diff --git a/cnvd/2021/CNVD-2021-15822.yaml b/cnvd/2021/CNVD-2021-15822.yaml index 3b7e2d8d1a7..02ff83b22e9 100644 --- a/cnvd/2021/CNVD-2021-15822.yaml +++ b/cnvd/2021/CNVD-2021-15822.yaml @@ -6,6 +6,10 @@ info: severity: high reference: - https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog + metadata: + verified: true + shodan-query: title:"ShopXO企业级B2C电商系统提供商" + fofa-query: app="ShopXO企业级B2C电商系统提供商" tags: shopxo,lfi,cnvd,cnvd2021 requests: diff --git a/cves/2010/CVE-2010-0219.yaml b/cves/2010/CVE-2010-0219.yaml index 6a9de7c6a12..271add009d6 100644 --- a/cves/2010/CVE-2010-0219.yaml +++ b/cves/2010/CVE-2010-0219.yaml @@ -10,6 +10,8 @@ info: - https://knowledge.broadcom.com/external/article/13994/vulnerability-axis2-default-administrato.html classification: cve-id: CVE-2010-0219 + metadata: + shodan-query: http.html:"Apache Axis" tags: cve,cve2010,axis,apache,default-login,axis2 requests: diff --git a/cves/2020/CVE-2020-11978.yaml b/cves/2020/CVE-2020-11978.yaml index f4414862738..133d10f1d7a 100644 --- a/cves/2020/CVE-2020-11978.yaml +++ b/cves/2020/CVE-2020-11978.yaml @@ -16,6 +16,9 @@ info: cvss-score: 8.8 cve-id: CVE-2020-11978 cwe-id: CWE-77 + metadata: + verified: true + shodan-query: http.html:"Apache Airflow" || title:"Airflow - DAGs" tags: cve,cve2020,apache,airflow,rce requests: diff --git a/cves/2020/CVE-2020-11991.yaml b/cves/2020/CVE-2020-11991.yaml index b3849d56653..9269ec11d1b 100644 --- a/cves/2020/CVE-2020-11991.yaml +++ b/cves/2020/CVE-2020-11991.yaml @@ -15,6 +15,8 @@ info: cve-id: CVE-2020-11991 cwe-id: CWE-611 remediation: Upgrade to Apache Cocoon 2.1.13 or later. + metadata: + shodan-query: http.html:"Apache Cocoon" tags: cve,cve2020,apache,xml,cocoon,xxe requests: diff --git a/cves/2020/CVE-2020-13927.yaml b/cves/2020/CVE-2020-13927.yaml index d1445f93934..a7725bab889 100644 --- a/cves/2020/CVE-2020-13927.yaml +++ b/cves/2020/CVE-2020-13927.yaml @@ -14,6 +14,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-13927 + metadata: + verified: true + shodan-query: title:"Airflow - DAGs" || http.html:"Apache Airflow" tags: cve,cve2020,apache,airflow,unauth requests: diff --git a/cves/2021/CVE-2021-21402.yaml b/cves/2021/CVE-2021-21402.yaml index a920a2285e2..4070ee9ee1a 100644 --- a/cves/2021/CVE-2021-21402.yaml +++ b/cves/2021/CVE-2021-21402.yaml @@ -15,6 +15,10 @@ info: cvss-score: 6.5 cve-id: CVE-2021-21402 cwe-id: CWE-22 + metadata: + verified: true + shodan-query: http.html:"Jellyfin" + fofa-query: title="Jellyfin" || body="http://jellyfin.media" tags: cve,cve2021,jellyfin,lfi requests: @@ -34,4 +38,4 @@ requests: - type: regex regex: - "\\[(font|extension|file)s\\]" - part: body \ No newline at end of file + part: body diff --git a/cves/2021/CVE-2021-38540.yaml b/cves/2021/CVE-2021-38540.yaml index 4d9d7ce1350..8677ab89045 100644 --- a/cves/2021/CVE-2021-38540.yaml +++ b/cves/2021/CVE-2021-38540.yaml @@ -14,6 +14,7 @@ info: cve-id: CVE-2021-38540 cwe-id: CWE-306 metadata: + verified: true shodan-query: title:"Sign In - Airflow" tags: cve,cve2021,apache,airflow,rce diff --git a/cves/2021/CVE-2021-44451.yaml b/cves/2021/CVE-2021-44451.yaml index 73771af5437..6590c06d92a 100644 --- a/cves/2021/CVE-2021-44451.yaml +++ b/cves/2021/CVE-2021-44451.yaml @@ -11,6 +11,9 @@ info: classification: cve-id: CVE-2021-44451 remediation: Users should upgrade to Apache Superset 1.4.0 or higher. + metadata: + verified: true + shodan-query: title:"Superset" tags: cve,cve2021,apache,superset,default-login requests: diff --git a/cves/2022/CVE-2022-24288.yaml b/cves/2022/CVE-2022-24288.yaml index c064aa1d73c..c42fd51b97d 100644 --- a/cves/2022/CVE-2022-24288.yaml +++ b/cves/2022/CVE-2022-24288.yaml @@ -15,7 +15,8 @@ info: cve-id: CVE-2022-24288 cwe-id: CWE-78 metadata: - shodan-query: title:"Airflow - DAGs" + verified: true + shodan-query: title:"Airflow - DAGs" || http.html:"Apache Airflow" tags: cve,cve2022,airflow,rce requests: diff --git a/exposed-panels/adobe/adobe-component-login.yaml b/exposed-panels/adobe/adobe-component-login.yaml index 9ef09b99d84..1d46e941187 100644 --- a/exposed-panels/adobe/adobe-component-login.yaml +++ b/exposed-panels/adobe/adobe-component-login.yaml @@ -9,6 +9,8 @@ info: - https://www.exploit-db.com/ghdb/6846 classification: cwe-id: CWE-200 + metadata: + shodan-query: http.component:"Adobe ColdFusion" tags: panel,adobe,coldfusion requests: diff --git a/exposures/files/cold-fusion-cfcache-map.yaml b/exposures/files/cold-fusion-cfcache-map.yaml index 1839ab4677b..4a421602b61 100644 --- a/exposures/files/cold-fusion-cfcache-map.yaml +++ b/exposures/files/cold-fusion-cfcache-map.yaml @@ -6,6 +6,8 @@ info: severity: low reference: - https://securiteam.com/windowsntfocus/5bp081f0ac/ + metadata: + shodan-query: http.component:"Adobe ColdFusion" tags: exposure,coldfusion,adobe requests: diff --git a/miscellaneous/unpatched-coldfusion.yaml b/miscellaneous/unpatched-coldfusion.yaml index 8d9c45d5785..0c40b8b99c8 100644 --- a/miscellaneous/unpatched-coldfusion.yaml +++ b/miscellaneous/unpatched-coldfusion.yaml @@ -7,6 +7,8 @@ info: reference: - https://helpx.adobe.com/security/products/coldfusion/apsb21-16.html - https://twitter.com/Daviey/status/1374070630283415558 + metadata: + shodan-query: http.component:"Adobe ColdFusion" tags: rce,adobe,misc,coldfusion requests: diff --git a/misconfiguration/airflow/airflow-debug.yaml b/misconfiguration/airflow/airflow-debug.yaml index dc6f4a4a586..7e88c457d2f 100644 --- a/misconfiguration/airflow/airflow-debug.yaml +++ b/misconfiguration/airflow/airflow-debug.yaml @@ -4,6 +4,9 @@ info: name: Airflow Debug Trace author: pdteam severity: low + metadata: + verified: true + shodan-query: title:"Airflow - DAGs" tags: apache,airflow,fpd requests: diff --git a/technologies/apache/airflow-detect.yaml b/technologies/apache/airflow-detect.yaml index 5306691e5b5..2d906571546 100644 --- a/technologies/apache/airflow-detect.yaml +++ b/technologies/apache/airflow-detect.yaml @@ -4,6 +4,9 @@ info: name: Apache Airflow author: pdteam severity: info + metadata: + verified: true + shodan-query: http.html:"Apache Airflow" tags: tech,apache,airflow requests: diff --git a/technologies/apache/apache-axis-detect.yaml b/technologies/apache/apache-axis-detect.yaml index b5b574a7b55..6f4d1ee6977 100644 --- a/technologies/apache/apache-axis-detect.yaml +++ b/technologies/apache/apache-axis-detect.yaml @@ -5,6 +5,9 @@ info: author: dogasantos severity: info description: Axis and Axis2 detection + metadata: + verified: true + shodan-query: http.html:"Apache Axis" tags: tech,axis2,middleware,apache requests: diff --git a/technologies/apache/apache-cocoon-detect.yaml b/technologies/apache/apache-cocoon-detect.yaml index 36202e3229b..d9155b9c2fc 100644 --- a/technologies/apache/apache-cocoon-detect.yaml +++ b/technologies/apache/apache-cocoon-detect.yaml @@ -5,6 +5,8 @@ info: author: ffffffff0x severity: info metadata: + verified: true + shodan-query: http.html:"Apache Cocoon" fofa-query: app="APACHE-Cocoon" tags: apache,cocoon,tech diff --git a/technologies/jellyfin-detect.yaml b/technologies/jellyfin-detect.yaml index 9b31eaed43f..226bdb95ceb 100644 --- a/technologies/jellyfin-detect.yaml +++ b/technologies/jellyfin-detect.yaml @@ -4,6 +4,9 @@ info: name: Jellyfin detected author: dwisiswant0 severity: info + metadata: + verified: true + shodan-query: http.html:"Jellyfin" tags: tech,jellyfin requests: diff --git a/vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml b/vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml index f941cc707b0..1b96e890564 100644 --- a/vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml +++ b/vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml @@ -6,6 +6,8 @@ info: severity: medium reference: - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g + metadata: + fofa-query: app="泛微-协同办公OA" tags: ecology,upload,fileupload,intrusive requests: diff --git a/vulnerabilities/other/coldfusion-debug-xss.yaml b/vulnerabilities/other/coldfusion-debug-xss.yaml index ec093ae5c6a..4de60288e20 100644 --- a/vulnerabilities/other/coldfusion-debug-xss.yaml +++ b/vulnerabilities/other/coldfusion-debug-xss.yaml @@ -7,6 +7,8 @@ info: description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site. reference: - https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml + metadata: + shodan-query: http.component:"Adobe ColdFusion" tags: adobe,coldfusion,xss requests: diff --git a/vulnerabilities/other/dedecms-carbuyaction-fileinclude.yaml b/vulnerabilities/other/dedecms-carbuyaction-fileinclude.yaml index 41e0ebeeb07..72d4198957f 100644 --- a/vulnerabilities/other/dedecms-carbuyaction-fileinclude.yaml +++ b/vulnerabilities/other/dedecms-carbuyaction-fileinclude.yaml @@ -7,6 +7,9 @@ info: description: A vulnerability in DedeCMS's 'carbuyaction.php' endpoint allows remote attackers to return the content of locally stored files via a vulnerability in the 'code' parameter. reference: - https://www.cnblogs.com/milantgh/p/3615986.html + metadata: + verified: true + shodan-query: http.html:"power by dedecms" || title:"dedecms" tags: dedecms requests: diff --git a/vulnerabilities/other/dedecms-openredirect.yaml b/vulnerabilities/other/dedecms-openredirect.yaml index 08d6f16cb7e..689d98efa2a 100644 --- a/vulnerabilities/other/dedecms-openredirect.yaml +++ b/vulnerabilities/other/dedecms-openredirect.yaml @@ -6,6 +6,9 @@ info: severity: low reference: - https://blog.csdn.net/ystyaoshengting/article/details/82734888 + metadata: + verified: true + shodan-query: http.html:"power by dedecms" || title:"dedecms" tags: dedecms,redirect requests: diff --git a/vulnerabilities/other/ecology-filedownload-directory-traversal.yaml b/vulnerabilities/other/ecology-filedownload-directory-traversal.yaml index f063f98b297..61101d9fa79 100644 --- a/vulnerabilities/other/ecology-filedownload-directory-traversal.yaml +++ b/vulnerabilities/other/ecology-filedownload-directory-traversal.yaml @@ -4,6 +4,8 @@ info: name: Ecology Directory Traversal author: princechaddha severity: medium + metadata: + fofa-query: app="泛微-协同办公OA" tags: ecology,lfi requests: diff --git a/vulnerabilities/other/ecology-syncuserinfo-sqli.yaml b/vulnerabilities/other/ecology-syncuserinfo-sqli.yaml index 81aecd13f17..7039f82f5cb 100644 --- a/vulnerabilities/other/ecology-syncuserinfo-sqli.yaml +++ b/vulnerabilities/other/ecology-syncuserinfo-sqli.yaml @@ -6,6 +6,8 @@ info: severity: high reference: - https://www.weaver.com.cn/ + metadata: + fofa-query: app="泛微-协同办公OA" tags: ecology,sqli requests: diff --git a/vulnerabilities/other/ecology-v8-sqli.yaml b/vulnerabilities/other/ecology-v8-sqli.yaml index 4b233145221..5279e14a6ff 100644 --- a/vulnerabilities/other/ecology-v8-sqli.yaml +++ b/vulnerabilities/other/ecology-v8-sqli.yaml @@ -6,6 +6,8 @@ info: severity: high reference: - http://wiki.peiqi.tech/PeiQi_Wiki/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20V8%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html + metadata: + fofa-query: app="泛微-协同办公OA" tags: ecology,sqli requests: diff --git a/vulnerabilities/other/natshell-path-traversal.yaml b/vulnerabilities/other/natshell-path-traversal.yaml index f0e47959f9a..629dd6eec9d 100644 --- a/vulnerabilities/other/natshell-path-traversal.yaml +++ b/vulnerabilities/other/natshell-path-traversal.yaml @@ -6,6 +6,8 @@ info: severity: high reference: - https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw + metadata: + fofa-query: title="蓝海卓越计费管理系统" tags: natshell,lfi requests: diff --git a/vulnerabilities/other/tamronos-rce.yaml b/vulnerabilities/other/tamronos-rce.yaml index 417bbba2a3d..2b473e957c7 100644 --- a/vulnerabilities/other/tamronos-rce.yaml +++ b/vulnerabilities/other/tamronos-rce.yaml @@ -6,6 +6,10 @@ info: severity: critical reference: - https://twitter.com/sec715/status/1405336456923471874 + metadata: + verified: true + shodan-query: title:"TamronOS IPTV系统" + fofa-query: title="TamronOS IPTV系统" tags: tamronos,rce requests: