: 0.46796 cpe: cpe:2.3:a:kfm_project:kfm:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4049.yaml b/http/cves/2022/CVE-2022-4049.yaml index 19fd815ff28..f8cd9644547 100644 --- a/http/cves/2022/CVE-2022-4049.yaml +++ b/http/cves/2022/CVE-2022-4049.yaml @@ -10,13 +10,14 @@ info: - https://wpscan.com/vulnerability/9b0781e2-ad62-4308-bafc-d45b9a2472be - https://wordpress.org/plugins/wp-user/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4049 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4049 cwe-id: CWE-89 - epss-score: 0.03472 - epss-percentile: 0.9061 + epss-score: 0.04217 + epss-percentile: 0.92045 cpe: cpe:2.3:a:wp_user_project:wp_user:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-4050.yaml b/http/cves/2022/CVE-2022-4050.yaml index e09635755e4..b0a873058b0 100644 --- a/http/cves/2022/CVE-2022-4050.yaml +++ b/http/cves/2022/CVE-2022-4050.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/5c96bb40-4c2d-4e91-8339-e0ddce25912f - https://wordpress.org/plugins/joomsport-sports-league-results-management/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4050 cwe-id: CWE-89 - epss-score: 0.03472 - epss-percentile: 0.90572 + epss-score: 0.04713 + epss-percentile: 0.9246 cpe: cpe:2.3:a:beardev:joomsport:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4060.yaml b/http/cves/2022/CVE-2022-4060.yaml index fbad4bd075a..6f3ee7f1b6c 100644 --- a/http/cves/2022/CVE-2022-4060.yaml +++ b/http/cves/2022/CVE-2022-4060.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-4060 cwe-id: CWE-94 - epss-score: 0.02591 - epss-percentile: 0.8921 + epss-score: 0.03753 + epss-percentile: 0.91618 cpe: cpe:2.3:a:odude:user_post_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4063.yaml b/http/cves/2022/CVE-2022-4063.yaml index dfdc0d6ee93..1dd30570c25 100644 --- a/http/cves/2022/CVE-2022-4063.yaml +++ b/http/cves/2022/CVE-2022-4063.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/6bb07ec1-f1aa-4f4b-9717-c92f651a90a7 - https://wordpress.org/plugins/inpost-gallery/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4063 + - https://github.com/cyllective/CVEs + - https://github.com/im-hanzou/INPGer classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4063 cwe-id: CWE-22 - epss-score: 0.02826 - epss-percentile: 0.89619 + epss-score: 0.04425 + epss-percentile: 0.92213 cpe: cpe:2.3:a:pluginus:inpost_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40684.yaml b/http/cves/2022/CVE-2022-40684.yaml index b9c39012a1a..04902b17dc3 100644 --- a/http/cves/2022/CVE-2022-40684.yaml +++ b/http/cves/2022/CVE-2022-40684.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-40684 cwe-id: CWE-287 - epss-score: 0.95976 - epss-percentile: 0.99351 + epss-score: 0.97217 + epss-percentile: 0.99817 cpe: cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-40843.yaml b/http/cves/2022/CVE-2022-40843.yaml index 9d254657f74..091199576c7 100644 --- a/http/cves/2022/CVE-2022-40843.yaml +++ b/http/cves/2022/CVE-2022-40843.yaml @@ -18,8 +18,8 @@ info: cvss-score: 4.9 cve-id: CVE-2022-40843 cwe-id: CWE-287 - epss-score: 0.33771 - epss-percentile: 0.96664 + epss-score: 0.40937 + epss-percentile: 0.97197 cpe: cpe:2.3:o:tenda:w15e_firmware:15.11.0.10\(1576\):*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-40879.yaml b/http/cves/2022/CVE-2022-40879.yaml index 140014c4612..a97e64ad66d 100644 --- a/http/cves/2022/CVE-2022-40879.yaml +++ b/http/cves/2022/CVE-2022-40879.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-40879 cwe-id: CWE-79 - epss-score: 0.01051 - epss-percentile: 0.82456 + epss-score: 0.03708 + epss-percentile: 0.91567 cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4117.yaml b/http/cves/2022/CVE-2022-4117.yaml index 8a0af327942..f4fcaa036eb 100644 --- a/http/cves/2022/CVE-2022-4117.yaml +++ b/http/cves/2022/CVE-2022-4117.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/1fac3eb4-13c0-442d-b27c-7b7736208193 - https://wordpress.org/plugins/iws-geo-form-fields/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4117 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4117 cwe-id: CWE-89 - epss-score: 0.03182 - epss-percentile: 0.90165 + epss-score: 0.03413 + epss-percentile: 0.9123 cpe: cpe:2.3:a:iws-geo-form-fields_project:iws-geo-form-fields:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-41441.yaml b/http/cves/2022/CVE-2022-41441.yaml index 544c64309f5..aa1bd7857a5 100644 --- a/http/cves/2022/CVE-2022-41441.yaml +++ b/http/cves/2022/CVE-2022-41441.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-41441 cwe-id: CWE-79 - epss-score: 0.00108 - epss-percentile: 0.43362 + epss-score: 0.00155 + epss-percentile: 0.5093 cpe: cpe:2.3:a:reqlogic:reqlogic:11.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-41473.yaml b/http/cves/2022/CVE-2022-41473.yaml index ca0cc5bdc81..0b79a264a1d 100644 --- a/http/cves/2022/CVE-2022-41473.yaml +++ b/http/cves/2022/CVE-2022-41473.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/ralap-z/rpcms/issues/1 - https://nvd.nist.gov/vuln/detail/CVE-2022-41473 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-41473 cwe-id: CWE-79 - epss-score: 0.02818 - epss-percentile: 0.89607 + epss-score: 0.012 + epss-percentile: 0.84884 cpe: cpe:2.3:a:rpcms:rpcms:3.0.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42094.yaml b/http/cves/2022/CVE-2022-42094.yaml index 86c571ea674..3a3cb63e7b8 100644 --- a/http/cves/2022/CVE-2022-42094.yaml +++ b/http/cves/2022/CVE-2022-42094.yaml @@ -15,13 +15,14 @@ info: - https://github.com/bypazs/CVE-2022-42094 - https://nvd.nist.gov/vuln/detail/CVE-2022-42094 - https://backdropcms.org + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2022-42094 cwe-id: CWE-79 - epss-score: 0.00283 - epss-percentile: 0.65254 + epss-score: 0.0071 + epss-percentile: 0.80039 cpe: cpe:2.3:a:backdropcms:backdrop:1.23.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4260.yaml b/http/cves/2022/CVE-2022-4260.yaml index 088e7e39b0d..c25676de333 100644 --- a/http/cves/2022/CVE-2022-4260.yaml +++ b/http/cves/2022/CVE-2022-4260.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/d0cf24be-df87-4e1f-aae7-e9684c88e7db - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4260 - https://drive.google.com/file/d/11nQ21cQ9irajYqNqsQtNrLJOkeRcwCXn/view?usp=drivesdk + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2022-4260 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38897 + epss-percentile: 0.38207 cpe: cpe:2.3:a:wp-ban_project:wp-ban:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42746.yaml b/http/cves/2022/CVE-2022-42746.yaml index 6aab5f3b7f8..93f7116ec95 100644 --- a/http/cves/2022/CVE-2022-42746.yaml +++ b/http/cves/2022/CVE-2022-42746.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-42746 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43585 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42748.yaml b/http/cves/2022/CVE-2022-42748.yaml index 8b155d63efa..e53ab59af28 100644 --- a/http/cves/2022/CVE-2022-42748.yaml +++ b/http/cves/2022/CVE-2022-42748.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-42748 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43585 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42749.yaml b/http/cves/2022/CVE-2022-42749.yaml index 5b4064d4f2b..b3860a1e319 100644 --- a/http/cves/2022/CVE-2022-42749.yaml +++ b/http/cves/2022/CVE-2022-42749.yaml @@ -15,13 +15,14 @@ info: - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ - https://nvd.nist.gov/vuln/detail/CVE-2022-42749 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-42749 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43507 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4301.yaml b/http/cves/2022/CVE-2022-4301.yaml index 364dd76da44..caebfb868ad 100644 --- a/http/cves/2022/CVE-2022-4301.yaml +++ b/http/cves/2022/CVE-2022-4301.yaml @@ -12,13 +12,16 @@ info: reference: - https://wpscan.com/vulnerability/a8dca528-fb70-44f3-8149-21385039179d - https://nvd.nist.gov/vuln/detail/CVE-2022-4301 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-4301 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32657 + epss-score: 0.00119 + epss-percentile: 0.45193 cpe: cpe:2.3:a:sunshinephotocart:sunshine_photo_cart:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43014.yaml b/http/cves/2022/CVE-2022-43014.yaml index 5a096f2b0e4..67f9ca10d38 100644 --- a/http/cves/2022/CVE-2022-43014.yaml +++ b/http/cves/2022/CVE-2022-43014.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_joborderID.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43014 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-43014 cwe-id: CWE-79 epss-score: 0.00099 - epss-percentile: 0.40565 + epss-percentile: 0.39871 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43015.yaml b/http/cves/2022/CVE-2022-43015.yaml index 964d615c613..c21d20e83be 100644 --- a/http/cves/2022/CVE-2022-43015.yaml +++ b/http/cves/2022/CVE-2022-43015.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_entriesPerPage.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43015 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-43015 cwe-id: CWE-79 epss-score: 0.00099 - epss-percentile: 0.40565 + epss-percentile: 0.39871 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43016.yaml b/http/cves/2022/CVE-2022-43016.yaml index c9d16375c9b..aca53ba4860 100644 --- a/http/cves/2022/CVE-2022-43016.yaml +++ b/http/cves/2022/CVE-2022-43016.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_callback.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43016 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-43016 cwe-id: CWE-79 epss-score: 0.00099 - epss-percentile: 0.40565 + epss-percentile: 0.39871 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4305.yaml b/http/cves/2022/CVE-2022-4305.yaml index ba0a664a4ad..2fa1e8b470a 100644 --- a/http/cves/2022/CVE-2022-4305.yaml +++ b/http/cves/2022/CVE-2022-4305.yaml @@ -10,13 +10,14 @@ info: reference: - https://wpscan.com/vulnerability/286d972d-7bda-455c-a226-fd9ce5f925bd - https://nvd.nist.gov/vuln/detail/CVE-2022-4305 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4305 cwe-id: CWE-269 - epss-score: 0.03628 - epss-percentile: 0.90786 + epss-score: 0.04963 + epss-percentile: 0.92644 cpe: cpe:2.3:a:wp-buy:login_as_user_or_customer_\(user_switching\):*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4306.yaml b/http/cves/2022/CVE-2022-4306.yaml index 29262d69953..c7fb80ac932 100644 --- a/http/cves/2022/CVE-2022-4306.yaml +++ b/http/cves/2022/CVE-2022-4306.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-4306 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-4306 cwe-id: CWE-79 - epss-score: 0.00086 - epss-percentile: 0.35637 + epss-score: 0.00092 + epss-percentile: 0.37956 cpe: cpe:2.3:a:panda_pods_repeater_field_project:panda_pods_repeater_field:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43165.yaml b/http/cves/2022/CVE-2022-43165.yaml index 735f2e5f817..5db31667c9c 100644 --- a/http/cves/2022/CVE-2022-43165.yaml +++ b/http/cves/2022/CVE-2022-43165.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43165 cwe-id: CWE-79 - epss-score: 0.003 - epss-percentile: 0.66367 + epss-score: 0.00197 + epss-percentile: 0.56575 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43166.yaml b/http/cves/2022/CVE-2022-43166.yaml index e396645b127..b919211b7ac 100644 --- a/http/cves/2022/CVE-2022-43166.yaml +++ b/http/cves/2022/CVE-2022-43166.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43166 cwe-id: CWE-79 - epss-score: 0.003 - epss-percentile: 0.66367 + epss-score: 0.00197 + epss-percentile: 0.56575 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43167.yaml b/http/cves/2022/CVE-2022-43167.yaml index 41b7b2ed831..be541f4b7fa 100644 --- a/http/cves/2022/CVE-2022-43167.yaml +++ b/http/cves/2022/CVE-2022-43167.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43167 cwe-id: CWE-79 - epss-score: 0.00211 - epss-percentile: 0.5896 + epss-score: 0.00197 + epss-percentile: 0.56575 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-44290.yaml b/http/cves/2022/CVE-2022-44290.yaml index f26da23f0c5..87abba23812 100644 --- a/http/cves/2022/CVE-2022-44290.yaml +++ b/http/cves/2022/CVE-2022-44290.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-44290 cwe-id: CWE-89 - epss-score: 0.01189 - epss-percentile: 0.83631 + epss-score: 0.01336 + epss-percentile: 0.8578 cpe: cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44291.yaml b/http/cves/2022/CVE-2022-44291.yaml index ccbe6d9a227..6876a338436 100644 --- a/http/cves/2022/CVE-2022-44291.yaml +++ b/http/cves/2022/CVE-2022-44291.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-44291 cwe-id: CWE-89 - epss-score: 0.01189 - epss-percentile: 0.83572 + epss-score: 0.01336 + epss-percentile: 0.8578 cpe: cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44877.yaml b/http/cves/2022/CVE-2022-44877.yaml index 5e0a0b29edd..b549e2ab26e 100644 --- a/http/cves/2022/CVE-2022-44877.yaml +++ b/http/cves/2022/CVE-2022-44877.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-44877 cwe-id: CWE-78 - epss-score: 0.97451 - epss-percentile: 0.9995 + epss-score: 0.97427 + epss-percentile: 0.99935 cpe: cpe:2.3:a:control-webpanel:webpanel:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44944.yaml b/http/cves/2022/CVE-2022-44944.yaml index db95aefdb12..d4772b290a9 100644 --- a/http/cves/2022/CVE-2022-44944.yaml +++ b/http/cves/2022/CVE-2022-44944.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44944 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44949.yaml b/http/cves/2022/CVE-2022-44949.yaml index 282b66f29b2..d5c25b47bb3 100644 --- a/http/cves/2022/CVE-2022-44949.yaml +++ b/http/cves/2022/CVE-2022-44949.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44949 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38514 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44950.yaml b/http/cves/2022/CVE-2022-44950.yaml index 774f9f08c1b..0cbca36dbe0 100644 --- a/http/cves/2022/CVE-2022-44950.yaml +++ b/http/cves/2022/CVE-2022-44950.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44950 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44951.yaml b/http/cves/2022/CVE-2022-44951.yaml index dea3bd7f0f0..1ddb530ce5e 100644 --- a/http/cves/2022/CVE-2022-44951.yaml +++ b/http/cves/2022/CVE-2022-44951.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44951 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44952.yaml b/http/cves/2022/CVE-2022-44952.yaml index 26805a0bcef..b0385a0a8c0 100644 --- a/http/cves/2022/CVE-2022-44952.yaml +++ b/http/cves/2022/CVE-2022-44952.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44952 cwe-id: CWE-79 epss-score: 0.07295 - epss-percentile: 0.9342 + epss-percentile: 0.93905 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44957.yaml b/http/cves/2022/CVE-2022-44957.yaml index edb4ba89801..4d60d21c691 100644 --- a/http/cves/2022/CVE-2022-44957.yaml +++ b/http/cves/2022/CVE-2022-44957.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2022-44957 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45037.yaml b/http/cves/2022/CVE-2022-45037.yaml index f819f5641df..aba6f158f01 100644 --- a/http/cves/2022/CVE-2022-45037.yaml +++ b/http/cves/2022/CVE-2022-45037.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-45037 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38648 + epss-percentile: 0.37956 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45038.yaml b/http/cves/2022/CVE-2022-45038.yaml index 60006bdfee9..479dc6feb6f 100644 --- a/http/cves/2022/CVE-2022-45038.yaml +++ b/http/cves/2022/CVE-2022-45038.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-45038 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38648 + epss-percentile: 0.37956 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45354.yaml b/http/cves/2022/CVE-2022-45354.yaml index 8d29739aafa..8f8c43b76fc 100644 --- a/http/cves/2022/CVE-2022-45354.yaml +++ b/http/cves/2022/CVE-2022-45354.yaml @@ -14,12 +14,13 @@ info: - https://github.com/RandomRobbieBF/CVE-2022-45354 - https://wordpress.org/plugins/download-monitor/ - https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-7-60-sensitive-data-exposure-vulnerability?_s_id=cve + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-45354 - epss-score: 0.00553 - epss-percentile: 0.75108 + epss-score: 0.00408 + epss-percentile: 0.73349 cpe: cpe:2.3:a:wpchill:download_monitor:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45365.yaml b/http/cves/2022/CVE-2022-45365.yaml index 1f5bbb6e665..0454ac33b49 100644 --- a/http/cves/2022/CVE-2022-45365.yaml +++ b/http/cves/2022/CVE-2022-45365.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-45365 cwe-id: CWE-79 - epss-score: 0.00096 - epss-percentile: 0.39872 + epss-score: 0.00064 + epss-percentile: 0.26193 cpe: cpe:2.3:a:urosevic:stock_ticker:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-45805.yaml b/http/cves/2022/CVE-2022-45805.yaml index 66aefcecd00..2cda9505b5d 100644 --- a/http/cves/2022/CVE-2022-45805.yaml +++ b/http/cves/2022/CVE-2022-45805.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/paytm-payments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-45805 - https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-3-auth-sql-injection-sqli-vulnerability?_s_id=cve + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-45805 cwe-id: CWE-89 - epss-score: 0.00403 - epss-percentile: 0.70919 + epss-score: 0.00486 + epss-percentile: 0.75524 cpe: cpe:2.3:a:paytm:payment_gateway:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45835.yaml b/http/cves/2022/CVE-2022-45835.yaml index a784381b6eb..ce04fe0886b 100644 --- a/http/cves/2022/CVE-2022-45835.yaml +++ b/http/cves/2022/CVE-2022-45835.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-45835 cwe-id: CWE-918 - epss-score: 0.00404 - epss-percentile: 0.70943 + epss-score: 0.00359 + epss-percentile: 0.71627 cpe: cpe:2.3:a:phonepe:phonepe:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45933.yaml b/http/cves/2022/CVE-2022-45933.yaml index 8dd6ccadbb2..30f12a225df 100644 --- a/http/cves/2022/CVE-2022-45933.yaml +++ b/http/cves/2022/CVE-2022-45933.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-45933 cwe-id: CWE-306 - epss-score: 0.00808 - epss-percentile: 0.79889 + epss-score: 0.00908 + epss-percentile: 0.82406 cpe: cpe:2.3:a:kubeview_project:kubeview:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46020.yaml b/http/cves/2022/CVE-2022-46020.yaml index 7e172bfe121..5f6fdc0e263 100644 --- a/http/cves/2022/CVE-2022-46020.yaml +++ b/http/cves/2022/CVE-2022-46020.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-46020 cwe-id: CWE-434 - epss-score: 0.01665 - epss-percentile: 0.86271 + epss-score: 0.02743 + epss-percentile: 0.90317 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46071.yaml b/http/cves/2022/CVE-2022-46071.yaml index aaf540360b0..e13c7601200 100644 --- a/http/cves/2022/CVE-2022-46071.yaml +++ b/http/cves/2022/CVE-2022-46071.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-46071 cwe-id: CWE-89 - epss-score: 0.01295 - epss-percentile: 0.84411 + epss-score: 0.01454 + epss-percentile: 0.86393 cpe: cpe:2.3:a:helmet_store_showroom_site_project:helmet_store_showroom_site:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46073.yaml b/http/cves/2022/CVE-2022-46073.yaml index 098928a9ddc..fd2e640292d 100644 --- a/http/cves/2022/CVE-2022-46073.yaml +++ b/http/cves/2022/CVE-2022-46073.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-46073 cwe-id: CWE-79 - epss-score: 0.00086 - epss-percentile: 0.35505 + epss-score: 0.00094 + epss-percentile: 0.38558 cpe: cpe:2.3:a:helmet_store_showroom_project:helmet_store_showroom:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46169.yaml b/http/cves/2022/CVE-2022-46169.yaml index be0a574916d..739fe382502 100644 --- a/http/cves/2022/CVE-2022-46169.yaml +++ b/http/cves/2022/CVE-2022-46169.yaml @@ -20,9 +20,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-46169 - cwe-id: CWE-74,CWE-78 - epss-score: 0.9654 - epss-percentile: 0.99515 + cwe-id: CWE-78,CWE-74 + epss-score: 0.96526 + epss-percentile: 0.9958 cpe: cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46381.yaml b/http/cves/2022/CVE-2022-46381.yaml index 71dcdb4f210..3676dde4318 100644 --- a/http/cves/2022/CVE-2022-46381.yaml +++ b/http/cves/2022/CVE-2022-46381.yaml @@ -14,13 +14,15 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381 - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt - https://nvd.nist.gov/vuln/detail/CVE-2022-46381 + - https://github.com/amitlttwo/CVE-2022-46381 + - https://github.com/k0mi-tg/CVE-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-46381 cwe-id: CWE-79 - epss-score: 0.001 - epss-percentile: 0.40788 + epss-score: 0.00099 + epss-percentile: 0.39871 cpe: cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-07e:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46443.yaml b/http/cves/2022/CVE-2022-46443.yaml index e6974c118b3..4cf67132093 100644 --- a/http/cves/2022/CVE-2022-46443.yaml +++ b/http/cves/2022/CVE-2022-46443.yaml @@ -13,13 +13,14 @@ info: reference: - https://yuyudhn.github.io/CVE-2022-46443/ - https://nvd.nist.gov/vuln/detail/CVE-2022-46443 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-46443 cwe-id: CWE-89 - epss-score: 0.0501 - epss-percentile: 0.92086 + epss-score: 0.05592 + epss-percentile: 0.93095 cpe: cpe:2.3:a:bangresto_project:bangresto:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46463.yaml b/http/cves/2022/CVE-2022-46463.yaml index cf808c92755..0f51e26e8f0 100644 --- a/http/cves/2022/CVE-2022-46463.yaml +++ b/http/cves/2022/CVE-2022-46463.yaml @@ -15,13 +15,14 @@ info: - https://github.com/Vad1mo - https://github.com/lanqingaa/123/blob/main/README.md - https://github.com/lanqingaa/123/tree/bb48caa844d88b0e41e69157f2a2734311abf02d + - https://github.com/lanqingaa/123 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-46463 cwe-id: CWE-306 - epss-score: 0.00995 - epss-percentile: 0.81915 + epss-score: 0.01473 + epss-percentile: 0.86471 cpe: cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47002.yaml b/http/cves/2022/CVE-2022-47002.yaml index 130418c8ba2..f1687f0b4d3 100644 --- a/http/cves/2022/CVE-2022-47002.yaml +++ b/http/cves/2022/CVE-2022-47002.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-47002 cwe-id: CWE-863 - epss-score: 0.03466 - epss-percentile: 0.9056 + epss-score: 0.0395 + epss-percentile: 0.91808 cpe: cpe:2.3:a:masacms:masacms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47615.yaml b/http/cves/2022/CVE-2022-47615.yaml index b03ae7f1aba..04cffd47531 100644 --- a/http/cves/2022/CVE-2022-47615.yaml +++ b/http/cves/2022/CVE-2022-47615.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-47615 cwe-id: CWE-434 - epss-score: 0.00815 - epss-percentile: 0.79954 + epss-score: 0.01111 + epss-percentile: 0.84217 cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47966.yaml b/http/cves/2022/CVE-2022-47966.yaml index 2de59a23393..d9f17e67877 100644 --- a/http/cves/2022/CVE-2022-47966.yaml +++ b/http/cves/2022/CVE-2022-47966.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-47966 - epss-score: 0.97118 - epss-percentile: 0.99747 + epss-score: 0.97422 + epss-percentile: 0.9993 cpe: cpe:2.3:a:zohocorp:manageengine_access_manager_plus:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-48012.yaml b/http/cves/2022/CVE-2022-48012.yaml index fbbf987ed0d..e5122086489 100644 --- a/http/cves/2022/CVE-2022-48012.yaml +++ b/http/cves/2022/CVE-2022-48012.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-48012 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32323 + epss-score: 0.00112 + epss-percentile: 0.43742 cpe: cpe:2.3:a:opencats:opencats:0.9.7:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-48197.yaml b/http/cves/2022/CVE-2022-48197.yaml index 535760cf4dd..2b4a3217222 100644 --- a/http/cves/2022/CVE-2022-48197.yaml +++ b/http/cves/2022/CVE-2022-48197.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-48197 cwe-id: CWE-79 - epss-score: 0.00193 - epss-percentile: 0.57079 + epss-score: 0.0012 + epss-percentile: 0.45243 cpe: cpe:2.3:a:yui_project:yui:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0126.yaml b/http/cves/2023/CVE-2023-0126.yaml index 36448e078e4..06e6ffbe51e 100644 --- a/http/cves/2023/CVE-2023-0126.yaml +++ b/http/cves/2023/CVE-2023-0126.yaml @@ -14,13 +14,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-0126 - https://github.com/advisories/GHSA-mr28-27qx-phg3 - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0001 + - https://github.com/Gerxnox/One-Liner-Collections + - https://github.com/thecybertix/One-Liner-Collections classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-0126 cwe-id: CWE-22 - epss-score: 0.03857 - epss-percentile: 0.91024 + epss-score: 0.34658 + epss-percentile: 0.96997 cpe: cpe:2.3:o:sonicwall:sma1000_firmware:12.4.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-0236.yaml b/http/cves/2023/CVE-2023-0236.yaml index e2dfa130d45..26e6594e025 100644 --- a/http/cves/2023/CVE-2023-0236.yaml +++ b/http/cves/2023/CVE-2023-0236.yaml @@ -12,13 +12,14 @@ info: reference: - https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8 - https://nvd.nist.gov/vuln/detail/CVE-2023-0236 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-0236 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32657 + epss-score: 0.00119 + epss-percentile: 0.45193 cpe: cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0334.yaml b/http/cves/2023/CVE-2023-0334.yaml index 0afcb684c4f..30e4a1049ff 100644 --- a/http/cves/2023/CVE-2023-0334.yaml +++ b/http/cves/2023/CVE-2023-0334.yaml @@ -15,8 +15,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0334 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29124 + epss-score: 0.001 + epss-percentile: 0.40094 cpe: cpe:2.3:a:shortpixel:shortpixel_adaptive_images:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0514.yaml b/http/cves/2023/CVE-2023-0514.yaml index 7643acc4296..8df794d2444 100644 --- a/http/cves/2023/CVE-2023-0514.yaml +++ b/http/cves/2023/CVE-2023-0514.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-0514 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29179 + epss-percentile: 0.29003 cpe: cpe:2.3:a:membership_database_project:membership_database:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0552.yaml b/http/cves/2023/CVE-2023-0552.yaml index d20d4b04193..3dab61cfb12 100644 --- a/http/cves/2023/CVE-2023-0552.yaml +++ b/http/cves/2023/CVE-2023-0552.yaml @@ -16,8 +16,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-0552 cwe-id: CWE-601 - epss-score: 0.00086 - epss-percentile: 0.34914 + epss-score: 0.00092 + epss-percentile: 0.37956 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0562.yaml b/http/cves/2023/CVE-2023-0562.yaml index 67401a6a76f..cbf69f732a3 100644 --- a/http/cves/2023/CVE-2023-0562.yaml +++ b/http/cves/2023/CVE-2023-0562.yaml @@ -14,13 +14,14 @@ info: - https://vuldb.com/?ctiid.219716 - https://nvd.nist.gov/vuln/detail/CVE-2023-0562 - https://vuldb.com/?id.219716 + - https://github.com/ctflearner/ctflearner classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-0562 cwe-id: CWE-89 - epss-score: 0.02592 - epss-percentile: 0.89177 + epss-score: 0.02218 + epss-percentile: 0.89242 cpe: cpe:2.3:a:phpgurukul:bank_locker_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0563.yaml b/http/cves/2023/CVE-2023-0563.yaml index 3ee837241ae..b7de462860e 100644 --- a/http/cves/2023/CVE-2023-0563.yaml +++ b/http/cves/2023/CVE-2023-0563.yaml @@ -14,13 +14,14 @@ info: - https://vuldb.com/?ctiid.219717 - https://nvd.nist.gov/vuln/detail/CVE-2023-0563 - https://vuldb.com/?id.219717 + - https://github.com/ctflearner/ctflearner classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2023-0563 cwe-id: CWE-79 - epss-score: 0.00354 - epss-percentile: 0.68998 + epss-score: 0.00249 + epss-percentile: 0.64164 cpe: cpe:2.3:a:phpgurukul:bank_locker_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0600.yaml b/http/cves/2023/CVE-2023-0600.yaml index 9dab3cca64d..e55c4d4e82a 100644 --- a/http/cves/2023/CVE-2023-0600.yaml +++ b/http/cves/2023/CVE-2023-0600.yaml @@ -6,28 +6,28 @@ info: severity: critical description: | The plugin does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks. + remediation: Fixed in version 6.9 reference: - https://wpscan.com/vulnerability/8f46df4d-cb80-4d66-846f-85faf2ea0ec4 - https://nvd.nist.gov/vuln/detail/CVE-2023-0600 - remediation: Fixed in version 6.9 + - https://github.com/truocphan/VulnBox classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-0600 cwe-id: CWE-89 + epss-score: 0.02396 + epss-percentile: 0.89644 cpe: cpe:2.3:a:plugins-market:wp_visitor_statistics:*:*:*:*:*:wordpress:*:* - epss-score: 0.03606 - epss-percentile: 0.9066 metadata: - fofa-query: body="wp-stats-manager" - framework: wordpress + verified: true max-request: 2 + vendor: plugins-market product: wp_visitor_statistics + framework: wordpress + fofa-query: body="wp-stats-manager" public-www: /wp-content/plugins/wp-stats-manager/ - vendor: plugins-market - verified: true tags: cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market - variables: str: '{{rand_int(100000, 999999)}}' diff --git a/http/cves/2023/CVE-2023-0669.yaml b/http/cves/2023/CVE-2023-0669.yaml index e57bd24c933..f9e67012c38 100644 --- a/http/cves/2023/CVE-2023-0669.yaml +++ b/http/cves/2023/CVE-2023-0669.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-0669 cwe-id: CWE-502 - epss-score: 0.96821 - epss-percentile: 0.99616 + epss-score: 0.96954 + epss-percentile: 0.99709 cpe: cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0900.yaml b/http/cves/2023/CVE-2023-0900.yaml index 585e833b8b1..296d231971e 100644 --- a/http/cves/2023/CVE-2023-0900.yaml +++ b/http/cves/2023/CVE-2023-0900.yaml @@ -15,8 +15,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-0900 cwe-id: CWE-89 - epss-score: 0.00979 - epss-percentile: 0.81794 + epss-score: 0.00947 + epss-percentile: 0.82798 cpe: cpe:2.3:a:wpdevart:pricing_table_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0942.yaml b/http/cves/2023/CVE-2023-0942.yaml index 0c0c74cf4c1..01a7dfefb7e 100644 --- a/http/cves/2023/CVE-2023-0942.yaml +++ b/http/cves/2023/CVE-2023-0942.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0942 cwe-id: CWE-79 - epss-score: 0.00384 - epss-percentile: 0.70358 + epss-score: 0.0049 + epss-percentile: 0.7561 cpe: cpe:2.3:a:artisanworkshop:japanized_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0947.yaml b/http/cves/2023/CVE-2023-0947.yaml index f0a77e54d3f..23e8df985c6 100644 --- a/http/cves/2023/CVE-2023-0947.yaml +++ b/http/cves/2023/CVE-2023-0947.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-0947 cwe-id: CWE-22 - epss-score: 0.01669 - epss-percentile: 0.86282 + epss-score: 0.0114 + epss-percentile: 0.84427 cpe: cpe:2.3:a:flatpress:flatpress:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0948.yaml b/http/cves/2023/CVE-2023-0948.yaml index 70be52a87bb..d4531dc8dd8 100644 --- a/http/cves/2023/CVE-2023-0948.yaml +++ b/http/cves/2023/CVE-2023-0948.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-0948 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29205 + epss-percentile: 0.29003 cpe: cpe:2.3:a:artisanworkshop:japanized_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-1020.yaml b/http/cves/2023/CVE-2023-1020.yaml index 059f9cd4669..b1d60a6bc8c 100644 --- a/http/cves/2023/CVE-2023-1020.yaml +++ b/http/cves/2023/CVE-2023-1020.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-1020 cwe-id: CWE-89 - epss-score: 0.16196 - epss-percentile: 0.95507 + epss-score: 0.05497 + epss-percentile: 0.93034 cpe: cpe:2.3:a:wp_live_chat_shoutbox_project:wp_live_chat_shoutbox:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1080.yaml b/http/cves/2023/CVE-2023-1080.yaml index 60aa60989ca..812dc0c9680 100644 --- a/http/cves/2023/CVE-2023-1080.yaml +++ b/http/cves/2023/CVE-2023-1080.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-1080 cwe-id: CWE-79 - epss-score: 0.00229 - epss-percentile: 0.61047 + epss-score: 0.0025 + epss-percentile: 0.64332 cpe: cpe:2.3:a:gnpublisher:gn_publisher:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1263.yaml b/http/cves/2023/CVE-2023-1263.yaml index d9df4573161..08482dcb851 100644 --- a/http/cves/2023/CVE-2023-1263.yaml +++ b/http/cves/2023/CVE-2023-1263.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-1263 cwe-id: CWE-200 - epss-score: 0.00254 - epss-percentile: 0.63154 + epss-score: 0.00238 + epss-percentile: 0.61195 cpe: cpe:2.3:a:niteothemes:coming_soon_\&_maintenance:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1454.yaml b/http/cves/2023/CVE-2023-1454.yaml index be478c96ba2..0c41c94a32f 100644 --- a/http/cves/2023/CVE-2023-1454.yaml +++ b/http/cves/2023/CVE-2023-1454.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-1454 - https://vuldb.com/?ctiid.223299 - https://vuldb.com/?id.223299 + - https://github.com/Awrrays/FrameVul classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1454 cwe-id: CWE-89 - epss-score: 0.0391 - epss-percentile: 0.91088 + epss-score: 0.04509 + epss-percentile: 0.92282 cpe: cpe:2.3:a:jeecg:jeecg-boot:3.5.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-1496.yaml b/http/cves/2023/CVE-2023-1496.yaml index 48fabf1ecb5..60053821b1a 100644 --- a/http/cves/2023/CVE-2023-1496.yaml +++ b/http/cves/2023/CVE-2023-1496.yaml @@ -17,8 +17,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-1496 cwe-id: CWE-79 - epss-score: 0.00077 - epss-percentile: 0.31886 + epss-score: 0.00085 + epss-percentile: 0.34963 cpe: cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1671.yaml b/http/cves/2023/CVE-2023-1671.yaml index 968e1b63f14..9ed9df9ec51 100644 --- a/http/cves/2023/CVE-2023-1671.yaml +++ b/http/cves/2023/CVE-2023-1671.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-1671 - http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html - https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce + - https://github.com/lions2012/Penetration_Testing_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1671 cwe-id: CWE-77 - epss-score: 0.95313 - epss-percentile: 0.99196 + epss-score: 0.96156 + epss-percentile: 0.99469 cpe: cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1698.yaml b/http/cves/2023/CVE-2023-1698.yaml index ef9023ed835..859c29191fb 100644 --- a/http/cves/2023/CVE-2023-1698.yaml +++ b/http/cves/2023/CVE-2023-1698.yaml @@ -14,13 +14,15 @@ info: - https://onekey.com/blog/security-advisory-wago-unauthenticated-remote-command-execution/ - https://nvd.nist.gov/vuln/detail/CVE-2023-1698 - https://cert.vde.com/en/advisories/VDE-2023-007/ + - https://github.com/codeb0ss/CVE-2023-1698-PoC + - https://github.com/deIndra/CVE-2023-1698 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1698 cwe-id: CWE-78 - epss-score: 0.47065 - epss-percentile: 0.97124 + epss-score: 0.55051 + epss-percentile: 0.97591 cpe: cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-1719.yaml b/http/cves/2023/CVE-2023-1719.yaml index d5271635ac8..0c8bbd66faa 100644 --- a/http/cves/2023/CVE-2023-1719.yaml +++ b/http/cves/2023/CVE-2023-1719.yaml @@ -9,13 +9,14 @@ info: reference: - https://starlabs.sg/advisories/23/23-1719/ - https://nvd.nist.gov/vuln/detail/CVE-2023-1719 + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1719 cwe-id: CWE-665 epss-score: 0.02807 - epss-percentile: 0.89587 + epss-percentile: 0.90415 cpe: cpe:2.3:a:bitrix24:bitrix24:22.0.300:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1730.yaml b/http/cves/2023/CVE-2023-1730.yaml index 0bd8e1502c1..98be5172ead 100644 --- a/http/cves/2023/CVE-2023-1730.yaml +++ b/http/cves/2023/CVE-2023-1730.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-1730 cwe-id: CWE-89 - epss-score: 0.16196 - epss-percentile: 0.95507 + epss-score: 0.05497 + epss-percentile: 0.93034 cpe: cpe:2.3:a:supportcandy:supportcandy:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-1780.yaml b/http/cves/2023/CVE-2023-1780.yaml index 8f9f2590f19..f3055a28e98 100644 --- a/http/cves/2023/CVE-2023-1780.yaml +++ b/http/cves/2023/CVE-2023-1780.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-1780 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29205 + epss-percentile: 0.2903 cpe: cpe:2.3:a:codeermeneer:companion_sitemap_generator:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1835.yaml b/http/cves/2023/CVE-2023-1835.yaml index 74b928c2714..071b29016e9 100644 --- a/http/cves/2023/CVE-2023-1835.yaml +++ b/http/cves/2023/CVE-2023-1835.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-1835 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29179 + epss-percentile: 0.29003 cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1880.yaml b/http/cves/2023/CVE-2023-1880.yaml index a78c7025e11..2427c34a71e 100644 --- a/http/cves/2023/CVE-2023-1880.yaml +++ b/http/cves/2023/CVE-2023-1880.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-1880 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29121 + epss-score: 0.00078 + epss-percentile: 0.3203 cpe: cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1890.yaml b/http/cves/2023/CVE-2023-1890.yaml index ecc61f913b7..c9919cbeddd 100644 --- a/http/cves/2023/CVE-2023-1890.yaml +++ b/http/cves/2023/CVE-2023-1890.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-1890 cwe-id: CWE-79 - epss-score: 0.00302 - epss-percentile: 0.66493 + epss-score: 0.00203 + epss-percentile: 0.57653 cpe: cpe:2.3:a:pauple:tablesome:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-20073.yaml b/http/cves/2023/CVE-2023-20073.yaml index 21ddeb2a710..4fc46cd88af 100644 --- a/http/cves/2023/CVE-2023-20073.yaml +++ b/http/cves/2023/CVE-2023-20073.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-20073 cwe-id: CWE-434 - epss-score: 0.52411 - epss-percentile: 0.97303 + epss-score: 0.38542 + epss-percentile: 0.97132 cpe: cpe:2.3:o:cisco:rv340_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2009.yaml b/http/cves/2023/CVE-2023-2009.yaml index f0671b28c27..587a044952b 100644 --- a/http/cves/2023/CVE-2023-2009.yaml +++ b/http/cves/2023/CVE-2023-2009.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-2009 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.32649 + epss-percentile: 0.3232 cpe: cpe:2.3:a:pretty_url_project:pretty_url:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2023.yaml b/http/cves/2023/CVE-2023-2023.yaml index d583d919411..849d8b3ec67 100644 --- a/http/cves/2023/CVE-2023-2023.yaml +++ b/http/cves/2023/CVE-2023-2023.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2023 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29245 + epss-score: 0.00374 + epss-percentile: 0.722 cpe: cpe:2.3:a:kunalnagar:custom_404_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-20864.yaml b/http/cves/2023/CVE-2023-20864.yaml index d9474727632..5ddbd433db9 100644 --- a/http/cves/2023/CVE-2023-20864.yaml +++ b/http/cves/2023/CVE-2023-20864.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.vmware.com/security/advisories/VMSA-2023-0007.html - https://nvd.nist.gov/vuln/detail/CVE-2023-20864 + - https://github.com/Threekiii/CVE classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-20864 cwe-id: CWE-502 - epss-score: 0.22038 - epss-percentile: 0.96031 + epss-score: 0.29094 + epss-percentile: 0.96766 cpe: cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-20887.yaml b/http/cves/2023/CVE-2023-20887.yaml index 5bed794c080..b70a70b6e6a 100644 --- a/http/cves/2023/CVE-2023-20887.yaml +++ b/http/cves/2023/CVE-2023-20887.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-20887 cwe-id: CWE-77 - epss-score: 0.96266 - epss-percentile: 0.99422 + epss-score: 0.96408 + epss-percentile: 0.99538 cpe: cpe:2.3:a:vmware:vrealize_network_insight:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2122.yaml b/http/cves/2023/CVE-2023-2122.yaml index 63079a201c2..ab180e2a414 100644 --- a/http/cves/2023/CVE-2023-2122.yaml +++ b/http/cves/2023/CVE-2023-2122.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-2122 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26204 + epss-percentile: 0.26189 cpe: cpe:2.3:a:10web:image_optimizer:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-2178.yaml b/http/cves/2023/CVE-2023-2178.yaml index 41d4910a338..a1d5491e6ed 100644 --- a/http/cves/2023/CVE-2023-2178.yaml +++ b/http/cves/2023/CVE-2023-2178.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-2178 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.32659 + epss-percentile: 0.3232 cpe: cpe:2.3:a:aajoda:aajoda_testimonials:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22232.yaml b/http/cves/2023/CVE-2023-22232.yaml index a2084bfd520..0a5dcdaec32 100644 --- a/http/cves/2023/CVE-2023-22232.yaml +++ b/http/cves/2023/CVE-2023-22232.yaml @@ -16,8 +16,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-22232 cwe-id: CWE-284,NVD-CWE-noinfo - epss-score: 0.12027 - epss-percentile: 0.94872 + epss-score: 0.13033 + epss-percentile: 0.95385 cpe: cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22432.yaml b/http/cves/2023/CVE-2023-22432.yaml index 085ef7e208f..81c4795fcab 100644 --- a/http/cves/2023/CVE-2023-22432.yaml +++ b/http/cves/2023/CVE-2023-22432.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-22432 cwe-id: CWE-601 - epss-score: 0.02498 - epss-percentile: 0.88998 + epss-score: 0.00877 + epss-percentile: 0.82098 cpe: cpe:2.3:a:web2py:web2py:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22463.yaml b/http/cves/2023/CVE-2023-22463.yaml index 05fd8459033..59473003f39 100644 --- a/http/cves/2023/CVE-2023-22463.yaml +++ b/http/cves/2023/CVE-2023-22463.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22463 cwe-id: CWE-798 - epss-score: 0.02067 - epss-percentile: 0.8787 + epss-score: 0.02033 + epss-percentile: 0.88693 cpe: cpe:2.3:a:fit2cloud:kubepi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22478.yaml b/http/cves/2023/CVE-2023-22478.yaml index 774898e7f3d..7967ca1f225 100644 --- a/http/cves/2023/CVE-2023-22478.yaml +++ b/http/cves/2023/CVE-2023-22478.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-22478 cwe-id: CWE-862 - epss-score: 0.03166 - epss-percentile: 0.90172 + epss-score: 0.03365 + epss-percentile: 0.91177 cpe: cpe:2.3:a:fit2cloud:kubepi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22480.yaml b/http/cves/2023/CVE-2023-22480.yaml index 4c6b9d7d04f..60690bd8312 100644 --- a/http/cves/2023/CVE-2023-22480.yaml +++ b/http/cves/2023/CVE-2023-22480.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22480 cwe-id: CWE-863,CWE-285 - epss-score: 0.01867 - epss-percentile: 0.87123 + epss-score: 0.01487 + epss-percentile: 0.86532 cpe: cpe:2.3:a:fit2cloud:kubeoperator:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22518.yaml b/http/cves/2023/CVE-2023-22518.yaml index bb923f309db..f9ee8f91d70 100644 --- a/http/cves/2023/CVE-2023-22518.yaml +++ b/http/cves/2023/CVE-2023-22518.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22518 cwe-id: CWE-863 - epss-score: 0.96525 - epss-percentile: 0.99513 + epss-score: 0.97011 + epss-percentile: 0.99725 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2252.yaml b/http/cves/2023/CVE-2023-2252.yaml index cecfabf6227..c830eb7c778 100644 --- a/http/cves/2023/CVE-2023-2252.yaml +++ b/http/cves/2023/CVE-2023-2252.yaml @@ -18,8 +18,8 @@ info: cvss-score: 2.7 cve-id: CVE-2023-2252 cwe-id: CWE-22 - epss-score: 0.00112 - epss-percentile: 0.44321 + epss-score: 0.00129 + epss-percentile: 0.46802 cpe: cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22527.yaml b/http/cves/2023/CVE-2023-22527.yaml index d7d025c7bfe..5899b3b0b89 100644 --- a/http/cves/2023/CVE-2023-22527.yaml +++ b/http/cves/2023/CVE-2023-22527.yaml @@ -11,19 +11,22 @@ info: - https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 - https://jira.atlassian.com/browse/CONFSERVER-93833 - https://blog.projectdiscovery.io/atlassian-confluence-ssti-remote-code-execution/ + - http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html + - https://github.com/ramirezs4/Tips-and-tools-forensics---RS4 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2023-22527 - epss-score: 0.00044 - epss-percentile: 0.08115 + cwe-id: CWE-74 + epss-score: 0.96568 + epss-percentile: 0.99595 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: atlassian product: confluence_data_center shodan-query: http.component:"Atlassian Confluence" - tags: cve,cve2023,confluence,rce,ssti + tags: cve,cve2023,confluence,rce,ssti,kev http: - raw: diff --git a/http/cves/2023/CVE-2023-23489.yaml b/http/cves/2023/CVE-2023-23489.yaml index a1eb0774d2b..ed9b4c10b13 100644 --- a/http/cves/2023/CVE-2023-23489.yaml +++ b/http/cves/2023/CVE-2023-23489.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-23489 cwe-id: CWE-89 - epss-score: 0.08904 - epss-percentile: 0.94014 + epss-score: 0.10655 + epss-percentile: 0.94927 cpe: cpe:2.3:a:sandhillsdev:easy_digital_downloads:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-23491.yaml b/http/cves/2023/CVE-2023-23491.yaml index 2d82a1221d6..9996cd9caa1 100644 --- a/http/cves/2023/CVE-2023-23491.yaml +++ b/http/cves/2023/CVE-2023-23491.yaml @@ -10,13 +10,15 @@ info: reference: - https://wpscan.com/vulnerability/49178a9d-0500-4e3e-8ea1-6cd4eeda2a4e - https://nvd.nist.gov/vuln/detail/CVE-2023-23491 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/JoshuaMart/JoshuaMart classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-23491 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32657 + epss-score: 0.00119 + epss-percentile: 0.45193 cpe: cpe:2.3:a:fullworksplugins:quick_event_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2356.yaml b/http/cves/2023/CVE-2023-2356.yaml index ccea7f703e5..ed9666334bb 100644 --- a/http/cves/2023/CVE-2023-2356.yaml +++ b/http/cves/2023/CVE-2023-2356.yaml @@ -14,13 +14,15 @@ info: - https://huntr.dev/bounties/7b5d130d-38eb-4133-8c7d-0dfc9a9d9896/ - https://nvd.nist.gov/vuln/detail/CVE-2023-2356 - https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342 + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-2356 cwe-id: CWE-23 - epss-score: 0.00941 - epss-percentile: 0.81349 + epss-score: 0.00875 + epss-percentile: 0.82072 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-24278.yaml b/http/cves/2023/CVE-2023-24278.yaml index c4569f06db2..be2f1ac3711 100644 --- a/http/cves/2023/CVE-2023-24278.yaml +++ b/http/cves/2023/CVE-2023-24278.yaml @@ -14,13 +14,14 @@ info: - https://census-labs.com/news/2023/03/16/reflected-xss-vulnerabilities-in-squidex-squidsvg-endpoint/ - https://www.openwall.com/lists/oss-security/2023/03/16/1 - https://nvd.nist.gov/vuln/detail/CVE-2023-24278 + - https://github.com/karimhabush/cyberowl classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-24278 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40654 + epss-score: 0.0011 + epss-percentile: 0.4314 cpe: cpe:2.3:a:squidex.io:squidex:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-24489.yaml b/http/cves/2023/CVE-2023-24489.yaml index 8a0e8a9801e..3c48c7f2c4d 100644 --- a/http/cves/2023/CVE-2023-24489.yaml +++ b/http/cves/2023/CVE-2023-24489.yaml @@ -14,13 +14,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-24489 - https://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/ - https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489 + - https://github.com/20142995/sectool + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-24489 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.9687 - epss-percentile: 0.99637 + epss-score: 0.97362 + epss-percentile: 0.99893 cpe: cpe:2.3:a:citrix:sharefile_storage_zones_controller:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-24733.yaml b/http/cves/2023/CVE-2023-24733.yaml index 97e8cdebc56..a97753ca0fa 100644 --- a/http/cves/2023/CVE-2023-24733.yaml +++ b/http/cves/2023/CVE-2023-24733.yaml @@ -19,13 +19,13 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24733 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29124 - cpe: cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:* + epss-score: 0.00097 + epss-percentile: 0.39455 + cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 - vendor: pmb_project + vendor: sigb product: pmb shodan-query: http.favicon.hash:1469328760 tags: cve,cve2023,unauth,xss,pmb,pmb_project diff --git a/http/cves/2023/CVE-2023-24735.yaml b/http/cves/2023/CVE-2023-24735.yaml index 8c187921bc4..0a34721f1f5 100644 --- a/http/cves/2023/CVE-2023-24735.yaml +++ b/http/cves/2023/CVE-2023-24735.yaml @@ -19,13 +19,13 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24735 cwe-id: CWE-601 - epss-score: 0.01074 - epss-percentile: 0.82634 - cpe: cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:* + epss-score: 0.00947 + epss-percentile: 0.8279 + cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 - vendor: pmb_project + vendor: sigb product: pmb shodan-query: http.favicon.hash:1469328760 tags: cve2023,cve,redirect,pmb,pmb_project diff --git a/http/cves/2023/CVE-2023-24737.yaml b/http/cves/2023/CVE-2023-24737.yaml index 7527c6a58ed..882ec49c3fe 100644 --- a/http/cves/2023/CVE-2023-24737.yaml +++ b/http/cves/2023/CVE-2023-24737.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24737 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29164 + epss-score: 0.00097 + epss-percentile: 0.39455 cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-25135.yaml b/http/cves/2023/CVE-2023-25135.yaml index 9e5cc2e7f7b..6cbac1d95ba 100644 --- a/http/cves/2023/CVE-2023-25135.yaml +++ b/http/cves/2023/CVE-2023-25135.yaml @@ -14,13 +14,14 @@ info: - https://github.com/ambionics/vbulletin-exploits/blob/main/vbulletin-rce-cve-2023-25135.py - https://nvd.nist.gov/vuln/detail/CVE-2023-25135 - https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4473890-vbulletin-5-6-9-security-patch + - https://github.com/netlas-io/netlas-dorks classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-25135 cwe-id: CWE-502 - epss-score: 0.50999 - epss-percentile: 0.97255 + epss-score: 0.71557 + epss-percentile: 0.97978 cpe: cpe:2.3:a:vbulletin:vbulletin:5.6.7:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-25573.yaml b/http/cves/2023/CVE-2023-25573.yaml index 0c1aff5622b..b1c9316e01a 100644 --- a/http/cves/2023/CVE-2023-25573.yaml +++ b/http/cves/2023/CVE-2023-25573.yaml @@ -13,13 +13,15 @@ info: - https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Metersphere%20file%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E%20CVE-2023-25573.md - https://nvd.nist.gov/vuln/detail/CVE-2023-25573 - https://github.com/metersphere/metersphere/security/advisories/GHSA-mcwr-j9vm-5g8h + - https://github.com/20142995/sectool + - https://github.com/KayCHENvip/vulnerability-poc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-25573 cwe-id: CWE-862 - epss-score: 0.02887 - epss-percentile: 0.8973 + epss-score: 0.03674 + epss-percentile: 0.91517 cpe: cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26035.yaml b/http/cves/2023/CVE-2023-26035.yaml index dfab91b4454..1191c72b94c 100644 --- a/http/cves/2023/CVE-2023-26035.yaml +++ b/http/cves/2023/CVE-2023-26035.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-26035 cwe-id: CWE-862 - epss-score: 0.96802 - epss-percentile: 0.99611 + epss-score: 0.97003 + epss-percentile: 0.99723 cpe: cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,7 +28,6 @@ info: product: zoneminder shodan-query: html:"ZM - Login" tags: cve,cve2023,rce,zoneminder,unauth,packetstorm - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-26067.yaml b/http/cves/2023/CVE-2023-26067.yaml index 30a6d667a5a..3f606f3c497 100644 --- a/http/cves/2023/CVE-2023-26067.yaml +++ b/http/cves/2023/CVE-2023-26067.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2023-26067 cwe-id: CWE-20 - epss-score: 0.04701 - epss-percentile: 0.9181 + epss-score: 0.10331 + epss-percentile: 0.94831 cpe: cpe:2.3:o:lexmark:cxtpc_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26347.yaml b/http/cves/2023/CVE-2023-26347.yaml index 3c567d05a30..11bcc5b14fb 100644 --- a/http/cves/2023/CVE-2023-26347.yaml +++ b/http/cves/2023/CVE-2023-26347.yaml @@ -16,8 +16,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-26347 cwe-id: CWE-284 - epss-score: 0.00522 - epss-percentile: 0.74346 + epss-score: 0.00466 + epss-percentile: 0.74969 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26469.yaml b/http/cves/2023/CVE-2023-26469.yaml index 0833d06f1bd..d3619ee3c3b 100644 --- a/http/cves/2023/CVE-2023-26469.yaml +++ b/http/cves/2023/CVE-2023-26469.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-26469 cwe-id: CWE-22 - epss-score: 0.93851 - epss-percentile: 0.98954 + epss-score: 0.93768 + epss-percentile: 0.99071 cpe: cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2648.yaml b/http/cves/2023/CVE-2023-2648.yaml index 83fe2469130..bd8f0b0d6a3 100644 --- a/http/cves/2023/CVE-2023-2648.yaml +++ b/http/cves/2023/CVE-2023-2648.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2648 cwe-id: CWE-434 - epss-score: 0.05261 - epss-percentile: 0.92285 + epss-score: 0.05365 + epss-percentile: 0.9293 cpe: cpe:2.3:a:weaver:e-office:9.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26842.yaml b/http/cves/2023/CVE-2023-26842.yaml index f5c511ba4c4..c54f517ac90 100644 --- a/http/cves/2023/CVE-2023-26842.yaml +++ b/http/cves/2023/CVE-2023-26842.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26842 - https://nvd.nist.gov/vuln/detail/CVE-2023-26842 + - https://github.com/10splayaSec/CVE-Disclosures classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-26842 cwe-id: CWE-79 epss-score: 0.00148 - epss-percentile: 0.50683 + epss-percentile: 0.49853 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26843.yaml b/http/cves/2023/CVE-2023-26843.yaml index ca21eadb27f..49f66908a9d 100644 --- a/http/cves/2023/CVE-2023-26843.yaml +++ b/http/cves/2023/CVE-2023-26843.yaml @@ -14,13 +14,15 @@ info: - https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26843 - https://nvd.nist.gov/vuln/detail/CVE-2023-26843 - https://github.com/ChurchCRM/CRM + - https://github.com/10splayaSec/CVE-Disclosures + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-26843 cwe-id: CWE-79 epss-score: 0.00146 - epss-percentile: 0.50485 + epss-percentile: 0.49668 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27008.yaml b/http/cves/2023/CVE-2023-27008.yaml index ecf1c55a756..500bf7323c3 100644 --- a/http/cves/2023/CVE-2023-27008.yaml +++ b/http/cves/2023/CVE-2023-27008.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-27008 cwe-id: CWE-79 - epss-score: 0.00089 - epss-percentile: 0.37645 + epss-score: 0.00099 + epss-percentile: 0.39906 cpe: cpe:2.3:a:atutor:atutor:2.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27034.yaml b/http/cves/2023/CVE-2023-27034.yaml index ce3d19c5721..9a8ff214d24 100644 --- a/http/cves/2023/CVE-2023-27034.yaml +++ b/http/cves/2023/CVE-2023-27034.yaml @@ -15,13 +15,14 @@ info: - https://security.friendsofpresta.org/modules/2023/03/13/jmsblog.html - https://github.com/advisories/GHSA-7jr7-v6gv-m656 - https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmsblog.html + - https://github.com/codeb0ss/CVE-2023-27034-Exploit classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-27034 cwe-id: CWE-89 - epss-score: 0.01179 - epss-percentile: 0.83487 + epss-score: 0.01365 + epss-percentile: 0.8596 cpe: cpe:2.3:a:joommasters:jms_blog:2.5.5:*:*:*:*:prestashop:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-27292.yaml b/http/cves/2023/CVE-2023-27292.yaml index 454a4915fd2..759e960f3eb 100644 --- a/http/cves/2023/CVE-2023-27292.yaml +++ b/http/cves/2023/CVE-2023-27292.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.tenable.com/security/research/tra-2023-8 - https://nvd.nist.gov/vuln/detail/CVE-2023-27292 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-27292 cwe-id: CWE-601 - epss-score: 0.00081 - epss-percentile: 0.33897 + epss-score: 0.00092 + epss-percentile: 0.37956 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27372.yaml b/http/cves/2023/CVE-2023-27372.yaml index 62b77e1b570..9d3fb87c976 100644 --- a/http/cves/2023/CVE-2023-27372.yaml +++ b/http/cves/2023/CVE-2023-27372.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-27372 - epss-score: 0.97042 - epss-percentile: 0.99709 + epss-score: 0.97152 + epss-percentile: 0.99786 cpe: cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-27524.yaml b/http/cves/2023/CVE-2023-27524.yaml index b21c73b762a..352a335259b 100644 --- a/http/cves/2023/CVE-2023-27524.yaml +++ b/http/cves/2023/CVE-2023-27524.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-27524 cwe-id: CWE-1188 - epss-score: 0.96225 - epss-percentile: 0.99405 + epss-score: 0.97224 + epss-percentile: 0.99822 cpe: cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27587.yaml b/http/cves/2023/CVE-2023-27587.yaml index 648d8289903..c4177f7b024 100644 --- a/http/cves/2023/CVE-2023-27587.yaml +++ b/http/cves/2023/CVE-2023-27587.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-27587 cwe-id: CWE-209 - epss-score: 0.21224 - epss-percentile: 0.95983 + epss-score: 0.18807 + epss-percentile: 0.96117 cpe: cpe:2.3:a:readtomyshoe_project:readtomyshoe:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-27639.yaml b/http/cves/2023/CVE-2023-27639.yaml index 3ac1db1f224..3cc961877d7 100644 --- a/http/cves/2023/CVE-2023-27639.yaml +++ b/http/cves/2023/CVE-2023-27639.yaml @@ -15,8 +15,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-27639 cwe-id: CWE-22 - epss-score: 0.02805 - epss-percentile: 0.89632 + epss-score: 0.04002 + epss-percentile: 0.9185 cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27640.yaml b/http/cves/2023/CVE-2023-27640.yaml index a1c9053e8c5..17882416b59 100644 --- a/http/cves/2023/CVE-2023-27640.yaml +++ b/http/cves/2023/CVE-2023-27640.yaml @@ -11,10 +11,17 @@ info: - https://security.friendsofpresta.org/module/2023/03/30/tshirtecommerce_cwe-22.html - https://nvd.nist.gov/vuln/detail/CVE-2023-27640 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-27640 + cwe-id: CWE-22 + epss-score: 0.04002 + epss-percentile: 0.9185 + cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:* metadata: max-request: 1 - product: tshirtecommerce + vendor: tshirtecommerce + product: custom_product_designer framework: prestashop google-query: inurl:"/tshirtecommerce/" tags: cve,cve2023,prestashop,tshirtecommerce,lfi diff --git a/http/cves/2023/CVE-2023-2779.yaml b/http/cves/2023/CVE-2023-2779.yaml index 7bcba890827..8d66f003188 100644 --- a/http/cves/2023/CVE-2023-2779.yaml +++ b/http/cves/2023/CVE-2023-2779.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2779 cwe-id: CWE-79 - epss-score: 0.00762 - epss-percentile: 0.79202 + epss-score: 0.00993 + epss-percentile: 0.8323 cpe: cpe:2.3:a:heator:social_share\,_social_login_and_social_comments:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2796.yaml b/http/cves/2023/CVE-2023-2796.yaml index 72413a892e4..48929b3a2ff 100644 --- a/http/cves/2023/CVE-2023-2796.yaml +++ b/http/cves/2023/CVE-2023-2796.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/e9ef793c-e5a3-4c55-beee-56b0909f7a0d - https://nvd.nist.gov/vuln/detail/CVE-2023-2796 - http://packetstormsecurity.com/files/173984/WordPress-EventON-Calendar-4.4-Insecure-Direct-Object-Reference.html + - https://github.com/nullfuzz-pentest/shodan-dorks classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-2796 cwe-id: CWE-862 - epss-score: 0.05279 - epss-percentile: 0.92282 + epss-score: 0.06666 + epss-percentile: 0.93671 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-28121.yaml b/http/cves/2023/CVE-2023-28121.yaml index 2f8e5455f55..1f36c261324 100644 --- a/http/cves/2023/CVE-2023-28121.yaml +++ b/http/cves/2023/CVE-2023-28121.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-28121 cwe-id: CWE-287 - epss-score: 0.71629 - epss-percentile: 0.97799 + epss-score: 0.92977 + epss-percentile: 0.9898 cpe: cpe:2.3:a:automattic:woocommerce_payments:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2813.yaml b/http/cves/2023/CVE-2023-2813.yaml index 33dbba60f77..982957da931 100644 --- a/http/cves/2023/CVE-2023-2813.yaml +++ b/http/cves/2023/CVE-2023-2813.yaml @@ -11,13 +11,14 @@ info: reference: - https://wpscan.com/vulnerability/f434afd3-7de4-4bf4-a9bb-9f9aeaae1dc5 - https://nvd.nist.gov/vuln/detail/CVE-2023-2813 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-2813 cwe-id: CWE-79 - epss-score: 0.00183 - epss-percentile: 0.55614 + epss-score: 0.00115 + epss-percentile: 0.44236 cpe: cpe:2.3:a:ajaydsouza:connections_reloaded:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,7 +27,6 @@ info: product: connections_reloaded framework: wordpress tags: wpscan,cve,cve2023,wordpress,wp-theme,xss,ajaydsouza - variables: str: "{{rand_base(6)}}" random: "{{rand_base(3)}}" diff --git a/http/cves/2023/CVE-2023-2825.yaml b/http/cves/2023/CVE-2023-2825.yaml index 8c647cf8efe..958238538db 100644 --- a/http/cves/2023/CVE-2023-2825.yaml +++ b/http/cves/2023/CVE-2023-2825.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-2825 cwe-id: CWE-22 - epss-score: 0.06519 - epss-percentile: 0.93069 + epss-score: 0.09134 + epss-percentile: 0.94495 cpe: cpe:2.3:a:gitlab:gitlab:16.0.0:*:*:*:community:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-28662.yaml b/http/cves/2023/CVE-2023-28662.yaml index ed42131196d..74688dc91c0 100644 --- a/http/cves/2023/CVE-2023-28662.yaml +++ b/http/cves/2023/CVE-2023-28662.yaml @@ -6,31 +6,30 @@ info: severity: critical description: | The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action. + impact: | + Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. + remediation: | + Update the Gift Cards (Gift Vouchers and Packages) WordPress Plugin to the latest version available. reference: - https://www.tenable.com/security/research/tra-2023-2 - https://wordpress.org/plugins/gift-voucher/ - https://github.com/ARPSyndicate/cvemon - https://github.com/JoshuaMart/JoshuaMart - impact: | - Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. - remediation: | - Update the Gift Cards (Gift Vouchers and Packages) WordPress Plugin to the latest version available. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-28662 cwe-id: CWE-89 - cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* epss-score: 0.00076 epss-percentile: 0.31593 + cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* metadata: + max-request: 2 vendor: codemenschen product: "gift_vouchers" framework: wordpress fofa-query: "body=\"/wp-content/plugins/gift-voucher/\"" - max-request: 2 tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-29084.yaml b/http/cves/2023/CVE-2023-29084.yaml index 142b4f25c68..24bf7925ebd 100644 --- a/http/cves/2023/CVE-2023-29084.yaml +++ b/http/cves/2023/CVE-2023-29084.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-29084 cwe-id: CWE-77 - epss-score: 0.42947 - epss-percentile: 0.97005 + epss-score: 0.45632 + epss-percentile: 0.97324 cpe: cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2023/CVE-2023-29300.yaml b/http/cves/2023/CVE-2023-29300.yaml index f38bcff7648..a6203187f8d 100644 --- a/http/cves/2023/CVE-2023-29300.yaml +++ b/http/cves/2023/CVE-2023-29300.yaml @@ -13,13 +13,16 @@ info: reference: - https://blog.projectdiscovery.io/adobe-coldfusion-rce/ - https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html + - https://github.com/Ostorlab/KEV + - https://github.com/Threekiii/Vulhub-Reproduce + - https://github.com/XRSec/AWVS-Update classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-29300 cwe-id: CWE-502 - epss-score: 0.93305 - epss-percentile: 0.9889 + epss-score: 0.96369 + epss-percentile: 0.99526 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-29439.yaml b/http/cves/2023/CVE-2023-29439.yaml index 8363e7bcc67..e2487fc8d45 100644 --- a/http/cves/2023/CVE-2023-29439.yaml +++ b/http/cves/2023/CVE-2023-29439.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-29439 cwe-id: CWE-79 epss-score: 0.00087 - epss-percentile: 0.35959 + epss-percentile: 0.35426 cpe: cpe:2.3:a:fooplugins:foogallery:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-29489.yaml b/http/cves/2023/CVE-2023-29489.yaml index a960cf5732a..76d24f33812 100644 --- a/http/cves/2023/CVE-2023-29489.yaml +++ b/http/cves/2023/CVE-2023-29489.yaml @@ -14,13 +14,15 @@ info: - https://blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/ - https://nvd.nist.gov/vuln/detail/CVE-2023-29489 - https://forums.cpanel.net/threads/cpanel-tsr-2023-0001-full-disclosure.708949/ + - https://github.com/SynixCyberCrimeMy/CVE-2023-29489 + - https://github.com/learnerboy88/CVE-2023-29489 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-29489 cwe-id: CWE-79 - epss-score: 0.00206 - epss-percentile: 0.58511 + epss-score: 0.00302 + epss-percentile: 0.69029 cpe: cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2982.yaml b/http/cves/2023/CVE-2023-2982.yaml index ad90d58b7ba..c8cd03f791c 100644 --- a/http/cves/2023/CVE-2023-2982.yaml +++ b/http/cves/2023/CVE-2023-2982.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2982 cwe-id: CWE-288 - epss-score: 0.01383 - epss-percentile: 0.84949 + epss-score: 0.01566 + epss-percentile: 0.86966 cpe: cpe:2.3:a:miniorange:wordpress_social_login_and_register_\(discord\,_google\,_twitter\,_linkedin\):*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30019.yaml b/http/cves/2023/CVE-2023-30019.yaml index 8425bb97e5f..7464942b5dc 100644 --- a/http/cves/2023/CVE-2023-30019.yaml +++ b/http/cves/2023/CVE-2023-30019.yaml @@ -13,13 +13,14 @@ info: reference: - https://breakandpray.com/cve-2023-30019-ssrf-in-imgproxy/ - https://github.com/imgproxy/imgproxy + - https://github.com/j4k0m/godkiller classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-30019 cwe-id: CWE-918 epss-score: 0.00094 - epss-percentile: 0.3934 + epss-percentile: 0.38689 cpe: cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30150.yaml b/http/cves/2023/CVE-2023-30150.yaml index 9e274ab5ba8..c1f68d12307 100644 --- a/http/cves/2023/CVE-2023-30150.yaml +++ b/http/cves/2023/CVE-2023-30150.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-30150 cwe-id: CWE-89 - epss-score: 0.02634 - epss-percentile: 0.89268 + epss-score: 0.0409 + epss-percentile: 0.91941 cpe: cpe:2.3:a:leotheme:leocustomajax:1.0.0:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30212.yaml b/http/cves/2023/CVE-2023-30212.yaml index 02cb6d589f7..99d71ab1b01 100644 --- a/http/cves/2023/CVE-2023-30212.yaml +++ b/http/cves/2023/CVE-2023-30212.yaml @@ -14,13 +14,15 @@ info: - https://www.ourphp.net/ - https://wanheiqiyihu.top/2023/03/27/OURPHP-v7-2-0-ourphp-out-php-Reflection-xss/ - https://nvd.nist.gov/vuln/detail/CVE-2023-30212 + - https://github.com/JasaluRah/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212- + - https://github.com/arunsnap/CVE-2023-30212-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-30212 cwe-id: CWE-79 - epss-score: 0.02579 - epss-percentile: 0.89149 + epss-score: 0.02578 + epss-percentile: 0.89997 cpe: cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30625.yaml b/http/cves/2023/CVE-2023-30625.yaml index 91da9e99eed..8a419d97184 100644 --- a/http/cves/2023/CVE-2023-30625.yaml +++ b/http/cves/2023/CVE-2023-30625.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-30625 cwe-id: CWE-89 - epss-score: 0.93763 - epss-percentile: 0.98954 + epss-score: 0.94833 + epss-percentile: 0.99223 cpe: cpe:2.3:a:rudderstack:rudder-server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-30777.yaml b/http/cves/2023/CVE-2023-30777.yaml index 9ac0c5ede72..5118d7e8455 100644 --- a/http/cves/2023/CVE-2023-30777.yaml +++ b/http/cves/2023/CVE-2023-30777.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30777 cwe-id: CWE-79 - epss-score: 0.00269 - epss-percentile: 0.64351 + epss-score: 0.00338 + epss-percentile: 0.70791 cpe: cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:-:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30943.yaml b/http/cves/2023/CVE-2023-30943.yaml index a2238cf1f49..c7c2893b9bf 100644 --- a/http/cves/2023/CVE-2023-30943.yaml +++ b/http/cves/2023/CVE-2023-30943.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-30943 cwe-id: CWE-610,CWE-73 - epss-score: 0.02185 - epss-percentile: 0.88239 + epss-score: 0.01661 + epss-percentile: 0.87339 cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2023/CVE-2023-3219.yaml b/http/cves/2023/CVE-2023-3219.yaml index f3642f2970d..f4614c2467d 100644 --- a/http/cves/2023/CVE-2023-3219.yaml +++ b/http/cves/2023/CVE-2023-3219.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-3219 cwe-id: CWE-639 epss-score: 0.17304 - epss-percentile: 0.95627 + epss-percentile: 0.95981 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-32243.yaml b/http/cves/2023/CVE-2023-32243.yaml index f626a2e1874..c246ed5d97b 100644 --- a/http/cves/2023/CVE-2023-32243.yaml +++ b/http/cves/2023/CVE-2023-32243.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-32243 cwe-id: CWE-287 - epss-score: 0.03567 - epss-percentile: 0.90679 + epss-score: 0.03267 + epss-percentile: 0.91046 cpe: cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-32315.yaml b/http/cves/2023/CVE-2023-32315.yaml index 9521d0993ad..56cb5bd990c 100644 --- a/http/cves/2023/CVE-2023-32315.yaml +++ b/http/cves/2023/CVE-2023-32315.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/advisories/GHSA-gw42-f939-fhvm - https://nvd.nist.gov/vuln/detail/CVE-2023-32315 + - https://github.com/izzz0/CVE-2023-32315-POC + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors + - https://github.com/TLGKien/SploitusCrawl classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-32315 cwe-id: CWE-22 - epss-score: 0.96352 - epss-percentile: 0.99447 + epss-score: 0.97384 + epss-percentile: 0.99904 cpe: cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-32563.yaml b/http/cves/2023/CVE-2023-32563.yaml index 5019d5586b9..92442772ece 100644 --- a/http/cves/2023/CVE-2023-32563.yaml +++ b/http/cves/2023/CVE-2023-32563.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-32563 cwe-id: CWE-22 - epss-score: 0.42647 - epss-percentile: 0.97218 + epss-score: 0.43167 + epss-percentile: 0.97254 cpe: cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-33338.yaml b/http/cves/2023/CVE-2023-33338.yaml index 9299a0276e1..ed985c266a7 100644 --- a/http/cves/2023/CVE-2023-33338.yaml +++ b/http/cves/2023/CVE-2023-33338.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-33338 cwe-id: CWE-89 - epss-score: 0.00761 - epss-percentile: 0.79129 + epss-score: 0.0152 + epss-percentile: 0.8674 cpe: cpe:2.3:a:phpgurukul:old_age_home_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33439.yaml b/http/cves/2023/CVE-2023-33439.yaml index 2e7b43c8ee8..6612c7e423d 100644 --- a/http/cves/2023/CVE-2023-33439.yaml +++ b/http/cves/2023/CVE-2023-33439.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-33439 cwe-id: CWE-89 - epss-score: 0.00942 - epss-percentile: 0.81413 + epss-score: 0.00666 + epss-percentile: 0.79241 cpe: cpe:2.3:a:faculty_evaluation_system_project:faculty_evaluation_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33584.yaml b/http/cves/2023/CVE-2023-33584.yaml index d2027b8b03d..3c522da41be 100644 --- a/http/cves/2023/CVE-2023-33584.yaml +++ b/http/cves/2023/CVE-2023-33584.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-33584 - https://packetstormsecurity.com/files/cve/CVE-2023-33584 - https://www.sourcecodester.com/php/14444/enrollment-system-project-source-code-using-phpmysql.html + - https://github.com/akarrel/test_enrollment classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-33584 cwe-id: CWE-89 - epss-score: 0.05622 - epss-percentile: 0.92535 + epss-score: 0.09977 + epss-percentile: 0.94731 cpe: cpe:2.3:a:enrollment_system_project:enrollment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33629.yaml b/http/cves/2023/CVE-2023-33629.yaml index 63e5dba3917..d9d0e706095 100644 --- a/http/cves/2023/CVE-2023-33629.yaml +++ b/http/cves/2023/CVE-2023-33629.yaml @@ -10,13 +10,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-33629 - https://hackmd.io/@0dayResearch/r1UjggZfh - https://hackmd.io/%400dayResearch/r1UjggZfh + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2023-33629 cwe-id: CWE-787 - epss-score: 0.00859 - epss-percentile: 0.8044 + epss-score: 0.00968 + epss-percentile: 0.82988 cpe: cpe:2.3:o:h3c:magic_r300-2100m_firmware:r300-2100mv100r004:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34124.yaml b/http/cves/2023/CVE-2023-34124.yaml index eae244b4708..ec435760058 100644 --- a/http/cves/2023/CVE-2023-34124.yaml +++ b/http/cves/2023/CVE-2023-34124.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34124 cwe-id: CWE-287,CWE-305 - epss-score: 0.01564 - epss-percentile: 0.85901 + epss-score: 0.0172 + epss-percentile: 0.87553 cpe: cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34259.yaml b/http/cves/2023/CVE-2023-34259.yaml index d75fe8c3750..dc395c3721a 100644 --- a/http/cves/2023/CVE-2023-34259.yaml +++ b/http/cves/2023/CVE-2023-34259.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-34259 cwe-id: CWE-22 epss-score: 0.00554 - epss-percentile: 0.75129 + epss-percentile: 0.77111 cpe: cpe:2.3:o:kyocera:d-copia253mf_plus_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34598.yaml b/http/cves/2023/CVE-2023-34598.yaml index 5a8d65fbab2..1c3693b74db 100644 --- a/http/cves/2023/CVE-2023-34598.yaml +++ b/http/cves/2023/CVE-2023-34598.yaml @@ -14,13 +14,15 @@ info: - https://github.com/maddsec/CVE-2023-34598 - https://twitter.com/shaybt12/status/1673612503547355137?s=20 - https://nvd.nist.gov/vuln/detail/CVE-2023-34598 + - https://github.com/izj007/wechat + - https://github.com/komodoooo/Some-things classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-34598 cwe-id: CWE-22 - epss-score: 0.03362 - epss-percentile: 0.90424 + epss-score: 0.03342 + epss-percentile: 0.9114 cpe: cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34659.yaml b/http/cves/2023/CVE-2023-34659.yaml index 2304261ceee..1736ea7cec3 100644 --- a/http/cves/2023/CVE-2023-34659.yaml +++ b/http/cves/2023/CVE-2023-34659.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34659 cwe-id: CWE-89 - epss-score: 0.04846 - epss-percentile: 0.91975 + epss-score: 0.21629 + epss-percentile: 0.96326 cpe: cpe:2.3:a:jeecg:jeecg_boot:3.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-34751.yaml b/http/cves/2023/CVE-2023-34751.yaml index b1970a04d2b..898539b60c6 100644 --- a/http/cves/2023/CVE-2023-34751.yaml +++ b/http/cves/2023/CVE-2023-34751.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34751 cwe-id: CWE-89 - epss-score: 0.01254 - epss-percentile: 0.84129 + epss-score: 0.02354 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34752.yaml b/http/cves/2023/CVE-2023-34752.yaml index d66612f3f9c..8ee2cbb300f 100644 --- a/http/cves/2023/CVE-2023-34752.yaml +++ b/http/cves/2023/CVE-2023-34752.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34752 cwe-id: CWE-89 - epss-score: 0.05297 - epss-percentile: 0.92306 + epss-score: 0.0945 + epss-percentile: 0.9459 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34753.yaml b/http/cves/2023/CVE-2023-34753.yaml index 6174946ac12..155f59aaa8a 100644 --- a/http/cves/2023/CVE-2023-34753.yaml +++ b/http/cves/2023/CVE-2023-34753.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34753 cwe-id: CWE-89 - epss-score: 0.01254 - epss-percentile: 0.84081 + epss-score: 0.02354 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34756.yaml b/http/cves/2023/CVE-2023-34756.yaml index 1d4f21af0ad..788551541e1 100644 --- a/http/cves/2023/CVE-2023-34756.yaml +++ b/http/cves/2023/CVE-2023-34756.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34756 cwe-id: CWE-89 - epss-score: 0.01254 - epss-percentile: 0.84129 + epss-score: 0.02354 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34843.yaml b/http/cves/2023/CVE-2023-34843.yaml index 61b78f22623..ac65ad8df8b 100644 --- a/http/cves/2023/CVE-2023-34843.yaml +++ b/http/cves/2023/CVE-2023-34843.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2023-34843 cwe-id: CWE-22 epss-score: 0.00349 - epss-percentile: 0.68925 + epss-percentile: 0.71237 cpe: cpe:2.3:a:traggo:traggo:0.3.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34960.yaml b/http/cves/2023/CVE-2023-34960.yaml index cd5e80f876b..03d9c33f17e 100644 --- a/http/cves/2023/CVE-2023-34960.yaml +++ b/http/cves/2023/CVE-2023-34960.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34960 cwe-id: CWE-77 - epss-score: 0.88811 - epss-percentile: 0.98462 + epss-score: 0.93541 + epss-percentile: 0.99046 cpe: cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-35843.yaml b/http/cves/2023/CVE-2023-35843.yaml index 015a3faa5e4..51e833fa562 100644 --- a/http/cves/2023/CVE-2023-35843.yaml +++ b/http/cves/2023/CVE-2023-35843.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-35843 - https://github.com/nocodb/nocodb/blob/6decfa2b20c28db9946bddce0bcb1442b683ecae/packages/nocodb/src/lib/controllers/attachment.ctl.ts#L62-L74 - https://github.com/nocodb/nocodb/blob/f7ee7e3beb91d313a159895d1edc1aba9d91b0bc/packages/nocodb/src/controllers/attachments.controller.ts#L55-L66 + - https://github.com/0x783kb/Security-operation-book classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-35843 cwe-id: CWE-22 - epss-score: 0.02782 - epss-percentile: 0.89547 + epss-score: 0.03299 + epss-percentile: 0.91091 cpe: cpe:2.3:a:nocodb:nocodb:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-35844.yaml b/http/cves/2023/CVE-2023-35844.yaml index d07a9f37fd6..a49c7b164e9 100644 --- a/http/cves/2023/CVE-2023-35844.yaml +++ b/http/cves/2023/CVE-2023-35844.yaml @@ -24,8 +24,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-35844 cwe-id: CWE-22 - epss-score: 0.00782 - epss-percentile: 0.79503 + epss-score: 0.04986 + epss-percentile: 0.92655 cpe: cpe:2.3:a:lightdash:lightdash:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-36144.yaml b/http/cves/2023/CVE-2023-36144.yaml index 3f6816a079b..78970178b01 100644 --- a/http/cves/2023/CVE-2023-36144.yaml +++ b/http/cves/2023/CVE-2023-36144.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-36144 cwe-id: CWE-862 - epss-score: 0.04828 - epss-percentile: 0.91962 + epss-score: 0.02858 + epss-percentile: 0.90492 cpe: cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-36289.yaml b/http/cves/2023/CVE-2023-36289.yaml index 6ac10cace94..ca1d06e8dfc 100644 --- a/http/cves/2023/CVE-2023-36289.yaml +++ b/http/cves/2023/CVE-2023-36289.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-36289 cwe-id: CWE-79 - epss-score: 0.00075 - epss-percentile: 0.30832 + epss-score: 0.00083 + epss-percentile: 0.33945 cpe: cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-36346.yaml b/http/cves/2023/CVE-2023-36346.yaml index e6c9f717515..dfca2cfb419 100644 --- a/http/cves/2023/CVE-2023-36346.yaml +++ b/http/cves/2023/CVE-2023-36346.yaml @@ -15,13 +15,14 @@ info: - https://www.youtube.com/watch?v=bbbA-q1syrA - https://nvd.nist.gov/vuln/detail/CVE-2023-36346 - http://packetstormsecurity.com/files/173280/Sales-Of-Cashier-Goods-1.0-Cross-Site-Scripting.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-36346 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39882 + epss-percentile: 0.39295 cpe: cpe:2.3:a:codekop:codekop:2.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-36934.yaml b/http/cves/2023/CVE-2023-36934.yaml index 07005dd734a..862740abc5c 100644 --- a/http/cves/2023/CVE-2023-36934.yaml +++ b/http/cves/2023/CVE-2023-36934.yaml @@ -15,13 +15,14 @@ info: - https://blog.projectdiscovery.io/moveit-transfer-sql-injection/ - https://thehackernews.com/2023/07/another-critical-unauthenticated-sqli.html - https://www.progress.com/moveit + - https://github.com/KushGuptaRH/MOVEit-Response classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2023-36934 cwe-id: CWE-89 - epss-score: 0.01404 - epss-percentile: 0.85016 + epss-score: 0.09049 + epss-percentile: 0.94466 cpe: cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37265.yaml b/http/cves/2023/CVE-2023-37265.yaml index 509ffca7f95..4cd25cf8fbe 100644 --- a/http/cves/2023/CVE-2023-37265.yaml +++ b/http/cves/2023/CVE-2023-37265.yaml @@ -14,13 +14,14 @@ info: - https://github.com/IceWhaleTech/CasaOS/security/advisories/GHSA-m5q5-8mfw-p2hr - https://github.com/IceWhaleTech/CasaOS-Gateway/commit/391dd7f0f239020c46bf057cfa25f82031fc15f7 - https://github.com/IceWhaleTech/CasaOS-Gateway/security/advisories/GHSA-vjh7-5r6x-xh6g + - https://github.com/komodoooo/Some-things classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-37265 cwe-id: CWE-306 - epss-score: 0.09477 - epss-percentile: 0.94174 + epss-score: 0.14233 + epss-percentile: 0.95569 cpe: cpe:2.3:o:icewhale:casaos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37580.yaml b/http/cves/2023/CVE-2023-37580.yaml index 226f55470fb..e2e97210a20 100644 --- a/http/cves/2023/CVE-2023-37580.yaml +++ b/http/cves/2023/CVE-2023-37580.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37580 cwe-id: CWE-79 - epss-score: 0.27921 - epss-percentile: 0.96403 + epss-score: 0.30373 + epss-percentile: 0.96831 cpe: cpe:2.3:a:zimbra:zimbra:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-37629.yaml b/http/cves/2023/CVE-2023-37629.yaml index 785aacd8ffa..af0fc824f78 100644 --- a/http/cves/2023/CVE-2023-37629.yaml +++ b/http/cves/2023/CVE-2023-37629.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-37629 cwe-id: CWE-434 epss-score: 0.13221 - epss-percentile: 0.95065 + epss-percentile: 0.95417 cpe: cpe:2.3:a:simple_online_piggery_management_system_project:simple_online_piggery_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3765.yaml b/http/cves/2023/CVE-2023-3765.yaml index 6e9c79f45dc..4183da3a898 100644 --- a/http/cves/2023/CVE-2023-3765.yaml +++ b/http/cves/2023/CVE-2023-3765.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2023-3765 cwe-id: CWE-36 - epss-score: 0.00634 - epss-percentile: 0.76825 + epss-score: 0.00951 + epss-percentile: 0.82826 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37728.yaml b/http/cves/2023/CVE-2023-37728.yaml index 7fcb3da6b6d..989578aeb1e 100644 --- a/http/cves/2023/CVE-2023-37728.yaml +++ b/http/cves/2023/CVE-2023-37728.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37728 cwe-id: CWE-79 - epss-score: 0.00167 - epss-percentile: 0.53357 + epss-score: 0.00259 + epss-percentile: 0.65066 cpe: cpe:2.3:a:icewarp:icewarp:10.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37979.yaml b/http/cves/2023/CVE-2023-37979.yaml index aad714949d2..c20c884c338 100644 --- a/http/cves/2023/CVE-2023-37979.yaml +++ b/http/cves/2023/CVE-2023-37979.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37979 cwe-id: CWE-79 - epss-score: 0.00084 - epss-percentile: 0.35134 + epss-score: 0.00085 + epss-percentile: 0.34736 cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-38205.yaml b/http/cves/2023/CVE-2023-38205.yaml index a16813339ff..1488758f3c2 100644 --- a/http/cves/2023/CVE-2023-38205.yaml +++ b/http/cves/2023/CVE-2023-38205.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-38205 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.84215 - epss-percentile: 0.98229 + epss-score: 0.93471 + epss-percentile: 0.99038 cpe: cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3843.yaml b/http/cves/2023/CVE-2023-3843.yaml index cc1cfef13d3..5f4cab8cb54 100644 --- a/http/cves/2023/CVE-2023-3843.yaml +++ b/http/cves/2023/CVE-2023-3843.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3843 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-38433.yaml b/http/cves/2023/CVE-2023-38433.yaml index 778d1e7af8b..ea853443cbb 100644 --- a/http/cves/2023/CVE-2023-38433.yaml +++ b/http/cves/2023/CVE-2023-38433.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-38433 cwe-id: CWE-798 - epss-score: 0.00392 - epss-percentile: 0.70574 + epss-score: 0.0029 + epss-percentile: 0.6843 cpe: cpe:2.3:o:fujitsu:ip-he950e_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3844.yaml b/http/cves/2023/CVE-2023-3844.yaml index 199eb071c09..c8f8c4fa4a2 100644 --- a/http/cves/2023/CVE-2023-3844.yaml +++ b/http/cves/2023/CVE-2023-3844.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3844 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3845.yaml b/http/cves/2023/CVE-2023-3845.yaml index 0b458b9631c..92449544bdd 100644 --- a/http/cves/2023/CVE-2023-3845.yaml +++ b/http/cves/2023/CVE-2023-3845.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3845 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3847.yaml b/http/cves/2023/CVE-2023-3847.yaml index 2fe6be3b3da..78ac1b48919 100644 --- a/http/cves/2023/CVE-2023-3847.yaml +++ b/http/cves/2023/CVE-2023-3847.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-3847 - https://vuldb.com/?ctiid.235198 - https://vuldb.com/?id.235198 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-3847 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39002.yaml b/http/cves/2023/CVE-2023-39002.yaml index 147a766affa..f325d8cd20a 100644 --- a/http/cves/2023/CVE-2023-39002.yaml +++ b/http/cves/2023/CVE-2023-39002.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-39002 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26129 + epss-percentile: 0.26117 cpe: cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2023/CVE-2023-39109.yaml b/http/cves/2023/CVE-2023-39109.yaml index f65ceb1441c..6b332ec0570 100644 --- a/http/cves/2023/CVE-2023-39109.yaml +++ b/http/cves/2023/CVE-2023-39109.yaml @@ -10,13 +10,14 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md - https://nvd.nist.gov/vuln/detail/CVE-2023-39109 + - https://github.com/zer0yu/CVE_Request classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-39109 cwe-id: CWE-918 - epss-score: 0.01332 - epss-percentile: 0.84573 + epss-score: 0.03449 + epss-percentile: 0.91267 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39110.yaml b/http/cves/2023/CVE-2023-39110.yaml index b3c5b3e6048..b7dd4d8d54e 100644 --- a/http/cves/2023/CVE-2023-39110.yaml +++ b/http/cves/2023/CVE-2023-39110.yaml @@ -10,13 +10,14 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_%20ajaxGetFileByPath.md - https://nvd.nist.gov/vuln/detail/CVE-2023-39110 + - https://github.com/zer0yu/CVE_Request classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-39110 cwe-id: CWE-918 - epss-score: 0.01332 - epss-percentile: 0.84573 + epss-score: 0.03449 + epss-percentile: 0.91267 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39143.yaml b/http/cves/2023/CVE-2023-39143.yaml index 051b2e5c2b8..813ac6ee754 100644 --- a/http/cves/2023/CVE-2023-39143.yaml +++ b/http/cves/2023/CVE-2023-39143.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-39143 cwe-id: CWE-22 - epss-score: 0.88836 - epss-percentile: 0.98482 + epss-score: 0.93991 + epss-percentile: 0.99092 cpe: cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3936.yaml b/http/cves/2023/CVE-2023-3936.yaml index b9660c12464..b0338df7d14 100644 --- a/http/cves/2023/CVE-2023-3936.yaml +++ b/http/cves/2023/CVE-2023-3936.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-3936 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26233 + epss-percentile: 0.26189 cpe: cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39598.yaml b/http/cves/2023/CVE-2023-39598.yaml index f4bd3f46127..dc9290ef754 100644 --- a/http/cves/2023/CVE-2023-39598.yaml +++ b/http/cves/2023/CVE-2023-39598.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-39598 cwe-id: CWE-79 - epss-score: 0.01072 - epss-percentile: 0.82679 + epss-score: 0.02804 + epss-percentile: 0.90411 cpe: cpe:2.3:a:icewarp:webclient:10.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-39600.yaml b/http/cves/2023/CVE-2023-39600.yaml index 9a3e87d7bf4..f05daa8902d 100644 --- a/http/cves/2023/CVE-2023-39600.yaml +++ b/http/cves/2023/CVE-2023-39600.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-39600 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26129 + epss-percentile: 0.26117 cpe: cpe:2.3:a:icewarp:icewarp:11.4.6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-40355.yaml b/http/cves/2023/CVE-2023-40355.yaml index 80ba34d8b42..300a401ee8c 100644 --- a/http/cves/2023/CVE-2023-40355.yaml +++ b/http/cves/2023/CVE-2023-40355.yaml @@ -10,15 +10,18 @@ info: - https://www.axigen.com/knowledgebase/Axigen-WebMail-XSS-Vulnerability-CVE-2023-40355-_396.html - https://nvd.nist.gov/vuln/detail/CVE-2023-40355 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N - cvss-score: 6.5 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 cve-id: CVE-2023-40355 cwe-id: CWE-79 - epss-score: 0.0006 - epss-percentile: 0.22931 + epss-score: 0.00587 + epss-percentile: 0.77728 + cpe: cpe:2.3:a:axigen:axigen_mobile_webmail:*:*:*:*:*:*:*:* metadata: - max-request: 3 verified: true + max-request: 3 + vendor: axigen + product: axigen_mobile_webmail shodan-query: http.favicon.hash:-1247684400 tags: cve,cve2023,xss,axigen,webmail diff --git a/http/cves/2023/CVE-2023-4110.yaml b/http/cves/2023/CVE-2023-4110.yaml index ea758354915..d35d881d0f6 100644 --- a/http/cves/2023/CVE-2023-4110.yaml +++ b/http/cves/2023/CVE-2023-4110.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4110 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:phpjabbers:availability_booking_calendar:5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41109.yaml b/http/cves/2023/CVE-2023-41109.yaml index a6f8ec77ab8..6104f625039 100644 --- a/http/cves/2023/CVE-2023-41109.yaml +++ b/http/cves/2023/CVE-2023-41109.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-41109 cwe-id: CWE-78 - epss-score: 0.25963 - epss-percentile: 0.96281 + epss-score: 0.23094 + epss-percentile: 0.96433 cpe: cpe:2.3:o:patton:smartnode_sn200_firmware:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,7 +30,6 @@ info: vendor: patton product: smartnode_sn200_firmware tags: cve,cve2023,smartnode,voip,patton - variables: payload: "echo CVE-2023-41109 | md5sum" diff --git a/http/cves/2023/CVE-2023-4111.yaml b/http/cves/2023/CVE-2023-4111.yaml index 5ef651f3d13..3751c17e621 100644 --- a/http/cves/2023/CVE-2023-4111.yaml +++ b/http/cves/2023/CVE-2023-4111.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4111 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:phpjabbers:bus_reservation_system:1.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4112.yaml b/http/cves/2023/CVE-2023-4112.yaml index 37fc7f814c9..3db9327c14c 100644 --- a/http/cves/2023/CVE-2023-4112.yaml +++ b/http/cves/2023/CVE-2023-4112.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4112 cwe-id: CWE-79 - epss-score: 0.00231 - epss-percentile: 0.61239 + epss-score: 0.00229 + epss-percentile: 0.60385 cpe: cpe:2.3:a:phpjabbers:shuttle_booking_software:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4115.yaml b/http/cves/2023/CVE-2023-4115.yaml index 6bcb41a76d4..a1fa4ea6c7c 100644 --- a/http/cves/2023/CVE-2023-4115.yaml +++ b/http/cves/2023/CVE-2023-4115.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4115 cwe-id: CWE-79 - epss-score: 0.00263 - epss-percentile: 0.63974 + epss-score: 0.0027 + epss-percentile: 0.67168 cpe: cpe:2.3:a:phpjabbers:cleaning_business_software:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4116.yaml b/http/cves/2023/CVE-2023-4116.yaml index 5ef3b5b2244..e7126dc5a05 100644 --- a/http/cves/2023/CVE-2023-4116.yaml +++ b/http/cves/2023/CVE-2023-4116.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4116 cwe-id: CWE-79 - epss-score: 0.00263 - epss-percentile: 0.63974 + epss-score: 0.0027 + epss-percentile: 0.67168 cpe: cpe:2.3:a:phpjabbers:taxi_booking_script:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41265.yaml b/http/cves/2023/CVE-2023-41265.yaml index 623399c1bb8..90c272bf1f5 100644 --- a/http/cves/2023/CVE-2023-41265.yaml +++ b/http/cves/2023/CVE-2023-41265.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.9 cve-id: CVE-2023-41265 cwe-id: CWE-444 - epss-score: 0.78543 - epss-percentile: 0.97976 + epss-score: 0.8352 + epss-percentile: 0.9837 cpe: cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-41266.yaml b/http/cves/2023/CVE-2023-41266.yaml index 69d72295255..52656fd01a4 100644 --- a/http/cves/2023/CVE-2023-41266.yaml +++ b/http/cves/2023/CVE-2023-41266.yaml @@ -10,13 +10,14 @@ info: - https://www.praetorian.com/blog/advisory-qlik-sense/ - https://www.praetorian.com/blog/qlik-sense-technical-exploit - https://community.qlik.com/t5/Release-Notes/tkb-p/ReleaseNotes + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2023-41266 cwe-id: CWE-20 - epss-score: 0.526 - epss-percentile: 0.97294 + epss-score: 0.83414 + epss-percentile: 0.98363 cpe: cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4168.yaml b/http/cves/2023/CVE-2023-4168.yaml index 6fe9ad726b3..3e45ec1dc37 100644 --- a/http/cves/2023/CVE-2023-4168.yaml +++ b/http/cves/2023/CVE-2023-4168.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4168 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.21058 - epss-percentile: 0.95974 + epss-score: 0.12454 + epss-percentile: 0.95296 cpe: cpe:2.3:a:templatecookie:adlisting:2.14.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4169.yaml b/http/cves/2023/CVE-2023-4169.yaml index db064d1bd3a..52433b1ee14 100644 --- a/http/cves/2023/CVE-2023-4169.yaml +++ b/http/cves/2023/CVE-2023-4169.yaml @@ -11,13 +11,14 @@ info: - https://github.com/blakespire/repoforcve/tree/main/RG-EW1200G - https://vuldb.com/?ctiid.236185 - https://vuldb.com/?id.236185 + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-4169 cwe-id: CWE-284,NVD-CWE-noinfo - epss-score: 0.00803 - epss-percentile: 0.79768 + epss-score: 0.00938 + epss-percentile: 0.82702 cpe: cpe:2.3:o:ruijie:rg-ew1200g_firmware:1.0\(1\)b1p5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-4174.yaml b/http/cves/2023/CVE-2023-4174.yaml index 5ebeb346e58..c936710be92 100644 --- a/http/cves/2023/CVE-2023-4174.yaml +++ b/http/cves/2023/CVE-2023-4174.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4174 cwe-id: CWE-79 - epss-score: 0.00209 - epss-percentile: 0.58844 + epss-score: 0.00352 + epss-percentile: 0.71356 cpe: cpe:2.3:a:moosocial:moostore:3.1.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41763.yaml b/http/cves/2023/CVE-2023-41763.yaml index b0a00cbb780..1001939807c 100644 --- a/http/cves/2023/CVE-2023-41763.yaml +++ b/http/cves/2023/CVE-2023-41763.yaml @@ -10,12 +10,14 @@ info: - https://frycos.github.io/vulns4free/2022/09/26/skype-audit-part2.html - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41763 - https://nvd.nist.gov/vuln/detail/CVE-2023-41763 + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-41763 - epss-score: 0.15841 - epss-percentile: 0.95426 + epss-score: 0.05631 + epss-percentile: 0.93128 cpe: cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-42344.yaml b/http/cves/2023/CVE-2023-42344.yaml index 113c3d9ffbd..72726656c5b 100644 --- a/http/cves/2023/CVE-2023-42344.yaml +++ b/http/cves/2023/CVE-2023-42344.yaml @@ -6,14 +6,14 @@ info: severity: high description: | users can execute code without authentication. An attacker can execute malicious requests on the OpenCms server. When the requests are successful vulnerable OpenCms can be exploited resulting in an unauthenticated XXE vulnerability. Based on research OpenCMS versions from 9.0.0 to 10.5.0 are vulnerable. + remediation: Advised to upgrade to OpenCMS 10.5.1 or later to patch the vulnerability reference: - https://blog.qualys.com/product-tech/2023/12/08/opencms-unauthenticated-xxe-vulnerability-cve-2023-42344 - https://labs.watchtowr.com/xxe-you-can-depend-on-me-opencms/ - remediation: Advised to upgrade to OpenCMS 10.5.1 or later to patch the vulnerability metadata: + verified: true max-request: 2 fofa-query: "OpenCms-9.5.3" - verified: true tags: cve,cve2023,xxe,opencms http: diff --git a/http/cves/2023/CVE-2023-42793.yaml b/http/cves/2023/CVE-2023-42793.yaml index 4bb26784bd2..069b252f546 100644 --- a/http/cves/2023/CVE-2023-42793.yaml +++ b/http/cves/2023/CVE-2023-42793.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-42793 cwe-id: CWE-288 - epss-score: 0.97283 - epss-percentile: 0.99836 + epss-score: 0.97093 + epss-percentile: 0.99759 cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-43177.yaml b/http/cves/2023/CVE-2023-43177.yaml index b913de93daa..0e078f14200 100644 --- a/http/cves/2023/CVE-2023-43177.yaml +++ b/http/cves/2023/CVE-2023-43177.yaml @@ -11,20 +11,20 @@ info: - https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/ - https://blog.projectdiscovery.io/crushftp-rce/ - https://github.com/the-emmons/CVE-Disclosures/blob/main/Pending/CrushFTP-2023-1.md + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-43177 cwe-id: CWE-913 - epss-score: 0.00106 - epss-percentile: 0.42667 + epss-score: 0.92767 + epss-percentile: 0.98966 cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: crushftp product: crushftp tags: cve,cve2023,crushftp,unauth,rce,intrusive - flow: http(1) && http(2) && http(3) variables: diff --git a/http/cves/2023/CVE-2023-43187.yaml b/http/cves/2023/CVE-2023-43187.yaml index bcc8a361e26..b14a0509b37 100644 --- a/http/cves/2023/CVE-2023-43187.yaml +++ b/http/cves/2023/CVE-2023-43187.yaml @@ -14,15 +14,15 @@ info: cvss-score: 9.8 cve-id: CVE-2023-43187 cwe-id: CWE-91 - epss-score: 0.00326 - epss-percentile: 0.70173 + epss-score: 0.09598 + epss-percentile: 0.94633 cpe: cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: nodebb product: nodebb - fofa-query: title="nodebb" + fofa-query: "title=\"nodebb\"" tags: cve,cve2023,nodebb,rce - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-43325.yaml b/http/cves/2023/CVE-2023-43325.yaml index c1661752328..a0991903fb9 100644 --- a/http/cves/2023/CVE-2023-43325.yaml +++ b/http/cves/2023/CVE-2023-43325.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-43325 - https://moosocial.com/ - https://travel.moosocial.com/ + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-43325 cwe-id: CWE-79 - epss-score: 0.41721 - epss-percentile: 0.96972 + epss-score: 0.37241 + epss-percentile: 0.97089 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-43326.yaml b/http/cves/2023/CVE-2023-43326.yaml index 162709bc3a7..af7fc2a046d 100644 --- a/http/cves/2023/CVE-2023-43326.yaml +++ b/http/cves/2023/CVE-2023-43326.yaml @@ -10,13 +10,14 @@ info: - https://github.com/ahrixia/CVE-2023-43326 - https://nvd.nist.gov/vuln/detail/CVE-2023-43326 - https://moosocial.com/ + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-43326 cwe-id: CWE-79 epss-score: 0.00643 - epss-percentile: 0.77002 + epss-percentile: 0.78809 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-43795.yaml b/http/cves/2023/CVE-2023-43795.yaml index 2da4e777018..a20341782f4 100644 --- a/http/cves/2023/CVE-2023-43795.yaml +++ b/http/cves/2023/CVE-2023-43795.yaml @@ -10,13 +10,14 @@ info: - https://www.synacktiv.com/advisories/unauthenticated-server-side-request-forgery-crlf-injection-in-geoserver-wms.html - https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956 - https://nvd.nist.gov/vuln/detail/CVE-2023-43795 + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-43795 cwe-id: CWE-918 - epss-score: 0.10955 - epss-percentile: 0.94582 + epss-score: 0.11649 + epss-percentile: 0.95151 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-44352.yaml b/http/cves/2023/CVE-2023-44352.yaml index 3f0131caa30..358881f0890 100644 --- a/http/cves/2023/CVE-2023-44352.yaml +++ b/http/cves/2023/CVE-2023-44352.yaml @@ -14,17 +14,16 @@ info: cvss-score: 6.1 cve-id: CVE-2023-44352 cwe-id: CWE-79 - epss-score: 0.0006 - epss-percentile: 0.23281 + epss-score: 0.00931 + epss-percentile: 0.82639 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: - max-request: 8 verified: true - vendor: Adobe - product: Adobe ColdFusion + max-request: 8 + vendor: adobe + product: coldfusion shodan-query: http.component:"Adobe Coldfusion" tags: cve,cve2023,coldfusion,adobe,xss - variables: string: "{{rand_base(8)}}" diff --git a/http/cves/2023/CVE-2023-45542.yaml b/http/cves/2023/CVE-2023-45542.yaml index eda1b775f02..88c36470b0b 100644 --- a/http/cves/2023/CVE-2023-45542.yaml +++ b/http/cves/2023/CVE-2023-45542.yaml @@ -9,13 +9,14 @@ info: reference: - https://github.com/ahrixia/CVE-2023-45542 - https://nvd.nist.gov/vuln/detail/CVE-2023-45542 + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-45542 cwe-id: CWE-79 - epss-score: 0.001 - epss-percentile: 0.40724 + epss-score: 0.00082 + epss-percentile: 0.33567 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-45671.yaml b/http/cves/2023/CVE-2023-45671.yaml index a46dd6757d1..666da1df9fa 100644 --- a/http/cves/2023/CVE-2023-45671.yaml +++ b/http/cves/2023/CVE-2023-45671.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2023-45671 cpe: cpe:2.3:a:frigate:frigate:0.13.0:beta1:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: frigate product: frigate shodan-query: title:"Frigate" diff --git a/http/cves/2023/CVE-2023-45852.yaml b/http/cves/2023/CVE-2023-45852.yaml index 49b0dcd75b8..13d7e43ec84 100644 --- a/http/cves/2023/CVE-2023-45852.yaml +++ b/http/cves/2023/CVE-2023-45852.yaml @@ -10,13 +10,15 @@ info: - https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html - https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md - https://nvd.nist.gov/vuln/detail/CVE-2023-45852 + - https://github.com/tanjiti/sec_profile + - https://github.com/komodoooo/Some-things classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-45852 cwe-id: CWE-77 - epss-score: 0.08478 - epss-percentile: 0.93821 + epss-score: 0.09217 + epss-percentile: 0.94519 cpe: cpe:2.3:o:viessmann:vitogate_300_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4634.yaml b/http/cves/2023/CVE-2023-4634.yaml index 54cae7aa1b1..6570863c955 100644 --- a/http/cves/2023/CVE-2023-4634.yaml +++ b/http/cves/2023/CVE-2023-4634.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-4634 cwe-id: CWE-73 - epss-score: 0.0217 - epss-percentile: 0.88199 + epss-score: 0.02012 + epss-percentile: 0.88618 cpe: cpe:2.3:a:davidlingren:media_library_assistant:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-46574.yaml b/http/cves/2023/CVE-2023-46574.yaml index 50f28d10aa2..eb87ea6e13f 100644 --- a/http/cves/2023/CVE-2023-46574.yaml +++ b/http/cves/2023/CVE-2023-46574.yaml @@ -9,20 +9,23 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-46574 - https://github.com/OraclePi/repo/blob/main/totolink%20A3700R/1/A3700R%20%20V9.1.2u.6165_20211012%20vuln.md + - https://github.com/Marco-zcl/POC + - https://github.com/d4n-sec/d4n-sec.github.io + - https://github.com/wy876/POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-46574 cwe-id: CWE-77 + epss-score: 0.05804 + epss-percentile: 0.9323 cpe: cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.6165_20211012:*:*:*:*:*:*:* - epss-score: 0.00223 - epss-percentile: 0.60602 metadata: + verified: true max-request: 2 + vendor: totolink product: a3700r_firmware shodan-query: title:"Totolink" - vendor: totolink - verified: true tags: cve,cve2023,totolink,router,iot,rce http: diff --git a/http/cves/2023/CVE-2023-46747.yaml b/http/cves/2023/CVE-2023-46747.yaml index a0a95009c09..a2d91c714e1 100644 --- a/http/cves/2023/CVE-2023-46747.yaml +++ b/http/cves/2023/CVE-2023-46747.yaml @@ -11,13 +11,14 @@ info: - https://my.f5.com/manage/s/article/K000137353 - http://packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.html - https://www.secpod.com/blog/f5-issues-warning-big-ip-vulnerability-used-in-active-exploit-chain/ + - https://github.com/f1tao/awesome-iot-security-resource classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-46747 - cwe-id: CWE-288 - epss-score: 0.96553 - epss-percentile: 0.99522 + cwe-id: CWE-306,CWE-288 + epss-score: 0.97202 + epss-percentile: 0.99806 cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-46805.yaml b/http/cves/2023/CVE-2023-46805.yaml index 6139c05d3a3..a46bdbca9a6 100644 --- a/http/cves/2023/CVE-2023-46805.yaml +++ b/http/cves/2023/CVE-2023-46805.yaml @@ -8,17 +8,22 @@ info: reference: - https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US - https://nvd.nist.gov/vuln/detail/CVE-2023-46805 + - http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html + - https://github.com/H4lo/awesome-IoT-security-article + - https://github.com/inguardians/ivanti-VPN-issues-2024-research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N cvss-score: 8.2 cve-id: CVE-2023-46805 cwe-id: CWE-287 + epss-score: 0.96274 + epss-percentile: 0.99497 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: ivanti product: "connect_secure" shodan-query: "html:\"welcome.cgi?p=logo\"" - max-request: 2 tags: cve,cve2023,kev,auth-bypass,ivanti http: diff --git a/http/cves/2023/CVE-2023-47115.yaml b/http/cves/2023/CVE-2023-47115.yaml index c006620cf36..fc6edc7c1cc 100644 --- a/http/cves/2023/CVE-2023-47115.yaml +++ b/http/cves/2023/CVE-2023-47115.yaml @@ -22,8 +22,8 @@ info: cve-id: CVE-2023-47115 cwe-id: CWE-79 metadata: - max-request: 6 verified: true + max-request: 6 shodan-query: http.favicon.hash:-1649949475 tags: cve,cve2023,xss,authenticated,intrusive,label-studio diff --git a/http/cves/2023/CVE-2023-4714.yaml b/http/cves/2023/CVE-2023-4714.yaml index 7ce92d1d95f..a0a85b18fb3 100644 --- a/http/cves/2023/CVE-2023-4714.yaml +++ b/http/cves/2023/CVE-2023-4714.yaml @@ -13,13 +13,14 @@ info: - https://www.exploitalert.com/view-details.html?id=39826 - https://vuldb.com/?ctiid.238577 - https://vuldb.com/?id.238577 + - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-4714 cwe-id: CWE-200 - epss-score: 0.02512 - epss-percentile: 0.89027 + epss-score: 0.50923 + epss-percentile: 0.9748 cpe: cpe:2.3:a:playtube:playtube:3.0.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-47211.yaml b/http/cves/2023/CVE-2023-47211.yaml index cd56bf6426b..2c34225ec46 100644 --- a/http/cves/2023/CVE-2023-47211.yaml +++ b/http/cves/2023/CVE-2023-47211.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-47211 cwe-id: CWE-22 epss-score: 0.00164 - epss-percentile: 0.53022 + epss-percentile: 0.52059 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2023/CVE-2023-47246.yaml b/http/cves/2023/CVE-2023-47246.yaml index f6126092c66..0640164ca7c 100644 --- a/http/cves/2023/CVE-2023-47246.yaml +++ b/http/cves/2023/CVE-2023-47246.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-47246 cwe-id: CWE-22 - epss-score: 0.6752 - epss-percentile: 0.97659 + epss-score: 0.94354 + epss-percentile: 0.99149 cpe: cpe:2.3:a:sysaid:sysaid_on-premises:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-49070.yaml b/http/cves/2023/CVE-2023-49070.yaml index 3373c5ff276..9b3e3a38b21 100644 --- a/http/cves/2023/CVE-2023-49070.yaml +++ b/http/cves/2023/CVE-2023-49070.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-49070 cwe-id: CWE-94 - epss-score: 0.59066 - epss-percentile: 0.97445 + epss-score: 0.84671 + epss-percentile: 0.98424 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-4966.yaml b/http/cves/2023/CVE-2023-4966.yaml index d54e7197544..a013b9f00d6 100644 --- a/http/cves/2023/CVE-2023-4966.yaml +++ b/http/cves/2023/CVE-2023-4966.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4966 cwe-id: CWE-119,NVD-CWE-noinfo - epss-score: 0.93124 - epss-percentile: 0.98877 + epss-score: 0.96486 + epss-percentile: 0.9956 cpe: cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-49785.yaml b/http/cves/2023/CVE-2023-49785.yaml index 6a227653d1e..86516eb35d3 100644 --- a/http/cves/2023/CVE-2023-49785.yaml +++ b/http/cves/2023/CVE-2023-49785.yaml @@ -15,10 +15,13 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2023-49785 + cwe-id: CWE-79 + epss-score: 0.00049 + epss-percentile: 0.1584 metadata: - max-request: 1 - shodan-query: title:NextChat,"ChatGPT Next Web" verified: true + max-request: 2 + shodan-query: "title:NextChat,\"ChatGPT Next Web\"" tags: cve,cve2023,ssrf,xss,chatgpt,nextchat http: diff --git a/http/cves/2023/CVE-2023-50290.yaml b/http/cves/2023/CVE-2023-50290.yaml index de2814aad2f..558bc99f35d 100644 --- a/http/cves/2023/CVE-2023-50290.yaml +++ b/http/cves/2023/CVE-2023-50290.yaml @@ -20,8 +20,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2023-50290 + cwe-id: CWE-200,NVD-CWE-noinfo epss-score: 0.05452 - epss-percentile: 0.92435 + epss-percentile: 0.92995 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-5074.yaml b/http/cves/2023/CVE-2023-5074.yaml index 8d4c7edf0db..57669fecdc6 100644 --- a/http/cves/2023/CVE-2023-5074.yaml +++ b/http/cves/2023/CVE-2023-5074.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-5074 cwe-id: CWE-798 - epss-score: 0.01816 - epss-percentile: 0.86896 + epss-score: 0.01695 + epss-percentile: 0.87453 cpe: cpe:2.3:a:dlink:d-view_8:2.0.1.28:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-5089.yaml b/http/cves/2023/CVE-2023-5089.yaml index 61ca61f5034..c93b57dfd58 100644 --- a/http/cves/2023/CVE-2023-5089.yaml +++ b/http/cves/2023/CVE-2023-5089.yaml @@ -15,8 +15,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-5089 - epss-score: 0.00046 - epss-percentile: 0.13944 + epss-score: 0.00306 + epss-percentile: 0.6923 cpe: cpe:2.3:a:wpmudev:defender_security:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-50917.yaml b/http/cves/2023/CVE-2023-50917.yaml index 27ab597418b..05599f5a216 100644 --- a/http/cves/2023/CVE-2023-50917.yaml +++ b/http/cves/2023/CVE-2023-50917.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-50917 cwe-id: CWE-77 - epss-score: 0.02327 - epss-percentile: 0.88616 + epss-score: 0.71101 + epss-percentile: 0.97965 cpe: cpe:2.3:a:mjdm:majordomo:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-50968.yaml b/http/cves/2023/CVE-2023-50968.yaml index a6dd4dff810..1b8ea3347ae 100644 --- a/http/cves/2023/CVE-2023-50968.yaml +++ b/http/cves/2023/CVE-2023-50968.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-50968 cwe-id: CWE-918,CWE-200 epss-score: 0.32266 - epss-percentile: 0.96615 + epss-percentile: 0.96905 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-51467.yaml b/http/cves/2023/CVE-2023-51467.yaml index 3c4cce70c22..2a84c04f07f 100644 --- a/http/cves/2023/CVE-2023-51467.yaml +++ b/http/cves/2023/CVE-2023-51467.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-51467 cwe-id: CWE-918 - epss-score: 0.54475 - epss-percentile: 0.97354 + epss-score: 0.68495 + epss-percentile: 0.97894 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-52085.yaml b/http/cves/2023/CVE-2023-52085.yaml index 25b74adfbda..0cd46c56a20 100644 --- a/http/cves/2023/CVE-2023-52085.yaml +++ b/http/cves/2023/CVE-2023-52085.yaml @@ -14,15 +14,15 @@ info: cvss-score: 5.4 cve-id: CVE-2023-52085 cwe-id: CWE-22 + epss-score: 0.00256 + epss-percentile: 0.64798 cpe: cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:* - epss-score: 0.00046 - epss-percentile: 0.12483 metadata: + max-request: 4 vendor: wintercms product: winter shodan-query: "title:\"Winter CMS\"" fofa-query: "title=\"Winter CMS\"" - max-request: 4 tags: cve,cve2023,authenticated,lfi,wintercms http: diff --git a/http/cves/2023/CVE-2023-5360.yaml b/http/cves/2023/CVE-2023-5360.yaml index ee53c3ed4fb..772ec9571b9 100644 --- a/http/cves/2023/CVE-2023-5360.yaml +++ b/http/cves/2023/CVE-2023-5360.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-5360 cwe-id: CWE-434 epss-score: 0.96723 - epss-percentile: 0.99589 + epss-percentile: 0.99637 cpe: cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-5375.yaml b/http/cves/2023/CVE-2023-5375.yaml index 2d61990a33a..012e6c1eefc 100644 --- a/http/cves/2023/CVE-2023-5375.yaml +++ b/http/cves/2023/CVE-2023-5375.yaml @@ -11,13 +11,14 @@ info: - https://huntr.dev/bounties/3fa2abde-cb58-45a3-a115-1727ece9acb9 - https://nvd.nist.gov/vuln/detail/CVE-2023-5375 - https://github.com/mosparo/mosparo/commit/9d5da367b78b8c883bfef5f332ffea26292f99e8 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-5375 cwe-id: CWE-601 epss-score: 0.00083 - epss-percentile: 0.34359 + epss-percentile: 0.339 cpe: cpe:2.3:a:mosparo:mosparo:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-5556.yaml b/http/cves/2023/CVE-2023-5556.yaml index aacebf65f11..24b0928bcca 100644 --- a/http/cves/2023/CVE-2023-5556.yaml +++ b/http/cves/2023/CVE-2023-5556.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-5556 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.2616 + epss-percentile: 0.26117 cpe: cpe:2.3:a:structurizr:on-premises_installation:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2023/CVE-2023-5830.yaml b/http/cves/2023/CVE-2023-5830.yaml index a9f28e145aa..7816fe7261f 100644 --- a/http/cves/2023/CVE-2023-5830.yaml +++ b/http/cves/2023/CVE-2023-5830.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-5830 cwe-id: CWE-287 - epss-score: 0.00091 - epss-percentile: 0.37579 + epss-score: 0.00427 + epss-percentile: 0.73911 cpe: cpe:2.3:a:documentlocator:document_locator:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-5914.yaml b/http/cves/2023/CVE-2023-5914.yaml index af96dd37138..8b83e8607ca 100644 --- a/http/cves/2023/CVE-2023-5914.yaml +++ b/http/cves/2023/CVE-2023-5914.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-5914 cwe-id: CWE-79 - epss-score: 0.00046 - epss-percentile: 0.14154 + epss-score: 0.00095 + epss-percentile: 0.3876 cpe: cpe:2.3:a:cloud:citrix_storefront:*:*:*:*:ltsr:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-6018.yaml b/http/cves/2023/CVE-2023-6018.yaml index 6a477460d76..f333d97416d 100644 --- a/http/cves/2023/CVE-2023-6018.yaml +++ b/http/cves/2023/CVE-2023-6018.yaml @@ -14,8 +14,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6018 cwe-id: CWE-78 - epss-score: 0.87111 - epss-percentile: 0.98361 + epss-score: 0.86232 + epss-percentile: 0.98502 cpe: cpe:2.3:a:lfprojects:mlflow:-:*:*:*:*:*:*:* metadata: verified: true @@ -24,7 +24,6 @@ info: product: mlflow shodan-query: http.title:"mlflow" tags: cve,cve2023,mlflow,oss,rce,intrusive - variables: model_name: "{{rand_text_alpha(6)}}" diff --git a/http/cves/2023/CVE-2023-6020.yaml b/http/cves/2023/CVE-2023-6020.yaml index 17c5ce2311f..c0e1908bd66 100644 --- a/http/cves/2023/CVE-2023-6020.yaml +++ b/http/cves/2023/CVE-2023-6020.yaml @@ -13,9 +13,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6020 - cwe-id: CWE-862,CWE-598 - epss-score: 0.05392 - epss-percentile: 0.92391 + cwe-id: CWE-862 + epss-score: 0.06351 + epss-percentile: 0.9349 cpe: cpe:2.3:a:ray_project:ray:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6021.yaml b/http/cves/2023/CVE-2023-6021.yaml index 7188d4121c0..634c1469a54 100644 --- a/http/cves/2023/CVE-2023-6021.yaml +++ b/http/cves/2023/CVE-2023-6021.yaml @@ -14,8 +14,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6021 cwe-id: CWE-22,CWE-29 - epss-score: 0.00354 - epss-percentile: 0.69121 + epss-score: 0.0038 + epss-percentile: 0.72442 cpe: cpe:2.3:a:ray_project:ray:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6023.yaml b/http/cves/2023/CVE-2023-6023.yaml index 2e5d76c82da..1d6609a45f3 100644 --- a/http/cves/2023/CVE-2023-6023.yaml +++ b/http/cves/2023/CVE-2023-6023.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6023 cwe-id: CWE-22,CWE-29 - epss-score: 0.00248 - epss-percentile: 0.62792 + epss-score: 0.003 + epss-percentile: 0.68895 cpe: cpe:2.3:a:vertaai:modeldb:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6063.yaml b/http/cves/2023/CVE-2023-6063.yaml index dc7225f93c1..587804f2ecd 100644 --- a/http/cves/2023/CVE-2023-6063.yaml +++ b/http/cves/2023/CVE-2023-6063.yaml @@ -6,29 +6,28 @@ info: severity: high description: | The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. + remediation: Fixed in 1.2.2 reference: - https://wpscan.com/blog/unauthenticated-sql-injection-vulnerability-addressed-in-wp-fastest-cache-1-2-2/ - https://wordpress.org/plugins/wp-fastest-cache/ - https://github.com/motikan2010/CVE-2023-6063-PoC - https://nvd.nist.gov/vuln/detail/CVE-2023-6063 - https://wpscan.com/vulnerability/30a74105-8ade-4198-abe2-1c6f2967443e/ - remediation: Fixed in 1.2.2 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6063 cwe-id: CWE-89 + epss-score: 0.02974 + epss-percentile: 0.9065 cpe: cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:* - epss-score: 0.00159 - epss-percentile: 0.52296 metadata: - framework: wordpress max-request: 2 + vendor: wpfastestcache product: wp_fastest_cache + framework: wordpress publicwww-query: /wp-content/plugins/wp-fastest-cache/ - vendor: wpfastestcache tags: cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6114.yaml b/http/cves/2023/CVE-2023-6114.yaml index 8f586c1f711..a50a1250887 100644 --- a/http/cves/2023/CVE-2023-6114.yaml +++ b/http/cves/2023/CVE-2023-6114.yaml @@ -20,6 +20,8 @@ info: epss-score: 0.00145 epss-percentile: 0.50326 cpe: cpe:2.3:a:awesomemotive:duplicator:*:*:*:*:-:wordpress:*:* + metadata: + max-request: 2 tags: cve,cve2023,duplicator,duplicator-pro,lfi,wpscan,wordpress,wp-plugin,wp http: diff --git a/http/cves/2023/CVE-2023-6360.yaml b/http/cves/2023/CVE-2023-6360.yaml index 4fa0f7598fd..21741663712 100644 --- a/http/cves/2023/CVE-2023-6360.yaml +++ b/http/cves/2023/CVE-2023-6360.yaml @@ -3,7 +3,7 @@ id: CVE-2023-6360 info: name: WordPress My Calendar <3.4.22 - SQL Injection author: xxcdd - severity: high + severity: critical description: | WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injection within the 'from' and 'to' parameters of the '/my-calendar/v1/events' REST route. impact: | @@ -14,18 +14,23 @@ info: - https://www.joedolson.com/2023/11/my-calendar-3-4-22-security-release/ - https://wordpress.org/plugins/my-calendar/ - https://nvd.nist.gov/vuln/detail/CVE-2023-6360 + - https://github.com/JoshuaMart/JoshuaMart classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-6360 cwe-id: CWE-89 + epss-score: 0.00832 + epss-percentile: 0.81644 cpe: cpe:2.3:a:joedolson:my_calendar:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 verified: true + max-request: 2 + vendor: joedolson + product: my_calendar + framework: wordpress fofa-query: '"wordpress" && body="wp-content/plugins/my-calendar"' tags: cve,cve2023,sqli,wp,wordpress,wpscan,wp-plugin,my-calendar - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6553.yaml b/http/cves/2023/CVE-2023-6553.yaml index 872d9262c9a..8aba6b59050 100644 --- a/http/cves/2023/CVE-2023-6553.yaml +++ b/http/cves/2023/CVE-2023-6553.yaml @@ -9,16 +9,24 @@ info: reference: - https://www.wordfence.com/blog/2023/12/critical-unauthenticated-remote-code-execution-found-in-backup-migration-plugin/ - https://github.com/Chocapikk/CVE-2023-6553 + - http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Remote-Command-Execution.html + - https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-to-use-it + - https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab8-c6e40e3b686e?source=cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-6553 + epss-score: 0.91621 + epss-percentile: 0.98837 + cpe: cpe:2.3:a:backupbliss:backup_migration:*:*:*:*:*:wordpress:*:* metadata: - google-query: inurl:"/wp-content/plugins/backup-backup/" max-request: 2 + vendor: backupbliss + product: backup_migration + framework: wordpress publicwww-query: /wp-content/plugins/backup-backup/ + google-query: inurl:"/wp-content/plugins/backup-backup/" tags: cve,cve2023,wp-plugin,rce,unauth,wordpress,wp - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6567.yaml b/http/cves/2023/CVE-2023-6567.yaml index d43fca12b70..aee193f5da3 100644 --- a/http/cves/2023/CVE-2023-6567.yaml +++ b/http/cves/2023/CVE-2023-6567.yaml @@ -3,7 +3,7 @@ id: CVE-2023-6567 info: name: LearnPress <= 4.2.5.7 - SQL Injection author: iamnoooob,rootxharsh,pdresearch - severity: critical + severity: high description: | The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the 'order_by' parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. remediation: Fixed in version 4.2.5.8 @@ -11,13 +11,24 @@ info: - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/learnpress/learnpress-4257-unauthenticated-sql-injection-via-order-by - https://wpscan.com/vulnerability/c5110450-3b4e-4100-8db4-0d7f5d43c12f/ - https://nvd.nist.gov/vuln/detail/CVE-2023-6567 + - https://plugins.trac.wordpress.org/changeset/3013957/learnpress + - https://www.wordfence.com/threat-intel/vulnerabilities/id/6ab578cd-3a0b-43d3-aaa7-0a01f431a4e2?source=cve classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-6567 + cwe-id: CWE-89 + epss-score: 0.00078 + epss-percentile: 0.32303 + cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 + vendor: thimpress + product: learnpress + framework: wordpress publicwww-query: "/wp-content/plugins/learnpress" - tags: cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli + tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli http: - method: GET diff --git a/http/cves/2023/CVE-2023-6623.yaml b/http/cves/2023/CVE-2023-6623.yaml index 0ec0f61e0b7..cd2ac1ff308 100644 --- a/http/cves/2023/CVE-2023-6623.yaml +++ b/http/cves/2023/CVE-2023-6623.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6623 cwe-id: CWE-22 - epss-score: 0.10258 - epss-percentile: 0.9444 + epss-score: 0.07821 + epss-percentile: 0.94063 cpe: cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6634.yaml b/http/cves/2023/CVE-2023-6634.yaml index 0d74420be22..18caa9a22cc 100644 --- a/http/cves/2023/CVE-2023-6634.yaml +++ b/http/cves/2023/CVE-2023-6634.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6634 cwe-id: CWE-77 - epss-score: 0.0911 - epss-percentile: 0.94073 + epss-score: 0.16476 + epss-percentile: 0.95874 cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6831.yaml b/http/cves/2023/CVE-2023-6831.yaml index bde88b3ab06..353c83e7133 100644 --- a/http/cves/2023/CVE-2023-6831.yaml +++ b/http/cves/2023/CVE-2023-6831.yaml @@ -6,27 +6,27 @@ info: severity: high description: | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. + remediation: | + Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-6831 - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 - https://huntr.com/bounties/0acdd745-0167-4912-9d5c-02035fe5b314 - remediation: | - Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H cvss-score: 8.1 cve-id: CVE-2023-6831 cwe-id: CWE-22 - cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.12693 + cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: + verified: true + max-request: 2 vendor: lfprojects product: mlflow shodan-query: "http.title:\"mlflow\"" - max-request: 2 - verified: true - tags: cve,cve2023,mlflow,pathtraversal,lfprojects + tags: cve,cve2023,mlflow,pathtraversal,lfprojects,intrusive http: - raw: diff --git a/http/cves/2023/CVE-2023-6875.yaml b/http/cves/2023/CVE-2023-6875.yaml index 445d3e5bb0a..b628e62b4c5 100644 --- a/http/cves/2023/CVE-2023-6875.yaml +++ b/http/cves/2023/CVE-2023-6875.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-6875 cwe-id: CWE-862 epss-score: 0.04263 - epss-percentile: 0.91445 + epss-percentile: 0.92089 cpe: cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6895.yaml b/http/cves/2023/CVE-2023-6895.yaml index 4439e31558b..9dbf68e90e2 100644 --- a/http/cves/2023/CVE-2023-6895.yaml +++ b/http/cves/2023/CVE-2023-6895.yaml @@ -19,10 +19,10 @@ info: cpe: cpe:2.3:o:hikvision:intercom_broadcast_system:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: hikvision - product: intercom_broadcast_system - fofa-query: icon_hash="-1830859634" + product: "intercom_broadcast_system" + fofa-query: "icon_hash=\"-1830859634\"" tags: cve,cve2023,hikvision,rce http: diff --git a/http/cves/2023/CVE-2023-6909.yaml b/http/cves/2023/CVE-2023-6909.yaml index 8b4b4a27362..1d6b1c002fa 100644 --- a/http/cves/2023/CVE-2023-6909.yaml +++ b/http/cves/2023/CVE-2023-6909.yaml @@ -3,29 +3,32 @@ id: CVE-2023-6909 info: name: Mlflow <2.9.2 - Path Traversal author: Hyunsoo-ds - severity: critical + severity: high description: | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. - reference: - - https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850/ - - https://nvd.nist.gov/vuln/detail/CVE-2023-6909 - - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 impact: | Successful exploitation could be lead to disclose of sensitive information such as SSH Keys or Internal configurations. remediation: | To fix this vulnerability, it is important to update the mlflow package to the latest version 2.10.0. + reference: + - https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850/ + - https://nvd.nist.gov/vuln/detail/CVE-2023-6909 + - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N - cvss-score: 9.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-6909 cwe-id: CWE-29 + epss-score: 0.00409 + epss-percentile: 0.73387 + cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: - max-request: 5 verified: true + max-request: 5 vendor: lfprojects product: mlflow shodan-query: "http.title:\"mlflow\"" - tags: cve,cve2023,mlflow,lfi + tags: cve,cve2023,mlflow,lfi,intrusive http: - raw: diff --git a/http/cves/2023/CVE-2023-6977.yaml b/http/cves/2023/CVE-2023-6977.yaml index 21be12dbe48..7fd4a975aa3 100644 --- a/http/cves/2023/CVE-2023-6977.yaml +++ b/http/cves/2023/CVE-2023-6977.yaml @@ -14,12 +14,12 @@ info: - https://huntr.com/bounties/fe53bf71-3687-4711-90df-c26172880aaf - https://nvd.nist.gov/vuln/detail/CVE-2023-6977 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6977 cwe-id: CWE-29 - epss-score: 0.00084 - epss-percentile: 0.34913 + epss-score: 0.00409 + epss-percentile: 0.73387 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-0204.yaml b/http/cves/2024/CVE-2024-0204.yaml index 23a9dea13b4..9d76227636b 100644 --- a/http/cves/2024/CVE-2024-0204.yaml +++ b/http/cves/2024/CVE-2024-0204.yaml @@ -11,14 +11,20 @@ info: - https://www.fortra.com/security/advisory/fi-2024-001 - https://github.com/horizon3ai/CVE-2024-0204/blob/main/CVE-2024-0204.py - https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/ + - http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-0204 cwe-id: CWE-425 + epss-score: 0.53864 + epss-percentile: 0.97564 + cpe: cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 + vendor: fortra + product: goanywhere_managed_file_transfer shodan-query: http.favicon.hash:1484947000,1828756398,1170495932 fofa-query: app="GoAnywhere-MFT" zoomeye-query: app:"Fortra GoAnywhere-MFT" diff --git a/http/cves/2024/CVE-2024-0305.yaml b/http/cves/2024/CVE-2024-0305.yaml index 44835c2a0b0..f3bbabb49ed 100644 --- a/http/cves/2024/CVE-2024-0305.yaml +++ b/http/cves/2024/CVE-2024-0305.yaml @@ -12,16 +12,18 @@ info: - https://cxsecurity.com/cveshow/CVE-2024-0305 - https://nvd.nist.gov/vuln/detail/CVE-2024-0305 - https://vuldb.com/?id.249872 + - https://vuldb.com/?ctiid.249872 + - https://github.com/Marco-zcl/POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-0305 - epss-score: 0.00064 - epss-percentile: 0.2597 + epss-score: 0.00796 + epss-percentile: 0.81232 cpe: cpe:2.3:a:ncast_project:ncast:*:*:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: ncast_project product: ncast fofa-query: app="Ncast-产品" && title=="高清智能录播系统" diff --git a/http/cves/2024/CVE-2024-0713.yaml b/http/cves/2024/CVE-2024-0713.yaml index d52bd7843ae..b6b5b06d0c8 100644 --- a/http/cves/2024/CVE-2024-0713.yaml +++ b/http/cves/2024/CVE-2024-0713.yaml @@ -15,17 +15,16 @@ info: cvss-score: 8.8 cve-id: CVE-2024-0713 cwe-id: CWE-434 - cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* epss-score: 0.00061 epss-percentile: 0.2356 + cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* metadata: + verified: true + max-request: 2 vendor: monitorr product: monitorr - verified: true fofa-query: "icon_hash=\"-211006074\"" - max-request: 2 tags: cve,cve2024,file-upload,intrusive,monitorr - variables: file: "{{to_lower(rand_text_alpha(5))}}" diff --git a/http/cves/2024/CVE-2024-1021.yaml b/http/cves/2024/CVE-2024-1021.yaml index bdda7021da4..89b98cf57e0 100644 --- a/http/cves/2024/CVE-2024-1021.yaml +++ b/http/cves/2024/CVE-2024-1021.yaml @@ -3,19 +3,32 @@ id: CVE-2024-1021 info: name: Rebuild <= 3.5.5 - Server-Side Request Forgery author: BMCel - severity: medium + severity: critical description: | There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component. - reference: - - https://github.com/getrebuild/rebuild - - https://nvd.nist.gov/vuln/detail/CVE-2024-1021 impact: | Successful exploitation of this vulnerability can result in unauthorized access to sensitive internal resources. remediation: | Apply the latest security patches or updates provided by Rebuild to fix this vulnerability. + reference: + - https://github.com/getrebuild/rebuild + - https://nvd.nist.gov/vuln/detail/CVE-2024-1021 + - https://vuldb.com/?ctiid.252290 + - https://vuldb.com/?id.252290 + - https://github.com/tanjiti/sec_profile + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2024-1021 + cwe-id: CWE-918 + epss-score: 0.01163 + epss-percentile: 0.84597 + cpe: cpe:2.3:a:ruifang-tech:rebuild:*:*:*:*:*:*:*:* metadata: - max-request: 2 verified: true + max-request: 2 + vendor: ruifang-tech + product: rebuild fofa-query: "icon_hash=\"871154672\"" tags: cve2024,cve,rebuild,ssrf diff --git a/http/cves/2024/CVE-2024-1061.yaml b/http/cves/2024/CVE-2024-1061.yaml index 4b0b41b0834..9279d4cacf2 100644 --- a/http/cves/2024/CVE-2024-1061.yaml +++ b/http/cves/2024/CVE-2024-1061.yaml @@ -3,26 +3,34 @@ id: CVE-2024-1061 info: name: WordPress HTML5 Video Player - SQL Injection author: xxcdd - severity: high + severity: critical description: | WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can exploit this vulnerability to perform SQL injection attacks. - reference: - - https://www.tenable.com/security/research/tra-2024-02 - - https://wordpress.org/plugins/html5-video-player - - https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1061 impact: | Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. remediation: | Vendor did not acknowledge vulnerability but the issue seems to have been fixed in version 2.5.25. + reference: + - https://www.tenable.com/security/research/tra-2024-02 + - https://wordpress.org/plugins/html5-video-player + - https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1061 + - https://github.com/tanjiti/sec_profile + - https://github.com/JoshuaMart/JoshuaMart classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2024-1061 cwe-id: CWE-89 + epss-score: 0.00934 + epss-percentile: 0.82678 + cpe: cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:*:wordpress:*:* metadata: verified: true - fofa-query: "\"wordpress\" && body=\"html5-video-player\"" max-request: 1 + vendor: bplugins + product: html5_video_player + framework: wordpress + fofa-query: "\"wordpress\" && body=\"html5-video-player\"" tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player http: diff --git a/http/cves/2024/CVE-2024-1071.yaml b/http/cves/2024/CVE-2024-1071.yaml index 6302bfd4bda..3bbcb6db7ea 100644 --- a/http/cves/2024/CVE-2024-1071.yaml +++ b/http/cves/2024/CVE-2024-1071.yaml @@ -10,16 +10,23 @@ info: reference: - https://www.wordfence.com/blog/2024/02/2063-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-ultimate-member-wordpress-plugin/ - https://securityonline.info/cve-2024-1071-wordpress-ultimate-member-plugin-under-active-attack/ + - https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076 + - https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076#L666 + - https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076#L858 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2024-1071 cwe-id: CWE-89 + epss-score: 0.00063 + epss-percentile: 0.24988 metadata: verified: true max-request: 2 framework: wordpress + fofa-query: body="/wp-content/plugins/ultimate-member" publicwww-query: "/wp-content/plugins/ultimate-member/" zoomeye-query: app:"WordPress Ultimate Member Plugin" - fofa-query: body="/wp-content/plugins/ultimate-member" tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin http: diff --git a/http/cves/2024/CVE-2024-1208.yaml b/http/cves/2024/CVE-2024-1208.yaml index a3a67c512c0..2beec940980 100644 --- a/http/cves/2024/CVE-2024-1208.yaml +++ b/http/cves/2024/CVE-2024-1208.yaml @@ -10,19 +10,24 @@ info: reference: - https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210 - https://nvd.nist.gov/vuln/detail/CVE-2024-1208 + - https://www.wordfence.com/threat-intel/vulnerabilities/id/ae735117-e68b-448e-ad41-258d1be3aebc?source=cve + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-1208 + epss-score: 0.01024 + epss-percentile: 0.83462 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: learndash product: learndash framework: wordpress - googledork-query: inurl:"/wp-content/plugins/sfwd-lms" publicwww-query: "/wp-content/plugins/sfwd-lms" + googledork-query: inurl:"/wp-content/plugins/sfwd-lms" tags: cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash http: diff --git a/http/cves/2024/CVE-2024-1209.yaml b/http/cves/2024/CVE-2024-1209.yaml index 7c8cfde3c73..699e3a032fd 100644 --- a/http/cves/2024/CVE-2024-1209.yaml +++ b/http/cves/2024/CVE-2024-1209.yaml @@ -17,14 +17,14 @@ info: cve-id: CVE-2024-1209 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: learndash product: learndash framework: wordpress - googledork-query: inurl:"/wp-content/plugins/sfwd-lms" publicwww-query: "/wp-content/plugins/sfwd-lms" - tags: cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash + googledork-query: inurl:"/wp-content/plugins/sfwd-lms" + tags: wpscan,cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash http: - method: GET diff --git a/http/cves/2024/CVE-2024-1210.yaml b/http/cves/2024/CVE-2024-1210.yaml index 39895bd53ae..c85375b2f7c 100644 --- a/http/cves/2024/CVE-2024-1210.yaml +++ b/http/cves/2024/CVE-2024-1210.yaml @@ -17,14 +17,14 @@ info: cve-id: CVE-2024-1210 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: learndash product: learndash framework: wordpress - googledork-query: inurl:"/wp-content/plugins/sfwd-lms" publicwww-query: "/wp-content/plugins/sfwd-lms" - tags: cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash + googledork-query: inurl:"/wp-content/plugins/sfwd-lms" + tags: wpscan,cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash http: - method: GET diff --git a/http/cves/2024/CVE-2024-1212.yaml b/http/cves/2024/CVE-2024-1212.yaml index d27b2d6a709..bd29772deb3 100644 --- a/http/cves/2024/CVE-2024-1212.yaml +++ b/http/cves/2024/CVE-2024-1212.yaml @@ -11,13 +11,14 @@ info: - https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212 - https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 - https://nvd.nist.gov/vuln/detail/CVE-2024-1212 + - https://freeloadbalancer.com/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2024-1212 cwe-id: CWE-78 - epss-score: 0.00046 - epss-percentile: 0.13478 + epss-score: 0.00721 + epss-percentile: 0.802 metadata: verified: true max-request: 1 diff --git a/http/cves/2024/CVE-2024-1709.yaml b/http/cves/2024/CVE-2024-1709.yaml index 8afaaf6e0fc..a3b025cc5a6 100644 --- a/http/cves/2024/CVE-2024-1709.yaml +++ b/http/cves/2024/CVE-2024-1709.yaml @@ -13,7 +13,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2024-1709 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 + cvss-score: 10 cve-id: CVE-2024-1709 cwe-id: CWE-288 metadata: @@ -26,7 +26,6 @@ info: zoomeye-query: app:"ScreenConnect Remote Management Software" hunter-query: app.name="ConnectWise ScreenConnect software" tags: cve,cve2024,screenconnect,connectwise,auth-bypass,kev - variables: string: "{{rand_text_alpha(10)}}" diff --git a/http/cves/2024/CVE-2024-21644.yaml b/http/cves/2024/CVE-2024-21644.yaml index 75082d6594e..42d6ca63da3 100644 --- a/http/cves/2024/CVE-2024-21644.yaml +++ b/http/cves/2024/CVE-2024-21644.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2024-21644 cwe-id: CWE-284 - epss-score: 0.00186 - epss-percentile: 0.56007 + epss-score: 0.41231 + epss-percentile: 0.97205 cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-21645.yaml b/http/cves/2024/CVE-2024-21645.yaml index 96994c68e56..98e2f16367c 100644 --- a/http/cves/2024/CVE-2024-21645.yaml +++ b/http/cves/2024/CVE-2024-21645.yaml @@ -6,28 +6,27 @@ info: severity: medium description: | A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. + impact: | + Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act. reference: - https://github.com/advisories/GHSA-ghmw-rwh8-6qmr - https://nvd.nist.gov/vuln/detail/CVE-2024-21645 - https://github.com/fkie-cad/nvd-json-data-feeds - impact: | - Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N cvss-score: 5.3 cve-id: CVE-2024-21645 cwe-id: CWE-74 - cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.13723 + cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true + max-request: 2 vendor: pyload product: pyload shodan-query: "title:\"pyload\"" - max-request: 2 tags: cve,cve2024,pyload,authenticated,injection - variables: str: "{{rand_base(6)}}" diff --git a/http/cves/2024/CVE-2024-21887.yaml b/http/cves/2024/CVE-2024-21887.yaml index 910945cca98..8b3b4aa7aef 100644 --- a/http/cves/2024/CVE-2024-21887.yaml +++ b/http/cves/2024/CVE-2024-21887.yaml @@ -7,11 +7,17 @@ info: description: A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. reference: - https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US + - http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html + - https://github.com/farukokutan/Threat-Intelligence-Research-Reports + - https://github.com/lions2012/Penetration_Testing_POC + - https://github.com/Chocapikk/CVE-2024-21887 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.1 cve-id: CVE-2024-21887 cwe-id: CWE-77 + epss-score: 0.97322 + epss-percentile: 0.99871 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2024/CVE-2024-21893.yaml b/http/cves/2024/CVE-2024-21893.yaml index d771bde4f9e..9e27a3867c2 100644 --- a/http/cves/2024/CVE-2024-21893.yaml +++ b/http/cves/2024/CVE-2024-21893.yaml @@ -10,17 +10,21 @@ info: - https://attackerkb.com/topics/FGlK1TVnB2/cve-2024-21893/rapid7-analysis - https://www.assetnote.io/resources/research/ivantis-pulse-connect-secure-auth-bypass-round-two - https://github.com/advisories/GHSA-5rr9-mqhj-7cr2 + - https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887 + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N cvss-score: 8.2 cve-id: CVE-2024-21893 cwe-id: CWE-918 + epss-score: 0.96249 + epss-percentile: 0.9949 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* metadata: + max-request: 1 vendor: ivanti product: "connect_secure" shodan-query: "html:\"welcome.cgi?p=logo\"" - max-request: 1 tags: cve,cve2024,kev,ssrf,ivanti http: diff --git a/http/cves/2024/CVE-2024-22320.yaml b/http/cves/2024/CVE-2024-22320.yaml index 8ab570a3587..9f8485ac709 100644 --- a/http/cves/2024/CVE-2024-22320.yaml +++ b/http/cves/2024/CVE-2024-22320.yaml @@ -14,8 +14,8 @@ info: cvss-score: 8.8 cve-id: CVE-2024-22320 cwe-id: CWE-502 - epss-score: 0.00283 - epss-percentile: 0.67773 + epss-score: 0.38316 + epss-percentile: 0.97125 cpe: cpe:2.3:a:ibm:operational_decision_manager:8.10.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-25600.yaml b/http/cves/2024/CVE-2024-25600.yaml index b9f9d584b30..9277301ee32 100644 --- a/http/cves/2024/CVE-2024-25600.yaml +++ b/http/cves/2024/CVE-2024-25600.yaml @@ -13,9 +13,9 @@ info: - https://github.com/Chocapikk/CVE-2024-25600 - https://op-c.net/blog/cve-2024-25600-wordpresss-bricks-builder-rce-flaw-under-active-exploitation metadata: - publicwww-query: "/wp-content/themes/bricks/" verified: true max-request: 2 + publicwww-query: "/wp-content/themes/bricks/" tags: cve,cve2024,wpscan,wordpress,wp-plugin,wp,bricks,rce http: diff --git a/http/cves/2024/CVE-2024-25669.yaml b/http/cves/2024/CVE-2024-25669.yaml index fd62ad6bd6f..e66204fd26a 100644 --- a/http/cves/2024/CVE-2024-25669.yaml +++ b/http/cves/2024/CVE-2024-25669.yaml @@ -21,8 +21,8 @@ info: epss-percentile: 0.65504 cpe: cpe:2.3:a:a360inc:caseaware:-:*:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: a360inc product: caseaware fofa-query: title="CaseAware" diff --git a/http/cves/2024/CVE-2024-25735.yaml b/http/cves/2024/CVE-2024-25735.yaml index 3f202bdf8d2..39dddacc726 100644 --- a/http/cves/2024/CVE-2024-25735.yaml +++ b/http/cves/2024/CVE-2024-25735.yaml @@ -15,7 +15,7 @@ info: vendor: wyrestorm product: apollo vx20 shodan-query: ssl:"WyreStorm Apollo VX20" - tags: cve,cve2024,wyrestorm,info-leak + tags: packetstorm,cve,cve2024,wyrestorm,info-leak http: - method: GET diff --git a/http/cves/2024/CVE-2024-27198.yaml b/http/cves/2024/CVE-2024-27198.yaml index f3f138486d1..6359103aecb 100644 --- a/http/cves/2024/CVE-2024-27198.yaml +++ b/http/cves/2024/CVE-2024-27198.yaml @@ -9,15 +9,24 @@ info: reference: - https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ - https://nvd.nist.gov/vuln/detail/CVE-2024-27198 + - https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive + - https://github.com/rampantspark/CVE-2024-27198 + - https://github.com/fireinrain/github-trending classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 + cve-id: CVE-2024-27198 cwe-id: CWE-288 + epss-score: 0.97209 + epss-percentile: 0.99812 + cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 + vendor: jetbrains + product: teamcity shodan-query: http.component:"TeamCity" - tags: cve,cve2024,teamcity,jetbrains,auth-bypass + tags: cve,cve2024,teamcity,jetbrains,auth-bypass,kev http: - method: GET diff --git a/http/cves/2024/CVE-2024-27497.yaml b/http/cves/2024/CVE-2024-27497.yaml index 60918403602..8839a592c9e 100644 --- a/http/cves/2024/CVE-2024-27497.yaml +++ b/http/cves/2024/CVE-2024-27497.yaml @@ -9,6 +9,11 @@ info: reference: - https://warp-desk-89d.notion.site/Linksys-E-2000-efcd532d8dcf4710a4af13fca131a5b8 - https://nvd.nist.gov/vuln/detail/CVE-2024-27497 + - https://github.com/Ostorlab/KEV + - https://github.com/fkie-cad/nvd-json-data-feeds + classification: + epss-score: 0.00053 + epss-percentile: 0.19239 metadata: verified: true max-request: 1 diff --git a/http/cves/2024/CVE-2024-27954.yaml b/http/cves/2024/CVE-2024-27954.yaml index ea42f132793..73b35bc18e0 100644 --- a/http/cves/2024/CVE-2024-27954.yaml +++ b/http/cves/2024/CVE-2024-27954.yaml @@ -12,13 +12,13 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27954 classification: cvss-score: 9.8 - cwe-id: CWE-918 cve-id: CVE-2022-1970 + cwe-id: CWE-918 metadata: - max-request: 1 verified: true + max-request: 1 publicwww-query: "/wp-content/plugins/wp-automatic" - tags: cve,cve2024,wp,wordpress,wp-plugin,lfi,ssrf,wp-automatic + tags: wpscan,cve,cve2024,wp,wordpress,wp-plugin,lfi,ssrf,wp-automatic http: - method: GET diff --git a/http/default-logins/druid/druid-default-login.yaml b/http/default-logins/druid/druid-default-login.yaml index f6235569af5..f7997ffd4b3 100644 --- a/http/default-logins/druid/druid-default-login.yaml +++ b/http/default-logins/druid/druid-default-login.yaml @@ -8,10 +8,9 @@ info: classification: cwe-id: CWE-798 metadata: - fofa-query: title="druid monitor" max-request: 2 + fofa-query: title="druid monitor" tags: druid,alibaba,default-login - flow: http(1) && http(2) http: diff --git a/http/default-logins/ibm/ibm-dcbc-default-login.yaml b/http/default-logins/ibm/ibm-dcbc-default-login.yaml index 4772caa9fde..b8f83b2ded0 100644 --- a/http/default-logins/ibm/ibm-dcbc-default-login.yaml +++ b/http/default-logins/ibm/ibm-dcbc-default-login.yaml @@ -8,8 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.0.1?topic=users-tutorial-getting-started-decision-center-business-console metadata: verified: true - shodan-query: "title=\"Decision Center | Business Console\"" max-request: 1 + shodan-query: "title=\"Decision Center | Business Console\"" tags: ibm,default-login,decision-center http: diff --git a/http/default-logins/ibm/ibm-dcec-default-login.yaml b/http/default-logins/ibm/ibm-dcec-default-login.yaml index 94ebd7002ef..4bb0f239aa6 100644 --- a/http/default-logins/ibm/ibm-dcec-default-login.yaml +++ b/http/default-logins/ibm/ibm-dcec-default-login.yaml @@ -8,8 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise metadata: verified: true - shodan-query: "html=\"Decision Center Enterprise console\"" max-request: 1 + shodan-query: "html=\"Decision Center Enterprise console\"" tags: ibm,default-login,decision-center http: diff --git a/http/default-logins/ibm/ibm-dsc-default-login.yaml b/http/default-logins/ibm/ibm-dsc-default-login.yaml index 0a6aeea4fc0..682a64e110b 100644 --- a/http/default-logins/ibm/ibm-dsc-default-login.yaml +++ b/http/default-logins/ibm/ibm-dsc-default-login.yaml @@ -8,8 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.8.0?topic=center-overview-decision metadata: verified: true - shodan-query: "title:\"Rule Execution Server\"" max-request: 1 + shodan-query: "title:\"Rule Execution Server\"" tags: ibm,default-login,decision-server http: diff --git a/http/default-logins/ibm/ibm-hmc-default-login.yaml b/http/default-logins/ibm/ibm-hmc-default-login.yaml index a00142c20c6..27cf74663a7 100644 --- a/http/default-logins/ibm/ibm-hmc-default-login.yaml +++ b/http/default-logins/ibm/ibm-hmc-default-login.yaml @@ -13,8 +13,8 @@ info: cvss-score: 8.3 cwe-id: CWE-522 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:262502857 tags: default-login,ibm,hmc diff --git a/http/default-logins/ibm/imm-default-login.yaml b/http/default-logins/ibm/imm-default-login.yaml index f601f2517b8..67e83595dc7 100644 --- a/http/default-logins/ibm/imm-default-login.yaml +++ b/http/default-logins/ibm/imm-default-login.yaml @@ -14,8 +14,8 @@ info: metadata: verified: true max-request: 1 - fofa-query: "integrated management module" shodan-query: html:"ibmdojo" + fofa-query: "integrated management module" tags: imm,ibm,default-login http: diff --git a/http/default-logins/ispconfig-default-login.yaml b/http/default-logins/ispconfig-default-login.yaml index 450ae6886a6..f297f5ec94c 100644 --- a/http/default-logins/ispconfig-default-login.yaml +++ b/http/default-logins/ispconfig-default-login.yaml @@ -8,7 +8,8 @@ info: ISPConfig Default Password Vulnerability exposes systems to unauthorized access, compromising data integrity and security. metadata: verified: true - shodan-query: http.title:"ispconfig" + max-request: 9 + shodan-query: "http.title:\"ispconfig\"" tags: default-login,ispconfig http: diff --git a/http/default-logins/lucee/lucee-default-login.yaml b/http/default-logins/lucee/lucee-default-login.yaml index 465f166da92..e12f0de6aeb 100644 --- a/http/default-logins/lucee/lucee-default-login.yaml +++ b/http/default-logins/lucee/lucee-default-login.yaml @@ -12,7 +12,7 @@ info: cwe-id: CWE-1392 metadata: verified: true - max-request: 2 + max-request: 1 shodan-query: "html:\"Lucee\"" fofa-query: "app=\"Lucee-Engine\"" tags: lucee,default-login diff --git a/http/default-logins/webmethod/webmethod-integration-default-login.yaml b/http/default-logins/webmethod/webmethod-integration-default-login.yaml index 91c1a340d02..e539379df17 100644 --- a/http/default-logins/webmethod/webmethod-integration-default-login.yaml +++ b/http/default-logins/webmethod/webmethod-integration-default-login.yaml @@ -7,11 +7,10 @@ info: reference: - https://documentation.softwareag.com/ metadata: - shodan-query: "http.favicon.hash:-234335289" - max-request: 5 verified: true + max-request: 5 + shodan-query: "http.favicon.hash:-234335289" tags: default-login,webmethod - flow: http(1) && http(2) http: diff --git a/http/exposed-panels/3cx-phone-management-panel.yaml b/http/exposed-panels/3cx-phone-management-panel.yaml index ac9d33c3b75..6058cf09740 100644 --- a/http/exposed-panels/3cx-phone-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-management-panel.yaml @@ -14,9 +14,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: 3cx product: 3cx - max-request: 1 shodan-query: - http.title:"3CX Phone System Management Console" - http.favicon.hash:970132176 diff --git a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml index 166e20a1ac3..a0b9b4bdfcc 100644 --- a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml @@ -14,9 +14,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: 3cx product: 3cx - max-request: 1 shodan-query: http.title:"3CX Webclient" google-query: intitle:"3CX Webclient" tags: panel,3cx diff --git a/http/exposed-panels/acemanager-login.yaml b/http/exposed-panels/acemanager-login.yaml index 8996e95184f..7e00df874cb 100644 --- a/http/exposed-panels/acemanager-login.yaml +++ b/http/exposed-panels/acemanager-login.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: sierrawireless product: airlink_mobility_manager - max-request: 1 fofa-query: app="ACEmanager" tags: panel,login,tech,acemanager diff --git a/http/exposed-panels/active-admin-exposure.yaml b/http/exposed-panels/active-admin-exposure.yaml index 4fbda74150c..19d8488092a 100644 --- a/http/exposed-panels/active-admin-exposure.yaml +++ b/http/exposed-panels/active-admin-exposure.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: activeadmin product: activeadmin - max-request: 1 tags: panel,activeadmin http: diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index b847e734c7a..fd06c9b8960 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: activemq - max-request: 1 tags: panel,activemq,apache http: diff --git a/http/exposed-panels/adiscon-loganalyzer.yaml b/http/exposed-panels/adiscon-loganalyzer.yaml index c2cc4291e95..41ba5d061bd 100644 --- a/http/exposed-panels/adiscon-loganalyzer.yaml +++ b/http/exposed-panels/adiscon-loganalyzer.yaml @@ -12,9 +12,9 @@ info: cvss-score: 7.5 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adiscon product: loganalyzer - max-request: 1 tags: adiscon,loganalyzer,syslog,exposure,panel http: diff --git a/http/exposed-panels/adminer-panel-detect.yaml b/http/exposed-panels/adminer-panel-detect.yaml index 6778f37ea00..8d38b0f9b28 100644 --- a/http/exposed-panels/adminer-panel-detect.yaml +++ b/http/exposed-panels/adminer-panel-detect.yaml @@ -16,9 +16,9 @@ info: # Most versions have some kind of SSRF usability # Is generally handy if you find SQL creds metadata: + max-request: 741 vendor: adminer product: adminer - max-request: 741 tags: panel,fuzz,adminer,login,sqli http: diff --git a/http/exposed-panels/adminer-panel.yaml b/http/exposed-panels/adminer-panel.yaml index 0f2802e079b..ed7b466c5c4 100644 --- a/http/exposed-panels/adminer-panel.yaml +++ b/http/exposed-panels/adminer-panel.yaml @@ -10,10 +10,10 @@ info: classification: cwe-id: CWE-200 metadata: - vendor: adminer - product: adminer verified: true max-request: 8 + vendor: adminer + product: adminer shodan-query: title:"Login - Adminer" tags: panel,adminer diff --git a/http/exposed-panels/adobe/adobe-component-login.yaml b/http/exposed-panels/adobe/adobe-component-login.yaml index d9f2408fa2b..4ce1fd7b95f 100644 --- a/http/exposed-panels/adobe/adobe-component-login.yaml +++ b/http/exposed-panels/adobe/adobe-component-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 2 vendor: adobe product: coldfusion - max-request: 2 shodan-query: http.component:"Adobe ColdFusion" tags: panel,adobe,coldfusion,edb diff --git a/http/exposed-panels/adobe/adobe-connect-central-login.yaml b/http/exposed-panels/adobe/adobe-connect-central-login.yaml index 031d34d8d2e..3861f8b5cb5 100644 --- a/http/exposed-panels/adobe/adobe-connect-central-login.yaml +++ b/http/exposed-panels/adobe/adobe-connect-central-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: connect - max-request: 1 tags: adobe,panel,connect-central http: diff --git a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml index a562a4ec1eb..082b6316847 100644 --- a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml +++ b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: experience_manager - max-request: 1 shodan-query: http.title:"AEM Sign In" tags: panel,aem,adobe diff --git a/http/exposed-panels/adobe/aem-crx-package-manager.yaml b/http/exposed-panels/adobe/aem-crx-package-manager.yaml index 69da2e03735..37cc15284b5 100644 --- a/http/exposed-panels/adobe/aem-crx-package-manager.yaml +++ b/http/exposed-panels/adobe/aem-crx-package-manager.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: experience_manager - max-request: 1 shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" diff --git a/http/exposed-panels/adobe/aem-sling-login.yaml b/http/exposed-panels/adobe/aem-sling-login.yaml index 2810aa476d6..07b55a7988c 100644 --- a/http/exposed-panels/adobe/aem-sling-login.yaml +++ b/http/exposed-panels/adobe/aem-sling-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: experience_manager - max-request: 1 shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" diff --git a/http/exposed-panels/afterlogic-webmail-login.yaml b/http/exposed-panels/afterlogic-webmail-login.yaml index 2fa89ab2d24..27750c70c48 100644 --- a/http/exposed-panels/afterlogic-webmail-login.yaml +++ b/http/exposed-panels/afterlogic-webmail-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: afterlogic product: aurora - max-request: 1 fofa-query: "X-Server: AfterlogicDAVServer" tags: panel,afterlogic,login,detect diff --git a/http/exposed-panels/airflow-panel.yaml b/http/exposed-panels/airflow-panel.yaml index 9c5beacde3d..28e4c147ef8 100644 --- a/http/exposed-panels/airflow-panel.yaml +++ b/http/exposed-panels/airflow-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 2 vendor: apache product: airflow - max-request: 2 shodan-query: title:"Sign In - Airflow" tags: panel,apache,airflow,admin diff --git a/http/exposed-panels/akamai-cloudtest.yaml b/http/exposed-panels/akamai-cloudtest.yaml index b00898030c8..f1439caba65 100644 --- a/http/exposed-panels/akamai-cloudtest.yaml +++ b/http/exposed-panels/akamai-cloudtest.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: akamai product: cloudtest - max-request: 1 tags: panel,akamai http: diff --git a/http/exposed-panels/alfresco-detect.yaml b/http/exposed-panels/alfresco-detect.yaml index 4ecadb297ff..b149393e542 100644 --- a/http/exposed-panels/alfresco-detect.yaml +++ b/http/exposed-panels/alfresco-detect.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: alfresco product: alfresco - max-request: 1 tags: alfresco,tech,panel http: diff --git a/http/exposed-panels/allied-telesis-exposure.yaml b/http/exposed-panels/allied-telesis-exposure.yaml index 0f72e3228cc..825744835cf 100644 --- a/http/exposed-panels/allied-telesis-exposure.yaml +++ b/http/exposed-panels/allied-telesis-exposure.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: allied_telesis - product: device_gui verified: true max-request: 1 + vendor: allied_telesis + product: device_gui shodan-query: title:"Allied Telesis Device GUI" tags: panel,allied diff --git a/http/exposed-panels/ambari-exposure.yaml b/http/exposed-panels/ambari-exposure.yaml index 434946a4eaa..b096151e48c 100644 --- a/http/exposed-panels/ambari-exposure.yaml +++ b/http/exposed-panels/ambari-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 1 vendor: apache product: ambari - max-request: 1 tags: panel,apache,ambari,exposure http: diff --git a/http/exposed-panels/amcrest-login.yaml b/http/exposed-panels/amcrest-login.yaml index f10919c2fdb..61239a0f396 100644 --- a/http/exposed-panels/amcrest-login.yaml +++ b/http/exposed-panels/amcrest-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: amcrest product: ip2m-853ew - max-request: 1 shodan-query: html:"amcrest" google-query: intext:"amcrest" "LDAP User" tags: panel,camera,amcrest,edb diff --git a/http/exposed-panels/ametys-admin-login.yaml b/http/exposed-panels/ametys-admin-login.yaml index a47109ee2d5..ec0677628ee 100644 --- a/http/exposed-panels/ametys-admin-login.yaml +++ b/http/exposed-panels/ametys-admin-login.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: ametys product: ametys - max-request: 1 tags: panel,ametys,cms http: diff --git a/http/exposed-panels/amp-application-panel.yaml b/http/exposed-panels/amp-application-panel.yaml index bd35b9e9e0b..c08a536d109 100644 --- a/http/exposed-panels/amp-application-panel.yaml +++ b/http/exposed-panels/amp-application-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: cubecoders - product: amp verified: true max-request: 1 + vendor: cubecoders + product: amp shodan-query: title:"AMP - Application Management Panel" tags: panel,amp diff --git a/http/exposed-panels/ampache-panel.yaml b/http/exposed-panels/ampache-panel.yaml index dcbaa1d4964..81853d04073 100644 --- a/http/exposed-panels/ampache-panel.yaml +++ b/http/exposed-panels/ampache-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ampache - product: ampache verified: true max-request: 3 + vendor: ampache + product: ampache shodan-query: http.title:"For the Love of Music" tags: panel,ampache diff --git a/http/exposed-panels/ansible-tower-exposure.yaml b/http/exposed-panels/ansible-tower-exposure.yaml index 1c136b97b0d..d0d1145809c 100644 --- a/http/exposed-panels/ansible-tower-exposure.yaml +++ b/http/exposed-panels/ansible-tower-exposure.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redhat product: ansible_tower - max-request: 1 shodan-query: title:"Ansible Tower" google-query: intitle:"Ansible Tower" tags: panel,ansible diff --git a/http/exposed-panels/apache-jmeter-dashboard.yaml b/http/exposed-panels/apache-jmeter-dashboard.yaml index a98e6f165dd..e7ac427a06d 100644 --- a/http/exposed-panels/apache-jmeter-dashboard.yaml +++ b/http/exposed-panels/apache-jmeter-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: jmeter verified: true max-request: 1 + vendor: apache + product: jmeter shodan-query: title:"Apache JMeter Dashboard" tags: apache,jmeter,panel diff --git a/http/exposed-panels/apache/apache-apisix-panel.yaml b/http/exposed-panels/apache/apache-apisix-panel.yaml index c1150df4a8e..b506d99220b 100644 --- a/http/exposed-panels/apache/apache-apisix-panel.yaml +++ b/http/exposed-panels/apache/apache-apisix-panel.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: apisix - max-request: 1 fofa-query: title="Apache APISIX Dashboard" tags: apache,apisix,panel diff --git a/http/exposed-panels/apache/apache-mesos-panel.yaml b/http/exposed-panels/apache/apache-mesos-panel.yaml index 3d0735c23c3..83d7336930c 100644 --- a/http/exposed-panels/apache/apache-mesos-panel.yaml +++ b/http/exposed-panels/apache/apache-mesos-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: mesos verified: true max-request: 2 + vendor: apache + product: mesos shodan-query: http.title:"Mesos" fofa-query: app="APACHE-MESOS" tags: panel,apache,mesos diff --git a/http/exposed-panels/apache/public-tomcat-manager.yaml b/http/exposed-panels/apache/public-tomcat-manager.yaml index 0c00ae899ba..95ef6b062c6 100644 --- a/http/exposed-panels/apache/public-tomcat-manager.yaml +++ b/http/exposed-panels/apache/public-tomcat-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: apache product: tomcat - max-request: 2 shodan-query: title:"Apache Tomcat" tags: panel,tomcat,apache diff --git a/http/exposed-panels/apigee-panel.yaml b/http/exposed-panels/apigee-panel.yaml index bcb84b21709..20f33c69361 100644 --- a/http/exposed-panels/apigee-panel.yaml +++ b/http/exposed-panels/apigee-panel.yaml @@ -1,19 +1,19 @@ id: apigee-panel -info: - name: Apigee Login Panel - Detect - author: righettod - severity: info - description: | - Apigee login panel was detected. - reference: - - https://cloud.google.com/apigee?hl=en - metadata: - max-request: 1 - verified: true - shodan-query: http.favicon.hash:"-839356603" - tags: panel,apigee,login - +info: + name: Apigee Login Panel - Detect + author: righettod + severity: info + description: | + Apigee login panel was detected. + reference: + - https://cloud.google.com/apigee?hl=en + metadata: + verified: true + max-request: 1 + shodan-query: http.favicon.hash:"-839356603" + tags: panel,apigee,login + http: - method: GET path: diff --git a/http/exposed-panels/appsmith-web-login.yaml b/http/exposed-panels/appsmith-web-login.yaml index 01f0fd27c79..8f4afedc200 100644 --- a/http/exposed-panels/appsmith-web-login.yaml +++ b/http/exposed-panels/appsmith-web-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: appsmith - product: appsmith verified: true max-request: 1 + vendor: appsmith + product: appsmith shodan-query: http.title:"appsmith" tags: panel,appsmith diff --git a/http/exposed-panels/appspace-panel.yaml b/http/exposed-panels/appspace-panel.yaml index ad1fff6deb6..52a060ef871 100644 --- a/http/exposed-panels/appspace-panel.yaml +++ b/http/exposed-panels/appspace-panel.yaml @@ -8,10 +8,10 @@ info: reference: - https://www.appspace.com/ metadata: - vendor: appspace - product: appspace verified: true max-request: 3 + vendor: appspace + product: appspace shodan-query: title:"Appspace" tags: appspace,panel,detect diff --git a/http/exposed-panels/appsuite-panel.yaml b/http/exposed-panels/appsuite-panel.yaml index 1bbfef2d71b..17b5912610b 100644 --- a/http/exposed-panels/appsuite-panel.yaml +++ b/http/exposed-panels/appsuite-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDK severity: info metadata: - vendor: open-xchange - product: open-xchange_appsuite verified: true max-request: 1 + vendor: open-xchange + product: open-xchange_appsuite shodan-query: html:"Appsuite" tags: panel,appsuite,detect diff --git a/http/exposed-panels/appwrite-panel.yaml b/http/exposed-panels/appwrite-panel.yaml index 4529886202f..b956b5ae78d 100644 --- a/http/exposed-panels/appwrite-panel.yaml +++ b/http/exposed-panels/appwrite-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: appwrite - product: appwrite verified: true max-request: 2 + vendor: appwrite + product: appwrite shodan-query: http.favicon.hash:-633108100 tags: panel,appwrite,detect diff --git a/http/exposed-panels/arangodb-web-Interface.yaml b/http/exposed-panels/arangodb-web-Interface.yaml index 5eaef47ecdd..d6742d9673c 100644 --- a/http/exposed-panels/arangodb-web-Interface.yaml +++ b/http/exposed-panels/arangodb-web-Interface.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.arangodb.com/docs/stable/ metadata: - vendor: arangodb - product: arangodb verified: "true" max-request: 1 + vendor: arangodb + product: arangodb shodan-query: http.title:"ArangoDB Web Interface" tags: panel,arangodb,login diff --git a/http/exposed-panels/arcgis/arcgis-panel.yaml b/http/exposed-panels/arcgis/arcgis-panel.yaml index bccd1147ca8..9faec90afbf 100644 --- a/http/exposed-panels/arcgis/arcgis-panel.yaml +++ b/http/exposed-panels/arcgis/arcgis-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: esri product: arcgis_enterprise - max-request: 1 tags: docs,arcgis,cms,panel http: diff --git a/http/exposed-panels/arcgis/arcgis-services.yaml b/http/exposed-panels/arcgis/arcgis-services.yaml index 4456ac363d2..0ebeba5ee89 100644 --- a/http/exposed-panels/arcgis/arcgis-services.yaml +++ b/http/exposed-panels/arcgis/arcgis-services.yaml @@ -8,10 +8,10 @@ info: reference: - https://enterprise.arcgis.com/en/ metadata: - vendor: esri - product: arcgis_server verified: true max-request: 1 + vendor: esri + product: arcgis_server shodan-query: title:"ArcGIS" tags: panel,arcgis,rest,api,detect diff --git a/http/exposed-panels/archibus-webcentral-panel.yaml b/http/exposed-panels/archibus-webcentral-panel.yaml index b14637e57d0..c6fc641cf50 100644 --- a/http/exposed-panels/archibus-webcentral-panel.yaml +++ b/http/exposed-panels/archibus-webcentral-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: archibus - product: web_central verified: true max-request: 3 + vendor: archibus + product: web_central shodan-query: http.favicon.hash:889652940 tags: panel,archibus diff --git a/http/exposed-panels/arcserve-panel.yaml b/http/exposed-panels/arcserve-panel.yaml index 0b68a021100..58ac7ccb80e 100644 --- a/http/exposed-panels/arcserve-panel.yaml +++ b/http/exposed-panels/arcserve-panel.yaml @@ -8,10 +8,10 @@ info: - https://twitter.com/HunterMapping/status/1674267368359444480 - https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe metadata: - vendor: arcserve - product: udp verified: true max-request: 1 + vendor: arcserve + product: udp shodan-query: http.favicon.hash:-1889244460 fofa-query: icon_hash="-1889244460" tags: panel,login,arcserve,detect diff --git a/http/exposed-panels/arris-modem-detect.yaml b/http/exposed-panels/arris-modem-detect.yaml index b325bb25a9e..897e030df45 100644 --- a/http/exposed-panels/arris-modem-detect.yaml +++ b/http/exposed-panels/arris-modem-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: commscope - product: dg3450 verified: true max-request: 1 + vendor: commscope + product: dg3450 shodan-query: html:"phy.htm" tags: panel,arris diff --git a/http/exposed-panels/atlantis-detect.yaml b/http/exposed-panels/atlantis-detect.yaml index 941df612820..f959167d3ef 100644 --- a/http/exposed-panels/atlantis-detect.yaml +++ b/http/exposed-panels/atlantis-detect.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: runatlantis - product: atlantis verified: true max-request: 1 + vendor: runatlantis + product: atlantis shodan-query: http.favicon.hash:-1706783005 tags: panel,atlantis diff --git a/http/exposed-panels/atlassian-bamboo-panel.yaml b/http/exposed-panels/atlassian-bamboo-panel.yaml index 7d4dd939186..3faf916ca10 100644 --- a/http/exposed-panels/atlassian-bamboo-panel.yaml +++ b/http/exposed-panels/atlassian-bamboo-panel.yaml @@ -1,19 +1,19 @@ id: atlassian-bamboo-panel -info: - name: Atlassian Bamboo Login Panel - Detect - author: righettod - severity: info - description: | - Atlassian Bamboo login panel was detected. - reference: - - https://www.atlassian.com/software/bamboo - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"Bamboo" - tags: panel,bamboo,login,detect - +info: + name: Atlassian Bamboo Login Panel - Detect + author: righettod + severity: info + description: | + Atlassian Bamboo login panel was detected. + reference: + - https://www.atlassian.com/software/bamboo + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Bamboo" + tags: panel,bamboo,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/atlassian-crowd-panel.yaml b/http/exposed-panels/atlassian-crowd-panel.yaml index 8c8cb943522..2f9bafaca44 100644 --- a/http/exposed-panels/atlassian-crowd-panel.yaml +++ b/http/exposed-panels/atlassian-crowd-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: atlassian product: crowd - max-request: 1 category: sso tags: panel,atlassian diff --git a/http/exposed-panels/avantfax-panel.yaml b/http/exposed-panels/avantfax-panel.yaml index e128ec2c8f4..8c354171f74 100644 --- a/http/exposed-panels/avantfax-panel.yaml +++ b/http/exposed-panels/avantfax-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 1 vendor: avantfax product: avantfax - max-request: 1 shodan-query: http.title:"AvantFAX - Login" tags: panel,avantfax,login diff --git a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml index f262547af39..a96e9f17eec 100644 --- a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: avaya product: aura_communication_manager - max-request: 1 tags: panel,avaya http: diff --git a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml index ffd75ee2e5d..b7b845ef150 100644 --- a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: avaya product: aura_system_manager - max-request: 1 tags: panel,avaya http: diff --git a/http/exposed-panels/aviatrix-panel.yaml b/http/exposed-panels/aviatrix-panel.yaml index b9504de6ac6..800b1164269 100644 --- a/http/exposed-panels/aviatrix-panel.yaml +++ b/http/exposed-panels/aviatrix-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: aviatrix product: controller - max-request: 1 shodan-query: http.title:"Aviatrix Cloud Controller" tags: panel,aviatrix diff --git a/http/exposed-panels/avigilon-panel.yaml b/http/exposed-panels/avigilon-panel.yaml index 30710402426..72ff5b62b60 100644 --- a/http/exposed-panels/avigilon-panel.yaml +++ b/http/exposed-panels/avigilon-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: avigilon - product: avigilon_control_center verified: true max-request: 1 + vendor: avigilon + product: avigilon_control_center shodan-query: http.title:"Login - Avigilon Control Center" tags: panel,avigilon diff --git a/http/exposed-panels/aws-opensearch-login.yaml b/http/exposed-panels/aws-opensearch-login.yaml index 1fa3c732808..a8b961c37e7 100644 --- a/http/exposed-panels/aws-opensearch-login.yaml +++ b/http/exposed-panels/aws-opensearch-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: amazon product: opensearch - max-request: 1 tags: panel,opensearch,aws http: diff --git a/http/exposed-panels/axway-securetransport-panel.yaml b/http/exposed-panels/axway-securetransport-panel.yaml index d25c3bea730..a449a5cb5f8 100644 --- a/http/exposed-panels/axway-securetransport-panel.yaml +++ b/http/exposed-panels/axway-securetransport-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: axway - product: securetransport verified: true max-request: 1 + vendor: axway + product: securetransport shodan-query: http.title:"SecureTransport" || http.favicon.hash:1330269434 tags: panel,axway,securetransport diff --git a/http/exposed-panels/axway-securetransport-webclient.yaml b/http/exposed-panels/axway-securetransport-webclient.yaml index 83f4c948a3d..b82b24717e6 100644 --- a/http/exposed-panels/axway-securetransport-webclient.yaml +++ b/http/exposed-panels/axway-securetransport-webclient.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: axway - product: securetransport verified: true max-request: 1 + vendor: axway + product: securetransport google-query: intitle:"ST Web Client" tags: panel,axway,securetransport,webclient diff --git a/http/exposed-panels/axxon-client-panel.yaml b/http/exposed-panels/axxon-client-panel.yaml index 1e6e85fa37d..cdb85191036 100644 --- a/http/exposed-panels/axxon-client-panel.yaml +++ b/http/exposed-panels/axxon-client-panel.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: axxonsoft - product: axxon_next verified: true max-request: 1 + vendor: axxonsoft + product: axxon_next shodan-query: title:"Axxon Next client" tags: panel,axxon,vms,login,detect diff --git a/http/exposed-panels/bedita-panel.yaml b/http/exposed-panels/bedita-panel.yaml index 603fe6336c7..c1cd03a8dfa 100644 --- a/http/exposed-panels/bedita-panel.yaml +++ b/http/exposed-panels/bedita-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: bedita product: bedita - max-request: 1 shodan-query: http.title:"BEdita" tags: panel,bedita diff --git a/http/exposed-panels/beego-admin-dashboard.yaml b/http/exposed-panels/beego-admin-dashboard.yaml index dd26fee729f..be1ba309939 100644 --- a/http/exposed-panels/beego-admin-dashboard.yaml +++ b/http/exposed-panels/beego-admin-dashboard.yaml @@ -13,10 +13,10 @@ info: cvss-score: 5.3 cwe-id: CWE-200 metadata: - vendor: beego - product: beego verified: true max-request: 1 + vendor: beego + product: beego shodan-query: html:"Beego Admin Dashboard" tags: panel,beego,unauth diff --git a/http/exposed-panels/bigbluebutton-login.yaml b/http/exposed-panels/bigbluebutton-login.yaml index cffed04e75c..96d1907eee6 100644 --- a/http/exposed-panels/bigbluebutton-login.yaml +++ b/http/exposed-panels/bigbluebutton-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: bigbluebutton product: greenlight - max-request: 1 tags: panel,bigbluebutton http: diff --git a/http/exposed-panels/bigip-rest-panel.yaml b/http/exposed-panels/bigip-rest-panel.yaml index 687c5d0e327..2119e1e26b8 100644 --- a/http/exposed-panels/bigip-rest-panel.yaml +++ b/http/exposed-panels/bigip-rest-panel.yaml @@ -15,9 +15,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: f5 product: big-ip_access_policy_manager - max-request: 1 shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" tags: panel,bigip,f5 diff --git a/http/exposed-panels/bitdefender-gravityzone.yaml b/http/exposed-panels/bitdefender-gravityzone.yaml index 90dd5fa120e..7b960dd346a 100644 --- a/http/exposed-panels/bitdefender-gravityzone.yaml +++ b/http/exposed-panels/bitdefender-gravityzone.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: bitdefender - product: gravityzone verified: true max-request: 1 + vendor: bitdefender + product: gravityzone shodan-query: title:"Bitdefender GravityZone" tags: panel,bitdefender diff --git a/http/exposed-panels/bitrix-panel.yaml b/http/exposed-panels/bitrix-panel.yaml index 1ae8ac9bbef..5a5e639306c 100644 --- a/http/exposed-panels/bitrix-panel.yaml +++ b/http/exposed-panels/bitrix-panel.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: bitrix product: bitrix24 - max-request: 1 tags: panel,bitrix,login http: diff --git a/http/exposed-panels/bitwarden-vault-panel.yaml b/http/exposed-panels/bitwarden-vault-panel.yaml index 0e4c3de03e4..90f48aac843 100644 --- a/http/exposed-panels/bitwarden-vault-panel.yaml +++ b/http/exposed-panels/bitwarden-vault-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://bitwarden.com/?utm_source=google&utm_medium=cpc&utm_campaign=AW_ALL_NU_CL_Bitwarden_en_GSN_DTMB_Brand-Login_KW:Brand-Login_Consolidated&utm_content=646427936792&utm_term=bitwarden%20vault%20login|kwd-826827349840&hsa_acc=2567950947&hsa_cam=19621984700&hsa_grp=145977914135&hsa_ad=646427936792&hsa_src=g&hsa_tgt=kwd-826827349840&hsa_kw=bitwarden%20vault%20login&hsa_mt=e&hsa_net=adwords&hsa_ver=3&gad=1&gclid=Cj0KCQjwpompBhDZARIsAFD_Fp-07Mni-xzuKd5Ewi6I7qzRTdZOYSxMsMVvKVWhGm5qg2KUiY2Z7SQaAvSIEALw_wcB metadata: - vendor: bitwarden - product: bitwarden verified: true max-request: 1 + vendor: bitwarden + product: bitwarden shodan-query: title:"Bitwarden Web Vault" tags: panel,bitwarden,vault,detect diff --git a/http/exposed-panels/bloofoxcms-login-panel.yaml b/http/exposed-panels/bloofoxcms-login-panel.yaml index 22a9f60b963..6b9e08af7ec 100644 --- a/http/exposed-panels/bloofoxcms-login-panel.yaml +++ b/http/exposed-panels/bloofoxcms-login-panel.yaml @@ -5,10 +5,10 @@ info: author: theamanrawat severity: info metadata: - vendor: bloofox - product: bloofoxcms verified: "true" max-request: 2 + vendor: bloofox + product: bloofoxcms fofa-query: "Powered by bloofoxCMS" tags: panel,bloofox,cms diff --git a/http/exposed-panels/bolt-cms-panel.yaml b/http/exposed-panels/bolt-cms-panel.yaml index f2ecfa6f811..ab4e1f73327 100644 --- a/http/exposed-panels/bolt-cms-panel.yaml +++ b/http/exposed-panels/bolt-cms-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: boltcms product: bolt - max-request: 1 tags: panel,bolt,cms,login http: diff --git a/http/exposed-panels/bookstack-panel.yaml b/http/exposed-panels/bookstack-panel.yaml index c497271490d..5fdd4a9eefc 100644 --- a/http/exposed-panels/bookstack-panel.yaml +++ b/http/exposed-panels/bookstack-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: bookstackapp product: bookstack - max-request: 1 shodan-query: http.title:"BookStack" tags: panel,bookstack diff --git a/http/exposed-panels/buildbot-panel.yaml b/http/exposed-panels/buildbot-panel.yaml index c5ed43ff38c..f6e74891bb2 100644 --- a/http/exposed-panels/buildbot-panel.yaml +++ b/http/exposed-panels/buildbot-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: buildbot - product: buildbot verified: true max-request: 1 + vendor: buildbot + product: buildbot shodan-query: http.title:"BuildBot" tags: panel,buildbot,cicd diff --git a/http/exposed-panels/bynder-panel.yaml b/http/exposed-panels/bynder-panel.yaml index 5dcf0acbeab..08dde7db71a 100644 --- a/http/exposed-panels/bynder-panel.yaml +++ b/http/exposed-panels/bynder-panel.yaml @@ -1,19 +1,19 @@ id: bynder-panel -info: - name: Bynder Login Panel - Detect - author: righettod - severity: info - description: | - Bynder login panel was detected. - reference: - - https://www.bynder.com/en/ - metadata: - max-request: 1 - verified: true - shodan-query: http.favicon.hash:1017650009 - tags: panel,bynder,login,detect - +info: + name: Bynder Login Panel - Detect + author: righettod + severity: info + description: | + Bynder login panel was detected. + reference: + - https://www.bynder.com/en/ + metadata: + verified: true + max-request: 1 + shodan-query: http.favicon.hash:1017650009 + tags: panel,bynder,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/cacti-panel.yaml b/http/exposed-panels/cacti-panel.yaml index 0c1b92c1381..236ecc323f6 100644 --- a/http/exposed-panels/cacti-panel.yaml +++ b/http/exposed-panels/cacti-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: cacti product: cacti - max-request: 2 tags: tech,cacti,login,panel http: diff --git a/http/exposed-panels/cas-login.yaml b/http/exposed-panels/cas-login.yaml index 81c5ddfa7c7..eaaafdb327e 100644 --- a/http/exposed-panels/cas-login.yaml +++ b/http/exposed-panels/cas-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apereo product: central_authentication_service - max-request: 1 shodan-query: http.title:'CAS - Central Authentication Service' github: https://github.com/apereo/cas tags: apereo,cas,panel,login diff --git a/http/exposed-panels/casdoor-login.yaml b/http/exposed-panels/casdoor-login.yaml index 3d50c1583ad..6d2532b18ac 100644 --- a/http/exposed-panels/casdoor-login.yaml +++ b/http/exposed-panels/casdoor-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: casbin product: casdoor - max-request: 1 shodan-query: http.title:"Casdoor" tags: panel,casdoor diff --git a/http/exposed-panels/centreon-panel.yaml b/http/exposed-panels/centreon-panel.yaml index 4ba8100de75..b4768973c8a 100644 --- a/http/exposed-panels/centreon-panel.yaml +++ b/http/exposed-panels/centreon-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: centreon product: centreon_web - max-request: 1 shodan-query: http.title:"Centreon" tags: panel,centreon,login diff --git a/http/exposed-panels/checkmk/checkmk-login.yaml b/http/exposed-panels/checkmk/checkmk-login.yaml index 965f95e586d..a6cce9db4aa 100644 --- a/http/exposed-panels/checkmk/checkmk-login.yaml +++ b/http/exposed-panels/checkmk/checkmk-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: tribe29 product: checkmk - max-request: 1 tags: login,tech,synology,rackstation,panel http: diff --git a/http/exposed-panels/checkpoint/ssl-network-extender.yaml b/http/exposed-panels/checkpoint/ssl-network-extender.yaml index 6934c2eb60a..28367a77ee2 100644 --- a/http/exposed-panels/checkpoint/ssl-network-extender.yaml +++ b/http/exposed-panels/checkpoint/ssl-network-extender.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: checkpoint product: ssl_network_extender - max-request: 1 shodan-query: http.title:"Check Point SSL Network Extender" google-query: intitle:"SSL Network Extender Login" tags: panel,checkpoint,router diff --git a/http/exposed-panels/cisco-unity-panel.yaml b/http/exposed-panels/cisco-unity-panel.yaml index 807681556c7..395ad8b37e0 100644 --- a/http/exposed-panels/cisco-unity-panel.yaml +++ b/http/exposed-panels/cisco-unity-panel.yaml @@ -7,9 +7,9 @@ info: description: | A Cisco Unity Connection instance was detected. metadata: - shodan-query: "html:\"Cisco Unity Connection\"" - max-request: 2 verified: true + max-request: 2 + shodan-query: "html:\"Cisco Unity Connection\"" tags: panel,cisco,unity,login,detect http: diff --git a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml index cc3991bc321..5e4092b756f 100644 --- a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml +++ b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: anyconnect_secure_mobility_client - max-request: 1 tags: cisco,panel,vpn http: diff --git a/http/exposed-panels/cisco/cisco-asa-panel.yaml b/http/exposed-panels/cisco/cisco-asa-panel.yaml index faa64d84caf..8b5defd0383 100644 --- a/http/exposed-panels/cisco/cisco-asa-panel.yaml +++ b/http/exposed-panels/cisco/cisco-asa-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: adaptive_security_appliance_software - max-request: 1 tags: cisco,panel http: diff --git a/http/exposed-panels/cisco/cisco-edge-340.yaml b/http/exposed-panels/cisco/cisco-edge-340.yaml index c054bd6485f..122ace2f6aa 100644 --- a/http/exposed-panels/cisco/cisco-edge-340.yaml +++ b/http/exposed-panels/cisco/cisco-edge-340.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: edge_340_firmware - max-request: 1 shodan-query: http.title:"Cisco Edge 340" tags: panel,cisco diff --git a/http/exposed-panels/cisco/cisco-expressway-panel.yaml b/http/exposed-panels/cisco/cisco-expressway-panel.yaml index 7dd5c5eed50..83cca7bff5a 100644 --- a/http/exposed-panels/cisco/cisco-expressway-panel.yaml +++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml @@ -1,19 +1,19 @@ id: cisco-expressway-panel -info: - name: CISCO Expressway Login Panel - Detect - author: righettod - severity: info - description: | - CISCO Expressway login panel was detected. - reference: - - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html - metadata: - verified: true - max-request: 1 - shodan-query: html:"Cisco Expressway" - tags: panel,cisco,login,detect - +info: + name: CISCO Expressway Login Panel - Detect + author: righettod + severity: info + description: | + CISCO Expressway login panel was detected. + reference: + - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html + metadata: + verified: true + max-request: 1 + shodan-query: html:"Cisco Expressway" + tags: panel,cisco,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/cisco/cisco-finesse-login.yaml b/http/exposed-panels/cisco/cisco-finesse-login.yaml index 04725582885..f7816cf0677 100644 --- a/http/exposed-panels/cisco/cisco-finesse-login.yaml +++ b/http/exposed-panels/cisco/cisco-finesse-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: finesse - max-request: 1 tags: panel,cisco,edb http: diff --git a/http/exposed-panels/cisco/cisco-integrated-login.yaml b/http/exposed-panels/cisco/cisco-integrated-login.yaml index ffb28819b54..009c6338390 100644 --- a/http/exposed-panels/cisco/cisco-integrated-login.yaml +++ b/http/exposed-panels/cisco/cisco-integrated-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: integrated_management_controller - max-request: 1 tags: panel,cisco,edb http: diff --git a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml index 676bdcd0a05..80d543dadd9 100644 --- a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml +++ b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: cisco - product: ios_xe verified: "true" max-request: 2 + vendor: cisco + product: ios_xe shodan-query: http.html_hash:1076109428 tags: panel,cisco ssl: diff --git a/http/exposed-panels/cisco/cisco-onprem-panel.yaml b/http/exposed-panels/cisco/cisco-onprem-panel.yaml index 6b850bf1927..9db31590a21 100644 --- a/http/exposed-panels/cisco/cisco-onprem-panel.yaml +++ b/http/exposed-panels/cisco/cisco-onprem-panel.yaml @@ -10,10 +10,10 @@ info: - https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/smart-software-manager-satellite/datasheet-c78-734539.html - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-sql-X9MmjSYh metadata: - vendor: cisco - product: smart_software_manager_on-prem verified: true max-request: 2 + vendor: cisco + product: smart_software_manager_on-prem shodan-query: title:"On-Prem License Workspace" fofa-query: title="On-Prem License Workspace" tags: cisco,manager,login,panel diff --git a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml index a0e53f8f730..73cacea8350 100644 --- a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml +++ b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml @@ -11,9 +11,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: prime_infrastructure - max-request: 1 shodan-query: http.title:"prime infrastructure" tags: panel,cisco diff --git a/http/exposed-panels/cisco/cisco-sd-wan.yaml b/http/exposed-panels/cisco/cisco-sd-wan.yaml index 261be1dab7c..5728d3b1eec 100644 --- a/http/exposed-panels/cisco/cisco-sd-wan.yaml +++ b/http/exposed-panels/cisco/cisco-sd-wan.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: sd-wan - max-request: 1 tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-secure-desktop.yaml b/http/exposed-panels/cisco/cisco-secure-desktop.yaml index b4400605e05..de69815cc87 100644 --- a/http/exposed-panels/cisco/cisco-secure-desktop.yaml +++ b/http/exposed-panels/cisco/cisco-secure-desktop.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: secure_desktop - max-request: 1 tags: cisco,panel http: diff --git a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml index 0509b7a5c07..d8a4ec5e51d 100644 --- a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml +++ b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: unified_computing_system - max-request: 1 shodan-query: http.title:"Cisco UCS KVM Direct" tags: panel,cisco,ucs,kvm diff --git a/http/exposed-panels/citrix-adc-gateway-detect.yaml b/http/exposed-panels/citrix-adc-gateway-detect.yaml index 119c760ce2f..bd8931492c2 100644 --- a/http/exposed-panels/citrix-adc-gateway-detect.yaml +++ b/http/exposed-panels/citrix-adc-gateway-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: citrix product: gateway - max-request: 2 tags: panel,citrix http: diff --git a/http/exposed-panels/citrix-vpn-detect.yaml b/http/exposed-panels/citrix-vpn-detect.yaml index 9b5b105a274..fb92ef95712 100644 --- a/http/exposed-panels/citrix-vpn-detect.yaml +++ b/http/exposed-panels/citrix-vpn-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: gateway - max-request: 1 tags: panel,citrix http: diff --git a/http/exposed-panels/cleanweb-panel.yaml b/http/exposed-panels/cleanweb-panel.yaml index 7b885b195b8..df132d01c5f 100644 --- a/http/exposed-panels/cleanweb-panel.yaml +++ b/http/exposed-panels/cleanweb-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://tentelemed.com/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"CleanWeb" tags: panel,cleanweb,login,detect diff --git a/http/exposed-panels/clearpass-policy-manager.yaml b/http/exposed-panels/clearpass-policy-manager.yaml index 3413cf6daad..3ca2e321cdd 100644 --- a/http/exposed-panels/clearpass-policy-manager.yaml +++ b/http/exposed-panels/clearpass-policy-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: arubanetworks product: clearpass_policy_manager - max-request: 1 shodan-query: http.title:"ClearPass Policy Manager" tags: panel,aruba diff --git a/http/exposed-panels/cloudpanel-login.yaml b/http/exposed-panels/cloudpanel-login.yaml index 965657438bf..0d1a23e5df9 100644 --- a/http/exposed-panels/cloudpanel-login.yaml +++ b/http/exposed-panels/cloudpanel-login.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDk severity: info metadata: - vendor: mgt-commerce - product: cloudpanel verified: true max-request: 1 + vendor: mgt-commerce + product: cloudpanel shodan-query: http.favicon.hash:151132309 fofa-query: icon_hash="151132309" tags: panel,login,cloudpanel,detect diff --git a/http/exposed-panels/cobbler-webgui.yaml b/http/exposed-panels/cobbler-webgui.yaml index baeb118d37a..502d24ec751 100644 --- a/http/exposed-panels/cobbler-webgui.yaml +++ b/http/exposed-panels/cobbler-webgui.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cobblerd product: cobbler - max-request: 1 shodan-query: http.title:"Cobbler Web Interface" tags: cobbler,webserver,panel diff --git a/http/exposed-panels/code-server-login.yaml b/http/exposed-panels/code-server-login.yaml index f965e61720d..9e0cbf0f886 100644 --- a/http/exposed-panels/code-server-login.yaml +++ b/http/exposed-panels/code-server-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: coder - product: code-server verified: true max-request: 1 + vendor: coder + product: code-server shodan-query: http.title:"code-server login" tags: panel,detect,misc diff --git a/http/exposed-panels/code42-panel.yaml b/http/exposed-panels/code42-panel.yaml index 58070beb665..b40bd61dd38 100644 --- a/http/exposed-panels/code42-panel.yaml +++ b/http/exposed-panels/code42-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: code42 product: code42 - max-request: 1 tags: panel,code42 http: diff --git a/http/exposed-panels/codemeter-webadmin-panel.yaml b/http/exposed-panels/codemeter-webadmin-panel.yaml index c7fd8afb1e2..c7b4adaf294 100644 --- a/http/exposed-panels/codemeter-webadmin-panel.yaml +++ b/http/exposed-panels/codemeter-webadmin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 1 vendor: wibu product: codemeter - max-request: 1 tags: codemeter,webadmin,panel http: diff --git a/http/exposed-panels/coldfusion-administrator-login.yaml b/http/exposed-panels/coldfusion-administrator-login.yaml index 34c1c472174..00499f98857 100644 --- a/http/exposed-panels/coldfusion-administrator-login.yaml +++ b/http/exposed-panels/coldfusion-administrator-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: coldfusion - max-request: 1 shodan-query: http.title:"ColdFusion Administrator Login" tags: panel,coldfusion,adobe diff --git a/http/exposed-panels/compal-panel.yaml b/http/exposed-panels/compal-panel.yaml index da24dedcf00..cc63f55471f 100644 --- a/http/exposed-panels/compal-panel.yaml +++ b/http/exposed-panels/compal-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: compal product: ch7465lg_firmware - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/concrete5/concrete5-install.yaml b/http/exposed-panels/concrete5/concrete5-install.yaml index 790f6a0047e..a1d679f24f5 100644 --- a/http/exposed-panels/concrete5/concrete5-install.yaml +++ b/http/exposed-panels/concrete5/concrete5-install.yaml @@ -8,10 +8,10 @@ info: reference: - https://documentation.concretecms.org/developers/introduction/installing-concrete-cms metadata: - vendor: concrete5 - product: concrete5 verified: true max-request: 2 + vendor: concrete5 + product: concrete5 shodan-query: http.title:"Install concrete5" tags: panel,install,concrete,cms diff --git a/http/exposed-panels/concrete5/concrete5-panel.yaml b/http/exposed-panels/concrete5/concrete5-panel.yaml index c4607ba9f9d..c2cc91be245 100644 --- a/http/exposed-panels/concrete5/concrete5-panel.yaml +++ b/http/exposed-panels/concrete5/concrete5-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: concrete5 product: concrete5 - max-request: 1 shodan-query: http.title:"concrete5" tags: panel,concrete5,cms diff --git a/http/exposed-panels/connect-box-login.yaml b/http/exposed-panels/connect-box-login.yaml index 3d3d0d5bbfd..1c3e540d26f 100644 --- a/http/exposed-panels/connect-box-login.yaml +++ b/http/exposed-panels/connect-box-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: upc - product: connect_box_eurodocsis_firmware verified: true max-request: 1 + vendor: upc + product: connect_box_eurodocsis_firmware shodan-query: 'NET-DK/1.0' tags: panel,connectbox,iot diff --git a/http/exposed-panels/contao-login-panel.yaml b/http/exposed-panels/contao-login-panel.yaml index d844c97d2df..df2e1392a70 100644 --- a/http/exposed-panels/contao-login-panel.yaml +++ b/http/exposed-panels/contao-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: contao - product: contao verified: true max-request: 1 + vendor: contao + product: contao shodan-query: http.html:"Contao Open Source CMS" tags: panel,contao diff --git a/http/exposed-panels/corebos-panel.yaml b/http/exposed-panels/corebos-panel.yaml index f446077572c..f38fa3ef82d 100644 --- a/http/exposed-panels/corebos-panel.yaml +++ b/http/exposed-panels/corebos-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: corebos - product: corebos verified: true max-request: 1 + vendor: corebos + product: corebos shodan-query: http.html:"corebos" tags: panel,corebos diff --git a/http/exposed-panels/cortex-xsoar-login.yaml b/http/exposed-panels/cortex-xsoar-login.yaml index ff5b8a3ee50..edcdab5c12b 100644 --- a/http/exposed-panels/cortex-xsoar-login.yaml +++ b/http/exposed-panels/cortex-xsoar-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: paloaltonetworks product: cortex_xsoar - max-request: 1 shodan-query: http.title:"Cortex XSOAR" tags: panel,soar,login diff --git a/http/exposed-panels/couchdb-exposure.yaml b/http/exposed-panels/couchdb-exposure.yaml index 706f7c881ea..3d88603683e 100644 --- a/http/exposed-panels/couchdb-exposure.yaml +++ b/http/exposed-panels/couchdb-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: couchdb - max-request: 1 tags: panel,couchdb http: diff --git a/http/exposed-panels/couchdb-fauxton.yaml b/http/exposed-panels/couchdb-fauxton.yaml index 30761dec0a4..5c6d6078fa9 100644 --- a/http/exposed-panels/couchdb-fauxton.yaml +++ b/http/exposed-panels/couchdb-fauxton.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: couchdb - max-request: 1 tags: panel,apache,couchdb http: diff --git a/http/exposed-panels/cpanel-api-codes.yaml b/http/exposed-panels/cpanel-api-codes.yaml index e85b47462e8..6673c6be306 100644 --- a/http/exposed-panels/cpanel-api-codes.yaml +++ b/http/exposed-panels/cpanel-api-codes.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: cpanel - product: cpanel verified: true max-request: 1 + vendor: cpanel + product: cpanel shodan-query: title:"CPanel - API Codes" tags: panel,cpanel diff --git a/http/exposed-panels/craftcms-admin-panel.yaml b/http/exposed-panels/craftcms-admin-panel.yaml index 244b880e84b..cea0a19dada 100644 --- a/http/exposed-panels/craftcms-admin-panel.yaml +++ b/http/exposed-panels/craftcms-admin-panel.yaml @@ -11,9 +11,9 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - shodan-query: 'X-Powered-By: Craft CMS' vendor: nystudio107 product: seomatic + shodan-query: 'X-Powered-By: Craft CMS' tags: panel,craftcms http: diff --git a/http/exposed-panels/crush-ftp-login.yaml b/http/exposed-panels/crush-ftp-login.yaml index 3829c2fc360..df8a9bc6ef9 100644 --- a/http/exposed-panels/crush-ftp-login.yaml +++ b/http/exposed-panels/crush-ftp-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: crushftp - product: crushftp verified: true max-request: 1 + vendor: crushftp + product: crushftp tags: panel,edb,crushftp,detect http: diff --git a/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml b/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml index 4cf892b89e3..5c59d9fdd5d 100644 --- a/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml +++ b/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sophos product: cyberoam - max-request: 1 shodan-query: title:"Cyberoam SSL VPN Portal" google-query: intitle:"Cyberoam SSL VPN Portal" tags: panel,cyberoam,vpn diff --git a/http/exposed-panels/dahua-web-panel.yaml b/http/exposed-panels/dahua-web-panel.yaml index ff0240d33d5..dbf987357aa 100644 --- a/http/exposed-panels/dahua-web-panel.yaml +++ b/http/exposed-panels/dahua-web-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:1653394551 - tags: edb,panel,dahua,panel,detect + tags: edb,panel,dahua,detect http: - method: GET diff --git a/http/exposed-panels/darktrace-threat-visualizer.yaml b/http/exposed-panels/darktrace-threat-visualizer.yaml index 0f3b36231ec..f939fb0bc6a 100644 --- a/http/exposed-panels/darktrace-threat-visualizer.yaml +++ b/http/exposed-panels/darktrace-threat-visualizer.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: darktrace - product: threat_visualizer verified: true max-request: 1 + vendor: darktrace + product: threat_visualizer shodan-query: html:"Darktrace Threat Visualizer" tags: panel,darktrace diff --git a/http/exposed-panels/dashy-panel.yaml b/http/exposed-panels/dashy-panel.yaml index 96f8923f4a4..942705cfc18 100644 --- a/http/exposed-panels/dashy-panel.yaml +++ b/http/exposed-panels/dashy-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://dashy.to/ metadata: - vendor: dashy - product: dashy verified: true max-request: 1 + vendor: dashy + product: dashy shodan-query: http.favicon.hash:-1013024216 tags: panel,dashy,detect diff --git a/http/exposed-panels/dataease-panel.yaml b/http/exposed-panels/dataease-panel.yaml index e3d22f75256..d40d08046b0 100644 --- a/http/exposed-panels/dataease-panel.yaml +++ b/http/exposed-panels/dataease-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/dataease/dataease metadata: - vendor: dataease - product: dataease verified: true max-request: 1 + vendor: dataease + product: dataease shodan-query: html:"Dataease" tags: login,panel,dataease diff --git a/http/exposed-panels/daybyday-panel.yaml b/http/exposed-panels/daybyday-panel.yaml index f8c79486c54..d0907786406 100644 --- a/http/exposed-panels/daybyday-panel.yaml +++ b/http/exposed-panels/daybyday-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: daybydaycrm product: daybyday - max-request: 1 shodan-query: http.title:"Daybyday" tags: panel,daybyday diff --git a/http/exposed-panels/dell-wyse-login.yaml b/http/exposed-panels/dell-wyse-login.yaml index 593ef7c7332..5af00888d34 100644 --- a/http/exposed-panels/dell-wyse-login.yaml +++ b/http/exposed-panels/dell-wyse-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: dell product: wyse_management_suite - max-request: 1 tags: panel,dell,login http: diff --git a/http/exposed-panels/deluge-webui-panel.yaml b/http/exposed-panels/deluge-webui-panel.yaml index cba0ea7c3df..1ca006fd12f 100644 --- a/http/exposed-panels/deluge-webui-panel.yaml +++ b/http/exposed-panels/deluge-webui-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: deluge-torrent - product: deluge verified: true max-request: 1 + vendor: deluge-torrent + product: deluge shodan-query: title:"Deluge WebUI" tags: panel,deluge diff --git a/http/exposed-panels/digitalrebar-login.yaml b/http/exposed-panels/digitalrebar-login.yaml index 8b82952a334..077962eeabc 100644 --- a/http/exposed-panels/digitalrebar-login.yaml +++ b/http/exposed-panels/digitalrebar-login.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: rackn product: digital_rebar - max-request: 2 tags: rackn,digitalrebar,panel http: diff --git a/http/exposed-panels/directadmin-login-panel.yaml b/http/exposed-panels/directadmin-login-panel.yaml index cea4c0e5608..58c2654eab7 100644 --- a/http/exposed-panels/directadmin-login-panel.yaml +++ b/http/exposed-panels/directadmin-login-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: directadmin product: directadmin - max-request: 1 shodan-query: title:"DirectAdmin Login" tags: panel,directadmin diff --git a/http/exposed-panels/django-admin-panel.yaml b/http/exposed-panels/django-admin-panel.yaml index a760c2e53ae..8b68445f654 100644 --- a/http/exposed-panels/django-admin-panel.yaml +++ b/http/exposed-panels/django-admin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: djangoproject product: django - max-request: 1 tags: panel,django,python http: diff --git a/http/exposed-panels/dokuwiki-panel.yaml b/http/exposed-panels/dokuwiki-panel.yaml index 77ccd87fe94..0d5fc93c02a 100644 --- a/http/exposed-panels/dokuwiki-panel.yaml +++ b/http/exposed-panels/dokuwiki-panel.yaml @@ -5,12 +5,12 @@ info: author: righettod severity: info description: | - Dokuwiki login panel was detected. + Dokuwiki login panel was detected. reference: - https://www.dokuwiki.org/dokuwiki metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.html:"/dokuwiki/" tags: panel,dokuwiki,login diff --git a/http/exposed-panels/dotclear-panel.yaml b/http/exposed-panels/dotclear-panel.yaml index 884582dcea3..df2a8335060 100644 --- a/http/exposed-panels/dotclear-panel.yaml +++ b/http/exposed-panels/dotclear-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: dotclear product: dotclear - max-request: 2 shodan-query: http.title:"Dotclear" tags: panel,dotclear diff --git a/http/exposed-panels/dotcms-admin-panel.yaml b/http/exposed-panels/dotcms-admin-panel.yaml index add829ab5a1..190bc14ff03 100644 --- a/http/exposed-panels/dotcms-admin-panel.yaml +++ b/http/exposed-panels/dotcms-admin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: dotcms product: dotcms - max-request: 1 tags: panel,dotcms,cms http: diff --git a/http/exposed-panels/drawio-flowchartmaker-panel.yaml b/http/exposed-panels/drawio-flowchartmaker-panel.yaml index ff7b927c550..844d157665a 100644 --- a/http/exposed-panels/drawio-flowchartmaker-panel.yaml +++ b/http/exposed-panels/drawio-flowchartmaker-panel.yaml @@ -14,9 +14,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: http.title:"Flowchart Maker" vendor: diagrams product: drawio + shodan-query: http.title:"Flowchart Maker" tags: panel,drawio,oss http: diff --git a/http/exposed-panels/druid-console-exposure.yaml b/http/exposed-panels/druid-console-exposure.yaml index 7a438fa2cea..3118ae9d8a5 100644 --- a/http/exposed-panels/druid-console-exposure.yaml +++ b/http/exposed-panels/druid-console-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: alibaba product: druid - max-request: 1 tags: panel,alibaba,druid http: diff --git a/http/exposed-panels/druid-panel.yaml b/http/exposed-panels/druid-panel.yaml index aa55750ceb0..1e76cce2277 100644 --- a/http/exposed-panels/druid-panel.yaml +++ b/http/exposed-panels/druid-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: druid - max-request: 1 tags: panel,druid http: diff --git a/http/exposed-panels/drupal-login.yaml b/http/exposed-panels/drupal-login.yaml index 56a18479ff9..962098ecb13 100644 --- a/http/exposed-panels/drupal-login.yaml +++ b/http/exposed-panels/drupal-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: drupal product: drupal - max-request: 2 shodan-query: http.component:"drupal" tags: panel,drupal diff --git a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml index 0f3ec02e336..a4bb5053039 100644 --- a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml +++ b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml @@ -10,10 +10,10 @@ info: cvss-score: 7.5 cwe-id: CWE-200 metadata: - vendor: dzzoffice - product: dzzoffice verified: true max-request: 1 + vendor: dzzoffice + product: dzzoffice shodan-query: http.favicon.hash:-1961736892 fofa-query: title="dzzoffice" tags: panel,dzzoffice,install diff --git a/http/exposed-panels/eMerge-panel.yaml b/http/exposed-panels/eMerge-panel.yaml index f7361f4e1f0..6b1a7cac972 100644 --- a/http/exposed-panels/eMerge-panel.yaml +++ b/http/exposed-panels/eMerge-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nortekcontrol - product: linear_emerge_essential_firmware verified: true max-request: 1 + vendor: nortekcontrol + product: linear_emerge_essential_firmware shodan-query: http.title:"eMerge" tags: panel,emerge,nortek diff --git a/http/exposed-panels/easyjob-panel.yaml b/http/exposed-panels/easyjob-panel.yaml index 57e745f4967..cab346c730a 100644 --- a/http/exposed-panels/easyjob-panel.yaml +++ b/http/exposed-panels/easyjob-panel.yaml @@ -10,8 +10,8 @@ info: - https://www.en.because-software.com/software/easyjob/ metadata: verified: true - shodan-query: "http.title:\"Log in - easyJOB\"" max-request: 1 + shodan-query: "http.title:\"Log in - easyJOB\"" tags: panel,easyjob,login http: diff --git a/http/exposed-panels/edgeos-login.yaml b/http/exposed-panels/edgeos-login.yaml index da3f7fc1985..03378f8e1a5 100644 --- a/http/exposed-panels/edgeos-login.yaml +++ b/http/exposed-panels/edgeos-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ui product: edgeos - max-request: 1 tags: login,tech,edgeos,edgemax,panel http: diff --git a/http/exposed-panels/emby-panel.yaml b/http/exposed-panels/emby-panel.yaml index 00f08635248..5894ac5a7c1 100644 --- a/http/exposed-panels/emby-panel.yaml +++ b/http/exposed-panels/emby-panel.yaml @@ -14,10 +14,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: emby - product: emby verified: true max-request: 1 + vendor: emby + product: emby shodan-query: http.title:"emby" tags: panel,emby,oss diff --git a/http/exposed-panels/emqx-panel.yaml b/http/exposed-panels/emqx-panel.yaml index 9763a7926a1..4218769a628 100644 --- a/http/exposed-panels/emqx-panel.yaml +++ b/http/exposed-panels/emqx-panel.yaml @@ -1,19 +1,19 @@ id: emqx-panel -info: - name: EMQX Login Panel - Detect - author: righettod - severity: info - description: | - EMQX login panel was detected. - reference: - - https://www.emqx.io/ - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"EMQX Dashboard" - tags: panel,emqx,login,detect - +info: + name: EMQX Login Panel - Detect + author: righettod + severity: info + description: | + EMQX login panel was detected. + reference: + - https://www.emqx.io/ + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"EMQX Dashboard" + tags: panel,emqx,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/eset-protect-panel.yaml b/http/exposed-panels/eset-protect-panel.yaml index 17752c45f3e..e72c3916b5a 100644 --- a/http/exposed-panels/eset-protect-panel.yaml +++ b/http/exposed-panels/eset-protect-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:751911084 tags: login,eset,panel,detect diff --git a/http/exposed-panels/esphome-panel.yaml b/http/exposed-panels/esphome-panel.yaml index b426986b082..0fce1b0fe17 100644 --- a/http/exposed-panels/esphome-panel.yaml +++ b/http/exposed-panels/esphome-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: esphome - product: esphome verified: true max-request: 1 + vendor: esphome + product: esphome shodan-query: title:"Login - ESPHome" tags: panel,esphome,iot diff --git a/http/exposed-panels/esxi-system.yaml b/http/exposed-panels/esxi-system.yaml index 117aec83add..b8d146f86dc 100644 --- a/http/exposed-panels/esxi-system.yaml +++ b/http/exposed-panels/esxi-system.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: vmware product: esxi - max-request: 1 shodan-query: html:"esxUiApp" tags: panel,esxi diff --git a/http/exposed-panels/eventum-panel.yaml b/http/exposed-panels/eventum-panel.yaml index 391c67f62c0..f104a80b1fa 100644 --- a/http/exposed-panels/eventum-panel.yaml +++ b/http/exposed-panels/eventum-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mysql - product: eventum verified: true max-request: 1 + vendor: mysql + product: eventum shodan-query: http.favicon.hash:305412257 tags: panel,eventum diff --git a/http/exposed-panels/evlink/evse-web-panel.yaml b/http/exposed-panels/evlink/evse-web-panel.yaml index 5a71ae6a557..2c25b4ba57b 100644 --- a/http/exposed-panels/evlink/evse-web-panel.yaml +++ b/http/exposed-panels/evlink/evse-web-panel.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: info metadata: - vendor: schneider-electric - product: evlink_charging_station_firmware verified: true max-request: 2 + vendor: schneider-electric + product: evlink_charging_station_firmware shodan-query: title:"EVSE Web Interface" fofa-query: title="EVSE Web Interface" tags: panel,evlink,evse,login,detect diff --git a/http/exposed-panels/exagrid-manager-panel.yaml b/http/exposed-panels/exagrid-manager-panel.yaml index 96aec4e2bad..e2085e6e0c0 100644 --- a/http/exposed-panels/exagrid-manager-panel.yaml +++ b/http/exposed-panels/exagrid-manager-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: exagrid - product: backup_appliance verified: true max-request: 1 + vendor: exagrid + product: backup_appliance shodan-query: title:"ExaGrid Manager" tags: exagrid,manager,login,panel diff --git a/http/exposed-panels/extron-cms-panel.yaml b/http/exposed-panels/extron-cms-panel.yaml index 974c62a4305..684411a8e04 100644 --- a/http/exposed-panels/extron-cms-panel.yaml +++ b/http/exposed-panels/extron-cms-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ektron - product: ektron_content_management_system verified: true max-request: 1 + vendor: ektron + product: ektron_content_management_system shodan-query: http.html:"Ektron" fofa-query: app="Ektron-CMS" tags: panel,ektron,cms diff --git a/http/exposed-panels/f-secure-policy-manager.yaml b/http/exposed-panels/f-secure-policy-manager.yaml index 6748ddde21c..445f890a277 100644 --- a/http/exposed-panels/f-secure-policy-manager.yaml +++ b/http/exposed-panels/f-secure-policy-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: withsecure product: f-secure_policy_manager - max-request: 1 shodan-query: http.title:"F-Secure Policy Manager Server" tags: login,panel diff --git a/http/exposed-panels/filebrowser-login-panel.yaml b/http/exposed-panels/filebrowser-login-panel.yaml index d4b5cd986f7..7f1e18fd329 100644 --- a/http/exposed-panels/filebrowser-login-panel.yaml +++ b/http/exposed-panels/filebrowser-login-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://filebrowser.org/ metadata: - vendor: filebrowser - product: filebrowser verified: true max-request: 3 + vendor: filebrowser + product: filebrowser shodan-query: http.favicon.hash:1052926265 tags: panel,filebrowser,detect diff --git a/http/exposed-panels/fiori-launchpad.yaml b/http/exposed-panels/fiori-launchpad.yaml index 104c60a39e9..2c84c03072d 100644 --- a/http/exposed-panels/fiori-launchpad.yaml +++ b/http/exposed-panels/fiori-launchpad.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sap - product: fiori_launchpad verified: true max-request: 1 + vendor: sap + product: fiori_launchpad google-query: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com tags: sap,fiori,edb,panel diff --git a/http/exposed-panels/fiorilaunchpad-logon.yaml b/http/exposed-panels/fiorilaunchpad-logon.yaml index 95256752110..cd81fb42b54 100644 --- a/http/exposed-panels/fiorilaunchpad-logon.yaml +++ b/http/exposed-panels/fiorilaunchpad-logon.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sap product: fiori_launchpad - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/fireware-xtm-user-authentication.yaml b/http/exposed-panels/fireware-xtm-user-authentication.yaml index dbe9fc2b3ba..ad8862cf855 100644 --- a/http/exposed-panels/fireware-xtm-user-authentication.yaml +++ b/http/exposed-panels/fireware-xtm-user-authentication.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: watchguard product: fireware_xtm - max-request: 1 shodan-query: http.title:"Fireware XTM User Authentication" tags: panel diff --git a/http/exposed-panels/flink-exposure.yaml b/http/exposed-panels/flink-exposure.yaml index 7a01f2fb2b8..4f7162e7cd7 100644 --- a/http/exposed-panels/flink-exposure.yaml +++ b/http/exposed-panels/flink-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: flink - max-request: 1 tags: panel,apache,flink http: diff --git a/http/exposed-panels/forcepoint.yaml b/http/exposed-panels/forcepoint.yaml index 3ffb103470c..4f1bb39f152 100644 --- a/http/exposed-panels/forcepoint.yaml +++ b/http/exposed-panels/forcepoint.yaml @@ -11,9 +11,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: forcepoint product: email_security - max-request: 1 tags: forcepoint,panel,login http: diff --git a/http/exposed-panels/forti/fortiadc-panel.yaml b/http/exposed-panels/forti/fortiadc-panel.yaml index 930f41dc50e..e2bdc062276 100644 --- a/http/exposed-panels/forti/fortiadc-panel.yaml +++ b/http/exposed-panels/forti/fortiadc-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortiadc verified: true max-request: 1 + vendor: fortinet + product: fortiadc shodan-query: title:"FortiADC" tags: panel,fortinet diff --git a/http/exposed-panels/fortinet/fortiap-panel.yaml b/http/exposed-panels/fortinet/fortiap-panel.yaml index 0ef30aad4b4..166646dfa56 100644 --- a/http/exposed-panels/fortinet/fortiap-panel.yaml +++ b/http/exposed-panels/fortinet/fortiap-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortiap verified: true max-request: 1 + vendor: fortinet + product: fortiap shodan-query: title:"FortiAP" tags: panel,fortinet,fortiap diff --git a/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml b/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml index 3aa7a54181c..ca5a4d8d3ac 100644 --- a/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml +++ b/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortiauthenticator verified: true max-request: 1 + vendor: fortinet + product: fortiauthenticator shodan-query: http.favicon.hash:-1653412201 tags: panel,fortinet,fortiauthenticator,detect diff --git a/http/exposed-panels/fortinet/forticlientems-panel.yaml b/http/exposed-panels/fortinet/forticlientems-panel.yaml index 92c39c7c207..3e08c1fb520 100644 --- a/http/exposed-panels/fortinet/forticlientems-panel.yaml +++ b/http/exposed-panels/fortinet/forticlientems-panel.yaml @@ -5,8 +5,8 @@ info: author: h4sh5 severity: info metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:-800551065 tags: panel,fortinet,forticlient,ems,login,detect diff --git a/http/exposed-panels/fortinet/fortimail-panel.yaml b/http/exposed-panels/fortinet/fortimail-panel.yaml index c330d05f003..464d588653e 100644 --- a/http/exposed-panels/fortinet/fortimail-panel.yaml +++ b/http/exposed-panels/fortinet/fortimail-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortimail - max-request: 1 shodan-query: title:"Fortimail" fofa-query: Fortimail && port=443 tags: panel,fortinet,fortimail,login diff --git a/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml index f4d526659c7..fb6f9f3dc6e 100644 --- a/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.fortinet.com/products/ddos/fortiddos metadata: - vendor: fortinet - product: fortiddos verified: true max-request: 1 + vendor: fortinet + product: fortiddos shodan-query: http.title:"FortiDDoS" tags: panel,fortinet,fortiddos,login diff --git a/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml index 5a452777202..6134d645b50 100644 --- a/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortimanager - max-request: 1 tags: panel,fortinet,fortios,fortimanager,detect http: diff --git a/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml index f0dfeee9a1d..ed27b3b62d4 100644 --- a/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortinac verified: true max-request: 1 + vendor: fortinet + product: fortinac shodan-query: http.title:"Fortinac" tags: panel,fortinet,fortinac,login diff --git a/http/exposed-panels/fortinet/fortios-management-panel.yaml b/http/exposed-panels/fortinet/fortios-management-panel.yaml index 5338893cd5e..2caa3a76a39 100644 --- a/http/exposed-panels/fortinet/fortios-management-panel.yaml +++ b/http/exposed-panels/fortinet/fortios-management-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortios verified: true max-request: 1 + vendor: fortinet + product: fortios shodan-query: http.favicon.hash:945408572 tags: panel,fortinet,fortios,fortigate,fortiproxy,fortiap diff --git a/http/exposed-panels/fortinet/fortios-panel.yaml b/http/exposed-panels/fortinet/fortios-panel.yaml index d6082f6164b..f0148d71650 100644 --- a/http/exposed-panels/fortinet/fortios-panel.yaml +++ b/http/exposed-panels/fortinet/fortios-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortios verified: true max-request: 1 + vendor: fortinet + product: fortios shodan-query: http.favicon.hash:945408572 tags: panel,fortinet,fortios diff --git a/http/exposed-panels/fortinet/fortitester-login-panel.yaml b/http/exposed-panels/fortinet/fortitester-login-panel.yaml index 792fabcc309..f96ae991efd 100644 --- a/http/exposed-panels/fortinet/fortitester-login-panel.yaml +++ b/http/exposed-panels/fortinet/fortitester-login-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortitester verified: true max-request: 2 + vendor: fortinet + product: fortitester shodan-query: title:"FortiTester" tags: panel,fortinet diff --git a/http/exposed-panels/fortinet/fortiweb-panel.yaml b/http/exposed-panels/fortinet/fortiweb-panel.yaml index 5bcd8a79fc5..f5f8b0c4b7f 100644 --- a/http/exposed-panels/fortinet/fortiweb-panel.yaml +++ b/http/exposed-panels/fortinet/fortiweb-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortiweb - max-request: 1 tags: panel,fortinet,fortiweb,login http: diff --git a/http/exposed-panels/fortinet/fortiwlm-panel.yaml b/http/exposed-panels/fortinet/fortiwlm-panel.yaml index db8f2529a64..42c0910ce68 100644 --- a/http/exposed-panels/fortinet/fortiwlm-panel.yaml +++ b/http/exposed-panels/fortinet/fortiwlm-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortiwlm - max-request: 1 shodan-query: html:"fortiwlm" tags: panel,fortinet,fortiwlm,login diff --git a/http/exposed-panels/freeipa-panel.yaml b/http/exposed-panels/freeipa-panel.yaml index 886255aad66..35b7bea0a47 100644 --- a/http/exposed-panels/freeipa-panel.yaml +++ b/http/exposed-panels/freeipa-panel.yaml @@ -12,9 +12,9 @@ info: metadata: verified: true max-request: 2 - shodan-query: html:"FreeIPA" vendor: freeipa product: freeipa + shodan-query: html:"FreeIPA" tags: panel,login,freeipa http: diff --git a/http/exposed-panels/freepbx-administration-panel.yaml b/http/exposed-panels/freepbx-administration-panel.yaml index 0909aef08f8..96ae2f465cd 100644 --- a/http/exposed-panels/freepbx-administration-panel.yaml +++ b/http/exposed-panels/freepbx-administration-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sangoma - product: freepbx verified: true max-request: 1 + vendor: sangoma + product: freepbx shodan-query: http.title:"FreePBX Administration" tags: freepbx,panel diff --git a/http/exposed-panels/friendica-panel.yaml b/http/exposed-panels/friendica-panel.yaml index 2e5ca75c300..79aadf4f207 100644 --- a/http/exposed-panels/friendica-panel.yaml +++ b/http/exposed-panels/friendica-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://friendi.ca metadata: + verified: true + max-request: 1 vendor: friendica product: friendica - max-request: 1 - verified: true shodan-query: http.title:"Friendica" tags: friendica,panel,login,detect diff --git a/http/exposed-panels/froxlor-management-panel.yaml b/http/exposed-panels/froxlor-management-panel.yaml index 5937cce16c5..fff70b5d393 100644 --- a/http/exposed-panels/froxlor-management-panel.yaml +++ b/http/exposed-panels/froxlor-management-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: froxlor - product: froxlor verified: true max-request: 1 + vendor: froxlor + product: froxlor shodan-query: title:"Froxlor Server Management Panel" tags: panel,froxlor diff --git a/http/exposed-panels/ftm-manager-panel.yaml b/http/exposed-panels/ftm-manager-panel.yaml index 4858016e4a5..47f88416302 100644 --- a/http/exposed-panels/ftm-manager-panel.yaml +++ b/http/exposed-panels/ftm-manager-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ibm - product: financial_transaction_manager verified: true max-request: 1 + vendor: ibm + product: financial_transaction_manager shodan-query: http.html:"FTM manager" google-query: intitle:"FTM manager" tags: panel,ftm diff --git a/http/exposed-panels/fuelcms-panel.yaml b/http/exposed-panels/fuelcms-panel.yaml index 08097370470..2747e39545a 100644 --- a/http/exposed-panels/fuelcms-panel.yaml +++ b/http/exposed-panels/fuelcms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: daylightstudio product: fuel_cms - max-request: 1 tags: panel,fuelcms,oss http: diff --git a/http/exposed-panels/fusionauth-admin-panel.yaml b/http/exposed-panels/fusionauth-admin-panel.yaml index 688f604d937..f9176e8401b 100644 --- a/http/exposed-panels/fusionauth-admin-panel.yaml +++ b/http/exposed-panels/fusionauth-admin-panel.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: info metadata: - vendor: fusionauth - product: fusionauth verified: true max-request: 2 + vendor: fusionauth + product: fusionauth shodan-query: title:"FusionAuth" tags: panel,fusionauth,detect,login diff --git a/http/exposed-panels/geoserver-login-panel.yaml b/http/exposed-panels/geoserver-login-panel.yaml index d67903eb8f4..db520e2c0cd 100644 --- a/http/exposed-panels/geoserver-login-panel.yaml +++ b/http/exposed-panels/geoserver-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: osgeo - product: geoserver verified: true max-request: 2 + vendor: osgeo + product: geoserver shodan-query: title:"GeoServer" tags: panel,geoserver diff --git a/http/exposed-panels/gerapy-detect.yaml b/http/exposed-panels/gerapy-detect.yaml index 83c0df3f700..958d2b74fc8 100644 --- a/http/exposed-panels/gerapy-detect.yaml +++ b/http/exposed-panels/gerapy-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gerapy product: gerapy - max-request: 1 tags: tech,gerapy,panel http: diff --git a/http/exposed-panels/git-repository-browser.yaml b/http/exposed-panels/git-repository-browser.yaml index deb8670facb..bd80ff05659 100644 --- a/http/exposed-panels/git-repository-browser.yaml +++ b/http/exposed-panels/git-repository-browser.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: cgit_project - product: cgit verified: true max-request: 1 + vendor: cgit_project + product: cgit shodan-query: http.title:"Git repository browser" tags: panel,git diff --git a/http/exposed-panels/gitblit-panel.yaml b/http/exposed-panels/gitblit-panel.yaml index fce628d592c..4331b78688b 100644 --- a/http/exposed-panels/gitblit-panel.yaml +++ b/http/exposed-panels/gitblit-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: gitblit - product: gitblit verified: true max-request: 1 + vendor: gitblit + product: gitblit shodan-query: http.title:"Gitblit" tags: panel,gitblit diff --git a/http/exposed-panels/gitea-login.yaml b/http/exposed-panels/gitea-login.yaml index 62290646b7b..1a07f41166b 100644 --- a/http/exposed-panels/gitea-login.yaml +++ b/http/exposed-panels/gitea-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gitea product: gitea - max-request: 1 shodan-query: html:"Powered by Gitea Version" tags: gitea,panel diff --git a/http/exposed-panels/github-enterprise-detect.yaml b/http/exposed-panels/github-enterprise-detect.yaml index db0daad6a5c..efec51ead28 100644 --- a/http/exposed-panels/github-enterprise-detect.yaml +++ b/http/exposed-panels/github-enterprise-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: github - product: enterprise_server verified: true max-request: 1 + vendor: github + product: enterprise_server shodan-query: title:"Setup GitHub Enterprise" tags: panel,github diff --git a/http/exposed-panels/gitlab-detect.yaml b/http/exposed-panels/gitlab-detect.yaml index 0516d66b73e..921d981e2cc 100644 --- a/http/exposed-panels/gitlab-detect.yaml +++ b/http/exposed-panels/gitlab-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gitlab product: gitlab - max-request: 1 shodan-query: http.title:"GitLab" tags: panel,gitlab diff --git a/http/exposed-panels/globalprotect-panel.yaml b/http/exposed-panels/globalprotect-panel.yaml index f9350b80291..08821d05fbf 100644 --- a/http/exposed-panels/globalprotect-panel.yaml +++ b/http/exposed-panels/globalprotect-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: paloaltonetworks product: globalprotect - max-request: 2 tags: panel,panos,globalprotect http: diff --git a/http/exposed-panels/glpi-panel.yaml b/http/exposed-panels/glpi-panel.yaml index c17c354ec6f..edc1a57fc2e 100644 --- a/http/exposed-panels/glpi-panel.yaml +++ b/http/exposed-panels/glpi-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: glpi-project - product: glpi verified: true max-request: 3 + vendor: glpi-project + product: glpi shodan-query: http.title:"GLPI" tags: glpi,edb,panel diff --git a/http/exposed-panels/gnu-mailman.yaml b/http/exposed-panels/gnu-mailman.yaml index 31df3e6425d..6cc84c273ee 100644 --- a/http/exposed-panels/gnu-mailman.yaml +++ b/http/exposed-panels/gnu-mailman.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: gnu - product: mailman verified: true max-request: 2 + vendor: gnu + product: mailman shodan-query: title:"Mailing Lists" tags: exposure,mailman,panel diff --git a/http/exposed-panels/goanywhere-mft-login.yaml b/http/exposed-panels/goanywhere-mft-login.yaml index 3ec6ceca5de..7a21804a4c4 100644 --- a/http/exposed-panels/goanywhere-mft-login.yaml +++ b/http/exposed-panels/goanywhere-mft-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - shodan-query: "http.html:\"GoAnywhere Managed File Transfer\"" verified: true max-request: 2 + shodan-query: "http.html:\"GoAnywhere Managed File Transfer\"" tags: panel,goanywhere,login,filetransfer http: diff --git a/http/exposed-panels/gocd-login.yaml b/http/exposed-panels/gocd-login.yaml index b8c929e9fa6..7637eb842bf 100644 --- a/http/exposed-panels/gocd-login.yaml +++ b/http/exposed-panels/gocd-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: thoughtworks product: gocd - max-request: 1 shodan-query: html:"GoCD Version" tags: go,panel,gocd diff --git a/http/exposed-panels/gogs-panel.yaml b/http/exposed-panels/gogs-panel.yaml index 46b36cf00ce..44fa2af58f0 100644 --- a/http/exposed-panels/gogs-panel.yaml +++ b/http/exposed-panels/gogs-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: gogs - product: gogs verified: true max-request: 1 + vendor: gogs + product: gogs shodan-query: title:"Sign In - Gogs" google-query: intitle:"Sign In - Gogs" tags: panel,gogs diff --git a/http/exposed-panels/gotify-panel.yaml b/http/exposed-panels/gotify-panel.yaml index b07624127c0..803bbfa8f21 100644 --- a/http/exposed-panels/gotify-panel.yaml +++ b/http/exposed-panels/gotify-panel.yaml @@ -8,11 +8,11 @@ info: reference: - https://github.com/gotify/server metadata: + verified: true + max-request: 1 vendor: gotify product: server - verified: true shodan-query: "http.title:\"Gotify\"" - max-request: 1 tags: panel,gotify,login,detect http: diff --git a/http/exposed-panels/gradle/gradle-enterprise-panel.yaml b/http/exposed-panels/gradle/gradle-enterprise-panel.yaml index 4350247967f..0d7df36b64e 100644 --- a/http/exposed-panels/gradle/gradle-enterprise-panel.yaml +++ b/http/exposed-panels/gradle/gradle-enterprise-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gradle product: gradle_enterprise - max-request: 1 tags: panel,gradle http: diff --git a/http/exposed-panels/grafana-detect.yaml b/http/exposed-panels/grafana-detect.yaml index d0112812beb..87dd5527195 100644 --- a/http/exposed-panels/grafana-detect.yaml +++ b/http/exposed-panels/grafana-detect.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + max-request: 2 vendor: grafana product: grafana - max-request: 2 shodan-query: title:"Grafana" category: devops tags: panel,grafana,detect diff --git a/http/exposed-panels/graylog-panel.yaml b/http/exposed-panels/graylog-panel.yaml index d8292b0efe6..26860e57d7e 100644 --- a/http/exposed-panels/graylog-panel.yaml +++ b/http/exposed-panels/graylog-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://graylog.org/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"Graylog Web Interface" tags: panel,graylog,login,detect diff --git a/http/exposed-panels/greenbone-panel.yaml b/http/exposed-panels/greenbone-panel.yaml index a419f87ad2c..ccad37c9dc8 100644 --- a/http/exposed-panels/greenbone-panel.yaml +++ b/http/exposed-panels/greenbone-panel.yaml @@ -7,10 +7,10 @@ info: description: | Greenbone Security Assistant Web Panel is detected metadata: - vendor: greenbone - product: greenbone_security_assistant verified: true max-request: 1 + vendor: greenbone + product: greenbone_security_assistant shodan-query: http.title:"Greenbone Security Assistant" zoomeye-query: title:"Greenbone Security Assistant" tags: panel,greenbone,login diff --git a/http/exposed-panels/h2console-panel.yaml b/http/exposed-panels/h2console-panel.yaml index a480457cc88..5914a5afc7e 100644 --- a/http/exposed-panels/h2console-panel.yaml +++ b/http/exposed-panels/h2console-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: h2database product: h2 - max-request: 1 shodan-query: http.title:"H2 Console" tags: panel,h2,console diff --git a/http/exposed-panels/hadoop-exposure.yaml b/http/exposed-panels/hadoop-exposure.yaml index dbc160bd372..16923f83fa2 100644 --- a/http/exposed-panels/hadoop-exposure.yaml +++ b/http/exposed-panels/hadoop-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: hadoop - max-request: 1 tags: panel,apache,hadoop http: diff --git a/http/exposed-panels/haivision-gateway-panel.yaml b/http/exposed-panels/haivision-gateway-panel.yaml index 37bdc78d5bb..0f5d48eeb27 100644 --- a/http/exposed-panels/haivision-gateway-panel.yaml +++ b/http/exposed-panels/haivision-gateway-panel.yaml @@ -9,8 +9,8 @@ info: - https://www.haivision.com/ metadata: verified: true - shodan-query: "http.title:\"Haivision Gateway\"" max-request: 1 + shodan-query: "http.title:\"Haivision Gateway\"" tags: panel,haivision,login,detect http: diff --git a/http/exposed-panels/haivision-media-platform-panel.yaml b/http/exposed-panels/haivision-media-platform-panel.yaml index 762477dbfb1..6dc15dc5062 100644 --- a/http/exposed-panels/haivision-media-platform-panel.yaml +++ b/http/exposed-panels/haivision-media-platform-panel.yaml @@ -9,9 +9,10 @@ info: - https://www.haivision.com/ metadata: verified: true - shodan-query: "http.title:\"Haivision Media Platform\"" max-request: 1 + shodan-query: "http.title:\"Haivision Media Platform\"" tags: panel,haivision,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/hangfire-dashboard.yaml b/http/exposed-panels/hangfire-dashboard.yaml index f974cce4296..1316df6b921 100644 --- a/http/exposed-panels/hangfire-dashboard.yaml +++ b/http/exposed-panels/hangfire-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hangfire - product: hangfire verified: true max-request: 2 + vendor: hangfire + product: hangfire shodan-query: title:"Overview – Hangfire Dashboard" tags: panel,hangfire diff --git a/http/exposed-panels/harbor-panel.yaml b/http/exposed-panels/harbor-panel.yaml index cb62b3d6326..d78881cc981 100644 --- a/http/exposed-panels/harbor-panel.yaml +++ b/http/exposed-panels/harbor-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: linuxfoundation - product: harbor verified: true max-request: 1 + vendor: linuxfoundation + product: harbor shodan-query: http.favicon.hash:657337228 tags: panel,harbor diff --git a/http/exposed-panels/hashicorp-consul-agent.yaml b/http/exposed-panels/hashicorp-consul-agent.yaml index b301c564f62..894fb9029e7 100644 --- a/http/exposed-panels/hashicorp-consul-agent.yaml +++ b/http/exposed-panels/hashicorp-consul-agent.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hashicorp product: consul - max-request: 1 tags: tech,consul,api,panel http: diff --git a/http/exposed-panels/hashicorp-consul-webgui.yaml b/http/exposed-panels/hashicorp-consul-webgui.yaml index f145c5876e4..a0f6e2652f4 100644 --- a/http/exposed-panels/hashicorp-consul-webgui.yaml +++ b/http/exposed-panels/hashicorp-consul-webgui.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hashicorp product: consul - max-request: 1 shodan-query: http.title:"Consul by HashiCorp" tags: consul,webserver,panel diff --git a/http/exposed-panels/hestia-panel.yaml b/http/exposed-panels/hestia-panel.yaml index db0d291dd2e..ffd0c269d7e 100644 --- a/http/exposed-panels/hestia-panel.yaml +++ b/http/exposed-panels/hestia-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hestiacp - product: control_panel verified: true max-request: 1 + vendor: hestiacp + product: control_panel shodan-query: title:"Hestia Control Panel" tags: panel,hestia,detect diff --git a/http/exposed-panels/highmail-admin-panel.yaml b/http/exposed-panels/highmail-admin-panel.yaml index a5d16c540fa..4aad26a8b51 100644 --- a/http/exposed-panels/highmail-admin-panel.yaml +++ b/http/exposed-panels/highmail-admin-panel.yaml @@ -12,9 +12,9 @@ info: metadata: verified: true max-request: 2 - shodan-query: title:"HighMail" vendor: aryanic product: high_cms + shodan-query: title:"HighMail" fofa-query: title="HighMail" tags: highmail,panel diff --git a/http/exposed-panels/hmc-hybris-panel.yaml b/http/exposed-panels/hmc-hybris-panel.yaml index 09bba70f9f6..733e8070007 100644 --- a/http/exposed-panels/hmc-hybris-panel.yaml +++ b/http/exposed-panels/hmc-hybris-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sap product: hybris - max-request: 2 tags: panel,sap http: diff --git a/http/exposed-panels/homematic-panel.yaml b/http/exposed-panels/homematic-panel.yaml index c9735e9bad3..9951e3766f5 100644 --- a/http/exposed-panels/homematic-panel.yaml +++ b/http/exposed-panels/homematic-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: eq-3 product: homematic_ccu3_firmware - max-request: 1 shodan-query: http.html:"Homematic" tags: panel,homematic,iot diff --git a/http/exposed-panels/hospital-management-panel.yaml b/http/exposed-panels/hospital-management-panel.yaml index 0b17b41e2c7..f70550f92b7 100644 --- a/http/exposed-panels/hospital-management-panel.yaml +++ b/http/exposed-panels/hospital-management-panel.yaml @@ -12,9 +12,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: http.html:"Hospital Management System" vendor: hospital_management_system_project product: hospital_management_system + shodan-query: http.html:"Hospital Management System" tags: panel,hms,cms http: diff --git a/http/exposed-panels/hp-ilo-5.yaml b/http/exposed-panels/hp-ilo-5.yaml index de16da4f794..2934f31c1b6 100644 --- a/http/exposed-panels/hp-ilo-5.yaml +++ b/http/exposed-panels/hp-ilo-5.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hpe product: integrated_lights-out_5 - max-request: 1 tags: hp,ilo,panel http: diff --git a/http/exposed-panels/hp-service-manager.yaml b/http/exposed-panels/hp-service-manager.yaml index 5c538175b86..58d4ed23d46 100644 --- a/http/exposed-panels/hp-service-manager.yaml +++ b/http/exposed-panels/hp-service-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: hp product: service_manager - max-request: 2 shodan-query: http.title:"HP Service Manager" tags: panel,hp,service diff --git a/http/exposed-panels/hybris-administration-console.yaml b/http/exposed-panels/hybris-administration-console.yaml index b65bd8c2deb..91fea7f349e 100644 --- a/http/exposed-panels/hybris-administration-console.yaml +++ b/http/exposed-panels/hybris-administration-console.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sap - product: hybris verified: true max-request: 1 + vendor: sap + product: hybris shodan-query: title:"Hybris" tags: panel,hybris diff --git a/http/exposed-panels/hydra-dashboard.yaml b/http/exposed-panels/hydra-dashboard.yaml index 1bb9cad958e..d15db5e3af1 100644 --- a/http/exposed-panels/hydra-dashboard.yaml +++ b/http/exposed-panels/hydra-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hydra_project - product: hydra verified: true max-request: 1 + vendor: hydra_project + product: hydra shodan-query: title:"Hydra Router Dashboard" tags: panel,exposure,hydra diff --git a/http/exposed-panels/ibm/ibm-dcec-panel.yaml b/http/exposed-panels/ibm/ibm-dcec-panel.yaml index 261a8a9e6f6..c9c93622be8 100644 --- a/http/exposed-panels/ibm/ibm-dcec-panel.yaml +++ b/http/exposed-panels/ibm/ibm-dcec-panel.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise metadata: verified: true - shodan-query: "html:\"Decision Center Enterprise console\"" max-request: 1 + shodan-query: "html:\"Decision Center Enterprise console\"" tags: panel,ibm,login,detect,decision-center http: diff --git a/http/exposed-panels/ibm/ibm-decision-server-console.yaml b/http/exposed-panels/ibm/ibm-decision-server-console.yaml index 1a0b1d065fd..683eb9c612f 100644 --- a/http/exposed-panels/ibm/ibm-decision-server-console.yaml +++ b/http/exposed-panels/ibm/ibm-decision-server-console.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.12.0?topic=overview-introducing-rule-execution-server metadata: verified: true - shodan-query: "title:\"Rule Execution Server\"" max-request: 1 + shodan-query: "title:\"Rule Execution Server\"" tags: panel,ibm,login,detect,decision-server http: diff --git a/http/exposed-panels/ibm/ibm-maximo-login.yaml b/http/exposed-panels/ibm/ibm-maximo-login.yaml index 8fdcb38405d..64b043513c2 100644 --- a/http/exposed-panels/ibm/ibm-maximo-login.yaml +++ b/http/exposed-panels/ibm/ibm-maximo-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ibm - product: maximo_asset_management verified: true max-request: 1 + vendor: ibm + product: maximo_asset_management shodan-query: http.favicon.hash:-399298961 tags: maximo,panel,ibm diff --git a/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml b/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml index d08a276f6a9..e42c20813df 100644 --- a/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml +++ b/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ibm product: mq - max-request: 1 tags: panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-note-login.yaml b/http/exposed-panels/ibm/ibm-note-login.yaml index 62b9c1d7d96..57065c6b10e 100644 --- a/http/exposed-panels/ibm/ibm-note-login.yaml +++ b/http/exposed-panels/ibm/ibm-note-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: ibm product: inotes - max-request: 2 tags: ibm,edb,panel http: diff --git a/http/exposed-panels/ibm/ibm-odm-panel.yaml b/http/exposed-panels/ibm/ibm-odm-panel.yaml index b60c598c01e..7acac6cdcd1 100644 --- a/http/exposed-panels/ibm/ibm-odm-panel.yaml +++ b/http/exposed-panels/ibm/ibm-odm-panel.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.12.0 metadata: verified: true - fofa-query: "title=\"Decision Center | Business Console\"" max-request: 1 + fofa-query: "title=\"Decision Center | Business Console\"" tags: panel,ibm,login,detect,decision-center http: diff --git a/http/exposed-panels/ibm/ibm-security-access-manager.yaml b/http/exposed-panels/ibm/ibm-security-access-manager.yaml index 76abc850b07..11d2e3af263 100644 --- a/http/exposed-panels/ibm/ibm-security-access-manager.yaml +++ b/http/exposed-panels/ibm/ibm-security-access-manager.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ibm product: security_access_manager - max-request: 1 tags: panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml b/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml index ec98ec4f98d..37e5855ce98 100644 --- a/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml +++ b/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ibm - product: websphere_application_server verified: true max-request: 1 + vendor: ibm + product: websphere_application_server shodan-query: http.favicon.hash:1337147129 tags: websphere,panel,ibm diff --git a/http/exposed-panels/ibm/ibm-websphere-panel.yaml b/http/exposed-panels/ibm/ibm-websphere-panel.yaml index 9614ab70e63..2be941a5ff3 100644 --- a/http/exposed-panels/ibm/ibm-websphere-panel.yaml +++ b/http/exposed-panels/ibm/ibm-websphere-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ibm product: websphere_portal - max-request: 1 shodan-query: http.html:"IBM WebSphere Portal" tags: ibm,websphere,panel diff --git a/http/exposed-panels/icewarp-panel-detect.yaml b/http/exposed-panels/icewarp-panel-detect.yaml index 13597f6e514..2502ec3af9d 100644 --- a/http/exposed-panels/icewarp-panel-detect.yaml +++ b/http/exposed-panels/icewarp-panel-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: icewarp - product: icewarp_server verified: true max-request: 1 + vendor: icewarp + product: icewarp_server shodan-query: title:"icewarp" tags: icewarp,panel diff --git a/http/exposed-panels/icinga-web-login.yaml b/http/exposed-panels/icinga-web-login.yaml index f9f5606198d..97fd31e8707 100644 --- a/http/exposed-panels/icinga-web-login.yaml +++ b/http/exposed-panels/icinga-web-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: icinga product: icinga_web_2 - max-request: 1 shodan-query: http.title:"Icinga Web 2 Login" tags: panel,icinga diff --git a/http/exposed-panels/ictprotege-login-panel.yaml b/http/exposed-panels/ictprotege-login-panel.yaml index 5a21ff03fd9..a1964275a2f 100644 --- a/http/exposed-panels/ictprotege-login-panel.yaml +++ b/http/exposed-panels/ictprotege-login-panel.yaml @@ -9,10 +9,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ict - product: protege_wx_firmware verified: true max-request: 1 + vendor: ict + product: protege_wx_firmware shodan-query: title:"ICT Protege WX®" tags: panel,ictprotege diff --git a/http/exposed-panels/identity-services-engine.yaml b/http/exposed-panels/identity-services-engine.yaml index ae61409a976..ab553d5b633 100644 --- a/http/exposed-panels/identity-services-engine.yaml +++ b/http/exposed-panels/identity-services-engine.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: cisco product: identity_services_engine - max-request: 2 shodan-query: http.title:"Identity Services Engine" tags: panel diff --git a/http/exposed-panels/ilch-admin-panel.yaml b/http/exposed-panels/ilch-admin-panel.yaml index 8a0eef000c7..50638884d3b 100644 --- a/http/exposed-panels/ilch-admin-panel.yaml +++ b/http/exposed-panels/ilch-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ilch - product: cms verified: true max-request: 1 + vendor: ilch + product: cms shodan-query: http.title:"Ilch" tags: panel,ilch,cms diff --git a/http/exposed-panels/ilias-panel.yaml b/http/exposed-panels/ilias-panel.yaml index cdf20a437c6..8a1bb2b1656 100644 --- a/http/exposed-panels/ilias-panel.yaml +++ b/http/exposed-panels/ilias-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ilias - product: ilias verified: true max-request: 2 + vendor: ilias + product: ilias shodan-query: http.html:"ILIAS" tags: panel,ilias diff --git a/http/exposed-panels/incapptic-connect-panel.yaml b/http/exposed-panels/incapptic-connect-panel.yaml index 49afdca0332..ad047c0e5ad 100644 --- a/http/exposed-panels/incapptic-connect-panel.yaml +++ b/http/exposed-panels/incapptic-connect-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: ivanti product: incapptic_connect - max-request: 2 shodan-query: - http.title:"incapptic" - http.favicon.hash:-1067582922 diff --git a/http/exposed-panels/influxdb-panel.yaml b/http/exposed-panels/influxdb-panel.yaml index ab0802f948e..91ee222908d 100644 --- a/http/exposed-panels/influxdb-panel.yaml +++ b/http/exposed-panels/influxdb-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: influxdata product: influxdb - max-request: 1 shodan-query: http.title:"InfluxDB - Admin Interface" tags: panel,influxdb diff --git a/http/exposed-panels/intelbras-panel.yaml b/http/exposed-panels/intelbras-panel.yaml index 8af8f34cdc2..7108c396928 100644 --- a/http/exposed-panels/intelbras-panel.yaml +++ b/http/exposed-panels/intelbras-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: intelbras - product: cip_92200_firmware verified: true max-request: 1 + vendor: intelbras + product: cip_92200_firmware shodan-query: http.title:"Intelbras" fofa-query: app="Intelbras" tags: panel,intelbras diff --git a/http/exposed-panels/intellian-aptus-panel.yaml b/http/exposed-panels/intellian-aptus-panel.yaml index 6cce4677018..84d29e99635 100644 --- a/http/exposed-panels/intellian-aptus-panel.yaml +++ b/http/exposed-panels/intellian-aptus-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: intelliantech product: aptus_web - max-request: 1 shodan-query: http.title:"Intellian Aptus Web" tags: panel,intellian,aptus diff --git a/http/exposed-panels/itop-panel.yaml b/http/exposed-panels/itop-panel.yaml index 6dc1d85c639..8741f882c66 100644 --- a/http/exposed-panels/itop-panel.yaml +++ b/http/exposed-panels/itop-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: combodo product: itop - max-request: 2 tags: panel,itop http: diff --git a/http/exposed-panels/ivanti-connect-secure-panel.yaml b/http/exposed-panels/ivanti-connect-secure-panel.yaml index 8d52e502569..adbcd55e242 100644 --- a/http/exposed-panels/ivanti-connect-secure-panel.yaml +++ b/http/exposed-panels/ivanti-connect-secure-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.ivanti.com/products/connect-secure-vpn metadata: - vendor: ivanti - product: "connect_secure" verified: true max-request: 2 + vendor: ivanti + product: "connect_secure" shodan-query: "title:\"Ivanti Connect Secure\"" tags: panel,connectsecure,login diff --git a/http/exposed-panels/jaspersoft-panel.yaml b/http/exposed-panels/jaspersoft-panel.yaml index fabc5e6c50f..2cbc667312d 100644 --- a/http/exposed-panels/jaspersoft-panel.yaml +++ b/http/exposed-panels/jaspersoft-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: tibco product: jaspersoft - max-request: 2 shodan-query: http.title:"Jaspersoft" tags: panel,jaspersoft diff --git a/http/exposed-panels/jboss/jboss-jbpm-admin.yaml b/http/exposed-panels/jboss/jboss-jbpm-admin.yaml index ce4aa5a3fcd..d08a9661e17 100644 --- a/http/exposed-panels/jboss/jboss-jbpm-admin.yaml +++ b/http/exposed-panels/jboss/jboss-jbpm-admin.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: jbpm verified: true max-request: 1 + vendor: redhat + product: jbpm shodan-query: html:"JBossWS" tags: jboss,panel,login diff --git a/http/exposed-panels/jboss/jboss-juddi.yaml b/http/exposed-panels/jboss/jboss-juddi.yaml index 03abbd61504..6578d224f33 100644 --- a/http/exposed-panels/jboss/jboss-juddi.yaml +++ b/http/exposed-panels/jboss/jboss-juddi.yaml @@ -14,10 +14,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: jboss_enterprise_web_platform verified: true max-request: 2 + vendor: redhat + product: jboss_enterprise_web_platform shodan-query: html:"JBoss WS" tags: panel,jboss,juddi diff --git a/http/exposed-panels/jboss/jboss-soa-platform.yaml b/http/exposed-panels/jboss/jboss-soa-platform.yaml index 9ecabe2e87b..cbf28711a8c 100644 --- a/http/exposed-panels/jboss/jboss-soa-platform.yaml +++ b/http/exposed-panels/jboss/jboss-soa-platform.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: jboss_soa_platform verified: true max-request: 1 + vendor: redhat + product: jboss_soa_platform shodan-query: http.title:"Welcome to the JBoss SOA Platform" tags: panel,jboss,soa diff --git a/http/exposed-panels/jboss/jmx-console.yaml b/http/exposed-panels/jboss/jmx-console.yaml index 9e6761685a9..1aeae2b7d44 100644 --- a/http/exposed-panels/jboss/jmx-console.yaml +++ b/http/exposed-panels/jboss/jmx-console.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redhat product: jboss_keycloak - max-request: 1 tags: panel,jmx,jboss http: diff --git a/http/exposed-panels/jboss/wildfly-panel.yaml b/http/exposed-panels/jboss/wildfly-panel.yaml index 112b7b3885f..f7ba7848763 100644 --- a/http/exposed-panels/jboss/wildfly-panel.yaml +++ b/http/exposed-panels/jboss/wildfly-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redhat product: wildfly - max-request: 1 tags: panel,jboss,wildfly http: diff --git a/http/exposed-panels/jcms-panel.yaml b/http/exposed-panels/jcms-panel.yaml index 45eea318725..ba9e61d16ce 100644 --- a/http/exposed-panels/jcms-panel.yaml +++ b/http/exposed-panels/jcms-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: jalios - product: jcms verified: true max-request: 2 + vendor: jalios + product: jcms shodan-query: html:"Jalios JCMS" tags: panel,jalios,jcms diff --git a/http/exposed-panels/jedox-web-panel.yaml b/http/exposed-panels/jedox-web-panel.yaml index 73a2c3df6c8..07bffbe275c 100644 --- a/http/exposed-panels/jedox-web-panel.yaml +++ b/http/exposed-panels/jedox-web-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.jedox.com metadata: - vendor: jedox - product: jedox verified: true max-request: 2 + vendor: jedox + product: jedox shodan-query: title:"Jedox Web - Login" google-query: intitle:"Jedox Web Login" tags: panel,jedox,detect diff --git a/http/exposed-panels/jeedom-panel.yaml b/http/exposed-panels/jeedom-panel.yaml index d414a82b1f3..a54170c3bed 100644 --- a/http/exposed-panels/jeedom-panel.yaml +++ b/http/exposed-panels/jeedom-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: jeedom product: jeedom - max-request: 1 shodan-query: http.title:"Jeedom" tags: panel,jeedom,login diff --git a/http/exposed-panels/jenkins-api-panel.yaml b/http/exposed-panels/jenkins-api-panel.yaml index 65f75fa1411..d13c090b55e 100644 --- a/http/exposed-panels/jenkins-api-panel.yaml +++ b/http/exposed-panels/jenkins-api-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: jenkins product: jenkins - max-request: 1 tags: panel,api,jenkins http: diff --git a/http/exposed-panels/jenkins-login.yaml b/http/exposed-panels/jenkins-login.yaml index 6a701fefddf..9e68929b23b 100644 --- a/http/exposed-panels/jenkins-login.yaml +++ b/http/exposed-panels/jenkins-login.yaml @@ -11,9 +11,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: jenkins product: jenkins - max-request: 1 tags: panel,jenkins http: diff --git a/http/exposed-panels/joomla-panel.yaml b/http/exposed-panels/joomla-panel.yaml index 1721eb61eb3..5d0ab505da3 100644 --- a/http/exposed-panels/joomla-panel.yaml +++ b/http/exposed-panels/joomla-panel.yaml @@ -5,9 +5,9 @@ info: author: its0x08 severity: info metadata: + max-request: 1 vendor: joomla product: joomla\! - max-request: 1 tags: panel,joomla http: diff --git a/http/exposed-panels/juniper-panel.yaml b/http/exposed-panels/juniper-panel.yaml index ec676d58575..5c83e5d06e8 100644 --- a/http/exposed-panels/juniper-panel.yaml +++ b/http/exposed-panels/juniper-panel.yaml @@ -12,8 +12,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "http.title:\"Juniper Web Device Manager\"" tags: panel,juniper,vpn,login diff --git a/http/exposed-panels/kafka-center-login.yaml b/http/exposed-panels/kafka-center-login.yaml index 068e7c4aa9d..62c33df6692 100644 --- a/http/exposed-panels/kafka-center-login.yaml +++ b/http/exposed-panels/kafka-center-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: kafka - max-request: 1 shodan-query: http.title:"Kafka Center" tags: panel,kafka diff --git a/http/exposed-panels/kafka-consumer-monitor.yaml b/http/exposed-panels/kafka-consumer-monitor.yaml index 7d08b03ee65..59c0f0b74fa 100644 --- a/http/exposed-panels/kafka-consumer-monitor.yaml +++ b/http/exposed-panels/kafka-consumer-monitor.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: kafka - max-request: 1 shodan-query: http.title:"Kafka Consumer Offset Monitor" tags: panel,kafka diff --git a/http/exposed-panels/kafka-monitoring.yaml b/http/exposed-panels/kafka-monitoring.yaml index 85100877bf7..21f365f9484 100644 --- a/http/exposed-panels/kafka-monitoring.yaml +++ b/http/exposed-panels/kafka-monitoring.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: kafka - max-request: 1 tags: panel,kafka,apache http: diff --git a/http/exposed-panels/kafka-topics-ui.yaml b/http/exposed-panels/kafka-topics-ui.yaml index d080d4d4d13..9f66b87b542 100644 --- a/http/exposed-panels/kafka-topics-ui.yaml +++ b/http/exposed-panels/kafka-topics-ui.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + max-request: 2 vendor: provectus product: ui platform: kafka - max-request: 2 tags: panel,kafka,apache,detect http: diff --git a/http/exposed-panels/kanboard-login.yaml b/http/exposed-panels/kanboard-login.yaml index 5c326f50c4a..4bd84b1d64b 100644 --- a/http/exposed-panels/kanboard-login.yaml +++ b/http/exposed-panels/kanboard-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: kanboard - product: kanboard verified: true max-request: 1 + vendor: kanboard + product: kanboard shodan-query: http.favicon.hash:2056442365 tags: panel,kanboard diff --git a/http/exposed-panels/keycloak-admin-panel.yaml b/http/exposed-panels/keycloak-admin-panel.yaml index a142a38f4ef..a952d44ffed 100644 --- a/http/exposed-panels/keycloak-admin-panel.yaml +++ b/http/exposed-panels/keycloak-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: keycloak verified: true max-request: 3 + vendor: redhat + product: keycloak shodan-query: http.favicon.hash:-1105083093 tags: panel,keycloak diff --git a/http/exposed-panels/kibana-panel.yaml b/http/exposed-panels/kibana-panel.yaml index fd9fd032ae3..595dca82d55 100644 --- a/http/exposed-panels/kibana-panel.yaml +++ b/http/exposed-panels/kibana-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 3 vendor: elastic product: kibana - max-request: 3 shodan-query: http.title:"Kibana" tags: panel,kibana diff --git a/http/exposed-panels/kiteworks-pcn-panel.yaml b/http/exposed-panels/kiteworks-pcn-panel.yaml index b3fff568e95..da2abfba3b1 100644 --- a/http/exposed-panels/kiteworks-pcn-panel.yaml +++ b/http/exposed-panels/kiteworks-pcn-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.kiteworks.com/platform/private-content-network/ metadata: - vendor: accellion - product: kiteworks verified: true max-request: 1 + vendor: accellion + product: kiteworks shodan-query: http.favicon.hash:-1215318992 tags: panel,kiteworks,login,detect diff --git a/http/exposed-panels/kiwitcms-login.yaml b/http/exposed-panels/kiwitcms-login.yaml index bae74462280..1a1e018a374 100644 --- a/http/exposed-panels/kiwitcms-login.yaml +++ b/http/exposed-panels/kiwitcms-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: kiwitcms product: kiwi_tcms - max-request: 1 shodan-query: title:"Kiwi TCMS - Login",http.favicon.hash:-1909533337 tags: kiwitcms,panel diff --git a/http/exposed-panels/koel-panel.yaml b/http/exposed-panels/koel-panel.yaml index a853402faeb..6999a1227d6 100644 --- a/http/exposed-panels/koel-panel.yaml +++ b/http/exposed-panels/koel-panel.yaml @@ -1,20 +1,20 @@ id: koel-panel -info: - name: Koel Panel - Detect - author: rxerium - severity: info - description: | - Personal audio streaming service that works. - reference: - - https://koel.dev/ - - https://github.com/koel/koel - metadata: - max-request: 1 - shodan-query: title:"Koel" - verified: true - tags: panel,koel,login - +info: + name: Koel Panel - Detect + author: rxerium + severity: info + description: | + Personal audio streaming service that works. + reference: + - https://koel.dev/ + - https://github.com/koel/koel + metadata: + verified: true + max-request: 1 + shodan-query: title:"Koel" + tags: panel,koel,login + http: - method: GET path: diff --git a/http/exposed-panels/konga-panel.yaml b/http/exposed-panels/konga-panel.yaml index 3b8ebd50b42..5a8e18597f8 100644 --- a/http/exposed-panels/konga-panel.yaml +++ b/http/exposed-panels/konga-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: pantsel product: konga - max-request: 1 tags: tech,konga,oss,panel http: diff --git a/http/exposed-panels/kopano-webapp-panel.yaml b/http/exposed-panels/kopano-webapp-panel.yaml index 9246023f138..5ae68768a35 100644 --- a/http/exposed-panels/kopano-webapp-panel.yaml +++ b/http/exposed-panels/kopano-webapp-panel.yaml @@ -9,8 +9,8 @@ info: - https://kopano.com/ metadata: verified: true - shodan-query: "http.title:\"Kopano WebApp\"" max-request: 1 + shodan-query: "http.title:\"Kopano WebApp\"" tags: panel,kopano,login,detect http: diff --git a/http/exposed-panels/kubernetes-dashboard.yaml b/http/exposed-panels/kubernetes-dashboard.yaml index ca56f933c2b..e9c37c8cb2e 100644 --- a/http/exposed-panels/kubernetes-dashboard.yaml +++ b/http/exposed-panels/kubernetes-dashboard.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: kubernetes product: dashboard - max-request: 1 tags: panel,kubernetes,devops http: diff --git a/http/exposed-panels/kubernetes-enterprise-manager.yaml b/http/exposed-panels/kubernetes-enterprise-manager.yaml index 3fb74be4153..8f2f51c6570 100644 --- a/http/exposed-panels/kubernetes-enterprise-manager.yaml +++ b/http/exposed-panels/kubernetes-enterprise-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: kubernetes product: kubernetes - max-request: 1 fofa-query: app="Kubernetes-Enterprise-Manager" tags: tech,kubernetes,panel diff --git a/http/exposed-panels/kubernetes-web-view.yaml b/http/exposed-panels/kubernetes-web-view.yaml index 3fd1029aa4e..da6ef9c1df5 100644 --- a/http/exposed-panels/kubernetes-web-view.yaml +++ b/http/exposed-panels/kubernetes-web-view.yaml @@ -10,10 +10,10 @@ info: cvss-score: 6.5 cwe-id: CWE-200 metadata: - vendor: kubernetes - product: kubernetes verified: true max-request: 2 + vendor: kubernetes + product: kubernetes shodan-query: title:"Kubernetes Web View" tags: panel,misconfig,kubernetes,k8s diff --git a/http/exposed-panels/kubeview-dashboard.yaml b/http/exposed-panels/kubeview-dashboard.yaml index c3582a3a841..af931ccd4c2 100644 --- a/http/exposed-panels/kubeview-dashboard.yaml +++ b/http/exposed-panels/kubeview-dashboard.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: kubeview_project - product: kubeview verified: true max-request: 1 + vendor: kubeview_project + product: kubeview shodan-query: http.favicon.hash:-379154636 tags: exposure,k8s,kubernetes,kubeview,dashboard,panel diff --git a/http/exposed-panels/labkey-server-login.yaml b/http/exposed-panels/labkey-server-login.yaml index bc64d03cf31..c6e9d69af11 100644 --- a/http/exposed-panels/labkey-server-login.yaml +++ b/http/exposed-panels/labkey-server-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: labkey - product: labkey_server verified: true max-request: 2 + vendor: labkey + product: labkey_server shodan-query: 'title:"Sign In: /home"' tags: panel,labkey diff --git a/http/exposed-panels/labtech-panel.yaml b/http/exposed-panels/labtech-panel.yaml index 0274fcb1b56..6243730a35f 100644 --- a/http/exposed-panels/labtech-panel.yaml +++ b/http/exposed-panels/labtech-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: labtech_software product: labtech - max-request: 1 tags: panel,labtech http: diff --git a/http/exposed-panels/lansweeper-login.yaml b/http/exposed-panels/lansweeper-login.yaml index 422e3649b25..87c4d65c1ea 100644 --- a/http/exposed-panels/lansweeper-login.yaml +++ b/http/exposed-panels/lansweeper-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: lansweeper - product: lansweeper verified: true max-request: 1 + vendor: lansweeper + product: lansweeper shodan-query: title:"Lansweeper - Login" tags: lansweeper,tech,panel diff --git a/http/exposed-panels/lenovo-fp-panel.yaml b/http/exposed-panels/lenovo-fp-panel.yaml index 7a54863b9fa..0a7443216ea 100644 --- a/http/exposed-panels/lenovo-fp-panel.yaml +++ b/http/exposed-panels/lenovo-fp-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: lenovo - product: fan_power_controller verified: true max-request: 2 + vendor: lenovo + product: fan_power_controller shodan-query: http.html:"Fan and Power Controller" tags: panel,lenovo diff --git a/http/exposed-panels/librenms-login.yaml b/http/exposed-panels/librenms-login.yaml index 49ebdc5cb65..4fa143db6b9 100644 --- a/http/exposed-panels/librenms-login.yaml +++ b/http/exposed-panels/librenms-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: librenms product: librenms - max-request: 1 fofa-query: title="librenms" tags: librenms,panel diff --git a/http/exposed-panels/liferay-portal.yaml b/http/exposed-panels/liferay-portal.yaml index b40ffbe27c1..6c278de1dab 100644 --- a/http/exposed-panels/liferay-portal.yaml +++ b/http/exposed-panels/liferay-portal.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: liferay - product: liferay_portal verified: true max-request: 3 + vendor: liferay + product: liferay_portal shodan-query: http.favicon.hash:129457226 tags: panel,liferay,portal diff --git a/http/exposed-panels/linkerd-panel.yaml b/http/exposed-panels/linkerd-panel.yaml index 438f592a757..4cd43601087 100644 --- a/http/exposed-panels/linkerd-panel.yaml +++ b/http/exposed-panels/linkerd-panel.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: linkerd - product: linkerd verified: true max-request: 1 + vendor: linkerd + product: linkerd shodan-query: html:"data-controller-namespace" tags: panel,misconfig,linkerd,exposure diff --git a/http/exposed-panels/linshare-panel.yaml b/http/exposed-panels/linshare-panel.yaml index 841ffa3bf16..c412357d02c 100644 --- a/http/exposed-panels/linshare-panel.yaml +++ b/http/exposed-panels/linshare-panel.yaml @@ -10,8 +10,8 @@ info: - https://github.com/linagora/linshare metadata: verified: true - shodan-query: "http.title:\"LinShare\"" max-request: 3 + shodan-query: "http.title:\"LinShare\"" tags: panel,linshare,login,detect http: diff --git a/http/exposed-panels/livehelperchat-admin-panel.yaml b/http/exposed-panels/livehelperchat-admin-panel.yaml index e20135a318c..b781466cbff 100644 --- a/http/exposed-panels/livehelperchat-admin-panel.yaml +++ b/http/exposed-panels/livehelperchat-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: livehelperchat - product: live_helper_chat verified: true max-request: 1 + vendor: livehelperchat + product: live_helper_chat shodan-query: title:"Live Helper Chat" fofa-query: title="Live Helper Chat" tags: livehelperchat,panel diff --git a/http/exposed-panels/livezilla-login-panel.yaml b/http/exposed-panels/livezilla-login-panel.yaml index 675913a67c0..b57a1a2a51e 100644 --- a/http/exposed-panels/livezilla-login-panel.yaml +++ b/http/exposed-panels/livezilla-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: livezilla product: livezilla - max-request: 1 tags: panel,livezilla,login http: diff --git a/http/exposed-panels/lockself-panel.yaml b/http/exposed-panels/lockself-panel.yaml index 8320d7f0e15..8c4a58d4e3f 100644 --- a/http/exposed-panels/lockself-panel.yaml +++ b/http/exposed-panels/lockself-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.lockself.com/en/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"LockSelf" tags: panel,lockself,login,detect diff --git a/http/exposed-panels/magento-admin-panel.yaml b/http/exposed-panels/magento-admin-panel.yaml index 251ae427531..fb9c26455a5 100644 --- a/http/exposed-panels/magento-admin-panel.yaml +++ b/http/exposed-panels/magento-admin-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: magento - product: magento verified: true max-request: 1 + vendor: magento + product: magento shodan-query: http.component:"Magento" tags: magento,panel diff --git a/http/exposed-panels/magento-downloader-panel.yaml b/http/exposed-panels/magento-downloader-panel.yaml index b8736accd04..8353daa5ff8 100644 --- a/http/exposed-panels/magento-downloader-panel.yaml +++ b/http/exposed-panels/magento-downloader-panel.yaml @@ -10,10 +10,10 @@ info: - https://magentary.com/kb/restrict-access-to-magento-downloader/ - https://www.mageplaza.com/kb/how-to-stop-brute-force-attacks-magento.html#solution-3 metadata: - vendor: magento - product: magento verified: true max-request: 1 + vendor: magento + product: magento shodan-query: http.component:"Magento" tags: magento,exposure,panel diff --git a/http/exposed-panels/mantisbt-panel.yaml b/http/exposed-panels/mantisbt-panel.yaml index c2bddf7c7ba..b958ca9e421 100644 --- a/http/exposed-panels/mantisbt-panel.yaml +++ b/http/exposed-panels/mantisbt-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mantisbt - product: mantisbt verified: true max-request: 1 + vendor: mantisbt + product: mantisbt shodan-query: http.favicon.hash:662709064 tags: panel,mantisbt diff --git a/http/exposed-panels/matomo-login-portal.yaml b/http/exposed-panels/matomo-login-portal.yaml index c222b63519b..2b95be2aadf 100644 --- a/http/exposed-panels/matomo-login-portal.yaml +++ b/http/exposed-panels/matomo-login-portal.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: matomo product: matomo - max-request: 2 tags: panel,matomo http: diff --git a/http/exposed-panels/memos-panel.yaml b/http/exposed-panels/memos-panel.yaml index 3add461831b..2deb05edcff 100644 --- a/http/exposed-panels/memos-panel.yaml +++ b/http/exposed-panels/memos-panel.yaml @@ -10,10 +10,10 @@ info: - https://github.com/usememos/memos - https://www.usememos.com/ metadata: - vendor: usememos - product: memos verified: true max-request: 2 + vendor: usememos + product: memos shodan-query: title:"Memos" tags: panel,memos,detect diff --git a/http/exposed-panels/meshcentral-login.yaml b/http/exposed-panels/meshcentral-login.yaml index c642238b62b..a974e0f453e 100644 --- a/http/exposed-panels/meshcentral-login.yaml +++ b/http/exposed-panels/meshcentral-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: meshcentral product: meshcentral - max-request: 1 shodan-query: http.title:"MeshCentral - Login" tags: panel,meshcentral diff --git a/http/exposed-panels/metabase-panel.yaml b/http/exposed-panels/metabase-panel.yaml index ec181050322..a0d0697db83 100644 --- a/http/exposed-panels/metabase-panel.yaml +++ b/http/exposed-panels/metabase-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: metabase product: metabase - max-request: 1 shodan-query: http.title:"Metabase" tags: panel,metabase,login diff --git a/http/exposed-panels/metasploit-panel.yaml b/http/exposed-panels/metasploit-panel.yaml index 4fdd7ddbfc1..45a0fa43b1e 100644 --- a/http/exposed-panels/metasploit-panel.yaml +++ b/http/exposed-panels/metasploit-panel.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: rapid7 - product: metasploit verified: true max-request: 1 + vendor: rapid7 + product: metasploit shodan-query: http.title:"metasploit" zoomeye-query: title:'Metasploit' tags: panel,metasploit,login diff --git a/http/exposed-panels/metasploit-setup-page.yaml b/http/exposed-panels/metasploit-setup-page.yaml index f8aabddbe15..047b6d04bff 100644 --- a/http/exposed-panels/metasploit-setup-page.yaml +++ b/http/exposed-panels/metasploit-setup-page.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: rapid7 - product: metasploit verified: true max-request: 1 + vendor: rapid7 + product: metasploit shodan-query: title:"Metasploit - Setup and Configuration" tags: panel,metasploit,setup diff --git a/http/exposed-panels/metersphere-login.yaml b/http/exposed-panels/metersphere-login.yaml index 22dd8968530..34f4a52c1d9 100644 --- a/http/exposed-panels/metersphere-login.yaml +++ b/http/exposed-panels/metersphere-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: metersphere product: metersphere - max-request: 2 tags: panel,metersphere http: diff --git a/http/exposed-panels/mfiles-web-detect.yaml b/http/exposed-panels/mfiles-web-detect.yaml index 827535c5030..870b41c22cb 100644 --- a/http/exposed-panels/mfiles-web-detect.yaml +++ b/http/exposed-panels/mfiles-web-detect.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: m-files - product: m-files verified: true max-request: 2 + vendor: m-files + product: m-files shodan-query: http.html:"M-Files Web" tags: panel,m-files diff --git a/http/exposed-panels/microfocus-admin-server.yaml b/http/exposed-panels/microfocus-admin-server.yaml index b897eea24c8..f3d94bd472c 100644 --- a/http/exposed-panels/microfocus-admin-server.yaml +++ b/http/exposed-panels/microfocus-admin-server.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: microfocus - product: enterprise_server verified: true max-request: 1 + vendor: microfocus + product: enterprise_server shodan-query: "Micro Focus DSD" tags: panel,exposure,microfocus,admin diff --git a/http/exposed-panels/microfocus-filr-panel.yaml b/http/exposed-panels/microfocus-filr-panel.yaml index fcf59071b07..9f373be17c1 100644 --- a/http/exposed-panels/microfocus-filr-panel.yaml +++ b/http/exposed-panels/microfocus-filr-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: microfocus - product: filr verified: true max-request: 1 + vendor: microfocus + product: filr shodan-query: http.html:"Micro Focus Filr" tags: panel,microfocus,filr diff --git a/http/exposed-panels/microfocus-vibe-panel.yaml b/http/exposed-panels/microfocus-vibe-panel.yaml index f3530c3ff98..f0d13210edb 100644 --- a/http/exposed-panels/microfocus-vibe-panel.yaml +++ b/http/exposed-panels/microfocus-vibe-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: microfocus - product: vibe verified: true max-request: 1 + vendor: microfocus + product: vibe shodan-query: http.html:"Micro Focus Vibe" tags: panel,microfocus,vibe diff --git a/http/exposed-panels/microsoft-exchange-panel.yaml b/http/exposed-panels/microsoft-exchange-panel.yaml index d23b0420d61..ea6114a43d0 100644 --- a/http/exposed-panels/microsoft-exchange-panel.yaml +++ b/http/exposed-panels/microsoft-exchange-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: microsoft product: exchange_server - max-request: 1 tags: microsoft,panel,exchange http: diff --git a/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml b/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml index b8728ff54f9..ec36fa71f4a 100644 --- a/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml +++ b/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mikrotik - product: routeros verified: true max-request: 1 + vendor: mikrotik + product: routeros shodan-query: title:"mikrotik routeros > administration" tags: panel,login,mikrotik diff --git a/http/exposed-panels/mikrotik/mikrotik-routeros.yaml b/http/exposed-panels/mikrotik/mikrotik-routeros.yaml index d0f91c241c9..6c7741a8865 100644 --- a/http/exposed-panels/mikrotik/mikrotik-routeros.yaml +++ b/http/exposed-panels/mikrotik/mikrotik-routeros.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: mikrotik product: routeros - max-request: 1 tags: panel,login http: diff --git a/http/exposed-panels/mini-start-page.yaml b/http/exposed-panels/mini-start-page.yaml index cf0b66c23f3..c1baf26ef82 100644 --- a/http/exposed-panels/mini-start-page.yaml +++ b/http/exposed-panels/mini-start-page.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: miniweb_http_server_project product: miniweb_http_server - max-request: 2 tags: edb,panel http: diff --git a/http/exposed-panels/minio-browser.yaml b/http/exposed-panels/minio-browser.yaml index c4e0e259b22..623d30429ac 100644 --- a/http/exposed-panels/minio-browser.yaml +++ b/http/exposed-panels/minio-browser.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: minio product: minio - max-request: 1 shodan-query: title:"MinIO Browser" tags: panel,minio diff --git a/http/exposed-panels/misp-panel.yaml b/http/exposed-panels/misp-panel.yaml index a0ba58e250f..bdc513bfedd 100644 --- a/http/exposed-panels/misp-panel.yaml +++ b/http/exposed-panels/misp-panel.yaml @@ -5,10 +5,10 @@ info: author: johnk3r severity: info metadata: - vendor: misp - product: misp verified: "true" max-request: 1 + vendor: misp + product: misp shodan-query: http.title:"Users - MISP" tags: panel,misp diff --git a/http/exposed-panels/mitel-panel-detect.yaml b/http/exposed-panels/mitel-panel-detect.yaml index 66c1f3158a2..2bf77b2006a 100644 --- a/http/exposed-panels/mitel-panel-detect.yaml +++ b/http/exposed-panels/mitel-panel-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mitel - product: cmg_suite verified: true max-request: 2 + vendor: mitel + product: cmg_suite shodan-query: http.html:"Mitel Networks" tags: panel,mitel diff --git a/http/exposed-panels/modoboa-panel.yaml b/http/exposed-panels/modoboa-panel.yaml index 78651f5988d..ef2ede0458a 100644 --- a/http/exposed-panels/modoboa-panel.yaml +++ b/http/exposed-panels/modoboa-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: modoboa - product: modoboa verified: true max-request: 2 + vendor: modoboa + product: modoboa shodan-query: http.favicon.hash:1949005079 tags: panel,modoboa,mail diff --git a/http/exposed-panels/monstra-admin-panel.yaml b/http/exposed-panels/monstra-admin-panel.yaml index 120b7d53b7e..9fd87000d5d 100644 --- a/http/exposed-panels/monstra-admin-panel.yaml +++ b/http/exposed-panels/monstra-admin-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: monstra - product: monstra_cms verified: true max-request: 1 + vendor: monstra + product: monstra_cms shodan-query: http.favicon.hash:419828698 tags: panel,monstra diff --git a/http/exposed-panels/moodle-workplace-panel.yaml b/http/exposed-panels/moodle-workplace-panel.yaml index 37458743497..09c838fa5a8 100644 --- a/http/exposed-panels/moodle-workplace-panel.yaml +++ b/http/exposed-panels/moodle-workplace-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://moodle.com/solutions/workplace/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.html:"moodle" tags: panel,moodle,login,detect diff --git a/http/exposed-panels/movable-type-login.yaml b/http/exposed-panels/movable-type-login.yaml index bb8e03961d7..c7d962c8e0a 100644 --- a/http/exposed-panels/movable-type-login.yaml +++ b/http/exposed-panels/movable-type-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sixapart product: movable_type - max-request: 2 shodan-query: title:"サインイン | Movable Type Pro" tags: panel,movable diff --git a/http/exposed-panels/ms-exchange-web-service.yaml b/http/exposed-panels/ms-exchange-web-service.yaml index 5167adde1f0..569dae271f4 100644 --- a/http/exposed-panels/ms-exchange-web-service.yaml +++ b/http/exposed-panels/ms-exchange-web-service.yaml @@ -10,10 +10,10 @@ info: - https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/start-using-web-services-in-exchange - https://pentestlab.blog/tag/ews/ metadata: + verified: true + max-request: 1 vendor: microsoft product: exchange_server - max-request: 1 - verified: true shodan-query: http.favicon.hash:1768726119 tags: ms,microsoft,exchange,tech diff --git a/http/exposed-panels/mybb-forum-detect.yaml b/http/exposed-panels/mybb-forum-detect.yaml index cffdfce9ceb..ef47e7e588a 100644 --- a/http/exposed-panels/mybb-forum-detect.yaml +++ b/http/exposed-panels/mybb-forum-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mybb - product: mybb verified: true max-request: 1 + vendor: mybb + product: mybb shodan-query: http.title:"MyBB" tags: panel,mybb,forum diff --git a/http/exposed-panels/mybb/mybb-forum-install.yaml b/http/exposed-panels/mybb/mybb-forum-install.yaml index aae4256c95c..75db797ee9e 100644 --- a/http/exposed-panels/mybb/mybb-forum-install.yaml +++ b/http/exposed-panels/mybb/mybb-forum-install.yaml @@ -10,10 +10,10 @@ info: cvss-score: 8.6 cwe-id: CWE-200 metadata: - vendor: mybb - product: mybb verified: true max-request: 1 + vendor: mybb + product: mybb shodan-query: http.title:"MyBB" tags: panel,mybb,forum diff --git a/http/exposed-panels/nagios-panel.yaml b/http/exposed-panels/nagios-panel.yaml index 5fc299119e8..1c7a8f55129 100644 --- a/http/exposed-panels/nagios-panel.yaml +++ b/http/exposed-panels/nagios-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nagios - product: nagios verified: true max-request: 2 + vendor: nagios + product: nagios shodan-query: http.title:"nagios" tags: panel,nagios diff --git a/http/exposed-panels/nagios-xi-panel.yaml b/http/exposed-panels/nagios-xi-panel.yaml index a68c95faab1..f791557f272 100644 --- a/http/exposed-panels/nagios-xi-panel.yaml +++ b/http/exposed-panels/nagios-xi-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nagios - product: nagios_xi verified: true max-request: 2 + vendor: nagios + product: nagios_xi shodan-query: http.title:"Nagios XI" tags: panel,nagios,nagios-xi diff --git a/http/exposed-panels/nagvis-panel.yaml b/http/exposed-panels/nagvis-panel.yaml index 83a9c464d59..ff6ee66b758 100644 --- a/http/exposed-panels/nagvis-panel.yaml +++ b/http/exposed-panels/nagvis-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nagvis - product: nagvis verified: true max-request: 2 + vendor: nagvis + product: nagvis shodan-query: http.html:"NagVis" tags: panel,nagvis diff --git a/http/exposed-panels/neo4j-browser.yaml b/http/exposed-panels/neo4j-browser.yaml index fcccde19d70..dee96f05c88 100644 --- a/http/exposed-panels/neo4j-browser.yaml +++ b/http/exposed-panels/neo4j-browser.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: neo4j product: neo4j - max-request: 1 shodan-query: http.title:"Neo4j Browser" tags: neo4j,exposure,unauth,panel diff --git a/http/exposed-panels/neocase-hrportal-panel.yaml b/http/exposed-panels/neocase-hrportal-panel.yaml index 9553b9d4100..b04668962fb 100644 --- a/http/exposed-panels/neocase-hrportal-panel.yaml +++ b/http/exposed-panels/neocase-hrportal-panel.yaml @@ -1,19 +1,19 @@ id: neocase-hrportal-panel -info: - name: Neocase HR Portal Login Panel - Detect - author: righettod - severity: info - description: | - Neocase HR Portal login panel was detected. - reference: - - https://www.neocasesoftware.com/neocase-hr-solution/ - - https://www.neocasesoftware.com/self-service-portal-module/ - metadata: - max-request: 1 - verified: true - tags: panel,neocase,login,detect - +info: + name: Neocase HR Portal Login Panel - Detect + author: righettod + severity: info + description: | + Neocase HR Portal login panel was detected. + reference: + - https://www.neocasesoftware.com/neocase-hr-solution/ + - https://www.neocasesoftware.com/self-service-portal-module/ + metadata: + verified: true + max-request: 1 + tags: panel,neocase,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/nessus-panel.yaml b/http/exposed-panels/nessus-panel.yaml index c7b11ae5149..908a7cdda67 100644 --- a/http/exposed-panels/nessus-panel.yaml +++ b/http/exposed-panels/nessus-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: tenable - product: nessus verified: true max-request: 2 + vendor: tenable + product: nessus shodan-query: title:"Nessus" tags: panel,nessus diff --git a/http/exposed-panels/netdata-dashboard-detected.yaml b/http/exposed-panels/netdata-dashboard-detected.yaml index ebe645c0aa7..a26a1588fce 100644 --- a/http/exposed-panels/netdata-dashboard-detected.yaml +++ b/http/exposed-panels/netdata-dashboard-detected.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: netdata product: netdata - max-request: 1 shodan-query: 'Server: NetData Embedded HTTP Server' tags: netdata,panel,tech diff --git a/http/exposed-panels/netdata-panel.yaml b/http/exposed-panels/netdata-panel.yaml index 33de1024c3f..2ac97f890f2 100644 --- a/http/exposed-panels/netdata-panel.yaml +++ b/http/exposed-panels/netdata-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: netdata product: netdata - max-request: 1 shodan-query: http.title:"netdata dashboard" tags: panel,netdata diff --git a/http/exposed-panels/netflix-conductor-ui.yaml b/http/exposed-panels/netflix-conductor-ui.yaml index 44a65541994..a991a2d7df7 100644 --- a/http/exposed-panels/netflix-conductor-ui.yaml +++ b/http/exposed-panels/netflix-conductor-ui.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: netflix product: conductor - max-request: 1 shodan-query: http.title:"Conductor UI", http.title:"Workflow UI" tags: webserver,netflix,conductor,panel diff --git a/http/exposed-panels/netscaler-aaa-login.yaml b/http/exposed-panels/netscaler-aaa-login.yaml index dba398c2168..fdc03cdf7a8 100644 --- a/http/exposed-panels/netscaler-aaa-login.yaml +++ b/http/exposed-panels/netscaler-aaa-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: netscaler - max-request: 1 tags: panel,netscaler,login,edb http: diff --git a/http/exposed-panels/netscaler-gateway.yaml b/http/exposed-panels/netscaler-gateway.yaml index 4916858c921..abf59c6fce3 100644 --- a/http/exposed-panels/netscaler-gateway.yaml +++ b/http/exposed-panels/netscaler-gateway.yaml @@ -11,9 +11,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: netscaler_gateway - max-request: 1 tags: panel,netscaler http: diff --git a/http/exposed-panels/nexus-panel.yaml b/http/exposed-panels/nexus-panel.yaml index 2fd91757b1b..e6d67475683 100644 --- a/http/exposed-panels/nexus-panel.yaml +++ b/http/exposed-panels/nexus-panel.yaml @@ -1,19 +1,19 @@ id: nexus-panel -info: - name: Nexus Login Panel - Detect - author: righettod - severity: info - description: | - Nexus login panel was detected. - reference: - - https://www.sonatype.com/products/sonatype-nexus-repository - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"Sonatype Nexus Repository" - tags: panel,nexus,login,detect - +info: + name: Nexus Login Panel - Detect + author: righettod + severity: info + description: | + Nexus login panel was detected. + reference: + - https://www.sonatype.com/products/sonatype-nexus-repository + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Sonatype Nexus Repository" + tags: panel,nexus,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/nginx-ui-dashboard.yaml b/http/exposed-panels/nginx-ui-dashboard.yaml index 9934f813f1f..9e1fc953773 100644 --- a/http/exposed-panels/nginx-ui-dashboard.yaml +++ b/http/exposed-panels/nginx-ui-dashboard.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: f5 - product: nginx verified: true max-request: 1 + vendor: f5 + product: nginx shodan-query: http.title:"nginx ui" tags: panel,nginx,exposure diff --git a/http/exposed-panels/nzbget-panel.yaml b/http/exposed-panels/nzbget-panel.yaml index 74a410defc7..554c9d66299 100644 --- a/http/exposed-panels/nzbget-panel.yaml +++ b/http/exposed-panels/nzbget-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nzbget - product: nzbget verified: true max-request: 1 + vendor: nzbget + product: nzbget shodan-query: html:"NZBGet" tags: panel,nzbget diff --git a/http/exposed-panels/ocomon-panel.yaml b/http/exposed-panels/ocomon-panel.yaml index 1af4108b16d..fc440ae5d1e 100644 --- a/http/exposed-panels/ocomon-panel.yaml +++ b/http/exposed-panels/ocomon-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ocomon_project - product: ocomon verified: true max-request: 1 + vendor: ocomon_project + product: ocomon shodan-query: http.html:"OcoMon" tags: panel,ocomon,oss diff --git a/http/exposed-panels/octoprint-login.yaml b/http/exposed-panels/octoprint-login.yaml index 03610ae22de..0e7c84d770d 100644 --- a/http/exposed-panels/octoprint-login.yaml +++ b/http/exposed-panels/octoprint-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: octoprint product: octoprint - max-request: 2 tags: octoprint,panel http: diff --git a/http/exposed-panels/odoo-database-manager.yaml b/http/exposed-panels/odoo-database-manager.yaml index 6ac1a75ad02..af6f0bbe244 100644 --- a/http/exposed-panels/odoo-database-manager.yaml +++ b/http/exposed-panels/odoo-database-manager.yaml @@ -6,10 +6,10 @@ info: severity: low description: Odoo database manager was discovered. metadata: - vendor: odoo - product: odoo verified: true max-request: 1 + vendor: odoo + product: odoo shodan-query: title:"Odoo" tags: panel,odoo,backup diff --git a/http/exposed-panels/odoo-panel.yaml b/http/exposed-panels/odoo-panel.yaml index 6ec8974b6a1..6d73536d882 100644 --- a/http/exposed-panels/odoo-panel.yaml +++ b/http/exposed-panels/odoo-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDK,righettod severity: info metadata: - vendor: odoo - product: odoo verified: true max-request: 2 + vendor: odoo + product: odoo shodan-query: "title:\"Odoo\"" tags: login,panel,odoo diff --git a/http/exposed-panels/office-webapps-panel.yaml b/http/exposed-panels/office-webapps-panel.yaml index d739a604fc8..7691d2eb40e 100644 --- a/http/exposed-panels/office-webapps-panel.yaml +++ b/http/exposed-panels/office-webapps-panel.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-668 metadata: - vendor: microsoft - product: office_web_apps_server verified: true max-request: 2 + vendor: microsoft + product: office_web_apps_server shodan-query: html:"Provide a link that opens Word" tags: panel,office-webapps,login,microsoft diff --git a/http/exposed-panels/oipm-detect.yaml b/http/exposed-panels/oipm-detect.yaml index f2797d2e47b..7820d6529d3 100644 --- a/http/exposed-panels/oipm-detect.yaml +++ b/http/exposed-panels/oipm-detect.yaml @@ -11,9 +11,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: oneidentity product: password_manager - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/onlyoffice-login-panel.yaml b/http/exposed-panels/onlyoffice-login-panel.yaml index 170a58a8da2..e8174e144be 100644 --- a/http/exposed-panels/onlyoffice-login-panel.yaml +++ b/http/exposed-panels/onlyoffice-login-panel.yaml @@ -7,10 +7,10 @@ info: description: | ONLYOFFICE Community Server is a free open-source collaborative system developed to manage documents, projects, customer relationship and email correspondence. metadata: - vendor: onlyoffice - product: onlyoffice verified: true max-request: 2 + vendor: onlyoffice + product: onlyoffice fofa-query: app="ONLYOFFICE" && (icon_hash="1928933157" || icon_hash="826083956" || icon_hash="-1380930248" || icon_hash="-285544629" || icon_hash="812741391") tags: panel,onlyoffice,detect diff --git a/http/exposed-panels/open-stack-dashboard-login.yaml b/http/exposed-panels/open-stack-dashboard-login.yaml index dae5f1d0a7c..f4553f56c45 100644 --- a/http/exposed-panels/open-stack-dashboard-login.yaml +++ b/http/exposed-panels/open-stack-dashboard-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: openstack product: horizon - max-request: 2 tags: panel,openstack,edb http: diff --git a/http/exposed-panels/openam-panel.yaml b/http/exposed-panels/openam-panel.yaml index a4db76d899a..9b2bff10924 100644 --- a/http/exposed-panels/openam-panel.yaml +++ b/http/exposed-panels/openam-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 20 vendor: forgerock product: openam - max-request: 20 shodan-query: http.title:"OpenAM" tags: panel,openam,opensso,login diff --git a/http/exposed-panels/opencart-panel.yaml b/http/exposed-panels/opencart-panel.yaml index 8937b81f49f..197a269c9ed 100644 --- a/http/exposed-panels/opencart-panel.yaml +++ b/http/exposed-panels/opencart-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: opencart - product: opencart verified: true max-request: 2 + vendor: opencart + product: opencart shodan-query: html:"OpenCart" tags: panel,opencart diff --git a/http/exposed-panels/opencats-panel.yaml b/http/exposed-panels/opencats-panel.yaml index 726993962b4..41b76868b97 100644 --- a/http/exposed-panels/opencats-panel.yaml +++ b/http/exposed-panels/opencats-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: opencats - product: opencats verified: true max-request: 2 + vendor: opencats + product: opencats shodan-query: title:"opencats" tags: panel,opencats diff --git a/http/exposed-panels/openemr-detect.yaml b/http/exposed-panels/openemr-detect.yaml index b937181a8db..e620846dab6 100644 --- a/http/exposed-panels/openemr-detect.yaml +++ b/http/exposed-panels/openemr-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: open-emr product: openemr - max-request: 1 shodan-query: http.html:"OpenEMR" fofa-query: app="OpenEMR" tags: panel,openemr diff --git a/http/exposed-panels/openerp-database.yaml b/http/exposed-panels/openerp-database.yaml index edfbc584fe9..a6c10ed2d54 100644 --- a/http/exposed-panels/openerp-database.yaml +++ b/http/exposed-panels/openerp-database.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: odoo product: odoo - max-request: 1 tags: openerp,panel http: diff --git a/http/exposed-panels/openfire-admin-panel.yaml b/http/exposed-panels/openfire-admin-panel.yaml index 26b3083d451..3ad9debf088 100644 --- a/http/exposed-panels/openfire-admin-panel.yaml +++ b/http/exposed-panels/openfire-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: igniterealtime - product: openfire verified: true max-request: 2 + vendor: igniterealtime + product: openfire shodan-query: http.title:"Openfire Admin Console" tags: panel,openfire,admin,console diff --git a/http/exposed-panels/opennms-web-console.yaml b/http/exposed-panels/opennms-web-console.yaml index e4d40eb5dcd..c5a3211ebbb 100644 --- a/http/exposed-panels/opennms-web-console.yaml +++ b/http/exposed-panels/opennms-web-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: opennms product: opennms - max-request: 1 tags: panel,login,edb http: diff --git a/http/exposed-panels/opensis-panel.yaml b/http/exposed-panels/opensis-panel.yaml index 3af481e2293..bbb0774f4fd 100644 --- a/http/exposed-panels/opensis-panel.yaml +++ b/http/exposed-panels/opensis-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: os4ed product: opensis - max-request: 2 shodan-query: http.title:"openSIS" tags: panel,opensis,login diff --git a/http/exposed-panels/openvas-panel.yaml b/http/exposed-panels/openvas-panel.yaml index 859816e410b..cea986e5eb1 100644 --- a/http/exposed-panels/openvas-panel.yaml +++ b/http/exposed-panels/openvas-panel.yaml @@ -1,19 +1,19 @@ id: openvas-panel -info: - name: OpenVas Login Panel - Detect - author: rxerium - severity: info - description: | - An OpenVas Admin login panel was detected. - reference: - - https://openvas.org/ - metadata: - verified: true - max-request: 1 - shodan-query: http.favicon.hash:1606029165 - tags: panel,openvas,admin,login - +info: + name: OpenVas Login Panel - Detect + author: rxerium + severity: info + description: | + An OpenVas Admin login panel was detected. + reference: + - https://openvas.org/ + metadata: + verified: true + max-request: 1 + shodan-query: http.favicon.hash:1606029165 + tags: panel,openvas,admin,login + http: - method: GET path: diff --git a/http/exposed-panels/openvpn-admin.yaml b/http/exposed-panels/openvpn-admin.yaml index 65de53af160..f518a76697a 100644 --- a/http/exposed-panels/openvpn-admin.yaml +++ b/http/exposed-panels/openvpn-admin.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: openvpn - product: openvpn verified: true max-request: 3 + vendor: openvpn + product: openvpn shodan-query: http.title:"OpenVPN-Admin" tags: panel,openvpn,admin,config diff --git a/http/exposed-panels/openvpn-connect.yaml b/http/exposed-panels/openvpn-connect.yaml index a883215722e..b6e97153071 100644 --- a/http/exposed-panels/openvpn-connect.yaml +++ b/http/exposed-panels/openvpn-connect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: openvpn - product: connect verified: true max-request: 1 + vendor: openvpn + product: connect shodan-query: http.title:"openvpn connect" tags: panel,openvpn,connect,vpn diff --git a/http/exposed-panels/openvpn-router-management.yaml b/http/exposed-panels/openvpn-router-management.yaml index 68924acee35..0609596f94c 100644 --- a/http/exposed-panels/openvpn-router-management.yaml +++ b/http/exposed-panels/openvpn-router-management.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: openvpn - product: openvpn verified: true max-request: 1 + vendor: openvpn + product: openvpn shodan-query: http.html:"Router Management - Server OpenVPN" tags: panel,openvpn,router diff --git a/http/exposed-panels/openwrt-login.yaml b/http/exposed-panels/openwrt-login.yaml index d2b8eb01048..407db7f929b 100644 --- a/http/exposed-panels/openwrt-login.yaml +++ b/http/exposed-panels/openwrt-login.yaml @@ -8,9 +8,9 @@ info: - https://openwrt.org - https://github.com/openwrt/luci metadata: + max-request: 2 vendor: openwrt product: openwrt - max-request: 2 shodan-query: http.title:"OpenWrt - LuCI" tags: openwrt,router,panel diff --git a/http/exposed-panels/openwrt/openwrt-luci-panel.yaml b/http/exposed-panels/openwrt/openwrt-luci-panel.yaml index 46672d82d0a..a3b256e4c7f 100644 --- a/http/exposed-panels/openwrt/openwrt-luci-panel.yaml +++ b/http/exposed-panels/openwrt/openwrt-luci-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://forum.archive.openwrt.org/viewtopic.php?id=16611 metadata: + max-request: 1 vendor: x-wrt product: luci - max-request: 1 shodan-query: http.title:"OpenWrt - LuCI" tags: panel,default-login,openwrt diff --git a/http/exposed-panels/openx-panel.yaml b/http/exposed-panels/openx-panel.yaml index 1c325c2c86c..306dd2665ec 100644 --- a/http/exposed-panels/openx-panel.yaml +++ b/http/exposed-panels/openx-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + verified: true + max-request: 2 vendor: revive-adserver product: revive_adserver - max-request: 2 - verified: true shodan-query: title:"Revive Adserver" tags: panel,openx,revive,adserver,login diff --git a/http/exposed-panels/opinio-panel.yaml b/http/exposed-panels/opinio-panel.yaml index 09b147b9f29..630dd6b54e2 100644 --- a/http/exposed-panels/opinio-panel.yaml +++ b/http/exposed-panels/opinio-panel.yaml @@ -8,8 +8,8 @@ info: reference: - https://www.objectplanet.com/opinio/ metadata: - max-request: 2 verified: true + max-request: 2 shodan-query: http.title:"Opinio" tags: panel,opinio,login,detect diff --git a/http/exposed-panels/oracle-business-control.yaml b/http/exposed-panels/oracle-business-control.yaml index be2dd9d9df5..9c6ab2f8191 100644 --- a/http/exposed-panels/oracle-business-control.yaml +++ b/http/exposed-panels/oracle-business-control.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: commerce - max-request: 1 shodan-query: http.title:"Oracle Commerce" tags: oracle,login,panel diff --git a/http/exposed-panels/oracle-business-intelligence.yaml b/http/exposed-panels/oracle-business-intelligence.yaml index d7ae1d6cd0d..b13faa76235 100644 --- a/http/exposed-panels/oracle-business-intelligence.yaml +++ b/http/exposed-panels/oracle-business-intelligence.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: oracle - product: business_intelligence verified: true max-request: 1 + vendor: oracle + product: business_intelligence shodan-query: http.title:"Oracle Business Intelligence Sign In" tags: panel,oracle diff --git a/http/exposed-panels/oracle-enterprise-manager-login.yaml b/http/exposed-panels/oracle-enterprise-manager-login.yaml index 0429654995c..09d4fd74145 100644 --- a/http/exposed-panels/oracle-enterprise-manager-login.yaml +++ b/http/exposed-panels/oracle-enterprise-manager-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: enterprise_manager_base_platform - max-request: 1 tags: panel,oracle,manager,login http: diff --git a/http/exposed-panels/oracle-people-enterprise.yaml b/http/exposed-panels/oracle-people-enterprise.yaml index b6f8d9eb143..c66f554e6ee 100644 --- a/http/exposed-panels/oracle-people-enterprise.yaml +++ b/http/exposed-panels/oracle-people-enterprise.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: peoplesoft_enterprise - max-request: 1 shodan-query: http.title:"Oracle Peoplesoft Enterprise" tags: oracle,login,panel diff --git a/http/exposed-panels/orchid-vms-panel.yaml b/http/exposed-panels/orchid-vms-panel.yaml index adb2ece8f07..6e004f63564 100644 --- a/http/exposed-panels/orchid-vms-panel.yaml +++ b/http/exposed-panels/orchid-vms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ipconfigure product: orchid_core_vms - max-request: 1 shodan-query: http.title:"Orchid Core VMS" tags: panel,orchid diff --git a/http/exposed-panels/osticket-panel.yaml b/http/exposed-panels/osticket-panel.yaml index adae92d55bc..159c5f2925c 100644 --- a/http/exposed-panels/osticket-panel.yaml +++ b/http/exposed-panels/osticket-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: osticket - product: osticket verified: true max-request: 2 + vendor: osticket + product: osticket shodan-query: http.html:"powered by osTicket" tags: panel,osticket diff --git a/http/exposed-panels/osticket/osticket-install.yaml b/http/exposed-panels/osticket/osticket-install.yaml index cb77d01e57e..7b2afd01f30 100644 --- a/http/exposed-panels/osticket/osticket-install.yaml +++ b/http/exposed-panels/osticket/osticket-install.yaml @@ -10,10 +10,10 @@ info: cvss-score: 9.4 cwe-id: CWE-284 metadata: - vendor: osticket - product: osticket verified: true max-request: 2 + vendor: osticket + product: osticket shodan-query: http.title:"osTicket Installer" tags: panel,osticket,install diff --git a/http/exposed-panels/pahtool-panel.yaml b/http/exposed-panels/pahtool-panel.yaml index a358c7a48ca..27d2b92510f 100644 --- a/http/exposed-panels/pahtool-panel.yaml +++ b/http/exposed-panels/pahtool-panel.yaml @@ -9,8 +9,8 @@ info: reference: - http://www.inovultus.com/index.html metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"PAHTool" tags: panel,pahtool,login,detect diff --git a/http/exposed-panels/pairdrop-panel.yaml b/http/exposed-panels/pairdrop-panel.yaml index 42812f5aae3..bfe8e9d6c31 100644 --- a/http/exposed-panels/pairdrop-panel.yaml +++ b/http/exposed-panels/pairdrop-panel.yaml @@ -1,19 +1,19 @@ id: pair-drop-panel -info: - name: Pair Drop Panel - Detect - author: rxerium - severity: info - description: | - Local file sharing in your browser. Inspired by Apple's AirDrop. Fork of Snapdrop. - reference: - - https://github.com/schlagmichdoch/pairdrop - metadata: - verified: true - max-request: 1 - shodan-query: title:"PairDrop" - tags: panel,pairdrop,login - +info: + name: Pair Drop Panel - Detect + author: rxerium + severity: info + description: | + Local file sharing in your browser. Inspired by Apple's AirDrop. Fork of Snapdrop. + reference: + - https://github.com/schlagmichdoch/pairdrop + metadata: + verified: true + max-request: 1 + shodan-query: title:"PairDrop" + tags: panel,pairdrop,login + http: - method: GET path: diff --git a/http/exposed-panels/pandora-fms-console.yaml b/http/exposed-panels/pandora-fms-console.yaml index 992fd509505..e6edcc00e60 100644 --- a/http/exposed-panels/pandora-fms-console.yaml +++ b/http/exposed-panels/pandora-fms-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: pandorafms product: pandora_fms - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/papercut-ng-panel.yaml b/http/exposed-panels/papercut-ng-panel.yaml index a2805d35bac..7f8aea9da1a 100644 --- a/http/exposed-panels/papercut-ng-panel.yaml +++ b/http/exposed-panels/papercut-ng-panel.yaml @@ -7,10 +7,10 @@ info: description: | PaperCut is a print management system. Log in to manage your print quotas, see your print history and configure your system. metadata: - vendor: papercut - product: papercut_ng verified: true max-request: 1 + vendor: papercut + product: papercut_ng google-query: html:'content="PaperCut' tags: panel,papercut,detect diff --git a/http/exposed-panels/parallels/parallels-hsphere-detect.yaml b/http/exposed-panels/parallels/parallels-hsphere-detect.yaml index 3639ac6bce3..38c057905f6 100644 --- a/http/exposed-panels/parallels/parallels-hsphere-detect.yaml +++ b/http/exposed-panels/parallels/parallels-hsphere-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: parallels - product: h-sphere verified: true max-request: 1 + vendor: parallels + product: h-sphere shodan-query: title:"Parallels H-Sphere" tags: panel,parallels,hsphere diff --git a/http/exposed-panels/parse-dashboard.yaml b/http/exposed-panels/parse-dashboard.yaml index a887f717fe7..019caabdca2 100644 --- a/http/exposed-panels/parse-dashboard.yaml +++ b/http/exposed-panels/parse-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: parseplatform - product: parse-server verified: true max-request: 1 + vendor: parseplatform + product: parse-server shodan-query: title:"Parse Dashboard" tags: panel,parse,exposure diff --git a/http/exposed-panels/passbolt-panel.yaml b/http/exposed-panels/passbolt-panel.yaml index 71473077e07..a16e6e8673a 100644 --- a/http/exposed-panels/passbolt-panel.yaml +++ b/http/exposed-panels/passbolt-panel.yaml @@ -10,9 +10,10 @@ info: - https://www.passbolt.com/ metadata: verified: true - shodan-query: "http.title:\"Passbolt | Open source password manager for teams\"" max-request: 1 + shodan-query: "http.title:\"Passbolt | Open source password manager for teams\"" tags: panel,passbolt,login + http: - method: GET path: diff --git a/http/exposed-panels/pega-web-panel.yaml b/http/exposed-panels/pega-web-panel.yaml index 8b447812a26..01d9bcad4fc 100644 --- a/http/exposed-panels/pega-web-panel.yaml +++ b/http/exposed-panels/pega-web-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: pega - product: platform verified: true max-request: 2 + vendor: pega + product: platform shodan-query: title:"Pega Platform" google-query: inurl:"/prweb/PRAuth/app/default" tags: panel,pega diff --git a/http/exposed-panels/pfsense-login.yaml b/http/exposed-panels/pfsense-login.yaml index 57abaf5bb1f..d2852c31e20 100644 --- a/http/exposed-panels/pfsense-login.yaml +++ b/http/exposed-panels/pfsense-login.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: pfsense product: pfsense - max-request: 1 shodan-query: http.title:"pfSense - Login" google-query: intitle:"pfSense - Login" tags: panel,pfsense diff --git a/http/exposed-panels/phabricator-login.yaml b/http/exposed-panels/phabricator-login.yaml index ed04fe68af0..02cf8e8bbf1 100644 --- a/http/exposed-panels/phabricator-login.yaml +++ b/http/exposed-panels/phabricator-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: phacility product: phabricator - max-request: 1 shodan-query: html:"phabricator-standard-page" tags: panel,phabricator diff --git a/http/exposed-panels/phoronix-pane.yaml b/http/exposed-panels/phoronix-pane.yaml index 71f07fe5113..84b28f83e56 100644 --- a/http/exposed-panels/phoronix-pane.yaml +++ b/http/exposed-panels/phoronix-pane.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: phoronix-media product: phoronix_test_suite - max-request: 1 shodan-query: http.title:"phoronix-test-suite" tags: panel,phoronix diff --git a/http/exposed-panels/phpcollab-panel.yaml b/http/exposed-panels/phpcollab-panel.yaml index d29ca0210e3..ab53be39242 100644 --- a/http/exposed-panels/phpcollab-panel.yaml +++ b/http/exposed-panels/phpcollab-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: phpcollab product: phpcollab - max-request: 1 shodan-query: http.title:"PhpCollab" tags: panel,phpcollab,login diff --git a/http/exposed-panels/phpmyadmin-panel.yaml b/http/exposed-panels/phpmyadmin-panel.yaml index 381c7e82086..693ed9d90f5 100644 --- a/http/exposed-panels/phpmyadmin-panel.yaml +++ b/http/exposed-panels/phpmyadmin-panel.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - shodan-query: "http.title:phpMyAdmin" + max-request: 13 vendor: phpmyadmin product: phpmyadmin - max-request: 13 + shodan-query: "http.title:phpMyAdmin" tags: panel,phpmyadmin http: diff --git a/http/exposed-panels/phppgadmin-panel.yaml b/http/exposed-panels/phppgadmin-panel.yaml index 5ee0b70452a..ab6f4fe22f9 100644 --- a/http/exposed-panels/phppgadmin-panel.yaml +++ b/http/exposed-panels/phppgadmin-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: phppgadmin_project - product: phppgadmin verified: true max-request: 2 + vendor: phppgadmin_project + product: phppgadmin shodan-query: http.title:phpPgAdmin tags: panel,phppgadmin diff --git a/http/exposed-panels/piwigo-panel.yaml b/http/exposed-panels/piwigo-panel.yaml index 87d603133ba..352ec0e9b91 100644 --- a/http/exposed-panels/piwigo-panel.yaml +++ b/http/exposed-panels/piwigo-panel.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: piwigo - product: piwigo verified: true max-request: 2 + vendor: piwigo + product: piwigo shodan-query: http.favicon.hash:540706145 fofa-query: title="piwigo" google-query: Powered by Piwigo diff --git a/http/exposed-panels/planet-estream-panel.yaml b/http/exposed-panels/planet-estream-panel.yaml index 58149864ef2..604f48e3610 100644 --- a/http/exposed-panels/planet-estream-panel.yaml +++ b/http/exposed-panels/planet-estream-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: planetestream - product: planet_estream verified: true max-request: 1 + vendor: planetestream + product: planet_estream shodan-query: title:"Login - Planet eStream" tags: panel,planet,estream diff --git a/http/exposed-panels/plesk-obsidian-login.yaml b/http/exposed-panels/plesk-obsidian-login.yaml index ec416436f33..6088eb4affd 100644 --- a/http/exposed-panels/plesk-obsidian-login.yaml +++ b/http/exposed-panels/plesk-obsidian-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: plesk - product: obsidian verified: true max-request: 1 + vendor: plesk + product: obsidian shodan-query: http.html:"Plesk Obsidian" tags: panel,plesk,login,edb diff --git a/http/exposed-panels/plesk-onyx-login.yaml b/http/exposed-panels/plesk-onyx-login.yaml index 0c14258c99a..da558faaebf 100644 --- a/http/exposed-panels/plesk-onyx-login.yaml +++ b/http/exposed-panels/plesk-onyx-login.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: plesk - product: onyx verified: true max-request: 1 + vendor: plesk + product: onyx shodan-query: http.html:"Plesk Onyx" http.html:"plesk-build" google-query: inurl:login_up.php "Plesk Onyx" tags: panel,plesk,login,edb diff --git a/http/exposed-panels/polycom-admin-detect.yaml b/http/exposed-panels/polycom-admin-detect.yaml index 0d72286e89a..ea2aa0c0d84 100644 --- a/http/exposed-panels/polycom-admin-detect.yaml +++ b/http/exposed-panels/polycom-admin-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: polycom product: vvx - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/portainer-panel.yaml b/http/exposed-panels/portainer-panel.yaml index 0fff1ab268f..37660595bec 100644 --- a/http/exposed-panels/portainer-panel.yaml +++ b/http/exposed-panels/portainer-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://github.com/portainer/portainer metadata: - vendor: portainer - product: portainer verified: true max-request: 2 + vendor: portainer + product: portainer shodan-query: title:"Portainer" tags: panel,portainer,detect diff --git a/http/exposed-panels/posthog-admin-panel.yaml b/http/exposed-panels/posthog-admin-panel.yaml index 9263d70d443..b384e0b3236 100644 --- a/http/exposed-panels/posthog-admin-panel.yaml +++ b/http/exposed-panels/posthog-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: posthog - product: posthog verified: true max-request: 1 + vendor: posthog + product: posthog shodan-query: http.title:"posthog" tags: panel,posthog diff --git a/http/exposed-panels/powerlogic-ion.yaml b/http/exposed-panels/powerlogic-ion.yaml index 8a067c389c6..b833bb89d2d 100644 --- a/http/exposed-panels/powerlogic-ion.yaml +++ b/http/exposed-panels/powerlogic-ion.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: schneider-electric product: ion7600 - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/pritunl-panel.yaml b/http/exposed-panels/pritunl-panel.yaml index a742c58c91b..5d86a9e08ff 100644 --- a/http/exposed-panels/pritunl-panel.yaml +++ b/http/exposed-panels/pritunl-panel.yaml @@ -10,10 +10,10 @@ info: - https://github.com/louislam/uptime-kuma - https://uptime.kuma.pet/docs/ metadata: - vendor: pritunl - product: pritunl verified: true max-request: 1 + vendor: pritunl + product: pritunl shodan-query: title:"Pritunl" tags: pritunl,panel,login diff --git a/http/exposed-panels/processwire-login.yaml b/http/exposed-panels/processwire-login.yaml index 89c48839eec..930b2f49744 100644 --- a/http/exposed-panels/processwire-login.yaml +++ b/http/exposed-panels/processwire-login.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: processwire - product: processwire verified: true max-request: 1 + vendor: processwire + product: processwire shodan-query: http.html:"processwire" tags: panel,processwire diff --git a/http/exposed-panels/project-insight-login.yaml b/http/exposed-panels/project-insight-login.yaml index bbc43e8616e..3e542a274c8 100644 --- a/http/exposed-panels/project-insight-login.yaml +++ b/http/exposed-panels/project-insight-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: helpproject product: help - max-request: 1 shodan-query: http.title:"Project Insight - Login" tags: panel,edb diff --git a/http/exposed-panels/projectsend-login.yaml b/http/exposed-panels/projectsend-login.yaml index f42b882a8b4..1a6a14bb533 100644 --- a/http/exposed-panels/projectsend-login.yaml +++ b/http/exposed-panels/projectsend-login.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: projectsend product: projectsend - max-request: 1 google-query: intext:Provided by ProjectSend tags: panel,projectsend,edb diff --git a/http/exposed-panels/prometheus-exposed-panel.yaml b/http/exposed-panels/prometheus-exposed-panel.yaml index 62dbed1fa2d..cdc6603e7b9 100644 --- a/http/exposed-panels/prometheus-exposed-panel.yaml +++ b/http/exposed-panels/prometheus-exposed-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + max-request: 2 vendor: prometheus product: prometheus - max-request: 2 tags: panel,prometheus http: diff --git a/http/exposed-panels/proofpoint-protection-server-panel.yaml b/http/exposed-panels/proofpoint-protection-server-panel.yaml index fa416b961a9..ae8ea5200dc 100644 --- a/http/exposed-panels/proofpoint-protection-server-panel.yaml +++ b/http/exposed-panels/proofpoint-protection-server-panel.yaml @@ -9,11 +9,11 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - product: "proofpoint protection server" - shodan-query: "http.favicon.hash:942678640" verified: true max-request: 2 vendor: proofpoint + product: "proofpoint protection server" + shodan-query: "http.favicon.hash:942678640" tags: panel,proofpoint,login,detect http: diff --git a/http/exposed-panels/proxmox-panel.yaml b/http/exposed-panels/proxmox-panel.yaml index e400919df10..0bc86ba8d59 100644 --- a/http/exposed-panels/proxmox-panel.yaml +++ b/http/exposed-panels/proxmox-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: proxmox - product: proxmox verified: true max-request: 1 + vendor: proxmox + product: proxmox shodan-query: http.favicon.hash:213144638 tags: panel,proxmox,login diff --git a/http/exposed-panels/pulsar-admin-console.yaml b/http/exposed-panels/pulsar-admin-console.yaml index a8490ef12bf..0874e86cf0d 100644 --- a/http/exposed-panels/pulsar-admin-console.yaml +++ b/http/exposed-panels/pulsar-admin-console.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: pulsar verified: true max-request: 1 + vendor: apache + product: pulsar shodan-query: title:"Pulsar Admin Console" tags: panel,pulsar,console,admin diff --git a/http/exposed-panels/pulsar-adminui-panel.yaml b/http/exposed-panels/pulsar-adminui-panel.yaml index f6f314b3dba..faa76b07d21 100644 --- a/http/exposed-panels/pulsar-adminui-panel.yaml +++ b/http/exposed-panels/pulsar-adminui-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: pulsar verified: true max-request: 1 + vendor: apache + product: pulsar shodan-query: title:"Pulsar Admin UI" tags: panel,pulsar,pulsarui,admin diff --git a/http/exposed-panels/pure-storage-login.yaml b/http/exposed-panels/pure-storage-login.yaml index 4e7f0362ddc..b2c378cff0f 100644 --- a/http/exposed-panels/pure-storage-login.yaml +++ b/http/exposed-panels/pure-storage-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: purestorage product: purity - max-request: 1 shodan-query: http.title:"Pure Storage Login" tags: panel,purestorage diff --git a/http/exposed-panels/pyload-panel.yaml b/http/exposed-panels/pyload-panel.yaml index dcd37ca66ca..a8bd96431a6 100644 --- a/http/exposed-panels/pyload-panel.yaml +++ b/http/exposed-panels/pyload-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/pyload/pyload metadata: - vendor: pyload - product: pyload verified: true max-request: 2 + vendor: pyload + product: pyload shodan-query: title:"Login - pyLoad" tags: panel,pyload,login diff --git a/http/exposed-panels/qBittorrent-panel.yaml b/http/exposed-panels/qBittorrent-panel.yaml index d8d88dd1f23..b96131e6180 100644 --- a/http/exposed-panels/qBittorrent-panel.yaml +++ b/http/exposed-panels/qBittorrent-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://www.qbittorrent.org/ metadata: - vendor: qbittorrent - product: qbittorrent verified: true max-request: 1 + vendor: qbittorrent + product: qbittorrent shodan-query: title:"qbittorrent" tags: panel,qbittorrent,detect diff --git a/http/exposed-panels/qdpm-login-panel.yaml b/http/exposed-panels/qdpm-login-panel.yaml index de4493d0310..d2d8bdac354 100644 --- a/http/exposed-panels/qdpm-login-panel.yaml +++ b/http/exposed-panels/qdpm-login-panel.yaml @@ -5,10 +5,10 @@ info: author: theamanrawat severity: info metadata: - vendor: qdpm - product: qdpm verified: "true" max-request: 2 + vendor: qdpm + product: qdpm shodan-query: http.favicon.hash:762074255 tags: panel,qdpm,login diff --git a/http/exposed-panels/qlik-sense-server.yaml b/http/exposed-panels/qlik-sense-server.yaml index b4f497d6eb1..c7bc1b3db84 100644 --- a/http/exposed-panels/qlik-sense-server.yaml +++ b/http/exposed-panels/qlik-sense-server.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qlik - product: qlik_sense verified: true max-request: 2 + vendor: qlik + product: qlik_sense shodan-query: http.title:"Qlik-Sense" fofa-query: app="Qlik-Sense" tags: panel,qlik diff --git a/http/exposed-panels/qmail-admin-login.yaml b/http/exposed-panels/qmail-admin-login.yaml index f6a6b0fc1b9..41e1b5745dc 100644 --- a/http/exposed-panels/qmail-admin-login.yaml +++ b/http/exposed-panels/qmail-admin-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qmail_project - product: qmail verified: true max-request: 5 + vendor: qmail_project + product: qmail shodan-query: title:"QmailAdmin" tags: qmail,panel diff --git a/http/exposed-panels/qnap/qnap-photostation-panel.yaml b/http/exposed-panels/qnap/qnap-photostation-panel.yaml index a0b3023c68b..74d26e504f2 100644 --- a/http/exposed-panels/qnap/qnap-photostation-panel.yaml +++ b/http/exposed-panels/qnap/qnap-photostation-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qnap - product: photo_station verified: true max-request: 1 + vendor: qnap + product: photo_station shodan-query: http.title:"Photo Station" tags: panel,photostation,qnap diff --git a/http/exposed-panels/qnap/qnap-qts-panel.yaml b/http/exposed-panels/qnap/qnap-qts-panel.yaml index 34d3648fd4a..c041e59fb27 100644 --- a/http/exposed-panels/qnap/qnap-qts-panel.yaml +++ b/http/exposed-panels/qnap/qnap-qts-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qnap - product: qts verified: true max-request: 2 + vendor: qnap + product: qts shodan-query: product:"QNAP" google-query: intitle:"QNAP Turbo NAS" inurl:/cgi-bin tags: panel,qnap,qts diff --git a/http/exposed-panels/quantum-scalar-detect.yaml b/http/exposed-panels/quantum-scalar-detect.yaml index 25d04ab770d..90fd77674ef 100644 --- a/http/exposed-panels/quantum-scalar-detect.yaml +++ b/http/exposed-panels/quantum-scalar-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: quantum product: scalar_i500 - max-request: 1 tags: panel,quantum,scalar http: diff --git a/http/exposed-panels/rabbitmq-dashboard.yaml b/http/exposed-panels/rabbitmq-dashboard.yaml index f30eeba65a4..72f69f90767 100644 --- a/http/exposed-panels/rabbitmq-dashboard.yaml +++ b/http/exposed-panels/rabbitmq-dashboard.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: vmware product: rabbitmq - max-request: 1 tags: panel,rabbitmq http: diff --git a/http/exposed-panels/rancher-dashboard.yaml b/http/exposed-panels/rancher-dashboard.yaml index d4ff976910a..2cb35cdfb41 100644 --- a/http/exposed-panels/rancher-dashboard.yaml +++ b/http/exposed-panels/rancher-dashboard.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: rancher - product: rancher verified: "true" max-request: 2 + vendor: rancher + product: rancher shodan-query: http.favicon.hash:-1324930554 tags: panel,rancher,dashboard,login diff --git a/http/exposed-panels/rancher-panel.yaml b/http/exposed-panels/rancher-panel.yaml index 38376fbb680..09bc66db23f 100644 --- a/http/exposed-panels/rancher-panel.yaml +++ b/http/exposed-panels/rancher-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: suse - product: rancher verified: true max-request: 1 + vendor: suse + product: rancher shodan-query: http.favicon.hash:464587962 tags: panel,rancher,kubernetes,devops,cloud,login diff --git a/http/exposed-panels/rdweb-panel.yaml b/http/exposed-panels/rdweb-panel.yaml index c500cc7ab5b..39c94264256 100644 --- a/http/exposed-panels/rdweb-panel.yaml +++ b/http/exposed-panels/rdweb-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://rdweb.wvd.microsoft.com/webclient metadata: - vendor: microsoft - product: remote_desktop verified: true max-request: 1 + vendor: microsoft + product: remote_desktop shodan-query: html:"RD Web Access" tags: panel,login,rdp,web-access diff --git a/http/exposed-panels/redash-panel.yaml b/http/exposed-panels/redash-panel.yaml index afd2901bc26..c9648817e49 100644 --- a/http/exposed-panels/redash-panel.yaml +++ b/http/exposed-panels/redash-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redash product: redash - max-request: 1 shodan-query: http.favicon.hash:698624197 tags: panel,redash diff --git a/http/exposed-panels/redmine-panel.yaml b/http/exposed-panels/redmine-panel.yaml index 77ba2be1cfb..8e72063aa16 100644 --- a/http/exposed-panels/redmine-panel.yaml +++ b/http/exposed-panels/redmine-panel.yaml @@ -1,18 +1,18 @@ id: redmine-panel -info: - name: Redmine Login Panel - Detect - author: righettod - severity: info - description: Redmine login panel was detected. - reference: - - https://www.redmine.org/ - metadata: - max-request: 1 - verified: true - shodan-query: http.html:'content="Redmine' - tags: panel,redmine,login,detect - +info: + name: Redmine Login Panel - Detect + author: righettod + severity: info + description: Redmine login panel was detected. + reference: + - https://www.redmine.org/ + metadata: + verified: true + max-request: 1 + shodan-query: http.html:'content="Redmine' + tags: panel,redmine,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/repetier-server-panel.yaml b/http/exposed-panels/repetier-server-panel.yaml index 8edd3bc5178..fc6333e4a2f 100644 --- a/http/exposed-panels/repetier-server-panel.yaml +++ b/http/exposed-panels/repetier-server-panel.yaml @@ -9,9 +9,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: title:"Repetier-Server" vendor: repetier-server product: repetier-server + shodan-query: title:"Repetier-Server" tags: panel,repetier,detect http: diff --git a/http/exposed-panels/reportico-admin-panel.yaml b/http/exposed-panels/reportico-admin-panel.yaml index db4d45dd1f8..b06efaff010 100644 --- a/http/exposed-panels/reportico-admin-panel.yaml +++ b/http/exposed-panels/reportico-admin-panel.yaml @@ -10,10 +10,10 @@ info: - https://www.reportico.org/site2/index.php - https://github.com/reportico-web/reportico metadata: - vendor: reportico - product: reportico verified: true max-request: 2 + vendor: reportico + product: reportico shodan-query: title:"Reportico Administration Page" tags: panel,reportico,login,detect diff --git a/http/exposed-panels/rocketchat-panel.yaml b/http/exposed-panels/rocketchat-panel.yaml index eacd042f613..317c2dcaf2e 100644 --- a/http/exposed-panels/rocketchat-panel.yaml +++ b/http/exposed-panels/rocketchat-panel.yaml @@ -9,8 +9,8 @@ info: - https://www.rocket.chat/ metadata: verified: true - shodan-query: "http.title:\"Rocket.Chat\"" max-request: 1 + shodan-query: "http.title:\"Rocket.Chat\"" tags: panel,rocketchat,login,detect http: diff --git a/http/exposed-panels/rocketmq-console-exposure.yaml b/http/exposed-panels/rocketmq-console-exposure.yaml index 4d273fda644..1acdeef1a9b 100644 --- a/http/exposed-panels/rocketmq-console-exposure.yaml +++ b/http/exposed-panels/rocketmq-console-exposure.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: rocketmq verified: true max-request: 1 + vendor: apache + product: rocketmq shodan-query: http.title:"RocketMq-console-ng" tags: panel,apache diff --git a/http/exposed-panels/roxy-fileman.yaml b/http/exposed-panels/roxy-fileman.yaml index 8eb068398ec..be17dc8f224 100644 --- a/http/exposed-panels/roxy-fileman.yaml +++ b/http/exposed-panels/roxy-fileman.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: roxyfileman - product: roxy_fileman verified: true max-request: 4 + vendor: roxyfileman + product: roxy_fileman google-query: intitle:"Roxy file manager" tags: tech,roxy,fileman,panel diff --git a/http/exposed-panels/ruckus-unleashed-panel.yaml b/http/exposed-panels/ruckus-unleashed-panel.yaml index 7397d374abd..e66bbc1d935 100644 --- a/http/exposed-panels/ruckus-unleashed-panel.yaml +++ b/http/exposed-panels/ruckus-unleashed-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ruckuswireless product: unleashed_firmware - max-request: 1 shodan-query: http.title:"Unleashed Login" google-query: intitle:"Unleashed Login" tags: panel,ruckus diff --git a/http/exposed-panels/ruckus-wireless-admin-login.yaml b/http/exposed-panels/ruckus-wireless-admin-login.yaml index 63947335fc2..2e488704dbd 100644 --- a/http/exposed-panels/ruckus-wireless-admin-login.yaml +++ b/http/exposed-panels/ruckus-wireless-admin-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ruckuswireless - product: e510 verified: true max-request: 1 + vendor: ruckuswireless + product: e510 shodan-query: title:"ruckus" tags: panel,exposed,ruckus diff --git a/http/exposed-panels/ruijie/rg-uac-panel.yaml b/http/exposed-panels/ruijie/rg-uac-panel.yaml index 46c65f68178..843ae97673d 100644 --- a/http/exposed-panels/ruijie/rg-uac-panel.yaml +++ b/http/exposed-panels/ruijie/rg-uac-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ruijie product: rg-uac_firmware - max-request: 1 shodan-query: http.html:"Get_Verify_Info" tags: panel,ruijie,router,firewall diff --git a/http/exposed-panels/sage-panel.yaml b/http/exposed-panels/sage-panel.yaml index d0ea4486952..c1b7c9c2373 100644 --- a/http/exposed-panels/sage-panel.yaml +++ b/http/exposed-panels/sage-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sage product: x3 - max-request: 1 shodan-query: http.title:"Sage X3" tags: panel,sage,login diff --git a/http/exposed-panels/samba-swat-panel.yaml b/http/exposed-panels/samba-swat-panel.yaml index 3006b4a2e3f..96dae4df03f 100644 --- a/http/exposed-panels/samba-swat-panel.yaml +++ b/http/exposed-panels/samba-swat-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: samba product: samba - max-request: 1 tags: panel,samba http: diff --git a/http/exposed-panels/samsung-printer-detect.yaml b/http/exposed-panels/samsung-printer-detect.yaml index d644ca80f01..35963727201 100644 --- a/http/exposed-panels/samsung-printer-detect.yaml +++ b/http/exposed-panels/samsung-printer-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: samsung product: printer_firmware - max-request: 1 fofa-query: app="SAMSUNG-Printer" tags: iot,panel,samsung,printer diff --git a/http/exposed-panels/sap-netweaver-portal.yaml b/http/exposed-panels/sap-netweaver-portal.yaml index 6ba844b1ea0..29a768e5c83 100644 --- a/http/exposed-panels/sap-netweaver-portal.yaml +++ b/http/exposed-panels/sap-netweaver-portal.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sap product: netweaver_portal - max-request: 1 tags: panel,sap http: diff --git a/http/exposed-panels/sap-successfactors-detect.yaml b/http/exposed-panels/sap-successfactors-detect.yaml index b9a1b0657ed..d8dd6a66152 100644 --- a/http/exposed-panels/sap-successfactors-detect.yaml +++ b/http/exposed-panels/sap-successfactors-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sap - product: successfactors verified: true max-request: 2 + vendor: sap + product: successfactors shodan-query: title:"Login - SAP SuccessFactors" tags: panel,sap,detect diff --git a/http/exposed-panels/sapfiori-panel.yaml b/http/exposed-panels/sapfiori-panel.yaml index 229f64de164..730f360b53d 100644 --- a/http/exposed-panels/sapfiori-panel.yaml +++ b/http/exposed-panels/sapfiori-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sap product: fiori - max-request: 2 tags: panel,sap,fiori http: diff --git a/http/exposed-panels/sas-login-panel.yaml b/http/exposed-panels/sas-login-panel.yaml index ec0ab87fffc..24b524158e0 100644 --- a/http/exposed-panels/sas-login-panel.yaml +++ b/http/exposed-panels/sas-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sas - product: base_sas verified: true max-request: 1 + vendor: sas + product: base_sas shodan-query: http.favicon.hash:957255151 tags: sas,panel diff --git a/http/exposed-panels/sauter-moduwebvision-panel.yaml b/http/exposed-panels/sauter-moduwebvision-panel.yaml index f5bc5a1191d..43f058e6a7c 100644 --- a/http/exposed-panels/sauter-moduwebvision-panel.yaml +++ b/http/exposed-panels/sauter-moduwebvision-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.sauter-controls.com metadata: - vendor: sauter - product: moduweb_vision verified: true max-request: 1 + vendor: sauter + product: moduweb_vision shodan-query: http.favicon.hash:-1663319756 tags: panel,moduweb,sauter,login diff --git a/http/exposed-panels/seafile-panel.yaml b/http/exposed-panels/seafile-panel.yaml index 91a20239eb6..377cd77a8f2 100644 --- a/http/exposed-panels/seafile-panel.yaml +++ b/http/exposed-panels/seafile-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: seafile - product: seafile verified: true max-request: 1 + vendor: seafile + product: seafile shodan-query: http.favicon.hash:1552322396 tags: sefile,panel,login diff --git a/http/exposed-panels/seagate-nas-login.yaml b/http/exposed-panels/seagate-nas-login.yaml index 7ff121e93f3..c9129ff4dfc 100644 --- a/http/exposed-panels/seagate-nas-login.yaml +++ b/http/exposed-panels/seagate-nas-login.yaml @@ -7,10 +7,10 @@ info: description: | Seagate NAS - SEAGATE Login was detected. metadata: - vendor: seagate - product: nas_os verified: true max-request: 1 + vendor: seagate + product: nas_os shodan-query: title:"Seagate NAS - SEAGATE" tags: panel,seagate,login diff --git a/http/exposed-panels/security-onion-panel.yaml b/http/exposed-panels/security-onion-panel.yaml index 39da23ffa43..0569fdeea30 100644 --- a/http/exposed-panels/security-onion-panel.yaml +++ b/http/exposed-panels/security-onion-panel.yaml @@ -10,10 +10,10 @@ info: - https://securityonionsolutions.com/ - https://github.com/Security-Onion-Solutions/securityonion metadata: - vendor: securityonionsolutions - product: security_onion verified: true max-request: 2 + vendor: securityonionsolutions + product: security_onion shodan-query: title:"Security Onion" tags: panel,security,onion,detect diff --git a/http/exposed-panels/seeddms-panel.yaml b/http/exposed-panels/seeddms-panel.yaml index ce388afdd93..c0ab9c94f4e 100644 --- a/http/exposed-panels/seeddms-panel.yaml +++ b/http/exposed-panels/seeddms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: seeddms product: seeddms - max-request: 2 shodan-query: http.title:"SeedDMS" tags: panel,seeddms,login diff --git a/http/exposed-panels/sentry-panel.yaml b/http/exposed-panels/sentry-panel.yaml index 07fc5838ecc..4f7cf09d04b 100644 --- a/http/exposed-panels/sentry-panel.yaml +++ b/http/exposed-panels/sentry-panel.yaml @@ -9,11 +9,11 @@ info: reference: - https://sentry.io/ metadata: + verified: true + max-request: 1 vendor: sentry product: sentry - verified: true shodan-query: "http.title:\"Login | Sentry\"" - max-request: 1 tags: panel,sentry,login http: diff --git a/http/exposed-panels/servicedesk-login-panel.yaml b/http/exposed-panels/servicedesk-login-panel.yaml index 0c96a1c45fd..bddc87e567d 100644 --- a/http/exposed-panels/servicedesk-login-panel.yaml +++ b/http/exposed-panels/servicedesk-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: atlassian product: confluence_data_center - max-request: 2 shodan-query: http.component:"Atlassian Confluence" tags: servicedesk,confluence,jira,panel,login diff --git a/http/exposed-panels/servicenow-panel.yaml b/http/exposed-panels/servicenow-panel.yaml index af030422eca..6a779a35492 100644 --- a/http/exposed-panels/servicenow-panel.yaml +++ b/http/exposed-panels/servicenow-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.servicenow.com/ metadata: - vendor: servicenow - product: servicenow verified: true max-request: 1 + vendor: servicenow + product: servicenow shodan-query: http.favicon.hash:1701804003 tags: panel,servicenow,login,detect diff --git a/http/exposed-panels/shardingsphere-panel.yaml b/http/exposed-panels/shardingsphere-panel.yaml index 00fc9087247..f00aadb809d 100644 --- a/http/exposed-panels/shardingsphere-panel.yaml +++ b/http/exposed-panels/shardingsphere-panel.yaml @@ -8,10 +8,10 @@ info: classification: cwe-id: CWE-200 metadata: - vendor: apache - product: shardingsphere_elasticjob-ui verified: true max-request: 1 + vendor: apache + product: shardingsphere_elasticjob-ui shodan-query: http.favicon.hash:816588900 tags: panel,shardingsphere,login diff --git a/http/exposed-panels/sharefile-panel.yaml b/http/exposed-panels/sharefile-panel.yaml index 8b4d2554c19..f1eb833b847 100644 --- a/http/exposed-panels/sharefile-panel.yaml +++ b/http/exposed-panels/sharefile-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.sharefile.com/ metadata: - vendor: citrix - product: sharefile verified: true max-request: 1 + vendor: citrix + product: sharefile shodan-query: title:"ShareFile Login" tags: sharefile,login,panel,detect diff --git a/http/exposed-panels/shell-box.yaml b/http/exposed-panels/shell-box.yaml index 5e6e9a317c6..6bf0c83740b 100644 --- a/http/exposed-panels/shell-box.yaml +++ b/http/exposed-panels/shell-box.yaml @@ -10,10 +10,10 @@ info: - https://github.com/shellinabox/shellinabox - https://www.cvedetails.com/vulnerability-list/vendor_id-15771/product_id-33062/Shellinabox-Project-Shellinabox.html metadata: - vendor: shellinabox_project - product: shellinabox verified: true max-request: 1 + vendor: shellinabox_project + product: shellinabox shodan-query: http.favicon.hash:-629968763 tags: shell,emulator,detect,panel,login diff --git a/http/exposed-panels/sidekiq-dashboard.yaml b/http/exposed-panels/sidekiq-dashboard.yaml index 05a088ce41a..32a5816b5d4 100644 --- a/http/exposed-panels/sidekiq-dashboard.yaml +++ b/http/exposed-panels/sidekiq-dashboard.yaml @@ -14,9 +14,9 @@ info: cvss-score: 5.3 cwe-id: CWE-200 metadata: + max-request: 1 vendor: contribsys product: sidekiq - max-request: 1 tags: unauth,panel,sidekiq http: diff --git a/http/exposed-panels/sitefinity-login.yaml b/http/exposed-panels/sitefinity-login.yaml index 4f1fdeb5600..c7750b21ce4 100644 --- a/http/exposed-panels/sitefinity-login.yaml +++ b/http/exposed-panels/sitefinity-login.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.exploit-db.com/ghdb/6722 metadata: + max-request: 1 vendor: progress product: sitefinity_cms - max-request: 1 tags: sitefinity,edb,panel http: diff --git a/http/exposed-panels/siteomat-login.yaml b/http/exposed-panels/siteomat-login.yaml index a3071826859..2b73ab52615 100644 --- a/http/exposed-panels/siteomat-login.yaml +++ b/http/exposed-panels/siteomat-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: orpak product: siteomat - max-request: 1 tags: siteomat,login,edb,panel http: diff --git a/http/exposed-panels/skeepers-panel.yaml b/http/exposed-panels/skeepers-panel.yaml index 9f103352710..d8914d32430 100644 --- a/http/exposed-panels/skeepers-panel.yaml +++ b/http/exposed-panels/skeepers-panel.yaml @@ -1,19 +1,19 @@ id: skeepers-panel -info: - name: Skeepers Login Panel - Detect - author: righettod - severity: info - description: | - Skeepers login panel was detected. - reference: - - https://skeepers.io - metadata: - max-request: 1 - shodan-query: http.title:"Skeepers" - verified: true - tags: panel,skeepers,login,detect - +info: + name: Skeepers Login Panel - Detect + author: righettod + severity: info + description: | + Skeepers login panel was detected. + reference: + - https://skeepers.io + metadata: + verified: true + max-request: 2 + shodan-query: "http.title:\"Skeepers\"" + tags: panel,skeepers,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/skycaiji-admin-panel.yaml b/http/exposed-panels/skycaiji-admin-panel.yaml index ff2c2b47522..30e79648cb6 100644 --- a/http/exposed-panels/skycaiji-admin-panel.yaml +++ b/http/exposed-panels/skycaiji-admin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: skycaiji product: skycaiji - max-request: 1 tags: panel,tech,skycaiji http: diff --git a/http/exposed-panels/softether-vpn-panel.yaml b/http/exposed-panels/softether-vpn-panel.yaml index 22968668d38..9c3056ef534 100644 --- a/http/exposed-panels/softether-vpn-panel.yaml +++ b/http/exposed-panels/softether-vpn-panel.yaml @@ -7,8 +7,8 @@ info: description: | SoftEther VPN panel was detected. metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"SoftEther VPN Server" tags: panel,vpn,softether diff --git a/http/exposed-panels/solarview-compact-panel.yaml b/http/exposed-panels/solarview-compact-panel.yaml index ac03ddb3a06..5d52047b2a6 100644 --- a/http/exposed-panels/solarview-compact-panel.yaml +++ b/http/exposed-panels/solarview-compact-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: contec - product: solarview_compact_firmware verified: true max-request: 1 + vendor: contec + product: solarview_compact_firmware shodan-query: http.html:"SolarView Compact" tags: panel,solarview,iot diff --git a/http/exposed-panels/solarwinds-arm-panel.yaml b/http/exposed-panels/solarwinds-arm-panel.yaml index ea0aa7f962b..0516f6bed95 100644 --- a/http/exposed-panels/solarwinds-arm-panel.yaml +++ b/http/exposed-panels/solarwinds-arm-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: solarwinds - product: access_rights_manager verified: true max-request: 1 + vendor: solarwinds + product: access_rights_manager shodan-query: http.favicon.hash:-1416464161 censys-query: services.http.response.html_title="Solarwinds Access Rights Manager" tags: panel,solarwinds diff --git a/http/exposed-panels/solarwinds-orion.yaml b/http/exposed-panels/solarwinds-orion.yaml index 4aeb3954e4c..72c9bbd9068 100644 --- a/http/exposed-panels/solarwinds-orion.yaml +++ b/http/exposed-panels/solarwinds-orion.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: solarwinds product: orion_platform - max-request: 1 tags: panel,solarwinds http: diff --git a/http/exposed-panels/solarwinds-servuftp-detect.yaml b/http/exposed-panels/solarwinds-servuftp-detect.yaml index a2d94dfe0a3..a13f6a8d3ca 100644 --- a/http/exposed-panels/solarwinds-servuftp-detect.yaml +++ b/http/exposed-panels/solarwinds-servuftp-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: solarwinds product: serv-u - max-request: 1 tags: solarwinds,panel http: diff --git a/http/exposed-panels/solr-panel-exposure.yaml b/http/exposed-panels/solr-panel-exposure.yaml index f3024181f60..3b185ffdfe2 100644 --- a/http/exposed-panels/solr-panel-exposure.yaml +++ b/http/exposed-panels/solr-panel-exposure.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: solr verified: true max-request: 2 + vendor: apache + product: solr shodan-query: http.title:"Solr Admin" tags: panel,solr,apache,admin diff --git a/http/exposed-panels/sonarqube-login.yaml b/http/exposed-panels/sonarqube-login.yaml index 007f5b2cdf8..5198d2295d5 100644 --- a/http/exposed-panels/sonarqube-login.yaml +++ b/http/exposed-panels/sonarqube-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sonarsource product: sonarqube - max-request: 1 tags: panel,sonarqube http: diff --git a/http/exposed-panels/sonic-wall-application.yaml b/http/exposed-panels/sonic-wall-application.yaml index e7b24e07dc9..e476fcce292 100644 --- a/http/exposed-panels/sonic-wall-application.yaml +++ b/http/exposed-panels/sonic-wall-application.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sonicwall - product: sma1000_firmware verified: true max-request: 1 + vendor: sonicwall + product: sma1000_firmware shodan-query: title:"Appliance Management Console Login" tags: panel,sonicwall,login diff --git a/http/exposed-panels/sonic-wall-login.yaml b/http/exposed-panels/sonic-wall-login.yaml index c0a6530f294..ea3c6a46672 100644 --- a/http/exposed-panels/sonic-wall-login.yaml +++ b/http/exposed-panels/sonic-wall-login.yaml @@ -6,10 +6,10 @@ info: severity: info description: SonicWall Network Security Login panel was detected. metadata: - vendor: sonicwall - product: tz_350 verified: true max-request: 2 + vendor: sonicwall + product: tz_350 shodan-query: title:"SonicWall Network Security Login" tags: panel,sonicwall,login diff --git a/http/exposed-panels/sonicwall-analyzer-login.yaml b/http/exposed-panels/sonicwall-analyzer-login.yaml index a7a38f450b9..8a8b54d88e8 100644 --- a/http/exposed-panels/sonicwall-analyzer-login.yaml +++ b/http/exposed-panels/sonicwall-analyzer-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sonicwall - product: analyzer verified: true max-request: 1 + vendor: sonicwall + product: analyzer shodan-query: title:"SonicWall Analyzer Login" tags: panel,sonicwall diff --git a/http/exposed-panels/sonicwall-management-panel.yaml b/http/exposed-panels/sonicwall-management-panel.yaml index 41c9708ecb7..d35514f236f 100644 --- a/http/exposed-panels/sonicwall-management-panel.yaml +++ b/http/exposed-panels/sonicwall-management-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sonicwall product: global_management_system - max-request: 1 tags: panel,sonicwall http: diff --git a/http/exposed-panels/sonicwall-sslvpn-panel.yaml b/http/exposed-panels/sonicwall-sslvpn-panel.yaml index 07556bd2280..eec6de955ae 100644 --- a/http/exposed-panels/sonicwall-sslvpn-panel.yaml +++ b/http/exposed-panels/sonicwall-sslvpn-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sonicwall product: sonicos - max-request: 1 tags: panel,sonicwall http: diff --git a/http/exposed-panels/sophos-fw-version-detect.yaml b/http/exposed-panels/sophos-fw-version-detect.yaml index 53bff4f024f..462238b1dde 100644 --- a/http/exposed-panels/sophos-fw-version-detect.yaml +++ b/http/exposed-panels/sophos-fw-version-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sophos - product: sfos verified: true max-request: 2 + vendor: sophos + product: sfos shodan-query: title:"Sophos" tags: panel,sophos diff --git a/http/exposed-panels/sophos-mobile-panel.yaml b/http/exposed-panels/sophos-mobile-panel.yaml index cf82245cab6..d6d71f05c44 100644 --- a/http/exposed-panels/sophos-mobile-panel.yaml +++ b/http/exposed-panels/sophos-mobile-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sophos product: mobile - max-request: 1 shodan-query: http.title:"Sophos Mobile" tags: panel,sophos diff --git a/http/exposed-panels/sophos-web-appliance.yaml b/http/exposed-panels/sophos-web-appliance.yaml index 235def09b67..35d9db86211 100644 --- a/http/exposed-panels/sophos-web-appliance.yaml +++ b/http/exposed-panels/sophos-web-appliance.yaml @@ -7,10 +7,10 @@ info: reference: - https://docs.sophos.com/nsg/swa/help/en-us/nsg/swa/concepts/AboutYourAppliance.html metadata: - vendor: sophos - product: web_appliance verified: true max-request: 1 + vendor: sophos + product: web_appliance shodan-query: 'http.favicon.hash:-893681401' tags: panel,login,sophos diff --git a/http/exposed-panels/spacelogic-cbus-panel.yaml b/http/exposed-panels/spacelogic-cbus-panel.yaml index 4a15db1233c..8ca0971e6a6 100644 --- a/http/exposed-panels/spacelogic-cbus-panel.yaml +++ b/http/exposed-panels/spacelogic-cbus-panel.yaml @@ -7,9 +7,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: html:"SpaceLogic C-Bus" vendor: schneider-electric product: spacelogic_c-bus_home_controller_firmware + shodan-query: html:"SpaceLogic C-Bus" tags: panel,spacelogic,login http: diff --git a/http/exposed-panels/spark-panel.yaml b/http/exposed-panels/spark-panel.yaml index cb90263c889..7124fe01114 100644 --- a/http/exposed-panels/spark-panel.yaml +++ b/http/exposed-panels/spark-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: spark verified: true max-request: 1 + vendor: apache + product: spark shodan-query: html:"/apps/IMT/Html/" tags: panel,spark diff --git a/http/exposed-panels/sphider-login.yaml b/http/exposed-panels/sphider-login.yaml index b9a45e53aee..5f3ec68374f 100644 --- a/http/exposed-panels/sphider-login.yaml +++ b/http/exposed-panels/sphider-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 3 vendor: sphider product: sphider - max-request: 3 tags: edb,panel http: diff --git a/http/exposed-panels/splunk-enterprise-panel.yaml b/http/exposed-panels/splunk-enterprise-panel.yaml index 76bf31b68cc..147c5b1f7e7 100644 --- a/http/exposed-panels/splunk-enterprise-panel.yaml +++ b/http/exposed-panels/splunk-enterprise-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: splunk product: splunk - max-request: 1 shodan-query: http.title:"Login - Splunk" tags: panel,splunk diff --git a/http/exposed-panels/spotweb-login-panel.yaml b/http/exposed-panels/spotweb-login-panel.yaml index d9d35be8737..8d580e2908e 100644 --- a/http/exposed-panels/spotweb-login-panel.yaml +++ b/http/exposed-panels/spotweb-login-panel.yaml @@ -5,10 +5,10 @@ info: author: theamanrawat severity: info metadata: - vendor: spotweb_project - product: spotweb verified: true max-request: 1 + vendor: spotweb_project + product: spotweb shodan-query: title:"SpotWeb - overview" tags: panel,spotweb,detect diff --git a/http/exposed-panels/sql-monitor.yaml b/http/exposed-panels/sql-monitor.yaml index c8647762a09..46e69e56c9c 100644 --- a/http/exposed-panels/sql-monitor.yaml +++ b/http/exposed-panels/sql-monitor.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: red-gate product: sql_monitor - max-request: 1 shodan-query: html:"SQL Monitor" tags: panel diff --git a/http/exposed-panels/squirrelmail-login.yaml b/http/exposed-panels/squirrelmail-login.yaml index e05ad4f2ab6..1595d77d629 100644 --- a/http/exposed-panels/squirrelmail-login.yaml +++ b/http/exposed-panels/squirrelmail-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 4 vendor: squirrelmail product: squirrelmail - max-request: 4 shodan-query: title:"SquirrelMail" tags: squirrelmail,edb,panel diff --git a/http/exposed-panels/strapi-documentation.yaml b/http/exposed-panels/strapi-documentation.yaml index afaa91d4865..b703341032e 100644 --- a/http/exposed-panels/strapi-documentation.yaml +++ b/http/exposed-panels/strapi-documentation.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: strapi product: strapi - max-request: 2 tags: strapi,panel http: diff --git a/http/exposed-panels/strapi-panel.yaml b/http/exposed-panels/strapi-panel.yaml index 18803bba5ea..61dad4d273d 100644 --- a/http/exposed-panels/strapi-panel.yaml +++ b/http/exposed-panels/strapi-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: strapi product: strapi - max-request: 1 tags: panel,strapi,login http: diff --git a/http/exposed-panels/structurizr-panel.yaml b/http/exposed-panels/structurizr-panel.yaml index 60c12293b6f..b741e14181a 100644 --- a/http/exposed-panels/structurizr-panel.yaml +++ b/http/exposed-panels/structurizr-panel.yaml @@ -11,9 +11,9 @@ info: metadata: verified: true max-request: 2 - shodan-query: http.favicon.hash:1199592666 vendor: structurizr product: on-premises_installation + shodan-query: http.favicon.hash:1199592666 tags: panel,structurizr,detect http: diff --git a/http/exposed-panels/subrion-login.yaml b/http/exposed-panels/subrion-login.yaml index ea4f54147b4..002d1ae5a97 100644 --- a/http/exposed-panels/subrion-login.yaml +++ b/http/exposed-panels/subrion-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: intelliants product: subrion - max-request: 1 tags: panel,subrion http: diff --git a/http/exposed-panels/sugarcrm-panel.yaml b/http/exposed-panels/sugarcrm-panel.yaml index 24b3a866357..370eba1dc23 100644 --- a/http/exposed-panels/sugarcrm-panel.yaml +++ b/http/exposed-panels/sugarcrm-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sugarcrm product: sugarcrm - max-request: 2 shodan-query: http.title:sugarcrm tags: sugarcrm,panel diff --git a/http/exposed-panels/superset-login.yaml b/http/exposed-panels/superset-login.yaml index 02c75099a1a..8018c8f1a7a 100644 --- a/http/exposed-panels/superset-login.yaml +++ b/http/exposed-panels/superset-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: superset verified: true max-request: 2 + vendor: apache + product: superset shodan-query: http.favicon.hash:1582430156 tags: panel,superset diff --git a/http/exposed-panels/symantec/symantec-dlp-login.yaml b/http/exposed-panels/symantec/symantec-dlp-login.yaml index 049797bf53b..4311887d835 100644 --- a/http/exposed-panels/symantec/symantec-dlp-login.yaml +++ b/http/exposed-panels/symantec/symantec-dlp-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: symantec product: data_loss_prevention - max-request: 1 shodan-query: http.title:"Symantec Data Loss Prevention" tags: symantec,panel,login diff --git a/http/exposed-panels/symantec/symantec-epm-login.yaml b/http/exposed-panels/symantec/symantec-epm-login.yaml index 64311db2db1..c7fb0a32572 100644 --- a/http/exposed-panels/symantec/symantec-epm-login.yaml +++ b/http/exposed-panels/symantec/symantec-epm-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: symantec product: endpoint_protection_manager - max-request: 1 shodan-query: http.title:"Symantec Endpoint Protection Manager" tags: symantec,panel,login diff --git a/http/exposed-panels/symantec/symantec-iam-console.yaml b/http/exposed-panels/symantec/symantec-iam-console.yaml index eed01ec0b70..8faa3f85177 100644 --- a/http/exposed-panels/symantec/symantec-iam-console.yaml +++ b/http/exposed-panels/symantec/symantec-iam-console.yaml @@ -9,9 +9,9 @@ info: reference: - https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-4/configuring/environments-overview/management-console.html metadata: + max-request: 1 vendor: broadcom product: symantec_identity_manager - max-request: 1 tags: symantec,panel,login http: diff --git a/http/exposed-panels/syncserver-panel.yaml b/http/exposed-panels/syncserver-panel.yaml index cb55d6e538b..078e89b8efd 100644 --- a/http/exposed-panels/syncserver-panel.yaml +++ b/http/exposed-panels/syncserver-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDk severity: info metadata: - vendor: microchip - product: syncserver_s650_firmware verified: true max-request: 1 + vendor: microchip + product: syncserver_s650_firmware shodan-query: html:"Symmetricom SyncServer" tags: panel,login,syncserver,symmetricom,detect diff --git a/http/exposed-panels/syncthru-web-service.yaml b/http/exposed-panels/syncthru-web-service.yaml index 7d9fe9b9ef2..ee56a81ad04 100644 --- a/http/exposed-panels/syncthru-web-service.yaml +++ b/http/exposed-panels/syncthru-web-service.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: samsung - product: syncthru_web_service verified: true max-request: 1 + vendor: samsung + product: syncthru_web_service shodan-query: title:"SyncThru Web Service" tags: edb,panel,syncthru,printer diff --git a/http/exposed-panels/sysaid-panel.yaml b/http/exposed-panels/sysaid-panel.yaml index 2553b77f29a..e1cd526bd5f 100644 --- a/http/exposed-panels/sysaid-panel.yaml +++ b/http/exposed-panels/sysaid-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sysaid product: sysaid - max-request: 2 tags: panel,sysaid,helpdesk http: diff --git a/http/exposed-panels/tableau-service-manager.yaml b/http/exposed-panels/tableau-service-manager.yaml index 9d67c04f360..b75036bc05d 100644 --- a/http/exposed-panels/tableau-service-manager.yaml +++ b/http/exposed-panels/tableau-service-manager.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: tableausoftware - product: tableau_server verified: true max-request: 1 + vendor: tableausoftware + product: tableau_server shodan-query: title:"Login - Tableau Services Manager" tags: panel,tableau diff --git a/http/exposed-panels/tautulli-panel.yaml b/http/exposed-panels/tautulli-panel.yaml index 554b7c39fa6..9a8c09b2cc0 100644 --- a/http/exposed-panels/tautulli-panel.yaml +++ b/http/exposed-panels/tautulli-panel.yaml @@ -10,10 +10,10 @@ info: - https://tautulli.com/ - https://github.com/Tautulli/Tautulli metadata: - vendor: tautulli - product: tautulli verified: true max-request: 2 + vendor: tautulli + product: tautulli shodan-query: title:"TAUTULLI" tags: panel,tautulli,detect diff --git a/http/exposed-panels/teamcity-login-panel.yaml b/http/exposed-panels/teamcity-login-panel.yaml index b2b27a87e4d..d0c7776c131 100644 --- a/http/exposed-panels/teamcity-login-panel.yaml +++ b/http/exposed-panels/teamcity-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: jetbrains - product: teamcity verified: true max-request: 1 + vendor: jetbrains + product: teamcity shodan-query: http.component:"TeamCity" tags: panel,teamcity,jetbrains,detect diff --git a/http/exposed-panels/teampass-panel.yaml b/http/exposed-panels/teampass-panel.yaml index e876d498533..15387aa3c39 100644 --- a/http/exposed-panels/teampass-panel.yaml +++ b/http/exposed-panels/teampass-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: teampass - product: teampass verified: true max-request: 2 + vendor: teampass + product: teampass shodan-query: http.html:"teampass" tags: panel,teampass diff --git a/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml b/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml index 0502eddf89a..6d8fe7251b9 100644 --- a/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml +++ b/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: telesquare - product: tlr-2005ksh_firmware verified: true max-request: 1 + vendor: telesquare + product: tlr-2005ksh_firmware shodan-query: http.html:"TLR-2005KSH" tags: panel,router,telesquare diff --git a/http/exposed-panels/teradici-pcoip-panel.yaml b/http/exposed-panels/teradici-pcoip-panel.yaml index 46cf28b63a0..f6e22056316 100644 --- a/http/exposed-panels/teradici-pcoip-panel.yaml +++ b/http/exposed-panels/teradici-pcoip-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: teradici product: pcoip_client - max-request: 1 tags: panel,teradici,pcoip http: diff --git a/http/exposed-panels/terraform-enterprise-panel.yaml b/http/exposed-panels/terraform-enterprise-panel.yaml index 54ae79e4dd9..57f2f955d11 100644 --- a/http/exposed-panels/terraform-enterprise-panel.yaml +++ b/http/exposed-panels/terraform-enterprise-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hashicorp product: terraform - max-request: 1 shodan-query: title:"Terraform Enterprise" google-query: intitle:"Terraform Enterprise" tags: panel,terraform diff --git a/http/exposed-panels/thinfinity-virtualui-panel.yaml b/http/exposed-panels/thinfinity-virtualui-panel.yaml index 3640f593f7a..e3ee38850e1 100644 --- a/http/exposed-panels/thinfinity-virtualui-panel.yaml +++ b/http/exposed-panels/thinfinity-virtualui-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cybelesoft product: thinfinity_virtualui - max-request: 1 shodan-query: http.title:"Thinfinity VirtualUI" tags: panel,thinfinity,virtualui diff --git a/http/exposed-panels/thruk-login.yaml b/http/exposed-panels/thruk-login.yaml index 8ff1a69495f..bbe0a58794a 100644 --- a/http/exposed-panels/thruk-login.yaml +++ b/http/exposed-panels/thruk-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: thruk product: thruk - max-request: 1 fofa-query: title=="Thruk Monitoring Webinterface" tags: thruk,panel diff --git a/http/exposed-panels/tikiwiki-cms.yaml b/http/exposed-panels/tikiwiki-cms.yaml index 72197beffb0..5cb7311dc6a 100644 --- a/http/exposed-panels/tikiwiki-cms.yaml +++ b/http/exposed-panels/tikiwiki-cms.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: tiki product: tikiwiki_cms\/groupware - max-request: 2 tags: panel,tikiwiki http: diff --git a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml index a44db18b1ba..e76fcd96a27 100644 --- a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml +++ b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml @@ -5,9 +5,9 @@ info: author: Podalirius severity: info metadata: + max-request: 1 vendor: apache product: tomcat - max-request: 1 shodan-query: title:"Apache Tomcat" tags: version,tomcat,docs,panel diff --git a/http/exposed-panels/totemomail-panel.yaml b/http/exposed-panels/totemomail-panel.yaml index 4ee3e4f856c..a364a7a3c34 100644 --- a/http/exposed-panels/totemomail-panel.yaml +++ b/http/exposed-panels/totemomail-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: totemo - product: totemomail verified: true max-request: 2 + vendor: totemo + product: totemomail google-query: intext:"totemomail" inurl:responsiveUI tags: totemomail,panel diff --git a/http/exposed-panels/tracer-sc-login.yaml b/http/exposed-panels/tracer-sc-login.yaml index d37585cc2ac..e3c4da04ec3 100644 --- a/http/exposed-panels/tracer-sc-login.yaml +++ b/http/exposed-panels/tracer-sc-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: trane product: tracer_sc - max-request: 1 tags: tracer,trane,iot,panel,login http: diff --git a/http/exposed-panels/traefik-dashboard.yaml b/http/exposed-panels/traefik-dashboard.yaml index 568d00a8ccf..cdb79a86dda 100644 --- a/http/exposed-panels/traefik-dashboard.yaml +++ b/http/exposed-panels/traefik-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: traefik - product: traefik verified: true max-request: 1 + vendor: traefik + product: traefik shodan-query: http.title:"traefik" tags: panel,traefik diff --git a/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml b/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml index 2b541103e3c..a8775660826 100644 --- a/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml +++ b/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: trendnet product: tew-827dru_firmware - max-request: 1 shodan-query: http.html:"TEW-827DRU" tags: panel,router,trendnet diff --git a/http/exposed-panels/tufin-securetrack-login.yaml b/http/exposed-panels/tufin-securetrack-login.yaml index 9af178d977d..6d64d1ef64d 100644 --- a/http/exposed-panels/tufin-securetrack-login.yaml +++ b/http/exposed-panels/tufin-securetrack-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: tufin product: securetrack - max-request: 1 shodan-query: http.title:"SecureTrack - Tufin Technologies" google-query: intitle:"SecureTrack - Tufin Technologies" tags: panel,tufin diff --git a/http/exposed-panels/typo3-login.yaml b/http/exposed-panels/typo3-login.yaml index 230f81e577c..39faa2c9215 100644 --- a/http/exposed-panels/typo3-login.yaml +++ b/http/exposed-panels/typo3-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: typo3 product: typo3 - max-request: 1 tags: panel,typo3 http: diff --git a/http/exposed-panels/umbraco-login.yaml b/http/exposed-panels/umbraco-login.yaml index cfe96ea3060..793bc3a93bb 100644 --- a/http/exposed-panels/umbraco-login.yaml +++ b/http/exposed-panels/umbraco-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: umbraco - product: umbraco_cms verified: true max-request: 1 + vendor: umbraco + product: umbraco_cms shodan-query: http.title:"Umbraco" tags: panel,umbraco,detect diff --git a/http/exposed-panels/unauth/tautulli-unauth.yaml b/http/exposed-panels/unauth/tautulli-unauth.yaml index 4ce1a45bcfb..a5bec6e9391 100644 --- a/http/exposed-panels/unauth/tautulli-unauth.yaml +++ b/http/exposed-panels/unauth/tautulli-unauth.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: medium metadata: - vendor: tautulli - product: tautulli verified: true max-request: 1 + vendor: tautulli + product: tautulli shodan-query: title:"Tautulli - Home" tags: panel,misconfig,tautulli,unauth,exposure diff --git a/http/exposed-panels/untangle-admin-login.yaml b/http/exposed-panels/untangle-admin-login.yaml index 151addef8df..0e39ff80dea 100644 --- a/http/exposed-panels/untangle-admin-login.yaml +++ b/http/exposed-panels/untangle-admin-login.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: untangle - product: ng_firewall verified: true max-request: 2 + vendor: untangle + product: ng_firewall shodan-query: title:"Untangle Administrator Login" tags: panel,untangle,admin,login diff --git a/http/exposed-panels/vault-panel.yaml b/http/exposed-panels/vault-panel.yaml index a31f6a31534..3ac4463448c 100644 --- a/http/exposed-panels/vault-panel.yaml +++ b/http/exposed-panels/vault-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hashicorp - product: vault verified: true max-request: 2 + vendor: hashicorp + product: vault shodan-query: http.favicon.hash:-919788577 tags: panel,vault,detect diff --git a/http/exposed-panels/veeam-panel.yaml b/http/exposed-panels/veeam-panel.yaml index 0b4e445d986..5dbc2170c29 100644 --- a/http/exposed-panels/veeam-panel.yaml +++ b/http/exposed-panels/veeam-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: veeam - product: one_reporter verified: true max-request: 1 + vendor: veeam + product: one_reporter shodan-query: http.favicon.hash:-633512412 tags: panel,veeam diff --git a/http/exposed-panels/virtua-software-panel.yaml b/http/exposed-panels/virtua-software-panel.yaml index cc61413d094..ddec5e56791 100644 --- a/http/exposed-panels/virtua-software-panel.yaml +++ b/http/exposed-panels/virtua-software-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: virtuasoftware - product: cobranca verified: true max-request: 1 + vendor: virtuasoftware + product: cobranca shodan-query: http.favicon.hash:876876147 tags: panel,virtua diff --git a/http/exposed-panels/vmware-cloud-director.yaml b/http/exposed-panels/vmware-cloud-director.yaml index 2355e6b46dc..ea41609ca25 100644 --- a/http/exposed-panels/vmware-cloud-director.yaml +++ b/http/exposed-panels/vmware-cloud-director.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: cloud_director verified: true max-request: 1 + vendor: vmware + product: cloud_director shodan-query: title:"Welcome to VMware Cloud Director" tags: panel,vmware diff --git a/http/exposed-panels/vmware-horizon-daas.yaml b/http/exposed-panels/vmware-horizon-daas.yaml index 84f129417f8..2e58767e978 100644 --- a/http/exposed-panels/vmware-horizon-daas.yaml +++ b/http/exposed-panels/vmware-horizon-daas.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDK severity: info metadata: - vendor: vmware - product: horizon_daas verified: true max-request: 1 + vendor: vmware + product: horizon_daas shodan-query: title:"Horizon DaaS" tags: panel,vmware diff --git a/http/exposed-panels/vmware-horizon-panel.yaml b/http/exposed-panels/vmware-horizon-panel.yaml index 0ebe279eeee..09981106b14 100644 --- a/http/exposed-panels/vmware-horizon-panel.yaml +++ b/http/exposed-panels/vmware-horizon-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: vmware product: horizon - max-request: 2 tags: horizon,vmware,edb,panel http: diff --git a/http/exposed-panels/vmware-vcenter-converter-standalone.yaml b/http/exposed-panels/vmware-vcenter-converter-standalone.yaml index 81b4136f1ab..94d94d81e73 100644 --- a/http/exposed-panels/vmware-vcenter-converter-standalone.yaml +++ b/http/exposed-panels/vmware-vcenter-converter-standalone.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: vcenter_converter_standalone verified: true max-request: 1 + vendor: vmware + product: vcenter_converter_standalone shodan-query: title:"VMware vCenter Converter Standalone" tags: panel,vmware,vcenter diff --git a/http/exposed-panels/vmware-vcloud-director.yaml b/http/exposed-panels/vmware-vcloud-director.yaml index 7e27305769d..2d1aa0b8ab2 100644 --- a/http/exposed-panels/vmware-vcloud-director.yaml +++ b/http/exposed-panels/vmware-vcloud-director.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: vcloud_director verified: true max-request: 1 + vendor: vmware + product: vcloud_director shodan-query: title:"VMware vCloud Director" tags: panel,vmware,vcloud diff --git a/http/exposed-panels/voipmonitor-panel.yaml b/http/exposed-panels/voipmonitor-panel.yaml index e08d81ec9f0..2b79d4b3a2a 100644 --- a/http/exposed-panels/voipmonitor-panel.yaml +++ b/http/exposed-panels/voipmonitor-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: voipmonitor product: voipmonitor - max-request: 1 shodan-query: http.title:"VoIPmonitor" tags: panel,voipmonitor,login diff --git a/http/exposed-panels/vrealize-loginsight-panel.yaml b/http/exposed-panels/vrealize-loginsight-panel.yaml index ddb1259beea..df9ca347bab 100644 --- a/http/exposed-panels/vrealize-loginsight-panel.yaml +++ b/http/exposed-panels/vrealize-loginsight-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: vrealize_log_insight verified: true max-request: 1 + vendor: vmware + product: vrealize_log_insight shodan-query: title:"vRealize Log insight" tags: panel,vmware,vrealize diff --git a/http/exposed-panels/vue-pacs-panel.yaml b/http/exposed-panels/vue-pacs-panel.yaml index 6535b8adf20..a229ebe56c6 100644 --- a/http/exposed-panels/vue-pacs-panel.yaml +++ b/http/exposed-panels/vue-pacs-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.usa.philips.com/healthcare/solutions/diagnostic-informatics/enterprise-imaging-pacs metadata: - vendor: philips - product: vue_pacs verified: true max-request: 1 + vendor: philips + product: vue_pacs shodan-query: http.title:"Vue PACS" tags: vue,pacs,panel,login diff --git a/http/exposed-panels/wagtail-cms-detect.yaml b/http/exposed-panels/wagtail-cms-detect.yaml index 501b09dbbd5..e8f100bed50 100644 --- a/http/exposed-panels/wagtail-cms-detect.yaml +++ b/http/exposed-panels/wagtail-cms-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: torchbox - product: wagtail verified: true max-request: 2 + vendor: torchbox + product: wagtail shodan-query: title:"Wagtail - Sign in" tags: panel,wagtail diff --git a/http/exposed-panels/watchguard-panel.yaml b/http/exposed-panels/watchguard-panel.yaml index f7e942b081f..e3a3b0478bd 100644 --- a/http/exposed-panels/watchguard-panel.yaml +++ b/http/exposed-panels/watchguard-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: watchguard product: firebox_t15 - max-request: 1 tags: watchguard,edb,panel http: diff --git a/http/exposed-panels/wazuh-panel.yaml b/http/exposed-panels/wazuh-panel.yaml index d3beda1723d..66895ac6f29 100644 --- a/http/exposed-panels/wazuh-panel.yaml +++ b/http/exposed-panels/wazuh-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://github.com/wazuh/wazuh metadata: + max-request: 1 vendor: wazuh product: wazuh - max-request: 1 shodan-query: http.title:"Wazuh" tags: panel,wazuh,login diff --git a/http/exposed-panels/wd-mycloud-panel.yaml b/http/exposed-panels/wd-mycloud-panel.yaml index cb70037f99c..08a714b4932 100644 --- a/http/exposed-panels/wd-mycloud-panel.yaml +++ b/http/exposed-panels/wd-mycloud-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://www.zerodayinitiative.com/blog/2023/4/19/cve-2022-29844-a-classic-buffer-overflow-on-the-western-digital-my-cloud-pro-series-pr4100 metadata: - vendor: western_digital - product: mycloud_nas verified: true max-request: 1 + vendor: western_digital + product: mycloud_nas shodan-query: http.favicon.hash:-1074357885 tags: panel,login,mycloud,wd,detect diff --git a/http/exposed-panels/web-viewer-panel.yaml b/http/exposed-panels/web-viewer-panel.yaml index 428c8d12151..44bf19679a9 100644 --- a/http/exposed-panels/web-viewer-panel.yaml +++ b/http/exposed-panels/web-viewer-panel.yaml @@ -5,10 +5,10 @@ info: author: JustaAcat severity: info metadata: - vendor: samsung - product: dvr verified: true max-request: 1 + vendor: samsung + product: dvr shodan-query: title:"Web Viewer for Samsung DVR" tags: panel,web-viewer,detect diff --git a/http/exposed-panels/webeditors-check-detect.yaml b/http/exposed-panels/webeditors-check-detect.yaml index 45cc93aa9d6..3302e289fb1 100644 --- a/http/exposed-panels/webeditors-check-detect.yaml +++ b/http/exposed-panels/webeditors-check-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 17 vendor: ckeditor product: ckeditor - max-request: 17 tags: panel,webeditors http: diff --git a/http/exposed-panels/weblogic-login.yaml b/http/exposed-panels/weblogic-login.yaml index 84e981785f8..e6ccd43ff88 100644 --- a/http/exposed-panels/weblogic-login.yaml +++ b/http/exposed-panels/weblogic-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: weblogic_server - max-request: 1 shodan-query: product:"Oracle Weblogic" tags: panel,oracle,weblogic,login diff --git a/http/exposed-panels/weblogic-uddiexplorer.yaml b/http/exposed-panels/weblogic-uddiexplorer.yaml index 17272f2820e..f1f52fce2ef 100644 --- a/http/exposed-panels/weblogic-uddiexplorer.yaml +++ b/http/exposed-panels/weblogic-uddiexplorer.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: weblogic_server - max-request: 1 tags: panel,oracle,weblogic,tenable http: diff --git a/http/exposed-panels/webmin-panel.yaml b/http/exposed-panels/webmin-panel.yaml index 062e869232a..fce866d69c2 100644 --- a/http/exposed-panels/webmin-panel.yaml +++ b/http/exposed-panels/webmin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: webmin product: webmin - max-request: 2 tags: panel,webmin http: diff --git a/http/exposed-panels/webtitan-cloud-panel.yaml b/http/exposed-panels/webtitan-cloud-panel.yaml index a64f7b917f7..e2c4b41e0b5 100644 --- a/http/exposed-panels/webtitan-cloud-panel.yaml +++ b/http/exposed-panels/webtitan-cloud-panel.yaml @@ -7,10 +7,10 @@ info: description: | WebTitan Cloud is a cloud-based web filtering solution that monitors, controls, and protects users and businesses online. It blocks malware, phishing, viruses, ransomware, and malicious sites. metadata: - vendor: titanhq - product: webtitan verified: true max-request: 1 + vendor: titanhq + product: webtitan shodan-query: http.favicon.hash:1090061843 fofa-query: title="WebTitan" tags: panel,webtitan,cloud,detect diff --git a/http/exposed-panels/webtransfer-client-panel.yaml b/http/exposed-panels/webtransfer-client-panel.yaml index 6c4b5a2b644..80409b22305 100644 --- a/http/exposed-panels/webtransfer-client-panel.yaml +++ b/http/exposed-panels/webtransfer-client-panel.yaml @@ -1,18 +1,18 @@ id: webtransfer-client-panel -info: - name: Web Transfer Client Login Panel - Detect - author: righettod - severity: info - description: Progress Web Transfer Client login panel was detected. - reference: - - https://www.progress.com/ftp-server/web-transfer - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"Web Transfer Client" - tags: panel,webtransferclient,login,detect - +info: + name: Web Transfer Client Login Panel - Detect + author: righettod + severity: info + description: Progress Web Transfer Client login panel was detected. + reference: + - https://www.progress.com/ftp-server/web-transfer + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Web Transfer Client" + tags: panel,webtransferclient,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/webuzo-admin-panel.yaml b/http/exposed-panels/webuzo-admin-panel.yaml index 10e54f91cfe..8d95dd99a66 100644 --- a/http/exposed-panels/webuzo-admin-panel.yaml +++ b/http/exposed-panels/webuzo-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: softaculous - product: webuzo verified: true max-request: 1 + vendor: softaculous + product: webuzo shodan-query: http.title:"Webuzo - Admin Panel" tags: panel,webuzo,admin diff --git a/http/exposed-panels/weiphp-panel.yaml b/http/exposed-panels/weiphp-panel.yaml index 2e406f9077b..c1ea72359eb 100644 --- a/http/exposed-panels/weiphp-panel.yaml +++ b/http/exposed-panels/weiphp-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: weiphp - product: weiphp verified: true max-request: 1 + vendor: weiphp + product: weiphp shodan-query: http.html:"weiphp" tags: panel,weiphp diff --git a/http/exposed-panels/whm-login-detect.yaml b/http/exposed-panels/whm-login-detect.yaml index 3284967f425..33a5575ad1c 100644 --- a/http/exposed-panels/whm-login-detect.yaml +++ b/http/exposed-panels/whm-login-detect.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cpanel product: whm - max-request: 1 tags: edb,whm,panel,login http: diff --git a/http/exposed-panels/wordpress-login.yaml b/http/exposed-panels/wordpress-login.yaml index 4f3b33d7918..ff3af78c9f1 100644 --- a/http/exposed-panels/wordpress-login.yaml +++ b/http/exposed-panels/wordpress-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: wordpress product: wordpress - max-request: 1 tags: panel,wordpress http: diff --git a/http/exposed-panels/workspace-one-uem.yaml b/http/exposed-panels/workspace-one-uem.yaml index ba9473160ea..77e4d0d572c 100644 --- a/http/exposed-panels/workspace-one-uem.yaml +++ b/http/exposed-panels/workspace-one-uem.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: workspace_one_uem verified: true max-request: 1 + vendor: vmware + product: workspace_one_uem shodan-query: http.html:"Airwatch" tags: panel,workspaceone,vmware diff --git a/http/exposed-panels/wowza-streaming-engine.yaml b/http/exposed-panels/wowza-streaming-engine.yaml index e452f2270ae..916a5f21523 100644 --- a/http/exposed-panels/wowza-streaming-engine.yaml +++ b/http/exposed-panels/wowza-streaming-engine.yaml @@ -6,9 +6,9 @@ info: severity: info description: Wowza Streaming Engine Manager panel was detected. metadata: + max-request: 1 vendor: wowza product: streaming_engine - max-request: 1 shodan-query: http.title:"Manager" product:"Wowza Streaming Engine" tags: panel diff --git a/http/exposed-panels/wso2-management-console.yaml b/http/exposed-panels/wso2-management-console.yaml index 525f477178c..c98311fa206 100644 --- a/http/exposed-panels/wso2-management-console.yaml +++ b/http/exposed-panels/wso2-management-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: wso2 product: api_manager - max-request: 1 shodan-query: http.favicon.hash:1398055326 tags: panel,wso2,edb diff --git a/http/exposed-panels/xeams-admin-console.yaml b/http/exposed-panels/xeams-admin-console.yaml index 085baa19028..f6d2baa692f 100644 --- a/http/exposed-panels/xeams-admin-console.yaml +++ b/http/exposed-panels/xeams-admin-console.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: synametrics - product: xeams verified: true max-request: 2 + vendor: synametrics + product: xeams shodan-query: http.title:"Xeams Admin" tags: panel,xeams,admin,console diff --git a/http/exposed-panels/xenmobile-login.yaml b/http/exposed-panels/xenmobile-login.yaml index eba784be686..e70f29a8f48 100644 --- a/http/exposed-panels/xenmobile-login.yaml +++ b/http/exposed-panels/xenmobile-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: xenmobile_device_manager_mdm - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/xoops/xoops-installation-wizard.yaml b/http/exposed-panels/xoops/xoops-installation-wizard.yaml index 6546e333610..7142096081e 100644 --- a/http/exposed-panels/xoops/xoops-installation-wizard.yaml +++ b/http/exposed-panels/xoops/xoops-installation-wizard.yaml @@ -6,9 +6,9 @@ info: severity: low description: XOOPS Installation Wizard panel was detected. metadata: + max-request: 1 vendor: xoops product: xoops - max-request: 1 tags: panel,xoops http: diff --git a/http/exposed-panels/xvr-login.yaml b/http/exposed-panels/xvr-login.yaml index a15d6c81644..b56a3b5c203 100644 --- a/http/exposed-panels/xvr-login.yaml +++ b/http/exposed-panels/xvr-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: dahuasecurity product: xvr5xxx - max-request: 1 shodan-query: http.title:"XVR LOGIN" tags: panel,xvr diff --git a/http/exposed-panels/xxljob-panel.yaml b/http/exposed-panels/xxljob-panel.yaml index 49da482afcd..fd7f0265c39 100644 --- a/http/exposed-panels/xxljob-panel.yaml +++ b/http/exposed-panels/xxljob-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: xuxueli - product: xxl-job verified: true max-request: 2 + vendor: xuxueli + product: xxl-job shodan-query: http.favicon.hash:1691956220 tags: panel,xxljob,login diff --git a/http/exposed-panels/yarn-manager-exposure.yaml b/http/exposed-panels/yarn-manager-exposure.yaml index 5962c0ef479..f7cac04c7cf 100644 --- a/http/exposed-panels/yarn-manager-exposure.yaml +++ b/http/exposed-panels/yarn-manager-exposure.yaml @@ -6,9 +6,9 @@ info: severity: low description: Apache YARN ResourceManager panel was detected. metadata: + max-request: 1 vendor: apache product: hadoop - max-request: 1 tags: panel,apache,yarn,exposure http: diff --git a/http/exposed-panels/yzmcms-panel.yaml b/http/exposed-panels/yzmcms-panel.yaml index 200f22b35bc..d3b400fdf96 100644 --- a/http/exposed-panels/yzmcms-panel.yaml +++ b/http/exposed-panels/yzmcms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: yzmcms product: yzmcms - max-request: 1 shodan-query: http.title:"YzmCMS" tags: panel,yzmcms,login diff --git a/http/exposed-panels/zabbix-server-login.yaml b/http/exposed-panels/zabbix-server-login.yaml index c7bfca3f712..3c1880a1816 100644 --- a/http/exposed-panels/zabbix-server-login.yaml +++ b/http/exposed-panels/zabbix-server-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zabbix product: zabbix - max-request: 1 shodan-query: http.title:"zabbix-server" tags: panel,zabbix diff --git a/http/exposed-panels/zblog-exposed-admin-panel.yaml b/http/exposed-panels/zblog-exposed-admin-panel.yaml index bbcd1e42ad2..33fa68ab871 100644 --- a/http/exposed-panels/zblog-exposed-admin-panel.yaml +++ b/http/exposed-panels/zblog-exposed-admin-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zblogcn - product: zblogphp verified: true max-request: 1 + vendor: zblogcn + product: zblogphp shodan-query: http.title:zblog tags: zblog,panel diff --git a/http/exposed-panels/zenario-login-panel.yaml b/http/exposed-panels/zenario-login-panel.yaml index 391e7374666..d020d72ab95 100644 --- a/http/exposed-panels/zenario-login-panel.yaml +++ b/http/exposed-panels/zenario-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: tribalsystems product: zenario - max-request: 1 tags: panel,zenario http: diff --git a/http/exposed-panels/zentao-detect.yaml b/http/exposed-panels/zentao-detect.yaml index 1749b04c0f6..1ba21e7ca16 100644 --- a/http/exposed-panels/zentao-detect.yaml +++ b/http/exposed-panels/zentao-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: easycorp product: zentao - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/zeroshell-login.yaml b/http/exposed-panels/zeroshell-login.yaml index 2492edeff89..b0a6a396857 100644 --- a/http/exposed-panels/zeroshell-login.yaml +++ b/http/exposed-panels/zeroshell-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zeroshell product: zeroshell - max-request: 1 shodan-query: http.title:"ZeroShell" tags: panel,zeroshell diff --git a/http/exposed-panels/zimbra-web-client.yaml b/http/exposed-panels/zimbra-web-client.yaml index b210c772085..4a7b4170fb8 100644 --- a/http/exposed-panels/zimbra-web-client.yaml +++ b/http/exposed-panels/zimbra-web-client.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: synacor - product: zimbra_collaboration_suite verified: true max-request: 1 + vendor: synacor + product: zimbra_collaboration_suite shodan-query: http.title:"Zimbra Web Client Sign In" tags: edb,panel,zimbra diff --git a/http/exposed-panels/zimbra-web-login.yaml b/http/exposed-panels/zimbra-web-login.yaml index 4e616ca0a83..95aeb55cf86 100644 --- a/http/exposed-panels/zimbra-web-login.yaml +++ b/http/exposed-panels/zimbra-web-login.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: synacor - product: zimbra_collaboration_suite verified: true max-request: 1 + vendor: synacor + product: zimbra_collaboration_suite shodan-query: http.title:"Zimbra Collaboration Suite" tags: panel,zimbra diff --git a/http/exposed-panels/zoho/manageengine-adaudit.yaml b/http/exposed-panels/zoho/manageengine-adaudit.yaml index 7d576ca15d1..679fb345ddf 100644 --- a/http/exposed-panels/zoho/manageengine-adaudit.yaml +++ b/http/exposed-panels/zoho/manageengine-adaudit.yaml @@ -14,10 +14,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zohocorp - product: manageengine_adaudit_plus verified: true max-request: 2 + vendor: zohocorp + product: manageengine_adaudit_plus shodan-query: http.title:"ADAudit Plus" || http.title:"ManageEngine - ADManager Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-adselfservice.yaml b/http/exposed-panels/zoho/manageengine-adselfservice.yaml index d4f777ad094..d30fb4e6285 100644 --- a/http/exposed-panels/zoho/manageengine-adselfservice.yaml +++ b/http/exposed-panels/zoho/manageengine-adselfservice.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zohocorp - product: manageengine_adselfservice_plus verified: true max-request: 2 + vendor: zohocorp + product: manageengine_adselfservice_plus shodan-query: http.title:"ADSelfService Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-analytics.yaml b/http/exposed-panels/zoho/manageengine-analytics.yaml index 86e0ce39a49..0e775cc0e80 100644 --- a/http/exposed-panels/zoho/manageengine-analytics.yaml +++ b/http/exposed-panels/zoho/manageengine-analytics.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_analytics_plus - max-request: 1 fofa-query: app="ZOHO-流量管理" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml b/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml index 60588735e78..3f00a259832 100644 --- a/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml +++ b/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_analytics_plus - max-request: 1 shodan-query: http.title:"APEX IT Help Desk" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-applications-manager.yaml b/http/exposed-panels/zoho/manageengine-applications-manager.yaml index 416b387e2c3..1e9913f75a9 100644 --- a/http/exposed-panels/zoho/manageengine-applications-manager.yaml +++ b/http/exposed-panels/zoho/manageengine-applications-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_applications_manager - max-request: 1 tags: panel,zoho,manageengine http: diff --git a/http/exposed-panels/zoho/manageengine-assetexplorer.yaml b/http/exposed-panels/zoho/manageengine-assetexplorer.yaml index 46f69b6ded2..3f42d8b077d 100644 --- a/http/exposed-panels/zoho/manageengine-assetexplorer.yaml +++ b/http/exposed-panels/zoho/manageengine-assetexplorer.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_assetexplorer - max-request: 1 shodan-query: http.title:"ManageEngine AssetExplorer" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-desktop.yaml b/http/exposed-panels/zoho/manageengine-desktop.yaml index 31e40697687..77ee23c6166 100644 --- a/http/exposed-panels/zoho/manageengine-desktop.yaml +++ b/http/exposed-panels/zoho/manageengine-desktop.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_desktop_central - max-request: 1 shodan-query: http.title:"ManageEngine Desktop Central 10" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-network-config.yaml b/http/exposed-panels/zoho/manageengine-network-config.yaml index 87249427a7f..8fe60ca548c 100644 --- a/http/exposed-panels/zoho/manageengine-network-config.yaml +++ b/http/exposed-panels/zoho/manageengine-network-config.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zohocorp - product: manageengine_network_configuration_manager verified: true max-request: 1 + vendor: zohocorp + product: manageengine_network_configuration_manager shodan-query: http.title:"Network Configuration Manager" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-opmanager.yaml b/http/exposed-panels/zoho/manageengine-opmanager.yaml index 7fdb037163c..f0ba34caf1e 100644 --- a/http/exposed-panels/zoho/manageengine-opmanager.yaml +++ b/http/exposed-panels/zoho/manageengine-opmanager.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_opmanager - max-request: 1 shodan-query: http.title:"OpManager Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-servicedesk.yaml b/http/exposed-panels/zoho/manageengine-servicedesk.yaml index 4731249ff46..d55a5114d1b 100644 --- a/http/exposed-panels/zoho/manageengine-servicedesk.yaml +++ b/http/exposed-panels/zoho/manageengine-servicedesk.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_servicedesk_plus - max-request: 1 shodan-query: http.title:"ManageEngine ServiceDesk Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-supportcenter.yaml b/http/exposed-panels/zoho/manageengine-supportcenter.yaml index dcfa5c88135..b6bddf58bc8 100644 --- a/http/exposed-panels/zoho/manageengine-supportcenter.yaml +++ b/http/exposed-panels/zoho/manageengine-supportcenter.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_supportcenter_plus - max-request: 1 shodan-query: http.title:"ManageEngine SupportCenter Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoneminder-login.yaml b/http/exposed-panels/zoneminder-login.yaml index ad6545925ab..5c4ac813774 100644 --- a/http/exposed-panels/zoneminder-login.yaml +++ b/http/exposed-panels/zoneminder-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zoneminder product: zoneminder - max-request: 1 tags: panel,zoneminder http: diff --git a/http/exposed-panels/zyxel-router-panel.yaml b/http/exposed-panels/zyxel-router-panel.yaml index 4267da666d4..44e1aaefb48 100644 --- a/http/exposed-panels/zyxel-router-panel.yaml +++ b/http/exposed-panels/zyxel-router-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zyxel - product: nr5101 verified: true max-request: 2 + vendor: zyxel + product: nr5101 shodan-query: 'title:"Web-Based Configurator" html:"zyxel"' tags: panel,zyxel,router,iot diff --git a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml index ce46228b818..c15093b12dd 100644 --- a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml +++ b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml @@ -5,10 +5,10 @@ info: author: princechaddha severity: info metadata: - vendor: zyxel - product: vmg1312-b10d_firmware verified: true max-request: 1 + vendor: zyxel + product: vmg1312-b10d_firmware shodan-query: http.html:"VMG1312-B10D" tags: tech,zyxel,modem,router,panel diff --git a/http/exposures/apis/swagger-api.yaml b/http/exposures/apis/swagger-api.yaml index 433638d12d3..98326f2280a 100644 --- a/http/exposures/apis/swagger-api.yaml +++ b/http/exposures/apis/swagger-api.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 59 shodan-query: "http.title:\"swagger\"" - verified: true tags: exposure,api,swagger http: diff --git a/http/exposures/configs/sphinxsearch-config.yaml b/http/exposures/configs/sphinxsearch-config.yaml index 17b471a071f..ce144a89762 100644 --- a/http/exposures/configs/sphinxsearch-config.yaml +++ b/http/exposures/configs/sphinxsearch-config.yaml @@ -10,8 +10,8 @@ info: reference: - https://github.com/manticorp/SphinxSearch/blob/master/sphinx.conf.example metadata: - max-request: 7 verified: true + max-request: 7 tags: sphinx,sphinxsearch,exposure,config http: diff --git a/http/exposures/files/ds-store-file.yaml b/http/exposures/files/ds-store-file.yaml index 6aa19d27736..11703352652 100644 --- a/http/exposures/files/ds-store-file.yaml +++ b/http/exposures/files/ds-store-file.yaml @@ -2,9 +2,9 @@ id: ds-store-file info: name: Exposed DS_Store File - description: A .DS_Store file was found. This file may contain names of files that exist on the server, including backups or other files that aren't meant to be publicly available. author: 0w4ys,pwnhxl severity: info + description: A .DS_Store file was found. This file may contain names of files that exist on the server, including backups or other files that aren't meant to be publicly available. reference: - https://github.com/lijiejie/ds_store_exp metadata: diff --git a/http/exposures/files/generic-db.yaml b/http/exposures/files/generic-db.yaml index 99da464258b..52d21d14e5a 100644 --- a/http/exposures/files/generic-db.yaml +++ b/http/exposures/files/generic-db.yaml @@ -7,37 +7,37 @@ info: description: | This is collection of some web frameworks recommendation or default configuration for SQLite database file location. If this file is publicly accessible due to server misconfiguration, it could result in application data leak including users sensitive data, password hashes etc. reference: - - https://laravel.com/docs/11.x/database#sqlite-configuration # database/database.sqlite - - https://laravel.com/docs/5.2/database # database/database.sqlite - - https://github.com/laracasts/larabook/blob/master/app/config/database.php#L51 # app/database/production.sqlite - - https://forum.codeigniter.com/post-389846.html # writable/db.sqlite3 - - https://github.com/codeigniter4projects/playground/blob/develop/.env.example#L33 # writable/database.db - - https://symfony.com/doc/current/doctrine.html#configuring-the-database # var/app.db - - https://symfony.com/doc/4.x/doctrine.html#configuring-the-database # var/app.db - - https://symfony.com/doc/3.x/doctrine.html # app/sqlite.db - - https://symfony.com/doc/2.x/doctrine.html # sqlite.db - - https://openclassrooms.com/forum/sujet/symfony3-sqlite-could-not-create-database # var/data/db.sqlite - - https://symfony.com/doc/current/reference/configuration/doctrine.html#doctrine-dbal-configuration # var/data/data.sqlite - - https://stackoverflow.com/questions/31762878/sqlite-3-database-with-django # db.sqlite3 - - https://medium.com/@codewithbushra/using-sqlite-as-a-database-backend-in-django-projects-code-with-bushra-d23e3100686e # db.sqlite3 - - https://gist.github.com/jwo/4512764?permalink_comment_id=2235763#gistcomment-2235763 # db/production.sqlite3 - - https://stackoverflow.com/a/30345819/1632572 # db/production.sqlite3 - - https://developerhowto.com/2018/12/29/build-a-rest-api-with-node-js-and-express-js/ # db.sqlite - - https://sqldocs.org/sqlite/sqlite-nodejs/ # mydb.sqlite - - https://stackoverflow.com/questions/41620788/error-database-connection-sqlite-is-missing-or-could-not-be-created-cakephp # app/data/app_db.sqlite - - https://stackoverflow.com/questions/2722383/using-sqlite3-with-cakephp # app/webroot/database.sqlite, app/database.sqlite - - https://levelup.gitconnected.com/how-to-connect-and-use-the-sqlite-database-in-codeigniter-3-48cd50d3e78d # application/databases/db.sqlite - - https://turmanauli.medium.com/how-to-connect-codeigniter-to-sqlite3-database-like-a-pro-2177497a6d30 # application/db/database.sqlite - - https://forum.codeigniter.com/thread-74522.html # application/Database/db1.db - - https://stackoverflow.com/a/37088960/1632572 # application/database/data.db - - https://docs.laminas.dev/tutorials/getting-started/database-and-models/ # data/*.db - - https://phalcon-nucleon.github.io/#!database/getting-started.html # storage/database/database.sqlite - - https://www.yiiframework.com/doc/blog/1.1/en/prototype.database # protected/data/*.db - - https://pusher.com/tutorials/rest-api-slim-part-1/ # db/database.db - - https://www.digitalocean.com/community/tutorials/how-to-use-the-fat-free-php-framework # db/database.sqlite - - https://doc.nette.org/en/database/configuration#toc-single-connection # app/Model/*.db - - https://www.sqlite.org/fileformat.html # SQLite file always starts with "SQLite format {sqlite_version}" - - https://en.wikipedia.org/wiki/List_of_file_signatures # SQLite binary signature: 53 51 4C 69 74 65 20 66 6F 72 6D 61 74 20 + - https://laravel.com/docs/11.x/database#sqlite-configuration # database/database.sqlite + - https://laravel.com/docs/5.2/database # database/database.sqlite + - https://github.com/laracasts/larabook/blob/master/app/config/database.php#L51 # app/database/production.sqlite + - https://forum.codeigniter.com/post-389846.html # writable/db.sqlite3 + - https://github.com/codeigniter4projects/playground/blob/develop/.env.example#L33 # writable/database.db + - https://symfony.com/doc/current/doctrine.html#configuring-the-database # var/app.db + - https://symfony.com/doc/4.x/doctrine.html#configuring-the-database # var/app.db + - https://symfony.com/doc/3.x/doctrine.html # app/sqlite.db + - https://symfony.com/doc/2.x/doctrine.html # sqlite.db + - https://openclassrooms.com/forum/sujet/symfony3-sqlite-could-not-create-database # var/data/db.sqlite + - https://symfony.com/doc/current/reference/configuration/doctrine.html#doctrine-dbal-configuration # var/data/data.sqlite + - https://stackoverflow.com/questions/31762878/sqlite-3-database-with-django # db.sqlite3 + - https://medium.com/@codewithbushra/using-sqlite-as-a-database-backend-in-django-projects-code-with-bushra-d23e3100686e # db.sqlite3 + - https://gist.github.com/jwo/4512764?permalink_comment_id=2235763#gistcomment-2235763 # db/production.sqlite3 + - https://stackoverflow.com/a/30345819/1632572 # db/production.sqlite3 + - https://developerhowto.com/2018/12/29/build-a-rest-api-with-node-js-and-express-js/ # db.sqlite + - https://sqldocs.org/sqlite/sqlite-nodejs/ # mydb.sqlite + - https://stackoverflow.com/questions/41620788/error-database-connection-sqlite-is-missing-or-could-not-be-created-cakephp # app/data/app_db.sqlite + - https://stackoverflow.com/questions/2722383/using-sqlite3-with-cakephp # app/webroot/database.sqlite, app/database.sqlite + - https://levelup.gitconnected.com/how-to-connect-and-use-the-sqlite-database-in-codeigniter-3-48cd50d3e78d # application/databases/db.sqlite + - https://turmanauli.medium.com/how-to-connect-codeigniter-to-sqlite3-database-like-a-pro-2177497a6d30 # application/db/database.sqlite + - https://forum.codeigniter.com/thread-74522.html # application/Database/db1.db + - https://stackoverflow.com/a/37088960/1632572 # application/database/data.db + - https://docs.laminas.dev/tutorials/getting-started/database-and-models/ # data/*.db + - https://phalcon-nucleon.github.io/#!database/getting-started.html # storage/database/database.sqlite + - https://www.yiiframework.com/doc/blog/1.1/en/prototype.database # protected/data/*.db + - https://pusher.com/tutorials/rest-api-slim-part-1/ # db/database.db + - https://www.digitalocean.com/community/tutorials/how-to-use-the-fat-free-php-framework # db/database.sqlite + - https://doc.nette.org/en/database/configuration#toc-single-connection # app/Model/*.db + - https://www.sqlite.org/fileformat.html # SQLite file always starts with "SQLite format {sqlite_version}" + - https://en.wikipedia.org/wiki/List_of_file_signatures # SQLite binary signature: 53 51 4C 69 74 65 20 66 6F 72 6D 61 74 20 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/http/exposures/logs/teampass-ldap.yaml b/http/exposures/logs/teampass-ldap.yaml index c49a5f29fef..d8150c3efdf 100644 --- a/http/exposures/logs/teampass-ldap.yaml +++ b/http/exposures/logs/teampass-ldap.yaml @@ -13,8 +13,8 @@ info: cvss-score: 7.5 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 fofa-query: app="TEAMPASS" tags: exposure,teampass,ldap,logs diff --git a/http/fuzzing/wordpress-plugins-detect.yaml b/http/fuzzing/wordpress-plugins-detect.yaml index 09cb5eb977b..d24187e45e8 100644 --- a/http/fuzzing/wordpress-plugins-detect.yaml +++ b/http/fuzzing/wordpress-plugins-detect.yaml @@ -5,7 +5,7 @@ info: author: 0xcrypto severity: info metadata: - max-request: 98135 + max-request: 100563 tags: fuzz,wordpress http: diff --git a/http/miscellaneous/maxforwards-headers-detect.yaml b/http/miscellaneous/maxforwards-headers-detect.yaml index 13490d201b0..a16c9df15ce 100644 --- a/http/miscellaneous/maxforwards-headers-detect.yaml +++ b/http/miscellaneous/maxforwards-headers-detect.yaml @@ -1,21 +1,21 @@ id: maxforwards-headers-detect -info: - name: Max-Forwards Header - Detect - author: righettod - severity: info - description: Max-Forwards response header is specified. - reference: - - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Max-Forwards - - https://http.dev/max-forwards - - https://twitter.com/irsdl/status/1337299267652825088 - metadata: - verified: true - max-request: 1 - shodan-query: "Max-Forwards:" - fofa-query: header="max-forwards" - tags: miscellaneous,misc,max-forwards - +info: + name: Max-Forwards Header - Detect + author: righettod + severity: info + description: Max-Forwards response header is specified. + reference: + - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Max-Forwards + - https://http.dev/max-forwards + - https://twitter.com/irsdl/status/1337299267652825088 + metadata: + verified: true + max-request: 1 + shodan-query: "Max-Forwards:" + fofa-query: header="max-forwards" + tags: miscellaneous,misc,max-forwards + http: - method: GET path: diff --git a/http/misconfiguration/cloudflare-rocketloader-htmli.yaml b/http/misconfiguration/cloudflare-rocketloader-htmli.yaml index 87296005fed..9f2110a5f31 100644 --- a/http/misconfiguration/cloudflare-rocketloader-htmli.yaml +++ b/http/misconfiguration/cloudflare-rocketloader-htmli.yaml @@ -11,8 +11,8 @@ info: - https://developers.cloudflare.com/speed/optimization/content/rocket-loader/enable/ - https://developers.cloudflare.com/fundamentals/reference/policies-compliances/content-security-policies/#product-requirements metadata: - max-request: 1 verified: true + max-request: 1 tags: misconfig,cloudflare,htmli http: diff --git a/http/misconfiguration/sap/sap-public-admin.yaml b/http/misconfiguration/sap/sap-public-admin.yaml index 31bb93bc20e..14200e69162 100644 --- a/http/misconfiguration/sap/sap-public-admin.yaml +++ b/http/misconfiguration/sap/sap-public-admin.yaml @@ -4,13 +4,12 @@ info: name: SAP ICM Admin Web Interface author: t3l3machus severity: low - description: - The SAP ICM (Internet Communication Manager) admin monitor interface is often set to public and can be accessed without authentication. The interface discloses version information about the underlying operating system, a brief SAP patch level overview, running services including their corresponding ports and more. + description: The SAP ICM (Internet Communication Manager) admin monitor interface is often set to public and can be accessed without authentication. The interface discloses version information about the underlying operating system, a brief SAP patch level overview, running services including their corresponding ports and more. reference: - https://www.saptechnicalguru.com/information-disclosure-sap-web-administration-interface/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: html:"SAP" tags: sap,misconfig,admin,dashboard diff --git a/http/osint/phishing/1password-phish.yaml b/http/osint/phishing/1password-phish.yaml index 23dbf177f61..cfb6c753c09 100644 --- a/http/osint/phishing/1password-phish.yaml +++ b/http/osint/phishing/1password-phish.yaml @@ -1,15 +1,16 @@ id: 1password-phish -info: - name: 1password phishing Detection - author: rxerium - severity: info - description: | - A 1password phishing website was detected - reference: - - https://1password.com +info: + name: 1password phishing Detection + author: rxerium + severity: info + description: | + A 1password phishing website was detected + reference: + - https://1password.com + metadata: + max-request: 1 tags: phishing,1password,osint - http: - method: GET path: diff --git a/http/osint/phishing/adobe-phish.yaml b/http/osint/phishing/adobe-phish.yaml index 5476559196b..d848a111e6a 100644 --- a/http/osint/phishing/adobe-phish.yaml +++ b/http/osint/phishing/adobe-phish.yaml @@ -1,15 +1,16 @@ id: adobe-phish -info: - name: adobe phishing Detection - author: rxerium - severity: info - description: | - An adobe phishing website was detected - reference: - - https://adobe.com +info: + name: adobe phishing Detection + author: rxerium + severity: info + description: | + An adobe phishing website was detected + reference: + - https://adobe.com + metadata: + max-request: 1 tags: phishing,adobe,osint - http: - method: GET path: diff --git a/http/osint/phishing/aliexpress-phish.yaml b/http/osint/phishing/aliexpress-phish.yaml index 3a7226f401f..f48faed1b94 100644 --- a/http/osint/phishing/aliexpress-phish.yaml +++ b/http/osint/phishing/aliexpress-phish.yaml @@ -1,15 +1,16 @@ id: aliexpress-phish -info: - name: aliexpress phishing Detection - author: rxerium - severity: info - description: | - An aliexpress phishing website was detected - reference: - - https://aliexpress.com +info: + name: aliexpress phishing Detection + author: rxerium + severity: info + description: | + An aliexpress phishing website was detected + reference: + - https://aliexpress.com + metadata: + max-request: 1 tags: phishing,aliexpress,osint - http: - method: GET path: diff --git a/http/osint/phishing/amazon-phish.yaml b/http/osint/phishing/amazon-phish.yaml index bf762ca186f..a737a22a726 100644 --- a/http/osint/phishing/amazon-phish.yaml +++ b/http/osint/phishing/amazon-phish.yaml @@ -1,15 +1,16 @@ id: amazon-phish -info: - name: Amazon phishing Detection - author: rxerium - severity: info - description: | - An amazon phishing website was detected - reference: - - https://amazon.com - tags: phishing,amazon,osint - +info: + name: Amazon phishing Detection + author: rxerium + severity: info + description: | + An amazon phishing website was detected + reference: + - https://amazon.com + metadata: + max-request: 1 + tags: phishing,amazon,osint http: - method: GET path: diff --git a/http/osint/phishing/amazon-web-services-phish.yaml b/http/osint/phishing/amazon-web-services-phish.yaml index fce3fa438c8..9009e1fadab 100644 --- a/http/osint/phishing/amazon-web-services-phish.yaml +++ b/http/osint/phishing/amazon-web-services-phish.yaml @@ -1,15 +1,16 @@ id: amazon-web-services-phish -info: - name: amazon web services phishing Detection - author: rxerium - severity: info - description: | - An amazon-web-services phishing website was detected - reference: - - https://signin.aws.amazon.com +info: + name: amazon web services phishing Detection + author: rxerium + severity: info + description: | + An amazon-web-services phishing website was detected + reference: + - https://signin.aws.amazon.com + metadata: + max-request: 1 tags: phishing,amazon-web-services,aws,osint - http: - method: GET path: diff --git a/http/osint/phishing/american-express-phish.yaml b/http/osint/phishing/american-express-phish.yaml index acd84b9e0ed..8a94285f37a 100644 --- a/http/osint/phishing/american-express-phish.yaml +++ b/http/osint/phishing/american-express-phish.yaml @@ -1,15 +1,16 @@ id: american-express-phish -info: - name: american-express phishing Detection - author: rxerium - severity: info - description: | - An american express phishing website was detected - reference: - - https://www.americanexpress.com +info: + name: american-express phishing Detection + author: rxerium + severity: info + description: | + An american express phishing website was detected + reference: + - https://www.americanexpress.com + metadata: + max-request: 1 tags: phishing,american-express,osint - http: - method: GET path: diff --git a/http/osint/phishing/anydesk-phish.yaml b/http/osint/phishing/anydesk-phish.yaml index d58b203e5dc..b2257c56cdf 100644 --- a/http/osint/phishing/anydesk-phish.yaml +++ b/http/osint/phishing/anydesk-phish.yaml @@ -1,15 +1,16 @@ id: anydesk-phish -info: - name: anydesk phishing Detection - author: rxerium - severity: info - description: | - An anydesk phishing website was detected - reference: - - https://anydesk.com +info: + name: anydesk phishing Detection + author: rxerium + severity: info + description: | + An anydesk phishing website was detected + reference: + - https://anydesk.com + metadata: + max-request: 1 tags: phishing,anydesk,osint - http: - method: GET path: diff --git a/http/osint/phishing/avast-phish.yaml b/http/osint/phishing/avast-phish.yaml index 6271d8e3e30..512e45479da 100644 --- a/http/osint/phishing/avast-phish.yaml +++ b/http/osint/phishing/avast-phish.yaml @@ -1,15 +1,16 @@ id: avast-phish -info: - name: avast phishing Detection - author: rxerium - severity: info - description: | - An avast phishing website was detected - reference: - - https://avast.com +info: + name: avast phishing Detection + author: rxerium + severity: info + description: | + An avast phishing website was detected + reference: + - https://avast.com + metadata: + max-request: 1 tags: phishing,avast,osint - http: - method: GET path: diff --git a/http/osint/phishing/avg-phish.yaml b/http/osint/phishing/avg-phish.yaml index 9ce3687aa8f..34656ead3c7 100644 --- a/http/osint/phishing/avg-phish.yaml +++ b/http/osint/phishing/avg-phish.yaml @@ -1,15 +1,16 @@ id: avg-phish -info: - name: avg phishing Detection - author: rxerium - severity: info - description: | - An avg phishing website was detected - reference: - - https://avg.com +info: + name: avg phishing Detection + author: rxerium + severity: info + description: | + An avg phishing website was detected + reference: + - https://avg.com + metadata: + max-request: 1 tags: phishing,avg,osint - http: - method: GET path: diff --git a/http/osint/phishing/bank-of-america-phish.yaml b/http/osint/phishing/bank-of-america-phish.yaml index f4a14af6c4b..140fbbce3f9 100644 --- a/http/osint/phishing/bank-of-america-phish.yaml +++ b/http/osint/phishing/bank-of-america-phish.yaml @@ -1,15 +1,16 @@ id: bank-of-america-phish -info: - name: Bank Of America phishing Detection - author: rxerium - severity: info - description: | - A Bank Of America phishing website was detected - reference: - - https://bankofamerica.com +info: + name: Bank Of America phishing Detection + author: rxerium + severity: info + description: | + A Bank Of America phishing website was detected + reference: + - https://bankofamerica.com + metadata: + max-request: 1 tags: phishing,BankOfAmerica,osint - http: - method: GET path: diff --git a/http/osint/phishing/battlenet-phish.yaml b/http/osint/phishing/battlenet-phish.yaml index 9e138de3124..95cd040fe06 100644 --- a/http/osint/phishing/battlenet-phish.yaml +++ b/http/osint/phishing/battlenet-phish.yaml @@ -1,15 +1,16 @@ id: battlenet-phish -info: - name: battlenet phishing Detection - author: rxerium - severity: info - description: | - A battlenet phishing website was detected - reference: - - https://eu.account.battle.net/login +info: + name: battlenet phishing Detection + author: rxerium + severity: info + description: | + A battlenet phishing website was detected + reference: + - https://eu.account.battle.net/login + metadata: + max-request: 1 tags: phishing,battlenet,osint - http: - method: GET path: diff --git a/http/osint/phishing/bestbuy-phish.yaml b/http/osint/phishing/bestbuy-phish.yaml index 2824ecf4f1e..de495199dd1 100644 --- a/http/osint/phishing/bestbuy-phish.yaml +++ b/http/osint/phishing/bestbuy-phish.yaml @@ -1,15 +1,16 @@ id: best-buy-phish -info: - name: best buy phishing Detection - author: rxerium - severity: info - description: | - A best buy phishing website was detected - reference: - - https://bestbuy.com +info: + name: best buy phishing Detection + author: rxerium + severity: info + description: | + A best buy phishing website was detected + reference: + - https://bestbuy.com + metadata: + max-request: 1 tags: phishing,bestbuy,osint - http: - method: GET path: diff --git a/http/osint/phishing/bitdefender-phish.yaml b/http/osint/phishing/bitdefender-phish.yaml index d3f037a2581..f8cbaafcaa8 100644 --- a/http/osint/phishing/bitdefender-phish.yaml +++ b/http/osint/phishing/bitdefender-phish.yaml @@ -1,15 +1,16 @@ id: bitdefender-phish -info: - name: bitdefender phishing Detection - author: rxerium - severity: info - description: | - A bitdefender phishing website was detected - reference: - - https://bitdefender.com +info: + name: bitdefender phishing Detection + author: rxerium + severity: info + description: | + A bitdefender phishing website was detected + reference: + - https://bitdefender.com + metadata: + max-request: 1 tags: phishing,bitdefender,osint - http: - method: GET path: diff --git a/http/osint/phishing/bitwarden-phish.yaml b/http/osint/phishing/bitwarden-phish.yaml index 2209b13baf6..b5f3b740319 100644 --- a/http/osint/phishing/bitwarden-phish.yaml +++ b/http/osint/phishing/bitwarden-phish.yaml @@ -1,15 +1,16 @@ id: bitwarden-phish -info: - name: bitwarden phishing Detection - author: rxerium - severity: info - description: | - A bitwarden phishing website was detected - reference: - - https://bitwarden.com +info: + name: bitwarden phishing Detection + author: rxerium + severity: info + description: | + A bitwarden phishing website was detected + reference: + - https://bitwarden.com + metadata: + max-request: 1 tags: phishing,bitwarden,osint - http: - method: GET path: diff --git a/http/osint/phishing/blender-phish.yaml b/http/osint/phishing/blender-phish.yaml index b3f8a7ae357..1f30a2ad0a6 100644 --- a/http/osint/phishing/blender-phish.yaml +++ b/http/osint/phishing/blender-phish.yaml @@ -1,15 +1,16 @@ id: blender-phish -info: - name: blender phishing Detection - author: rxerium - severity: info - description: | - A blender phishing website was detected - reference: - - https://blender.org +info: + name: blender phishing Detection + author: rxerium + severity: info + description: | + A blender phishing website was detected + reference: + - https://blender.org + metadata: + max-request: 1 tags: phishing,blender,osint - http: - method: GET path: diff --git a/http/osint/phishing/booking-phish.yaml b/http/osint/phishing/booking-phish.yaml index 7234dab6186..9205e74350f 100644 --- a/http/osint/phishing/booking-phish.yaml +++ b/http/osint/phishing/booking-phish.yaml @@ -1,15 +1,16 @@ id: booking-phish -info: - name: booking phishing Detection - author: rxerium - severity: info - description: | - A booking phishing website was detected - reference: - - https://booking.com +info: + name: booking phishing Detection + author: rxerium + severity: info + description: | + A booking phishing website was detected + reference: + - https://booking.com + metadata: + max-request: 1 tags: phishing,booking,osint - http: - method: GET path: diff --git a/http/osint/phishing/box-storage-phish.yaml b/http/osint/phishing/box-storage-phish.yaml index a230bd86f1e..b4d9b05234e 100644 --- a/http/osint/phishing/box-storage-phish.yaml +++ b/http/osint/phishing/box-storage-phish.yaml @@ -1,15 +1,16 @@ id: box-phish -info: - name: box phishing Detection - author: rxerium - severity: info - description: | - A box phishing website was detected - reference: - - https://box.com +info: + name: box phishing Detection + author: rxerium + severity: info + description: | + A box phishing website was detected + reference: + - https://box.com + metadata: + max-request: 1 tags: phishing,box-storage,osint - http: - method: GET path: diff --git a/http/osint/phishing/brave-phish.yaml b/http/osint/phishing/brave-phish.yaml index 61cd683b153..b335d5c4603 100644 --- a/http/osint/phishing/brave-phish.yaml +++ b/http/osint/phishing/brave-phish.yaml @@ -1,15 +1,16 @@ id: brave-phish -info: - name: brave phishing Detection - author: rxerium - severity: info - description: | - A brave phishing website was detected - reference: - - https://brave.com +info: + name: brave phishing Detection + author: rxerium + severity: info + description: | + A brave phishing website was detected + reference: + - https://brave.com + metadata: + max-request: 1 tags: phishing,brave,osint - http: - method: GET path: diff --git a/http/osint/phishing/brighthr-phish.yaml b/http/osint/phishing/brighthr-phish.yaml index e5a92dea683..bb0c31a18e1 100644 --- a/http/osint/phishing/brighthr-phish.yaml +++ b/http/osint/phishing/brighthr-phish.yaml @@ -1,15 +1,16 @@ id: brighthr-phish -info: - name: brighthr phishing Detection - author: rxerium - severity: info - description: | - A brighthr phishing website was detected - reference: - - https://brighthr.com +info: + name: brighthr phishing Detection + author: rxerium + severity: info + description: | + A brighthr phishing website was detected + reference: + - https://brighthr.com + metadata: + max-request: 1 tags: phishing,brighthr,osint - http: - method: GET path: diff --git a/http/osint/phishing/ccleaner-phish.yaml b/http/osint/phishing/ccleaner-phish.yaml index fa4001b51b7..4145d8bc6c9 100644 --- a/http/osint/phishing/ccleaner-phish.yaml +++ b/http/osint/phishing/ccleaner-phish.yaml @@ -1,15 +1,16 @@ id: ccleaner-phish -info: - name: ccleaner phishing Detection - author: rxerium - severity: info - description: | - A ccleaner phishing website was detected - reference: - - https://ccleaner.com +info: + name: ccleaner phishing Detection + author: rxerium + severity: info + description: | + A ccleaner phishing website was detected + reference: + - https://ccleaner.com + metadata: + max-request: 1 tags: phishing,ccleaner,osint - http: - method: GET path: diff --git a/http/osint/phishing/chase-phish.yaml b/http/osint/phishing/chase-phish.yaml index 1c1d18ffee7..9c3f62dce7e 100644 --- a/http/osint/phishing/chase-phish.yaml +++ b/http/osint/phishing/chase-phish.yaml @@ -1,15 +1,16 @@ id: Chase-phish -info: - name: Chase phishing Detection - author: rxerium - severity: info - description: | - A Chase phishing website was detected - reference: - - https://chase.com +info: + name: Chase phishing Detection + author: rxerium + severity: info + description: | + A Chase phishing website was detected + reference: + - https://chase.com + metadata: + max-request: 1 tags: phishing,Chase,osint - http: - method: GET path: diff --git a/http/osint/phishing/chrome-phish.yaml b/http/osint/phishing/chrome-phish.yaml index 22caf9c1abb..e678baa58f7 100644 --- a/http/osint/phishing/chrome-phish.yaml +++ b/http/osint/phishing/chrome-phish.yaml @@ -1,15 +1,16 @@ id: chrome-phish -info: - name: chrome phishing Detection - author: rxerium - severity: info - description: | - A chrome phishing website was detected - reference: - - https://www.google.com/intl/en_uk/chrome/ +info: + name: chrome phishing Detection + author: rxerium + severity: info + description: | + A chrome phishing website was detected + reference: + - https://www.google.com/intl/en_uk/chrome/ + metadata: + max-request: 1 tags: phishing,chrome,osint - http: - method: GET path: diff --git a/http/osint/phishing/costa-phish.yaml b/http/osint/phishing/costa-phish.yaml index 51f4e270578..19bd9694661 100644 --- a/http/osint/phishing/costa-phish.yaml +++ b/http/osint/phishing/costa-phish.yaml @@ -1,15 +1,16 @@ id: costa-phish -info: - name: costa phishing Detection - author: rxerium - severity: info - description: | - A costa phishing website was detected - reference: - - https://costa.co.uk +info: + name: costa phishing Detection + author: rxerium + severity: info + description: | + A costa phishing website was detected + reference: + - https://costa.co.uk + metadata: + max-request: 1 tags: phishing,costa,osint - http: - method: GET path: diff --git a/http/osint/phishing/dashlane-phish.yaml b/http/osint/phishing/dashlane-phish.yaml index ead50ba91ed..a666dd37ee3 100644 --- a/http/osint/phishing/dashlane-phish.yaml +++ b/http/osint/phishing/dashlane-phish.yaml @@ -1,15 +1,16 @@ id: dashlane-phish -info: - name: dashlane phishing Detection - author: rxerium - severity: info - description: | - A dashlane phishing website was detected - reference: - - https://dashlane.com +info: + name: dashlane phishing Detection + author: rxerium + severity: info + description: | + A dashlane phishing website was detected + reference: + - https://dashlane.com + metadata: + max-request: 1 tags: phishing,dashlane,osint - http: - method: GET path: diff --git a/http/osint/phishing/deezer-phish.yaml b/http/osint/phishing/deezer-phish.yaml index 1aea91c9444..47d230268c3 100644 --- a/http/osint/phishing/deezer-phish.yaml +++ b/http/osint/phishing/deezer-phish.yaml @@ -1,15 +1,16 @@ id: deezer-phish -info: - name: deezer phishing Detection - author: rxerium - severity: info - description: | - A deezer phishing website was detected - reference: - - https://deezer.com +info: + name: deezer phishing Detection + author: rxerium + severity: info + description: | + A deezer phishing website was detected + reference: + - https://deezer.com + metadata: + max-request: 1 tags: phishing,deezer,osint - http: - method: GET path: diff --git a/http/osint/phishing/deliveroo-phish.yaml b/http/osint/phishing/deliveroo-phish.yaml index 28215fbab88..0e7fa3213c4 100644 --- a/http/osint/phishing/deliveroo-phish.yaml +++ b/http/osint/phishing/deliveroo-phish.yaml @@ -1,15 +1,16 @@ id: deliveroo-phish -info: - name: deliveroo phishing Detection - author: rxerium - severity: info - description: | - A deliveroo phishing website was detected - reference: - - https://deliveroo.co.uk +info: + name: deliveroo phishing Detection + author: rxerium + severity: info + description: | + A deliveroo phishing website was detected + reference: + - https://deliveroo.co.uk + metadata: + max-request: 1 tags: phishing,deliveroo,osint - http: - method: GET path: diff --git a/http/osint/phishing/digital-ocean-phish.yaml b/http/osint/phishing/digital-ocean-phish.yaml index 7bdd3a0ef8f..5bf81e58003 100644 --- a/http/osint/phishing/digital-ocean-phish.yaml +++ b/http/osint/phishing/digital-ocean-phish.yaml @@ -1,15 +1,16 @@ id: digital-ocean-phish -info: - name: digital ocean phishing Detection - author: rxerium - severity: info - description: | - A digital-ocean phishing website was detected - reference: - - https://digitalocean.com +info: + name: digital ocean phishing Detection + author: rxerium + severity: info + description: | + A digital-ocean phishing website was detected + reference: + - https://digitalocean.com + metadata: + max-request: 1 tags: phishing,digital-ocean,osint - http: - method: GET path: diff --git a/http/osint/phishing/discord-phish.yaml b/http/osint/phishing/discord-phish.yaml index 2fea0dbddef..ffeafaa6c8e 100644 --- a/http/osint/phishing/discord-phish.yaml +++ b/http/osint/phishing/discord-phish.yaml @@ -1,15 +1,16 @@ id: Discord-phish -info: - name: Discord phishing Detection - author: rxerium - severity: info - description: | - A Discord phishing website was detected - reference: - - https://discord.com +info: + name: Discord phishing Detection + author: rxerium + severity: info + description: | + A Discord phishing website was detected + reference: + - https://discord.com + metadata: + max-request: 1 tags: phishing,discord,osint - http: - method: GET path: diff --git a/http/osint/phishing/disneyplus-phish.yaml b/http/osint/phishing/disneyplus-phish.yaml index 8867c09a687..5e5b8773a90 100644 --- a/http/osint/phishing/disneyplus-phish.yaml +++ b/http/osint/phishing/disneyplus-phish.yaml @@ -1,15 +1,16 @@ id: disneyplus-phish -info: - name: disneyplus phishing Detection - author: rxerium - severity: info - description: | - A disneyplus phishing website was detected - reference: - - https://disneyplus.com +info: + name: disneyplus phishing Detection + author: rxerium + severity: info + description: | + A disneyplus phishing website was detected + reference: + - https://disneyplus.com + metadata: + max-request: 1 tags: phishing,disneyplus,osint - http: - method: GET path: diff --git a/http/osint/phishing/dropbox-phish.yaml b/http/osint/phishing/dropbox-phish.yaml index 5f3f473bd87..f5d0eb9199b 100644 --- a/http/osint/phishing/dropbox-phish.yaml +++ b/http/osint/phishing/dropbox-phish.yaml @@ -1,15 +1,16 @@ id: dropbox-phish -info: - name: dropbox phishing Detection - author: rxerium - severity: info - description: | - A dropbox phishing website was detected - reference: - - https://dropbox.com +info: + name: dropbox phishing Detection + author: rxerium + severity: info + description: | + A dropbox phishing website was detected + reference: + - https://dropbox.com + metadata: + max-request: 1 tags: phishing,dropbox,osint - http: - method: GET path: diff --git a/http/osint/phishing/duckduckgo-phish.yaml b/http/osint/phishing/duckduckgo-phish.yaml index 4a387caddf5..29d307ad9d4 100644 --- a/http/osint/phishing/duckduckgo-phish.yaml +++ b/http/osint/phishing/duckduckgo-phish.yaml @@ -1,15 +1,16 @@ id: duckduckgo-phish -info: - name: duckduckgo phishing Detection - author: rxerium - severity: info - description: | - A duckduckgo phishing website was detected - reference: - - https://duckduckgo.com +info: + name: duckduckgo phishing Detection + author: rxerium + severity: info + description: | + A duckduckgo phishing website was detected + reference: + - https://duckduckgo.com + metadata: + max-request: 1 tags: phishing,duckduckgo,osint - http: - method: GET path: diff --git a/http/osint/phishing/ebay-phish.yaml b/http/osint/phishing/ebay-phish.yaml index 71d8f27126e..e9c4d689c87 100644 --- a/http/osint/phishing/ebay-phish.yaml +++ b/http/osint/phishing/ebay-phish.yaml @@ -1,15 +1,16 @@ id: ebay-phish -info: - name: ebay phishing Detection - author: rxerium - severity: info - description: | - A ebay phishing website was detected - reference: - - https://ebay.com +info: + name: ebay phishing Detection + author: rxerium + severity: info + description: | + A ebay phishing website was detected + reference: + - https://ebay.com + metadata: + max-request: 1 tags: phishing,ebay,osint - http: - method: GET path: diff --git a/http/osint/phishing/edge-phish.yaml b/http/osint/phishing/edge-phish.yaml index 77d9bac5d76..8a0ca8d4294 100644 --- a/http/osint/phishing/edge-phish.yaml +++ b/http/osint/phishing/edge-phish.yaml @@ -1,15 +1,16 @@ id: edge-phish -info: - name: edge phishing Detection - author: rxerium - severity: info - description: | - A edge phishing website was detected - reference: - - https://www.microsoft.com/en-us/edge/download?form=MA13FJ&ch=1 +info: + name: edge phishing Detection + author: rxerium + severity: info + description: | + A edge phishing website was detected + reference: + - https://www.microsoft.com/en-us/edge/download?form=MA13FJ&ch=1 + metadata: + max-request: 1 tags: phishing,edge,osint - http: - method: GET path: diff --git a/http/osint/phishing/ee-mobile-phish.yaml b/http/osint/phishing/ee-mobile-phish.yaml index 4ab8ff8c6ff..1bee7353f07 100644 --- a/http/osint/phishing/ee-mobile-phish.yaml +++ b/http/osint/phishing/ee-mobile-phish.yaml @@ -1,15 +1,16 @@ id: ee-mobile-phish -info: - name: ee phishing Detection - author: rxerium - severity: info - description: | - A ee phishing website was detected - reference: - - https://ee.co.uk +info: + name: ee phishing Detection + author: rxerium + severity: info + description: | + A ee phishing website was detected + reference: + - https://ee.co.uk + metadata: + max-request: 1 tags: phishing,ee,osint - http: - method: GET path: diff --git a/http/osint/phishing/eset-phish.yaml b/http/osint/phishing/eset-phish.yaml index 5bcf230cda3..6e9e5ce3fda 100644 --- a/http/osint/phishing/eset-phish.yaml +++ b/http/osint/phishing/eset-phish.yaml @@ -1,15 +1,16 @@ id: eset-phish -info: - name: eset phishing Detection - author: rxerium - severity: info - description: | - A eset phishing website was detected - reference: - - https://eset.com +info: + name: eset phishing Detection + author: rxerium + severity: info + description: | + A eset phishing website was detected + reference: + - https://eset.com + metadata: + max-request: 1 tags: phishing,eset,osint - http: - method: GET path: diff --git a/http/osint/phishing/evernote-phish.yaml b/http/osint/phishing/evernote-phish.yaml index e76cdc74787..a159bb2d32b 100644 --- a/http/osint/phishing/evernote-phish.yaml +++ b/http/osint/phishing/evernote-phish.yaml @@ -1,15 +1,16 @@ id: evernote-phish -info: - name: evernote phishing Detection - author: rxerium - severity: info - description: | - A evernote phishing website was detected - reference: - - https://evernote.com +info: + name: evernote phishing Detection + author: rxerium + severity: info + description: | + A evernote phishing website was detected + reference: + - https://evernote.com + metadata: + max-request: 1 tags: phishing,evernote,osint - http: - method: GET path: diff --git a/http/osint/phishing/facebook-phish.yaml b/http/osint/phishing/facebook-phish.yaml index 72de43cc0aa..4fab4e443c5 100644 --- a/http/osint/phishing/facebook-phish.yaml +++ b/http/osint/phishing/facebook-phish.yaml @@ -1,15 +1,16 @@ id: facebook-phish -info: - name: Facebook phishing Detection - author: rxerium - severity: info - description: | - A Facebook phishing website was detected - reference: - - https://facebook.com +info: + name: Facebook phishing Detection + author: rxerium + severity: info + description: | + A Facebook phishing website was detected + reference: + - https://facebook.com + metadata: + max-request: 1 tags: phishing,facebook,osint - http: - method: GET path: diff --git a/http/osint/phishing/figma-phish.yaml b/http/osint/phishing/figma-phish.yaml index 74e460cbc9f..c34b0d97630 100644 --- a/http/osint/phishing/figma-phish.yaml +++ b/http/osint/phishing/figma-phish.yaml @@ -1,15 +1,16 @@ id: figma-phish -info: - name: figma phishing Detection - author: rxerium - severity: info - description: | - A figma phishing website was detected - reference: - - https://figma.com +info: + name: figma phishing Detection + author: rxerium + severity: info + description: | + A figma phishing website was detected + reference: + - https://figma.com + metadata: + max-request: 1 tags: phishing,figma,osint - http: - method: GET path: diff --git a/http/osint/phishing/filezilla-phish.yaml b/http/osint/phishing/filezilla-phish.yaml index a2dc18a303a..a35c30cecd5 100644 --- a/http/osint/phishing/filezilla-phish.yaml +++ b/http/osint/phishing/filezilla-phish.yaml @@ -1,15 +1,16 @@ id: filezilla-phish -info: - name: filezilla phishing Detection - author: rxerium - severity: info - description: | - A filezilla phishing website was detected - reference: - - https://filezilla-project.org +info: + name: filezilla phishing Detection + author: rxerium + severity: info + description: | + A filezilla phishing website was detected + reference: + - https://filezilla-project.org + metadata: + max-request: 1 tags: phishing,filezilla,osint - http: - method: GET path: diff --git a/http/osint/phishing/firefox-phish.yaml b/http/osint/phishing/firefox-phish.yaml index 083fd895e2e..e7bed4305a7 100644 --- a/http/osint/phishing/firefox-phish.yaml +++ b/http/osint/phishing/firefox-phish.yaml @@ -1,15 +1,16 @@ id: firefox-phish -info: - name: firefox phishing Detection - author: rxerium - severity: info - description: | - A firefox phishing website was detected - reference: - - https://www.mozilla.org/en-GB/firefox/new/ +info: + name: firefox phishing Detection + author: rxerium + severity: info + description: | + A firefox phishing website was detected + reference: + - https://www.mozilla.org/en-GB/firefox/new/ + metadata: + max-request: 1 tags: phishing,firefox,osint - http: - method: GET path: diff --git a/http/osint/phishing/gimp-phish.yaml b/http/osint/phishing/gimp-phish.yaml index 04c0e7f0c13..47f3d60d3d8 100644 --- a/http/osint/phishing/gimp-phish.yaml +++ b/http/osint/phishing/gimp-phish.yaml @@ -1,15 +1,16 @@ id: gimp-phish -info: - name: gimp phishing Detection - author: rxerium - severity: info - description: | - A gimp phishing website was detected - reference: - - https://gimp.org +info: + name: gimp phishing Detection + author: rxerium + severity: info + description: | + A gimp phishing website was detected + reference: + - https://gimp.org + metadata: + max-request: 1 tags: phishing,gimp,osint - http: - method: GET path: diff --git a/http/osint/phishing/github-phish.yaml b/http/osint/phishing/github-phish.yaml index 667f7a1e8c7..3008c09bdbc 100644 --- a/http/osint/phishing/github-phish.yaml +++ b/http/osint/phishing/github-phish.yaml @@ -1,15 +1,16 @@ id: github-phish -info: - name: github phishing Detection - author: rxerium - severity: info - description: | - A github phishing website was detected - reference: - - https://github.com +info: + name: github phishing Detection + author: rxerium + severity: info + description: | + A github phishing website was detected + reference: + - https://github.com + metadata: + max-request: 1 tags: phishing,github,osint - http: - method: GET path: diff --git a/http/osint/phishing/google-phish.yaml b/http/osint/phishing/google-phish.yaml index 36b4e321c52..3f64c75348b 100644 --- a/http/osint/phishing/google-phish.yaml +++ b/http/osint/phishing/google-phish.yaml @@ -1,15 +1,16 @@ id: google-phish -info: - name: Google phishing Detection - author: rxerium - severity: info - description: | - A google phishing website was detected - reference: - - https://google.com +info: + name: Google phishing Detection + author: rxerium + severity: info + description: | + A google phishing website was detected + reference: + - https://google.com + metadata: + max-request: 1 tags: phishing,google,osint - http: - method: GET path: diff --git a/http/osint/phishing/icloud-phish.yaml b/http/osint/phishing/icloud-phish.yaml index d561ba5d791..8c7bc53da76 100644 --- a/http/osint/phishing/icloud-phish.yaml +++ b/http/osint/phishing/icloud-phish.yaml @@ -1,15 +1,16 @@ id: iCloud-phish -info: - name: iCloud phishing Detection - author: rxerium - severity: info - description: | - A iCloud phishing website was detected - reference: - - https://icloud.com +info: + name: iCloud phishing Detection + author: rxerium + severity: info + description: | + A iCloud phishing website was detected + reference: + - https://icloud.com + metadata: + max-request: 1 tags: phishing,icloud,osint - http: - method: GET path: diff --git a/http/osint/phishing/instagram-phish.yaml b/http/osint/phishing/instagram-phish.yaml index 9526db3f262..6f62dc1d42f 100644 --- a/http/osint/phishing/instagram-phish.yaml +++ b/http/osint/phishing/instagram-phish.yaml @@ -1,15 +1,16 @@ id: instagram-phish -info: - name: instagram phishing Detection - author: rxerium - severity: info - description: | - A instagram phishing website was detected - reference: - - https://instagram.com +info: + name: instagram phishing Detection + author: rxerium + severity: info + description: | + A instagram phishing website was detected + reference: + - https://instagram.com + metadata: + max-request: 1 tags: phishing,instagram,osint - http: - method: GET path: diff --git a/http/osint/phishing/kakao-login-phish.yaml b/http/osint/phishing/kakao-login-phish.yaml index b201b43935c..30903e6817d 100644 --- a/http/osint/phishing/kakao-login-phish.yaml +++ b/http/osint/phishing/kakao-login-phish.yaml @@ -1,16 +1,17 @@ id: kakao-login-phish -info: - name: kakao login phishing Detection - author: hahwul - severity: info - description: | - A kakao login phishing website was detected - reference: - - https://accounts.kakao.com - - https://www.kakaocorp.com +info: + name: kakao login phishing Detection + author: hahwul + severity: info + description: | + A kakao login phishing website was detected + reference: + - https://accounts.kakao.com + - https://www.kakaocorp.com + metadata: + max-request: 1 tags: phishing,kakao,osint - http: - method: GET path: diff --git a/http/osint/phishing/kaspersky-phish.yaml b/http/osint/phishing/kaspersky-phish.yaml index 12db9c19a47..d9d2aaa6608 100644 --- a/http/osint/phishing/kaspersky-phish.yaml +++ b/http/osint/phishing/kaspersky-phish.yaml @@ -1,15 +1,16 @@ id: kaspersky-phish -info: - name: kaspersky phishing Detection - author: rxerium - severity: info - description: | - A kaspersky phishing website was detected - reference: - - https://kaspersky.co.uk +info: + name: kaspersky phishing Detection + author: rxerium + severity: info + description: | + A kaspersky phishing website was detected + reference: + - https://kaspersky.co.uk + metadata: + max-request: 1 tags: phishing,kaspersky,osint - http: - method: GET path: diff --git a/http/osint/phishing/kayak-phish.yaml b/http/osint/phishing/kayak-phish.yaml index 94184c5bcab..fe9e83dff09 100644 --- a/http/osint/phishing/kayak-phish.yaml +++ b/http/osint/phishing/kayak-phish.yaml @@ -1,15 +1,16 @@ id: kayak-phish -info: - name: kayak phishing Detection - author: rxerium - severity: info - description: | - A kayak phishing website was detected - reference: - - https://kayak.co.uk +info: + name: kayak phishing Detection + author: rxerium + severity: info + description: | + A kayak phishing website was detected + reference: + - https://kayak.co.uk + metadata: + max-request: 1 tags: phishing,kayak,osint - http: - method: GET path: diff --git a/http/osint/phishing/keepass-phish.yaml b/http/osint/phishing/keepass-phish.yaml index b2ad21f0162..dd215dddbf9 100644 --- a/http/osint/phishing/keepass-phish.yaml +++ b/http/osint/phishing/keepass-phish.yaml @@ -1,15 +1,16 @@ id: keepass-phish -info: - name: keepass phishing Detection - author: rxerium - severity: info - description: | - A keepass phishing website was detected - reference: - - https://keepass.info +info: + name: keepass phishing Detection + author: rxerium + severity: info + description: | + A keepass phishing website was detected + reference: + - https://keepass.info + metadata: + max-request: 1 tags: phishing,keepass,osint - http: - method: GET path: diff --git a/http/osint/phishing/keepersecurity-phish.yaml b/http/osint/phishing/keepersecurity-phish.yaml index f0e50710cee..b17f6affb1c 100644 --- a/http/osint/phishing/keepersecurity-phish.yaml +++ b/http/osint/phishing/keepersecurity-phish.yaml @@ -1,15 +1,16 @@ id: keepersecurity-phish -info: - name: keepersecurity phishing Detection - author: rxerium - severity: info - description: | - A keepersecurity phishing website was detected - reference: - - https://keepersecurity.com +info: + name: keepersecurity phishing Detection + author: rxerium + severity: info + description: | + A keepersecurity phishing website was detected + reference: + - https://keepersecurity.com + metadata: + max-request: 1 tags: phishing,keepersecurity,osint - http: - method: GET path: diff --git a/http/osint/phishing/keybase-phish.yaml b/http/osint/phishing/keybase-phish.yaml index 7e5a640bcce..59ebb102a5c 100644 --- a/http/osint/phishing/keybase-phish.yaml +++ b/http/osint/phishing/keybase-phish.yaml @@ -1,15 +1,16 @@ id: keybase-phish -info: - name: keybase phishing Detection - author: rxerium - severity: info - description: | - A keybase phishing website was detected - reference: - - https://keybase.io +info: + name: keybase phishing Detection + author: rxerium + severity: info + description: | + A keybase phishing website was detected + reference: + - https://keybase.io + metadata: + max-request: 1 tags: phishing,keybase,osint - http: - method: GET path: diff --git a/http/osint/phishing/lastpass-phish.yaml b/http/osint/phishing/lastpass-phish.yaml index d3eaf764be8..402ed499b30 100644 --- a/http/osint/phishing/lastpass-phish.yaml +++ b/http/osint/phishing/lastpass-phish.yaml @@ -1,15 +1,16 @@ id: lastpass-phish -info: - name: lastpass phishing Detection - author: rxerium - severity: info - description: | - A lastpass phishing website was detected - reference: - - https://lastpass.com +info: + name: lastpass phishing Detection + author: rxerium + severity: info + description: | + A lastpass phishing website was detected + reference: + - https://lastpass.com + metadata: + max-request: 1 tags: phishing,lastpass,osint - http: - method: GET path: diff --git a/http/osint/phishing/libre-office-phish.yaml b/http/osint/phishing/libre-office-phish.yaml index 0db80b42ef0..37616cc2778 100644 --- a/http/osint/phishing/libre-office-phish.yaml +++ b/http/osint/phishing/libre-office-phish.yaml @@ -1,15 +1,16 @@ id: libre-office-phish -info: - name: libre office phishing Detection - author: rxerium - severity: info - description: | - A libre office phishing website was detected - reference: - - https://libreoffice.org +info: + name: libre office phishing Detection + author: rxerium + severity: info + description: | + A libre office phishing website was detected + reference: + - https://libreoffice.org + metadata: + max-request: 1 tags: phishing,libre-office,osint - http: - method: GET path: diff --git a/http/osint/phishing/linkedin-phish.yaml b/http/osint/phishing/linkedin-phish.yaml index fe52e042cc1..27693ccdfe0 100644 --- a/http/osint/phishing/linkedin-phish.yaml +++ b/http/osint/phishing/linkedin-phish.yaml @@ -1,15 +1,16 @@ id: linkedin-phish -info: - name: linkedin phishing Detection - author: rxerium - severity: info - description: | - A linkedin phishing website was detected - reference: - - https://linkedin.com +info: + name: linkedin phishing Detection + author: rxerium + severity: info + description: | + A linkedin phishing website was detected + reference: + - https://linkedin.com + metadata: + max-request: 1 tags: phishing,linkedin,osint - http: - method: GET path: diff --git a/http/osint/phishing/malwarebytes-phish.yaml b/http/osint/phishing/malwarebytes-phish.yaml index 24c9e03febf..446d1ef2b68 100644 --- a/http/osint/phishing/malwarebytes-phish.yaml +++ b/http/osint/phishing/malwarebytes-phish.yaml @@ -1,15 +1,16 @@ id: malwarebytes-phish -info: - name: malwarebytes phishing Detection - author: rxerium - severity: info - description: | - A malwarebytes phishing website was detected - reference: - - https://malwarebytes.com +info: + name: malwarebytes phishing Detection + author: rxerium + severity: info + description: | + A malwarebytes phishing website was detected + reference: + - https://malwarebytes.com + metadata: + max-request: 1 tags: phishing,malwarebytes,osint - http: - method: GET path: diff --git a/http/osint/phishing/mcafee-phish.yaml b/http/osint/phishing/mcafee-phish.yaml index 5084270de71..308fb8b8aa0 100644 --- a/http/osint/phishing/mcafee-phish.yaml +++ b/http/osint/phishing/mcafee-phish.yaml @@ -1,15 +1,16 @@ id: mcafee-phish -info: - name: mcafee phishing Detection - author: rxerium - severity: info - description: | - A mcafee phishing website was detected - reference: - - https://mcafee.com +info: + name: mcafee phishing Detection + author: rxerium + severity: info + description: | + A mcafee phishing website was detected + reference: + - https://mcafee.com + metadata: + max-request: 1 tags: phishing,mcafee,osint - http: - method: GET path: diff --git a/http/osint/phishing/mega-phish.yaml b/http/osint/phishing/mega-phish.yaml index 7fe4d0abc9a..089d4eb2bf3 100644 --- a/http/osint/phishing/mega-phish.yaml +++ b/http/osint/phishing/mega-phish.yaml @@ -1,15 +1,16 @@ id: mega-phish -info: - name: mega phishing Detection - author: rxerium - severity: info - description: | - A mega phishing website was detected - reference: - - https://mega.io +info: + name: mega phishing Detection + author: rxerium + severity: info + description: | + A mega phishing website was detected + reference: + - https://mega.io + metadata: + max-request: 1 tags: phishing,mega,osint - http: - method: GET path: diff --git a/http/osint/phishing/messenger-phish.yaml b/http/osint/phishing/messenger-phish.yaml index 3d881962687..35324d195ee 100644 --- a/http/osint/phishing/messenger-phish.yaml +++ b/http/osint/phishing/messenger-phish.yaml @@ -1,15 +1,16 @@ id: messenger-phish -info: - name: messenger phishing Detection - author: rxerium - severity: info - description: | - A messenger phishing website was detected - reference: - - https://messenger.com +info: + name: messenger phishing Detection + author: rxerium + severity: info + description: | + A messenger phishing website was detected + reference: + - https://messenger.com + metadata: + max-request: 1 tags: phishing,messenger,osint - http: - method: GET path: diff --git a/http/osint/phishing/microcenter-phish.yaml b/http/osint/phishing/microcenter-phish.yaml index a57309bb190..49e6a8f8f0c 100644 --- a/http/osint/phishing/microcenter-phish.yaml +++ b/http/osint/phishing/microcenter-phish.yaml @@ -1,15 +1,16 @@ id: microcenter-phish -info: - name: microcenter phishing Detection - author: rxerium - severity: info - description: | - A microcenter phishing website was detected - reference: - - https://microcenter.com +info: + name: microcenter phishing Detection + author: rxerium + severity: info + description: | + A microcenter phishing website was detected + reference: + - https://microcenter.com + metadata: + max-request: 1 tags: phishing,microcenter,osint - http: - method: GET path: diff --git a/http/osint/phishing/microsoft-phish.yaml b/http/osint/phishing/microsoft-phish.yaml index 99c6b44bced..bd45294d4dc 100644 --- a/http/osint/phishing/microsoft-phish.yaml +++ b/http/osint/phishing/microsoft-phish.yaml @@ -1,16 +1,17 @@ id: microsoft-phish -info: - name: Microsoft phishing Detection - author: rxerium - severity: info - description: | - A microsoft phishing website was detected - reference: - - https://office.com - - https://microsoft.com +info: + name: Microsoft phishing Detection + author: rxerium + severity: info + description: | + A microsoft phishing website was detected + reference: + - https://office.com + - https://microsoft.com + metadata: + max-request: 1 tags: phishing,microsoft,osint - http: - method: GET path: diff --git a/http/osint/phishing/microsoft-teams-phish.yaml b/http/osint/phishing/microsoft-teams-phish.yaml index f8869bb5242..62960ead8b0 100644 --- a/http/osint/phishing/microsoft-teams-phish.yaml +++ b/http/osint/phishing/microsoft-teams-phish.yaml @@ -1,15 +1,16 @@ id: microsoft-teams-phish -info: - name: microsoft teams phishing Detection - author: rxerium - severity: info - description: | - A microsoft teams phishing website was detected - reference: - - https://www.microsoft.com/en-gb/microsoft-teams/download-app +info: + name: microsoft teams phishing Detection + author: rxerium + severity: info + description: | + A microsoft teams phishing website was detected + reference: + - https://www.microsoft.com/en-gb/microsoft-teams/download-app + metadata: + max-request: 1 tags: phishing,microsoft-teams,osint - http: - method: GET path: diff --git a/http/osint/phishing/naver-login-phish.yaml b/http/osint/phishing/naver-login-phish.yaml index 7acfce6023e..e8e97801cf8 100644 --- a/http/osint/phishing/naver-login-phish.yaml +++ b/http/osint/phishing/naver-login-phish.yaml @@ -1,16 +1,17 @@ id: naver-login-phish -info: - name: naver login phishing Detection - author: hahwul - severity: info - description: | - A naver login phishing website was detected - reference: - - https://nid.naver.com - - https://www.navercorp.com +info: + name: naver login phishing Detection + author: hahwul + severity: info + description: | + A naver login phishing website was detected + reference: + - https://nid.naver.com + - https://www.navercorp.com + metadata: + max-request: 1 tags: phishing,naver,osint - http: - method: GET path: diff --git a/http/osint/phishing/netflix-phish.yaml b/http/osint/phishing/netflix-phish.yaml index 2e0d56d427c..d06814e676b 100644 --- a/http/osint/phishing/netflix-phish.yaml +++ b/http/osint/phishing/netflix-phish.yaml @@ -1,15 +1,16 @@ id: netflix-phish -info: - name: netflix phishing Detection - author: rxerium - severity: info - description: | - A netflix phishing website was detected - reference: - - https://netflix.com +info: + name: netflix phishing Detection + author: rxerium + severity: info + description: | + A netflix phishing website was detected + reference: + - https://netflix.com + metadata: + max-request: 1 tags: phishing,netflix,osint - http: - method: GET path: diff --git a/http/osint/phishing/nordpass-phish.yaml b/http/osint/phishing/nordpass-phish.yaml index ab84b6f1eee..b639e5980ca 100644 --- a/http/osint/phishing/nordpass-phish.yaml +++ b/http/osint/phishing/nordpass-phish.yaml @@ -1,15 +1,16 @@ id: nordpass-phish -info: - name: nordpass phishing Detection - author: rxerium - severity: info - description: | - A nordpass phishing website was detected - reference: - - https://nordpass.com +info: + name: nordpass phishing Detection + author: rxerium + severity: info + description: | + A nordpass phishing website was detected + reference: + - https://nordpass.com + metadata: + max-request: 1 tags: phishing,nordpass,osint - http: - method: GET path: diff --git a/http/osint/phishing/norton-phish.yaml b/http/osint/phishing/norton-phish.yaml index 3e7096b27b4..0a36ae8c92b 100644 --- a/http/osint/phishing/norton-phish.yaml +++ b/http/osint/phishing/norton-phish.yaml @@ -1,15 +1,16 @@ id: norton-phish -info: - name: norton phishing Detection - author: rxerium - severity: info - description: | - A norton phishing website was detected - reference: - - https://norton.com +info: + name: norton phishing Detection + author: rxerium + severity: info + description: | + A norton phishing website was detected + reference: + - https://norton.com + metadata: + max-request: 1 tags: phishing,norton,osint - http: - method: GET path: diff --git a/http/osint/phishing/notion-phish.yaml b/http/osint/phishing/notion-phish.yaml index 16b4cce0cfa..4fc72b80bb3 100644 --- a/http/osint/phishing/notion-phish.yaml +++ b/http/osint/phishing/notion-phish.yaml @@ -1,15 +1,16 @@ id: notion-phish -info: - name: notion phishing Detection - author: rxerium - severity: info - description: | - A notion phishing website was detected - reference: - - https://notion.so +info: + name: notion phishing Detection + author: rxerium + severity: info + description: | + A notion phishing website was detected + reference: + - https://notion.so + metadata: + max-request: 1 tags: phishing,notion,osint - http: - method: GET path: diff --git a/http/osint/phishing/o2-mobile-phish.yaml b/http/osint/phishing/o2-mobile-phish.yaml index ca6cb7b4a77..90bfdf1b9fa 100644 --- a/http/osint/phishing/o2-mobile-phish.yaml +++ b/http/osint/phishing/o2-mobile-phish.yaml @@ -1,15 +1,16 @@ id: o2-mobile-phish -info: - name: o2 phishing Detection - author: rxerium - severity: info - description: | - A o2 phishing website was detected - reference: - - https://o2.co.uk +info: + name: o2 phishing Detection + author: rxerium + severity: info + description: | + A o2 phishing website was detected + reference: + - https://o2.co.uk + metadata: + max-request: 1 tags: phishing,o2,osint - http: - method: GET path: diff --git a/http/osint/phishing/openai-phish.yaml b/http/osint/phishing/openai-phish.yaml index 987fdb76a5e..62953c5246c 100644 --- a/http/osint/phishing/openai-phish.yaml +++ b/http/osint/phishing/openai-phish.yaml @@ -1,15 +1,16 @@ id: openai-phish -info: - name: openai phishing Detection - author: rxerium - severity: info - description: | - A openai phishing website was detected - reference: - - https://openai.com +info: + name: openai phishing Detection + author: rxerium + severity: info + description: | + A openai phishing website was detected + reference: + - https://openai.com + metadata: + max-request: 1 tags: phishing,openai,osint - http: - method: GET path: diff --git a/http/osint/phishing/opera-phish.yaml b/http/osint/phishing/opera-phish.yaml index 92319703b20..7c0519a5941 100644 --- a/http/osint/phishing/opera-phish.yaml +++ b/http/osint/phishing/opera-phish.yaml @@ -1,15 +1,16 @@ id: opera-phish -info: - name: opera phishing Detection - author: rxerium - severity: info - description: | - A opera phishing website was detected - reference: - - https://opera.com +info: + name: opera phishing Detection + author: rxerium + severity: info + description: | + A opera phishing website was detected + reference: + - https://opera.com + metadata: + max-request: 1 tags: phishing,opera,osint - http: - method: GET path: diff --git a/http/osint/phishing/paramountplus-phish.yaml b/http/osint/phishing/paramountplus-phish.yaml index 903d29f2565..73c188473c5 100644 --- a/http/osint/phishing/paramountplus-phish.yaml +++ b/http/osint/phishing/paramountplus-phish.yaml @@ -1,15 +1,16 @@ id: paramountplus-phish -info: - name: paramountplus phishing Detection - author: rxerium - severity: info - description: | - A paramountplus phishing website was detected - reference: - - https://paramountplus.com +info: + name: paramountplus phishing Detection + author: rxerium + severity: info + description: | + A paramountplus phishing website was detected + reference: + - https://paramountplus.com + metadata: + max-request: 1 tags: phishing,paramountplus,osint - http: - method: GET path: diff --git a/http/osint/phishing/paypal-phish.yaml b/http/osint/phishing/paypal-phish.yaml index bc9aad08381..a9266ba5187 100644 --- a/http/osint/phishing/paypal-phish.yaml +++ b/http/osint/phishing/paypal-phish.yaml @@ -1,15 +1,16 @@ id: Paypal-phish -info: - name: Paypal phishing Detection - author: rxerium - severity: info - description: | - A Paypal phishing website was detected - reference: - - https://paypal.com +info: + name: Paypal phishing Detection + author: rxerium + severity: info + description: | + A Paypal phishing website was detected + reference: + - https://paypal.com + metadata: + max-request: 1 tags: phishing,paypal,osint - http: - method: GET path: diff --git a/http/osint/phishing/pcloud-phish.yaml b/http/osint/phishing/pcloud-phish.yaml index ffd3244d007..d74c5e620cc 100644 --- a/http/osint/phishing/pcloud-phish.yaml +++ b/http/osint/phishing/pcloud-phish.yaml @@ -1,15 +1,16 @@ id: pcloud-phish -info: - name: pcloud phishing Detection - author: rxerium - severity: info - description: | - A pcloud phishing website was detected - reference: - - https://pcloud.com +info: + name: pcloud phishing Detection + author: rxerium + severity: info + description: | + A pcloud phishing website was detected + reference: + - https://pcloud.com + metadata: + max-request: 1 tags: phishing,pcloud,osint - http: - method: GET path: diff --git a/http/osint/phishing/pintrest-phish.yaml b/http/osint/phishing/pintrest-phish.yaml index 4ce15cdf511..df488bb60d3 100644 --- a/http/osint/phishing/pintrest-phish.yaml +++ b/http/osint/phishing/pintrest-phish.yaml @@ -1,15 +1,16 @@ id: pinterest-phish -info: - name: pinterest phishing Detection - author: rxerium - severity: info - description: | - A pinterest phishing website was detected - reference: - - https://pinterest.com +info: + name: pinterest phishing Detection + author: rxerium + severity: info + description: | + A pinterest phishing website was detected + reference: + - https://pinterest.com + metadata: + max-request: 1 tags: phishing,pinterest,osint - http: - method: GET path: diff --git a/http/osint/phishing/plusnet-phish.yaml b/http/osint/phishing/plusnet-phish.yaml index d6f2f42e867..b906d722951 100644 --- a/http/osint/phishing/plusnet-phish.yaml +++ b/http/osint/phishing/plusnet-phish.yaml @@ -1,15 +1,16 @@ id: plusnet-phish -info: - name: plusnet phishing Detection - author: rxerium - severity: info - description: | - A plusnet phishing website was detected - reference: - - https://plus.net +info: + name: plusnet phishing Detection + author: rxerium + severity: info + description: | + A plusnet phishing website was detected + reference: + - https://plus.net + metadata: + max-request: 1 tags: phishing,plusnet,osint - http: - method: GET path: diff --git a/http/osint/phishing/proton-phish.yaml b/http/osint/phishing/proton-phish.yaml index 57e8cd378b4..5368faab024 100644 --- a/http/osint/phishing/proton-phish.yaml +++ b/http/osint/phishing/proton-phish.yaml @@ -1,15 +1,16 @@ id: proton-phish -info: - name: proton phishing Detection - author: rxerium - severity: info - description: | - A proton phishing website was detected - reference: - - https://proton.me +info: + name: proton phishing Detection + author: rxerium + severity: info + description: | + A proton phishing website was detected + reference: + - https://proton.me + metadata: + max-request: 1 tags: phishing,proton,osint - http: - method: GET path: diff --git a/http/osint/phishing/putty-phish.yaml b/http/osint/phishing/putty-phish.yaml index 72ac2f4dabc..43d358afc4d 100644 --- a/http/osint/phishing/putty-phish.yaml +++ b/http/osint/phishing/putty-phish.yaml @@ -1,15 +1,16 @@ id: putty-phish -info: - name: putty phishing Detection - author: rxerium - severity: info - description: | - A putty phishing website was detected - reference: - - https://putty.org +info: + name: putty phishing Detection + author: rxerium + severity: info + description: | + A putty phishing website was detected + reference: + - https://putty.org + metadata: + max-request: 1 tags: phishing,putty,osint - http: - method: GET path: diff --git a/http/osint/phishing/python-phish.yaml b/http/osint/phishing/python-phish.yaml index 40d1f86cf9f..7036dd43abc 100644 --- a/http/osint/phishing/python-phish.yaml +++ b/http/osint/phishing/python-phish.yaml @@ -1,15 +1,16 @@ id: python-phish -info: - name: python phishing Detection - author: rxerium - severity: info - description: | - A python phishing website was detected - reference: - - https://python.org +info: + name: python phishing Detection + author: rxerium + severity: info + description: | + A python phishing website was detected + reference: + - https://python.org + metadata: + max-request: 1 tags: phishing,python,osint - http: - method: GET path: diff --git a/http/osint/phishing/quora-phish.yaml b/http/osint/phishing/quora-phish.yaml index 7bb59e9439d..08ca27771ee 100644 --- a/http/osint/phishing/quora-phish.yaml +++ b/http/osint/phishing/quora-phish.yaml @@ -1,15 +1,16 @@ id: quora-phish -info: - name: quora phishing Detection - author: rxerium - severity: info - description: | - A quora phishing website was detected - reference: - - https://quora.com +info: + name: quora phishing Detection + author: rxerium + severity: info + description: | + A quora phishing website was detected + reference: + - https://quora.com + metadata: + max-request: 1 tags: phishing,quora,osint - http: - method: GET path: diff --git a/http/osint/phishing/reddit-phish.yaml b/http/osint/phishing/reddit-phish.yaml index d720f1f476a..5ef420800ad 100644 --- a/http/osint/phishing/reddit-phish.yaml +++ b/http/osint/phishing/reddit-phish.yaml @@ -1,15 +1,16 @@ id: reddit-phish -info: - name: reddit phishing Detection - author: rxerium - severity: info - description: | - A reddit phishing website was detected - reference: - - https://reddit.com +info: + name: reddit phishing Detection + author: rxerium + severity: info + description: | + A reddit phishing website was detected + reference: + - https://reddit.com + metadata: + max-request: 1 tags: phishing,reddit,osint - http: - method: GET path: diff --git a/http/osint/phishing/roblox-phish.yaml b/http/osint/phishing/roblox-phish.yaml index 6a3e8202b4c..d4997aea54d 100644 --- a/http/osint/phishing/roblox-phish.yaml +++ b/http/osint/phishing/roblox-phish.yaml @@ -1,15 +1,16 @@ id: roblox-phish -info: - name: roblox phishing Detection - author: rxerium - severity: info - description: | - A roblox phishing website was detected - reference: - - https://roblox.com +info: + name: roblox phishing Detection + author: rxerium + severity: info + description: | + A roblox phishing website was detected + reference: + - https://roblox.com + metadata: + max-request: 1 tags: phishing,roblox,osint - http: - method: GET path: diff --git a/http/osint/phishing/roboform-phish.yaml b/http/osint/phishing/roboform-phish.yaml index 499fe32a8f2..edda32326c5 100644 --- a/http/osint/phishing/roboform-phish.yaml +++ b/http/osint/phishing/roboform-phish.yaml @@ -1,15 +1,16 @@ id: roboform-phish -info: - name: roboform phishing Detection - author: rxerium - severity: info - description: | - A roboform phishing website was detected - reference: - - https://roboform.com +info: + name: roboform phishing Detection + author: rxerium + severity: info + description: | + A roboform phishing website was detected + reference: + - https://roboform.com + metadata: + max-request: 1 tags: phishing,roboform,osint - http: - method: GET path: diff --git a/http/osint/phishing/royal-mail-phish.yaml b/http/osint/phishing/royal-mail-phish.yaml index 57c7958b23f..943fdf078c7 100644 --- a/http/osint/phishing/royal-mail-phish.yaml +++ b/http/osint/phishing/royal-mail-phish.yaml @@ -1,15 +1,16 @@ id: royal-mail-phish -info: - name: royal-mail phishing Detection - author: rxerium - severity: info - description: | - A royal-mail phishing website was detected - reference: - - https://royalmail.com +info: + name: royal-mail phishing Detection + author: rxerium + severity: info + description: | + A royal-mail phishing website was detected + reference: + - https://royalmail.com + metadata: + max-request: 1 tags: phishing,royal-mail,osint - http: - method: GET path: diff --git a/http/osint/phishing/samsung-phish.yaml b/http/osint/phishing/samsung-phish.yaml index 3ea0750f71b..9c7f27cebbd 100644 --- a/http/osint/phishing/samsung-phish.yaml +++ b/http/osint/phishing/samsung-phish.yaml @@ -1,15 +1,16 @@ id: samsung-phish -info: - name: samsung phishing Detection - author: rxerium - severity: info - description: | - A samsung phishing website was detected - reference: - - https://samsung.com +info: + name: samsung phishing Detection + author: rxerium + severity: info + description: | + A samsung phishing website was detected + reference: + - https://samsung.com + metadata: + max-request: 1 tags: phishing,samsung,osint - http: - method: GET path: diff --git a/http/osint/phishing/signal-phish.yaml b/http/osint/phishing/signal-phish.yaml index 30c508bee06..fc9d73e215e 100644 --- a/http/osint/phishing/signal-phish.yaml +++ b/http/osint/phishing/signal-phish.yaml @@ -1,15 +1,16 @@ id: signal-phish -info: - name: signal phishing Detection - author: rxerium - severity: info - description: | - A signal phishing website was detected - reference: - - https://signal.org +info: + name: signal phishing Detection + author: rxerium + severity: info + description: | + A signal phishing website was detected + reference: + - https://signal.org + metadata: + max-request: 1 tags: phishing,signal,osint - http: - method: GET path: diff --git a/http/osint/phishing/sky-phish.yaml b/http/osint/phishing/sky-phish.yaml index 6a916f67970..174af1965c3 100644 --- a/http/osint/phishing/sky-phish.yaml +++ b/http/osint/phishing/sky-phish.yaml @@ -1,15 +1,16 @@ id: sky-phish -info: - name: sky phishing Detection - author: rxerium - severity: info - description: | - A sky phishing website was detected - reference: - - https://sky.com +info: + name: sky phishing Detection + author: rxerium + severity: info + description: | + A sky phishing website was detected + reference: + - https://sky.com + metadata: + max-request: 1 tags: phishing,sky,osint - http: - method: GET path: diff --git a/http/osint/phishing/skype-phish.yaml b/http/osint/phishing/skype-phish.yaml index ab12e5be435..eccce104990 100644 --- a/http/osint/phishing/skype-phish.yaml +++ b/http/osint/phishing/skype-phish.yaml @@ -1,15 +1,16 @@ id: skype-phish -info: - name: skype phishing Detection - author: rxerium - severity: info - description: | - A skype phishing website was detected - reference: - - https://skype.com +info: + name: skype phishing Detection + author: rxerium + severity: info + description: | + A skype phishing website was detected + reference: + - https://skype.com + metadata: + max-request: 1 tags: phishing,skype,osint - http: - method: GET path: diff --git a/http/osint/phishing/skyscanner-phish.yaml b/http/osint/phishing/skyscanner-phish.yaml index 952c8e6a7e5..a33f2ec6028 100644 --- a/http/osint/phishing/skyscanner-phish.yaml +++ b/http/osint/phishing/skyscanner-phish.yaml @@ -1,15 +1,16 @@ id: skyscanner-phish -info: - name: skyscanner phishing Detection - author: rxerium - severity: info - description: | - A skyscanner phishing website was detected - reference: - - https://skyscanner.net +info: + name: skyscanner phishing Detection + author: rxerium + severity: info + description: | + A skyscanner phishing website was detected + reference: + - https://skyscanner.net + metadata: + max-request: 1 tags: phishing,skyscanner,osint - http: - method: GET path: diff --git a/http/osint/phishing/slack-phish.yaml b/http/osint/phishing/slack-phish.yaml index 09c306af10c..89a05f5a5be 100644 --- a/http/osint/phishing/slack-phish.yaml +++ b/http/osint/phishing/slack-phish.yaml @@ -1,15 +1,16 @@ id: slack-phish -info: - name: slack phishing Detection - author: rxerium - severity: info - description: | - A slack phishing website was detected - reference: - - https://slack.com +info: + name: slack phishing Detection + author: rxerium + severity: info + description: | + A slack phishing website was detected + reference: + - https://slack.com + metadata: + max-request: 1 tags: phishing,slack,osint - http: - method: GET path: diff --git a/http/osint/phishing/sophos-phish.yaml b/http/osint/phishing/sophos-phish.yaml index ca6978a3bac..8fb4d59b4c5 100644 --- a/http/osint/phishing/sophos-phish.yaml +++ b/http/osint/phishing/sophos-phish.yaml @@ -1,15 +1,16 @@ id: sophos-phish -info: - name: sophos phishing Detection - author: rxerium - severity: info - description: | - A sophos phishing website was detected - reference: - - https://sophos.com +info: + name: sophos phishing Detection + author: rxerium + severity: info + description: | + A sophos phishing website was detected + reference: + - https://sophos.com + metadata: + max-request: 1 tags: phishing,sophos,osint - http: - method: GET path: diff --git a/http/osint/phishing/spotify-phish.yaml b/http/osint/phishing/spotify-phish.yaml index ec3f4ffe228..99428f1ee86 100644 --- a/http/osint/phishing/spotify-phish.yaml +++ b/http/osint/phishing/spotify-phish.yaml @@ -1,15 +1,16 @@ id: spotify-phish -info: - name: spotify phishing Detection - author: rxerium - severity: info - description: | - A spotify phishing website was detected - reference: - - https://spotify.com +info: + name: spotify phishing Detection + author: rxerium + severity: info + description: | + A spotify phishing website was detected + reference: + - https://spotify.com + metadata: + max-request: 1 tags: phishing,spotify,osint - http: - method: GET path: diff --git a/http/osint/phishing/steam-phish.yaml b/http/osint/phishing/steam-phish.yaml index ee1b5cae79c..71ed4e928d1 100644 --- a/http/osint/phishing/steam-phish.yaml +++ b/http/osint/phishing/steam-phish.yaml @@ -1,15 +1,16 @@ id: steam-phish -info: - name: steam phishing Detection - author: rxerium - severity: info - description: | - A steam phishing website was detected - reference: - - https://steampowered.com +info: + name: steam phishing Detection + author: rxerium + severity: info + description: | + A steam phishing website was detected + reference: + - https://steampowered.com + metadata: + max-request: 1 tags: phishing,steam,osint - http: - method: GET path: diff --git a/http/osint/phishing/sync-storage-phish.yaml b/http/osint/phishing/sync-storage-phish.yaml index 29a632775de..8d4c76dea42 100644 --- a/http/osint/phishing/sync-storage-phish.yaml +++ b/http/osint/phishing/sync-storage-phish.yaml @@ -1,15 +1,16 @@ id: sync-phish -info: - name: sync storage phishing Detection - author: rxerium - severity: info - description: | - A sync storage phishing website was detected - reference: - - https://sync.com +info: + name: sync storage phishing Detection + author: rxerium + severity: info + description: | + A sync storage phishing website was detected + reference: + - https://sync.com + metadata: + max-request: 1 tags: phishing,sync,osint - http: - method: GET path: diff --git a/http/osint/phishing/target-phish.yaml b/http/osint/phishing/target-phish.yaml index 842caf68564..0b395adc0ee 100644 --- a/http/osint/phishing/target-phish.yaml +++ b/http/osint/phishing/target-phish.yaml @@ -1,15 +1,16 @@ id: target-phish -info: - name: target phishing Detection - author: rxerium - severity: info - description: | - A target phishing website was detected - reference: - - https://target.com +info: + name: target phishing Detection + author: rxerium + severity: info + description: | + A target phishing website was detected + reference: + - https://target.com + metadata: + max-request: 1 tags: phishing,target,osint - http: - method: GET path: diff --git a/http/osint/phishing/teamviewer-phish.yaml b/http/osint/phishing/teamviewer-phish.yaml index 645c73ff787..11c47db2f5e 100644 --- a/http/osint/phishing/teamviewer-phish.yaml +++ b/http/osint/phishing/teamviewer-phish.yaml @@ -1,15 +1,16 @@ id: teamviewer-phish -info: - name: teamviewer phishing Detection - author: rxerium - severity: info - description: | - A teamviewer phishing website was detected - reference: - - https://teamviewer.com +info: + name: teamviewer phishing Detection + author: rxerium + severity: info + description: | + A teamviewer phishing website was detected + reference: + - https://teamviewer.com + metadata: + max-request: 1 tags: phishing,teamviewer,osint - http: - method: GET path: diff --git a/http/osint/phishing/telegram-phish.yaml b/http/osint/phishing/telegram-phish.yaml index 1a9e57db1a7..06695604343 100644 --- a/http/osint/phishing/telegram-phish.yaml +++ b/http/osint/phishing/telegram-phish.yaml @@ -1,15 +1,16 @@ id: telegram-phish -info: - name: telegram phishing Detection - author: rxerium - severity: info - description: | - A telegram phishing website was detected - reference: - - https://telegram.org +info: + name: telegram phishing Detection + author: rxerium + severity: info + description: | + A telegram phishing website was detected + reference: + - https://telegram.org + metadata: + max-request: 1 tags: phishing,telegram,osint - http: - method: GET path: diff --git a/http/osint/phishing/three-mobile-phish.yaml b/http/osint/phishing/three-mobile-phish.yaml index 1cc535b1710..44b7f498978 100644 --- a/http/osint/phishing/three-mobile-phish.yaml +++ b/http/osint/phishing/three-mobile-phish.yaml @@ -1,15 +1,16 @@ id: three-mobile-phish -info: - name: three phishing Detection - author: rxerium - severity: info - description: | - A three phishing website was detected - reference: - - https://three.co.uk +info: + name: three phishing Detection + author: rxerium + severity: info + description: | + A three phishing website was detected + reference: + - https://three.co.uk + metadata: + max-request: 1 tags: phishing,three,osint - http: - method: GET path: diff --git a/http/osint/phishing/thunderbird-phish.yaml b/http/osint/phishing/thunderbird-phish.yaml index 07f56201874..021b7a37774 100644 --- a/http/osint/phishing/thunderbird-phish.yaml +++ b/http/osint/phishing/thunderbird-phish.yaml @@ -1,15 +1,16 @@ id: thunderbird-phish -info: - name: thunderbird phishing Detection - author: rxerium - severity: info - description: | - A thunderbird phishing website was detected - reference: - - https://thunderbird.net +info: + name: thunderbird phishing Detection + author: rxerium + severity: info + description: | + A thunderbird phishing website was detected + reference: + - https://thunderbird.net + metadata: + max-request: 1 tags: phishing,thunderbird,osint - http: - method: GET path: diff --git a/http/osint/phishing/ticketmaster-phish.yaml b/http/osint/phishing/ticketmaster-phish.yaml index 748c7c45f14..3b4cbcc23ce 100644 --- a/http/osint/phishing/ticketmaster-phish.yaml +++ b/http/osint/phishing/ticketmaster-phish.yaml @@ -1,15 +1,16 @@ id: ticket-master-phish -info: - name: ticket master phishing Detection - author: rxerium - severity: info - description: | - A ticket-master phishing website was detected - reference: - - https://ticketmaster.com +info: + name: ticket master phishing Detection + author: rxerium + severity: info + description: | + A ticket-master phishing website was detected + reference: + - https://ticketmaster.com + metadata: + max-request: 1 tags: phishing,ticket-master,osint - http: - method: GET path: diff --git a/http/osint/phishing/tiktok-phish.yaml b/http/osint/phishing/tiktok-phish.yaml index f87c4566eb1..fbe5c175194 100644 --- a/http/osint/phishing/tiktok-phish.yaml +++ b/http/osint/phishing/tiktok-phish.yaml @@ -1,15 +1,16 @@ id: tiktok-phish -info: - name: tiktok phishing Detection - author: rxerium - severity: info - description: | - A tiktok phishing website was detected - reference: - - https://tiktok.com +info: + name: tiktok phishing Detection + author: rxerium + severity: info + description: | + A tiktok phishing website was detected + reference: + - https://tiktok.com + metadata: + max-request: 1 tags: phishing,tiktok,osint - http: - method: GET path: diff --git a/http/osint/phishing/trading212-phish.yaml b/http/osint/phishing/trading212-phish.yaml index c9ffda18767..0343dacf7d3 100644 --- a/http/osint/phishing/trading212-phish.yaml +++ b/http/osint/phishing/trading212-phish.yaml @@ -1,15 +1,16 @@ id: trading212-phish -info: - name: trading212 phishing Detection - author: rxerium - severity: info - description: | - A trading212 phishing website was detected - reference: - - https://trading212.com +info: + name: trading212 phishing Detection + author: rxerium + severity: info + description: | + A trading212 phishing website was detected + reference: + - https://trading212.com + metadata: + max-request: 1 tags: phishing,trading212,osint - http: - method: GET path: diff --git a/http/osint/phishing/trend-micro-phish.yaml b/http/osint/phishing/trend-micro-phish.yaml index f7e88e806ae..ea72e4e6b2f 100644 --- a/http/osint/phishing/trend-micro-phish.yaml +++ b/http/osint/phishing/trend-micro-phish.yaml @@ -1,15 +1,16 @@ id: trend-micro-phish -info: - name: trend micro phishing Detection - author: rxerium - severity: info - description: | - A trend micro phishing website was detected - reference: - - https://trendmicro.com +info: + name: trend micro phishing Detection + author: rxerium + severity: info + description: | + A trend micro phishing website was detected + reference: + - https://trendmicro.com + metadata: + max-request: 1 tags: phishing,trend-micro,osint - http: - method: GET path: diff --git a/http/osint/phishing/trip-phish.yaml b/http/osint/phishing/trip-phish.yaml index cbc1a8fb259..449169ad4bd 100644 --- a/http/osint/phishing/trip-phish.yaml +++ b/http/osint/phishing/trip-phish.yaml @@ -1,15 +1,16 @@ id: trip-phish -info: - name: trip phishing Detection - author: rxerium - severity: info - description: | - A trip phishing website was detected - reference: - - https://trip.com +info: + name: trip phishing Detection + author: rxerium + severity: info + description: | + A trip phishing website was detected + reference: + - https://trip.com + metadata: + max-request: 1 tags: phishing,trip,osint - http: - method: GET path: diff --git a/http/osint/phishing/twitch-phish.yaml b/http/osint/phishing/twitch-phish.yaml index 52e4d69a1e5..a2fce67dbb4 100644 --- a/http/osint/phishing/twitch-phish.yaml +++ b/http/osint/phishing/twitch-phish.yaml @@ -1,15 +1,16 @@ id: twitch-phish -info: - name: Twitch phishing Detection - author: rxerium - severity: info - description: | - A twitch phishing website was detected - reference: - - https://twitch.tv +info: + name: Twitch phishing Detection + author: rxerium + severity: info + description: | + A twitch phishing website was detected + reference: + - https://twitch.tv + metadata: + max-request: 1 tags: phishing,twitch,osint - http: - method: GET path: diff --git a/http/osint/phishing/uber-phish.yaml b/http/osint/phishing/uber-phish.yaml index debf27a52a0..b977c5f98ab 100644 --- a/http/osint/phishing/uber-phish.yaml +++ b/http/osint/phishing/uber-phish.yaml @@ -1,15 +1,16 @@ id: uber-phish -info: - name: uber phishing Detection - author: rxerium - severity: info - description: | - A uber phishing website was detected - reference: - - https://uber.com +info: + name: uber phishing Detection + author: rxerium + severity: info + description: | + A uber phishing website was detected + reference: + - https://uber.com + metadata: + max-request: 1 tags: phishing,uber,osint - http: - method: GET path: diff --git a/http/osint/phishing/visual-studio-code-phish.yaml b/http/osint/phishing/visual-studio-code-phish.yaml index 8e6628cf3dd..c4d9fd6e691 100644 --- a/http/osint/phishing/visual-studio-code-phish.yaml +++ b/http/osint/phishing/visual-studio-code-phish.yaml @@ -1,15 +1,16 @@ id: visual-studio-code-phish -info: - name: visual studio code phishing Detection - author: rxerium - severity: info - description: | - A visual studio code phishing website was detected - reference: - - https://visualstudio.com +info: + name: visual studio code phishing Detection + author: rxerium + severity: info + description: | + A visual studio code phishing website was detected + reference: + - https://visualstudio.com + metadata: + max-request: 1 tags: phishing,visual-studio-code,osint - http: - method: GET path: diff --git a/http/osint/phishing/vlc-player-phish.yaml b/http/osint/phishing/vlc-player-phish.yaml index 7c52d85fc30..bc0ae01d2f4 100644 --- a/http/osint/phishing/vlc-player-phish.yaml +++ b/http/osint/phishing/vlc-player-phish.yaml @@ -1,15 +1,16 @@ id: vlc-media-phish -info: - name: vlc media phishing Detection - author: rxerium - severity: info - description: | - A vlc media phishing website was detected - reference: - - https://www.videolan.org +info: + name: vlc media phishing Detection + author: rxerium + severity: info + description: | + A vlc media phishing website was detected + reference: + - https://www.videolan.org + metadata: + max-request: 1 tags: phishing,vlc-media,osint - http: - method: GET path: diff --git a/http/osint/phishing/vodafone-phish.yaml b/http/osint/phishing/vodafone-phish.yaml index 720f753bdc6..dfe643c5f56 100644 --- a/http/osint/phishing/vodafone-phish.yaml +++ b/http/osint/phishing/vodafone-phish.yaml @@ -1,15 +1,16 @@ id: vodafone-phish -info: - name: vodafone phishing Detection - author: rxerium - severity: info - description: | - A vodafone phishing website was detected - reference: - - https://vodafone.co.uk +info: + name: vodafone phishing Detection + author: rxerium + severity: info + description: | + A vodafone phishing website was detected + reference: + - https://vodafone.co.uk + metadata: + max-request: 1 tags: phishing,vodafone,osint - http: - method: GET path: diff --git a/http/osint/phishing/vultr-phish.yaml b/http/osint/phishing/vultr-phish.yaml index 544ff7ebf01..298fa603639 100644 --- a/http/osint/phishing/vultr-phish.yaml +++ b/http/osint/phishing/vultr-phish.yaml @@ -1,15 +1,16 @@ id: vultr-phish -info: - name: vultr phishing Detection - author: rxerium - severity: info - description: | - A vultr phishing website was detected - reference: - - https://my.vultr.com/ +info: + name: vultr phishing Detection + author: rxerium + severity: info + description: | + A vultr phishing website was detected + reference: + - https://my.vultr.com/ + metadata: + max-request: 1 tags: phishing,vultr,osint - http: - method: GET path: diff --git a/http/osint/phishing/walmart-phish.yaml b/http/osint/phishing/walmart-phish.yaml index 74fb1f65760..4ca20b4b96d 100644 --- a/http/osint/phishing/walmart-phish.yaml +++ b/http/osint/phishing/walmart-phish.yaml @@ -1,15 +1,16 @@ id: walmart-phish -info: - name: walmart phishing Detection - author: rxerium - severity: info - description: | - A walmart phishing website was detected - reference: - - https://walmart.com +info: + name: walmart phishing Detection + author: rxerium + severity: info + description: | + A walmart phishing website was detected + reference: + - https://walmart.com + metadata: + max-request: 1 tags: phishing,walmart,osint - http: - method: GET path: diff --git a/http/osint/phishing/wetransfer-phish.yaml b/http/osint/phishing/wetransfer-phish.yaml index 3ece306eb32..a927e4f955f 100644 --- a/http/osint/phishing/wetransfer-phish.yaml +++ b/http/osint/phishing/wetransfer-phish.yaml @@ -1,15 +1,16 @@ id: wetransfer-phish -info: - name: wetransfer phishing Detection - author: rxerium - severity: info - description: | - A wetransfer phishing website was detected - reference: - - https://wetransfer.com +info: + name: wetransfer phishing Detection + author: rxerium + severity: info + description: | + A wetransfer phishing website was detected + reference: + - https://wetransfer.com + metadata: + max-request: 1 tags: phishing,wetransfer,osint - http: - method: GET path: diff --git a/http/osint/phishing/whatsapp-phish.yaml b/http/osint/phishing/whatsapp-phish.yaml index 91f5f403691..1f035b71d84 100644 --- a/http/osint/phishing/whatsapp-phish.yaml +++ b/http/osint/phishing/whatsapp-phish.yaml @@ -1,15 +1,16 @@ id: Whatsapp-phish -info: - name: Whatsapp phishing Detection - author: rxerium - severity: info - description: | - A Whatsapp phishing website was detected - reference: - - https://whatsapp.com +info: + name: Whatsapp phishing Detection + author: rxerium + severity: info + description: | + A Whatsapp phishing website was detected + reference: + - https://whatsapp.com + metadata: + max-request: 1 tags: phishing,whatsapp,osint - http: - method: GET path: diff --git a/http/osint/phishing/wikipedia-phish.yaml b/http/osint/phishing/wikipedia-phish.yaml index 0f6819e98e2..2adf7923ae4 100644 --- a/http/osint/phishing/wikipedia-phish.yaml +++ b/http/osint/phishing/wikipedia-phish.yaml @@ -1,15 +1,16 @@ id: Wikipedia-phish -info: - name: Wikipedia phishing Detection - author: rxerium - severity: info - description: | - A Wikipedia phishing website was detected - reference: - - https://wikipedia.com +info: + name: Wikipedia phishing Detection + author: rxerium + severity: info + description: | + A Wikipedia phishing website was detected + reference: + - https://wikipedia.com + metadata: + max-request: 1 tags: phishing,wikipedia,osint - http: - method: GET path: diff --git a/http/osint/phishing/winscp-phish.yaml b/http/osint/phishing/winscp-phish.yaml index 64a3adf5286..f0cb3e5ad86 100644 --- a/http/osint/phishing/winscp-phish.yaml +++ b/http/osint/phishing/winscp-phish.yaml @@ -1,15 +1,16 @@ id: winscp-phish -info: - name: winscp phishing Detection - author: rxerium - severity: info - description: | - A winscp phishing website was detected - reference: - - https://winscp.net +info: + name: winscp phishing Detection + author: rxerium + severity: info + description: | + A winscp phishing website was detected + reference: + - https://winscp.net + metadata: + max-request: 1 tags: phishing,winscp,osint - http: - method: GET path: diff --git a/http/osint/phishing/yahoo-phish.yaml b/http/osint/phishing/yahoo-phish.yaml index b15956bf411..2e2b3ab4ba5 100644 --- a/http/osint/phishing/yahoo-phish.yaml +++ b/http/osint/phishing/yahoo-phish.yaml @@ -1,15 +1,16 @@ id: yahoo-phish -info: - name: Yahoo phishing Detection - author: rxerium - severity: info - description: | - A yahoo phishing website was detected - reference: - - https://yahoo.com +info: + name: Yahoo phishing Detection + author: rxerium + severity: info + description: | + A yahoo phishing website was detected + reference: + - https://yahoo.com + metadata: + max-request: 1 tags: phishing,yahoo,osint - http: - method: GET path: diff --git a/http/osint/phishing/zoom-phish.yaml b/http/osint/phishing/zoom-phish.yaml index 756e38b3c17..ab7a0e04c1b 100644 --- a/http/osint/phishing/zoom-phish.yaml +++ b/http/osint/phishing/zoom-phish.yaml @@ -1,15 +1,16 @@ id: zoom-phish -info: - name: zoom phishing Detection - author: rxerium - severity: info - description: | - A zoom phishing website was detected - reference: - - https://zoom.us +info: + name: zoom phishing Detection + author: rxerium + severity: info + description: | + A zoom phishing website was detected + reference: + - https://zoom.us + metadata: + max-request: 1 tags: phishing,zoom,osint - http: - method: GET path: diff --git a/http/technologies/admiralcloud-detect.yaml b/http/technologies/admiralcloud-detect.yaml index 72c9fcf05b9..c585d85defb 100644 --- a/http/technologies/admiralcloud-detect.yaml +++ b/http/technologies/admiralcloud-detect.yaml @@ -1,19 +1,19 @@ id: admiralcloud-detect -info: - name: AdmiralCloud - Detect - author: righettod - severity: info - description: | - AdmiralCloud was detected. - reference: - - https://www.admiralcloud.com/en/ - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"AdmiralCloud" - tags: tech,admiralcloud,detect - +info: + name: AdmiralCloud - Detect + author: righettod + severity: info + description: | + AdmiralCloud was detected. + reference: + - https://www.admiralcloud.com/en/ + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"AdmiralCloud" + tags: tech,admiralcloud,detect + http: - method: GET path: diff --git a/http/technologies/arcgis-rest-api.yaml b/http/technologies/arcgis-rest-api.yaml index 34b7a0eff7a..183d62abcc7 100644 --- a/http/technologies/arcgis-rest-api.yaml +++ b/http/technologies/arcgis-rest-api.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: esri product: arcgis_engine - max-request: 1 tags: api,arcgis,cms,tech http: diff --git a/http/technologies/arcgis-tokens.yaml b/http/technologies/arcgis-tokens.yaml index f6a89be3698..4067b93031a 100644 --- a/http/technologies/arcgis-tokens.yaml +++ b/http/technologies/arcgis-tokens.yaml @@ -8,10 +8,10 @@ info: reference: - https://enterprise.arcgis.com/en/ metadata: - vendor: esri - product: arcgis_server verified: true max-request: 1 + vendor: esri + product: arcgis_server shodan-query: title:"ArcGIS" tags: tech,arcgis,tokens,detect diff --git a/http/technologies/directus-detect.yaml b/http/technologies/directus-detect.yaml index 2e01cf6172d..b130dc3a9ea 100644 --- a/http/technologies/directus-detect.yaml +++ b/http/technologies/directus-detect.yaml @@ -9,9 +9,9 @@ info: reference: - https://directus.io/ metadata: + verified: true max-request: 1 google-query: 'X-Powered-By: Directus' - verified: true tags: tech,directus,detect http: diff --git a/http/technologies/hcpanywhere-detect.yaml b/http/technologies/hcpanywhere-detect.yaml index 0319e3ecaaa..0ad8a6f1a48 100644 --- a/http/technologies/hcpanywhere-detect.yaml +++ b/http/technologies/hcpanywhere-detect.yaml @@ -9,8 +9,8 @@ info: reference: - https://hcpanywhere.hds.com/portal/public/help-complete/en/cp_hcpaw_what_is.html metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: icon_hash="915499123" tags: tech,hcpanywhere diff --git a/http/technologies/ibm/ibm-odm-detect.yaml b/http/technologies/ibm/ibm-odm-detect.yaml index 7c4002fe2d0..39b7cda6009 100644 --- a/http/technologies/ibm/ibm-odm-detect.yaml +++ b/http/technologies/ibm/ibm-odm-detect.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/products/operational-decision-manager metadata: verified: true - fofa-query: "icon_hash=\"707491698\"" max-request: 1 + fofa-query: "icon_hash=\"707491698\"" tags: ibm,decision-center,tech,detect http: diff --git a/http/technologies/microsoft/aspnet-version-detect.yaml b/http/technologies/microsoft/aspnet-version-detect.yaml index 3c81cdf235e..58114b8031e 100644 --- a/http/technologies/microsoft/aspnet-version-detect.yaml +++ b/http/technologies/microsoft/aspnet-version-detect.yaml @@ -8,11 +8,11 @@ info: Detects version disclosed via 'X-AspNet-Version' header. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 + cvss-score: 0 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "X-AspNet-Version" tags: tech,detect,aspnet diff --git a/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml b/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml index 3ead7e3a056..e106673d3ce 100644 --- a/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml +++ b/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml @@ -8,11 +8,11 @@ info: Detects version disclosed via 'X-AspNetMvc-Version' header. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 + cvss-score: 0 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "X-AspNetMvc-Version" tags: aspnetmvc,tech,detect diff --git a/http/technologies/pexip-detect.yaml b/http/technologies/pexip-detect.yaml index 3e2223fa1fe..c0b997c2a1f 100644 --- a/http/technologies/pexip-detect.yaml +++ b/http/technologies/pexip-detect.yaml @@ -1,19 +1,19 @@ id: pexip-detect -info: - name: Pexip - Detect - author: righettod - severity: info - description: | - Pexip technology was detected. - reference: - - https://www.pexip.com/ - metadata: - verified: true - max-request: 1 - shodan-query: http.title:"Pexip Connect for Web" - tags: tech,pexip,detect - +info: + name: Pexip - Detect + author: righettod + severity: info + description: | + Pexip technology was detected. + reference: + - https://www.pexip.com/ + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Pexip Connect for Web" + tags: tech,pexip,detect + http: - method: GET path: diff --git a/http/technologies/wing-ftp-service-detect.yaml b/http/technologies/wing-ftp-service-detect.yaml index f13ae743099..551f2631dd7 100644 --- a/http/technologies/wing-ftp-service-detect.yaml +++ b/http/technologies/wing-ftp-service-detect.yaml @@ -7,8 +7,8 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "Wing FTP Server" tags: tech,ftp,wing,detect diff --git a/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml b/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml index 344fe9f3b0d..7c295f86716 100644 --- a/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml +++ b/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-25194 cwe-id: CWE-502 - epss-score: 0.91608 - epss-percentile: 0.98695 + epss-score: 0.89626 + epss-percentile: 0.98692 cpe: cpe:2.3:a:apache:kafka_connect:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml b/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml index 9451b343701..909ddc99634 100644 --- a/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml +++ b/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml @@ -10,8 +10,8 @@ info: - https://cn-sec.com/archives/1377207.html - https://www.chanjet.com metadata: - max-request: 2 verified: true + max-request: 2 fofa-query: app="畅捷通-TPlus" tags: tplus,unauth,chanjet diff --git a/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml b/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml index 32866a2c68d..ca8b7c80465 100644 --- a/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml +++ b/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml @@ -7,11 +7,10 @@ info: reference: - https://github.com/wy876/POC/blob/main/%E5%A4%A7%E5%8D%8E%E6%99%BA%E6%85%A7%E5%9B%AD%E5%8C%BA%E7%BB%BC%E5%90%88%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0bitmap%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md metadata: - fofa-query: "app=\"dahua-智慧园区综合管理平台\"" verified: true max-request: 2 + fofa-query: "app=\"dahua-智慧园区综合管理平台\"" tags: dahua,file-upload,rce,intrusive - variables: rand_str: "{{randstr}}" cmd: "{{base64(to_lower(rand_text_alpha(6)))}}" diff --git a/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml b/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml index a931de2974b..3bf0ba80487 100644 --- a/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml +++ b/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml @@ -12,8 +12,8 @@ info: metadata: verified: true max-request: 1 - zoomeye-query: app:"蓝凌EIS智慧协同平台" fofa-query: app="Landray-EIS智慧协同平台" + zoomeye-query: app:"蓝凌EIS智慧协同平台" tags: landray,eis,info-leak http: diff --git a/http/vulnerabilities/lucee-rce.yaml b/http/vulnerabilities/lucee-rce.yaml index 59e698ba3ae..0f45ebe15f8 100644 --- a/http/vulnerabilities/lucee-rce.yaml +++ b/http/vulnerabilities/lucee-rce.yaml @@ -7,9 +7,9 @@ info: reference: - https://blog.projectdiscovery.io/hello-lucee-let-us-hack-apple-again metadata: + verified: true max-request: 1 shodan-query: http.title:"Lucee" - verified: true tags: lucee,rce,oast http: diff --git a/http/vulnerabilities/other/glodon-linkworks-sqli.yaml b/http/vulnerabilities/other/glodon-linkworks-sqli.yaml index 1be62fc8cbe..80db71d7d8f 100644 --- a/http/vulnerabilities/other/glodon-linkworks-sqli.yaml +++ b/http/vulnerabilities/other/glodon-linkworks-sqli.yaml @@ -9,8 +9,8 @@ info: reference: - https://github.com/zan8in/pocwiki/blob/main/%E5%B9%BF%E8%81%94%E8%BE%BE-linkworks-gwgdwebservice%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md metadata: - max-request: 1 verified: true + max-request: 1 fofa-query: banner="Services/Identification/login.ashx" tags: glodon,linkworks,sqli diff --git a/http/vulnerabilities/other/lucee-unset-credentials.yaml b/http/vulnerabilities/other/lucee-unset-credentials.yaml index ddf31fb538a..0a7ff5691db 100644 --- a/http/vulnerabilities/other/lucee-unset-credentials.yaml +++ b/http/vulnerabilities/other/lucee-unset-credentials.yaml @@ -12,8 +12,8 @@ info: classification: cwe-id: CWE-798 metadata: - max-request: 2 verified: true + max-request: 2 shodan-query: "html:\"Lucee\"" fofa-query: "app=\"Lucee-Engine\"" tags: lucee,default-login,unauth diff --git a/http/vulnerabilities/other/ups-network-lfi.yaml b/http/vulnerabilities/other/ups-network-lfi.yaml index 4ac9d89d60f..9dbfc4d349f 100644 --- a/http/vulnerabilities/other/ups-network-lfi.yaml +++ b/http/vulnerabilities/other/ups-network-lfi.yaml @@ -10,10 +10,10 @@ info: - https://packetstormsecurity.com/files/177626/upsnmc4-traversal.txt - https://www.exploit-db.com/exploits/51897 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: html:"UPS Network Management Card 4" - tags: ups,lfi + tags: packetstorm,ups,lfi http: - method: GET diff --git a/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml b/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml index 62e7aeaadea..b00f4688b4c 100644 --- a/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml +++ b/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml @@ -9,11 +9,10 @@ info: reference: - https://github.com/xinyisleep/pocscan/blob/main/%E9%94%90%E6%8D%B7/%E9%94%90%E6%8D%B7_EG%E6%98%93%E7%BD%91%E5%85%B3_WEB%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F_%E5%89%8D%E5%8F%B0RCE.py metadata: - fofa-query: body="请输入您的RG-EG易网关的用户名和密码" - max-request: 2 verified: true + max-request: 2 + fofa-query: body="请输入您的RG-EG易网关的用户名和密码" tags: ruijie,router,iot,rce - flow: http(1) && http(2) http: diff --git a/javascript/audit/mysql/mysql-load-file.yaml b/javascript/audit/mysql/mysql-load-file.yaml index d1b64780bf0..c45e8af43df 100644 --- a/javascript/audit/mysql/mysql-load-file.yaml +++ b/javascript/audit/mysql/mysql-load-file.yaml @@ -8,10 +8,10 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-databases.html metadata: - shodan-query: port:3306 verified: true + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,audit - javascript: - code: | let m = require('nuclei/mysql'); diff --git a/javascript/cves/2016/CVE-2016-8706.yaml b/javascript/cves/2016/CVE-2016-8706.yaml index 18a3a8018f7..e22fb6d5fa6 100644 --- a/javascript/cves/2016/CVE-2016-8706.yaml +++ b/javascript/cves/2016/CVE-2016-8706.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2016-8706 cwe-id: CWE-190 epss-score: 0.89998 - epss-percentile: 0.987 + epss-percentile: 0.98714 cpe: cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/javascript/cves/2023/CVE-2023-34039.yaml b/javascript/cves/2023/CVE-2023-34039.yaml index 478da2cd6f7..60968b56a3f 100644 --- a/javascript/cves/2023/CVE-2023-34039.yaml +++ b/javascript/cves/2023/CVE-2023-34039.yaml @@ -22,15 +22,14 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34039 cwe-id: CWE-327 - epss-score: 0.88996 - epss-percentile: 0.98637 + epss-score: 0.9013 + epss-percentile: 0.98721 cpe: cpe:2.3:a:vmware:aria_operations_for_networks:*:*:*:*:*:*:*:* metadata: verified: true vendor: vmware product: aria_operations_for_networks tags: js,packetstorm,cve,cve2019,vmware,aria,rce,fuzz,vrealize - variables: keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory diff --git a/javascript/enumeration/mysql/mysql-default-login.yaml b/javascript/enumeration/mysql/mysql-default-login.yaml index 6d9bf86242c..8b5c2bdc11a 100644 --- a/javascript/enumeration/mysql/mysql-default-login.yaml +++ b/javascript/enumeration/mysql/mysql-default-login.yaml @@ -7,8 +7,9 @@ info: description: | A MySQL service was accessed with easily guessed credentials. metadata: - shodan-query: port:3306 verified: true + max-request: 21 + shodan-query: "port:3306" tags: js,mysql,default-login,network,fuzz javascript: diff --git a/javascript/enumeration/mysql/mysql-info.yaml b/javascript/enumeration/mysql/mysql-info.yaml index 432e3a0a913..d068fc6669f 100644 --- a/javascript/enumeration/mysql/mysql-info.yaml +++ b/javascript/enumeration/mysql/mysql-info.yaml @@ -9,9 +9,9 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-info.html metadata: - shodan-query: port:3306 + max-request: 1 + shodan-query: "port:3306" tags: js,mssql,network - javascript: - code: | var m = require("nuclei/mysql"); diff --git a/javascript/enumeration/mysql/mysql-show-databases.yaml b/javascript/enumeration/mysql/mysql-show-databases.yaml index 6acf2122c3f..f869c4b2990 100644 --- a/javascript/enumeration/mysql/mysql-show-databases.yaml +++ b/javascript/enumeration/mysql/mysql-show-databases.yaml @@ -7,10 +7,10 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-databases.html metadata: - shodan-query: port:3306 verified: true + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,enum - javascript: - code: | let m = require('nuclei/mysql'); diff --git a/javascript/enumeration/mysql/mysql-show-variables.yaml b/javascript/enumeration/mysql/mysql-show-variables.yaml index 8d434e06fe9..820aa64f362 100644 --- a/javascript/enumeration/mysql/mysql-show-variables.yaml +++ b/javascript/enumeration/mysql/mysql-show-variables.yaml @@ -8,7 +8,8 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-variables.html metadata: - shodan-query: port:3306 + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,enum javascript: diff --git a/javascript/enumeration/mysql/mysql-user-enum.yaml b/javascript/enumeration/mysql/mysql-user-enum.yaml index ccd7edd136a..fc865a8a29a 100644 --- a/javascript/enumeration/mysql/mysql-user-enum.yaml +++ b/javascript/enumeration/mysql/mysql-user-enum.yaml @@ -5,14 +5,14 @@ info: author: pussycat0x severity: high description: | - Attempts to list all users on a MySQL server. + Attempts to list all users on a MySQL server. reference: - https://nmap.org/nsedoc/scripts/mysql-users.html metadata: - shodan-query: port:3306 verified: true + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,enum - javascript: - code: | let m = require('nuclei/mysql'); diff --git a/javascript/enumeration/smb/smb-default-creds.yaml b/javascript/enumeration/smb/smb-default-creds.yaml index cc806323d9e..224be1dec44 100644 --- a/javascript/enumeration/smb/smb-default-creds.yaml +++ b/javascript/enumeration/smb/smb-default-creds.yaml @@ -10,9 +10,9 @@ info: - https://nmap.org/nsedoc/scripts/smb-brute.html metadata: verified: true + max-request: 9 shodan-query: "port:445" tags: js,network,smb,enum,default - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb-enum-domains.yaml b/javascript/enumeration/smb/smb-enum-domains.yaml index 5d849654546..0894efbdb03 100644 --- a/javascript/enumeration/smb/smb-enum-domains.yaml +++ b/javascript/enumeration/smb/smb-enum-domains.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info description: | - SMB enumeration of domains is often part of the reconnaissance phase, where security professionals or attackers attempt to gather information about the target network to identify potential vulnerabilities. + SMB enumeration of domains is often part of the reconnaissance phase, where security professionals or attackers attempt to gather information about the target network to identify potential vulnerabilities. reference: - https://nmap.org/nsedoc/scripts/smb-enum-domains.html metadata: @@ -13,7 +13,6 @@ info: max-request: 1 shodan-query: port:445 tags: js,network,smb,enum - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb-os-detect.yaml b/javascript/enumeration/smb/smb-os-detect.yaml index a9a0911abae..91a67741d5c 100644 --- a/javascript/enumeration/smb/smb-os-detect.yaml +++ b/javascript/enumeration/smb/smb-os-detect.yaml @@ -9,9 +9,9 @@ info: reference: - https://nmap.org/nsedoc/scripts/smb-os-discovery.html metadata: + max-request: 1 shodan-query: "port:445" tags: js,network,smb,enum,os - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb-version-detect.yaml b/javascript/enumeration/smb/smb-version-detect.yaml index 2dfe2fea53a..64a8a533820 100644 --- a/javascript/enumeration/smb/smb-version-detect.yaml +++ b/javascript/enumeration/smb/smb-version-detect.yaml @@ -7,9 +7,9 @@ info: description: | SMB version detection involves identifying the specific Server Message Block protocol version used by a system or network. This process is crucial for ensuring compatibility and security, as different SMB versions may have distinct features and vulnerabilities. metadata: + max-request: 1 shodan-query: "port:445" tags: js,network,smb,enum - javascript: - code: | let m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb2-server-time.yaml b/javascript/enumeration/smb/smb2-server-time.yaml index d08cd1e768a..eb20987c0c4 100644 --- a/javascript/enumeration/smb/smb2-server-time.yaml +++ b/javascript/enumeration/smb/smb2-server-time.yaml @@ -9,10 +9,10 @@ info: reference: - https://nmap.org/nsedoc/scripts/smb2-time.html metadata: - shodan-query: "port:445" verified: true + max-request: 1 + shodan-query: "port:445" tags: js,network,smb,enum - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/misconfiguration/mysql/mysql-empty-password.yaml b/javascript/misconfiguration/mysql/mysql-empty-password.yaml index 714f2e4107e..3c51719665b 100644 --- a/javascript/misconfiguration/mysql/mysql-empty-password.yaml +++ b/javascript/misconfiguration/mysql/mysql-empty-password.yaml @@ -7,7 +7,8 @@ info: description: | Checks for MySQL servers with an empty password for root or anonymous. metadata: - shodan-query: port:3306 + max-request: 3 + shodan-query: "port:3306" tags: js,mssql,network javascript: diff --git a/network/cves/2017/CVE-2017-5645.yaml b/network/cves/2017/CVE-2017-5645.yaml index 71b6524c5e5..320009bc6c1 100644 --- a/network/cves/2017/CVE-2017-5645.yaml +++ b/network/cves/2017/CVE-2017-5645.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-5645 cwe-id: CWE-502 epss-score: 0.81948 - epss-percentile: 0.98287 + epss-percentile: 0.98292 cpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/network/cves/2018/CVE-2018-2628.yaml b/network/cves/2018/CVE-2018-2628.yaml index 6f0c13cf586..7e775df2bd0 100644 --- a/network/cves/2018/CVE-2018-2628.yaml +++ b/network/cves/2018/CVE-2018-2628.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-2628 cwe-id: CWE-502 epss-score: 0.97523 - epss-percentile: 0.99987 + epss-percentile: 0.99988 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/network/cves/2018/CVE-2018-2893.yaml b/network/cves/2018/CVE-2018-2893.yaml index 7745656f415..7661ed1e334 100644 --- a/network/cves/2018/CVE-2018-2893.yaml +++ b/network/cves/2018/CVE-2018-2893.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2018-2893 epss-score: 0.97327 - epss-percentile: 0.99869 + epss-percentile: 0.99875 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/network/cves/2020/CVE-2020-11981.yaml b/network/cves/2020/CVE-2020-11981.yaml index d2cda0df830..dc9a878224d 100644 --- a/network/cves/2020/CVE-2020-11981.yaml +++ b/network/cves/2020/CVE-2020-11981.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-11981 cwe-id: CWE-78 epss-score: 0.9386 - epss-percentile: 0.99073 + epss-percentile: 0.99081 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/network/cves/2020/CVE-2020-1938.yaml b/network/cves/2020/CVE-2020-1938.yaml index d9c9dee1e9e..1b6ea954d69 100644 --- a/network/cves/2020/CVE-2020-1938.yaml +++ b/network/cves/2020/CVE-2020-1938.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-1938 cwe-id: CWE-269 epss-score: 0.97384 - epss-percentile: 0.99902 + epss-percentile: 0.99904 cpe: cpe:2.3:a:apache:geode:1.12.0:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/network/cves/2020/CVE-2020-7247.yaml b/network/cves/2020/CVE-2020-7247.yaml index af53dd33a17..106d5703369 100644 --- a/network/cves/2020/CVE-2020-7247.yaml +++ b/network/cves/2020/CVE-2020-7247.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-7247 cwe-id: CWE-755 epss-score: 0.97506 - epss-percentile: 0.99976 + epss-percentile: 0.99978 cpe: cpe:2.3:a:openbsd:opensmtpd:6.6:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/network/detection/redis-detect.yaml b/network/detection/redis-detect.yaml index 2df2c4354e8..808488b7d54 100644 --- a/network/detection/redis-detect.yaml +++ b/network/detection/redis-detect.yaml @@ -9,11 +9,10 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 2 shodan-query: product:"redis" - verified: true tags: network,redis,detect - tcp: - inputs: - data: "*1\r\n$4\r\ninfo\r\n"