admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into discovery-vuln-distinc

Browse Source
This commit is contained in:
Prince Chaddha
2025-10-23 22:57:27 +05:30
committed by GitHub
parent 50c7a243f0 05615242d5
commit 10ec71c62c
2578 changed files with 9221 additions and 7664 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/autoassign.yml vendored
View File

@@ -29,7 +29,7 @@ jobs:
// ======= CONFIG: put your user pools here =======
// Usernames must be GitHub logins and collaborators on this repo.
const ISSUE_ASSIGNEES = [
"princechaddha","pussycat0x","ritikchaddha","DhiyaneshGeek"
"princechaddha","pussycat0x","ritikchaddha","DhiyaneshGeek","akokonunes","theamanrawat"
];
const REVIEW_POOL = [
"pussycat0x","ritikchaddha","DhiyaneshGeek","akokonunes","theamanrawat"

14
.new-additions
View File

@@ -1,5 +1,6 @@
cloud/kubernetes/security-compliance/k8s-apiserver-anonymous-access.yaml
cloud/kubernetes/security-compliance/k8s-apiserver-token-auth-file.yaml
code/cves/2025/CVE-2025-9242.yaml
http/cves/2010/CVE-2010-2018.yaml
http/cves/2015/CVE-2015-10141.yaml
http/cves/2017/CVE-2017-20194.yaml
@@ -10,13 +11,20 @@ http/cves/2018/CVE-2018-15811.yaml
http/cves/2018/CVE-2018-17173.yaml
http/cves/2018/CVE-2018-18325.yaml
http/cves/2018/CVE-2018-25114.yaml
http/cves/2019/CVE-2019-12989.yaml
http/cves/2019/CVE-2019-16072.yaml
http/cves/2019/CVE-2019-4716.yaml
http/cves/2019/CVE-2019-9874.yaml
http/cves/2020/CVE-2020-10257.yaml
http/cves/2020/CVE-2020-20601.yaml
http/cves/2020/CVE-2020-21998.yaml
http/cves/2020/CVE-2020-22165.yaml
http/cves/2020/CVE-2020-29279.yaml
http/cves/2020/CVE-2020-3952.yaml
http/cves/2020/CVE-2020-4427.yaml
http/cves/2021/CVE-2021-20086.yaml
http/cves/2021/CVE-2021-24212.yaml
http/cves/2021/CVE-2021-24220.yaml
http/cves/2021/CVE-2021-26072.yaml
http/cves/2021/CVE-2021-27856.yaml
http/cves/2021/CVE-2021-27858.yaml
@@ -24,12 +32,14 @@ http/cves/2021/CVE-2021-30116.yaml
http/cves/2021/CVE-2021-30118.yaml
http/cves/2021/CVE-2021-3018.yaml
http/cves/2021/CVE-2021-32478.yaml
http/cves/2021/CVE-2021-3287.yaml
http/cves/2021/CVE-2021-33766.yaml
http/cves/2021/CVE-2021-35064.yaml
http/cves/2021/CVE-2021-37292.yaml
http/cves/2021/CVE-2021-38154.yaml
http/cves/2021/CVE-2021-39411.yaml
http/cves/2022/CVE-2022-22956.yaml
http/cves/2022/CVE-2022-24086.yaml
http/cves/2022/CVE-2022-24682.yaml
http/cves/2022/CVE-2022-31181.yaml
http/cves/2022/CVE-2022-31704.yaml
@@ -42,6 +52,7 @@ http/cves/2022/CVE-2022-48323.yaml
http/cves/2023/CVE-2023-30194.yaml
http/cves/2023/CVE-2023-34133.yaml
http/cves/2023/CVE-2023-3519.yaml
http/cves/2023/CVE-2023-40044.yaml
http/cves/2023/CVE-2023-6655.yaml
http/cves/2024/CVE-2024-10708.yaml
http/cves/2024/CVE-2024-13979.yaml
@@ -87,12 +98,15 @@ http/misconfiguration/unauth-esphome.yaml
http/takeovers/redirect-pizza-takeover.yaml
http/technologies/backdrop-cms-detect.yaml
http/technologies/enigma-nms-detect.yaml
http/vulnerabilities/yonyou/yonyou-nc-lfi.yaml
javascript/cves/2010/CVE-2010-20103.yaml
javascript/cves/2020/CVE-2020-2883.yaml
javascript/cves/2020/CVE-2020-4429.yaml
javascript/cves/2023/CVE-2023-21839.yaml
javascript/cves/2025/CVE-2025-46817.yaml
javascript/cves/2025/CVE-2025-46818.yaml
javascript/cves/2025/CVE-2025-46819.yaml
javascript/cves/2025/CVE-2025-49844.yaml
javascript/udp/misconfiguration/mdns-enum.yaml
network/cves/2021/CVE-2021-27877.yaml
network/cves/2023/CVE-2023-37582.yaml

2
cloud/kubernetes/security-compliance/k8s-apiserver-anonymous-access.yaml
View File

@@ -42,4 +42,4 @@ code:
- type: dsl
dsl:
- '"kube-apiserver configuration does not explicitly set " + argument + ". This may allow anonymous access."'
# digest: 4b0a00483046022100fe7b6017299371487169b66b4e188679450b8189bdff8025e09071dafa3f436a022100c5777c8156bd0f6fc7a6ad02caf36293bc8187a4d6e1cc08c4937645ba60acb2:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100e257709e99f3bf58ca784470e120f635e8c4da3bf0ae87ad34750f26d30b7aa10221008e492192b6ee725af1ca911c270371dabced492c933b4995b1b00a6497d7ba29:922c64590222798bb761d5b6d8e72950

2
cloud/kubernetes/security-compliance/k8s-apiserver-token-auth-file.yaml
View File

@@ -40,4 +40,4 @@ code:
- type: dsl
dsl:
- '"kube-apiserver is configured with " + argument + ". Review and remove if unnecessary."'
# digest: 4a0a004730450220570c31f832b4f552d4a3638204241b460d3ed793f5873d3f76e1c5962c20c626022100f2ae478f1ab12d1a905c0a34a802a6edd1605a4d6b38e12096e68fb5dbe1c5f3:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100eab0a0bbf106ff223a30bd354590d7c0442b6603ca922b759d7cd9f31e669db70221008f7a29a9684ae882602800bc55224210f487acfd8ae922f6eb6501e7ea670281:922c64590222798bb761d5b6d8e72950

6
code/cves/2019/CVE-2019-0604.yaml
View File

@@ -17,8 +17,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-0604
cwe-id: CWE-20
epss-score: 0.94411
epss-percentile: 0.99974
epss-score: 0.94414
epss-percentile: 0.99975
metadata:
verified: true
vendor: microsoft
@@ -154,4 +154,4 @@ code:
- 'contains(interactsh_protocol, "dns")'
- 'contains(interactsh_request, hex_encode(marker))'
condition: and
# digest: 4a0a0047304502210092520914337818700241aec63fefefc405f96cf788028b0ef17c73a55dee39df022075a35928ee19c0cb22b0b7792ef9f98d7f8e940a7aac749024070724a64b9227:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100b5cd1ef5a9457eea2e6b8dae7ccc5eb7cc55ea802adc5d36fcc6e3bda32da9cd0220573735169c37d05ce8d5652af14321951f97511ec0c6b5bb696f6ac3af2b0c3b:922c64590222798bb761d5b6d8e72950

4
code/cves/2019/CVE-2019-14287.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2019-14287
cwe-id: CWE-755
epss-score: 0.86126
epss-percentile: 0.99352
epss-percentile: 0.99348
cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
metadata:
verified: true
@@ -47,4 +47,4 @@ code:
- '!contains(code_1_response, "root")'
- 'contains(code_2_response, "root")'
condition: and
# digest: 4b0a00483046022100f449191355556a102565012b8adad17671a7305c5de74b7f87744256e0976452022100b6038d82706bb4a325f755119ecdb6e70d506501fc3c7cbc387b9a5bd47fdcdf:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402205fa12018f574ac73b13846d6f9ad1000373a51aa4477f6b4da6e06a45078d413022018f0ddcf601d8cfa89e9418235596961c6b65e81da674f0e5cf32dfedf42885d:922c64590222798bb761d5b6d8e72950

6
code/cves/2020/CVE-2020-0646.yaml
View File

@@ -15,8 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2020-0646
cwe-id: CWE-91
epss-score: 0.93121
epss-percentile: 0.99779
epss-score: 0.93186
epss-percentile: 0.99786
cpe: cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*
metadata:
verified: true
@@ -102,4 +102,4 @@ code:
- 'contains(content_type, "text/xml")'
- 'status_code == 200'
condition: and
# digest: 4a0a00473045022100add5a4369efa6310cfb9b8af959c05574e03817a91cb4bc9ba2932c28e928bc702205c23abf879d1163c2ea33ca14b3443edd0725ea50d6e1c7969169eeb09f37409:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100c7138fd5a5cb777990d4ce5adcb52dfdb6309c9bacddb390119e7be6beb009b1022100ee96adab5d641109fc5f174ad492400b6ed693603a356ada2a5ad01a0460007a:922c64590222798bb761d5b6d8e72950

4
code/cves/2023/CVE-2023-2640.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2023-2640
cwe-id: CWE-863
epss-score: 0.92037
epss-percentile: 0.99688
epss-percentile: 0.99686
cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
metadata:
verified: true
@@ -55,4 +55,4 @@ code:
- '!contains(code_1_response, "(root)")'
- 'contains(code_2_response, "(root)")'
condition: and
# digest: 4b0a00483046022100f1d52c47ffaf5c80020941f68703ccab37973c277b2a792aebbac46bdceb74de022100cef931f2a38dacc3ff81a8725397d90f210898e5526edab13b456c565595855c:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100821f1b63ae04a54f21cdf243defcd1ca377c79bdd8c1da76382a7f50db5ca2d402207b3d17b42a602e1b111e9b87cc6fb2eeb4b61900622b76121c27cadafb62b89b:922c64590222798bb761d5b6d8e72950

4
code/cves/2023/CVE-2023-2986.yaml
View File

@@ -17,7 +17,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2023-2986
epss-score: 0.91169
epss-percentile: 0.99632
epss-percentile: 0.9963
cpe: cpe:2.3:a:tychesoftwares:abandoned_cart_lite_for_woocommerce:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
@@ -626,4 +626,4 @@ http:
- type: status
status:
- 302
# digest: 4b0a00483046022100e4a504aa9f4e0c9eaa2057ff46ec9bab9bcaeacb9471b03addc483f6cc034891022100be584b2fd04783b2c075394ecea1291736184f83c5dda6e8941a2db96242a12b:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205eff790caf46e8d58454c3c1d6a9e2674c75f94d458fd903323439c1939ef40d022100e40bfb43d27b3c8a533977f1deee9d2a559faad0f5154247b184bd922d48dd69:922c64590222798bb761d5b6d8e72950

4
code/cves/2023/CVE-2023-49105.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2023-49105
cwe-id: CWE-287
epss-score: 0.86244
epss-percentile: 0.99355
epss-percentile: 0.99351
cpe: cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
metadata:
max-request: 2
@@ -90,4 +90,4 @@ http:
- type: dsl
dsl:
- '"Username => "+ username'
# digest: 4b0a0048304602210094527fd16f050ebcdd259250ccfe41086f91f545508de14aed8537a3efa173c20221008d87bf6cb63d4833be764f5a5faff69c7da76c1316189744c03496ee11c9fdc6:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220685d5537e479c33ff1e3202529f09fc7a07a9afe2ffd0bc1c46d9e035b912daf0221009598e5597f934609a80a962470345a725f099726a099906285e05989b68f1f26:922c64590222798bb761d5b6d8e72950

4
code/cves/2023/CVE-2023-4911.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2023-4911
cwe-id: CWE-787,CWE-122
epss-score: 0.78361
epss-percentile: 0.98978
epss-percentile: 0.98976
cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -39,4 +39,4 @@ code:
- type: word
words:
- "139" # Segmentation Fault Exit Code
# digest: 4a0a0047304502210082e8f2b4512ccad06f368758830b81685f93e275e5be069e185ce6bdd44e6a1702204790acb6af4a3322582387d2351e27f1c4e5dffc96659597ae33d1ea09fad4ba:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220631c6ed314c36bb3a485df99313d6e45ec5f162e1d99fdce6c45d4926a249311022100ca47f641a84a5d01e75dafadc398bb4a373064ced6231be3050224964f0b08f1:922c64590222798bb761d5b6d8e72950

4
code/cves/2023/CVE-2023-6246.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2023-6246
cwe-id: CWE-787,CWE-122
epss-score: 0.25854
epss-percentile: 0.96001
epss-percentile: 0.96003
cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -39,4 +39,4 @@ code:
- type: word
words:
- "127" # Segmentation Fault Exit Code
# digest: 4b0a00483046022100a7ec8f1066a416fa62caf72d3801b90a4dfa0ac6e6acd3bf42ed5b9ac3f2ee350221009e520f1a77c44b521f1219e6c138d4327d8ad250bf5e2861ef2ae54b22f64d02:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402205354cff81502ed0a91868a12bac80e00a88388ceebb7524e6827c6e4d5c201d302204846842b043e0b735dca54eae6eeeaafcc0de670cd948c24f42e624fb09be3ab:922c64590222798bb761d5b6d8e72950

4
code/cves/2024/CVE-2024-10443.yaml
View File

@@ -14,7 +14,7 @@ info:
cve-id: CVE-2024-10443
cwe-id: CWE-77
epss-score: 0.69676
epss-percentile: 0.98588
epss-percentile: 0.98584
cpe: cpe:2.3:a:synology:photos:*:*:*:*:*:diskstation_manager:*:*
metadata:
verified: true
@@ -54,4 +54,4 @@ code:
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "dns"
# digest: 4a0a0047304502200fbb79c2d50f1792c068f3830d86c74a8f9eaaf4189828432c0c4824d7f8fb54022100b89e88b7fb58dda09f3a652fa4018cb1aa793d1e136bfb0499227cd4806d7f8d:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205f216b47b33e4a5a3e0feeeb8aaec7c6f7157c1320ed1bed074ef96df1daab7c02210085787c86169925c2e82fc956486cf6485321f4a9c9d23e6ef579ceb27936a2d8:922c64590222798bb761d5b6d8e72950

4
code/cves/2024/CVE-2024-12356.yaml
View File

@@ -14,7 +14,7 @@ info:
cve-id: CVE-2024-12356
cwe-id: CWE-77
epss-score: 0.93687
epss-percentile: 0.99835
epss-percentile: 0.99836
cpe: cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*
metadata:
vendor: beyondtrust
@@ -37,4 +37,4 @@ code:
words:
- "0 success"
- "1 try again later"
# digest: 4b0a00483046022100c408c9ebeb74c8d63f64c55da1121ed54bf7229bc972a127e887ca75db02a56f022100ff7a5d6afde08aa49b6011849737e72e11f3e6289dd2366dd65e5b236ae58a03:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402207473846dce3d7f128b11c31c4828d5ba403576d68f5baccdc7961cc4154cfe2402206d073e3e33805c230484de6a30dd6913fea592ba170a486ff00a3d4c98b65195:922c64590222798bb761d5b6d8e72950

4
code/cves/2024/CVE-2024-3094.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2024-3094
cwe-id: CWE-506
epss-score: 0.86006
epss-percentile: 0.99345
epss-percentile: 0.99341
cpe: cpe:2.3:a:tukaani:xz:5.6.0:*:*:*:*:*:*:*
metadata:
verified: true
@@ -59,4 +59,4 @@ code:
- type: dsl
dsl:
- response
# digest: 4a0a00473045022016aed160cb30df99f23e760309b75b194de2adb38887feb5415287f750162f85022100c36d4e18697d9608c89c006098d3d63306d1a5e20d19da40a54e147972286ba4:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100fbec8d329459de5704fccbb7949fbff22a875c9d112606f0ca985474d9828aee02205c678ce82dbd59d2657913ae3fba5f49e446380713a81f172ec1d0284f27f73a:922c64590222798bb761d5b6d8e72950

4
code/cves/2024/CVE-2024-4340.yaml
View File

@@ -11,7 +11,7 @@ info:
cvss-score: 7.5
cve-id: CVE-2024-4340
epss-score: 0.14988
epss-percentile: 0.94241
epss-percentile: 0.94237
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2024-4340
tags: cve,cve2024,py,code,dos,python,sqlparse,vuln
@@ -29,4 +29,4 @@ code:
part: stderr
words:
- "RecursionError: maximum recursion depth exceeded"
# digest: 4b0a00483046022100b9c01ecc3677c05a19db64df40ec2759f54419732959ce7f25405d9390ce808a022100c03be4723f24a1c4dacf74ef253ebc9848048c56a3a537ce5fcbfb52a0259d62:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402205f9e6e6e4db76c2afc4a508b1b7958b0a79a6e12c0f422d3cc7cdfabf98a2d3f022052c199774cea60d1b3ac2bb32341c856fc36e038dd34455425620747ccdaa04b:922c64590222798bb761d5b6d8e72950

4
code/cves/2024/CVE-2024-45409.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2024-45409
cwe-id: CWE-347
epss-score: 0.34149
epss-percentile: 0.96752
epss-percentile: 0.96751
metadata:
verified: true
shodan-query: http.title:"GitLab"
@@ -123,4 +123,4 @@ http:
- type: kval
kval:
- _gitlab_session
# digest: 4a0a004730450221008cfe9fd9d2fe292b1de929aa79303ba4e0a58039b481efce51e16efb9aa6c3f7022077337cbf24a7a854aaf8f6ea22a27e5ca5016a0349239a237eaca307297a8896:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220714ea12b4626b48c292d3e4b9e6f71122569b5246ef066b542d925b819e08012022100a5576e510e5b53b35cfa87b961090eb44966b6cf4736753ec56fc67b9e3fef0e:922c64590222798bb761d5b6d8e72950

4
code/cves/2024/CVE-2024-56331.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2024-56331
cwe-id: CWE-22
epss-score: 0.41406
epss-percentile: 0.97219
epss-percentile: 0.97216
metadata:
verified: true
shodan-query: http.title:"Uptime Kuma"
@@ -124,4 +124,4 @@ code:
- type: word
words:
- "/etc/passwd: {'ok': True, 'msg': 'successAdded'"
# digest: 4a0a00473045022100a391dd0b4416deddb43a9fe07f40e92064a1cbdbe77ac4afb3f66495602ace6a0220269e0914e18aad32dc6cf6d12ff4e3e20193976e1da19cbecb4701c2922ca171:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402206b7e582a416f9f46dcf5330e71235f0e1e4001443ca70044c0fb3a0e88286102022023455aeab4fd430e7f29fb0007a773ba47112501c2e324e6341b454571b21179:922c64590222798bb761d5b6d8e72950

4
code/cves/2024/CVE-2024-9487.yaml
View File

@@ -11,7 +11,7 @@ info:
- https://github.com/advisories/GHSA-g83h-4727-5rpv
classification:
epss-score: 0.36115
epss-percentile: 0.96884
epss-percentile: 0.96883
metadata:
verified: true
shodan-query: title:"GitHub Enterprise"
@@ -188,4 +188,4 @@ http:
- type: kval
kval:
- user_session
# digest: 490a0046304402202d3efac6314a1c2cd763839067a1e4b74938c0164beb101fc7081d5f693f0c5c02205b6bf79a7736fec39dc562e70720ec97c17445d09e76f9f57f824be637e63bdf:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402205c5ab46f66f6168142beb11951d145353ae07cf25e7ca3fcb42ba0b0875f87be022023cea944ef979097e9a6ac01c2a3a368c6eeaf03399d2fd05e4f51cf97bef0eb:922c64590222798bb761d5b6d8e72950

6
code/cves/2025/CVE-2025-22457.yaml
View File

@@ -21,8 +21,8 @@ info:
cvss-score: 9.0
cve-id: CVE-2025-22457
cwe-id: CWE-121,CWE-787
epss-score: 0.69383
epss-percentile: 0.98572
epss-score: 0.73838
epss-percentile: 0.98749
cpe: cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*
metadata:
vendor: ivanti
@@ -128,4 +128,4 @@ code:
- type: word
words:
- "VULNERABLE:"
# digest: 4b0a004830460221009639cf0e4763780e9bbffa9eacb804f6b324dcf10ecac7be3245ae637496d4d6022100945d37c314911cca98e170a32cca606991cb6d9e5188e3499ebb2a282c08afb0:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100d741e093b9976585c8fa05078da632860fd76ad6756a3173297ab28ca3605dd3022015cad3b51768d5328968641ce1731815b932def76669fbb9786adf96644bea3b:922c64590222798bb761d5b6d8e72950

4
code/cves/2025/CVE-2025-25291.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2025-25291
cwe-id: CWE-347
epss-score: 0.22491
epss-percentile: 0.95559
epss-percentile: 0.95558
metadata:
verified: true
vendor: gitlab
@@ -78,4 +78,4 @@ http:
- type: kval
kval:
- _gitlab_session
# digest: 4a0a00473045022100d9fac64a802c6198a6931643635019d137610c3930674d5e992ad05670c2bddf022056f2d90e2d303bb50a00746181fca6b850ce354f582e55f26f58769e9f9e298d:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220366c479e61668cbefa7f0e4e7bd2d14ac6a7da22c420ce5a324d9d49ed2bafd8022100e6d22bab50b5c580c36327f68e9218e606ebb33dd1f4d4b1ae41cced34594781:922c64590222798bb761d5b6d8e72950

6
code/cves/2025/CVE-2025-32433.yaml
View File

@@ -20,8 +20,8 @@ info:
cvss-score: 10
cve-id: CVE-2025-32433
cwe-id: CWE-306
epss-score: 0.60021
epss-percentile: 0.98153
epss-score: 0.62472
epss-percentile: 0.98258
metadata:
verified: true
max-request: 1
@@ -172,4 +172,4 @@ code:
dsl:
- 'contains(interactsh_protocol, "dns")'
condition: and
# digest: 490a0046304402206a10c153313269aadc0ae8f920f20eff7ccd488695af7a61a7f844e2b131cd3e02201379f8135d2a0b13ed464c652dc45d9ca52707b9f66b7836214cd23d551dc750:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100fd01be13a9c8ddac7b6d6db5735c7160cf33619eac26b318cc6f4be0a839c821022021c3688f752fd11c969b3be4916a6782b5102285e11eb9851b6a43a09dfc605b:922c64590222798bb761d5b6d8e72950

6
code/cves/2025/CVE-2025-54309.yaml
View File

@@ -17,8 +17,8 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2025-54309
epss-score: 0.50657
epss-percentile: 0.97683
epss-score: 0.56973
epss-percentile: 0.97994
cwe-id: CWE-287,CWE-362
cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*
metadata:
@@ -200,4 +200,4 @@ code:
- type: word
words:
- "VULNERABLE:"
# digest: 4b0a00483046022100844d88661856d05f89f278873cc9e66f4f3fd7a791216b66dfdc19f53e4cc3f50221009ae4cedbaf1823be67695656c36387b389afa510de8cab665653a50b73a0d5ef:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502207e847ff023c1fc3d7bcdafc698ba12cb53c61bc052cc3e79e03204d221463bfe022100aa1f6a50dd82037eeede820b5a1f98047ba3e1a902d57324839ebb09ac11eafe:922c64590222798bb761d5b6d8e72950

4
code/cves/2025/CVE-2025-6216.yaml
View File

@@ -16,7 +16,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2025-6216
classification:
epss-score: 0.28615
epss-percentile: 0.96282
epss-percentile: 0.9628
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2025-6216
@@ -115,4 +115,4 @@ code:
- type: dsl # type of the extractor
dsl:
- '"Reset URL: " + code_response'
# digest: 4b0a00483046022100c63a5b06d3c5393f116ca1da701cf7dc90c4b19487b3b2e94d1b459e07dbbacd022100ff2a8ae115168d09dc8638ebddaa4bec3cd6df9c868c8473660b37a92e0b79f0:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022037a1ac0eab6d2755c0a66e61be428475c6ca11cb8db8b6772dbbfd3638268fc902202a1e442dad875aa1deea4e3d7d22a8be417d195c293a0c15ffeda75932fb9484:922c64590222798bb761d5b6d8e72950

555
code/cves/2025/CVE-2025-9242.yaml Normal file
View File

@@ -0,0 +1,555 @@
id: CVE-2025-9242
info:
name: WatchGuard IKEv2 Out-of-Bounds Write Vulnerability
author: pussycat0x,DhiyaneshDK,watchTowr
severity: critical
description: |
WatchGuard Fireware OS 11.10.2 to 11.12.4_Update1, 12.0 to 12.11.3, and 2025.1 contains an out-of-bounds write caused by improper handling in Mobile User VPN and Branch Office VPN with IKEv2 dynamic gateway peer, letting remote unauthenticated attackers execute arbitrary code.
impact: |
Remote unauthenticated attackers can execute arbitrary code, potentially leading to full system compromise.
remediation: |
Update to the latest Fireware OS version beyond 2025.1.
reference:
- https://github.com/watchtowrlabs/watchTowr-vs-WatchGuard-CVE-2025-9242/
- https://labs.watchtowr.com/yikes-watchguard-fireware-os-ikev2-out-of-bounds-write-cve-2025-9242
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2025-9242
cwe-id: CWE-787,CWE-362
epss-score: 0.50657
epss-percentile: 0.97686
cpe: cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*
metadata:
verified: true
shodan-query: html:"Watchguard" html:"Authentication Server"
tags: cve,cve2025,watchguard,ikev2,rce,passive,vpn
variables:
HOST: "{{Host}}"
PORT: "{{Port}}"
code:
- engine:
- py
- python3
source: |
import socket
import struct
import random
import enum
import hashlib
import hmac
import logging
import base64
import binascii
import re
import sys
import os
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
# Configure logging
logging.basicConfig(level=logging.INFO, format='%(message)s')
FW_VERSION = None
BUILD_NUMBER = None
class WatchGuardFw:
ADDRESSES = {
'12.11.3': {
'pop_rcx_ret': 0x4225ab,
'mov_rax_rcx_ret': 0x5a4fac,
'mov_rbp_rsp_call_rax': 0x42008d,
'pop_r13_ret': 0x594ac4,
'mov_rax_rbp_pop_rbx_pop_rbp_ret': 0x598d69,
'sub_rax_rcx_ret': 0x5a4fd8,
'push_rax_mov_rax_rbx_pop_rbx_ret': 0x5a4468,
'mov_rdi_rbx_call_rax': 0x42fce4,
'pop_rsi_ret': 0x508ece,
'pop_rdx_ret': 0x483a4a,
'mov_rax_rax_ret': 0x5b145e,
'jmp_rax': 0x41908f,
'jmp_rbx': 0x449ba3,
'offset_data': 0x00,
'offset_shellcode': 0x30,
'offset_stack': 0x340,
'offset_stack_page_aligned': 0x0cc8,
'offset_bind_mprotect': 0x5ea0,
'got_bind': 0x658028,
},
}
@staticmethod
def version_tuple(v):
return tuple(map(int, (v.split("."))))
class PayloadType(enum.IntEnum):
NONE = 0
TRANSFORM = 3
SECURITY_ASSOCIATION = 33
KEY_EXCHANGE = 34
IDENTIFIER_INITIATOR = 35
IDENTIFIER_RESPONDER = 36
CERTIFICATE = 37
CERTIFICATE_REQUEST = 38
AUTHENTICATION = 39
NONCE = 40
NOTIFY = 41
DELETE = 42
VENDOR_ID = 43
TRAFFIC_SELECTOR_INITIATOR = 44
TRAFFIC_SELECTOR_RESPONDER = 45
ENCRYPTED = 46
CONFIGURATION = 47
EXTENSIBLE_AUTHENTICATION = 48
class ExchangeType(enum.IntEnum):
IKE_SA_INIT = 34
IKE_AUTH = 35
CREATE_CHILD_SA = 36
INFORMATIONAL = 37
class TransformType(enum.IntEnum):
ENCRYPTION_ALGORITHM = 1
PSEUDO_RANDOM_FUNCTION = 2
INTEGRITY_ALGORITHM = 3
DIFFIE_HELLMAN_GROUP = 4
class NotifyType(enum.IntEnum):
UNSUPPORTED_CRITICAL_PAYLOAD = 1
INVALID_IKE_SPI = 4
INVALID_MAJOR_VERSION = 5
INVALID_SYNTAX = 7
INVALID_MESSAGE_ID = 9
INVALID_SPI = 11
NO_PROPOSAL_CHOSEN = 14
INVALID_KE_PAYLOAD = 17
AUTHENTICATION_FAILED = 24
SINGLE_PAIR_REQUIRED = 34
NO_ADDITIONAL_SAS = 35
INTERNAL_ADDRESS_FAILURE = 36
FAILED_CP_REQUIRED = 37
TS_UNACCEPTABLE = 38
INVALID_SELECTORS = 39
INITIAL_CONTACT = 16384
SET_WINDOW_SIZE = 16385
ADDITIONAL_TS_POSSIBLE = 16386
IPCOMP_SUPPORTED = 16387
NAT_DETECTION_SOURCE_IP = 16388
NAT_DETECTION_DESTINATION_IP = 16389
COOKIE = 16390
USE_TRANSPORT_MODE = 16391
HTTP_CERT_LOOKUP_SUPPORTED = 16392
REKEY_SA = 16393
ESP_TFC_PADDING_NOT_SUPPORTED = 16394
NON_FIRST_FRAGMENTS_ALSO = 16395
MOBIKE_SUPPORTED = 16396
MULTIPLE_AUTH_SUPPORTED = 16404
REDIRECT_SUPPORTED = 16406
IKEV2_FRAGMENTATION_SUPPORTED = 16430
SIGNATURE_HASH_ALGORITHMS = 16431
class EncryptionAlgorithm(enum.IntEnum):
ENCR_DES_IV64 = 1
ENCR_DES = 2
ENCR_3DES = 3
ENCR_RC5 = 4
ENCR_IDEA = 5
ENCR_CAST = 6
ENCR_BLOWFISH = 7
ENCR_3IDEA = 8
ENCR_DES_IV32 = 9
RESERVED = 10
ENCR_NULL = 11
ENCR_AES_CBC = 12
ENCR_AES_CTR = 13
ENCR_AES_CCM_8 = 14
ENCR_AES_CCM_12 = 15
ENCR_AES_CCM_16 = 16
ENCR_AES_GCM_8 = 18
ENCR_AES_GCM_12 = 19
ENCR_AES_GCM_16 = 20
ENCR_NULL_AUTH_AES_GMAC = 21
P1619_XTS_AES = 22
ENCR_CAMELLIA_CBC = 23
ENCR_CAMELLIA_CTR = 24
ENCR_CAMELLIA_CCM_8 = 25
ENCR_CAMELLIA_CCM_12 = 26
ENCR_CAMELLIA_CCM_16 = 27
ENCR_CHACHA20_POLY1305 = 28
ENCR_AES_CCM_8_IIV = 29
ENCR_AES_GCM_16_IIV = 30
ENCR_CHACHA20_POLY1305_IIV = 31
ENCR_KUZNYECHIK_MGM_KTREE = 32
ENCR_MAGMA_MGM_KTREE = 33
ENCR_KUZNYECHIK_MGM_MAC_KTREE = 34
ENCR_MAGMA_MGM_MAC_KTREE = 35
class PseudoRandomFunction(enum.IntEnum):
PRF_HMAC_MD5 = 1
PRF_HMAC_SHA1 = 2
PRF_HMAC_TIGER = 3
PRF_AES128_XCBC = 4
PRF_HMAC_SHA2_256 = 5
PRF_HMAC_SHA2_384 = 6
PRF_HMAC_SHA2_512 = 7
PRF_AES128_CMAC = 8
PRF_HMAC_STREEBOG_512 = 9
class IntegrityAlgorithm(enum.IntEnum):
AUTH_HMAC_MD5_96 = 1
AUTH_HMAC_SHA1_96 = 2
AUTH_DES_MAC = 3
AUTH_KPDK_MD5 = 4
AUTH_AES_XCBC_96 = 5
AUTH_HMAC_MD5_128 = 6
AUTH_HMAC_SHA1_160 = 7
AUTH_AES_CMAC_96 = 8
AUTH_AES_128_GMAC = 9
AUTH_AES_192_GMAC = 10
AUTH_AES_256_GMAC = 11
AUTH_HMAC_SHA2_256_128 = 12
AUTH_HMAC_SHA2_384_192 = 13
AUTH_HMAC_SHA2_512_256 = 14
class DiffieHellmanGroup(enum.IntEnum):
DH_GROUP_2048_BIT_MODP = 14
DH_GROUP_768_BIT_MODP = 1
DH_GROUP_1024_BIT_MODP = 2
DH_GROUP_1536_BIT_MODP = 5
DH_GROUP_3072_BIT_MODP = 15
DH_GROUP_4096_BIT_MODP = 16
DH_GROUP_6144_BIT_MODP = 17
DH_GROUP_8192_BIT_MODP = 18
RANDOM_ECP_GROUP_256_BIT = 19
RANDOM_ECP_GROUP_384_BIT = 20
RANDOM_ECP_GROUP_521_BIT = 21
DH_GROUP_1024_BIT_MODP_WITH_160_BIT_PRIME_ORDER_SUBGROUP = 22
DH_GROUP_2048_BIT_MODP_WITH_224_BIT_PRIME_ORDER_SUBGROUP = 23
DH_GROUP_2048_BIT_MODP_WITH_256_BIT_PRIME_ORDER_SUBGROUP = 24
RANDOM_ECP_GROUP_192_BIT = 25
RANDOM_ECP_GROUP_224_BIT = 26
BRAINPOOLP224R1 = 27
BRAINPOOLP256R1 = 28
BRAINPOOLP384R1 = 29
BRAINPOOLP512R1 = 30
CURVE25519 = 31
CURVE448 = 32
GOST3410_2012_256 = 33
GOST3410_2012_512 = 34
ML_KEM_512 = 35
ML_KEM_768 = 36
ML_KEM_1024 = 37
class IkePacker:
@staticmethod
def header(initiator_spi, responder_spi, next_payload, exchange_type, message_id, version=0x20, flags = 0x08):
return struct.pack('>QQBBBBII', initiator_spi, responder_spi, next_payload, version, exchange_type, flags, message_id, 0)
@staticmethod
def payload_header(next_payload, payload, critical = 0):
return struct.pack('>BBH', next_payload, critical, 4 + len(payload)) + payload
@staticmethod
def security_association(next_payload, proposal):
return IkePacker.payload_header(next_payload, proposal)
@staticmethod
def proposal(next_payload, number, id, transforms = [], spi = b''):
b_transforms = b''
for transform in transforms:
if isinstance(transform, IkeTransform):
b_transforms += transform.pack()
continue
b_transforms += transform
return IkePacker.payload_header(next_payload, struct.pack('>BBBB', number, id, len(spi), len(transforms)) + spi + b_transforms)
@staticmethod
def key_exchange(next_payload, dh_group, data, reserved = 0):
return IkePacker.payload_header(next_payload, struct.pack('>HH', dh_group, reserved) + data)
@staticmethod
def nonce(next_payload, nonce):
return IkePacker.payload_header(next_payload, nonce)
@staticmethod
def notify(next_payload, notify_type, data = b'', protocol_id = 1, spi_size = 0):
return IkePacker.payload_header(next_payload, struct.pack('>BBH', protocol_id, spi_size, notify_type) + data)
@staticmethod
def vendor_id(next_payload, vendor_id):
return IkePacker.payload_header(next_payload, vendor_id)
class IkeTransform:
def __init__(self, next_payload, transform_type, transform_id, transform_attributes=None, reserved=0):
self.next_payload = next_payload
self.transform_type = transform_type
self.reserved = reserved
self.transform_id = transform_id
self.transform_attributes = transform_attributes
def pack(self):
transform = struct.pack('>BBH', self.transform_type, self.reserved, self.transform_id)
if self.transform_attributes:
transform += struct.pack('>I', self.transform_attributes)
return IkePacker.payload_header(self.next_payload, transform)
class IkeResponse:
def __init__(self, initiator_spi, responder_spi, version, exchange_type, flags, message_id, length, payloads):
self.initiator_spi = initiator_spi
self.responder_spi = responder_spi
self.version = version
self.exchange_type = exchange_type
self.flags = flags
self.message_id = message_id
self.length = length
self.payloads = payloads
def get(self, type):
payloads = []
for payload in self.payloads:
if payload['type'] == type:
payloads.append(payload['payload'])
return payloads
class IkeUnpacker:
@staticmethod
def unpack_payload_header(data):
return struct.unpack('>BBH', data[:4])
@staticmethod
def unpack(response):
initiator_spi, responder_spi, next_payload, version, exchange_type, flags, message_id, length = struct.unpack('>QQBBBBII', response[:28])
raw_payloads = response[28:]
i = 0
payload_type = next_payload
payloads = []
while i < len(raw_payloads):
next_payload, critical, payload_length = IkeUnpacker.unpack_payload_header(raw_payloads[i:i+4])
payload = raw_payloads[i+4:i+payload_length]
if payload_type == PayloadType.VENDOR_ID:
payload = payload
payloads.append({
'type': payload_type,
'critical': critical,
'payload': payload
})
i += payload_length
payload_type = next_payload
return IkeResponse(
initiator_spi,
responder_spi,
version,
exchange_type,
flags,
message_id,
length,
payloads
)
class IkeCrypto:
def __init__(self):
self.initiator_nonce = self.generate_nonce(32)
self.initiator_spi = random.randint(0, 0xffffffffffffffff)
self.responder_spi = 0x0000000000000000
self.client_private_key = None
self.client_public_key = None
self.client_public_key_bytes = None
self.generate_keys = self.dh_modp_14_generate_keys
self.generate_keys()
def generate_nonce(self, length=32):
return random.getrandbits(length * 8).to_bytes(length, 'big')
def dh_modp_14_generate_keys(self):
p_hex = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF'
self.p = int(p_hex, 16)
if self.p.bit_length() != 2048:
self.p = self.p >> (self.p.bit_length() - 2048)
g = 2
self.client_private_key = random.randint(1, self.p - 1)
self.client_public_key = pow(g, self.client_private_key, self.p)
public_key_bit_length = self.client_public_key.bit_length()
public_key_byte_length = (public_key_bit_length + 7) // 8
if public_key_byte_length > 256:
raise ValueError(f"Public key too large: {public_key_byte_length} bytes (max 256)")
self.client_public_key_bytes = self.client_public_key.to_bytes(public_key_byte_length, 'big').rjust(256, b'\x00')
class IkeException(Exception):
pass
class IkeNoProposalChosenException(IkeException):
pass
class IkeInvalidKEPayloadException(IkeException):
pass
class Ike:
def __init__(self, ip, port, timeout = 5):
self.ip = ip
self.port = port
self.timeout = timeout
self.crypto = None
self.sock = None
self.reset()
@staticmethod
def update_request_length(request):
total_length = len(request)
return request[:24] + struct.pack('>I', total_length) + request[28:]
def reset(self):
if self.sock != None:
self.close()
self.crypto = IkeCrypto()
self.sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
self.sock.settimeout(self.timeout)
def send(self, packet):
self.sock.sendto(packet, (self.ip, self.port))
response, addr = self.sock.recvfrom(65535)
return IkeUnpacker.unpack(response)
def close(self):
self.sock.close()
self.sock = None
def sa_init(self):
global FW_VERSION, BUILD_NUMBER
dh_group = DiffieHellmanGroup.DH_GROUP_2048_BIT_MODP.value
key_exchange = self.crypto.client_public_key_bytes
transforms = [
IkeTransform(PayloadType.TRANSFORM, TransformType.ENCRYPTION_ALGORITHM, EncryptionAlgorithm.ENCR_AES_CBC.value, 0x800e0100),
IkeTransform(PayloadType.TRANSFORM, TransformType.PSEUDO_RANDOM_FUNCTION, PseudoRandomFunction.PRF_HMAC_SHA2_256.value),
IkeTransform(PayloadType.TRANSFORM, TransformType.INTEGRITY_ALGORITHM, IntegrityAlgorithm.AUTH_HMAC_SHA2_256_128.value),
IkeTransform(PayloadType.NONE, TransformType.DIFFIE_HELLMAN_GROUP, DiffieHellmanGroup.DH_GROUP_2048_BIT_MODP.value),
]
r = self.send(Ike.update_request_length(
IkePacker.header(self.crypto.initiator_spi, self.crypto.responder_spi, PayloadType.SECURITY_ASSOCIATION, ExchangeType.IKE_SA_INIT, 0) +
IkePacker.security_association(PayloadType.KEY_EXCHANGE, IkePacker.proposal(PayloadType.NONE, 1, 1, transforms)) +
IkePacker.key_exchange(PayloadType.NONCE, dh_group, key_exchange) +
IkePacker.nonce(PayloadType.NOTIFY, self.crypto.initiator_nonce) +
IkePacker.notify(PayloadType.NOTIFY, NotifyType.NAT_DETECTION_DESTINATION_IP, bytes.fromhex('a6358d813592fdd80a9aaa3390f39c8a5a76b6e4')) +
IkePacker.notify(PayloadType.VENDOR_ID, NotifyType.NAT_DETECTION_SOURCE_IP, bytes.fromhex('4cc324152ba3f68ef649ac1e6f96f33791611db2')) +
IkePacker.vendor_id(PayloadType.VENDOR_ID, bytes.fromhex('c590254e5403cbb71f3d493111d7fcad')) +
IkePacker.vendor_id(PayloadType.VENDOR_ID, bytes.fromhex('c61baca1f1a60cc10800000000000000')) +
IkePacker.vendor_id(PayloadType.VENDOR_ID, bytes.fromhex('4048b7d56ebce88525e7de7f00d6c2d3c0000000')) +
IkePacker.vendor_id(PayloadType.NOTIFY, bytes.fromhex('4048b7d56ebce88525e7de7f00d6c2d3')) +
IkePacker.notify(PayloadType.NOTIFY, NotifyType.IKEV2_FRAGMENTATION_SUPPORTED, protocol_id = 0) +
IkePacker.notify(PayloadType.NOTIFY, NotifyType.REDIRECT_SUPPORTED, protocol_id = 0) +
IkePacker.notify(PayloadType.NONE, NotifyType.SIGNATURE_HASH_ALGORITHMS, bytes.fromhex('0001000200030004'), protocol_id = 0)
))
if FW_VERSION == None:
vendors = r.get(PayloadType.VENDOR_ID)
for vendor in vendors:
if len(vendor) > 32 and vendor[:8].hex() == 'bfc22e9856ba9936':
try:
watchguard_data = base64.b64decode(vendor[32:].decode('ascii')).decode()
match = re.search(r"VN=([0-9\.]+) BN=([0-9]+)", watchguard_data)
if match:
FW_VERSION = match.group(1)
BUILD_NUMBER = match.group(2)
if WatchGuardFw.version_tuple(FW_VERSION) < WatchGuardFw.version_tuple("12.11.4"):
return True, FW_VERSION, BUILD_NUMBER
else:
return False, FW_VERSION, BUILD_NUMBER
except (UnicodeDecodeError, binascii.Error):
continue
notifications = r.get(PayloadType.NOTIFY)
for notification in notifications:
if notification.message_type == NotifyType.NO_PROPOSAL_CHOSEN:
raise IkeNoProposalChosenException()
if notification.message_type == NotifyType.INVALID_KE_PAYLOAD:
raise IkeInvalidKEPayloadException()
return None, None, None
def test_connection(ip, port, timeout=20):
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.settimeout(timeout)
sock.connect((ip, port))
sock.close()
return True
except (socket.timeout, socket.error, ConnectionRefusedError, OSError):
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(timeout)
result = sock.connect_ex((ip, port))
sock.close()
return result == 0
except (socket.timeout, socket.error, ConnectionRefusedError, OSError):
return False
def check_watchguard_version(ip, port=500, timeout=10, connection_timeout=20):
global FW_VERSION, BUILD_NUMBER
FW_VERSION = None
BUILD_NUMBER = None
if not test_connection(ip, port, connection_timeout):
return False, None, None
ike = Ike(ip, port, timeout)
try:
is_vulnerable, fw_version, build_number = ike.sa_init()
return is_vulnerable, fw_version, build_number
except TimeoutError:
logging.error(f"[-] {ip}:{port} - IKEv2 timeout")
return False, None, None
except IkeNoProposalChosenException:
logging.warning(f"[!] {ip}:{port} - IKEv2 service found but no proposal chosen")
return False, None, None
except IkeInvalidKEPayloadException:
logging.warning(f"[!] {ip}:{port} - IKEv2 service found but invalid KE payload")
return False, None, None
except Exception as e:
logging.error(f"[-] {ip}:{port} - Error: {e}")
return False, None, None
finally:
ike.close()
def main():
host = os.getenv("Host")
port = os.getenv("Port")
# Set default port to 500 if Port environment variable is not set
if port is None or port == "":
port = "500"
try:
is_vulnerable, fw_version, build_number = check_watchguard_version(host, int(port))
if is_vulnerable is True:
print(f"Vulnerable to Version {fw_version} (Build {build_number})")
elif is_vulnerable is False:
print(f"NOT VULN to Version {fw_version} (Build {build_number})")
except Exception as e:
logging.error(f"[-] {host}:{port or 500} - Error: {e}")
logging.info(f"[?] {host}:{port or 500} - ERROR")
logging.info(f" Status: Error occurred during check")
if __name__ == "__main__":
main()
matchers:
- type: word
words:
- "Vulnerable"
extractors:
- type: dsl
dsl:
- response
# digest: 4a0a00473045022100e73921ebedb898b8e6c35fb772589a7a8b8efeee9773f9493cb2383e8185f815022023fc95ec16665a0535f96ff28daeac8378882cfe1d2d6c969f242df13843765c:922c64590222798bb761d5b6d8e72950

12
cves.json
View File

@@ -739,6 +739,7 @@
{"ID":"CVE-2019-12986","Info":{"Name":"Citrix SD-WAN Center - Remote Command Injection","Severity":"critical","Description":"Citrix SD-WAN Center is susceptible to remote command injection via the trace_route function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through the Collector controller and supplying a crafted value for ipAddress, thereby potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-12986.yaml"}
{"ID":"CVE-2019-12987","Info":{"Name":"Citrix SD-WAN Center - Remote Command Injection","Severity":"critical","Description":"Citrix SD-WAN Center is susceptible to remote command injection via the apply action in StorageMgmtController. The callStoragePerl function does not sufficiently validate or sanitize HTTP request parameter values that are used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through the Collector controller and supplying an array value with crafted values for action, host, path, or type, thereby potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-12987.yaml"}
{"ID":"CVE-2019-12988","Info":{"Name":"Citrix SD-WAN Center - Remote Command Injection","Severity":"critical","Description":"Citrix SD-WAN Center is susceptible to remote command injection via the addModifyZTDProxy function in NmsController. The function does not sufficiently validate or sanitize HTTP request parameter values that are used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through the Collector controller and supplying a crafted value for ztd_password, thereby potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-12988.yaml"}
{"ID":"CVE-2019-12989","Info":{"Name":"Citrix SD-WAN and NetScaler SD-WAN - SQL Injection","Severity":"critical","Description":"Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 contain an SQL injection vulnerability. An unauthenticated attacker can exploit improper validation of input in specific components, which could allow for execution of arbitrary SQL queries against the backend database. This could result in information disclosure, manipulation of data, or complete compromise of affected systems.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-12989.yaml"}
{"ID":"CVE-2019-12990","Info":{"Name":"Citrix SD-WAN Center - Local File Inclusion","Severity":"critical","Description":"Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer function in ApplianceSettingsController. The function does not sufficiently validate or sanitize HTTP request parameter values used to construct a file system path. An attacker can trigger this vulnerability by routing traffic through the Collector controller and supplying a crafted value for filename, filedata, and workspace_id, therefore being able to write files to locations writable by the www-data user and/or to write a crafted PHP file to /home/talariuser/www/app/webroot/files/ to execute arbitrary PHP code.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-12990.yaml"}
{"ID":"CVE-2019-13101","Info":{"Name":"D-Link DIR-600M - Authentication Bypass","Severity":"critical","Description":"D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-13101.yaml"}
{"ID":"CVE-2019-13372","Info":{"Name":"D-Link Central WiFi Manager CWM(100) - Remote Code Execution","Severity":"critical","Description":"/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-13372.yaml"}
@@ -768,6 +769,7 @@
{"ID":"CVE-2019-15859","Info":{"Name":"Socomec DIRIS A-40 Devices Password Disclosure","Severity":"critical","Description":"Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn URI.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-15859.yaml"}
{"ID":"CVE-2019-15889","Info":{"Name":"WordPress Download Manager \u003c2.9.94 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Download Manager plugin before 2.9.94 contains a cross-site scripting vulnerability via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-15889.yaml"}
{"ID":"CVE-2019-16057","Info":{"Name":"D-Link DNS-320 - Remote Code Execution","Severity":"critical","Description":"The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-16057.yaml"}
{"ID":"CVE-2019-16072","Info":{"Name":"Enigma NMS \u003c 65.0.0 - Authenticated OS Command Injection","Severity":"critical","Description":"An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an authenticated attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-16072.yaml"}
{"ID":"CVE-2019-16097","Info":{"Name":"Harbor \u003c=1.82.0 - Privilege Escalation","Severity":"medium","Description":"Harbor 1.7.0 through 1.8.2 is susceptible to privilege escalation via core/api/user.go, which allows allows non-admin users to create admin accounts via the POST /api/users API when Harbor is setup with DB as an authentication backend and allows user to do self-registration.","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2019/CVE-2019-16097.yaml"}
{"ID":"CVE-2019-16123","Info":{"Name":"PilusCart \u003c=1.4.1 - Local File Inclusion","Severity":"high","Description":"PilusCart versions 1.4.1 and prior suffer from a file disclosure vulnerability via local file inclusion.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2019/CVE-2019-16123.yaml"}
{"ID":"CVE-2019-16278","Info":{"Name":"nostromo 1.9.6 - Remote Code Execution","Severity":"critical","Description":"nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via directory traversal in the function http_verify.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-16278.yaml"}
@@ -842,6 +844,7 @@
{"ID":"CVE-2019-3911","Info":{"Name":"LabKey Server Community Edition \u003c18.3.0 - Cross-Site Scripting","Severity":"medium","Description":"LabKey Server Community Edition before 18.3.0-61806.763 contains a reflected cross-site scripting vulnerability via the onerror parameter in the /__r2/query endpoints, which allows an unauthenticated remote attacker to inject arbitrary JavaScript.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-3911.yaml"}
{"ID":"CVE-2019-3912","Info":{"Name":"LabKey Server Community Edition \u003c18.3.0 - Open Redirect","Severity":"medium","Description":"LabKey Server Community Edition before 18.3.0-61806.763 contains an open redirect vulnerability via the /__r1/ returnURL parameter, which allows an attacker to redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-3912.yaml"}
{"ID":"CVE-2019-3929","Info":{"Name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","Severity":"critical","Description":"The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-3929.yaml"}
{"ID":"CVE-2019-4716","Info":{"Name":"IBM Planning Analytics - Authentication Bypass \u0026 Remote Code Execution Version Detection","Severity":"critical","Description":"IBM Planning Analytics versions 2.0.0 through 2.0.8 are vulnerable to a configuration overwrite that allows an unauthenticated user to login as \"admin\", and then execute code as root or SYSTEM via TM1 scripting.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-4716.yaml"}
{"ID":"CVE-2019-5127","Info":{"Name":"YouPHPTube Encoder 2.3 - Remote Command Injection","Severity":"critical","Description":"YouPHPTube Encoder 2.3 is susceptible to a command injection vulnerability which could allow an attacker to compromise the server. These exploitable unauthenticated command injections exist via the parameter base64Url in /objects/getImage.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-5127.yaml"}
{"ID":"CVE-2019-5128","Info":{"Name":"YouPHPTube Encoder - Arbitrary File Write","Severity":"critical","Description":"Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube.The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-5128.yaml"}
{"ID":"CVE-2019-5129","Info":{"Name":"YouPHPTube Encoder 2.3 - Command Injection","Severity":"critical","Description":"Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube.The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-5129.yaml"}
@@ -903,6 +906,7 @@
{"ID":"CVE-2020-10189","Info":{"Name":"ManageEngine Desktop Central Java Deserialization","Severity":"critical","Description":"Zoho ManageEngine Desktop Central before 10.0.474 is vulnerable to a deserialization of untrusted data, which permits remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-10189.yaml"}
{"ID":"CVE-2020-10199","Info":{"Name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","Severity":"high","Description":"Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2020/CVE-2020-10199.yaml"}
{"ID":"CVE-2020-10220","Info":{"Name":"rConfig 3.9 - SQL Injection","Severity":"critical","Description":"An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-10220.yaml"}
{"ID":"CVE-2020-10257","Info":{"Name":"ThemeREX Addons - Remote Code Execution","Severity":"critical","Description":"ThemeREX Addons plugin before 2020-03-09 for WordPress contains an access control vulnerability in the /trx_addons/v2/get/sc_layout REST API endpoint, allowing any users to execute PHP functions because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter, letting attackers execute arbitrary PHP functions, exploit requires no authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-10257.yaml"}
{"ID":"CVE-2020-10546","Info":{"Name":"rConfig 3.9.4 - SQL Injection","Severity":"critical","Description":"rConfig 3.9.4 and previous versions have unauthenticated compliancepolicies.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-10546.yaml"}
{"ID":"CVE-2020-10547","Info":{"Name":"rConfig 3.9.4 - SQL Injection","Severity":"critical","Description":"rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because nodes' passwords are stored by default in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-10547.yaml"}
{"ID":"CVE-2020-10548","Info":{"Name":"rConfig 3.9.4 - SQL Injection","Severity":"critical","Description":"rConfig 3.9.4 and previous versions have unauthenticated devices.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-10548.yaml"}
@@ -1129,6 +1133,7 @@
{"ID":"CVE-2020-36728","Info":{"Name":"WordPress Plugin Adning Advertising \u003c 1.5.6 - Arbitrary File Upload","Severity":"medium","Description":"The Adning Advertising plugin for WordPress versions below 1.5.6 is vulnerable to arbitrary file upload, allowing attackers to upload malicious files to the server.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2020/CVE-2020-36728.yaml"}
{"ID":"CVE-2020-36731","Info":{"Name":"Flexible Checkout Fields for WooCommerce \u003c= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update","Severity":"high","Description":"The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction() function which is called via an admin_init hook, along with missing sanitization and escaping on the settings that are stored.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2020/CVE-2020-36731.yaml"}
{"ID":"CVE-2020-36836","Info":{"Name":"WordPress WP Fastest Cache \u003c= 0.9.0.2 - Authenticated Arbitrary File Deletion","Severity":"high","Description":"The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated users with minimal permissions to delete arbitrary files from the server.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"http/cves/2020/CVE-2020-36836.yaml"}
{"ID":"CVE-2020-3952","Info":{"Name":"VMware vCenter Server LDAP Broken Access Control","Severity":"critical","Description":"Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-3952.yaml"}
{"ID":"CVE-2020-4427","Info":{"Name":"IBM Data Risk Manager - Authentication Bypass via SAML","Severity":"critical","Description":"IBM Data Risk Manager versions 2.0.1 through 2.0.6 are vulnerable to authentication bypass when configured with SAML authentication. A remote attacker can bypass security restrictions by sending a specially crafted HTTP request to the SAML idpSelection endpoint, allowing them to bypass the authentication process and gain full administrative access to the system.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-4427.yaml"}
{"ID":"CVE-2020-4463","Info":{"Name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","Severity":"high","Description":"IBM Maximo Asset Management is vulnerable to an\nXML external entity injection (XXE) attack when processing XML data.\nA remote attacker could exploit this vulnerability to expose\nsensitive information or consume memory resources.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"http/cves/2020/CVE-2020-4463.yaml"}
{"ID":"CVE-2020-5191","Info":{"Name":"PHPGurukul Hospital Management System - Cross-Site Scripting","Severity":"medium","Description":"PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-5191.yaml"}
@@ -1262,9 +1267,11 @@
{"ID":"CVE-2021-24175","Info":{"Name":"The Plus Addons for Elementor Page Builder \u003c 4.1.7 - Authentication Bypass","Severity":"critical","Description":"The Plus Addons for Elementor plugin (before version 4.1.7) allowed attackers to bypass authentication, gain admin access, and create accounts with elevated roles, even when registration was disabled and the Login widget was inactive.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-24175.yaml"}
{"ID":"CVE-2021-24176","Info":{"Name":"WordPress JH 404 Logger \u003c=1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress JH 404 Logger plugin through 1.1 contains a cross-site scripting vulnerability. Referer and path of 404 pages are not properly sanitized when they are output in the WordPress dashboard, which can lead to executing arbitrary JavaScript code.","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2021/CVE-2021-24176.yaml"}
{"ID":"CVE-2021-24210","Info":{"Name":"WordPress PhastPress \u003c1.111 - Open Redirect","Severity":"medium","Description":"WordPress PhastPress plugin before 1.111 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2021/CVE-2021-24210.yaml"}
{"ID":"CVE-2021-24212","Info":{"Name":"WooCommerce Help Scout - Arbitrary File Upload","Severity":"critical","Description":"WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerability. The vulnerability allows unauthenticated users to upload arbitrary files to the server which by default will end up in wp-content/uploads/hstmp/ directory, potentially leading to remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-24212.yaml"}
{"ID":"CVE-2021-24214","Info":{"Name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains a cross-site scripting vulnerability. It does not sanitize the login error when output back in the login form, thereby not requiring authentication, which can be exploited with the default configuration.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2021/CVE-2021-24214.yaml"}
{"ID":"CVE-2021-24215","Info":{"Name":"Controlled Admin Access WordPress Plugin \u003c= 1.4.0 - Improper Access Control \u0026 Privilege Escalation","Severity":"critical","Description":"An Improper Access Control vulnerability was discovered in the plugin. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-24215.yaml"}
{"ID":"CVE-2021-24219","Info":{"Name":"All Thrive Themes and Plugins - Unauthenticated Option Update","Severity":"medium","Description":"The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin before 2.3.9.4, Thrive Apprentice WordPress plugin before 2.3.9.4, Thrive Visual Editor WordPress plugin before 2.6.7.4, Thrive Dashboard WordPress plugin before 2.3.9.3, Thrive Ovation WordPress plugin before 2.4.5, Thrive Clever Widgets WordPress plugin before 1.57.1 and Rise by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Squared by Thrive Themes WordPress theme before 2.0.0, Voice WordPress theme before 2.0.0, Performag by Thrive Themes WordPress theme before 2.0.0, Pressive by Thrive Themes WordPress theme before 2.0.0, Storied by Thrive Themes WordPress theme before 2.0.0, Thrive Themes Builder WordPress theme before 2.2.4 register a REST API endpoint associated with Zapier functionality. While this endpoint was intended to require an API key in order to access, it was possible to access it by supplying an empty api_key parameter in vulnerable versions if Zapier was not enabled. Attackers could use this endpoint to add arbitrary data to a predefined option in the wp_options table.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2021/CVE-2021-24219.yaml"}
{"ID":"CVE-2021-24220","Info":{"Name":"Multiple Thrive Themes \u003c 2.0.0 - Arbitrary File Upload","Severity":"critical","Description":"Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by Thrive Themes WordPress theme before 2.0.0, Voice WordPress theme before 2.0.0, Performag by Thrive Themes WordPress theme before 2.0.0, Pressive by Thrive Themes WordPress theme before 2.0.0, Storied by Thrive Themes WordPress theme before 2.0.0 register a REST API endpoint to compress images using the Kraken image optimization engine. By supplying a crafted request in combination with data inserted using the Option Update vulnerability, it was possible to use this endpoint to retrieve malicious code from a remote URL and overwrite an existing file on the site with it or create a new file.This includes executable PHP files that contain malicious code.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2021/CVE-2021-24220.yaml"}
{"ID":"CVE-2021-24226","Info":{"Name":"AccessAlly \u003c3.5.7 - Sensitive Information Leakage","Severity":"high","Description":"WordPress AccessAlly plugin before 3.5.7 allows sensitive information leakage because the file \\\"resource/frontend/product/product-shortcode.php\\\" (which is responsible for the [accessally_order_form] shortcode) dumps serialize($_SERVER), which contains all environment variables. The leakage occurs on all public facing pages containing the [accessally_order_form] shortcode, and no login or administrator role is required.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2021/CVE-2021-24226.yaml"}
{"ID":"CVE-2021-24227","Info":{"Name":"Patreon WordPress \u003c1.7.0 - Unauthenticated Local File Inclusion","Severity":"high","Description":"Patreon WordPress before version 1.7.0 is vulnerable to unauthenticated local file inclusion that could be abused by anyone visiting the site. Exploitation by an attacker could leak important internal files like wp-config.php, which contains database credentials and cryptographic keys used in the generation of nonces and cookies.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2021/CVE-2021-24227.yaml"}
{"ID":"CVE-2021-24235","Info":{"Name":"WordPress Goto Tour \u0026 Travel Theme \u003c2.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Goto Tour \u0026 Travel theme before 2.0 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize the keywords and start_date GET parameters on its Tour List page.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2021/CVE-2021-24235.yaml"}
@@ -1483,6 +1490,7 @@
{"ID":"CVE-2021-32819","Info":{"Name":"Nodejs Squirrelly - Remote Code Execution","Severity":"high","Description":"Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2021/CVE-2021-32819.yaml"}
{"ID":"CVE-2021-32820","Info":{"Name":"Express-handlebars - Local File Inclusion","Severity":"high","Description":"Express-handlebars is susceptible to local file inclusion because it mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extensions (i.e., file.extension) can be included. Files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this potential information exposure vulnerability.","Classification":{"CVSSScore":"8.6"}},"file_path":"http/cves/2021/CVE-2021-32820.yaml"}
{"ID":"CVE-2021-32853","Info":{"Name":"Erxes \u003c0.23.0 - Cross-Site Scripting","Severity":"critical","Description":"Erxes before 0.23.0 contains a cross-site scripting vulnerability. The value of topicID parameter is not escaped and is triggered in the enclosing script tag.","Classification":{"CVSSScore":"9.6"}},"file_path":"http/cves/2021/CVE-2021-32853.yaml"}
{"ID":"CVE-2021-3287","Info":{"Name":"Zoho ManageEngine OpManager \u003c 12.5.329 - Remote Code Execution","Severity":"critical","Description":"Zoho ManageEngine OpManager before 12.5.329 contains a remote code execution caused by a general bypass in the deserialization class, letting unauthenticated attackers execute arbitrary code, exploit requires no authentication\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-3287.yaml"}
{"ID":"CVE-2021-3293","Info":{"Name":"emlog 5.3.1 Path Disclosure","Severity":"medium","Description":"emlog v5.3.1 is susceptible to full path disclosure via t/index.php, which allows an attacker to see the path to the webroot/file.","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2021/CVE-2021-3293.yaml"}
{"ID":"CVE-2021-3297","Info":{"Name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","Severity":"high","Description":"Zyxel NBG2105 V1.00(AAGU.2)C0 devices are susceptible to authentication bypass vulnerabilities because setting the login cookie to 1 provides administrator access.","Classification":{"CVSSScore":"7.8"}},"file_path":"http/cves/2021/CVE-2021-3297.yaml"}
{"ID":"CVE-2021-33044","Info":{"Name":"Dahua IPC/VTH/VTO - Authentication Bypass","Severity":"critical","Description":"Some Dahua products contain an authentication bypass during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-33044.yaml"}
@@ -1868,6 +1876,7 @@
{"ID":"CVE-2022-23881","Info":{"Name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","Severity":"critical","Description":"ZZZCMS zzzphp v2.1.0 is susceptible to a remote command execution vulnerability via danger_key() at zzz_template.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-23881.yaml"}
{"ID":"CVE-2022-23898","Info":{"Name":"MCMS 5.2.5 - SQL Injection","Severity":"critical","Description":"MCMS 5.2.5 contains a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-23898.yaml"}
{"ID":"CVE-2022-23944","Info":{"Name":"Apache ShenYu Admin Unauth Access","Severity":"critical","Description":"Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2022/CVE-2022-23944.yaml"}
{"ID":"CVE-2022-24086","Info":{"Name":"Adobe Commerce (Magento) - Remote Code Execution","Severity":"critical","Description":"Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-24086.yaml"}
{"ID":"CVE-2022-24112","Info":{"Name":"Apache APISIX - Remote Code Execution","Severity":"critical","Description":"A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-24112.yaml"}
{"ID":"CVE-2022-24124","Info":{"Name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","Severity":"high","Description":"Casdoor version 1.13.0 suffers from a remote unauthenticated SQL injection vulnerability via the query API in Casdoor before 1.13.1 related to the field and value parameters, as demonstrated by api/get-organizations.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-24124.yaml"}
{"ID":"CVE-2022-24129","Info":{"Name":"Shibboleth OIDC OP \u003c3.0.4 - Server-Side Request Forgery","Severity":"high","Description":"The Shibboleth Identity Provider OIDC OP plugin before 3.0.4 is vulnerable to server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter, which allows attackers to interact with arbitrary third-party HTTP services.","Classification":{"CVSSScore":"8.2"}},"file_path":"http/cves/2022/CVE-2022-24129.yaml"}
@@ -2550,6 +2559,7 @@
{"ID":"CVE-2023-39796","Info":{"Name":"WBCE 1.6.0 - SQL Injection","Severity":"critical","Description":"There is an sql injection vulnerability in \"miniform module\" which is a default module installed in the WBCE cms. It is an unauthenticated sqli so anyone could access it and takeover the whole database. In file \"/modules/miniform/ajax_delete_message.php\" there is no authentication check. On line 40 in this file, there is a DELETE query that is vulnerable, an attacker could jump from the query using the tick sign - `.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-39796.yaml"}
{"ID":"CVE-2023-3990","Info":{"Name":"Mingsoft MCMS \u003c 5.3.1 - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-235611.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-3990.yaml"}
{"ID":"CVE-2023-40000","Info":{"Name":"LiteSpeed Cache \u003c= 5.7 - Unauthenticated Stored XSS","Severity":"high","Description":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache- from n/a through 5.7.\n","Classification":{"CVSSScore":"8.3"}},"file_path":"http/cves/2023/CVE-2023-40000.yaml"}
{"ID":"CVE-2023-40044","Info":{"Name":"WS_FTP Server - Insecure Deserialization","Severity":"critical","Description":"In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-40044.yaml"}
{"ID":"CVE-2023-40208","Info":{"Name":"Stock Ticker \u003c= 3.23.2 - Cross-Site Scripting","Severity":"medium","Description":"The Stock Ticker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in the ajax_stockticker_load function in versions up to, and including, 3.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-40208.yaml"}
{"ID":"CVE-2023-40355","Info":{"Name":"Axigen WebMail - Cross-Site Scripting","Severity":"medium","Description":"Cross Site Scripting (XSS) vulnerability in Axigen versions 10.3.3.0 before 10.3.3.59, 10.4.0 before 10.4.19, and 10.5.0 before 10.5.5, allows authenticated attackers to execute arbitrary code and obtain sensitive information via the logic for switching between the Standard and Ajax versions.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2023/CVE-2023-40355.yaml"}
{"ID":"CVE-2023-40504","Info":{"Name":"LG Simple Editor \u003c= v3.21.0 - Command Injection","Severity":"critical","Description":"LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-40504.yaml"}
@@ -3442,6 +3452,7 @@
{"ID":"CVE-2020-35359","Info":{"Name":"Pure-FTPd 1.0.48 - Denial of Service","Severity":"high","Description":"Pure-FTPd 1.0.48 is vulnerable to Denial of Service via exhaustion of connections due to lack of proper connection limits.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2020/CVE-2020-35359.yaml"}
{"ID":"CVE-2020-9274","Info":{"Name":"Pure-FTPd ≤ 1.0.49 - DoS via Uninitialized Pointer","Severity":"high","Description":"Pure-FTPd versions ≤ 1.0.49 (\u003e= ~0.96) contain a vulnerability in the init_aliases() function within diraliases.c when processing aliases. This leads to access of an uninitialized pointer, which can cause a denial of service (DoS) condition.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2020/CVE-2020-9274.yaml"}
{"ID":"CVE-2020-9365","Info":{"Name":"Pure-FTPd 1.0.24 - Security Vulnerability","Severity":"medium","Description":"Pure-FTPd 1.0.24 contains security vulnerabilities that could allow attackers to exploit the FTP server. This version is known to have various security issues that could lead to unauthorized access or other security implications.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"network/cves/2020/CVE-2020-9365.yaml"}
{"ID":"CVE-2021-27877","Info":{"Name":"Veritas Backup Exec - Broken Authentication","Severity":"high","Description":"An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes- SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"network/cves/2021/CVE-2021-27877.yaml"}
{"ID":"CVE-2021-30047","Info":{"Name":"vsftpd \u003c 3.0.3 - DoS","Severity":"high","Description":"vsftpd before 3.0.3 allows remote attackers to cause a denial of service by sending a crafted FTP command.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2021/CVE-2021-30047.yaml"}
{"ID":"CVE-2021-3122","Info":{"Name":"NCR Command Center Agent 16.3 - Remote Command Execution","Severity":"critical","Description":"CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. NOTE: the vendor's position is that exploitation occurs only on devices with a certain \"misconfiguration.\"\n","Classification":{"CVSSScore":"9.8"}},"file_path":"network/cves/2021/CVE-2021-3122.yaml"}
{"ID":"CVE-2021-40524","Info":{"Name":"Pure-FTPd 1.0.23 \u003c 1.0.50 - Arbitrary File Upload","Severity":"high","Description":"Pure-FTPd versions 1.0.23 through 1.0.49 contain an arbitrary file upload vulnerability due to max_filesize quota issue, allowing large or unbounded file uploads that can cause server hang or resource exhaustion.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2021/CVE-2021-40524.yaml"}
@@ -3465,6 +3476,7 @@
{"ID":"CVE-2018-0171","Info":{"Name":"Cisco Smart Install - Configuration Download","Severity":"critical","Description":"A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"javascript/cves/2018/CVE-2018-0171.yaml"}
{"ID":"CVE-2019-9193","Info":{"Name":"PostgreSQL 9.3-12.3 Authenticated Remote Code Execution","Severity":"high","Description":"In PostgreSQL 9.3 through 11.2, the \"COPY TO/FROM PROGRAM\" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for COPY TO/FROM PROGRAM is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the COPY FROM PROGRAM.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"javascript/cves/2019/CVE-2019-9193.yaml"}
{"ID":"CVE-2020-2883","Info":{"Name":"Oracle WebLogic Server - Remote Code Execution","Severity":"critical","Description":"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\n","Classification":{"CVSSScore":"9.8"}},"file_path":"javascript/cves/2020/CVE-2020-2883.yaml"}
{"ID":"CVE-2020-4429","Info":{"Name":"IBM Data Risk Manager - Hardcoded Credentials","Severity":"critical","Description":"IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID- 180534.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"javascript/cves/2020/CVE-2020-4429.yaml"}
{"ID":"CVE-2020-7247","Info":{"Name":"OpenSMTPD 6.4.0-6.6.1 - Remote Code Execution","Severity":"critical","Description":"OpenSMTPD versions 6.4.0 - 6.6.1 are susceptible to remote code execution. smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the \"uncommented\" default configuration. The issue exists because of an incorrect return value upon failure of input validation.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"javascript/cves/2020/CVE-2020-7247.yaml"}
{"ID":"CVE-2021-35394","Info":{"Name":"RealTek AP Router SDK - Arbitrary Command Injection","Severity":"critical","Description":"The SDK exposes a UDP server that allows remote execution of arbitray commands.","Classification":{"CVSSScore":"N/A"}},"file_path":"javascript/cves/2021/CVE-2021-35394.yaml"}
{"ID":"CVE-2023-21839","Info":{"Name":"Oracle WebLogic Server - Unauthorized Access","Severity":"high","Description":"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"javascript/cves/2023/CVE-2023-21839.yaml"}

2
cves.json-checksum.txt
View File

@@ -1 +1 @@
c3d4e5c7d22389d2c82f8a415297cae9
763dce8dafec2a0fc077c9c1969cf682

2
dast/cves/2022/CVE-2022-34265.yaml
View File

@@ -46,4 +46,4 @@ http:
- type: status
status:
- 500
# digest: 490a0046304402207f7244312fef7e41fdf57951680b309cbff19a0f51a4bc25b95bc3a899af465e02202f734743bf89c8974afe92fdc9713ca0e0fe3ee113529a31182ec7ed41484c11:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220223a1fb90be1ba80da08b960168d5b3d0c8cf60b1c5d6bd1f5d9af249b9767480221008c14f56bc115d451070281096753849bdb783230ed0d838ebd5b5a7116b3bbe2:922c64590222798bb761d5b6d8e72950

2
dns/bimi-detect.yaml
View File

@@ -23,4 +23,4 @@ dns:
- type: regex
regex:
- "v=BIMI1(.+)"
# digest: 490a0046304402204102b2f5c1560032fe50d751a7e69b4ef5f4e4814644fc9f4df9f1558dc77849022053f1c20e4cd44fb3879da5016a2399bdb8d3c6bd1e648664513c6282e44a6fb8:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402201a308ee8bbd272b205d3f3979d2a10a51cec23c53ed9daffcf8603deb5ef8876022007e9c416b3dce80ef0d3fe5c66767178ed1b4eaaa4c03edc2f7372f50c017a18:922c64590222798bb761d5b6d8e72950

2
dns/fbi-seized-nameserver.yaml
View File

@@ -35,4 +35,4 @@ dns:
group: 1
regex:
- "IN\\tNS\\t(.+)"
# digest: 4b0a004830460221008c351c98023f1e13c1ca730b2a40922e0edab9f635d42163e18da5b81d0b523f022100afd0298a9263a5ee05753b70fbb0a642ff67b18e9753d7f28578f3388dff8d5e:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100f996d00d670a11bcb4d1752fbdca5ad597e358c880e5bb0cfa08aac0ed81c5bc022063594de3329870eb8bcdd89fadd40a85989be2cf82dd983584304aef784941cf:922c64590222798bb761d5b6d8e72950

2
dns/soa-detect.yaml
View File

@@ -81,4 +81,4 @@ dns:
name: "edge-cast"
words:
- "edgecastdns.net"
# digest: 4a0a00473045022100da387322c3aeb73b4b505c65fe242f5246a542b2a12fb06d7edbc710183db930022065a9120c93d6448b4cc896404f423ce31d1a1f8222effd4db57631ac1c21b30b:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100efc7c7c10d066a6520a4f56897465afd9a2eba42dc7598e5febdf0e2523d8f0a022100c5b1b5f4ada093d3fcba316e02820168dd49d042e91c41c2f238f1e37b754adf:922c64590222798bb761d5b6d8e72950

2
dns/spf-record-detect.yaml
View File

@@ -23,4 +23,4 @@ dns:
- type: regex
regex:
- "v=spf1(.+)"
# digest: 490a0046304402205523c3bdaea83081a85b70dfc1a4f7866ae4c4f9fcdf480342a7862beff152bf0220760b61e9dc1febf29fd57544d302cc1d6e787c81152515b1464d2d9578b551cf:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f8661ca6a8f5154c1b3700119e4ec646106104c59efefcea090299556572ab09022100fa8b82aedf983c5ac81a9d0ee0a006b9e35c93999d0cf82a51bb82664d3226b1:922c64590222798bb761d5b6d8e72950

2
dns/txt-service-detect.yaml
View File

@@ -223,4 +223,4 @@ dns:
name: "whimsical"
words:
- "whimsical"
# digest: 4a0a004730450220316fe16d03b5ab06b5e9afe53aff0b5afa10b590d6399c361019bfcb8f9aaadf022100dae7b00263a321ab5bfac7b3ed179538018824750a372399ef8647aefbfb5e0f:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022043f61051f345fbe08c706314e6689e86076e437fd9bcdd6cbf31421a3ca0fac6022023a6c5cfac4700e305e1aaab4447439149a98d9d5e718ff42c064ca7bf9214ee:922c64590222798bb761d5b6d8e72950

2
file/logs/aspnet-framework-exceptions.yaml
View File

@@ -22,4 +22,4 @@ file:
- 'InvalidOperationException'
- 'UnauthorizedAccessException'
- 'NotFound'
# digest: 490a0046304402200dbe888a8f1980150dc8a18071c21e8e270d8fd6df6486d31e95c4db07f7c49002203002f3451c5fb3a33de2f92f217382ffa2515c1bcaaba7b52ca11604069a392a:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022075262433a06700f2ae15fb7a18fbd5c690666176dcdbe276edc1c4f5904cb97302202fb3dd0ef1709e19c2ecbcfde7157fa27668e3ec10ab32df45eaf3a01967c6a6:922c64590222798bb761d5b6d8e72950

2
file/logs/nodejs-framework-exceptions.yaml
View File

@@ -30,4 +30,4 @@ file:
- 'BadRequestError'
- 'MongoError'
- 'SequelizeDatabaseError'
# digest: 4a0a00473045022005f9467e988a362efb0122f2ced800776242b5bce5336a2ebddb997c51ff1d22022100f1db701ce9af22370afc4b65cf181bc783be7594037f4bf581bad358e0411e6c:922c64590222798bb761d5b6d8e72950
# digest: 490a004630440220557c17089114a22568577de7d45c944dfd51692fe0069dae45001666aebe2e1f022028b981fc4eb5ed1e074e48b4a1d73265f3f569e7d92fc4acfc88324e3ace1e28:922c64590222798bb761d5b6d8e72950

2
headless/cookie-consent-detection.yaml
View File

@@ -31,4 +31,4 @@ headless:
- type: status
status:
- 200
# digest: 490a00463044022070ecd6d2d74db45a3655310db8c8ae3ad6924007c340239d994223151a1bd0c202204f192bcdddfd6bd1b51d1a5c8f60bcdef0cc648ade8967c3d432e4bf2f49cef7:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022016ae848a139d8e2ba64cac31f71ae269b9292419ea7ede390690a2f942c444b702210093d17f937e4c34caf2af2f9d369323aa20931d7fb7f3d2c963a54caa87355c35:922c64590222798bb761d5b6d8e72950

4
headless/cves/2018/CVE-2018-25031.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2018-25031
cwe-id: CWE-20
epss-score: 0.82992
epss-percentile: 0.99207
epss-percentile: 0.99205
cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:*
metadata:
verified: true
@@ -54,4 +54,4 @@ headless:
words:
- "swagger"
case-insensitive: true
# digest: 4a0a004730450220332b3b7a3d1d8671161fe0e6e837d87768c36bd39b86165409d58f64036bdde80221008b939ccfff6eaac2f869802a1adc5cf9d45a319dcb9e8f454621333b0f0dba98:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402201ee0b6d817e098ed3b9f71509ab212fba1c208c20594f64e626c379e8407139802202f0b3ea5d62ac33ee05c9fd21aeef79a064f636653c2485b5615fca92ebab916:922c64590222798bb761d5b6d8e72950

4
headless/cves/2022/CVE-2022-29455-headless.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2022-29455
cwe-id: CWE-79
epss-score: 0.69544
epss-percentile: 0.98581
epss-percentile: 0.98576
cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
@@ -52,4 +52,4 @@ headless:
words:
- "elementor"
case-insensitive: true
# digest: 4a0a0047304502204022b85947666c36b351f57db53e9a44f191399bebed87e763d8e14da267dc77022100a2c01292d57d7225fc2ab6c1024035126d9ae336ed56bbc588f6d62a0484739d:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220530a4aacb3a18b3506250959b32d06f149f373e038d7e1a7645a450d808d4dde0221008ac7c3d26a163a63ddc80e33d147f63e0ac09915eded0d3315c58adf65c90bff:922c64590222798bb761d5b6d8e72950

4
headless/cves/2024/CVE-2024-29882.yaml
View File

@@ -15,7 +15,7 @@ info:
cve-id: CVE-2024-29882
cwe-id: CWE-79
epss-score: 0.02716
epss-percentile: 0.85341
epss-percentile: 0.85334
metadata:
verified: true
max-request: 1
@@ -46,4 +46,4 @@ headless:
- "ConnectSRS</a>"
condition: or
case-insensitive: true
# digest: 490a0046304402205e8c72a98b781b8105a335bdb1faa1b3fbf6d73c397f5408b91e25a77336e73d022028a2dbaa7ad39ae5a14989c76faf443df6f97a417344620f54a6ea5650ea3ca2:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022060102edb11d98132f3382a8fc10bc48b2815583eb6b38fd1c65afc7dbbe6e0e90220423f967110d8b91fc7c4e53e3d538fe4e54c931dd74c92fd1aec554826cfb50b:922c64590222798bb761d5b6d8e72950

4
headless/cves/2025/CVE-2025-24752.yaml
View File

@@ -12,7 +12,7 @@ info:
- https://github.com/Sachinart/essential-addons-for-elementor-xss-poc/blob/main/poc.py
classification:
epss-score: 0.03198
epss-percentile: 0.86435
epss-percentile: 0.8643
metadata:
verified: true
max-request: 1
@@ -42,4 +42,4 @@ headless:
words:
- "{{random_int}}"
case-insensitive: true
# digest: 490a00463044022073ad08585a3209eb316622bf0cf3003b5a611a61ae1b79be581c84823eeecaa002204adec62320d4966f19cd61837401277c5d2fddbc14d607ae12a23f1f6ac36884:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450221009761095ca3dfd021da1c19a059ea8ec8a07e254739640d9527b3b4ebee246e6402205d9fb3ea06d7792087d831de67720069fc3200977dc52b66d9806303ca39acbc:922c64590222798bb761d5b6d8e72950

4
headless/cves/2025/CVE-2025-8191.yaml
View File

@@ -15,7 +15,7 @@ info:
cve-id: CVE-2025-8191
cwe-id: CWE-79
epss-score: 0.0123
epss-percentile: 0.78446
epss-percentile: 0.7845
cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:*
metadata:
verified: true
@@ -65,4 +65,4 @@ headless:
words:
- "swagger"
case-insensitive: true
# digest: 4a0a00473045022100f9a02d9e947eab40d95a3e8610d9c1be9ad4b73037b408ce471db80350d5e39b02207039968ada42eb881c98d8617780967691c43a07fb108b8ba1ef3aac2bd1a1b0:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100d021c66b829803a7b030dffca6cd0d99773bfbbf5a711e61da65b8146abeadc302204b475d8652edd69e4a1626a9b84364047a862514d0bc5a2c756d2f2ca03ae1e4:922c64590222798bb761d5b6d8e72950

3
http/cnvd/2022/CNVD-2022-36985.yaml
View File

@@ -13,7 +13,6 @@ info:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cwe-id: CWE-89
cnvd-id: CNVD-2022-36985
cpe: cpe:2.3:a:wuzhicms:wuzhicms:*:*:*:*:*:*:*:*
metadata:
verified: true
@@ -41,4 +40,4 @@ http:
- type: status
status:
- 200
# digest: 490a00463044022063bff0ec470c308203c1ffc5728029562ad1326573a7532401f2ac56a1b4df6a0220189c7be3389f87ffc344096052ca76e1e4fc51342884aa3bc4638a8714e094de:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402201a2c7f204fee85e61a02312f5e3c767cc6d7c9e075f1920cbe158847b688dd6602202992f9d70591d693c68fd664ad2b087cbb25f03da1f91659eae35dbe12afa3c7:922c64590222798bb761d5b6d8e72950

3
http/cnvd/2023/CNVD-2023-48562.yaml
View File

@@ -10,7 +10,6 @@ info:
- https://peiqi.wgpsec.org/wiki/webapp/%E7%94%A8%E5%8F%8B/%E7%94%A8%E5%8F%8B%20%E7%95%85%E6%8D%B7%E9%80%9AT+%20GetStoreWarehouseByStore%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.html
- https://github.com/MrWQ/vulnerability-paper/blob/7551f7584bd35039028b1d9473a00201ed18e6b2/bugs/%E7%95%85%E6%8D%B7%E9%80%9A%20T%2B%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md
classification:
cnvd-id: CNVD-2023-48562
metadata:
verified: true
max-request: 1
@@ -54,4 +53,4 @@ http:
part: interactsh_protocol
words:
- "dns"
# digest: 4a0a00473045022100c2be915a03b7fcac5722c978ddf02e2b927e1d823f3d6d666680e4c19c64caf502206376dda0d3f0b3e9dc2dd3d95df30e43d00d27dbe65d3c49c451f2a3691fbc2d:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100c75843611c7cced3dc4cc9a01e173a05b34323a38cda3108a10c354cbfd5ec6b022003ce1882dbfcf8cbec3a92ce450e531072a7c0a05bc5013a062700d61f1ff24b:922c64590222798bb761d5b6d8e72950

4
http/cves/2000/CVE-2000-0114.yaml
View File

@@ -16,7 +16,7 @@ info:
cvss-score: 5.3
cve-id: CVE-2000-0114
epss-score: 0.07682
epss-percentile: 0.91477
epss-percentile: 0.91464
cpe: cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -59,4 +59,4 @@ http:
group: 1
regex:
- 'version:([0-9.]+)'
# digest: 4a0a004730450221009af8e2662615f31c33fcc3c87944098131bde63fcc42ac7d5c491189eebfc06c02205448686e6eb4acc96dbe1a706d280a421c8ae4eba79738195a2d8b3f8d65dcc6:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450221009f404a1140ab46ecc0e9e6ac658dcb8b918b0c3b46752151c713a28cbac2f7ee0220359c807d71688c87892296ae9f1750254f7fc728aa23c83b71a484f138259ff5:922c64590222798bb761d5b6d8e72950

4
http/cves/2000/CVE-2000-0760.yaml
View File

@@ -11,7 +11,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2000-0760
classification:
epss-score: 0.65623
epss-percentile: 0.98406
epss-percentile: 0.98403
metadata:
max-request: 1
verified: true
@@ -38,4 +38,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100d254da341fd60489690cc9b56f5dfe4f566c8b7138c2231f63df591a1126e11702200b34a676b12f3d9f42b2f923df746a352a580e474b667e4c343dd5525caa2325:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f717a71f056f64b4fc562ee59ea3c31dedf151c3351d7e6b72b7445ac993530e022100a892d6cfc4c637a7a1d67aba300e7f50a5cc772c18b35256ce9d1d18bd0a599f:922c64590222798bb761d5b6d8e72950

4
http/cves/2001/CVE-2001-0537.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2001-0537
cwe-id: CWE-287
epss-score: 0.93696
epss-percentile: 0.99835
epss-percentile: 0.99836
cpe: cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*
metadata:
verified: true
@@ -53,4 +53,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100a22539f28eaa18a03da768a705e6a87992aa639964c83c09f5641826d291e35e022073a5e6078ac86fe8ee29c47fafefe35b5403f0efda31a939c3f9b174c01cc4aa:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100fe5857202ea83678381bc0875265db1995e0b9cd3a5aa8396cd1ac6edc0a21e00220303b95da89d335ef92467d36f33addb6e2ef1e84f1e080aa685851ddb2fef7d0:922c64590222798bb761d5b6d8e72950

4
http/cves/2002/CVE-2002-1131.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2002-1131
cwe-id: CWE-80
epss-score: 0.03877
epss-percentile: 0.87697
epss-percentile: 0.87696
cpe: cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*
metadata:
max-request: 5
@@ -60,4 +60,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502205371b86d2cf3c9da860c4dd493d2362150934a14b87f5fcf9928555e3481d19b0221009bdc62d1fa031c1a100a1d86dbdfaf45b95652ce92c7c873bb639caae19ab1de:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402206e0faa9d18bda92d3eff1cbaf3620ea46f1b16262b5156362aeed2797ed52db4022075bc4126e4caa2164a30f25d7313491418fb7b874da1b3317b9119da100c085d:922c64590222798bb761d5b6d8e72950

4
http/cves/2004/CVE-2004-0519.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2004-0519
cwe-id: NVD-CWE-Other
epss-score: 0.00124
epss-percentile: 0.32339
epss-percentile: 0.32357
cpe: cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -48,4 +48,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100bde7cd704d551cb0188c25fec66900697c67fe8749744701400ae11b168453fe022100abe92e0c94b5df748a15d26777a625a05b3436c051024f9f31ec8e1f8120e157:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402200246adf35fbd647fe0a214afaf0de988ad3bdee74930e520db27fec9d7d6492e02204e5cd9a0a70b213fd40ac7cc90cc9c24787207157c28a4c214ce715580b9cf46:922c64590222798bb761d5b6d8e72950

4
http/cves/2004/CVE-2004-1965.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2004-1965
cwe-id: NVD-CWE-Other
epss-score: 0.00265
epss-percentile: 0.49792
epss-percentile: 0.49813
cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -40,4 +40,4 @@ http:
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
# digest: 4b0a00483046022100afe5f9bb3ab8493b939ec41496ffea4388d4f6b7bb10338f955c0c4dcc794840022100e2547005a2fd73038a67dad41ca649da9d13125b70907de36b264f20d7801579:922c64590222798bb761d5b6d8e72950
# digest: 4b0a0048304602210091f61ae55b3e45469ff16c8056d66454fb9067f929614fcfe05b0ebfd94750ad022100b8a544bb8dcf453f7a2bf65eb78c56a965077eddea453be7b8eaabcc46be33af:922c64590222798bb761d5b6d8e72950

4
http/cves/2005/CVE-2005-2428.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2005-2428
cwe-id: CWE-200
epss-score: 0.06321
epss-percentile: 0.90513
epss-percentile: 0.90501
cpe: cpe:2.3:a:ibm:lotus_domino:5.0:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -44,4 +44,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100879b20f4b8d7bb7a92b6415b319bd8495bfc4e940436abe37cd47da8b8e3873c02200ecc87165ac4e71ee79a3b6f9fb5e046f18ea6a7aa4c71c53f76fcb0335a594f:922c64590222798bb761d5b6d8e72950
# digest: 490a004630440220422e1cd5dc42fa9e2a8d017fea92cd9eebfaed4aeb4ffcf96d31d5611ce4bfa6022068b147c0afd4a9901388ec3d574a6d487f054a06d18bb16e4819d43b618bb22a:922c64590222798bb761d5b6d8e72950

4
http/cves/2005/CVE-2005-3344.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2005-3344
cwe-id: NVD-CWE-Other
epss-score: 0.1015
epss-percentile: 0.92754
epss-percentile: 0.92746
cpe: cpe:2.3:a:horde:horde:3.0.4:*:*:*:*:*:*:*
metadata:
max-request: 2
@@ -47,4 +47,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402206cd6f6c39e30742dd1dc33490771e775418b8a8c4049480c4e9e5dcdf76cae97022063077062f4f014d4ce031d28b8af06c5ecaf2bb37b1bc08ed216118a7372f20d:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201bc725f839e93f11af8a8936befeda846d7c25b3da5294484f2243051e3b1dda022100ff76e304fa5e8f67ec83147e734effc95245bb0980e193986f9ccfed599cc03d:922c64590222798bb761d5b6d8e72950

4
http/cves/2005/CVE-2005-3634.yaml
View File

@@ -23,7 +23,7 @@ info:
cve-id: CVE-2005-3634
cwe-id: NVD-CWE-Other
epss-score: 0.01653
epss-percentile: 0.81342
epss-percentile: 0.81341
cpe: cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -45,4 +45,4 @@ http:
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
# digest: 4a0a0047304502202ca4b8497d8d14b1c059c3565452af5287603275590396b9dcd6ef492b3156c8022100ad9e87dd8e6b262e0633d02acdaf0c07706b6584216bea3995bfdb5978c796d0:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022052dede37aa41ddaeed611e3b68e360b053eac34e1e7136c3a210da863f24694c0221008cfba7f88d32a0e14466cf2549c40674f67bde064b475397870f2c929c7045b3:922c64590222798bb761d5b6d8e72950

4
http/cves/2005/CVE-2005-4385.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2005-4385
cwe-id: NVD-CWE-Other
epss-score: 0.00231
epss-percentile: 0.45801
epss-percentile: 0.45813
cpe: cpe:2.3:a:cofax:cofax:1.9.9c:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -43,4 +43,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022079d01376168b4b51af8ab61cd1e9d85d0d8e0ca1e8da12debf75fce1e8f70b5c022100cde54f4d9aa7aa6a649f5c523694d13f7f08315ffe242b33daa511083ae4f759:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402207858d7894861231a687e46e81e4972b33f8bd4ab58a5cced47f5a2afe3eb5398022026f3b5a6e533db2fa419339a643a2fa32988fd683747b81cb3dfcef00c3db889:922c64590222798bb761d5b6d8e72950

4
http/cves/2006/CVE-2006-1681.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2006-1681
cwe-id: NVD-CWE-Other
epss-score: 0.00299
epss-percentile: 0.52759
epss-percentile: 0.5278
cpe: cpe:2.3:a:cherokee:cherokee_httpd:0.1:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -62,4 +62,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450221008055e100193bcc7c1d78908d365cebf70ece4f8ec658dffc5e40b0f28d63231d02202a0e2376b3841f3023581e7002cd67b7504185fbf44d00e21c88e4e92c893bcc:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022034e6ac133c6b9ce463cdfa9d5ecd5f11e201b2adeb73eab306c2054069a24165022100b4c13a462d7ce5945f3ea345a8cdea961b993d45ed1573012672358157cd6613:922c64590222798bb761d5b6d8e72950

4
http/cves/2006/CVE-2006-2842.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2006-2842
cwe-id: CWE-22
epss-score: 0.0094
epss-percentile: 0.75418
epss-percentile: 0.75422
cpe: cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -48,4 +48,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100e952f22434daa922cc2b176d15e4d99cae34c4952be291f5e92e594912f23647022100b5848714dc06bb20dc68bf67a63aa690c3c5b7dc936ec9846882512e940de9c7:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402206324be707c9c36e110778da2aff27a054ec88225b48b104844f1742a6508c29502202bfb7eef91a1292f282eaf41b5828243cab5792cb847f06dc1796832d93460cb:922c64590222798bb761d5b6d8e72950

4
http/cves/2007/CVE-2007-0885.yaml
View File

@@ -17,7 +17,7 @@ info:
cve-id: CVE-2007-0885
cwe-id: NVD-CWE-Other
epss-score: 0.02133
epss-percentile: 0.83531
epss-percentile: 0.83528
cpe: cpe:2.3:a:rainbow_portal:rainbow.zen:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -44,4 +44,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402200f340b66bf53152592f414e41edf34d491df926baefe758bd640751be0afb25c02204f1a9f274a1e845d9b1d3837d7245f3f4c5d5b0fcc44a2ff0bbea1bad0c8df91:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220560b44a883bf385721cbe9ff0bb7a639dcfe617e554260cf6b2ecff013820693022100f427ee10bf255f70323032bd2cde104423b453c207a4fb384de2af2a1f325b2d:922c64590222798bb761d5b6d8e72950

4
http/cves/2007/CVE-2007-4504.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2007-4504
cwe-id: CWE-22
epss-score: 0.0006
epss-percentile: 0.18688
epss-percentile: 0.18715
cpe: cpe:2.3:a:joomla:rsfiles:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450221008fb31565bb74bdc7a103917c831023e34c395f73456031ec5399696b6e37d440022065f2ad523fd5b19b2f33a3a98983212937019b5aaebe7800d3105593669dfe05:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100b99099465b3f3ea9e49817c077157a8c2487cb147d98fe3708b97208fc3db134022032d710fb0d93b5bf5f358f62a11d1c2f5a36f47fff44774195bf57d0d6d9b65f:922c64590222798bb761d5b6d8e72950

4
http/cves/2007/CVE-2007-4556.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2007-4556
cwe-id: NVD-CWE-Other
epss-score: 0.02359
epss-percentile: 0.8431
epss-percentile: 0.84303
cpe: cpe:2.3:a:opensymphony:xwork:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -51,4 +51,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502201f1467ee33e337580580f06a5df8562a6969c914e485ce51a16e01db7c3c0573022100fa2fcee1c9137428785192aa915986134cc7e94cd8ed2205505a6b78c7b03ced:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502207f611b9bde035f3a3f9bd788f48f839328c29a4884070e6b6d49f4fa61c8edd7022100cc3c1aae3425db5f834bb2f77c9c2c6a9982714330465e31a8a7c94019f7a8e3:922c64590222798bb761d5b6d8e72950

4
http/cves/2007/CVE-2007-5728.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2007-5728
cwe-id: CWE-79
epss-score: 0.00488
epss-percentile: 0.64554
epss-percentile: 0.64561
cpe: cpe:2.3:a:phppgadmin:phppgadmin:3.5:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -57,4 +57,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022020cfa463f0e452ec1c7f4f247247413ee4cd57539869bfce435cc925251997bd022100c35e237be879be057b08a368081deb3b8cf224034064bb51efe545fc72e38022:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022031e5ad2ad5599600d97c34473a24d5c1ea421d0b53ae70950dcbc0576e4c9553022100ce4d70dc13f630c408d7e9b113e505ab65661f55e4bdbf720a95c2f6fd9148a0:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-1059.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2008-1059
cwe-id: CWE-94
epss-score: 0.00265
epss-percentile: 0.49816
epss-percentile: 0.49837
cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -47,4 +47,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100e008cf3a57392c3628bf5a4eafcfa498b7583059c83ae5f6973756e567ed16fc022026e2fe118153cb3a7c2aa182b4eb8757d3b2c62faeef7cfb70b3a8de69a753c0:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022034925ec23920a676c4cb503ff34ed52888f6aae410836ea96ef10a5290c033b6022100b9c87ea2288eb90cf37f9bdb0f65e95ac9cd5cef97fe5b2e6f1074fa0eaadbe7:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-1061.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2008-1061
cwe-id: CWE-79
epss-score: 0.00155
epss-percentile: 0.3681
epss-percentile: 0.36828
cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:*
metadata:
max-request: 2
@@ -62,4 +62,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a004830460221008353fdcf4be65b52ae6ae822e06fd89553196d36db3e7d9f82ee7d25f0d4aff3022100b366f4f9559eb6014ee805050d9e79ec8debe05c5340b8e8aaf25bd465108dbd:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f30ff9f522c9f24640e5e93d3d308e8071e6a3d7329cf5d5ab0c3f40e768a84e022100c2b859246c14b8d5b53bda5816efcee48a98a6eca3c7f3d24b1d64468ca7a1ae:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-1547.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2008-1547
cwe-id: CWE-601
epss-score: 0.65006
epss-percentile: 0.98373
epss-percentile: 0.98369
cpe: cpe:2.3:a:microsoft:exchange_server:2003:sp2:*:*:*:*:*:*
metadata:
max-request: 2
@@ -51,4 +51,4 @@ http:
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
# digest: 490a0046304402206fc9891513aa73463c1aa6b259302c9aeb91c7e07a13a0dc34e35c42f055795002207de8a3e134aec45d049e2418cdd8a46d1f0cb3e55f13f7a2e1d58b1fa008b52d:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402206dc72d8d07b494748730782d486e042ba336f4f95e5ec680f6afbab43cea239b02202175b7291e0896522ddf2ed1881c9b3bc101da56b2049a6e75eefb75d215e7b9:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-2398.yaml
View File

@@ -19,7 +19,7 @@ info:
cve-id: CVE-2008-2398
cwe-id: CWE-79
epss-score: 0.00777
epss-percentile: 0.72813
epss-percentile: 0.72821
cpe: cpe:2.3:a:appserv_open_project:appserv:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -47,4 +47,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100e989ec6c73332b95823920842d55ddd5523f79ebbb1e6cef787e3349173f7ea702200a0beb04803e2f44b5a598819ec7ae4ba71675ab0f29321ea4fa8b1f9f4f8995:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220767c72def6249a6f1fb9b9f20fb53a9b2c20db4bdcba5cf4b667b7640e09c762022100cf1eabcfa44819b561c891453bf78c955034d0782a81ebae2a755ff90e8ace06:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-2650.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2008-2650
cwe-id: CWE-22
epss-score: 0.01643
epss-percentile: 0.81281
epss-percentile: 0.8128
cpe: cpe:2.3:a:cmsimple:cmsimple:3.1:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -48,4 +48,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a004830460221008b285f7dee34da4201f7d25522d5ee376fe127cdc564b3ff2572daceb883b883022100e54e8721853f08527785fa9d1ab1d1dbe04532cad8142e51f1714aa05fc6c808:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100c1e9681fb12cff55b25191bdaa818fc3383157486d8e47cab7969cd293c4ee600220219489f96f565e31b5b4c9bad3a2ada79bdfc81b8cdea373e87ae491e525a481:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-4668.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2008-4668
cwe-id: CWE-22
epss-score: 0.00268
epss-percentile: 0.50086
epss-percentile: 0.50107
cpe: cpe:2.3:a:joomla:com_imagebrowser:0.1.5:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -43,4 +43,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450221008e7676d91eb1391708e977111e232b9cbe4604fd2605e84fb06b0eb1ce0d7a5602201a8642e5a99e61a46020883fd5ff7612c570ca0d07af5d7826ae3e218c16afac:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100d10fc811e39987c2197940b5c271064cbf736099921cc0187583ed39c5ef3f76022044439849167c786f50e4490d4867161f098f161df134b6a101fd9eda3e1badb9:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-4764.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2008-4764
cwe-id: CWE-22
epss-score: 0.01921
epss-percentile: 0.82683
epss-percentile: 0.82679
cpe: cpe:2.3:a:extplorer:com_extplorer:*:rc2:*:*:*:*:*:*
metadata:
max-request: 1
@@ -40,4 +40,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502202ea2a11aa24ab80f7aaa6c0b95c20fac6ac606e39771b9557d6f2bde33bfca01022100c35b7ff2f6d8b92f4a36ea9d8d2789a41f3bdd4008c944d851c7a0129c6731b7:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e33b7412a55fa2d2ecd359214cbb56f5694a8c5b2853cf95b2fa9556bba8ecba022027b33cffa47bf0db4b59d0cfd3a7322c22c6b29127c73dae64043c8049a1aaf4:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-5587.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2008-5587
cwe-id: CWE-22
epss-score: 0.01986
epss-percentile: 0.82929
epss-percentile: 0.82925
cpe: cpe:2.3:a:phppgadmin:phppgadmin:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -49,4 +49,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502204df6a3c4e8a45fd3d97bbdb11d06dca0bbbca5a82635afafe423fdedba171f01022100cd9ed6727669baa9fe010c9271cd37aa7efaa22ee5854fcbd0b2adac3d048c2f:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220717d851abf0eeb2f7a15d6b219bd94f267b2fb41df9881ada1bf4f5ac8f801250221008b88523bd87d14db37ac0a9e307946b55d702002e43888d37a5ff6368560bc0f:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-6080.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2008-6080
cwe-id: CWE-22
epss-score: 0.063
epss-percentile: 0.90499
epss-percentile: 0.90487
cpe: cpe:2.3:a:codecall:com_ionfiles:4.4.2:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402205176c900847507ec3f174712655b71a78ddf02d08bdbfe8176f294f3d119766102205951f7bbd81e82ac033713805061b980b87f393411fd9bf5b6633b5000436cac:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022050ba51dd2b4b0a21bd2f93abef712011dba40e2243297871f15054f5ce63660f0221008cb212a4c8c420749560c59a050e026b8fb4e65ba891adb9f2f681ea1b5f1413:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-6172.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2008-6172
cwe-id: CWE-22
epss-score: 0.07294
epss-percentile: 0.91219
epss-percentile: 0.91204
cpe: cpe:2.3:a:weberr:rwcards:3.0.11:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402200a2c89e649dc3a897804b57569f4c6d3a7df98baa8faa20ec050eca70f6d4ce702202d596fc3d7405dfb7b256535ec0fc66fdd311219b64adc17de469d773b47e91c:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022037c32cc0ccab4bfaebf3eed639483eb57eb7e640e82fb92440a27cd5415709d0022039af20f0369f2b11dd0ac4a584c6ea66b8fc0a1a2d8da3a554c6d2e64316bfce:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-6222.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2008-6222
cwe-id: CWE-22
epss-score: 0.01649
epss-percentile: 0.81322
epss-percentile: 0.81321
cpe: cpe:2.3:a:joomlashowroom:pro_desk_support_center:1.0:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022055ae13b43d0edf85d90e028b0e9215c5cc83bb5d5ee481be2681341202f2c63e022100af3bed4477456d882f6eb4dfe0a02296b41cf0506c64bc3184bdaf67f5bb066d:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402206ebe9f30ed8857d1bc58961f4f0b7fff0a5c4a64c9a423047be0cc3ecebb0505022019c65896afacd8b6425612ac58cf0a86e1be3581a414dd911b4c3f82a76c5af1:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-6465.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2008-6465
cwe-id: CWE-79
epss-score: 0.01157
epss-percentile: 0.77819
epss-percentile: 0.77825
cpe: cpe:2.3:a:parallels:h-sphere:3.0.0:p9:*:*:*:*:*:*
metadata:
verified: true
@@ -63,4 +63,4 @@ http:
- type: status
status:
- 200
# digest: 490a00463044022022115763a12bd92582843209990921e35515c85f0d8d49b62945f18ea41b55da022000c02c76d5265d893c4ab081d81951f30cc1aab286077b56ae7ed28262ddd7c9:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205ffd799daf017b728613ee5344ef0f61543377cd4d588c01080489e6386bc35902210095ed00165aa4dda6e5b5eb02b087fc7051fe3032797c153a243eb5abc420b1b2:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-6668.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2008-6668
cwe-id: CWE-22
epss-score: 0.01077
epss-percentile: 0.77055
epss-percentile: 0.7706
cpe: cpe:2.3:a:dirk_bartley:nweb2fax:*:*:*:*:*:*:*:*
metadata:
max-request: 2
@@ -45,4 +45,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402204424e38e7314ecd3781be37c65e764d0738ead43a484372a69e988236d91687e022072f3c4f0ae3af47efc7489cb6d12a72b1a30287ea34a747c8ca9e7183be66f20:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100c98294833d2a66a17abe474d22ba60a77bfc450c5d22153389332073dddce3e2022100d788f95c454eebdaaad866bf845efc79f38828636b6ce4eceed0b0fcd59c16f5:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-6982.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2008-6982
cwe-id: CWE-79
epss-score: 0.08587
epss-percentile: 0.91994
epss-percentile: 0.91985
cpe: cpe:2.3:a:devalcms:devalcms:1.4a:*:*:*:*:*:*:*
metadata:
verified: true
@@ -51,4 +51,4 @@ http:
- type: status
status:
- 500
# digest: 4a0a0047304502204d6746433fd7bc9fb5c4f195801c96c0412b1e49c45db0156e5d419fe513032c022100b79963ba4612f2e25b54fcea3c4b8bd8482503aa672f7ae95fbf13b369135eae:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100f72c64ff028cbc7e1fbe88128e3d54d759af3afe85f403a296cf34bdfa02f9cc02207fe9352a4939acfcf0fb2b12f36729a67f57535fe2805ac7ddb3cb1979b34ee2:922c64590222798bb761d5b6d8e72950

4
http/cves/2008/CVE-2008-7269.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2008-7269
cwe-id: CWE-20
epss-score: 0.00653
epss-percentile: 0.70034
epss-percentile: 0.70038
cpe: cpe:2.3:a:boka:siteengine:5.0:*:*:*:*:*:*:*
metadata:
verified: "true"
@@ -41,4 +41,4 @@ http:
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
# digest: 4a0a004730450220372396631c07c37687b274c42c4752bffac1f95fc30d2d4918200533467e1b47022100d6b9ca2aa85982badd1848ba6863278db5f7734ea90b029f8e3e21b01a84a2d1:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100998ecb03ed1a175248ed0efeeda74c1a225e06be6c0a4e5f44669523452d57cc022100d6448d25223842166dc8690514f3306a451bcb43ecf4620cc984f458996912b1:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-0347.yaml
View File

@@ -22,7 +22,7 @@ info:
cve-id: CVE-2009-0347
cwe-id: CWE-59
epss-score: 0.03639
epss-percentile: 0.87284
epss-percentile: 0.87282
cpe: cpe:2.3:a:autonomy:ultraseek:_nil_:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -40,4 +40,4 @@ http:
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
# digest: 4b0a004830460221008f803f01a549f643f69bbfc521e5d53225c7d9470c711baa062eee936fcd8273022100dbe634d5e52bb19900dca29086629875d45defb0fb6594ff13f2258f11afb94a:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e031c826dbf5459f73dbe02f6f7097c3111eb9196e88caa49e6b81dfeb2eaab80220361c2e5b57ceb4dc4b98f82aa27734a4211b93867ff25987b96662c7f8e8d09b:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-0545.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2009-0545
cwe-id: CWE-20
epss-score: 0.93944
epss-percentile: 0.99872
epss-percentile: 0.99874
cpe: cpe:2.3:a:zeroshell:zeroshell:1.0:beta1:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
part: body
regex:
- "root:.*:0:0:"
# digest: 490a00463044022021ed0ea90253e71ba14d5e8a0e85ed87953ab25d5e755be198ce468637545427022015175bf76dae0565f3556e8d87e4aaeb33fe047d4bfff247531a29f246e08c1c:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402204d9e0809ef9bf0fe86a627972e9a42cf16840310fa6a2d9c594457a4633c19170220353f363d825905d68ac3acecc10b34ad535c8580889f73912fe10254cb2a3191:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-1151.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2009-1151
cwe-id: CWE-94
epss-score: 0.93032
epss-percentile: 0.99769
epss-percentile: 0.99767
cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -58,4 +58,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100f8a71c7d380777bbe1196b9c0eb64fa3206c86287401381ec906b95873677669022100da4d518dd0f11affa5432a526f30f5f150e7c7cb9b9ce27130212818a708a01e:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e28de481a51ee685627bd96906f9632c939f388a636a8b480ec533ef38f1c56d02202ce283037143d51d76dc6c5212f24efa6d580cd5604feefa144032a3ddd88b6f:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-1496.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2009-1496
cwe-id: CWE-22
epss-score: 0.01473
epss-percentile: 0.80236
epss-percentile: 0.80233
cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 490a00463044022030cb4ec42060aae95dc4ed1624870ec173c6926a78482686fb3f7d1005094cf5022050855cdfad7b341ac06381ea3de777cb0c84be919060416baa1ce0a0ccb1fbbd:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022074995e2e56d2b185a989cbd9faee74e4daad20d8d6921821c1e58bfabbde70a002210091b778074a0a77aa39add0ceb14d7bcce1f2811d9ed82c02542108a46f7bf7b1:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-1558.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2009-1558
cwe-id: CWE-22
epss-score: 0.10881
epss-percentile: 0.93034
epss-percentile: 0.93041
cpe: cpe:2.3:h:cisco:wvc54gca:1.00r22:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -43,4 +43,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100ae87d2869d73784a27ff22e3ef26dc07dab6d8ea4e17d5ef9766c7a633044b94022054a0ad8eb517335e843f07e4d2e2942f9a51754a36886933039d191df9d75b87:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022044f4907a8cb1b7895ea872d11845684462515beda5218d8b77c5af4e6df45836022100cabf2f7e0be4b8f2c6dc060ca9633b37aed07073b8635327c64271b443f0d74c:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-1872.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2009-1872
cwe-id: CWE-79
epss-score: 0.08673
epss-percentile: 0.92043
epss-percentile: 0.92035
cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*
metadata:
verified: true
@@ -59,4 +59,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100921c931bd315a6559e92fa3a27674680ecec47088c40c4bcc4f3342cfc91509f02200aced61d4a6f0ea5a2fae04a061b9878742e4e08321dca27d3dc82a68bf2086f:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402203a99132737ec31a0bf84bd6a4b6c38d35a9a5f9e0b55224e5c97e143b4d421a802207ae95106698a639cd891db87a75a8e5cb65e3669b2842ba46b95af445748a375:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-2015.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2009-2015
cwe-id: CWE-22
epss-score: 0.01674
epss-percentile: 0.81452
epss-percentile: 0.81451
cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022020a8204e2b3933dd6f47f20fff7a817c2f79e161ee3726f5d3382e8db6168586022100f8c924d59ae005ce8b3611fcea2714321e93a65a69e0b4993f2e8daa8cebd9d5:922c64590222798bb761d5b6d8e72950
# digest: 490a004630440220497372b7919f2336775ca7a30a9d1d1e0151eb251111b28a507fc888ce87027d02200bb7eb6b2a0251f95e09aaa62b4cba66a127960846448beac3404f6054dc0bcc:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-2100.yaml
View File

@@ -19,7 +19,7 @@ info:
cve-id: CVE-2009-2100
cwe-id: CWE-22
epss-score: 0.01877
epss-percentile: 0.82458
epss-percentile: 0.82456
cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -41,4 +41,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100b1ff553876ba1d7c1dbbe4d8b5f90a18f02aef6b929843932b0d3fa02fd109e602210091337cb3808bd06e1f8da964af7a0e6d24a45f06b73169f6e315227d990decdb:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502204100280b6772967a7c6ad3d534aa803a79502d1c97cebbfa0b3dc106e83dfae20221008b9f02f772559155695db3769c5391c9edbb3bb7961322d78345f7e32d1c9da5:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-3318.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2009-3318
cwe-id: CWE-22
epss-score: 0.01442
epss-percentile: 0.80025
epss-percentile: 0.80023
cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100e6d7b831b3cb72c5edd70243b403eb13b53a8a7ae912daf2542001ede46dcfd0022064d20030c8171fe97012a4719d639108584f3ab4c5d485ac9d065dc4adc5997e:922c64590222798bb761d5b6d8e72950
# digest: 4b0a004830460221008ada167b790d565701ed35a19aac38fe14a4512ed1541f5d31cdae0bc9296c6702210092208d33b8fec50043c5e1b92467eea5721df174808c165beb9de57d53e07793:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-4202.yaml
View File

@@ -21,7 +21,7 @@ info:
cve-id: CVE-2009-4202
cwe-id: CWE-22
epss-score: 0.02099
epss-percentile: 0.83418
epss-percentile: 0.83414
cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -48,4 +48,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502203ee8033d58b76990e94929387053e6759d7d2bf1a69c7be607ad0512838acfa4022100c3d366ef4aa643131a21e6832561ff365a07071d5fb2c9bc4d669c0ef423126a:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e069b5a299ce9b54bad727cb74de632faf5e7a91ae536aa30e665c005a36027502205da82eb53e2c3229963f30661a24123599017b499c85189514c79dc1bcaf9540:922c64590222798bb761d5b6d8e72950

6
http/cves/2009/CVE-2009-4223.yaml
View File

@@ -20,8 +20,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2009-4223
cwe-id: CWE-94
epss-score: 0.04664
epss-percentile: 0.88783
epss-score: 0.04159
epss-percentile: 0.8813
cpe: cpe:2.3:a:gianni_tommasi:kr-php_web_content_server:*:beta_2:*:*:*:*:*:*
metadata:
max-request: 1
@@ -44,4 +44,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100935f1b0dc295180262bb597b9ccd97c6ba146c9f178ed5f9fc1c1092a1efb967022100d52fb94b8385efbe203c8695e7ee15454b484c6dee3e0a305f1c888faf678177:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402205feaff8c7bb7a4487414ac1844030679885a8e6c55104f46cedbac659ddb761e02207b66176d87d1f6a4f842e0e619e188b5540e7a8d98fbbd19d74e94278308e174:922c64590222798bb761d5b6d8e72950

4
http/cves/2009/CVE-2009-5114.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2009-5114
cwe-id: CWE-22
epss-score: 0.26552
epss-percentile: 0.96073
epss-percentile: 0.96074
cpe: cpe:2.3:a:iwork:webglimpse:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502206779080de55095d88c985c45846d555f1c251e575e2584787428119d9c4ac0c3022100a3d67106fb43c09530dc63eba0a049cc147e6c5ebe5e943bfdfc88c109372b86:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022020bb27c9bc8b8d03b1cf06e94812541f3204f62a5eed3cd7001db84a9f86ad77022100f9b6d0ac3efaaee0c68b0c2a31bb55e2346aa5f81e416490f05ec5884332a1b6:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0157.yaml
View File

@@ -19,7 +19,7 @@ info:
cve-id: CVE-2010-0157
cwe-id: CWE-22
epss-score: 0.07582
epss-percentile: 0.91393
epss-percentile: 0.91381
cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -46,4 +46,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100dcb56fdc00b6f0f40754a5e705b54354d87d7893fd628ba91bf39444d12ab53702201fe3a55004f07816c9591a5ef686187b2dd9b1eafd5d92167b684e8e0c9c34f4:922c64590222798bb761d5b6d8e72950
# digest: 490a004630440220737db4ee7ccf813237cf62647bfb3d5bfe94d70ff60b969137980aeea8ae9b4402205104757617e67fc6ec11ed4a6070689ea3fc73cfffbaf3c8fdc75e8ee5bd156c:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0467.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-0467
cwe-id: CWE-22
epss-score: 0.26746
epss-percentile: 0.96088
epss-percentile: 0.96089
cpe: cpe:2.3:a:chillcreations:com_ccnewsletter:1.0.5:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100ae90d42272d46cc00a53ac1806b718a9cad4410d33d5f1c466a22ab99dd9c7f0022100eb0ddd3bb2bdb263e4843a35bb75883dd8aee4f73a3e27c68413f6d5daf0b4d0:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100a668cb84a687a4b24de49b9702d429906a5dc583448dfdc5e86dd695f97b7dc5022100fed171cf2a85f22a229177b06495c6a37f7523bac2a3c78a550e6f103e06ef7d:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0696.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-0696
cwe-id: CWE-22
epss-score: 0.51271
epss-percentile: 0.97715
epss-percentile: 0.97712
cpe: cpe:2.3:a:joomlaworks:jw_allvideos:3.0:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100a6684dd07a4ab8188824eabdaecb7b09e943a1517de458bf63c6a34791fb97f6022100c4c16649fbcbdcf7c4e06ff1c63692b1df1b03bc7a58dbbe2b543c7422dd1d86:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e554fbc922924ccef891a5913542097fc6a2c06b1c393e24933ba624f29c3d94022050ec4b37de93851ceeaa99ddbb146414b75262953862383ede1dd678f1bec481:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0759.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-0759
cwe-id: CWE-22
epss-score: 0.06605
epss-percentile: 0.90731
epss-percentile: 0.90717
cpe: cpe:2.3:a:greatjoomla:scriptegrator_plugin:1.4.1:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a004830460221008ef6988b8106023edd3ecde87b45fbbb36c57b935592d8b0b1727d0196f43977022100b60fac8811236ced7525dbe6ca1305b35a2a7466ea37c36e29c99f03808fdee4:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022052973dbe469f40dfbe0b3af92a25758f2cc719018fe19b34f719dcb5afa6ff9a02204bd402ba0ea35a3e1eb3fdfaa2a22fdde7dadb77958632e0dff65c7ea1b13a95:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0942.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-0942
cwe-id: CWE-22
epss-score: 0.04088
epss-percentile: 0.88023
epss-percentile: 0.88024
cpe: cpe:2.3:a:jvideodirect:com_jvideodirect:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a0048304602210089382b46ebb9f9bb3410726a86e22657c0e75ffac4904f8c9491cc0fecf18bb00221008b5af0de6af7b32ed6920b8b2790299be87efc5b64558cf25386ed933b4cbe6d:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402200233835b72690fe72a5e405d2e3754ab1f1a7eff57d206dfede0f8e66ac1204d02201070c0d190b6848518664496b648889bb946bd32569d1153a0c0874a62d87aae:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0943.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-0943
cwe-id: CWE-22
epss-score: 0.0204
epss-percentile: 0.83165
epss-percentile: 0.83163
cpe: cpe:2.3:a:joomlart:com_jashowcase:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100cf0efed35385d271eee0b8c80a841b172b804afa4305bf54435a18ab2a1a710b02210085cea80e225f032f38e7319a85624b5291d9f3e4ab4b5ac1d3f7f6bbba8c5102:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022005758f15ec824c1f33f80aec51315f7e1b693e58f40b22086230c022b7f618f4022100b519576ec808b6dcf0442ca189c55c83d25a32181b7ef0afc496b03f732e5d98:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0972.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-0972
cwe-id: CWE-22
epss-score: 0.03709
epss-percentile: 0.87402
epss-percentile: 0.87401
cpe: cpe:2.3:a:g4j.laoneo:com_gcalendar:2.1.5:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402202daec8332f5bac9cb1630cae5b284210f2ba18b69d8a2e535acbfdad263d661f0220789d5555490b7819c6f45299c1cecbcfc7a0401fa1f900852d0c9e543ed4f4d7:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100d31069d115735bb889631df37f722750e1a20f440fff7d61d3c3778a5f3010f9022100a946340648850e1f72e7a1030a5fae2d782b2f3e2f3f5022c7380fe1009a69e0:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-0985.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-0985
cwe-id: CWE-22
epss-score: 0.05737
epss-percentile: 0.90006
epss-percentile: 0.90003
cpe: cpe:2.3:a:chris_simon:com_abbrev:1.1:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100ff05c91e0bfbb37a05299ec555ecf93af70074f6ec0e6e2e966c052374f398eb0220472468ea8817ffa3f5219d98f38605be766c08e5e267beef375af63924f9876f:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100a5d148b5254966e5eb025119ea804a2a3d12acd1ef72fd1dc686b6ba83bdbbdb022100db9e70b51faae9722f862642885522a03359f7959d7d3ef96e3e57e6c44bf39f:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-1056.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-1056
cwe-id: CWE-22
epss-score: 0.06367
epss-percentile: 0.90544
epss-percentile: 0.90533
cpe: cpe:2.3:a:rockettheme:com_rokdownloads:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450220298fcbe7dd8aeb9a68a0dabef3fbd0641ebe9fcc1ce3ff92e59997a727f3b6c5022100f68b951172c5bdd3bfcc93e26794d78ecb4de34ebc1d1b11e12518a0d0e0d197:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100da64b4a9d508a7c5ab5434b97bb4c9528f1f109d67f93a0a750d6a84525d71290221009333e11b982705407f2d57fa5620c9a74ea13ecf6114e184f8cf4ff76ce16aee:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-1081.yaml
View File

@@ -19,7 +19,7 @@ info:
cve-id: CVE-2010-1081
cwe-id: CWE-22
epss-score: 0.07807
epss-percentile: 0.91547
epss-percentile: 0.91536
cpe: cpe:2.3:a:corejoomla:com_communitypolls:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -41,4 +41,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502203028d245635bc8e806c7e35f0abc0ce584c289c1130c144adcccd8164d370902022100961e9fa1535da1a698f7d55b9f3aa05f4f813688f6d6749ac68573932d1a2ede:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502207a6fcd05499c9d88a275e9ecc6c7d273a4d9718abad19d3e73554c93f6729c2a022100e4198d5cb3a8b369dc33b0a5a1d80edb6febbdf0d799f69951dc97ae2f4274bd:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-1217.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-1217
cwe-id: CWE-22
epss-score: 0.02222
epss-percentile: 0.83878
epss-percentile: 0.83872
cpe: cpe:2.3:a:je_form_creator:je_form_creator:*:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 490a0046304402206a6c38347ce3f04031c9decddf493d259fe0fdd57e2757f445bb60ecaaf0ad39022019b4db1b4f60b34d2ff571ed19072ebce899830efcb0e849e1154494a596905c:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220662e35434d8080c22ca8c6b3db3b8da26ba0c1e59de693b33fe3b455557bf4e2022100e1b2ae3a25be27bfb257513e5c8497682ab7ef08aeaabc58b3a019395ecd5ec7:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-1219.yaml
View File

@@ -19,7 +19,7 @@ info:
cve-id: CVE-2010-1219
cwe-id: CWE-22
epss-score: 0.07086
epss-percentile: 0.91081
epss-percentile: 0.91065
cpe: cpe:2.3:a:com_janews:com_janews:1.0:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -41,4 +41,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450220757d6d623ec40fc065808d3a60123907a621c7585fe50b59647d91f5a7132b300221009e44ce78b5e7da403eaf672cdf710768bf110af239d2cbec463e43360dc17fb0:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100a38d078168c85acd137649248361c73e19a523e71cedd8ca3030c5b47c2b7c4f0221008bfcad330559a53c695d67d679a4d0cbf1fc9d1b089ebde5610c9a665cd60080:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-1304.yaml
View File

@@ -18,7 +18,7 @@ info:
cve-id: CVE-2010-1304
cwe-id: CWE-22
epss-score: 0.02086
epss-percentile: 0.8337
epss-percentile: 0.83368
cpe: cpe:2.3:a:joomlamo:com_userstatus:1.21.16:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -40,4 +40,4 @@ http:
- type: status
status:
- 200
# digest: 4b0a004830460221008104b11dada8700a24b29ca02f55b4f71ca27492fe5dc4d40bb548527d8680980221009afcfce54bcf0725e1e2c6d70fc8432f7cf28194754121b1feece932c54d6de3:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f62439c0d791483d0e26ed91266a51aad15a0ab6cef49dc6c92adef73a87092e02210093eb50b8a8adf22c9d08dbfce09543cdcc0e83c6d8493dcf701f62e9fe167e94:922c64590222798bb761d5b6d8e72950

4
http/cves/2010/CVE-2010-1305.yaml
View File

@@ -20,7 +20,7 @@ info:
cve-id: CVE-2010-1305
cwe-id: CWE-22
epss-score: 0.07358
epss-percentile: 0.91259
epss-percentile: 0.91245
cpe: cpe:2.3:a:joomlamo:com_jinventory:1.23.02:*:*:*:*:*:*:*
metadata:
max-request: 1
@@ -42,4 +42,4 @@ http:
- type: status
status:
- 200
# digest: 4a0a004730450220237914ae7832750d161172ac1a08a0299be4d4471cf64776f77e9ffdb798064e022100821348fe823bca0dc042461cb0f0e937659e07b51f4c1114c8eac48f2a7c39bb:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022029d357a0314544784c1e839a8471565461ad7e26da75d4e02f78974c9827d8620220596f1a98fabe70db35cc534378e0dfda39b75b7e72ffa123670d14f6b441c77f:922c64590222798bb761d5b6d8e72950

Some files were not shown because too many files have changed in this diff Show More