TemplateMan Update [Tue Oct 17 18:18:29 UTC 2023] :robot:

actions-user · actions-user · commit d4621f33d257 · 2023-10-17T18:18:29.000Z
diff --git a/http/cves/2016/CVE-2016-5649.yaml b/http/cves/2016/CVE-2016-5649.yaml
@@ -15,7 +15,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2016-5649
-    cwe-id: CWE-200,CWE-319
+    cwe-id: CWE-319,CWE-200
     epss-score: 0.15681
     epss-percentile: 0.95294
     cpe: cpe:2.3:o:netgear:dgn2200_firmware:1.0.0.50_7.0.50:*:*:*:*:*:*:*
diff --git a/http/cves/2018/CVE-2018-1273.yaml b/http/cves/2018/CVE-2018-1273.yaml
@@ -22,7 +22,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-1273
-    cwe-id: CWE-20,CWE-94
+    cwe-id: CWE-94,CWE-20
     epss-score: 0.97498
     epss-percentile: 0.99971
     cpe: cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:*
diff --git a/http/cves/2018/CVE-2018-17246.yaml b/http/cves/2018/CVE-2018-17246.yaml
@@ -17,7 +17,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-17246
-    cwe-id: CWE-73,CWE-829
+    cwe-id: CWE-829,CWE-73
     epss-score: 0.96913
     epss-percentile: 0.99614
     cpe: cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
diff --git a/http/cves/2021/CVE-2021-24627.yaml b/http/cves/2021/CVE-2021-24627.yaml
@@ -15,12 +15,17 @@ info:
     cvss-score: 7.2
     cve-id: CVE-2021-24627
     cwe-id: CWE-89
+    epss-score: 0.00114
+    epss-percentile: 0.44716
+    cpe: cpe:2.3:a:g_auto-hyperlink_project:g_auto-hyperlink:*:*:*:*:*:wordpress:*:*
   metadata:
+    verified: true
     max-request: 2
+    vendor: g_auto-hyperlink_project
+    product: g_auto-hyperlink
+    framework: wordpress
     publicwww-query: /wp-content/plugins/g-auto-hyperlink/
-    verified: true
   tags: cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,g-auto-hyperlink,authenticated
-
 variables:
   num: 999999999
 
@@ -32,12 +37,12 @@ http:
         Content-Type: application/x-www-form-urlencoded
 
         log={{username}}&pwd={{password}}&wp-submit=Log+I
-
       - |
         GET /wp-admin/admin.php?page=g-auto-hyperlink-edit&id=-2198+UNION+ALL+SELECT+NULL%2Cmd5%28{{num}}%29%2Ccurrent_user%28%29%2Ccurrent_user%28%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL-- HTTP/1.1
         Host: {{Hostname}}
 
     cookie-reuse: true
+
     matchers-condition: and
     matchers:
       - type: word
diff --git a/http/cves/2021/CVE-2021-32789.yaml b/http/cves/2021/CVE-2021-32789.yaml
@@ -20,7 +20,7 @@ info:
     cve-id: CVE-2021-32789
     cwe-id: CWE-89
     epss-score: 0.0208
-    epss-percentile: 0.87811
+    epss-percentile: 0.87817
     cpe: cpe:2.3:a:automattic:woocommerce_blocks:*:*:*:*:*:wordpress:*:*
   metadata:
     max-request: 1
diff --git a/http/cves/2022/CVE-2022-25148.yaml b/http/cves/2022/CVE-2022-25148.yaml
@@ -28,7 +28,7 @@ info:
     product: wp_statistics
     framework: wordpress
     google-query: inurl:/wp-content/plugins/wp-statistics
-  tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics
+  tags: packetstorm,cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-statistics
 
 http:
   - raw:
diff --git a/http/cves/2022/CVE-2022-3142.yaml b/http/cves/2022/CVE-2022-3142.yaml
@@ -27,7 +27,7 @@ info:
     product: nex-forms
     framework: wordpress
     publicwww-query: /wp-content/plugins/nex-forms-express-wp-form-builder/
-  tags: cve,cve2022,wordpress,sqli,wp-plugin,wp,wpscan,authenticated
+  tags: wpscan,packetstorm,cve,cve2022,wordpress,sqli,wp-plugin,wp,authenticated
 
 http:
   - raw:
diff --git a/http/cves/2022/CVE-2022-40032.yaml b/http/cves/2022/CVE-2022-40032.yaml
@@ -25,7 +25,7 @@ info:
     max-request: 1
     vendor: simple_task_managing_system_project
     product: simple_task_managing_system
-  tags: cve,cve2022,simple-task,stms,sqli
+  tags: packetstorm,cve,cve2022,simple-task,stms,sqli
 
 http:
   - raw:
diff --git a/http/cves/2023/CVE-2023-30868.yaml b/http/cves/2023/CVE-2023-30868.yaml
@@ -26,7 +26,7 @@ info:
     vendor: cms_tree_page_view_project
     product: cms_tree_page_view
     framework: wordpress
-  tags: cve,cve2023,xss,wp,wordpress,wpscan,authenticated,exploitdb
+  tags: wpscan,packetstorm,cve,cve2023,xss,wp,wordpress,authenticated,exploitdb
 
 http:
   - raw:
diff --git a/http/cves/2023/CVE-2023-33584.yaml b/http/cves/2023/CVE-2023-33584.yaml
@@ -24,7 +24,7 @@ info:
     max-request: 2
     vendor: enrollment_system_project
     product: enrollment_system
-  tags: cve,cve2023,sqli,exploitdb,unauth,enrollment
+  tags: packetstorm,cve,cve2023,sqli,exploitdb,unauth,enrollment
 
 http:
   - raw:
diff --git a/http/cves/2023/CVE-2023-38501.yaml b/http/cves/2023/CVE-2023-38501.yaml
@@ -27,7 +27,7 @@ info:
     vendor: copyparty_project
     product: copyparty
     shodan-query: title:"copyparty"
-  tags: cve,cve2023,copyparty,xss,oss
+  tags: packetstorm,cve,cve2023,copyparty,xss,oss
 
 http:
   - method: GET
diff --git a/http/default-logins/franklin-fueling-default-login.yaml b/http/default-logins/franklin-fueling-default-login.yaml
@@ -31,7 +31,6 @@ http:
         - roleGuest
       password:
         - admin
-
     cookie-reuse: true
     matchers:
       - type: dsl
diff --git a/http/vulnerabilities/other/ozeki-10-sms-gateway.yaml b/http/vulnerabilities/other/ozeki-10-sms-gateway.yaml
@@ -12,7 +12,7 @@ info:
   metadata:
     verified: true
     max-request: 1
-  tags: ozeki,lfi,unauth,ozeki
+  tags: ozeki,lfi,unauth
 
 http:
   - method: GET
